k9j5t5p4.ssl.hwcdn.net Open in urlscan Pro
69.16.175.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://traxxonline.com/uc4ctcj8421.jsw?cKThYnRNnYHmJ=sTQWQVNdZfbqd177u5c502wenk01jkgo011om0704f0jk2f1ne
Effective URL:
https://k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=9hGOMahw0hnmSa3M51essxwmPuutsDetHZR1q3pxIL-rJL0xLIAZLo6UcwBt2bjXMCsqy-QypvO...
Submission: On October 19 via api (October 19th 2022, 5:23:42 pm UTC) from BE — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 6 countries across 16 domains to perform 22 HTTP transactions. The main IP is 69.16.175.42, located in United States and belongs to STACKPATH-CDN, US. The main domain is k9j5t5p4.ssl.hwcdn.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 22nd 2021. Valid for: a year.

This is the only time k9j5t5p4.ssl.hwcdn.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	45.249.91.146 45.249.91.146	46664 (VDI-NETWORK) (VDI-NETWORK)
1	209.124.69.114 209.124.69.114	55293 (A2HOSTING) (A2HOSTING)
3	2606:4700:303... 2606:4700:3032::6815:1cae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3030::ac43:bfdd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	65.60.58.179 65.60.58.179	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
4 6	51.68.81.31 51.68.81.31	16276 (OVH) (OVH)
3 3	34.90.46.36 34.90.46.36	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.91.234.242 34.91.234.242	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:e2:... 2606:4700:e2::ac40:8c0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	62.212.87.141 62.212.87.141	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	185.32.28.169 185.32.28.169	15699 (AS_ADAM A...) (AS_ADAM Adam Datacenter)
1	94.237.99.118 94.237.99.118	202053 (UPCLOUD) (UPCLOUD)
1 1	18.156.93.177 18.156.93.177	16509 (AMAZON-02) (AMAZON-02)
2	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
22	12

1 45.249.91.146 (Wilkes-Barre, United States) 1 redirects

ASN46664 (VDI-NETWORK, US)
PTR: traxxonline.com

traxxonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.124.69.114 (United States)

ASN55293 (A2HOSTING, US)
PTR: server.consolidateddatasources.com

dowdyhowdy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::6815:1cae (United States)

ASN13335 (CLOUDFLARENET, US)

lynku.jukminung.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::ac43:bfdd (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.addlnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.60.58.179 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

otto.sherlowcke.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.68.81.31 (France) 4 redirects

ASN16276 (OVH, FR)

www.wewillserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.90.46.36 (Groningen, Netherlands) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.46.90.34.bc.googleusercontent.com

admoustache.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

myofferplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.234.242 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 242.234.91.34.bc.googleusercontent.com

harrenmedia.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

topictraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:8c0c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

trk84.zzzperform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.212.87.141 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

wwpushnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.32.28.169 (Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)

goaserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.237.99.118 (Finland)

ASN202053 (UPCLOUD, FI)
PTR: 94-237-99-118.de-fra1.upcloud.host

1d658ac571c.nobhere.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.93.177 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-93-177.eu-central-1.compute.amazonaws.com

optiestrycended.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

k9j5t5p4.ssl.hwcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	wewillserv.com 4 redirects www.wewillserv.com	12 KB
6	sherlowcke.com otto.sherlowcke.com	14 KB
3	go2affise.com 3 redirects admoustache.go2affise.com — Cisco Umbrella Rank: 591801	590 B
3	jukminung.com lynku.jukminung.com	24 KB
2	hwcdn.net k9j5t5p4.ssl.hwcdn.net	12 KB
2	zzzperform.com 1 redirects trk84.zzzperform.com	13 KB
2	addlnk.com cdn.addlnk.com — Cisco Umbrella Rank: 400192	2 KB
1	optiestrycended.com 1 redirects optiestrycended.com — Cisco Umbrella Rank: 620972	1 KB
1	nobhere.com 1d658ac571c.nobhere.com	1 KB
1	goaserver.com goaserver.com	363 B
1	wwpushnews.com wwpushnews.com	1 KB
1	topictraff.com 1 redirects topictraff.com — Cisco Umbrella Rank: 834558	570 B
1	g2afse.com 1 redirects harrenmedia.g2afse.com	277 B
1	myofferplus.com myofferplus.com — Cisco Umbrella Rank: 745624	1 KB
1	dowdyhowdy.com dowdyhowdy.com	450 B
1	traxxonline.com 1 redirects traxxonline.com	271 B
22	16

	Domain	Requested by
6	www.wewillserv.com	4 redirects otto.sherlowcke.com
6	otto.sherlowcke.com	lynku.jukminung.com otto.sherlowcke.com myofferplus.com
3	admoustache.go2affise.com	3 redirects
3	lynku.jukminung.com	dowdyhowdy.com lynku.jukminung.com
2	k9j5t5p4.ssl.hwcdn.net	k9j5t5p4.ssl.hwcdn.net
2	trk84.zzzperform.com	1 redirects www.wewillserv.com
2	cdn.addlnk.com	lynku.jukminung.com myofferplus.com
1	optiestrycended.com	1 redirects
1	1d658ac571c.nobhere.com
1	goaserver.com	wwpushnews.com
1	wwpushnews.com	dowdyhowdy.com
1	topictraff.com	1 redirects
1	harrenmedia.g2afse.com	1 redirects
1	myofferplus.com	www.wewillserv.com
1	dowdyhowdy.com
1	traxxonline.com	1 redirects
22	16

This site contains no links.

Subject Issuer	Validity	Valid
dowdyhowdy.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-16` - `2023-03-19`	a year	crt.sh
*.jukminung.com E1	`2022-09-19` - `2022-12-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-15` - `2023-05-15`	a year	crt.sh
otto.sherlowcke.com R3	`2022-09-13` - `2022-12-12`	3 months	crt.sh
www.wewillserv.com R3	`2022-10-09` - `2023-01-07`	3 months	crt.sh
*.zzzperform.com E1	`2022-10-01` - `2022-12-30`	3 months	crt.sh
trk.billysrv.com R3	`2022-08-22` - `2022-11-20`	3 months	crt.sh
goaserver.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
nobhere.com R3	`2022-08-26` - `2022-11-24`	3 months	crt.sh
*.ssl.hwcdn.net Sectigo RSA Domain Validation Secure Server CA	`2021-12-22` - `2023-01-19`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=9hGOMahw0hnmSa3M51essxwmPuutsDetHZR1q3pxIL-rJL0xLIAZLo6UcwBt2bjXMCsqy-QypvODXdzXcaA41wIYe58dwaPcdBGDQnz-9v4WAXdrLuuJGK_FUpoIN9Vqj104Z0bsHPqFmJccb19h8-qEer3mEdAXKadBE6TW2vF53XQFR6ItDbap78qliczEzZAAW8XMWxNNR5y9haWcRow4eDef4zbsbDog5IOiE9UCellwkV0llnPQxZqdhRhAceZ1zW4C5IacTiGw-DZqRGC7nygwg7_ovojw_qPxrH8Siq8lJlTcbXjuzpfhQdXTjsWmjL016cHOHKoOcDhk7J1ZYHzHd7UxNcG7U54DumbWnPRehOjrGOyZJV1pnypJyCeC-mUV5YvFV5h46V2XWMySjo1Vo0v1pChwXgL7SqoKCBJWeX8QhdZKbVsGX2FaQjQKuRYncTaQRPWOS5Bikg&lptoken=16dc66ab2042208819af&c2=2781&c1=5wmf1wn2ueaqjupvuylw80og4%2C16628570%2C5%2C2781
Frame ID: 00F861E43E13AA0D77D06CDF8F966873
Requests: 19 HTTP requests in this frame

