s.anadm.link Open in urlscan Pro
13.33.174.9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bestfreeofferz.com/cr.php?cid=7315&aff_id=7224&aff_sub=heranew27&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_unique...
Effective URL:
https://s.anadm.link/44542/4287/?aff_sub=6627823f618b8b1.28304205%3B318&aff_sub2=124858&aff_sub3=wlhcd08creifr41g26j3...
Submission: On May 08 via api (May 8th 2022, 8:11:37 pm UTC) from JP — Scanned from JP

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 12 domains to perform 10 HTTP transactions. The main IP is 13.33.174.9, located in United States and belongs to AMAZON-02, US. The main domain is s.anadm.link. The Cisco Umbrella rank of the primary domain is 250236.
TLS certificate: Issued by Amazon on July 1st 2021. Valid for: a year.

This is the only time s.anadm.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3030::ac43:883e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	184.72.22.83 184.72.22.83	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:303... 2606:4700:3038::6815:e9f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3037::6815:43bb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:1446	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	54.80.193.233 54.80.193.233	14618 (AMAZON-AES) (AMAZON-AES)
1	3.213.249.202 3.213.249.202	14618 (AMAZON-AES) (AMAZON-AES)
2	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
2 2	18.136.82.95 18.136.82.95	16509 (AMAZON-02) (AMAZON-02)
1	13.33.174.9 13.33.174.9	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:d60... 2a02:6ea0:d600::2	() ()
10	6

1 2606:4700:3030::ac43:883e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bestfreeofferz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.72.22.83 (San Jose, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-184-72-22-83.us-west-1.compute.amazonaws.com

clik.global-trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:e9f8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ezofferz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::6815:43bb (United States)

ASN13335 (CLOUDFLARENET, US)

lynku.zinguety.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:1446 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.addlnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.80.193.233 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-193-233.compute-1.amazonaws.com

ge.grngstrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.cmvrclicks000.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.249.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-249-202.compute-1.amazonaws.com

t.frtyl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

ckstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.136.82.95 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-82-95.ap-southeast-1.compute.amazonaws.com

a.vfgtg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.174.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-174-9.nrt57.r.cloudfront.net

s.anadm.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:d600::2 (None, )

ASN- ()

hello.fuckbook.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	zinguety.com lynku.zinguety.com	27 KB
2	vfgtg.com 2 redirects a.vfgtg.com — Cisco Umbrella Rank: 246413	1 KB
2	ckstatic.com ckstatic.com — Cisco Umbrella Rank: 174941	14 KB
2	global-trk.com 2 redirects clik.global-trk.com	3 KB
1	fuckbook.tv hello.fuckbook.tv
1	cmvrclicks000.com 1 redirects secure.cmvrclicks000.com	2 KB
1	anadm.link s.anadm.link — Cisco Umbrella Rank: 250236	2 KB
1	frtyl.com t.frtyl.com	2 KB
1	grngstrck.com 1 redirects ge.grngstrck.com — Cisco Umbrella Rank: 735152	1 KB
1	addlnk.com cdn.addlnk.com — Cisco Umbrella Rank: 181816	1 KB
1	ezofferz.com 1 redirects ezofferz.com	1 KB
1	bestfreeofferz.com 1 redirects bestfreeofferz.com	1 KB
10	12

	Domain	Requested by
4	lynku.zinguety.com	lynku.zinguety.com
2	a.vfgtg.com	2 redirects
2	ckstatic.com	t.frtyl.com s.anadm.link
2	clik.global-trk.com	2 redirects
1	hello.fuckbook.tv	s.anadm.link
1	secure.cmvrclicks000.com	1 redirects
1	s.anadm.link	t.frtyl.com
1	t.frtyl.com	lynku.zinguety.com
1	ge.grngstrck.com	1 redirects
1	cdn.addlnk.com	lynku.zinguety.com
1	ezofferz.com	1 redirects
1	bestfreeofferz.com	1 redirects
10	12

This site contains no links.

Subject Issuer	Validity	Valid
*.zinguety.com E1	`2022-04-21` - `2022-07-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh
t.frtyh.com R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
*.ckstatic.com R3	`2022-02-24` - `2022-05-25`	3 months	crt.sh
*.ajrkm.link Amazon	`2021-07-01` - `2022-07-30`	a year	crt.sh
1443267757.rsc.cdn77.org R3	`2022-03-04` - `2022-06-02`	3 months	crt.sh

This page contains 1 frames:

