dolpusads.aftrad-visit.com Open in urlscan Pro
104.26.6.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://opeyyuh.whuhgamef.life/?utm_medium=195a7a84693f9dd6d1851d0f90faeef0e8a443c8&utm_campaign=smsep&1=67&2=8a0b16c522eaa9dd8...
Effective URL:
https://dolpusads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=34&network_id=1&click_id=65a995997dc81c000107115a&so...
Submission: On January 18 via api (January 18th 2024, 9:18:32 pm UTC) from US — Scanned from US

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 5 countries across 9 domains to perform 10 HTTP transactions. The main IP is 104.26.6.190, located in and belongs to CLOUDFLARENET, US. The main domain is dolpusads.aftrad-visit.com.
TLS certificate: Issued by GTS CA 1P5 on December 8th 2023. Valid for: 3 months.

This is the only time dolpusads.aftrad-visit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::6815:1e95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3037::ac43:ad2e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	51.68.82.147 51.68.82.147	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3030::ac43:b19a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::ac43:b9bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	67.212.173.76 67.212.173.76	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	34.90.46.36 34.90.46.36	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.26.6.190 104.26.6.190	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.90.14.205 34.90.14.205	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	94.237.99.118 94.237.99.118	202053 (UPCLOUD) (UPCLOUD)
10	7

1 2606:4700:3036::6815:1e95 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

opeyyuh.whuhgamef.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:ad2e (United States)

ASN13335 (CLOUDFLARENET, US)

opeyyuh.whuhgamef.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.68.82.147 (France) 4 redirects

ASN16276 (OVH, FR)

www.cimentbuilder.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:b19a (United States)

ASN13335 (CLOUDFLARENET, US)

yfuh.ningutengo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:b9bc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.addlnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.212.173.76 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

uzi.tguzi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.90.46.36 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.46.90.34.bc.googleusercontent.com

admoustache.media-412.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.6.190 (None, )

ASN13335 (CLOUDFLARENET, US)

dolpusads.aftrad-visit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.90.14.205 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 205.14.90.34.bc.googleusercontent.com

lightdigital.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.237.99.118 (Finland)

ASN202053 (UPCLOUD, FI)
PTR: 94-237-99-118.de-fra1.upcloud.host

12665a401041.tc2qwerty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	cimentbuilder.one 4 redirects www.cimentbuilder.one	10 KB
3	whuhgamef.life 1 redirects opeyyuh.whuhgamef.life	6 KB
2	tguzi.com uzi.tguzi.com	4 KB
1	tc2qwerty.com 12665a401041.tc2qwerty.com
1	g2afse.com 1 redirects lightdigital.g2afse.com	156 B
1	aftrad-visit.com dolpusads.aftrad-visit.com	591 B
1	media-412.com 1 redirects admoustache.media-412.com	310 B
1	addlnk.com cdn.addlnk.com — Cisco Umbrella Rank: 467436	1 KB
1	ningutengo.com yfuh.ningutengo.com	1 KB
10	9

	Domain	Requested by
6	www.cimentbuilder.one	4 redirects opeyyuh.whuhgamef.life uzi.tguzi.com
3	opeyyuh.whuhgamef.life	1 redirects opeyyuh.whuhgamef.life
2	uzi.tguzi.com	yfuh.ningutengo.com uzi.tguzi.com
1	12665a401041.tc2qwerty.com	dolpusads.aftrad-visit.com
1	lightdigital.g2afse.com	1 redirects
1	dolpusads.aftrad-visit.com	www.cimentbuilder.one
1	admoustache.media-412.com	1 redirects
1	cdn.addlnk.com	yfuh.ningutengo.com
1	yfuh.ningutengo.com	www.cimentbuilder.one
10	9

This site contains no links.