Frame: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1666195200
Frame ID: 7C1D1F86826B2F0B1311EFE12BFE4DFB
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Search To Win

Page URL History Show full URLs

http://traxxonline.com/uc4ctcj8421.jsw?cKThYnRNnYHmJ=sTQWQVNdZfbqd177u5c502wenk01jkgo011om0704f0jk2... HTTP 302
https://dowdyhowdy.com/17615cc2c87fd524800/1_701978_2592600/2182_4871216_04f0jk2_7/436427141_217-64... Page URL
https://lynku.jukminung.com/rc/9e8aef8068?affclick=1295351420&pubid=690065 Page URL
https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream... Page URL
https://otto.sherlowcke.com/?utm_term=7156275427734978587&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
https://otto.sherlowcke.com/proc.php?25d41ee171e8d9cd2934ed27483144b379c44cd7 Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275427734978587&website... Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275427734978587&website... HTTP 302
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275427734978587&website... HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=3300047802dfa71069c69d169e2538c0... HTTP 302
https://myofferplus.com/rc/a91581ead4?affclick=63503296c1adff0001e1b9e7&pubid=503 Page URL
https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream... Page URL
https://otto.sherlowcke.com/?utm_term=7156275436324913161&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
https://otto.sherlowcke.com/proc.php?0f6aaf29dab6d7eee7f288079cdd8add129dc21b Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275436324913161&website... Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275436324913161&website... HTTP 302
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275436324913161&website... HTTP 302
https://harrenmedia.g2afse.com/sl?id=5db1a4743bf47917e8f252cf&pid=228&sub2=132435&sub1=230009fee5730b739913... HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=88&sub1=6350329903bb5200013089af&sub2=228... HTTP 302
https://admoustache.go2affise.com/sl?id=59a8401d13943b96038b456a&pid=88&sub1=6350329903bb5200013089af&sub2=228... HTTP 302
https://topictraff.com/l/270285362a1cdd4846f9?sub=635032998e81b300015155ec&source=88 HTTP 302
https://trk84.zzzperform.com/l/270285362a1cdd4846f9.js?sub=635032998e81b300015155ec&source=88 Page URL
https://trk84.zzzperform.com/l/270285362a1cdd4846f9.js?sub=635032998e81b300015155ec&source=88&code=0aY3Vv... HTTP 302
https://wwpushnews.com/gw2.js?sub=635032998e81b300015155ec&source=88&url=https%3A%2F%2Fgoaserver.co... Page URL
https://1d658ac571c.nobhere.com/?p=2781&media_type=mainstream&click_id=1666200217goa63503299814de&pi=314 Page URL
https://optiestrycended.com/bf0465cf-e980-478d-87f2-27d14b1b731e?c2=2781&c1=5wmf1wn2ueaqjupvuylw80og4,16... HTTP 302
https://k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=9hGOMahw0hnmSa3M51essxwmPuutsDetHZR1q3pxIL-rJL0xLIAZLo6... Page URL

