urlscan.io logo urlscan.io
SecurityTrails logo

us-1.rwe-twe.com Open in urlscan Pro
65.60.9.235  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://111.90.139.34/1M00.stqo?gAAAAABksavvKbSnNSoAuxljKtLKjp5Jm3tVaWvF7VCBsPmsBo7mJC8VudIiYy7B-pHKpMClpFOJpy8JovYvVZ...
Effective URL: https://us-1.rwe-twe.com/?utm_term=7255930716385443863
Submission: On July 15 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 10 domains to perform 18 HTTP transactions. The main IP is 65.60.9.235, located in United States and belongs to SINGLEHOP-LLC, US. The main domain is us-1.rwe-twe.com.
TLS certificate: Issued by R3 on July 14th 2023. Valid for: 3 months.
This is the only time us-1.rwe-twe.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 111.90.139.34 45839 (SHINJIRU-...)
1 207.99.40.82 8001 (COLOGIX)
1 4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
3 67.212.184.146 32475 (SINGLEHOP...)
2 3 51.68.85.158 16276 (OVH)
1 1 34.147.1.177 396982 (GOOGLE-CL...)
1 4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 185.66.201.43 201702 (SKHOSTING-EU)
1 185.66.201.8 201702 (SKHOSTING-EU)
2 65.60.9.235 32475 (SINGLEHOP...)
18 10
1    111.90.139.34 (Malaysia)

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: pierce.fenemoregroup.com
111.90.139.34
1    207.99.40.82 (Wyckoff, United States)

ASN8001 (COLOGIX, US)
astonishedsound.com
4    2606:4700:3031::ac43:92ee (United States)

ASN13335 (CLOUDFLARENET, US)
lynku.jukminung.com
2    2606:4700:3030::6815:4a8d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
3    67.212.184.146 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
rezi.turetou.com
3    51.68.85.158 (Saint-Venant, France)

ASN16276 (OVH, FR)
www.turbotrck.art
1    34.147.1.177 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 177.1.147.34.bc.googleusercontent.com
admoustache.media-412.com
4    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
tonic.eygenci.com
1    185.66.201.43 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.43.skhosting.eu
yuab.online
1    185.66.201.8 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.8.skhosting.eu
ifaba.live
2    65.60.9.235 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
us-1.rwe-twe.com
Apex Domain
Subdomains		 Transfer
4 eygenci.com
tonic.eygenci.com — Cisco Umbrella Rank: 759913
6 KB
4 jukminung.com
lynku.jukminung.com
6 KB
3 turbotrck.art
www.turbotrck.art — Cisco Umbrella Rank: 755346
5 KB
3 turetou.com
rezi.turetou.com — Cisco Umbrella Rank: 911551
5 KB
2 rwe-twe.com
us-1.rwe-twe.com
3 KB
2 addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 373647
2 KB
1 ifaba.live
ifaba.live
314 B
1 yuab.online
yuab.online
760 B
1 media-412.com
admoustache.media-412.com — Cisco Umbrella Rank: 678179
270 B
1 astonishedsound.com
astonishedsound.com
450 B
18 10
Domain Requested by
4 tonic.eygenci.com 1 redirects www.turbotrck.art
tonic.eygenci.com
4 lynku.jukminung.com 1 redirects astonishedsound.com
lynku.jukminung.com
3 www.turbotrck.art 2 redirects rezi.turetou.com
3 rezi.turetou.com lynku.jukminung.com
rezi.turetou.com
2 us-1.rwe-twe.com ifaba.live
us-1.rwe-twe.com
2 cdn.addlnk.com lynku.jukminung.com
tonic.eygenci.com
1 ifaba.live yuab.online
1 yuab.online tonic.eygenci.com
1 admoustache.media-412.com 1 redirects
1 astonishedsound.com
18 10

This site contains no links.