Frame: https://hello.fuckbook.tv/lander/sk_version1_jp/?af=757&af_source=offerit&oid=2627823f92ecc10.77050424&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=10207e428cb8477bbbc0788fd29b21&subaff=44542&subaff2=124858&bo=2753%2C2754%2C2755%2C2756
Frame ID: 80153525FEE0493770D7703D79016ECE
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bestfreeofferz.com/cr.php?cid=7315&aff_id=7224&aff_sub=heranew27&aff_sub2=&aff_sub3=&aff_sub4=&... HTTP 302
https://clik.global-trk.com/aff_c?offer_id=7117&aff_unique4=4043:29251&aff_unique5=CRPX&aff_id=7224&aff_... HTTP 302
http://ezofferz.com/cr.php?cid=3064&aff_id=7224&aff_sub=heranew27&aff_sub2=&aff_sub3=&aff_sub4=&... HTTP 302
https://clik.global-trk.com/aff_c?offer_id=7205&aff_unique4=3064:4692&aff_unique5=7w;A050872692&aff_id=7... HTTP 302
https://lynku.zinguety.com/rc/bae6f80293?affclick=102fa1b6adc8d0e6ef48497e159ae4&pubid=GSL-7224&af=hera... Page URL
https://ge.grngstrck.com/lgtrack/MzE4LjU?autocamp=cbad6d8b_GSL-7224&_ocid=pubde1715b29b7940e38b8d3f4d... HTTP 302
https://t.frtyl.com/fivm7ygcjk?url_id=0&aff_id=124858&offer_id=7340&bo=2753,2754,2755,2756&po=64... Page URL
https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=6627823f618b8b1.28304205%3B318&a... HTTP 302
https://a.vfgtg.com/20aabc55-9fe1-45ac-bd10-4108cd0f740a?subID1=6627823f618b8b1.28304205%3B318&a... HTTP 302
https://s.anadm.link/44542/4287/?aff_sub=6627823f618b8b1.28304205%3B318&aff_sub2=124858&aff_sub3=... Page URL

Page Statistics

10
Requests

100 %
HTTPS

45 %
IPv6

12
Domains

12
Subdomains

6
IPs

2
Countries

46 kB
Transfer

122 kB
Size

27
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bestfreeofferz.com/cr.php?cid=7315&aff_id=7224&aff_sub=heranew27&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_unique5=CRPX&trn=102af453a4a6002b37158219b8b986 HTTP 302
https://clik.global-trk.com/aff_c?offer_id=7117&aff_unique4=4043:29251&aff_unique5=CRPX&aff_id=7224&aff_sub=heranew27&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_unique5=uiSC050872691&trn=102af453a4a6002b37158219b8b986 HTTP 302
http://ezofferz.com/cr.php?cid=3064&aff_id=7224&aff_sub=heranew27&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&trn=10223dbf7462ce8f6d99acc90a75ed HTTP 302
https://clik.global-trk.com/aff_c?offer_id=7205&aff_unique4=3064:4692&aff_unique5=7w;A050872692&aff_id=7224&aff_sub=heranew27&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&trn=10223dbf7462ce8f6d99acc90a75ed HTTP 302
https://lynku.zinguety.com/rc/bae6f80293?affclick=102fa1b6adc8d0e6ef48497e159ae4&pubid=GSL-7224&af=heranew27 Page URL
https://ge.grngstrck.com/lgtrack/MzE4LjU?autocamp=cbad6d8b_GSL-7224&_ocid=pubde1715b29b7940e38b8d3f4d5f4609ca HTTP 302
https://t.frtyl.com/fivm7ygcjk?url_id=0&aff_id=124858&offer_id=7340&bo=2753,2754,2755,2756&po=6456&aff_sub=6627823f618b8b1.28304205&source=318&aff_sub2=cbad6d8b_GSL-7224&autocamp=cbad6d8b_GSL-7224&_ocid=pubde1715b29b7940e38b8d3f4d5f4609ca&ocode=MzE4LjcyMTkuMTQ0Ny4xNjUzLjE3MzkuMC45LjUuMC4wLjAuMA Page URL
https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=6627823f618b8b1.28304205%3B318&affiliateID=44542&source=102d410133ba5132e1a10adc392252&subID2=124858&s2=102d410133ba5132e1a10adc392252&s3=6627823f618b8b1.28304205%3B318&s4=124858&url=1&affsub=6627823f618b8b1.28304205&affsource=318&bo=2753%2C2754%2C2755%2C2756 HTTP 302
https://a.vfgtg.com/20aabc55-9fe1-45ac-bd10-4108cd0f740a?subID1=6627823f618b8b1.28304205%3B318&affiliateID=44542&source=102d410133ba5132e1a10adc392252&subID2=124858&Target=&Site=&Bnr=&cid=wcdu68e9umk7841g2nlsk78i&email= HTTP 302
https://s.anadm.link/44542/4287/?aff_sub=6627823f618b8b1.28304205%3B318&aff_sub2=124858&aff_sub3=wlhcd08creifr41g26j3643e&source=102d410133ba5132e1a10adc392252&bo=2753,2754,2755,2756 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://bestfreeofferz.com/cr.php?cid=7315&aff_id=7224&aff_sub=heranew27&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_unique5=CRPX&trn=102af453a4a6002b37158219b8b986 HTTP 302
https://clik.global-trk.com/aff_c?offer_id=7117&aff_unique4=4043:29251&aff_unique5=CRPX&aff_id=7224&aff_sub=heranew27&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_unique5=uiSC050872691&trn=102af453a4a6002b37158219b8b986 HTTP 302
http://ezofferz.com/cr.php?cid=3064&aff_id=7224&aff_sub=heranew27&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&trn=10223dbf7462ce8f6d99acc90a75ed HTTP 302
https://clik.global-trk.com/aff_c?offer_id=7205&aff_unique4=3064:4692&aff_unique5=7w;A050872692&aff_id=7224&aff_sub=heranew27&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&trn=10223dbf7462ce8f6d99acc90a75ed HTTP 302
https://lynku.zinguety.com/rc/bae6f80293?affclick=102fa1b6adc8d0e6ef48497e159ae4&pubid=GSL-7224&af=heranew27