Page Statistics

22
Requests

95 %
HTTPS

31 %
IPv6

16
Domains

16
Subdomains

12
IPs

6
Countries

79 kB
Transfer

164 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://traxxonline.com/uc4ctcj8421.jsw?cKThYnRNnYHmJ=sTQWQVNdZfbqd177u5c502wenk01jkgo011om0704f0jk2f1ne HTTP 302
https://dowdyhowdy.com/17615cc2c87fd524800/1_701978_2592600/2182_4871216_04f0jk2_7/436427141_217-64-151-32 Page URL
https://lynku.jukminung.com/rc/9e8aef8068?affclick=1295351420&pubid=690065 Page URL
https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=1e173fea&cid=pubf81d807c365745739c7a7203df2b1d86&2=690065 Page URL
https://otto.sherlowcke.com/?utm_term=7156275427734978587&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d Page URL
https://otto.sherlowcke.com/proc.php?25d41ee171e8d9cd2934ed27483144b379c44cd7 Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275427734978587&website=13260-5e3e68e7-68be794d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275427734978587&website=13260-5e3e68e7-68be794d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=404ae610a50918e0c951161e9ffc0017&eyer=0.4018067398961922&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275427734978587&website=13260-5e3e68e7-68be794d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=3&eyer=0.4018067398961922&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=3300047802dfa71069c69d169e2538c005ed91019-202210-flb*5467509-4538f*M7156275427734978587*sl_5467509-4538f*0d1a492e440f60291d888cb7df524121bd615063*13260-5e3e68e7-68be794d*13260 HTTP 302
https://myofferplus.com/rc/a91581ead4?affclick=63503296c1adff0001e1b9e7&pubid=503 Page URL
https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=9060a41f&cid=pubddf9fd3c3bb543ffb490d4d9d0837952&2=503 Page URL
https://otto.sherlowcke.com/?utm_term=7156275436324913161&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d Page URL
https://otto.sherlowcke.com/proc.php?0f6aaf29dab6d7eee7f288079cdd8add129dc21b Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275436324913161&website=13260-62fc42e8-be85f1dd&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275436324913161&website=13260-62fc42e8-be85f1dd&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=753f45cc992c9f540ba50fc08caf7b60&eyer=0.21591170997994724&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275436324913161&website=13260-62fc42e8-be85f1dd&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=3&eyer=0.21591170997994724&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
https://harrenmedia.g2afse.com/sl?id=5db1a4743bf47917e8f252cf&pid=228&sub2=132435&sub1=230009fee5730b73991352dcb0ee8a6fbf9dd1019-202210-flb*5467509-4538f*M7156275436324913161*sl_5467509-4538f*b24fb3331074016b3dafd870529d99080114ba6b*13260-62fc42e8-be85f1dd*13260 HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=88&sub1=6350329903bb5200013089af&sub2=228&sub3=&sub4=1&sub5=228 HTTP 302
https://admoustache.go2affise.com/sl?id=59a8401d13943b96038b456a&pid=88&sub1=6350329903bb5200013089af&sub2=228&sub3=&sub4=5093&sub5=88 HTTP 302
https://topictraff.com/l/270285362a1cdd4846f9?sub=635032998e81b300015155ec&source=88 HTTP 302
https://trk84.zzzperform.com/l/270285362a1cdd4846f9.js?sub=635032998e81b300015155ec&source=88 Page URL
https://trk84.zzzperform.com/l/270285362a1cdd4846f9.js?sub=635032998e81b300015155ec&source=88&code=0aY3VvBDU7PD06OTAzMzo9PjYHe3tjAmtyBHtreQk7NgFrZ2UGNzgIeWx1A1ptczk5CH1jaQMDbXwHOD45MAFrawU2ODc4CWF4AzQ6NTYHaXEBMjQzNAV6gQk5AGN3bGgGBmpzbgEyAmZvaAc3CHhyb3YEBHt0awlQb3Bpb2klT3VrNwBpdWlnBnp5fW4AZ3RwBWtnc3tuAHZjBFF0gHB0dWEwNzE0JS5ecXdkcHl2JFNaJzk5LjE9I1tudD08RCB5ODctJUd3eHVlWGdlT256Nj08Ny81OSQtUU9cVkwtIm9tcGsnT25jbHEsJEhueXd2ZTAzMzozNjU9OzQ6MDQ1PiZaaW9hc2syOTg9NTs-AGJ4BDwFanQJQQBiNjYFNTY4ODkwAWM3OAY2Nwh8ZgIyMzQ1Bm1uCjEyMgNnbWoIOQlmbXgEamZyem0JY2lvBDU2Nwd0d2cCMzM0NQZ6fHtnAjM0NTY3ODgJb3Rlc3kGBnd6bXN2ZAQ2NTY6ODowOAJoenF0CDs8AHNnaQUFeGlrbAEyMjU5Njc8Owljb3ZzBQV9dXUKAHhpb3oGT3V8bmwhS3FnMwZqbHABMjM0NTY3ODk5MDEzNDQ1Nzg5OjEyMzQ1Njc4OToxMjMzNTY3ODk6MTIzNDU1Nzg5OjEyMzQ1Njc4OToxMjMzNQVpcH0KMTIzMzU2Nzg5OjEyMzQ1NjY4ODoxMjM0BHx7ewmALjE9ejJePF1eRHcvdDdyc3R1Q4AubTZxcnN0Qn83dDd3PnszS1J1QVYBbW9ybAdsdjZVVD1ocgV4e3wKMAFuZHMGBm90fAExAnF4Bjc4ODkxMTI0NQV9awk6MTFkNQRoeH8JTGhzcXBpJVZLTilQbXdqbXOCcHZ9ZXNwZHAydmtuNnZqZ3ppd0FKcHtvbmcjVElMJ15yZXhndYBybnFua21laWZqb2hpeGplcGxyanRudm1vZ2pna25mb0JWanRqeGgkSHJwbXd0fWtxeGp4dWl1LW9jZnAydnN9cGlvAnZnaQc5PAlzcWYENjkGa3h7ATICcWdpB0A2QQBudnMFNjs_&_tdf=20 HTTP 302
https://wwpushnews.com/gw2.js?sub=635032998e81b300015155ec&source=88&url=https%3A%2F%2Fgoaserver.com%2Ftracking_sl.php%3Fhash%3D5d4ce6e096b07d9fb281439916e67b74%26aff_sub%3Dbmconv_20221019192338_d421e52d_cffa_4a23_be20_b4cb36331e1c%26source%3D59363%26sub_source%3D88&vId=bmconv_20221019192338_d421e52d_cffa_4a23_be20_b4cb36331e1c&hash=270285362a1cdd4846f9&ete=true&pn=true Page URL
https://1d658ac571c.nobhere.com/?p=2781&media_type=mainstream&click_id=1666200217goa63503299814de&pi=314 Page URL
https://optiestrycended.com/bf0465cf-e980-478d-87f2-27d14b1b731e?c2=2781&c1=5wmf1wn2ueaqjupvuylw80og4,16628570,5,2781 HTTP 302
https://k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=9hGOMahw0hnmSa3M51essxwmPuutsDetHZR1q3pxIL-rJL0xLIAZLo6UcwBt2bjXMCsqy-QypvODXdzXcaA41wIYe58dwaPcdBGDQnz-9v4WAXdrLuuJGK_FUpoIN9Vqj104Z0bsHPqFmJccb19h8-qEer3mEdAXKadBE6TW2vF53XQFR6ItDbap78qliczEzZAAW8XMWxNNR5y9haWcRow4eDef4zbsbDog5IOiE9UCellwkV0llnPQxZqdhRhAceZ1zW4C5IacTiGw-DZqRGC7nygwg7_ovojw_qPxrH8Siq8lJlTcbXjuzpfhQdXTjsWmjL016cHOHKoOcDhk7J1ZYHzHd7UxNcG7U54DumbWnPRehOjrGOyZJV1pnypJyCeC-mUV5YvFV5h46V2XWMySjo1Vo0v1pChwXgL7SqoKCBJWeX8QhdZKbVsGX2FaQjQKuRYncTaQRPWOS5Bikg&lptoken=16dc66ab2042208819af&c2=2781&c1=5wmf1wn2ueaqjupvuylw80og4%2C16628570%2C5%2C2781 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://traxxonline.com/uc4ctcj8421.jsw?cKThYnRNnYHmJ=sTQWQVNdZfbqd177u5c502wenk01jkgo011om0704f0jk2f1ne HTTP 302
https://dowdyhowdy.com/17615cc2c87fd524800/1_701978_2592600/2182_4871216_04f0jk2_7/436427141_217-64-151-32

Request Chain 10

https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275427734978587&website=13260-5e3e68e7-68be794d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=404ae610a50918e0c951161e9ffc0017&eyer=0.4018067398961922&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275427734978587&website=13260-5e3e68e7-68be794d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=3&eyer=0.4018067398961922&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=3300047802dfa71069c69d169e2538c005ed91019-202210-flb*5467509-4538f*M7156275427734978587*sl_5467509-4538f*0d1a492e440f60291d888cb7df524121bd615063*13260-5e3e68e7-68be794d*13260 HTTP 302
https://myofferplus.com/rc/a91581ead4?affclick=63503296c1adff0001e1b9e7&pubid=503

Request Chain 16

https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275436324913161&website=13260-62fc42e8-be85f1dd&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=753f45cc992c9f540ba50fc08caf7b60&eyer=0.21591170997994724&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275436324913161&website=13260-62fc42e8-be85f1dd&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=3&eyer=0.21591170997994724&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
https://harrenmedia.g2afse.com/sl?id=5db1a4743bf47917e8f252cf&pid=228&sub2=132435&sub1=230009fee5730b73991352dcb0ee8a6fbf9dd1019-202210-flb*5467509-4538f*M7156275436324913161*sl_5467509-4538f*b24fb3331074016b3dafd870529d99080114ba6b*13260-62fc42e8-be85f1dd*13260 HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=88&sub1=6350329903bb5200013089af&sub2=228&sub3=&sub4=1&sub5=228 HTTP 302
https://admoustache.go2affise.com/sl?id=59a8401d13943b96038b456a&pid=88&sub1=6350329903bb5200013089af&sub2=228&sub3=&sub4=5093&sub5=88 HTTP 302
https://topictraff.com/l/270285362a1cdd4846f9?sub=635032998e81b300015155ec&source=88 HTTP 302
https://trk84.zzzperform.com/l/270285362a1cdd4846f9.js?sub=635032998e81b300015155ec&source=88