Subject Issuer Validity Valid
astonishedsound.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-13 -
2024-07-12		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-20 -
2024-03-18		 a year crt.sh
addlnk.com
GTS CA 1P5		 2023-06-13 -
2023-09-11		 3 months crt.sh
rezi.turetou.com
R3		 2023-07-03 -
2023-10-01		 3 months crt.sh
www.turbotrck.art
R3		 2023-06-28 -
2023-09-26		 3 months crt.sh
eygenci.com
E1		 2023-05-21 -
2023-08-19		 3 months crt.sh
yuab.online
R3		 2023-07-13 -
2023-10-11		 3 months crt.sh
ifaba.live
R3		 2023-07-13 -
2023-10-11		 3 months crt.sh
us-1.rwe-twe.com
R3		 2023-07-14 -
2023-10-12		 3 months crt.sh

This page contains 3 frames:

Frame: https://us-1.rwe-twe.com/proc.php?14f92aa2e54ffde7264474e31b9d2c24df34f6c4
Frame ID: 16982921653C66DBE523AB35413AA6C4
Requests: 14 HTTP requests in this frame

Frame: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js
Frame ID: 9CCDC444EF361E6CD0720AC19D35CAFC
Requests: 2 HTTP requests in this frame

Frame: https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js
Frame ID: 47A6688DEC07289821D4138F14E53F42
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Click "Allow" To Continue

Page URL History Show full URLs

  1. http://111.90.139.34/1M00.stqo?gAAAAABksavvKbSnNSoAuxljKtLKjp5Jm3tVaWvF7VCBsPmsBo7mJC8VudIiYy7B-p... HTTP 302
    https://astonishedsound.com/176153ffcdee7980000/XXXRgA5kN3mKcc-FRzz7rmoDGc11lwP32xI240c4v/fGVpNgKYbkjjgb... Page URL
  2. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1358652413&pubid=690061 Page URL
  3. https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream... Page URL
  4. https://rezi.turetou.com/?utm_term=7255930707795509254 Page URL
  5. https://rezi.turetou.com/proc.php?0e3c8e89797bde073c27cfd7b8944e0b76c26523 Page URL
  6. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7255930707795509254&website... Page URL
  7. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7255930707795509254&website... HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7255930707795509254&website... HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=3300052bf2054c5d0d0c5fbafad9e653... HTTP 302
    https://tonic.eygenci.com/rc/a91581ead4?affclick=64b23e8a53cc3e0001522807&pubid=503 Page URL
  8. https://yuab.online/282d221ddbe33e9e0645/a043e32e2f/?cv=pub9b868808cece47e28d8877097f74f6c1&plac... Page URL
  9. https://ifaba.live/go.php?go=https%3A%2F%2Fus-1.rwe-twe.com%2F%3Futm_medium%3D02ceea2b5bfb5387f... Page URL
  10. https://us-1.rwe-twe.com/?utm_medium=02ceea2b5bfb5387f47e005c2c1502a9fbfd19b5&utm_campaign=MS-SL-NA&c... Page URL
  11. https://us-1.rwe-twe.com/?utm_term=7255930716385443863 Page URL