Request Chain 4

https://ge.grngstrck.com/lgtrack/MzE4LjU?autocamp=cbad6d8b_GSL-7224&_ocid=pubde1715b29b7940e38b8d3f4d5f4609ca HTTP 302
https://t.frtyl.com/fivm7ygcjk?url_id=0&aff_id=124858&offer_id=7340&bo=2753,2754,2755,2756&po=6456&aff_sub=6627823f618b8b1.28304205&source=318&aff_sub2=cbad6d8b_GSL-7224&autocamp=cbad6d8b_GSL-7224&_ocid=pubde1715b29b7940e38b8d3f4d5f4609ca&ocode=MzE4LjcyMTkuMTQ0Ny4xNjUzLjE3MzkuMC45LjUuMC4wLjAuMA

Request Chain 8

https://secure.cmvrclicks000.com/track/NzU3LjI2ODExMy4xNDIuNDUzLjAuMC4wLjAuMC4wLjAuMA?_ocid=10207e428cb8477bbbc0788fd29b21&subaff=44542&subaff2=124858&bo=2753%2C2754%2C2755%2C2756 HTTP 302
https://hello.fuckbook.tv/lander/sk_version1_jp/?af=757&af_source=offerit&oid=2627823f92ecc10.77050424&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=10207e428cb8477bbbc0788fd29b21&subaff=44542&subaff2=124858&bo=2753%2C2754%2C2755%2C2756

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

bae6f80293 Show response
lynku.zinguety.com/rc/
Redirect Chain

http://bestfreeofferz.com/cr.php?cid=7315&aff_id=7224&aff_sub=heranew27&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_unique5=CRPX&trn=102af453a4a6002b37158219b8b986
https://clik.global-trk.com/aff_c?offer_id=7117&aff_unique4=4043:29251&aff_unique5=CRPX&aff_id=7224&aff_sub=heranew27&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_unique5=uiSC050872691&trn=102af453a...
http://ezofferz.com/cr.php?cid=3064&aff_id=7224&aff_sub=heranew27&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&trn=10223dbf7462ce8f6d99acc90a75ed
https://clik.global-trk.com/aff_c?offer_id=7205&aff_unique4=3064:4692&aff_unique5=7w;A050872692&aff_id=7224&aff_sub=heranew27&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&trn=10223dbf7462ce8f6d99acc90a75ed
https://lynku.zinguety.com/rc/bae6f80293?affclick=102fa1b6adc8d0e6ef48497e159ae4&pubid=GSL-7224&af=heranew27

2 KB
2 KB

571ms
538ms

Document
text/html

2606:4700:3037::6815:43bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lynku.zinguety.com/rc/bae6f80293?affclick=102fa1b6adc8d0e6ef48497e159ae4&pubid=GSL-7224&af=heranew27
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:43bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe1aa5884987f3d7af90e882a508cb10e50d217ed236cb76c72d378d41e4963

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7084d859ab3d80f3-NRT
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
date: Sun, 08 May 2022 20:11:33 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRhB8UKy4tXU60bgOILEmPdz07RxLjmLO1biQggs4EBR9UwFnyRFk5uTo6trt4KC%2BWdTVgg6XsqLYs%2BlDiYRbA0Etvx0IiXB06I7NZZ2IN0nXTwigc%2Fl8UxmUJQTl8s11o7ASAmrlM4ZDA8owHAUS0A%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Language, Cookie