Request Chain 17

https://trk84.zzzperform.com/l/270285362a1cdd4846f9.js?sub=635032998e81b300015155ec&source=88&code=0aY3VvBDU7PD06OTAzMzo9PjYHe3tjAmtyBHtreQk7NgFrZ2UGNzgIeWx1A1ptczk5CH1jaQMDbXwHOD45MAFrawU2ODc4CWF4AzQ6NTYHaXEBMjQzNAV6gQk5AGN3bGgGBmpzbgEyAmZvaAc3CHhyb3YEBHt0awlQb3Bpb2klT3VrNwBpdWlnBnp5fW4AZ3RwBWtnc3tuAHZjBFF0gHB0dWEwNzE0JS5ecXdkcHl2JFNaJzk5LjE9I1tudD08RCB5ODctJUd3eHVlWGdlT256Nj08Ny81OSQtUU9cVkwtIm9tcGsnT25jbHEsJEhueXd2ZTAzMzozNjU9OzQ6MDQ1PiZaaW9hc2syOTg9NTs-AGJ4BDwFanQJQQBiNjYFNTY4ODkwAWM3OAY2Nwh8ZgIyMzQ1Bm1uCjEyMgNnbWoIOQlmbXgEamZyem0JY2lvBDU2Nwd0d2cCMzM0NQZ6fHtnAjM0NTY3ODgJb3Rlc3kGBnd6bXN2ZAQ2NTY6ODowOAJoenF0CDs8AHNnaQUFeGlrbAEyMjU5Njc8Owljb3ZzBQV9dXUKAHhpb3oGT3V8bmwhS3FnMwZqbHABMjM0NTY3ODk5MDEzNDQ1Nzg5OjEyMzQ1Njc4OToxMjMzNTY3ODk6MTIzNDU1Nzg5OjEyMzQ1Njc4OToxMjMzNQVpcH0KMTIzMzU2Nzg5OjEyMzQ1NjY4ODoxMjM0BHx7ewmALjE9ejJePF1eRHcvdDdyc3R1Q4AubTZxcnN0Qn83dDd3PnszS1J1QVYBbW9ybAdsdjZVVD1ocgV4e3wKMAFuZHMGBm90fAExAnF4Bjc4ODkxMTI0NQV9awk6MTFkNQRoeH8JTGhzcXBpJVZLTilQbXdqbXOCcHZ9ZXNwZHAydmtuNnZqZ3ppd0FKcHtvbmcjVElMJ15yZXhndYBybnFua21laWZqb2hpeGplcGxyanRudm1vZ2pna25mb0JWanRqeGgkSHJwbXd0fWtxeGp4dWl1LW9jZnAydnN9cGlvAnZnaQc5PAlzcWYENjkGa3h7ATICcWdpB0A2QQBudnMFNjs_&_tdf=20 HTTP 302
https://wwpushnews.com/gw2.js?sub=635032998e81b300015155ec&source=88&url=https%3A%2F%2Fgoaserver.com%2Ftracking_sl.php%3Fhash%3D5d4ce6e096b07d9fb281439916e67b74%26aff_sub%3Dbmconv_20221019192338_d421e52d_cffa_4a23_be20_b4cb36331e1c%26source%3D59363%26sub_source%3D88&vId=bmconv_20221019192338_d421e52d_cffa_4a23_be20_b4cb36331e1c&hash=270285362a1cdd4846f9&ete=true&pn=true

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

436427141_217-64-151-32
dowdyhowdy.com/17615cc2c87fd524800/1_701978_2592600/2182_4871216_04f0jk2_7/
Redirect Chain

http://traxxonline.com/uc4ctcj8421.jsw?cKThYnRNnYHmJ=sTQWQVNdZfbqd177u5c502wenk01jkgo011om0704f0jk2f1ne
https://dowdyhowdy.com/17615cc2c87fd524800/1_701978_2592600/2182_4871216_04f0jk2_7/436427141_217-64-151-32

137 B
450 B

963ms
326ms

Document
text/html

209.124.69.114
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://dowdyhowdy.com/17615cc2c87fd524800/1_701978_2592600/2182_4871216_04f0jk2_7/436427141_217-64-151-32
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.124.69.114 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: server.consolidateddatasources.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Length: 137
Content-Type: text/html; charset=UTF-8
Date: Wed, 19 Oct 2022 17:23:32 GMT
Server: Apache

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 19 Oct 2022 17:23:30 GMT
Location: https://dowdyhowdy.com/17615cc2c87fd524800/1_701978_2592600/2182_4871216_04f0jk2_7/436427141_217-64-151-32
Server: Apache

GET
H2 200 9e8aef8068 Show response
lynku.jukminung.com/rc/ 3 KB
2 KB 285ms
145ms Document
text/html 2606:4700:3032::6815:1cae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1295351420&pubid=690065
Requested by: Host: dowdyhowdy.com
URL: https://dowdyhowdy.com/17615cc2c87fd524800/1_701978_2592600/2182_4871216_04f0jk2_7/436427141_217-64-151-32
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d872583c713889f4155f859651a8d9acb8a5a7fc70f147f52ecad16a8b034bfa

Request headers

Referer: https://dowdyhowdy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75cb33c17f49be35-CPH
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
date: Wed, 19 Oct 2022 17:23:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdENy5T4PsvlEBW%2BijYzZ2EXSE7pIWuFcbyEOu6P8DM1uaEm4ouT7fbWk%2FLQkZhOaLz2WpwQpCV155%2B1PSjo2TfDdgGYZp7OE688AmcX41ViFtKSUNBibKErNC9s9185LRoyojlwOrhL52kI1su9N68i"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Language, Cookie

GET
H2 200 redirect.css
cdn.addlnk.com/ 1 KB
1 KB 906ms
303ms Stylesheet
text/css 2606:4700:3030::ac43:bfdd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addlnk.com/redirect.css
Requested by: Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1295351420&pubid=690065
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:bfdd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:23:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ZN0YXW5Z60V9DTJ8
age: 5053
cf-polished: origSize=1680
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ZVugwZoVKjnW5UORJBLUOsMRbaPxDodzfStA7x04XFAHUAlyGQrHg9ITFgViiS4uLE7DSn6whQs=
cf-bgj: minify
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
server: cloudflare
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4yFK4qFi538JW4LYWzavpLq%2FfuN0StowSzxcJwMXEOOS7fwjWcoZdoSIVycMzlBWZUj2lzcvNr3q8NPy6oFqWeSb8feZGjesz93pqteo2%2FwNwDyPGhI9jbLamN8KHsiHpx%2Br2AfBuGrINFfr8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 75cb33c73eb6b27b-DUR

GET
H2 200 invisible.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 7C1D 38 KB
14 KB 38ms
37ms Script
application/javascript 2606:4700:3032::6815:1cae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1666195200
Requested by: Host: dowdyhowdy.com
URL: https://dowdyhowdy.com/17615cc2c87fd524800/1_701978_2592600/2182_4871216_04f0jk2_7/436427141_217-64-151-32
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:23:33 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVB0lm%2FJMlRh%2FbJnuCHf4SvXQQ3l8Yen76JYg2i12YwfFWSXpovrvO4rIW%2FDW3USG%2FghMdDHHI7s1ACpXvM%2FAkUbpznLvUjKekWCAnVKRSQzCODWH5ftvh%2BeMqyVeaQAK9LFFEsOnbJH2Bangjz%2Fzunw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75cb33c82982be35-CPH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pica.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 7C1D 21 KB
8 KB 42ms
41ms Other
application/javascript 2606:4700:3032::6815:1cae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:23:33 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjyPduZbnYQReo4twicNlnCtbnLaNqJuyCHcMw0u9pHianjKUdlVZrkcOqtuvcAaHcNcu%2FEi9hyL%2BogTOYaHWTAd%2FfX2g5FY5GW3YVRXA88RZJfSqnbou5iG926c7OZ0QqJAz5ZXTauszu6CETl2Y4mt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75cb33c87a49be35-CPH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 /
otto.sherlowcke.com/ 3 KB
2 KB 354ms
112ms Document
text/html 65.60.58.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=1e173fea&cid=pubf81d807c365745739c7a7203df2b1d86&2=690065

