urlscan.io logo urlscan.io
SecurityTrails logo

clcktrck.com Open in urlscan Pro
3.73.249.248  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://28874465-24580-ex.alumniterist.com/jCZHCYI3OA_mZtczvVvCLCBNmtkRvoHRdqsEM5iVH5hHYpzA8NtX8JzcAYVmfYDKw40EK6R3g_m9euuzHOKnYBWKmKKluL6K...
Effective URL: https://clcktrck.com/nl/s/red_u_plain.php?uid=340068843&t=direct&s=22207&pub=10449&d=transportbedrijfbakker.nl
Submission: On November 26 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 19 HTTP transactions. The main IP is 3.73.249.248, located in and belongs to . The main domain is clcktrck.com.
TLS certificate: Issued by E6 on November 26th 2024. Valid for: 3 months.
This is the only time clcktrck.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 88.208.22.4 39572 (ADVANCEDH...)
1 6 139.45.196.64 9002 (RETN-AS R...)
1 188.114.96.9 13335 (CLOUDFLAR...)
1 37.48.68.71 60781 (LEASEWEB-...)
1 104.18.22.222 13335 (CLOUDFLAR...)
2 188.114.96.3 13335 (CLOUDFLAR...)
2 5 104.18.23.222 13335 (CLOUDFLAR...)
1 1 172.66.40.245 ()
1 1 52.9.197.63 ()
2 3.73.249.248 ()
19 9
2    88.208.22.4 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
28874465-24580-ex.alumniterist.com
6    139.45.196.64 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)
leikovoleikamarada.com
1    188.114.96.9 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
cdntechone.com
1    37.48.68.71 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)
datatechone.com
1    104.18.22.222 (None, )

ASN13335 (CLOUDFLARENET, US)
taiwoudoastuph.net
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
my.rtmark.net
5    104.18.23.222 (None, )

ASN13335 (CLOUDFLARENET, US)
taiwoudoastuph.net
1    172.66.40.245 (None, )

ASN- ()
www.share365.net
1    52.9.197.63 (None, )

ASN- ()
www.rewardany.com
2    3.73.249.248 (None, )

ASN- ()
clcktrck.com
Apex Domain
Subdomains		 Transfer
6 taiwoudoastuph.net
taiwoudoastuph.net — Cisco Umbrella Rank: 326918
17 KB
6 leikovoleikamarada.com
leikovoleikamarada.com — Cisco Umbrella Rank: 908885
16 KB
2 clcktrck.com
clcktrck.com
980 B
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10565
2 KB
2 alumniterist.com
28874465-24580-ex.alumniterist.com
4 KB
1 rewardany.com
www.rewardany.com
218 B
1 share365.net
www.share365.net
2 KB
1 datatechone.com
datatechone.com — Cisco Umbrella Rank: 55424
467 B
1 cdntechone.com
cdntechone.com — Cisco Umbrella Rank: 47374
9 KB
0 google.com Failed
ads.google.com Failed
19 10
Domain Requested by
6 taiwoudoastuph.net 2 redirects leikovoleikamarada.com
taiwoudoastuph.net
6 leikovoleikamarada.com 1 redirects cdntechone.com
leikovoleikamarada.com
2 clcktrck.com
2 my.rtmark.net leikovoleikamarada.com
taiwoudoastuph.net
2 28874465-24580-ex.alumniterist.com 1 redirects
1 www.rewardany.com 1 redirects
1 www.share365.net 1 redirects
1 datatechone.com cdntechone.com
1 cdntechone.com 28874465-24580-ex.alumniterist.com
0 ads.google.com Failed 28874465-24580-ex.alumniterist.com
19 10

This site contains no links.

Subject Issuer Validity Valid
*.alumniterist.com
R11		 2024-09-30 -
2024-12-29		 3 months crt.sh
cdntechone.com
WE1		 2024-10-16 -
2025-01-14		 3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-10 -
2024-12-23		 a year crt.sh
leikovoleikamarada.com
R11		 2024-10-01 -
2024-12-30		 3 months crt.sh
taiwoudoastuph.net
WE1		 2024-11-12 -
2025-02-10		 3 months crt.sh
my.rtmark.net
WE1		 2024-11-06 -
2025-02-04		 3 months crt.sh
clcktrck.com
E6		 2024-11-26 -
2025-02-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://clcktrck.com/nl/s/red_u_plain.php?uid=340068843&t=direct&s=22207&pub=10449&d=transportbedrijfbakker.nl
Frame ID: 60961395AA0CF260F2D1960076420AA6
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Redirect