Redirect headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 300
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 08 May 2022 20:11:32 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://lynku.zinguety.com/rc/bae6f80293?affclick=102fa1b6adc8d0e6ef48497e159ae4&pubid=GSL-7224&af=heranew27
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx
Tracking_id: 102fa1b6adc8d0e6ef48497e159ae4
X-Request-Id: a83daf79add8ec2e65383915ad34ad46
X-Robots-Tag: noindex, nofollow

GET
H2 200 redirect.css
cdn.addlnk.com/ 1 KB
1 KB 24ms
9ms Stylesheet
text/css 2606:4700:3033::6815:1446
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addlnk.com/redirect.css
Requested by: Host: lynku.zinguety.com
URL: https://lynku.zinguety.com/rc/bae6f80293?affclick=102fa1b6adc8d0e6ef48497e159ae4&pubid=GSL-7224&af=heranew27
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:1446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 20:11:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1704
cf-polished: origSize=1680
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: YRM8V4Y507THGBS6
x-amz-id-2: 1fK9ai+fouZY6RFTupRB39IcOMyNyCTwMgebvo7NoZxGKwpI4SVN7paqh/O704x1bXIXwZek+WQ=
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
server: cloudflare
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzFySscV%2BJQhHT%2F%2Fe18zv8UY6jJcEoDxmUKFTzFbXAihZm3U4Qj6cMIlfp8HrozVly8JGvlMb0Hcbm%2BJF0O7vXIs0rDC6urPoZ4Ttav4Wzcg1Q5vHcPqzoZV3V3EMlzNXXaxOzjB8shul9%2BEdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 7084d85d7b0b8a48-NRT
cf-bgj: minify

GET
H2 200 invisible.js Show response
lynku.zinguety.com/cdn-cgi/challenge-platform/h/g/scripts/ 47 KB
17 KB 12ms
12ms Script
application/javascript 2606:4700:3037::6815:43bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lynku.zinguety.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1652040000
Requested by: Host: lynku.zinguety.com
URL: https://lynku.zinguety.com/rc/bae6f80293?affclick=102fa1b6adc8d0e6ef48497e159ae4&pubid=GSL-7224&af=heranew27
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:43bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d033272922e36f91dc1bbf7dc238d7e8ebca3200ef02bee666539617a79d4992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 20:11:33 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KyBR%2FtNNlaa7ew1FSR8trUQNr5IFeFII7V1p%2FYsm9DC9X7ofY6UgZmDtF5sS81enUQTBhDHM20sguxGOnqvGGDHpVsDKhLzhMMqSVZ6R0eYgLDczb%2FGLFPXGgQvGkKYHIix8q3M8ap1caoN1zv3QU0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 7084d85d6f6980f3-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
lynku.zinguety.com/cdn-cgi/challenge-platform/h/g/scripts/ 22 KB
8 KB 19ms
19ms Other
application/javascript 2606:4700:3037::6815:43bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lynku.zinguety.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:43bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4688df178999257575272bd46de23e4ac3c63fba3a04db09979dd9a83924fe67

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 20:11:33 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96D%2Fjp%2Ftbvlu7MVBcOfQXrVOthPYo9SJk2KJLvfNKcS1HPwMOFx9gr24BsXBE%2F3sByf1oYxQycH%2BYf14MA1HDo39asAArNDYpLFfYsFKnx9%2BMu8dqiGezsp4xqs2z0ousVndPJLDCo8KyfrXBZeCAjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 7084d85d984120a1-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

fivm7ygcjk Show response
t.frtyl.com/
Redirect Chain

https://ge.grngstrck.com/lgtrack/MzE4LjU?autocamp=cbad6d8b_GSL-7224&_ocid=pubde1715b29b7940e38b8d3f4d5f4609ca
https://t.frtyl.com/fivm7ygcjk?url_id=0&aff_id=124858&offer_id=7340&bo=2753,2754,2755,2756&po=6456&aff_sub=6627823f618b8b1.28304205&source=318&aff_sub2=cbad6d8b_GSL-7224&autocamp=cbad6d8b_GSL-7224&...

2 KB
2 KB

656ms
283ms

Document
text/html

3.213.249.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://t.frtyl.com/fivm7ygcjk?url_id=0&aff_id=124858&offer_id=7340&bo=2753,2754,2755,2756&po=6456&aff_sub=6627823f618b8b1.28304205&source=318&aff_sub2=cbad6d8b_GSL-7224&autocamp=cbad6d8b_GSL-7224&_ocid=pubde1715b29b7940e38b8d3f4d5f4609ca&ocode=MzE4LjcyMTkuMTQ0Ny4xNjUzLjE3MzkuMC45LjUuMC4wLjAuMA

Requested by

Host: lynku.zinguety.com
URL: https://lynku.zinguety.com/rc/bae6f80293?affclick=102fa1b6adc8d0e6ef48497e159ae4&pubid=GSL-7224&af=heranew27