Requested by

Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1295351420&pubid=690065

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.1.9

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 19 Oct 2022 17:23:34 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://otto.sherlowcke.com/?utm_term=7156275427734978587&ver=4viyaptcjo
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.1.9

POST 75cb33c17f49be35
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 7C1D 0
0

GET
H2 200 / Show response
otto.sherlowcke.com/ 9 KB
3 KB 127ms
126ms Document
text/html 65.60.58.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://otto.sherlowcke.com/?utm_term=7156275427734978587&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d

Requested by

Host: otto.sherlowcke.com
URL: https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=1e173fea&cid=pubf81d807c365745739c7a7203df2b1d86&2=690065

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.1.9

Resource Hash

b472beab5f64e930a3d279e55a119d900e27146e1f31cc078bc21ba439a5c9fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=1e173fea&cid=pubf81d807c365745739c7a7203df2b1d86&2=690065
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 19 Oct 2022 17:23:34 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.1.9

GET
H2 200 proc.php
otto.sherlowcke.com/ 4 KB
2 KB 115ms
114ms Document
text/html 65.60.58.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://otto.sherlowcke.com/proc.php?25d41ee171e8d9cd2934ed27483144b379c44cd7

Requested by

Host: otto.sherlowcke.com
URL: https://otto.sherlowcke.com/?utm_term=7156275427734978587&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.1.9

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://otto.sherlowcke.com/?utm_term=7156275427734978587&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 19 Oct 2022 17:23:34 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275427734978587&website=13260-5e3e68e7-68be794d&placement=13260
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.1.9

GET
H/1.1 200
OK /
www.wewillserv.com/ 5 KB
5 KB 100ms
18ms Document
text/html 51.68.81.31
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275427734978587&website=13260-5e3e68e7-68be794d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Requested by: Host: otto.sherlowcke.com
URL: https://otto.sherlowcke.com/proc.php?25d41ee171e8d9cd2934ed27483144b379c44cd7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.81.31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://otto.sherlowcke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-transform
Connection: keep-alive
Content-Type: text/html
Date: Wed, 19 Oct 2022 17:23:34 GMT
Transfer-Encoding: chunked

GET
H2

200

a91581ead4 Show response
myofferplus.com/rc/
Redirect Chain

https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275427734978587&website=13260-5e3e68e7-68be794d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccb...
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275427734978587&website=13260-5e3e68e7-68be794d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccb...
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=3300047802dfa71069c69d169e2538c005ed91019-202210-flb*5467509-4538f*M7156275427734978587*sl_5467509-4538f*0d1a492e440f60...
https://myofferplus.com/rc/a91581ead4?affclick=63503296c1adff0001e1b9e7&pubid=503

1 KB
1 KB

949ms
489ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://myofferplus.com/rc/a91581ead4?affclick=63503296c1adff0001e1b9e7&pubid=503
Requested by: Host: www.wewillserv.com
URL: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275427734978587&website=13260-5e3e68e7-68be794d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af117cf77654c6ffd570a53482569995e0b931bcb5fceee2bf81a849d88f2ee7

Request headers

Referer: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275427734978587&website=13260-5e3e68e7-68be794d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75cb33d299a34b40-GRU
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
date: Wed, 19 Oct 2022 17:23:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7fM0VIoMvBFbsh2NkxGOKtiPzG3ulGvlK1eUZVoqcgq0sMzcbJLRJWc1s4xKi2L%2BMPRTBY0cqigXVSaCUpL%2BoXMBVH4d1EWeKGSnqfl%2FrI4Tv2fUbWKw21Eo4kL7T5NHSMqshW0LhwV3dWQiYs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin: *
content-length: 0
date: Wed, 19 Oct 2022 17:23:34 GMT
location: https://myofferplus.com/rc/a91581ead4?affclick=63503296c1adff0001e1b9e7&pubid=503
server: nginx

GET
H3 200 redirect.css
cdn.addlnk.com/ 1 KB
1 KB 61ms
37ms Stylesheet
text/css 2606:4700:3030::ac43:bfdd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addlnk.com/redirect.css
Requested by: Host: myofferplus.com
URL: https://myofferplus.com/rc/a91581ead4?affclick=63503296c1adff0001e1b9e7&pubid=503
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:bfdd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:23:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 72BQ43Z832DMHS8A
age: 4374
cf-polished: origSize=1680
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 9dqjw3QmoT8lhROeWaK3mEcRPoUKNfvQLfCVyCvCyDnxCOQ1ZkKTnjHgPbqYhL93T/SckF1I+RU=
cf-bgj: minify
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
server: cloudflare
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJBn6guxTJvFQDkR0MT5sAFA2HnD%2BtmIGgpg%2FHgPfigr9xVycpiVVYagy%2BeU74s%2B2KV5esvTG7uMayyRanUmBl7VIl4NQNPn3%2FILNnyAVduf8gfyT6fWKdCphQCWLO2oCJ7VJ4bu2eJHIbhoLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 75cb33d53cbcbb9d-FRA

GET
H2 200 /
otto.sherlowcke.com/ 3 KB
2 KB 113ms
113ms Document
text/html 65.60.58.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=9060a41f&cid=pubddf9fd3c3bb543ffb490d4d9d0837952&2=503

Requested by

Host: myofferplus.com
URL: https://myofferplus.com/rc/a91581ead4?affclick=63503296c1adff0001e1b9e7&pubid=503

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.1.9

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 19 Oct 2022 17:23:36 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://otto.sherlowcke.com/?utm_term=7156275436324913161&ver=4viyaptcjo
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.1.9

GET
H2 200 / Show response
otto.sherlowcke.com/ 9 KB
3 KB 125ms
124ms Document
text/html 65.60.58.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://otto.sherlowcke.com/?utm_term=7156275436324913161&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d

Requested by

Host: otto.sherlowcke.com
URL: https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=9060a41f&cid=pubddf9fd3c3bb543ffb490d4d9d0837952&2=503

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.1.9

Resource Hash

dc9872459c94b60f19b18af7d93c305dc289cec60d8fe80b8c969148afef3d49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=9060a41f&cid=pubddf9fd3c3bb543ffb490d4d9d0837952&2=503
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 19 Oct 2022 17:23:36 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.1.9

GET
H2 200 proc.php
otto.sherlowcke.com/ 4 KB
2 KB 122ms
122ms Document
text/html 65.60.58.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://otto.sherlowcke.com/proc.php?0f6aaf29dab6d7eee7f288079cdd8add129dc21b

Requested by

Host: otto.sherlowcke.com
URL: https://otto.sherlowcke.com/?utm_term=7156275436324913161&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.1.9

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://otto.sherlowcke.com/?utm_term=7156275436324913161&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 19 Oct 2022 17:23:36 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275436324913161&website=13260-62fc42e8-be85f1dd&placement=13260
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.1.9

GET
H/1.1 200
OK /
www.wewillserv.com/ 5 KB
5 KB 29ms
28ms Document
text/html 51.68.81.31
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275436324913161&website=13260-62fc42e8-be85f1dd&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Requested by: Host: otto.sherlowcke.com
URL: https://otto.sherlowcke.com/proc.php?0f6aaf29dab6d7eee7f288079cdd8add129dc21b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.81.31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://otto.sherlowcke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-transform
Connection: keep-alive
Content-Type: text/html
Date: Wed, 19 Oct 2022 17:23:36 GMT
Transfer-Encoding: chunked