Subject Issuer	Validity	Valid
whuhgamef.life GTS CA 1P5	`2024-01-07` - `2024-04-06`	3 months	crt.sh
www.cimentbuilder.one R3	`2024-01-15` - `2024-04-14`	3 months	crt.sh
ningutengo.com GTS CA 1P5	`2023-12-06` - `2024-03-05`	3 months	crt.sh
addlnk.com GTS CA 1P5	`2023-12-07` - `2024-03-06`	3 months	crt.sh
uzi.tguzi.com R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh
aftrad-visit.com GTS CA 1P5	`2023-12-08` - `2024-03-07`	3 months	crt.sh
tc2qwerty.com R3	`2023-11-17` - `2024-02-15`	3 months	crt.sh

This page contains 1 frames:

Frame: https://12665a401041.tc2qwerty.com/?p=6304&media_type=mainstream&click_id=
Frame ID: 873073C83FDF03E870D0DA3E386C2F65
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://opeyyuh.whuhgamef.life/?utm_medium=195a7a84693f9dd6d1851d0f90faeef0e8a443c8&utm_campaign=smsep&1=67... HTTP 301
https://opeyyuh.whuhgamef.life/?utm_medium=195a7a84693f9dd6d1851d0f90faeef0e8a443c8&utm_campaign=smsep&1=67... Page URL
https://opeyyuh.whuhgamef.life/proc.php?29603ca7f2bfb9efe1fbc16572574e55ecc26a4b Page URL
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550736094265426&website... Page URL
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550736094265426&website... HTTP 302
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550736094265426&website... HTTP 302
https://yfuh.ningutengo.com/rc/7edf752b35?pubid=pubid&affclick=8269861913132790257 Page URL
https://uzi.tguzi.com/?utm_medium=226c76fec428b59fbe6cfec4185643de26d2506c&utm_campaign=mainstream... Page URL
https://uzi.tguzi.com/proc.php?6180802e0e33ffe35442b39a53ac472384738bc0 Page URL
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550744684200021&website... Page URL
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550744684200021&website... HTTP 302
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550744684200021&website... HTTP 302
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330000f5db51b9dfea0df69444b6ef25... HTTP 302
https://dolpusads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=34&network_id=1&click_id=65a9959... Page URL

Page Statistics

10
Requests

100 %
HTTPS

40 %
IPv6

9
Domains

9
Subdomains

7
IPs

5
Countries

21 kB
Transfer

31 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://opeyyuh.whuhgamef.life/?utm_medium=195a7a84693f9dd6d1851d0f90faeef0e8a443c8&utm_campaign=smsep&1=67&2=8a0b16c522eaa9dd8c2cbb11df9725aef9bf7ab7&cid=8a0b16c522eaa9dd8c2cbb11df9725aef9bf7ab7 HTTP 301
https://opeyyuh.whuhgamef.life/?utm_medium=195a7a84693f9dd6d1851d0f90faeef0e8a443c8&utm_campaign=smsep&1=67&2=8a0b16c522eaa9dd8c2cbb11df9725aef9bf7ab7&cid=8a0b16c522eaa9dd8c2cbb11df9725aef9bf7ab7 Page URL
https://opeyyuh.whuhgamef.life/proc.php?29603ca7f2bfb9efe1fbc16572574e55ecc26a4b Page URL
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550736094265426&website=23985-da87869d-9fa40696&placement=23985 Page URL
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550736094265426&website=23985-da87869d-9fa40696&placement=23985&eyeg=f433cde94e96228c7436afe16cfad681&eyer=0.43963074836015337&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=opeyyuh.whuhgamef.life HTTP 302
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550736094265426&website=23985-da87869d-9fa40696&placement=23985&eyeg=3&eyer=0.43963074836015337&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=opeyyuh.whuhgamef.life HTTP 302
https://yfuh.ningutengo.com/rc/7edf752b35?pubid=pubid&affclick=8269861913132790257 Page URL
https://uzi.tguzi.com/?utm_medium=226c76fec428b59fbe6cfec4185643de26d2506c&utm_campaign=mainstream_redirect&1=85bd45a3&cid=pubcaf20c93d39b4ad09905d902b41eac1c&2=pubid Page URL
https://uzi.tguzi.com/proc.php?6180802e0e33ffe35442b39a53ac472384738bc0 Page URL
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550744684200021&website=13260-d96fda31-042d62db&placement=13260 Page URL
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550744684200021&website=13260-d96fda31-042d62db&placement=13260&eyeg=5c9e9b08479c0b51e59b6d1988107c77&eyer=0.6539260078438625&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=uzi.tguzi.com HTTP 302
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550744684200021&website=13260-d96fda31-042d62db&placement=13260&eyeg=3&eyer=0.6539260078438625&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=uzi.tguzi.com HTTP 302
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330000f5db51b9dfea0df69444b6ef25e75590118-202401-flb*5738009-ccc5a*M7325550744684200021*sl_5738009-ccc5a*f6c2658ecf66b3555385b892f899fb6ae191121c*13260-d96fda31-042d62db*13260 HTTP 302
https://dolpusads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=34&network_id=1&click_id=65a995997dc81c000107115a&source=503 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://opeyyuh.whuhgamef.life/?utm_medium=195a7a84693f9dd6d1851d0f90faeef0e8a443c8&utm_campaign=smsep&1=67&2=8a0b16c522eaa9dd8c2cbb11df9725aef9bf7ab7&cid=8a0b16c522eaa9dd8c2cbb11df9725aef9bf7ab7 HTTP 301
https://opeyyuh.whuhgamef.life/?utm_medium=195a7a84693f9dd6d1851d0f90faeef0e8a443c8&utm_campaign=smsep&1=67&2=8a0b16c522eaa9dd8c2cbb11df9725aef9bf7ab7&cid=8a0b16c522eaa9dd8c2cbb11df9725aef9bf7ab7

