urlscan.io logo urlscan.io
SecurityTrails logo

ps.popcash.net Open in urlscan Pro
3.228.63.1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://topictraff.com/l/270285362a1cdd4846f9
Effective URL: http://ps.popcash.net/go/78036/145866/
Submission: On December 19 via api from JP — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 10 domains to perform 5 HTTP transactions. The main IP is 3.228.63.1, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is ps.popcash.net. The Cisco Umbrella rank of the primary domain is 217977.
This is the only time ps.popcash.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

download 583 B text/plain
MIME: ASCII text, with CRLF line terminators
Size: 583 B (583 bytes, 100% done)
Downloaded from: https://evexfan.com/bankofamerica/online.php

Domain & IP information

IP Address AS Autonomous System
1 3 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2 51.161.115.163 16276 (OVH)
1 1 5.161.78.177 213230 (HETZNER-C...)
1 1 23.235.251.114 19437 (SS-ASH)
1 1 198.211.113.186 14061 (DIGITALOC...)
1 1 192.241.144.203 14061 (DIGITALOC...)
1 2 172.64.204.32 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 3.228.63.1 14618 (AMAZON-AES)
1 1 148.251.234.93 24940 (HETZNER-AS)
1 192.185.109.96 19871 (NETWORK-S...)
5 4
3    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
topictraff.com
2    51.161.115.163 (Canada)

ASN16276 (OVH, FR)
PTR: ns572483.ip-51-161-115.net
t3.lowtid.com
t5.lowtid.com
1    5.161.78.177 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.177.78.161.5.clients.your-server.de
pdxx-7fmavzpxk2xlm-4-2.lowsea.fun
1    23.235.251.114 (Ashburn, United States)

ASN19437 (SS-ASH, US)
21.us.tealwinds.xyz
1    198.211.113.186 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
redir.blowingwind.xyz
1    192.241.144.203 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
c.mybestclick.net
2    172.64.204.32 (United States)

ASN13335 (CLOUDFLARENET, US)
adp13a.com
1    2606:4700:3035::6815:3426 (United States)

ASN13335 (CLOUDFLARENET, US)
popcash.net
2    3.228.63.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-63-1.compute-1.amazonaws.com
ps.popcash.net
1    148.251.234.93 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: iplogger.com
iplogger.com
1    192.185.109.96 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: lecano.ca
evexfan.com
Apex Domain
Subdomains		 Transfer
3 popcash.net
popcash.net — Cisco Umbrella Rank: 59069
ps.popcash.net — Cisco Umbrella Rank: 217977
1 KB
3 topictraff.com
topictraff.com — Cisco Umbrella Rank: 440612
14 KB
2 adp13a.com
adp13a.com — Cisco Umbrella Rank: 316081
23 KB
2 lowtid.com
t3.lowtid.com — Cisco Umbrella Rank: 122384
t5.lowtid.com
685 B
1 evexfan.com
evexfan.com
1 iplogger.com
iplogger.com — Cisco Umbrella Rank: 418892
505 B
1 mybestclick.net
c.mybestclick.net — Cisco Umbrella Rank: 742336
381 B
1 blowingwind.xyz
redir.blowingwind.xyz — Cisco Umbrella Rank: 150243
1 KB
1 tealwinds.xyz
21.us.tealwinds.xyz — Cisco Umbrella Rank: 646546
2 KB
1 lowsea.fun
pdxx-7fmavzpxk2xlm-4-2.lowsea.fun — Cisco Umbrella Rank: 183200
283 B
5 10
Domain Requested by
3 topictraff.com 1 redirects topictraff.com
2 ps.popcash.net 1 redirects
2 adp13a.com 1 redirects topictraff.com
1 evexfan.com ps.popcash.net
1 iplogger.com 1 redirects
1 popcash.net 1 redirects
1 c.mybestclick.net 1 redirects
1 redir.blowingwind.xyz 1 redirects
1 21.us.tealwinds.xyz 1 redirects
1 t5.lowtid.com 1 redirects
1 pdxx-7fmavzpxk2xlm-4-2.lowsea.fun 1 redirects
1 t3.lowtid.com 1 redirects
5 12

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-10 -
2023-06-10		 a year crt.sh
*.evexfan.com
R3		 2022-11-07 -
2023-02-05		 3 months crt.sh

This page contains 1 frames:

Frame: https://evexfan.com/bankofamerica/online.php
Frame ID: 1174553FA34919BCE1BA2025FDE84938
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://topictraff.com/l/270285362a1cdd4846f9 Page URL
  2. https://topictraff.com/l/270285362a1cdd4846f9?code=01Y3RtATE2NzE0MjI2NDcxNjMAc3JjAWlvAHZlcgEyNgBpZG... HTTP 302
    https://topictraff.com/gw?source=Unknown&url=https%3A%2F%2Ft3.lowtid.com%2Fe.php%3Fp%3Dc%3A7omnig4v... Page URL
  3. https://t3.lowtid.com/e.php?p=c:7omnig4vvdmjho1zq&d=635151a79ddd643b302b5908&pid=bmconv_2022121905... HTTP 302
    https://pdxx-7fmavzpxk2xlm-4-2.lowsea.fun/emw/v1/dt?sid=67.59363_Unknown.nl.&k=bfb&url=https%3A%2F%2Ftopictraff.com%2F... HTTP 307
    https://t5.lowtid.com/d.php?p=c:ub_a64rij70pog14q&d=6351542976534b739b5850d5&pid=639fe2b7fba56272a... HTTP 302
    https://21.us.tealwinds.xyz/feed/?link=true&tid=21&subid=21.67.59363_Unknown.nl.&ref=t5.lowtid.com&s1=63... HTTP 301
    https://redir.blowingwind.xyz/feed/click/?t1=128&tid=21&uid=14&subid=21.67.59363_Unknown.nl.&id=03effb7fb4... HTTP 302
    https://c.mybestclick.net/feed/click/?t1=128&tid=3115&uid=4465&subid=21_21.67.59363_Unknown.nl.&id=2d4... HTTP 302
    http://adp13a.com/redirect?sid=60015 Page URL
  4. http://adp13a.com/redirect?cid=NLnyuIWIkd&http_referer=&sid=60015&subid=&s3=&6b9d40ce914b1508e... HTTP 302
    http://popcash.net/world/go/78036/145866/ HTTP 301
    http://ps.popcash.net/go/78036/145866/ Page URL