GET
H2

200

270285362a1cdd4846f9.js Show response
trk84.zzzperform.com/l/
Redirect Chain

https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275436324913161&website=13260-62fc42e8-be85f1dd&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccb...
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275436324913161&website=13260-62fc42e8-be85f1dd&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccb...
https://harrenmedia.g2afse.com/sl?id=5db1a4743bf47917e8f252cf&pid=228&sub2=132435&sub1=230009fee5730b73991352dcb0ee8a6fbf9dd1019-202210-flb*5467509-4538f*M7156275436324913161*sl_5467509-4538f*b24fb...
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=88&sub1=6350329903bb5200013089af&sub2=228&sub3=&sub4=1&sub5=228
https://admoustache.go2affise.com/sl?id=59a8401d13943b96038b456a&pid=88&sub1=6350329903bb5200013089af&sub2=228&sub3=&sub4=5093&sub5=88
https://topictraff.com/l/270285362a1cdd4846f9?sub=635032998e81b300015155ec&source=88
https://trk84.zzzperform.com/l/270285362a1cdd4846f9.js?sub=635032998e81b300015155ec&source=88

36 KB
12 KB

110ms
57ms

Document
text/html

2606:4700:e2::ac40:8c0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk84.zzzperform.com/l/270285362a1cdd4846f9.js?sub=635032998e81b300015155ec&source=88
Requested by: Host: www.wewillserv.com
URL: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275436324913161&website=13260-62fc42e8-be85f1dd&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8c0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a

Request headers

Referer: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7156275436324913161&website=13260-62fc42e8-be85f1dd&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000
cf-cache-status: MISS
cf-ray: 75cb33e20c5e5c20-FRA
content-encoding: br
content-type: text/html
date: Wed, 19 Oct 2022 17:23:37 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 27 Mar 2020 14:29:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XQckc4jgSUgSkpRV1Z0QdlunavZuKKTU4LE35oA4UZqQ0u0CRyFq6RbP28CA0qq7w%2BtjEYITvprnMNCAcUJsBNaT8FwaEXgDaO%2FOo5lJL9OCn6IDh7JpVocJVn7qxfOx%2B1UclYxkMrHQiK%2FWeh5Fv%2BJWg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 75cb33e0ff000112-GRU
date: Wed, 19 Oct 2022 17:23:37 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
location: https://trk84.zzzperform.com/l/270285362a1cdd4846f9.js?sub=635032998e81b300015155ec&source=88
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spcU7o%2FhhVcVqJNdCXTQB6k57Py364zhkCjmlcxFrY6GtKqZSgfZrH9aKJmam2tGBXLp4IbEpedEJl43JkrXItnY7ZGml7jLAcW260fyVUW09ET6XDGLRa%2BBAo0RRvkIfm0Lv4jTc%2Fho0N48hg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

gw2.js
wwpushnews.com/
Redirect Chain

https://trk84.zzzperform.com/l/270285362a1cdd4846f9.js?sub=635032998e81b300015155ec&source=88&code=0aY3VvBDU7PD06OTAzMzo9PjYHe3tjAmtyBHtreQk7NgFrZ2UGNzgIeWx1A1ptczk5CH1jaQMDbXwHOD45MAFrawU2ODc4CWF4...
https://wwpushnews.com/gw2.js?sub=635032998e81b300015155ec&source=88&url=https%3A%2F%2Fgoaserver.com%2Ftracking_sl.php%3Fhash%3D5d4ce6e096b07d9fb281439916e67b74%26aff_sub%3Dbmconv_20221019192338_d4...

1 KB
1 KB

142ms
22ms

Document
text/html

62.212.87.141
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wwpushnews.com/gw2.js?sub=635032998e81b300015155ec&source=88&url=https%3A%2F%2Fgoaserver.com%2Ftracking_sl.php%3Fhash%3D5d4ce6e096b07d9fb281439916e67b74%26aff_sub%3Dbmconv_20221019192338_d421e52d_cffa_4a23_be20_b4cb36331e1c%26source%3D59363%26sub_source%3D88&vId=bmconv_20221019192338_d421e52d_cffa_4a23_be20_b4cb36331e1c&hash=270285362a1cdd4846f9&ete=true&pn=true
Requested by: Host: dowdyhowdy.com
URL: https://dowdyhowdy.com/17615cc2c87fd524800/1_701978_2592600/2182_4871216_04f0jk2_7/436427141_217-64-151-32
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.212.87.141 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://trk84.zzzperform.com/l/270285362a1cdd4846f9.js?sub=635032998e81b300015155ec&source=88
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=315360000
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 19 Oct 2022 17:23:39 GMT
ETag: W/"5d1f2635-589"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Fri, 05 Jul 2019 10:28:05 GMT
Transfer-Encoding: chunked

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75cb33e48966a5d3-GRU
date: Wed, 19 Oct 2022 17:23:38 GMT
location: https://wwpushnews.com/gw2.js?sub=635032998e81b300015155ec&source=88&url=https%3A%2F%2Fgoaserver.com%2Ftracking_sl.php%3Fhash%3D5d4ce6e096b07d9fb281439916e67b74%26aff_sub%3Dbmconv_20221019192338_d421e52d_cffa_4a23_be20_b4cb36331e1c%26source%3D59363%26sub_source%3D88&vId=bmconv_20221019192338_d421e52d_cffa_4a23_be20_b4cb36331e1c&hash=270285362a1cdd4846f9&ete=true&pn=true
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Dze2Id9grSWbl%2BwaNdjaHysZc5VyaTFAd7UHGYaEXJKOhih0rOfWdFpi4mOsDhaCy8dR55LKgl8FAAO230hnwPmql8x7Wh%2B9OjkzuzF5A%2B%2F5a2Qxuztan9tvrwb2P5Zp%2BJlJFVyxfKlvpEmskzeKTbvhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK tracking_sl.php Show response
goaserver.com/ 0
363 B 272ms
64ms Document
text/html 185.32.28.169
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://goaserver.com/tracking_sl.php?hash=5d4ce6e096b07d9fb281439916e67b74&aff_sub=bmconv_20221019192338_d421e52d_cffa_4a23_be20_b4cb36331e1c&source=59363&sub_source=88
Requested by: Host: wwpushnews.com
URL: https://wwpushnews.com/l/270285362a1cdd4846f9?sub=635032998e81b300015155ec&source=88&url=https%3A%2F%2Fgoaserver.com%2Ftracking_sl.php%3Fhash%3D5d4ce6e096b07d9fb281439916e67b74%26aff_sub%3Dbmconv_20221019192338_d421e52d_cffa_4a23_be20_b4cb36331e1c%26source%3D59363%26sub_source%3D88&vId=bmconv_20221019192338_d421e52d_cffa_4a23_be20_b4cb36331e1c&hash=270285362a1cdd4846f9&ete=true&pn=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.32.28.169 , Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wwpushnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 19 Oct 2022 17:23:37 GMT
Refresh: 0; url=https://1d658ac571c.nobhere.com/?p=2781&media_type=mainstream&click_id=1666200217goa63503299814de&pi=314
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 / Show response
1d658ac571c.nobhere.com/ 923 B
1 KB 75ms
26ms Document
text/html 94.237.99.118
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://1d658ac571c.nobhere.com/?p=2781&media_type=mainstream&click_id=1666200217goa63503299814de&pi=314
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.237.99.118 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS: 94-237-99-118.de-fra1.upcloud.host
Software: /
Resource Hash: 64db5071cbbaccbe29d0421b0465daa2d32e90b4563f8deab7e2d63e769a6301