Request Chain 3

https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550736094265426&website=23985-da87869d-9fa40696&placement=23985&eyeg=f433cde94e96228c7436afe16cfad681&eyer=0.43963074836015337&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=opeyyuh.whuhgamef.life HTTP 302
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550736094265426&website=23985-da87869d-9fa40696&placement=23985&eyeg=3&eyer=0.43963074836015337&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=opeyyuh.whuhgamef.life HTTP 302
https://yfuh.ningutengo.com/rc/7edf752b35?pubid=pubid&affclick=8269861913132790257

Request Chain 8

https://lightdigital.g2afse.com/click?pid=285&offer_id=6849&sub1=201gm9ctpEfeYUgxvqbbgYatoD9RtfhFHFrzvdGM4xHS5h2f92GhPXbYUGiNomZLndiLuu&sub2=1B5DbNJdK HTTP 302
https://12665a401041.tc2qwerty.com/?p=6304&media_type=mainstream&click_id=

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response opeyyuh.whuhgamef.life/ Redirect Chain http://opeyyuh.whuhgamef.life/?utm_medium=195a7a84693f9dd6d1851d0f90faeef0e8a443c8&utm_campaign=smsep&1=67&2=8a0b16c522eaa9dd8c2cbb11df9725aef9bf7ab7&cid=8a0b16c522eaa9dd8c2cbb11df9725aef9bf7ab7 https://opeyyuh.whuhgamef.life/?utm_medium=195a7a84693f9dd6d1851d0f90faeef0e8a443c8&utm_campaign=smsep&1=67&2=8a0b16c522eaa9dd8c2cbb11df9725aef9bf7ab7&cid=8a0b16c522eaa9dd8c2cbb11df9725aef9bf7ab7	9 KB 3 KB	182ms 112ms	Document text/html	2606:4700:3037::ac43:ad2e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://opeyyuh.whuhgamef.life/?utm_medium=195a7a84693f9dd6d1851d0f90faeef0e8a443c8&utm_campaign=smsep&1=67&2=8a0b16c522eaa9dd8c2cbb11df9725aef9bf7ab7&cid=8a0b16c522eaa9dd8c2cbb11df9725aef9bf7ab7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:ad2e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.3.1 Resource Hash `744420dcd732a2725aab5efb5cd2da532f34715bbdd0078ac928e8e9573e0c4e` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ch Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, max-age=0 cf-cache-status DYNAMIC cf-ray 8479de870a704bd8-BUF content-encoding br content-type text/html; charset=utf-8 date Thu, 18 Jan 2024 21:18:13 GMT expires Thu, 01 Jan 1970 00:00:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IILsh6mTvM3hdlZO4af%2Bps4v0V3JNlO2Egoa5yHB%2BM9mR8XQ28UAFaZCzRD3seg8Jv9Z7El5Vt7G5Z6TrcdqUu5%2Brpq%2Fvg4tLqECdCpUWs1KoO3v86m3CgzObs3jNXrb1AMFPhYlzjVcC9EMbcAByjSLwy76"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/8.3.1 Redirect headers CF-Cache-Status DYNAMIC CF-RAY 8479de862ad74bcf-BUF Connection keep-alive Content-Type text/html Date Thu, 18 Jan 2024 21:18:13 GMT Location https://opeyyuh.whuhgamef.life/?utm_medium=195a7a84693f9dd6d1851d0f90faeef0e8a443c8&utm_campaign=smsep&1=67&2=8a0b16c522eaa9dd8c2cbb11df9725aef9bf7ab7&cid=8a0b16c522eaa9dd8c2cbb11df9725aef9bf7ab7 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLczWS0uUUUosdKDF73uusuOIJUybnnrMRCDJP9ccvn5YaYiq3y4wTacAzsaJJmTTnMGFp7JC%2B07XjkUp7j%2FgXaEXPvUN3TWGMRQvrlAq5kTEyAtkDdDhFrZ0%2F2uzjKTRVUM8YMmGKiN0e9y4BrzhsP%2BtQQq"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked alt-svc h3=":443"; ma=86400
GET H3	200	proc.php opeyyuh.whuhgamef.life/	1 KB 1 KB	87ms 87ms	Document text/html	2606:4700:3037::ac43:ad2e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://opeyyuh.whuhgamef.life/proc.php?29603ca7f2bfb9efe1fbc16572574e55ecc26a4b Requested by Host: opeyyuh.whuhgamef.life URL: https://opeyyuh.whuhgamef.life/?utm_medium=195a7a84693f9dd6d1851d0f90faeef0e8a443c8&utm_campaign=smsep&1=67&2=8a0b16c522eaa9dd8c2cbb11df9725aef9bf7ab7&cid=8a0b16c522eaa9dd8c2cbb11df9725aef9bf7ab7 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:ad2e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.3.1 Resource Hash Request headers Referer