Page Statistics

5
Requests

60 %
HTTPS

18 %
IPv6

10
Domains

12
Subdomains

4
IPs

3
Countries

36 kB
Transfer

59 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://topictraff.com/l/270285362a1cdd4846f9 Page URL
  2. https://topictraff.com/l/270285362a1cdd4846f9?code=01Y3RtATE2NzE0MjI2NDcxNjMAc3JjAWlvAHZlcgEyNgBpZGEBMTEAcGx0AVdpbjMyAHRjaAEAaXcBMTYwMABpaAExMjAwAGF3ATE2MDAAYWgBMTIwMAB0egEwAGJ1aWQBAGNrZQExAGNrYwEwAG9ybnQBAHZuZAFHb29nbGUgSW5jLgBoc2ZjAXRydWUAZnJtAWZhbHNlAHVhAU1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDguMC41MzU5LjEyNCBTYWZhcmkvNTM3LjM2AGF2ATgAZG0BOABhNDMBMDAxMDAwAGE0NAEwMABzZgEwMDAwAGZmATExMABjaGQBMQBmbHYBZmFsc2UAY2htATExMQBsbmcBMTAwMABzdHJnATExMTExMTAAb3NjcHUBAHByZHN1YgEyMDAzMDEwNwBldmxuATMzAHJlZgEAcmJjYwExMDI1MTE1MwBjbnRwAQB3bm0BAHdnbHYBSW50ZWwgSW5jLgBjZGcBMTExMTExMTEwMDAxMTAwMTExMTExMTExMTExMTExMTEwMTExMTExMTExMTEwMTExMTExMTExMTExMTExMTEwMQBjaXUBMTExMDExMTExMTExMTExMTAxMDExMTExAHd1dAF3LjA7dy5ZNlZWO3cucjRubm5uO3cubDRubm5uO3cudDZ1O3cuRUttOFYAa2xuZwFlbi1VUztlbgBydHQBMABsYW8BAGhscwEwAG50ATExMDAxMDAxMQB3ZAExMTBiMgBjcngBQ2hyb21lIFBERiBQbHVnaW58aW50ZXJuYWwtcGRmLXZpZXdlcjtDaHJvbWUgUERGIFZpZXdlcnxtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2llaGphaTtOYXRpdmUgQ2xpZW50fGludGVybmFsLW5hY2wtcGx1Z2luAHNjZAEyNABzcGQBMjQAZHByATEAbmNkATEwAG10cAExNQ__&_tdf=37 HTTP 302
    https://topictraff.com/gw?source=Unknown&url=https%3A%2F%2Ft3.lowtid.com%2Fe.php%3Fp%3Dc%3A7omnig4vvdmjho1zq%26d%3D635151a79ddd643b302b5908%26pid%3Dbmconv_20221219050407_53b7ee5b_e5b2_410f_9001_8a53c4dd6669%26s%3D59363_Unknown&vId=bmconv_20221219050407_53b7ee5b_e5b2_410f_9001_8a53c4dd6669&hash=270285362a1cdd4846f9&ete=true Page URL
  3. https://t3.lowtid.com/e.php?p=c:7omnig4vvdmjho1zq&d=635151a79ddd643b302b5908&pid=bmconv_20221219050407_53b7ee5b_e5b2_410f_9001_8a53c4dd6669&s=59363_Unknown HTTP 302
    https://pdxx-7fmavzpxk2xlm-4-2.lowsea.fun/emw/v1/dt?sid=67.59363_Unknown.nl.&k=bfb&url=https%3A%2F%2Ftopictraff.com%2F&xrw=&lid=639fe2b7fba56272a77c1fe2&fid=67 HTTP 307
    https://t5.lowtid.com/d.php?p=c:ub_a64rij70pog14q&d=6351542976534b739b5850d5&pid=639fe2b7fba56272a77c1fe2&source=67.59363_Unknown.nl. HTTP 302
    https://21.us.tealwinds.xyz/feed/?link=true&tid=21&subid=21.67.59363_Unknown.nl.&ref=t5.lowtid.com&s1=639fe2b8eb0f147e8a1b5acd HTTP 301
    https://redir.blowingwind.xyz/feed/click/?t1=128&tid=21&uid=14&subid=21.67.59363_Unknown.nl.&id=03effb7fb45fd36eed6c06d20ef62965:7b76b29a3ff98b60ff2abe41f35a1fa9608f546ef7e1416bad9835ae01d428f93308928cdd9db087c6fc111b06d6599657b3f0c78b851363657591c9cd55f0bd76fed95a007949ae066b0088257a8e31dd8439a5e3afcf3aa3f5e1f0d510aff6c9230782e92bf34dba43bc48bdb2da01d0d7f38257cc68d75f0e9221ec36b83e0fca3fc6949332e0f9470648aebf5e37430207ab00b572ada6c7153cb60d407d37575a9f4a1736976fb5573c64e2f744da6235a470769de0538e7dc40fb1678f3ccbb7db0e70dc35aff148ae137d771508aa1e80a9a53a371f64312575039070be78447b79e2b1641e7965c97c02c3d134aeb31daaf4796dd07a628b7297fe540c4c3719f3bf1dd4f522f42edeca1dc46127e24caba16b44819d5fd15b7ee6896f309d463ff14cd8dfcaf04f74cc0620510532ec34ce5953da78037d4