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.213.249.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-213-249-202.compute-1.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

f0d68f41ec7ed770b8bb4506347311fbbd7e64616946bf180d361ff304150573

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://lynku.zinguety.com/rc/bae6f80293?affclick=102fa1b6adc8d0e6ef48497e159ae4&pubid=GSL-7224&af=heranew27
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 08 May 2022 20:11:34 GMT
server: nginx/1.17.10
strict-transport-security: max-age=15724800; includeSubDomains
tracking_id: 102d410133ba5132e1a10adc392252
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 08 May 2022 20:11:34 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://t.frtyl.com/fivm7ygcjk?url_id=0&aff_id=124858&offer_id=7340&bo=2753,2754,2755,2756&po=6456&aff_sub=6627823f618b8b1.28304205&source=318&aff_sub2=cbad6d8b_GSL-7224&autocamp=cbad6d8b_GSL-7224&_ocid=pubde1715b29b7940e38b8d3f4d5f4609ca&ocode=MzE4LjcyMTkuMTQ0Ny4xNjUzLjE3MzkuMC45LjUuMC4wLjAuMA
pragma: no-cache
server: Apache/2.4.53 (Ubuntu)

POST
H3 200 7084d859ab3d80f3
lynku.zinguety.com/cdn-cgi/challenge-platform/h/g/cv/result/ 2 B
731 B 26ms
26ms XHR
text/plain 2606:4700:3037::6815:43bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lynku.zinguety.com/cdn-cgi/challenge-platform/h/g/cv/result/7084d859ab3d80f3
Requested by: Host: lynku.zinguety.com
URL: https://lynku.zinguety.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1652040000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:43bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 08 May 2022 20:11:33 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vu2ttcaEcZJKowAX1oY%2FdXZp149gHcShjefsDcN%2BM0q2PGW7QaIrRQ%2FZdKxXkYIT2w%2BVgP%2BGniyKzdN3WXCjFm95fJKOPmiUASbWVJNEDJZu5VLBt60%2FuUt7zxbGIBeHPl3hpoeBi8sFMqDYULbPkQc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7084d85fea7520a1-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK history.js Show response
ckstatic.com/js/historyjs/ 23 KB
7 KB 299ms
71ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ckstatic.com/js/historyjs/history.js
Requested by: Host: t.frtyl.com
URL: https://t.frtyl.com/fivm7ygcjk?url_id=0&aff_id=124858&offer_id=7340&bo=2753,2754,2755,2756&po=6456&aff_sub=6627823f618b8b1.28304205&source=318&aff_sub2=cbad6d8b_GSL-7224&autocamp=cbad6d8b_GSL-7224&_ocid=pubde1715b29b7940e38b8d3f4d5f4609ca&ocode=MzE4LjcyMTkuMTQ0Ny4xNjUzLjE3MzkuMC45LjUuMC4wLjAuMA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://t.frtyl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Sun, 08 May 2022 20:11:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Dec 2020 12:45:10 GMT
ETag: "1607431510"
X-HW: 1652040695.dop030.si2.t,1652040695.cds236.si2.shn,1652040695.cds236.si2.c
Content-Type: text/javascript
Cache-Control: public, max-age=1497
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 6880

GET
H2

200

Primary Request / Show response
s.anadm.link/44542/4287/
Redirect Chain

https://a.vfgtg.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=6627823f618b8b1.28304205%3B318&affiliateID=44542&source=102d410133ba5132e1a10adc392252&subID2=124858&s2=102d410133ba5132e1a10adc39225...
https://a.vfgtg.com/20aabc55-9fe1-45ac-bd10-4108cd0f740a?subID1=6627823f618b8b1.28304205%3B318&affiliateID=44542&source=102d410133ba5132e1a10adc392252&subID2=124858&Target=&Site=&Bnr=&cid=wcdu68e9u...
https://s.anadm.link/44542/4287/?aff_sub=6627823f618b8b1.28304205%3B318&aff_sub2=124858&aff_sub3=wlhcd08creifr41g26j3643e&source=102d410133ba5132e1a10adc392252&bo=2753,2754,2755,2756

2 KB
2 KB

795ms
777ms

Document
text/html

13.33.174.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.anadm.link/44542/4287/?aff_sub=6627823f618b8b1.28304205%3B318&aff_sub2=124858&aff_sub3=wlhcd08creifr41g26j3643e&source=102d410133ba5132e1a10adc392252&bo=2753,2754,2755,2756

Requested by

Host: t.frtyl.com
URL: https://t.frtyl.com/fivm7ygcjk?url_id=0&aff_id=124858&offer_id=7340&bo=2753,2754,2755,2756&po=6456&aff_sub=6627823f618b8b1.28304205&source=318&aff_sub2=cbad6d8b_GSL-7224&autocamp=cbad6d8b_GSL-7224&_ocid=pubde1715b29b7940e38b8d3f4d5f4609ca&ocode=MzE4LjcyMTkuMTQ0Ny4xNjUzLjE3MzkuMC45LjUuMC4wLjAuMA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.174.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-174-9.nrt57.r.cloudfront.net