https://opeyyuh.whuhgamef.life/?utm_medium=195a7a84693f9dd6d1851d0f90faeef0e8a443c8&utm_campaign=smsep&1=67&2=8a0b16c522eaa9dd8c2cbb11df9725aef9bf7ab7&cid=8a0b16c522eaa9dd8c2cbb11df9725aef9bf7ab7 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ch Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, max-age=0 cf-cache-status DYNAMIC cf-ray 8479de8a8c704bc6-BUF content-encoding br content-type text/html; charset=UTF-8 date Thu, 18 Jan 2024 21:18:14 GMT expires Thu, 01 Jan 1970 00:00:00 GMT location https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550736094265426&website=23985-da87869d-9fa40696&placement=23985 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWDmuNstJqLZN%2FdqL%2FH9FQ75ttPSMS7fjHaAtbe%2FcdMctUoTV%2F4dYMZk6MDhED8RSUT%2BsLt5DdRM8gtRWtNqG4loVGBme%2F4yyoyewMb%2FSANeR5Rln5l0rdzHImxm3jBpwH6pVP%2BW%2F%2FUL6Irjri%2F58Q1e05id"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/8.3.1
GET H/1.1	200 OK	/ www.cimentbuilder.one/	4 KB 4 KB	461ms 118ms	Document text/html	51.68.82.147 OVH
General Check archive.org Show headers Download Go to Full URL https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550736094265426&website=23985-da87869d-9fa40696&placement=23985 Requested by Host: opeyyuh.whuhgamef.life URL: https://opeyyuh.whuhgamef.life/proc.php?29603ca7f2bfb9efe1fbc16572574e55ecc26a4b Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.68.82.147 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash Request headers Referer https://opeyyuh.whuhgamef.life/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Accept-CH Sec-CH-UA-Platform-Version Cache-Control no-transform Connection keep-alive Content-Type text/html Date Thu, 18 Jan 2024 21:18:14 GMT Transfer-Encoding chunked
GET H2	200	7edf752b35 Show response yfuh.ningutengo.com/rc/ Redirect Chain https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550736094265426&website=23985-da87869d-9fa40696&placement=23985&eyeg=f433cde94e96228c7436afe16cfad681&eyer=0.43963... https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550736094265426&website=23985-da87869d-9fa40696&placement=23985&eyeg=3&eyer=0.43963074836015337&eyei=0&eyew=1600&e... https://yfuh.ningutengo.com/rc/7edf752b35?pubid=pubid&affclick=8269861913132790257	1 KB 1 KB	357ms 247ms	Document text/html	2606:4700:3030::ac43:b19a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://yfuh.ningutengo.com/rc/7edf752b35?pubid=pubid&affclick=8269861913132790257 Requested by Host: www.cimentbuilder.one URL: https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550736094265426&website=23985-da87869d-9fa40696&placement=23985 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b19a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3797ca2a587583651d05620b0db9aa22d026484cb8da09c83dcc93a90fbe9c49` Request headers Referer https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550736094265426&website=23985-da87869d-9fa40696&placement=23985 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8479de90bfc96aee-BUF content-encoding br content-language en content-type text/html; charset=utf-8 date Thu, 18 Jan 2024 21:18:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRoPAYQppItDDysI%2By04%2BsjHN%2F7uqi%2FhO9D%2BnfOvvL4sINHn4ywwndxW4FORqYSzWAK9Z%2FLkSxg8n3yb9InYTXcfOA5jVqqicVXZr2yHH5A9O5qsNpWFreYEVHqJMeuG4x06ygkwOXnklrD9cdA3FIo4"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding, Accept-Language, Cookie Redirect headers Cache-Control no-transform Connection keep-alive Content-Length 0 Date Thu, 18 Jan 2024 21:18:14 GMT Location https://yfuh.ningutengo.com/rc/7edf752b35?pubid=pubid&affclick=8269861913132790257