Page Statistics

18
Requests

83 %
HTTPS

27 %
IPv6

10
Domains

10
Subdomains

10
IPs

5
Countries

28 kB
Transfer

44 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://111.90.139.34/1M00.stqo?gAAAAABksavvKbSnNSoAuxljKtLKjp5Jm3tVaWvF7VCBsPmsBo7mJC8VudIiYy7B-pHKpMClpFOJpy8JovYvVZ7cqKpgLmWWv5Cx61DxoUmlaUc_bzeMfkvlikkW3T-lLsN7RWwcizm255vHRTIkGJS0mUp6jU-qag==== HTTP 302
    https://astonishedsound.com/176153ffcdee7980000/XXXRgA5kN3mKcc-FRzz7rmoDGc11lwP32xI240c4v/fGVpNgKYbkjjgbWJoIeaPxLpF0BdmQHJ8tQ/r9GM93HoBBeY Page URL
  2. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1358652413&pubid=690061 Page URL
  3. https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=fbbb5665&cid=pub3d026da8fb0149a4b9629b9cb0a3ffba&2=690061 Page URL
  4. https://rezi.turetou.com/?utm_term=7255930707795509254 Page URL
  5. https://rezi.turetou.com/proc.php?0e3c8e89797bde073c27cfd7b8944e0b76c26523 Page URL
  6. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7255930707795509254&website=13260-0b0f7687-472c1f93&placement=13260 Page URL
  7. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7255930707795509254&website=13260-0b0f7687-472c1f93&placement=13260&eyeg=83a20a8866462042e298f34fea191d70&eyer=0.8298487991410348&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7255930707795509254&website=13260-0b0f7687-472c1f93&placement=13260&eyeg=3&eyer=0.8298487991410348&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=3300052bf2054c5d0d0c5fbafad9e6531608b0715-202307-flb*5564921-b2be6*M7255930707795509254*sl_5564921-b2be6*1e6957a419d7129b5076d9875b1b6174aae513e5*13260-0b0f7687-472c1f93*13260 HTTP 302
    https://tonic.eygenci.com/rc/a91581ead4?affclick=64b23e8a53cc3e0001522807&pubid=503 Page URL
  8. https://yuab.online/282d221ddbe33e9e0645/a043e32e2f/?cv=pub9b868808cece47e28d8877097f74f6c1&placementName=560f07ef Page URL
  9. https://ifaba.live/go.php?go=https%3A%2F%2Fus-1.rwe-twe.com%2F%3Futm_medium%3D02ceea2b5bfb5387f47e005c2c1502a9fbfd19b5%26utm_campaign%3DMS-SL-NA%26cid%3D90affC1689403018affc33c410892621a645a441%261%3D29611306&do=3817a4b07dd1615605d492d290937771 Page URL
  10. https://us-1.rwe-twe.com/?utm_medium=02ceea2b5bfb5387f47e005c2c1502a9fbfd19b5&utm_campaign=MS-SL-NA&cid=90affC1689403018affc33c410892621a645a441&1=29611306 Page URL
  11. https://us-1.rwe-twe.com/?utm_term=7255930716385443863 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://111.90.139.34/1M00.stqo?gAAAAABksavvKbSnNSoAuxljKtLKjp5Jm3tVaWvF7VCBsPmsBo7mJC8VudIiYy7B-pHKpMClpFOJpy8JovYvVZ7cqKpgLmWWv5Cx61DxoUmlaUc_bzeMfkvlikkW3T-lLsN7RWwcizm255vHRTIkGJS0mUp6jU-qag==== HTTP 302
  • https://astonishedsound.com/176153ffcdee7980000/XXXRgA5kN3mKcc-FRzz7rmoDGc11lwP32xI240c4v/fGVpNgKYbkjjgbWJoIeaPxLpF0BdmQHJ8tQ/r9GM93HoBBeY
Request Chain 3
  • https://lynku.jukminung.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js
Request Chain 9
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7255930707795509254&website=13260-0b0f7687-472c1f93&placement=13260&eyeg=83a20a8866462042e298f34fea191d70&eyer=0.8298487991410348&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7255930707795509254&website=13260-0b0f7687-472c1f93&placement=13260&eyeg=3&eyer=0.8298487991410348&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=3300052bf2054c5d0d0c5fbafad9e6531608b0715-202307-flb*5564921-b2be6*M7255930707795509254*sl_5564921-b2be6*1e6957a419d7129b5076d9875b1b6174aae513e5*13260-0b0f7687-472c1f93*13260 HTTP 302
  • https://tonic.eygenci.com/rc/a91581ead4?affclick=64b23e8a53cc3e0001522807&pubid=503
Request Chain 11
  • https://tonic.eygenci.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
r9GM93HoBBeY
astonishedsound.com/176153ffcdee7980000/XXXRgA5kN3mKcc-FRzz7rmoDGc11lwP32xI240c4v/fGVpNgKYbkjjgbWJoIeaPxLpF0BdmQHJ8tQ/
Redirect Chain
  • http://111.90.139.34/1M00.stqo?gAAAAABksavvKbSnNSoAuxljKtLKjp5Jm3tVaWvF7VCBsPmsBo7mJC8VudIiYy7B-pHKpMClpFOJpy8JovYvVZ7cqKpgLmWWv5Cx61DxoUmlaUc_bzeMfkvlikkW3T-lLsN7RWwcizm255vHRTIkGJS0mUp6jU-qag====
  • https://astonishedsound.com/176153ffcdee7980000/XXXRgA5kN3mKcc-FRzz7rmoDGc11lwP32xI240c4v/fGVpNgKYbkjjgbWJoIeaPxLpF0BdmQHJ8tQ/r9GM93HoBBeY
137 B
450 B 		Document
General
Check archive.org
Download Go to
Full URL
https://astonishedsound.com/176153ffcdee7980000/XXXRgA5kN3mKcc-FRzz7rmoDGc11lwP32xI240c4v/fGVpNgKYbkjjgbWJoIeaPxLpF0BdmQHJ8tQ/r9GM93HoBBeY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.99.40.82 Wyckoff, United States, ASN8001 (COLOGIX, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
137
Content-Type
text/html; charset=UTF-8
Date
Sat, 15 Jul 2023 06:36:55 GMT
Server
Apache