Software

nginx/1.19.0 /

Resource Hash

91b27f8846f4fcb0c99bde874892be6d511ba9440f58e0eebd1717cc88880eed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://t.frtyl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 08 May 2022 20:11:36 GMT
server: nginx/1.19.0
strict-transport-security: max-age=15724800; includeSubDomains
tracking_id: 10207e428cb8477bbbc0788fd29b21
vary: Accept-Encoding
via: 1.1 aa19ac2dc7aac8963b7348f7816ca144.cloudfront.net (CloudFront)
x-amz-cf-id: zOu_bc5OPmg9v40wtuAKwEdW61tusxjsZ2iXOfPBCNg9_Xp2Jm-UIQ==
x-amz-cf-pop: NRT57-C2
x-cache: Miss from cloudfront

Redirect headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Sun, 08 May 2022 20:11:35 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.anadm.link/44542/4287/?aff_sub=6627823f618b8b1.28304205%3B318&aff_sub2=124858&aff_sub3=wlhcd08creifr41g26j3643e&source=102d410133ba5132e1a10adc392252&bo=2753,2754,2755,2756
pragma: no-cache
server: nginx

GET
H/1.1 200
OK history.js Show response
ckstatic.com/js/historyjs/ 23 KB
7 KB 72ms
71ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ckstatic.com/js/historyjs/history.js
Requested by: Host: s.anadm.link
URL: https://s.anadm.link/44542/4287/?aff_sub=6627823f618b8b1.28304205%3B318&aff_sub2=124858&aff_sub3=wlhcd08creifr41g26j3643e&source=102d410133ba5132e1a10adc392252&bo=2753,2754,2755,2756
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s.anadm.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Sun, 08 May 2022 20:11:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Dec 2020 12:45:10 GMT
ETag: "1607431510"
X-HW: 1652040695.dop030.si2.t,1652040696.cds236.si2.shn,1652040696.cds236.si2.c
Content-Type: text/javascript
Cache-Control: public, max-age=1496
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 6880

GET
H2

200

/
hello.fuckbook.tv/lander/sk_version1_jp/
Redirect Chain

https://secure.cmvrclicks000.com/track/NzU3LjI2ODExMy4xNDIuNDUzLjAuMC4wLjAuMC4wLjAuMA?_ocid=10207e428cb8477bbbc0788fd29b21&subaff=44542&subaff2=124858&bo=2753%2C2754%2C2755%2C2756
https://hello.fuckbook.tv/lander/sk_version1_jp/?af=757&af_source=offerit&oid=2627823f92ecc10.77050424&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=10207e428cb8477...

0
0

172ms
52ms

Document
text/html

2a02:6ea0:d600::2

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.fuckbook.tv/lander/sk_version1_jp/?af=757&af_source=offerit&oid=2627823f92ecc10.77050424&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=10207e428cb8477bbbc0788fd29b21&subaff=44542&subaff2=124858&bo=2753%2C2754%2C2755%2C2756
Requested by: Host: s.anadm.link
URL: https://s.anadm.link/44542/4287/?aff_sub=6627823f618b8b1.28304205%3B318&aff_sub2=124858&aff_sub3=wlhcd08creifr41g26j3643e&source=102d410133ba5132e1a10adc392252&bo=2753,2754,2755,2756
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d600::2 -, , ASN (),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Referer: https://s.anadm.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: br
content-type: text/html
date: Sun, 08 May 2022 20:11:37 GMT
etag: W/"6274d326-3a99"
last-modified: Fri, 06 May 2022 07:49:58 GMT
server: CDN77-Turbo
x-77-cache: HIT
x-77-nzt: AVQROQWvQ4H/FCQDAA
x-77-nzt-ray: e8avxUB8eS8
x-77-pop: hongkongHK
x-accel-expires: @1652871653
x-age: 205844
x-cache: HIT

Redirect headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 08 May 2022 20:11:37 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://hello.fuckbook.tv/lander/sk_version1_jp/?af=757&af_source=offerit&oid=2627823f92ecc10.77050424&utm_source=757&utm_medium=fbpps&utm_content=home&utm_campaign=cummission&_ocid=10207e428cb8477bbbc0788fd29b21&subaff=44542&subaff2=124858&bo=2753%2C2754%2C2755%2C2756
pragma: no-cache
server: Apache/2.4.53 (Ubuntu)