GET H2	200	redirect.css cdn.addlnk.com/	1 KB 1 KB	232ms 57ms	Stylesheet text/css	2606:4700:3033::ac43:b9bc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.addlnk.com/redirect.css Requested by Host: yfuh.ningutengo.com URL: https://yfuh.ningutengo.com/rc/7edf752b35?pubid=pubid&affclick=8269861913132790257 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:b9bc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1` Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Thu, 18 Jan 2024 21:18:15 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id Q6BX7H4Y36KH9ZWF age 4112 cf-polished origSize=1680 alt-svc h3=":443"; ma=86400 x-amz-id-2 0mCWYf5g9stmw+6x+m6ZAELlZL+U+FzBEU/9akXKyMXLv/9ju/lrlYEJnu5o1MUt2/j7IT6SO/kCxWHT0fkjIA== cf-bgj minify last-modified Wed, 13 Mar 2019 00:03:12 GMT server cloudflare etag W/"3ae56d32551602b41f9046c14d1cfde2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4PP7%2BwLRkdXXFyUx4xvpsTdKQ9sL8vs7SjjhaO4g8fyUL4TwpGkpdRdPERHx4z1zJeoZ9S1hg1Q9IYkAO72CcKIcoKA486K4Tu9P8Ob56kyy3ffE8gWShzd93IL1DXJa5x69NCGKqIAxW4xrg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cf-ray 8479de938eae4bc7-BUF
GET H2	200	/ Show response uzi.tguzi.com/	8 KB 3 KB	151ms 30ms	Document text/html	67.212.173.76 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Full URL https://uzi.tguzi.com/?utm_medium=226c76fec428b59fbe6cfec4185643de26d2506c&utm_campaign=mainstream_redirect&1=85bd45a3&cid=pubcaf20c93d39b4ad09905d902b41eac1c&2=pubid Requested by Host: yfuh.ningutengo.com URL: https://yfuh.ningutengo.com/rc/7edf752b35?pubid=pubid&affclick=8269861913132790257 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.212.173.76 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS server04.com-2.mobi Software nginx / PHP/8.3.1 Resource Hash `2f72e47d33d13050aa6c8303b6932af974702dc37461a23135a4cfb8b6de832b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ch Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version cache-control no-store, no-cache, must-revalidate, max-age=0 content-encoding gzip content-type text/html; charset=utf-8 date Thu, 18 Jan 2024 21:18:15 GMT expires Thu, 01 Jan 1970 00:00:00 GMT pragma no-cache server nginx vary Accept-Encoding x-powered-by PHP/8.3.1
GET H2	200	proc.php uzi.tguzi.com/	1 KB 1 KB	43ms 25ms	Document text/html	67.212.173.76 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Full URL https://uzi.tguzi.com/proc.php?6180802e0e33ffe35442b39a53ac472384738bc0 Requested by Host: uzi.tguzi.com URL: https://uzi.tguzi.com/?utm_medium=226c76fec428b59fbe6cfec4185643de26d2506c&utm_campaign=mainstream_redirect&1=85bd45a3&cid=pubcaf20c93d39b4ad09905d902b41eac1c&2=pubid Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.212.173.76 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS server04.com-2.mobi Software nginx / PHP/8.3.1 Resource Hash Request headers Referer https://uzi.tguzi.com/?utm_medium=226c76fec428b59fbe6cfec4185643de26d2506c&utm_campaign=mainstream_redirect&1=85bd45a3&cid=pubcaf20c93d39b4ad09905d902b41eac1c&2=pubid Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ch Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version cache-control no-store, no-cache, must-revalidate, max-age=0 content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 18 Jan 2024 21:18:16 GMT expires Thu, 01 Jan 1970 00:00:00 GMT location https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550744684200021&website=13260-d96fda31-042d62db&placement=13260 pragma no-cache server nginx vary Accept-Encoding x-powered-by PHP/8.3.1
GET H/1.1	200 OK	/ www.cimentbuilder.one/	4 KB 4 KB	151ms 118ms	Document text/html	51.68.82.147 OVH
General Check archive.org Show headers Download Go to Full URL https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550744684200021&website=13260-d96fda31-042d62db&placement=13260 Requested by Host: uzi.tguzi.com URL: https://uzi.tguzi.com/proc.php?6180802e0e33ffe35442b39a53ac472384738bc0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.68.82.147 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash Request headers Referer https://uzi.tguzi.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Accept-CH Sec-CH-UA-Platform-Version Cache-Control no-transform Connection keep-alive Content-Type text/html Date Thu, 18 Jan 2024 21:18:16 GMT Transfer-Encoding chunked