aa4f95b4fb2597995f18676dc44001d6655a3e04bf36603dfe1aeeb9fff496d79e13c61b92f62c66b579e12ecc081e57bd01e3f4082ed5302441f877dce64fc0264b4efc8f84c15c2da7ede9c505ae69b557715b3a9a4a24de750865e3889de225a1489a9ce303da1f2668c8b37c90b85c690b70276f20ebde9c3afd2fef914045d3e7e8c9adb40e4adb04bebec1f123f31977341b02ae68285e01fdd7f3086370a380ecf171a9a72b87e6b3a86ad5c342e9193125f84735147cb88c139ed98b331833bb4b8c317c3a235bfdf26dd243b02e13d4f3ccf299434b59cf1a4d802e349996ab352a6d1d2b49a6bf57d6d1980cf919272d688c97c15864711a497d72b99dd3842acebb9cf86deff04a02e0b8c413c4bfcfc3e92af5a7dd1f8b31a67eea4cb5b95b260d64a03960e98621620ab308dca305052ab20af6a051c0e4c9d3009424efd5b91486b771e2766d95095ac9e5f9ce1460acc16b9cd427e132cc9a62a35a372726e20b66e5acf76fb75daf61c31383fd511dddbfc3361a9bce7e52a311903ca80eebd0798ce6dc2711cf42f54775f1e77ebea464282c8dde4369dc1bbd82d4ed33c805717ee3db6972e2693d6c58b3044e9fa590be5b295a56b5261d41d338baa5c1412b66eea7d45b3bf80911b53b43e4cac03321e8abd7de6279a8f312e8e50d2d30c591b1a6fc21333b0ef454c24a74d2117c3dd8d289f8e8d83560d331957024c62e60457ac39ce8b95fea8d41d26262e0096dd1e029ca2a9c6cc183f07badaa22147ae4e8c76892d048dff22b3c472cfb7deb9b4e48fbc3eba4cdac49cf203235f1bc6d6577b9ceb9fbe9fa7a7f105c98209a4ed4894548334a9abc9e559486f57c20d7ccdbf6cb155b5c69dde7d9a57722056cdcabe6b11008e7c9d7eedd9d069d040449e59e150550e17d99ff43dadedfff19e10ed1c46a6cf78ed00619b69c648da7724a325dee1d7bac3ce4165b0c3788c612485664e9435fdaa98249ddda9973fb416dc9d8e19367ccee88ffd2e059d7068d94adcebf0098eaace9538c60fa81a1a0a79440372c04ee66087ac8bbc227cc0efbb3449d4aefff63e09d8014517683be348452a6ae26fad&s1=639fe2b8eb0f147e8a1b5acd HTTP 302
    https://c.mybestclick.net/feed/click/?t1=128&tid=3115&uid=4465&subid=21_21.67.59363_Unknown.nl.&id=2d4c98a771738aad1fec889eb83bfaab:cffdac0bc2f9256e41da715ecc0f1670103feb047e19efd2242df5ca18f334e4d8289b9f8f46abb06e6a4a5de18307c2403a07ba3845630bb82405a4c84613c6048d640673ffc816742240211575727a55eeec72f8f20c199805a14bd00403e168cefe690cbfc38704d55edd1d8d3fcee905d364040efbdce4f49cd8324f353c299d2c6a91a913182050df5a331970cc8cee672162b3e04c4186328e112a923150a943acca19b394dc34c2a55d5922f7cebe47ce6e746c83dd00ee76a489eee67324d78c8c1c86d259ede12687d0db4ebc1a1a8c06a7bac053198cc1941c1762ccf884d5c7b2c198e572664710a5b009e49280ba0abe6d3154edd337ceacfc23b5a962b0c34f5d082cb51c8d9237dcc192895222297afde7896ba67965f6e71023327157c8cdefab48695abd7e0382b989d8905d4c751925b9e10dc8b8b717b6845f85cc84355d81e102f25975095b61 HTTP 302
    http://adp13a.com/redirect?sid=60015 Page URL
  4. http://adp13a.com/redirect?cid=NLnyuIWIkd&http_referer=&sid=60015&subid=&s3=&6b9d40ce914b1508ec5702de6e6933b4=1&rr=1&id=&t=1671422649&hrf=kC2VdtBBfVH7WTKzX2oZUw8eHZ5mDomLGsK6dcKT9KQLJucvrUk%3D&iwx=1600&iwy=1200&owx=1600&owy=1200&isph=0&pbc=0&fp=null&hf=1&op=1&pd=24&tp=%3F&xd=%3F&yd=%3F&pl=3&mt=4&sw=1600&sh=1200&fw=1600&fh=1200&pw=0&ph=0&ow=1600x1200&iw=1600x1200&sd=24&ifr=0&coo=1&m=0&hr=6&ab=1&ua=%257B%2522ef%2522%253A%25224g%2522%252C%2522rtt%2522%253A0%252C%2522down%2522%253A10%252C%2522save%2522%253Afalse%257D&npl=Win32&ncpu=%3F&nhc=4&gtz=0&nba=0&nbt=0&nve=Google+Inc.&vapp=Netscape&napv=5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&ss=1&ls=1&bl=en-US&sl=undefined&dr=Intel%2520Inc.%257CIntel%2520Iris%2520OpenGL%2520Engine%257CWebGL%25201.0%2520%28OpenGL%2520ES%25202.0%2520Chromium%29&is=2139403474&wc=object&msy=undefined&ddm=undefined&ps=20030107&st=0&sp=undefined&mob=0&ifp1=0&ifp2=0&wn=&nap=0&ind=1&opd=0&dab=0&nsb=1&chk1=0&chk2=1&chk3=0&chk4=0 HTTP 302