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sat, 15 Jul 2023 06:36:54 GMT
Location
https://astonishedsound.com/176153ffcdee7980000/XXXRgA5kN3mKcc-FRzz7rmoDGc11lwP32xI240c4v/fGVpNgKYbkjjgbWJoIeaPxLpF0BdmQHJ8tQ/r9GM93HoBBeY
Server
Apache
9e8aef8068
lynku.jukminung.com/rc/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/rc/9e8aef8068?affclick=1358652413&pubid=690061
Requested by
Host: astonishedsound.com
URL: https://astonishedsound.com/176153ffcdee7980000/XXXRgA5kN3mKcc-FRzz7rmoDGc11lwP32xI240c4v/fGVpNgKYbkjjgbWJoIeaPxLpF0BdmQHJ8tQ/r9GM93HoBBeY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a966f5516ff08d4b56b788e47a0b26e429f43f8ce6be6762b68b3428ae1772bc

Request headers

Referer
https://astonishedsound.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e6ffe742b93049b-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Sat, 15 Jul 2023 06:36:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umMjlRV0Q31vl4zKgf2NbOn%2F81H3x9A2cHV6NiPI17OVuS03bNrXB69svj66etKZd48N1xlyGIP4xn%2Bqgj%2Fsqb7YV120bMR1fgLu%2B6YQmx4LCpVEdCpBOu4RijqMp7%2BazR2kF1S4beJFxfrFYwV25czm"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1358652413&pubid=690061
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4a8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 06:36:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NG3WEQ5NJ4PQVZ4F
age
1105
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
QxX22n6jD9gBrjBZ6ohlWbPu+une0ezSYrlZ/gpY7cQk926tnR/U/t0VdL75pShx4aODRqNqN5k=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mNUt0gfn1GJKDifOXsum5RaVI5l5jJZgvncIpKloM6sXZAzdplBDWqMPeCw5DQZFTkVfAdZoP3sGzliqKf5lAmI01AevhRmA6syAYlN7RJbiZcfWCvuZgAnwgdCsSwLMMNuVJKsA3%2FuZuNaMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7e6ffe753f141c32-FRA
invisible.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/ Frame 9CCD
Redirect Chain
  • https://lynku.jukminung.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js
Protocol
H2
Server
2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9233bb764ea44dbe5fba6e0d603b3a4894fa314f393e2b23f39a89f7eea6a5d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 06:36:56 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5qtu2pdPg9VLjeX9tJhdS%2BYzyqzUBTB%2FCr%2FffwU0IcHUC%2Fa5B7b1f4YiHgKHnNr7UcIfwvU2QNs3OVZZVurYBK%2BpKmwZX40Q4cf0l9piPhkAz56Coa7ld%2BIO1waKj9ZNGWW%2Fpn6LuZiteUWK7wnpzCg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7e6ffe757d18049b-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 15 Jul 2023 06:36:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F87pNYEPcqnZbPyAFHV0eKdufHAqy5YKPfPWGYzk7iNO8vFZ5napYQx5y5wyvBEEuDLk97LGN4yEVs%2FZqTP%2Fk80tMsaE1qFrLy8s1qCxOXg5bpHCps2n7Wa9rZfCPppobc%2FBIpy1%2BCu0wQAzvoM4JRD6"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7e6ffe756d06049b-FRA
alt-svc
h3=":443"; ma=86400
7e6ffe742b93049b
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 9CCD 		0
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/7e6ffe742b93049b
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 15 Jul 2023 06:36:56 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdIW26aHjIY8xov0VrqeiulEeypHcUNd0n4%2BtFq0N7Y3keuwrpTSzpNJOhKYi5djyg%2FQOAKmwjYs3kq2ugEW4GdZyTrmXUCr%2Fj0nxDxDPJcokHT6NZrV2IkXQplsJxemvjWR0blzwtTP1WWntGA2iish"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7e6ffe767a404d44-FRA
alt-svc
h3=":443"; ma=86400
/
rezi.turetou.com/ 		1 KB
923 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=fbbb5665&cid=pub3d026da8fb0149a4b9629b9cb0a3ffba&2=690061
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1358652413&pubid=690061
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 15 Jul 2023 06:36:57 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://rezi.turetou.com/?utm_term=7255930707795509254
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
rezi.turetou.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rezi.turetou.com/?utm_term=7255930707795509254
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=fbbb5665&cid=pub3d026da8fb0149a4b9629b9cb0a3ffba&2=690061
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
dafa95eb2d98bc656b1ec6b63611002c4836806707edbef77287a4ab42ab039c