Request headers

Referer: https://goaserver.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 19 Oct 2022 17:23:39 GMT
expires: Wed, 19 Oct 2022 17:23:39 GMT
last-modified: Wed, 19 Oct 2022 17:23:39 GMT
pragma: no-cache
vary: Accept-Encoding
x-robots-tag: noindex, nofollow

GET
H/1.1

200
OK

Primary Request search.html Show response
k9j5t5p4.ssl.hwcdn.net/bing/
Redirect Chain

https://optiestrycended.com/bf0465cf-e980-478d-87f2-27d14b1b731e?c2=2781&c1=5wmf1wn2ueaqjupvuylw80og4,16628570,5,2781
https://k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=9hGOMahw0hnmSa3M51essxwmPuutsDetHZR1q3pxIL-rJL0xLIAZLo6UcwBt2bjXMCsqy-QypvODXdzXcaA41wIYe58dwaPcdBGDQnz-9v4WAXdrLuuJGK_FUpoIN9Vqj104Z0bsHPqFmJccb...

12 KB
4 KB

127ms
29ms

Document
text/html

69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=9hGOMahw0hnmSa3M51essxwmPuutsDetHZR1q3pxIL-rJL0xLIAZLo6UcwBt2bjXMCsqy-QypvODXdzXcaA41wIYe58dwaPcdBGDQnz-9v4WAXdrLuuJGK_FUpoIN9Vqj104Z0bsHPqFmJccb19h8-qEer3mEdAXKadBE6TW2vF53XQFR6ItDbap78qliczEzZAAW8XMWxNNR5y9haWcRow4eDef4zbsbDog5IOiE9UCellwkV0llnPQxZqdhRhAceZ1zW4C5IacTiGw-DZqRGC7nygwg7_ovojw_qPxrH8Siq8lJlTcbXjuzpfhQdXTjsWmjL016cHOHKoOcDhk7J1ZYHzHd7UxNcG7U54DumbWnPRehOjrGOyZJV1pnypJyCeC-mUV5YvFV5h46V2XWMySjo1Vo0v1pChwXgL7SqoKCBJWeX8QhdZKbVsGX2FaQjQKuRYncTaQRPWOS5Bikg&lptoken=16dc66ab2042208819af&c2=2781&c1=5wmf1wn2ueaqjupvuylw80og4%2C16628570%2C5%2C2781
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: WasabiS3/7.7.900-2022-08-19-6bff245bcf (head18) /
Resource Hash: 2e0c77e31bf6fbe26c768a1a2f887ea01a8d5ee3c73b5aa5a3067c35ff79e69b

Request headers

Referer: https://1d658ac571c.nobhere.com/?p=2781&media_type=mainstream&click_id=1666200217goa63503299814de&pi=314
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 3825
Content-Type: text/html
Date: Wed, 19 Oct 2022 17:23:39 GMT
ETag: "353efcbbb0d9f329fcb72d951e78b0af"
Last-Modified: Tue, 13 Sep 2022 07:52:04 GMT
Server: WasabiS3/7.7.900-2022-08-19-6bff245bcf (head18)
X-HW: 1666200219.dop003.lo4.t,1666200219.cds032.lo4.shn,1666200219.dop003.lo4.t,1666200219.cds250.lo4.c
x-amz-id-2: Fzn2wcKIijqUPsrxO4XGcwPDXz4dwvEi7djocXPYXMFdLPQ/Fk9tA+ZjXHWNpeq5Z2ryBG8TUlUV
x-amz-request-id: 0A89D0D918E59D6B

Redirect headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Wed, 19 Oct 2022 17:23:39 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=9hGOMahw0hnmSa3M51essxwmPuutsDetHZR1q3pxIL-rJL0xLIAZLo6UcwBt2bjXMCsqy-QypvODXdzXcaA41wIYe58dwaPcdBGDQnz-9v4WAXdrLuuJGK_FUpoIN9Vqj104Z0bsHPqFmJccb19h8-qEer3mEdAXKadBE6TW2vF53XQFR6ItDbap78qliczEzZAAW8XMWxNNR5y9haWcRow4eDef4zbsbDog5IOiE9UCellwkV0llnPQxZqdhRhAceZ1zW4C5IacTiGw-DZqRGC7nygwg7_ovojw_qPxrH8Siq8lJlTcbXjuzpfhQdXTjsWmjL016cHOHKoOcDhk7J1ZYHzHd7UxNcG7U54DumbWnPRehOjrGOyZJV1pnypJyCeC-mUV5YvFV5h46V2XWMySjo1Vo0v1pChwXgL7SqoKCBJWeX8QhdZKbVsGX2FaQjQKuRYncTaQRPWOS5Bikg&lptoken=16dc66ab2042208819af&c2=2781&c1=5wmf1wn2ueaqjupvuylw80og4%2C16628570%2C5%2C2781
pragma: no-cache
server: nginx

GET
H/1.1 200
OK blogo.png
k9j5t5p4.ssl.hwcdn.net/bing/ 7 KB
8 KB 29ms
29ms Image
image/png 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k9j5t5p4.ssl.hwcdn.net/bing/blogo.png
Requested by: Host: k9j5t5p4.ssl.hwcdn.net
URL: https://k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=9hGOMahw0hnmSa3M51essxwmPuutsDetHZR1q3pxIL-rJL0xLIAZLo6UcwBt2bjXMCsqy-QypvODXdzXcaA41wIYe58dwaPcdBGDQnz-9v4WAXdrLuuJGK_FUpoIN9Vqj104Z0bsHPqFmJccb19h8-qEer3mEdAXKadBE6TW2vF53XQFR6ItDbap78qliczEzZAAW8XMWxNNR5y9haWcRow4eDef4zbsbDog5IOiE9UCellwkV0llnPQxZqdhRhAceZ1zW4C5IacTiGw-DZqRGC7nygwg7_ovojw_qPxrH8Siq8lJlTcbXjuzpfhQdXTjsWmjL016cHOHKoOcDhk7J1ZYHzHd7UxNcG7U54DumbWnPRehOjrGOyZJV1pnypJyCeC-mUV5YvFV5h46V2XWMySjo1Vo0v1pChwXgL7SqoKCBJWeX8QhdZKbVsGX2FaQjQKuRYncTaQRPWOS5Bikg&lptoken=16dc66ab2042208819af&c2=2781&c1=5wmf1wn2ueaqjupvuylw80og4%2C16628570%2C5%2C2781
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: WasabiS3/7.7.900-2022-08-19-6bff245bcf (head07) /
Resource Hash: f1f97ddb28a4925de8234dd9a91b0cd8d5e8d050e2a2f5993ecffc278e733c37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=9hGOMahw0hnmSa3M51essxwmPuutsDetHZR1q3pxIL-rJL0xLIAZLo6UcwBt2bjXMCsqy-QypvODXdzXcaA41wIYe58dwaPcdBGDQnz-9v4WAXdrLuuJGK_FUpoIN9Vqj104Z0bsHPqFmJccb19h8-qEer3mEdAXKadBE6TW2vF53XQFR6ItDbap78qliczEzZAAW8XMWxNNR5y9haWcRow4eDef4zbsbDog5IOiE9UCellwkV0llnPQxZqdhRhAceZ1zW4C5IacTiGw-DZqRGC7nygwg7_ovojw_qPxrH8Siq8lJlTcbXjuzpfhQdXTjsWmjL016cHOHKoOcDhk7J1ZYHzHd7UxNcG7U54DumbWnPRehOjrGOyZJV1pnypJyCeC-mUV5YvFV5h46V2XWMySjo1Vo0v1pChwXgL7SqoKCBJWeX8QhdZKbVsGX2FaQjQKuRYncTaQRPWOS5Bikg&lptoken=16dc66ab2042208819af&c2=2781&c1=5wmf1wn2ueaqjupvuylw80og4%2C16628570%2C5%2C2781
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 17:23:39 GMT
Last-Modified: Mon, 12 Sep 2022 17:52:53 GMT
Server: WasabiS3/7.7.900-2022-08-19-6bff245bcf (head07)
x-amz-request-id: 40C44042D893DDE4
ETag: "0cf8d7eff944be4c1291e59790d6f38c"
X-HW: 1666200219.dop003.lo4.t,1666200219.cds032.lo4.shn,1666200219.dop003.lo4.t,1666200219.cds291.lo4.c
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 7676
x-amz-id-2: VG6S24mKMo/i8LQcJEsiu+TvVhciaAJF/Lby/sZ9PTPH0n2ul7r3Znrnbb4mzIjW8dvGt16BYANv