    http://popcash.net/world/go/78036/145866/ HTTP 301
    http://ps.popcash.net/go/78036/145866/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://topictraff.com/l/270285362a1cdd4846f9?code=01Y3RtATE2NzE0MjI2NDcxNjMAc3JjAWlvAHZlcgEyNgBpZGEBMTEAcGx0AVdpbjMyAHRjaAEAaXcBMTYwMABpaAExMjAwAGF3ATE2MDAAYWgBMTIwMAB0egEwAGJ1aWQBAGNrZQExAGNrYwEwAG9ybnQBAHZuZAFHb29nbGUgSW5jLgBoc2ZjAXRydWUAZnJtAWZhbHNlAHVhAU1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDguMC41MzU5LjEyNCBTYWZhcmkvNTM3LjM2AGF2ATgAZG0BOABhNDMBMDAxMDAwAGE0NAEwMABzZgEwMDAwAGZmATExMABjaGQBMQBmbHYBZmFsc2UAY2htATExMQBsbmcBMTAwMABzdHJnATExMTExMTAAb3NjcHUBAHByZHN1YgEyMDAzMDEwNwBldmxuATMzAHJlZgEAcmJjYwExMDI1MTE1MwBjbnRwAQB3bm0BAHdnbHYBSW50ZWwgSW5jLgBjZGcBMTExMTExMTEwMDAxMTAwMTExMTExMTExMTExMTExMTEwMTExMTExMTExMTEwMTExMTExMTExMTExMTExMTEwMQBjaXUBMTExMDExMTExMTExMTExMTAxMDExMTExAHd1dAF3LjA7dy5ZNlZWO3cucjRubm5uO3cubDRubm5uO3cudDZ1O3cuRUttOFYAa2xuZwFlbi1VUztlbgBydHQBMABsYW8BAGhscwEwAG50ATExMDAxMDAxMQB3ZAExMTBiMgBjcngBQ2hyb21lIFBERiBQbHVnaW58aW50ZXJuYWwtcGRmLXZpZXdlcjtDaHJvbWUgUERGIFZpZXdlcnxtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2llaGphaTtOYXRpdmUgQ2xpZW50fGludGVybmFsLW5hY2wtcGx1Z2luAHNjZAEyNABzcGQBMjQAZHByATEAbmNkATEwAG10cAExNQ__&_tdf=37 HTTP 302
  • https://topictraff.com/gw?source=Unknown&url=https%3A%2F%2Ft3.lowtid.com%2Fe.php%3Fp%3Dc%3A7omnig4vvdmjho1zq%26d%3D635151a79ddd643b302b5908%26pid%3Dbmconv_20221219050407_53b7ee5b_e5b2_410f_9001_8a53c4dd6669%26s%3D59363_Unknown&vId=bmconv_20221219050407_53b7ee5b_e5b2_410f_9001_8a53c4dd6669&hash=270285362a1cdd4846f9&ete=true
Request Chain 2
  • https://t3.lowtid.com/e.php?p=c:7omnig4vvdmjho1zq&d=635151a79ddd643b302b5908&pid=bmconv_20221219050407_53b7ee5b_e5b2_410f_9001_8a53c4dd6669&s=59363_Unknown HTTP 302
  • https://pdxx-7fmavzpxk2xlm-4-2.lowsea.fun/emw/v1/dt?sid=67.59363_Unknown.nl.&k=bfb&url=https%3A%2F%2Ftopictraff.com%2F&xrw=&lid=639fe2b7fba56272a77c1fe2&fid=67 HTTP 307
  • https://t5.lowtid.com/d.php?p=c:ub_a64rij70pog14q&d=6351542976534b739b5850d5&pid=639fe2b7fba56272a77c1fe2&source=67.59363_Unknown.nl. HTTP 302
  • https://21.us.tealwinds.xyz/feed/?link=true&tid=21&subid=21.67.59363_Unknown.nl.&ref=t5.lowtid.com&s1=639fe2b8eb0f147e8a1b5acd HTTP 301