Request headers

Referer
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=fbbb5665&cid=pub3d026da8fb0149a4b9629b9cb0a3ffba&2=690061
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 15 Jul 2023 06:36:57 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
proc.php
rezi.turetou.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rezi.turetou.com/proc.php?0e3c8e89797bde073c27cfd7b8944e0b76c26523
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_term=7255930707795509254
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Referer
https://rezi.turetou.com/?utm_term=7255930707795509254
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 15 Jul 2023 06:36:57 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7255930707795509254&website=13260-0b0f7687-472c1f93&placement=13260
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
www.turbotrck.art/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7255930707795509254&website=13260-0b0f7687-472c1f93&placement=13260
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/proc.php?0e3c8e89797bde073c27cfd7b8944e0b76c26523
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.85.158 Saint-Venant, France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://rezi.turetou.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Sat, 15 Jul 2023 06:36:57 GMT
Transfer-Encoding
chunked
a91581ead4
tonic.eygenci.com/rc/
Redirect Chain
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7255930707795509254&website=13260-0b0f7687-472c1f93&placement=13260&eyeg=83a20a8866462042e298f34fea191d70&eyer=0.829848799...
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7255930707795509254&website=13260-0b0f7687-472c1f93&placement=13260&eyeg=3&eyer=0.8298487991410348&eyei=0&eyew=1600&eyeh=1...
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=3300052bf2054c5d0d0c5fbafad9e6531608b0715-202307-flb*5564921-b2be6*M7255930707795509254*sl_5564921-b2be6*1e6957a419d712...
  • https://tonic.eygenci.com/rc/a91581ead4?affclick=64b23e8a53cc3e0001522807&pubid=503
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tonic.eygenci.com/rc/a91581ead4?affclick=64b23e8a53cc3e0001522807&pubid=503
Requested by
Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7255930707795509254&website=13260-0b0f7687-472c1f93&placement=13260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e62985e33cf4538fadd4dca24e676929288fefff38d1710d86bb17dc3fe606a