GET H2	200	Primary Request smartlink Show response dolpusads.aftrad-visit.com/track/ Redirect Chain https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550744684200021&website=13260-d96fda31-042d62db&placement=13260&eyeg=5c9e9b08479c0b51e59b6d1988107c77&eyer=0.65392... https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550744684200021&website=13260-d96fda31-042d62db&placement=13260&eyeg=3&eyer=0.6539260078438625&eyei=0&eyew=1600&ey... https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330000f5db51b9dfea0df69444b6ef25e75590118-202401-flb5738009-ccc5aM7325550744684200021sl_5738009-ccc5af6c2658ecf66b3... https://dolpusads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=34&network_id=1&click_id=65a995997dc81c000107115a&source=503	198 B 591 B	267ms 146ms	Document text/html	104.26.6.190 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dolpusads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=34&network_id=1&click_id=65a995997dc81c000107115a&source=503 Requested by Host: www.cimentbuilder.one URL: https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550744684200021&website=13260-d96fda31-042d62db&placement=13260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.6.190 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `879747848409df1478a903e84a42bfcf6bc66dd285d3dfe18925908c5f056d43` Request headers Referer https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325550744684200021&website=13260-d96fda31-042d62db&placement=13260 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 8479de9e2d913a06-YYZ content-encoding br content-type text/html; charset=utf-8 date Thu, 18 Jan 2024 21:18:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2Z2ADrlLbnbgmhElOLO1130raCPD5Q2HpUvsPNGKxdsh6QJy377qvA9AqJ0yLve6zSQmYwubUSsUlGYyqavNV2l%2FrEqTE5YuuY19XZAEaJWCBjJ%2FJLbQnoWDDr%2Bg1YvLJqZaOFPPaV%2FdisT"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers access-control-allow-origin * content-length 0 date Thu, 18 Jan 2024 21:18:17 GMT location https://dolpusads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=34&network_id=1&click_id=65a995997dc81c000107115a&source=503 referer referrer-policy no-referrer server nginx x-adjust-use-original-forwarded-for 1
GET H2	204	/ 12665a401041.tc2qwerty.com/ Redirect Chain https://lightdigital.g2afse.com/click?pid=285&offer_id=6849&sub1=201gm9ctpEfeYUgxvqbbgYatoD9RtfhFHFrzvdGM4xHS5h2f92GhPXbYUGiNomZLndiLuu&sub2=1B5DbNJdK https://12665a401041.tc2qwerty.com/?p=6304&media_type=mainstream&click_id=	0 0	531ms 113ms	Document text/html	94.237.99.118 UPCLOUD
General Check archive.org Show headers Download Go to Full URL https://12665a401041.tc2qwerty.com/?p=6304&media_type=mainstream&click_id= Requested by Host: dolpusads.aftrad-visit.com URL: https://dolpusads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=34&network_id=1&click_id=65a995997dc81c000107115a&source=503 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.237.99.118 , Finland, ASN202053 (UPCLOUD, FI), Reverse DNS 94-237-99-118.de-fra1.upcloud.host Software / Resource Hash Request headers Referer https://dolpusads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=34&network_id=1&click_id=65a995997dc81c000107115a&source=503 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-type text/html; charset=UTF-8 date Thu, 18 Jan 2024 21:18:18 GMT x-traffic-status BISP Redirect headers access-control-allow-origin * content-length 0 date Thu, 18 Jan 2024 21:18:17 GMT location https://12665a401041.tc2qwerty.com/?p=6304&media_type=mainstream&click_id= server nginx x-adjust-use-original-forwarded-for 1