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bestfreeofferz.com/	1970-01-20 03:14:10	Name: hskp Value: uiSC050872691%2C
bestfreeofferz.com/	1970-01-20 02:54:01	Name: skip Value: -1652040691%2C34098
bestfreeofferz.com/	1970-01-20 02:55:27	Name: 7315_34098_0 Value: 1652040691
clik.global-trk.com/	1970-01-20 03:38:39	Name: enc_aff_session_7054 Value: ENC03af198e1985e3965c85c637dce64dc6e49a4dfcf1e568da94ee82511df967efa7b6565af26a13aa9abd823e78e28cd5c36749f55ba18e8937afc2be5d4bd9eeb7bd6f9bad9fa44af7843111ea82edc6a6d4699557f3632b48d75db3db1c7e8a9806ec03bcde82092d867a624299944931ed0e3d20067604a13072d2b43a2745275b87355c2009fff11c02fac7512f2e07ee88ecbc6514592f48347c7b43d056ff16e54466
clik.global-trk.com/	1970-01-21 04:19:36	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDEiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwMS4wLjQ5NTEuNDEgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImpwLUpQLGpwO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
ezofferz.com/	1970-01-20 03:14:10	Name: hskp Value: 7w%3BA050872692%2C
ezofferz.com/	1970-01-20 02:54:01	Name: skip Value: -1652040692%2C35164
ezofferz.com/	1970-01-20 02:55:27	Name: 3064_35164_0 Value: 1652040692
clik.global-trk.com/	1970-01-20 03:38:39	Name: enc_aff_session_7205 Value: ENC033b1381f7d1705c435f45e1c5d911e3cab9dbe59eeaf96769cf1c3f0302a063238137313253ec92ae11310bdcd62ae183037482060db1d1646c3efe92340ff3f54cc480f41efe85f65db8a90ff4836ada8152047e1d7c541ba95d2dc9fb6507ca2e8a83341e60e6ec20b52cb16decba5338c9b776e4dca31c25fe28038adac39ebc4857b009c6e3cb633f4df1cf7612efaacf03100d5cab0aebdc744b39fd3bec1678c785
lynku.zinguety.com/	1970-01-20 03:04:05	Name: AWSALB Value: lA1NbT7nN1vfg5y/8B7ig/hfUKmsBRpwicY89+lwpwu9vdGHJguB5C/bG6+vBiDU9RyG3pqyOyJbhh2LLyG/6S4I5OErcVEfEtYeq13VDOBzgoQDxYOacukICoaF
.zinguety.com/	1970-01-20 02:54:02	Name: __cf_bm Value: Wk8bitSY8_gOLIteliV7zjz27.bTR.XqTEUO0yzhO7k-1652040693-0-AdvDFwIUGV367b/rgbZOko9aP5Krz6we0LvaYGLQhyV/XzGa+0jvUb+9c/BwYpx+Pxp3EJXrP1ixXwraKO9g6k83NonyqEN7JWN3snOnIRKY6pml4NAB1xDyBjpvqx7fdA==
ge.grngstrck.com/	1970-01-20 03:04:05	Name: AWSALB Value: cyTHMiZ+wVQFBFEJDqfnY9cOfK/Cgdvm0eewZNArrD/dp5uAvuad8VsyLJZWzf7XZZFTPBQV4mg/o8Cq5syJ0VfsJZxQgRCtKeAT23pAjwG/4+GaDhbUvQz9d/91
ge.grngstrck.com/	1970-01-20 03:04:05	Name: AWSALBCORS Value: cyTHMiZ+wVQFBFEJDqfnY9cOfK/Cgdvm0eewZNArrD/dp5uAvuad8VsyLJZWzf7XZZFTPBQV4mg/o8Cq5syJ0VfsJZxQgRCtKeAT23pAjwG/4+GaDhbUvQz9d/91
ge.grngstrck.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: u4plfcs9o2sgfdt79v1763src3
.grngstrck.com/	1970-01-20 02:55:27	Name: offerit_unique_595_1447_1653 Value: MzE4LjcyMTkuMTQ0Ny4xNjUzLjE3MzkuMC45LjUuMC4wLjAuMA
.grngstrck.com/	1970-01-20 03:37:12	Name: ocode_595_1653 Value: MzE4LjcyMTkuMTQ0Ny4xNjUzLjE3MzkuMC45LjUuMC4wLjAuMA
.grngstrck.com/	1970-01-20 03:37:12	Name: ocode_595 Value: MzE4LjcyMTkuMTQ0Ny4xNjUzLjE3MzkuMC45LjUuMC4wLjAuMA
.grngstrck.com/	1970-01-20 03:37:12	Name: offerit_595_1653_cookie Value: No+Referring+URL
.grngstrck.com/	1970-01-20 03:37:12	Name: offerit_595_1653 Value: MzE4LjcyMTkuMTQ0Ny4xNjUzLjE3MzkuMC45LjUuMC4wLjAuMA\|\|\|6627823f618b8b1.28304205