Request headers

Referer
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7255930707795509254&website=13260-0b0f7687-472c1f93&placement=13260
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e6ffe7fcfc7915c-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Sat, 15 Jul 2023 06:36:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zD0%2BYhM2RxqchciFktfioNPR%2FjPMfeaScUGatgcKsFsrvBxR69Ifkdv6IM2Pj%2BIx52WL5VhQDER64%2BG68W2isgTyMqjTbCEJqlNn%2BeMYGU4QUwf8YeevZ%2F23L8fMZOWN3eTQpt9L73eQYl7x%2FPWNMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Sat, 15 Jul 2023 06:36:58 GMT
location
https://tonic.eygenci.com/rc/a91581ead4?affclick=64b23e8a53cc3e0001522807&pubid=503
referer
referrer-policy
no-referrer
server
nginx
x-adjust-use-original-forwarded-for
1
redirect.css
cdn.addlnk.com/ 		1 KB
710 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=64b23e8a53cc3e0001522807&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4a8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 06:36:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NG3WEQ5NJ4PQVZ4F
age
1107
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
QxX22n6jD9gBrjBZ6ohlWbPu+une0ezSYrlZ/gpY7cQk926tnR/U/t0VdL75pShx4aODRqNqN5k=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Az5OfLagcKSZ1GbWrIZcxHhXBYLZb7YSXikTrqfpMY4nx5OeWdnmh%2BuljdHKeggn6yq9nnS2uoGVn2d3CmtkzxJc5wcZofzhW%2BR7Dj5OVo44hJUrNTBoOv1xgiXcGSkWYySkzdj1100jt%2BulLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7e6ffe808b871c32-FRA
invisible.js
tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/ Frame 47A6
Redirect Chain
  • https://tonic.eygenci.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js
Protocol
H2
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
664697f4010fd566751c4d651c6fcc9f8c0dcd6814fcbef797fdde4e4150f532
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 06:36:58 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NIvozc19%2Bf%2BHiMaSVHHGU39EjVaGoFAXsZkmBIT7srQvrhWNHFDJ0Ot4orIBwjQ5%2F%2BnzMg8X1GM5rhOv3C%2BJtEFi%2BvxxdRiPBBVy5vN8J7j5JPyNrTs1WDQaUetOa2iemh2ZVClYHitqvKrtH1r8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7e6ffe80b884915c-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 15 Jul 2023 06:36:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCsHP9flaxyrJq0fOTFnAXG7ZNhe1qrltdeS22ODPAbZzQzW3h8ru0rzWkMwHIu%2FPXG6IwGC5p4nEPwchji9%2FWHMpb3UD3509Gb6fd24UVXt4%2B8ZJ%2FsUSfGHD5KEOh6cYsE7wLT0qtWtA8xRLF0SAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7e6ffe80a86e915c-FRA
alt-svc
h3=":443"; ma=86400
7e6ffe7fcfc7915c
tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 47A6 		0
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/cv/result/7e6ffe7fcfc7915c
Requested by
Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 15 Jul 2023 06:36:58 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOuFM4FhrEF4JMrsBOdzcD2T7zU2e%2B42o5KVC4Z3Tvi41h5%2FjMDL3%2BfUDcgJceW7uEr59xqVyAzUkCpw74rQ5eJwOuAKti2iVaj1NhMfm%2BY%2BxLFw5hEP9awrMFdKV0khv%2BXhKKuG5xr3cokcPv7HVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7e6ffe81b8a69250-FRA
alt-svc
h3=":443"; ma=86400
/
yuab.online/282d221ddbe33e9e0645/a043e32e2f/ 		692 B
760 B 		Document
General
Check archive.org
Download Go to
Full URL
https://yuab.online/282d221ddbe33e9e0645/a043e32e2f/?cv=pub9b868808cece47e28d8877097f74f6c1&placementName=560f07ef
Requested by
Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=64b23e8a53cc3e0001522807&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.201.43 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.201.43.skhosting.eu
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 15 Jul 2023 06:36:58 GMT
expires
Sun, 01 Jan 2014 00:00:00 GMT
pragma
no-cache
server
nginx
x-robots-tag
noindex,nofollow
go.php
ifaba.live/ 		641 B
314 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ifaba.live/go.php?go=https%3A%2F%2Fus-1.rwe-twe.com%2F%3Futm_medium%3D02ceea2b5bfb5387f47e005c2c1502a9fbfd19b5%26utm_campaign%3DMS-SL-NA%26cid%3D90affC1689403018affc33c410892621a645a441%261%3D29611306&do=3817a4b07dd1615605d492d290937771
Requested by
Host: yuab.online
URL: https://yuab.online/282d221ddbe33e9e0645/a043e32e2f/?cv=pub9b868808cece47e28d8877097f74f6c1&placementName=560f07ef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.201.8 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.201.8.skhosting.eu
Software
nginx /
Resource Hash