  • https://redir.blowingwind.xyz/feed/click/?t1=128&tid=21&uid=14&subid=21.67.59363_Unknown.nl.&id=03effb7fb45fd36eed6c06d20ef62965:7b76b29a3ff98b60ff2abe41f35a1fa9608f546ef7e1416bad9835ae01d428f93308928cdd9db087c6fc111b06d6599657b3f0c78b851363657591c9cd55f0bd76fed95a007949ae066b0088257a8e31dd8439a5e3afcf3aa3f5e1f0d510aff6c9230782e92bf34dba43bc48bdb2da01d0d7f38257cc68d75f0e9221ec36b83e0fca3fc6949332e0f9470648aebf5e37430207ab00b572ada6c7153cb60d407d37575a9f4a1736976fb5573c64e2f744da6235a470769de0538e7dc40fb1678f3ccbb7db0e70dc35aff148ae137d771508aa1e80a9a53a371f64312575039070be78447b79e2b1641e7965c97c02c3d134aeb31daaf4796dd07a628b7297fe540c4c3719f3bf1dd4f522f42edeca1dc46127e24caba16b44819d5fd15b7ee6896f309d463ff14cd8dfcaf04f74cc0620510532ec34ce5953da78037d4aa4f95b4fb2597995f18676dc44001d6655a3e04bf36603dfe1aeeb9fff496d79e13c61b92f62c66b579e12ecc081e57bd01e3f4082ed5302441f877dce64fc0264b4efc8f84c15c2da7ede9c505ae69b557715b3a9a4a24de750865e3889de225a1489a9ce303da1f2668c8b37c90b85c690b70276f20ebde9c3afd2fef914045d3e7e8c9adb40e4adb04bebec1f123f31977341b02ae68285e01fdd7f3086370a380ecf171a9a72b87e6b3a86ad5c342e9193125f84735147cb88c139ed98b331833bb4b8c317c3a235bfdf26dd243b02e13d4f3ccf299434b59cf1a4d802e349996ab352a6d1d2b49a6bf57d6d1980cf919272d688c97c15864711a497d72b99dd3842acebb9cf86deff04a02e0b8c413c4bfcfc3e92af5a7dd1f8b31a67eea4cb5b95b260d64a03960e98621620ab308dca305052ab20af6a051c0e4c9d3009424efd5b91486b771e2766d95095ac9e5f9ce1460acc16b9cd427e132cc9a62a35a372726e20b66e5acf76fb75daf61c31383fd511dddbfc3361a9bce7e52a311903ca80eebd0798ce6dc2711cf42f54775f1e77ebea464282c8dde4369dc1bbd82d4ed33c805717ee3db6972e2693d6c58b3044e9fa590be5b295a56b5261d41d338baa5c1412b66eea7d45b3bf80911b53b43e4cac03321e8abd7de6279a8f312e8e50d2d30c591b1a6fc21333b0ef454c24a74d2117c3dd8d289f8e8d83560d331957024c62e60457ac39ce8b95fea8d41d26262e0096dd1e029ca2a9c6cc183f07badaa22147ae4e8c76892d048dff22b3c472cfb7deb9b4e48fbc3eba4cdac49cf203235f1bc6d6577b9ceb9fbe9fa7a7f105c98209a4ed4894548334a9abc9e559486f57c20d7ccdbf6cb155b5c69dde7d9a57722056cdcabe6b11008e7c9d7eedd9d069d040449e59e150550e17d99ff43dadedfff19e10ed1c46a6cf78ed00619b69c648da7724a325dee1d7bac3ce4165b0c3788c612485664e9435fdaa98249ddda9973fb416dc9d8e19367ccee88ffd2e059d7068d94adcebf0098eaace9538c60fa81a1a0a79440372c04ee66087ac8bbc227cc0efbb3449d4aefff63e09d8014517683be348452a6ae26fad&s1=639fe2b8eb0f147e8a1b5acd HTTP 302
  • https://c.mybestclick.net/feed/click/?t1=128&tid=3115&uid=4465&subid=21_21.67.59363_Unknown.nl.&id=2d4c98a771738aad1fec889eb83bfaab:cffdac0bc2f9256e41da715ecc0f1670103feb047e19efd2242df5ca18f334e4d8289b9f8f46abb06e6a4a5de18307c2403a07ba3845630bb82405a4c84613c6048d640673ffc816742240211575727a55eeec72f8f20c199805a14bd00403e168cefe690cbfc38704d55edd1d8d3fcee905d364040efbdce4f49cd8324f353c299d2c6a91a913182050df5a331970cc8cee672162b3e04c4186328e112a923150a943acca19b394dc34c2a55d5922f7cebe47ce6e746c83dd00ee76a489eee67324d78c8c1c86d259ede12687d0db4ebc1a1a8c06a7bac053198cc1941c1762ccf884d5c7b2c198e572664710a5b009e49280ba0abe6d3154edd337ceacfc23b5a962b0c34f5d082cb51c8d9237dcc192895222297afde7896ba67965f6e71023327157c8cdefab48695abd7e0382b989d8905d4c751925b9e10dc8b8b717b6845f85cc84355d81e102f25975095b61 HTTP 302
  • http://adp13a.com/redirect?sid=60015
Request Chain 3
  • http://ps.popcash.net/ad/ad?p=78036&w=145866&t=a595a4cbde337f44&r=aHR0cCUzQSUyRiUyRmFkcDEzYS5jb20lMkY=&vw=1600&vh=1200 HTTP 303
  • https://iplogger.com/testBat HTTP 302
  • https://evexfan.com/bankofamerica/online.php