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lynku.jukminung.com
URL: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/75cb33c17f49be35

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dowdyhowdy.com/	1970-01-20 07:33:12	Name: uid15295 Value: 1295351420-20221019132332-e888090224371a49c8d13c356b3752c0-
lynku.jukminung.com/	1970-01-20 07:00:05	Name: AWSALB Value: NZOAOshFZFVm3h1MI0Rj3g25ZN4vO7lTo5zpXY+T3sZW+KPTwWnf03WQ6o/12SlF/YeyL4tR4zJ2TgbNPPYmrTB+/K916cwjqskN5q942dyo+4Uy+XzpfsTgQXne
otto.sherlowcke.com/	1970-01-20 15:35:36	Name: u Value: fc3a85eafdf956b4853177848a767f1f
myofferplus.com/	1970-01-20 07:00:05	Name: AWSALB Value: VRy2lLeci4iWvCA06BafLl01EhvwmRmp0aGtR7+kZqm76XLTZqzTY604qovrlIAs6ZYr/jn4QcWctCOGKZrh2hTVF2vsvWFVtKjhNdVUcyBHg6yUt0e/3cayyOfX
harrenmedia.g2afse.com/	1970-01-20 15:35:36	Name: afclick Value: 6350329903bb5200013089af
admoustache.go2affise.com/	1970-01-20 15:35:36	Name: afclick Value: 635032998e81b300015155ec
trk84.zzzperform.com/	1970-01-20 16:26:00	Name: BSESSID Value: trk50fc1f2c-9412-46cf-aff9-d5c95ac31f64
.1d658ac571c.nobhere.com/	1970-01-20 06:50:00	Name: rts-trck Value: 1
.nobhere.com/	1970-01-20 16:26:00	Name: t-uuid Value: 5wmf1wn2xdpqmammnktssocg4
.nobhere.com/	1970-01-20 06:50:00	Name: traffic-back Value: ok
.optiestrycended.com/	1970-01-20 06:51:26	Name: bf0465cf-e980-478d-87f2-27d14b1b731e-v4 Value: opj_TXFnYSBSkI-stcF4qa_8-lMZqWXFOcActEJ27AY
.optiestrycended.com/	1970-01-20 06:51:26	Name: cep-v4 Value: 30gByj-xNR-ektx8udmOdEwUq4gyPLbYk3gg2LkFIhdkQjHgx3ynlXcGOdGMyl5u5ME9EDoxZNh0qqeRSLTfVLpzMRQ-EDKOPA2iqwwT5E6ka4_e53CZGXSpMJdCFLC3Htw3wbPUIDRFQsZRQ0SUjARN0DKeJDrygN9xd9ueRRxeBdq2a4JScXPp83VH_bY9OVQFgaVQoBZiNuI7lxvKswC1Pd_js15Vn_1FBM5ZTREThwcxJ_RjRttp8yVcL9PN9iDrFTir07sbZmG1XIF9DBXr2mUwWnaDWu-fmEgZps94hiFGtOqgMEehV3cqMpO40bNEyaUi_Lh8iooHU7-m3TXUQlrTFyOIfai2KWLPDM6vVW34Xlxg8CxQFWxuGMt5ljvMKtBPZ32mpuOQrYw7VgwclFc4qhRnLf9ZeWvQ7ogabyHN1Bq963rU0CwNi56Y8u43sFtCRVC_bOkYVuUxYg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d658ac571c.nobhere.com
admoustache.go2affise.com
cdn.addlnk.com
dowdyhowdy.com
goaserver.com
harrenmedia.g2afse.com
k9j5t5p4.ssl.hwcdn.net
lynku.jukminung.com
myofferplus.com
optiestrycended.com
otto.sherlowcke.com
topictraff.com
traxxonline.com
trk84.zzzperform.com
wwpushnews.com
www.wewillserv.com
lynku.jukminung.com
18.156.93.177
185.32.28.169
209.124.69.114
2606:4700:3030::ac43:bfdd
2606:4700:3032::6815:1cae
2606:4700:e2::ac40:8c0c
2a06:98c1:3120::3
2a06:98c1:3121::3
34.90.46.36
34.91.234.242
45.249.91.146
51.68.81.31
62.212.87.141
65.60.58.179
69.16.175.42
94.237.99.118
29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a
2e0c77e31bf6fbe26c768a1a2f887ea01a8d5ee3c73b5aa5a3067c35ff79e69b
64db5071cbbaccbe29d0421b0465daa2d32e90b4563f8deab7e2d63e769a6301
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
af117cf77654c6ffd570a53482569995e0b931bcb5fceee2bf81a849d88f2ee7
b472beab5f64e930a3d279e55a119d900e27146e1f31cc078bc21ba439a5c9fb
d872583c713889f4155f859651a8d9acb8a5a7fc70f147f52ecad16a8b034bfa
dc9872459c94b60f19b18af7d93c305dc289cec60d8fe80b8c969148afef3d49
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1f97ddb28a4925de8234dd9a91b0cd8d5e8d050e2a2f5993ecffc278e733c37

k9j5t5p4.ssl.hwcdn.net Open in urlscan Pro 69.16.175.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

22 Requests

95 %HTTPS

31 %IPv6

16 Domains

16 Subdomains

12 IPs

6 Countries

79 kBTransfer

164 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

12 Cookies

Indicators

k9j5t5p4.ssl.hwcdn.net Open in urlscan Pro
69.16.175.42 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

95 %
HTTPS

31 %
IPv6

16
Domains

16
Subdomains

12
IPs

6
Countries

79 kB
Transfer

164 kB
Size

12
Cookies

22 HTTP transactions
0 data transactions