Request headers

Referer
https://yuab.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 15 Jul 2023 06:36:58 GMT
server
nginx
/
us-1.rwe-twe.com/ 		1 KB
927 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-1.rwe-twe.com/?utm_medium=02ceea2b5bfb5387f47e005c2c1502a9fbfd19b5&utm_campaign=MS-SL-NA&cid=90affC1689403018affc33c410892621a645a441&1=29611306
Requested by
Host: ifaba.live
URL: https://ifaba.live/go.php?go=https%3A%2F%2Fus-1.rwe-twe.com%2F%3Futm_medium%3D02ceea2b5bfb5387f47e005c2c1502a9fbfd19b5%26utm_campaign%3DMS-SL-NA%26cid%3D90affC1689403018affc33c410892621a645a441%261%3D29611306&do=3817a4b07dd1615605d492d290937771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.60.9.235 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Referer
https://ifaba.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 15 Jul 2023 06:36:59 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://us-1.rwe-twe.com/?utm_term=7255930716385443863
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
Primary Request /
us-1.rwe-twe.com/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-1.rwe-twe.com/?utm_term=7255930716385443863
Requested by
Host: us-1.rwe-twe.com
URL: https://us-1.rwe-twe.com/?utm_medium=02ceea2b5bfb5387f47e005c2c1502a9fbfd19b5&utm_campaign=MS-SL-NA&cid=90affC1689403018affc33c410892621a645a441&1=29611306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.60.9.235 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
08c85379f51eab115e78cc3b75e3b82ac93dde294ef92b9fecd0f16c60dec9b3

Request headers

Referer
https://us-1.rwe-twe.com/?utm_medium=02ceea2b5bfb5387f47e005c2c1502a9fbfd19b5&utm_campaign=MS-SL-NA&cid=90affC1689403018affc33c410892621a645a441&1=29611306
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 15 Jul 2023 06:36:59 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
proc.php
us-1.rwe-twe.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
us-1.rwe-twe.com
URL
https://us-1.rwe-twe.com/proc.php?14f92aa2e54ffde7264474e31b9d2c24df34f6c4

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend string| pm_appKey function| pm_denyAction string| pm_tag function| pm_allowAction

9 Cookies

Domain/Path Name / Value
yuab.online/282d221ddbe33e9e0645/a043e32e2f Name: shown1
Value: 0
yuab.online/282d221ddbe33e9e0645/a043e32e2f Name: total_impressions
Value: 1
astonishedsound.com/ Name: uid15295
Value: 1358652413-20230715023656-a182c9661e1efbc2e4fb1af2a2d20d00-
lynku.jukminung.com/ Name: AWSALB
Value: TET0AlGluwVGiF59Dhpf04QdoMdQ2eNU8HUwImaazjXmG0nWyVpm4fKnG4UxIJ3XUmFJwg1lluY5CNbiuB27E9vR2k65R3HVm5NQsqybw+8wnFJ3di4FGDW/x793
.jukminung.com/ Name: __cf_bm
Value: xWJGdwJ97tK1M4qyLaYPpwKLeOo6yACnzE4ypspYsLg-1689403016-0-ARqE1shw9QKCkpPVqXRtxrH9yBAkaNLCB8tN3xgsFZ5zIayMJHsEJtpst06DOGVPBg==
admoustache.media-412.com/ Name: afclick
Value: 64b23e8a53cc3e0001522807
tonic.eygenci.com/ Name: AWSALB
Value: Q2WHDkLFK2TGWOIgP+Y61q/ox3qaO1DLLSzJZC6xLXia3O8SymW8E0C5agLaz79r6YzTwYfbvQYY/U5+/QGh1w7bGDoqme8y6lImmJqxE/oTX3A9x8BsMr2PG3Ki
.eygenci.com/ Name: __cf_bm
Value: F_Cjd5gwx7hARQRIkAb6X3a1xg2NjN8lTD7NSIGeAWA-1689403018-0-AepKbdcokVYOTGktv4rq96V70OtyEct2BjAZsb7q9Ta9LOtfGI29vKli9AO3quvoTw==
yuab.online/ Name: used_ad2615678
Value: 1