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
270285362a1cdd4846f9
topictraff.com/l/ 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://topictraff.com/l/270285362a1cdd4846f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000
cf-cache-status
DYNAMIC
cf-ray
77bd4097eeb40e50-AMS
content-encoding
br
content-type
text/html
date
Mon, 19 Dec 2022 04:04:07 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Fri, 27 Mar 2020 14:29:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPQdwGtPACp21nIlAffViPWl4W1NpkIeznLhxGYntlT5OAB2ZciKDEBUcf6SslRNf4%2FgqU3SdodGl5NQwe%2F0qoNkfwv0sPHQhu4mi43yG%2B5ob%2F52hx4YK%2BlM9RZXTYILPBTVOAIYAHG94ImALw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
gw
topictraff.com/
Redirect Chain
  • https://topictraff.com/l/270285362a1cdd4846f9?code=01Y3RtATE2NzE0MjI2NDcxNjMAc3JjAWlvAHZlcgEyNgBpZGEBMTEAcGx0AVdpbjMyAHRjaAEAaXcBMTYwMABpaAExMjAwAGF3ATE2MDAAYWgBMTIwMAB0egEwAGJ1aWQBAGNrZQExAGNrYwEw...
  • https://topictraff.com/gw?source=Unknown&url=https%3A%2F%2Ft3.lowtid.com%2Fe.php%3Fp%3Dc%3A7omnig4vvdmjho1zq%26d%3D635151a79ddd643b302b5908%26pid%3Dbmconv_20221219050407_53b7ee5b_e5b2_410f_9001_8a5...
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://topictraff.com/gw?source=Unknown&url=https%3A%2F%2Ft3.lowtid.com%2Fe.php%3Fp%3Dc%3A7omnig4vvdmjho1zq%26d%3D635151a79ddd643b302b5908%26pid%3Dbmconv_20221219050407_53b7ee5b_e5b2_410f_9001_8a53c4dd6669%26s%3D59363_Unknown&vId=bmconv_20221219050407_53b7ee5b_e5b2_410f_9001_8a53c4dd6669&hash=270285362a1cdd4846f9&ete=true
Requested by
Host: topictraff.com
URL: https://topictraff.com/l/270285362a1cdd4846f9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://topictraff.com/l/270285362a1cdd4846f9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000
cf-cache-status
DYNAMIC
cf-ray
77bd409959a70c01-AMS
content-encoding
br
content-type
text/html
date
Mon, 19 Dec 2022 04:04:07 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Fri, 27 Mar 2020 14:30:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fftswr9lb10nHSREnnxDA1mJzE6mN8rOIVUnFkikO0vNPlZkwkUXg6%2BFWhu69jVorl1l%2BwSgZcDaXg5QYxcFgBQ%2BIQh26qiP6xwtSoS5cKO52j7O9dmo%2BbW2iVjvbpqfCmT%2FssRAGfSuDkhwFA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
77bd40991f990e50-AMS
date
Mon, 19 Dec 2022 04:04:07 GMT
location
https://topictraff.com/gw?source=Unknown&url=https%3A%2F%2Ft3.lowtid.com%2Fe.php%3Fp%3Dc%3A7omnig4vvdmjho1zq%26d%3D635151a79ddd643b302b5908%26pid%3Dbmconv_20221219050407_53b7ee5b_e5b2_410f_9001_8a53c4dd6669%26s%3D59363_Unknown&vId=bmconv_20221219050407_53b7ee5b_e5b2_410f_9001_8a53c4dd6669&hash=270285362a1cdd4846f9&ete=true
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OT96Xd71g%2FkcLeMP%2BT9ei3cRmF%2F6P6%2Fz4PZUppXh5ukwHod47PpSiXpaSW97x1uBrBRR0YynMtYWkb%2B7hMDTf%2Bnbksy8lCgldjYLenTvBbc6VmHKaBBH0jtkhaOYwr4uN0FhyZHr0u1iXr1DSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
redirect
adp13a.com/
Redirect Chain
  • https://t3.lowtid.com/e.php?p=c:7omnig4vvdmjho1zq&d=635151a79ddd643b302b5908&pid=bmconv_20221219050407_53b7ee5b_e5b2_410f_9001_8a53c4dd6669&s=59363_Unknown
  • https://pdxx-7fmavzpxk2xlm-4-2.lowsea.fun/emw/v1/dt?sid=67.59363_Unknown.nl.&k=bfb&url=https%3A%2F%2Ftopictraff.com%2F&xrw=&lid=639fe2b7fba56272a77c1fe2&fid=67
  • https://t5.lowtid.com/d.php?p=c:ub_a64rij70pog14q&d=6351542976534b739b5850d5&pid=639fe2b7fba56272a77c1fe2&source=67.59363_Unknown.nl.
  • https://21.us.tealwinds.xyz/feed/?link=true&tid=21&subid=21.67.59363_Unknown.nl.&ref=t5.lowtid.com&s1=639fe2b8eb0f147e8a1b5acd
  • https://redir.blowingwind.xyz/feed/click/?t1=128&tid=21&uid=14&subid=21.67.59363_Unknown.nl.&id=03effb7fb45fd36eed6c06d20ef62965:7b76b29a3ff98b60ff2abe41f35a1fa9608f546ef7e1416bad9835ae01d428f93308...
  • https://c.mybestclick.net/feed/click/?t1=128&tid=3115&uid=4465&subid=21_21.67.59363_Unknown.nl.&id=2d4c98a771738aad1fec889eb83bfaab:cffdac0bc2f9256e41da715ecc0f1670103feb047e19efd2242df5ca18f334e4d...
  • http://adp13a.com/redirect?sid=60015
21 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://adp13a.com/redirect?sid=60015
Requested by
Host: topictraff.com
URL: https://topictraff.com/l/270285362a1cdd4846f9?source=Unknown&url=https%3A%2F%2Ft3.lowtid.com%2Fe.php%3Fp%3Dc%3A7omnig4vvdmjho1zq%26d%3D635151a79ddd643b302b5908%26pid%3Dbmconv_20221219050407_53b7ee5b_e5b2_410f_9001_8a53c4dd6669%26s%3D59363_Unknown&vId=bmconv_20221219050407_53b7ee5b_e5b2_410f_9001_8a53c4dd6669&hash=270285362a1cdd4846f9&ete=true
Protocol
HTTP/1.1
Server
172.64.204.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://topictraff.com/l/270285362a1cdd4846f9?source=Unknown&url=https%3A%2F%2Ft3.lowtid.com%2Fe.php%3Fp%3Dc%3A7omnig4vvdmjho1zq%26d%3D635151a79ddd643b302b5908%26pid%3Dbmconv_20221219050407_53b7ee5b_e5b2_410f_9001_8a53c4dd6669%26s%3D59363_Unknown&vId=bmconv_20221219050407_53b7ee5b_e5b2_410f_9001_8a53c4dd6669&hash=270285362a1cdd4846f9&ete=true
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
77bd40a95eed0e60-AMS
Cache-Control
no-transform,no-cache
Connection
keep-alive
Content-Length
21811
Content-Type
text/html;charset=UTF-8
Date
Mon, 19 Dec 2022 04:04:09 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrR1zHczXZ9XRmbpV6BQSeYZrGpSfbUBwn81vvVU5XRo8hPLfFFLgOPrJRoEgqY7vBfDmI0mlNZUtLHoSBtR5ttnYvcSRbmwgwWOO90SlqdA1O%2FMjdZvYcW3%2FL39"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
116
Content-Type
text/html; charset=utf-8
Date
Mon, 19 Dec 2022 04:04:09 GMT
Expires
0
Keep-Alive
timeout=5
Location
http://adp13a.com/redirect?sid=60015
Pragma
no-cache
Surrogate-Control
no-store
Vary
Accept
X-Powered-By
Express
Primary Request /
ps.popcash.net/go/78036/145866/
Redirect Chain
  • http://adp13a.com/redirect?cid=NLnyuIWIkd&http_referer=&sid=60015&subid=&s3=&6b9d40ce914b1508ec5702de6e6933b4=1&rr=1&id=&t=1671422649&hrf=kC2VdtBBfVH7WTKzX2oZUw8eHZ5mDomLGsK6dcKT9KQLJucvrUk%3D&iwx=...
  • http://popcash.net/world/go/78036/145866/
  • http://ps.popcash.net/go/78036/145866/
461 B
496 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ps.popcash.net/go/78036/145866/
Protocol
HTTP/1.1
Server
3.228.63.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-63-1.compute-1.amazonaws.com
Software
nginx /
Resource Hash
05021aab13cafbbdea417753b55ed2b7d747cd3c097f7507d1d85dfe595271a0