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			yfuh.ningutengo.com/	1970-01-20 17:56:57	Name: AWSALB Value: drtvazlRmJi+cR42Z2Y4AlGZu3iXVaSpQaUkqW6VmJ6O0QkLt4g62ubv3pf+Qm2JsAcgBn4cpIK6XpzwjdUnLhHm/IOCKMjqlLwomYhCxHvNzQHd2j7wsyGSh/WV
			admoustache.media-412.com/	1970-01-21 02:32:28	Name: afclick Value: 65a995997dc81c000107115a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12665a401041.tc2qwerty.com
admoustache.media-412.com
cdn.addlnk.com
dolpusads.aftrad-visit.com
lightdigital.g2afse.com
opeyyuh.whuhgamef.life
uzi.tguzi.com
www.cimentbuilder.one
yfuh.ningutengo.com
104.26.6.190
2606:4700:3030::ac43:b19a
2606:4700:3033::ac43:b9bc
2606:4700:3036::6815:1e95
2606:4700:3037::ac43:ad2e
34.90.14.205
34.90.46.36
51.68.82.147
67.212.173.76
94.237.99.118
2f72e47d33d13050aa6c8303b6932af974702dc37461a23135a4cfb8b6de832b
3797ca2a587583651d05620b0db9aa22d026484cb8da09c83dcc93a90fbe9c49
744420dcd732a2725aab5efb5cd2da532f34715bbdd0078ac928e8e9573e0c4e
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
879747848409df1478a903e84a42bfcf6bc66dd285d3dfe18925908c5f056d43

dolpusads.aftrad-visit.com Open in urlscan Pro 104.26.6.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

40 %IPv6

9 Domains

9 Subdomains

7 IPs

5 Countries

21 kBTransfer

31 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Indicators

dolpusads.aftrad-visit.com Open in urlscan Pro
104.26.6.190 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

40 %
IPv6

9
Domains

9
Subdomains

7
IPs

5
Countries

21 kB
Transfer

31 kB
Size

2
Cookies

10 HTTP transactions
0 data transactions