t.frtyl.com/	1970-01-20 20:25:12	Name: enc_aff_session_3785 Value: ENC030f1f92b4da33abc8c000717c0864c9ed98c0d75aa8552ddbb15aa98c603c9e077de6dd5a61a5f6a9402ea95fb62127cc55d695b5edc01d88c2de66bdcf04cb54a1425f6bcc1d34b78393b4e5c3afd0c51813443284784d4909d85385fc8e8a1fb283bd2dbf38ac8bf79ddd100bd35b8247a8c0fa5f4cf8e093ea34ba2963a916c1245b867e752786e361dc6fe703ce24f077feb4f5889204ec91966020d605c21e4976aa
t.frtyl.com/	1970-01-21 04:19:36	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDEiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwMS4wLjQ5NTEuNDEgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D
.a.vfgtg.com/	1970-01-20 02:55:27	Name: ab267e05-23a0-430a-bac4-772f7f629740-v4 Value: ZKJ0rRm8HhiYTDA5HhpsKigWLtTMbpE42n4C7iBdaVY
.a.vfgtg.com/	1970-01-20 02:55:27	Name: 20aabc55-9fe1-45ac-bd10-4108cd0f740a-v4 Value: lnuN5sBf2HjkuPCCZzFpXjFKM5R7d5IBjM0aCXa65ww
.a.vfgtg.com/	1970-01-20 11:39:36	Name: cc-v4 Value: 2dq3sc0DguvY94J9pJ%2B9TcxO7R4hp6NCXz4qkMFiUjrRlRC9p4PqWw01exvPRHxD52evrXcA6mpY%2B2d%2Bh%2B70Doiwv2gT9lofdeMBuB8oPLAnXrLqERLUvRT3jfd%2B5ICYhqi0btToW3BvDE5wlTwHGg%3D%3D
s.anadm.link/	1970-01-20 02:55:27	Name: aff_ran_url_6530 Value: 20361
s.anadm.link/	1970-01-20 20:25:12	Name: enc_aff_session_6530 Value: ENC039e2b8c376d09a0551a452f235c9501a5f3f691017d29ba6fd4bf8545154cceed7e2c1360262da46afd899a798d13996c510e3dbf5d215f3cb4f4e5497f18490872709dec60b6595ddef07456974162411993ea7e365ff864b773c800fe407354d0d24301920e8ce89a9e35d139ab969be9d351ef24e3598c7527bd83f42b58a94241762b8f05da908a16e10b9e43d6c6f8e482df15148a46b89009c1502b58421c7aaea4de11d2f8e0e2b0a5341f84223a902aca4f2e5b9adee1a87450fb0ca81cb0973ef56b67a0ab145d89e3dc328272aa5f66eef8e440c0bfea6312d40508230ff754a1b97ec8558b3ae7bd842435f90ea0d8c3a4bf4e23ebd2656e8bbb8637d4bd8e
s.anadm.link/	1970-01-21 04:19:36	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDEiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwMS4wLjQ5NTEuNDEgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vfgtg.com
bestfreeofferz.com
cdn.addlnk.com
ckstatic.com
clik.global-trk.com
ezofferz.com
ge.grngstrck.com
hello.fuckbook.tv
lynku.zinguety.com
s.anadm.link
secure.cmvrclicks000.com
t.frtyl.com
13.33.174.9
18.136.82.95
184.72.22.83
205.185.216.10
2606:4700:3030::ac43:883e
2606:4700:3033::6815:1446
2606:4700:3037::6815:43bb
2606:4700:3038::6815:e9f8
2a02:6ea0:d600::2
3.213.249.202
54.80.193.233
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045
4688df178999257575272bd46de23e4ac3c63fba3a04db09979dd9a83924fe67
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
91b27f8846f4fcb0c99bde874892be6d511ba9440f58e0eebd1717cc88880eed
afe1aa5884987f3d7af90e882a508cb10e50d217ed236cb76c72d378d41e4963
d033272922e36f91dc1bbf7dc238d7e8ebca3200ef02bee666539617a79d4992
f0d68f41ec7ed770b8bb4506347311fbbd7e64616946bf180d361ff304150573

s.anadm.link Open in urlscan Pro 13.33.174.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

45 %IPv6

12 Domains

12 Subdomains

6 IPs

2 Countries

46 kBTransfer

122 kBSize

27 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

27 Cookies

Indicators

s.anadm.link Open in urlscan Pro
13.33.174.9 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

45 %
IPv6

12
Domains

12
Subdomains

6
IPs

2
Countries

46 kB
Transfer

122 kB
Size

27
Cookies

10 HTTP transactions
0 data transactions