Request headers

Referer
http://adp13a.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
308
Content-Type
text/html
Date
Mon, 19 Dec 2022 04:04:10 GMT
Server
nginx
Vary
Accept-Encoding

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
77bd40ae2c899b6a-FRA
Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Mon, 19 Dec 2022 04:04:10 GMT
Location
http://ps.popcash.net/go/78036/145866/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LojyYHTYpWJLXWhi3RIQTrJVzKUtU37sBFvR%2FBbrTbnbKejpMx1nuXK%2F9lLTOF40VBPUTiuhVKLeoiEgOqPt0aLGVRDkoTjyQKOd4NajBk4Qd1GAmGaeccguLJ8aY63IKxNj7TcAHpca"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
online.php
evexfan.com/bankofamerica/
Redirect Chain
  • http://ps.popcash.net/ad/ad?p=78036&w=145866&t=a595a4cbde337f44&r=aHR0cCUzQSUyRiUyRmFkcDEzYS5jb20lMkY=&vw=1600&vh=1200
  • https://iplogger.com/testBat
  • https://evexfan.com/bankofamerica/online.php
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://evexfan.com/bankofamerica/online.php
Requested by
Host: ps.popcash.net
URL: http://ps.popcash.net/go/78036/145866/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.109.96 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
lecano.ca
Software
Apache /
Resource Hash

Request headers

Referer
http://ps.popcash.net/go/78036/145866/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-disposition
attachment; filename=▶️video_№15611milf____________________________________.bat
content-encoding
gzip
content-length
276
content-type
application/octet-stream
date
Mon, 19 Dec 2022 04:04:12 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 19 Dec 2022 04:04:11 GMT
expires
Mon, 19 Dec 2022 04:04:11 +0000
location
https://evexfan.com/bankofamerica/online.php
server
nginx
strict-transport-security
max-age=604800 max-age=31536000
x-frame-options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange number| x number| y

4 Cookies

Domain/Path Name / Value
topictraff.com/ Name: BSESSID
Value: trke4d441bb-c4de-43c9-b6e8-d64e9b589c83
.lowsea.fun/ Name: emwxcid_4_1
Value: h2Jvl6j110tDdVgvLUncefxnc13cdslI1INf29HNxyC5EdWi5Y
iplogger.com/ Name: clhf03028ja
Value: 31.204.150.111
iplogger.com/ Name: 42263141533501551
Value: 3