Page URL History Show full URLs

  1. https://28874465-24580-ex.alumniterist.com/jCZHCYI3OA_mZtczvVvCLCBNmtkRvoHRdqsEM5iVH5hHYpzA8NtX8JzcAYVmfYDKw40EK6R3g_m9... Page URL
  2. https://28874465-24580-ex.alumniterist.com/jCZHCYI3OA_mZtczvVvCLCBNmtkRvoHRdqsEM5iVH5hHYpzA8NtX8JzcAYVmfYDKw40EK6R3g_m9... HTTP 307
    https://leikovoleikamarada.com/link?z=7205185&var={hostid} HTTP 302
    https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7205185&axcusid1={h... Page URL
  3. http://leikovoleikamarada.com/link?z=7205185&var=null&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=12885 HTTP 307
    https://leikovoleikamarada.com/link?z=7205185&var=null&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=12885 Page URL
  4. https://taiwoudoastuph.net/?z=7205186&syncedCookie=true&rhd=false HTTP 302
    https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x Page URL
  5. https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
    https://www.share365.net/vip/rds/nl?subId=885317629978616122&country=NL&campaignid=8543943 HTTP 302
    https://www.rewardany.com/store/transportbedrijfbakker-nl-cpc?pubId=10449&subId=885317629978616122&cou... HTTP 302
    https://clcktrck.com/nl/s/red_u_plain.php?uid=340068843&t=direct&s=22207&pub=10449&d=transportbed... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

19
Requests

84 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

9
IPs

3
Countries

47 kB
Transfer

89 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://28874465-24580-ex.alumniterist.com/jCZHCYI3OA_mZtczvVvCLCBNmtkRvoHRdqsEM5iVH5hHYpzA8NtX8JzcAYVmfYDKw40EK6R3g_m9euuzHOKnYBWKmKKluL6KcAQfS79OKYtlleLAnkF2VhjaJg3zRA?kws=dvaj%2Conly%2Cnude%2Cmodel%2Caoi%2Ctsukasa%2Cjav%2Cquick&abl=0&fsb=0&pageUri=https%3A%2F%2Fjavquick.com%...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=0 Page URL
  2. https://28874465-24580-ex.alumniterist.com/jCZHCYI3OA_mZtczvVvCLCBNmtkRvoHRdqsEM5iVH5hHYpzA8NtX8JzcAYVmfYDKw40EK6R3g_m9euuzHOKnYBWKmKKluL6KcAQfS79OKYtlleLAnkF2VhjaJg3zRA?kws=dvaj%2Conly%2Cnude%2Cmodel%2Caoi%2Ctsukasa%2Cjav%2Cquick&abl=0&fsb=0&pageUri=https%3A%2F%2Fjavquick.com%...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=0&pageUri=&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2212%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Tue%20Nov%2026%202024%2017%3A48%3A03%20GMT%2B0100%20(Midden-Europese%20standaardtijd)%22%2C%22-60%22%2C%22nl-NL%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
    https://leikovoleikamarada.com/link?z=7205185&var={hostid} HTTP 302
    https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7205185&axcusid1={hostid}&clid={ymid}&r=http%3A%2F%2Fleikovoleikamarada.com%2Flink%3Fz%3D7205185%26var%3D%7Bhostid%7D%26acb%3Dproxy-smart-link&axcusid2=&axadvid=0&axcamid=12885 Page URL
  3. http://leikovoleikamarada.com/link?z=7205185&var=null&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=12885 HTTP 307
    https://leikovoleikamarada.com/link?z=7205185&var=null&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=12885 Page URL
  4. https://taiwoudoastuph.net/?z=7205186&syncedCookie=true&rhd=false HTTP 302
    https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x Page URL
  5. https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
    https://www.share365.net/vip/rds/nl?subId=885317629978616122&country=NL&campaignid=8543943 HTTP 302
    https://www.rewardany.com/store/transportbedrijfbakker-nl-cpc?pubId=10449&subId=885317629978616122&country=NL&campaignid=8543943 HTTP 302
    https://clcktrck.com/nl/s/red_u_plain.php?uid=340068843&t=direct&s=22207&pub=10449&d=transportbedrijfbakker.nl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://28874465-24580-ex.alumniterist.com/jCZHCYI3OA_mZtczvVvCLCBNmtkRvoHRdqsEM5iVH5hHYpzA8NtX8JzcAYVmfYDKw40EK6R3g_m9euuzHOKnYBWKmKKluL6KcAQfS79OKYtlleLAnkF2VhjaJg3zRA?kws=dvaj%2Conly%2Cnude%2Cmodel%2Caoi%2Ctsukasa%2Cjav%2Cquick&abl=0&fsb=0&pageUri=https%3A%2F%2Fjavquick.com%...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=0&pageUri=&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2212%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Tue%20Nov%2026%202024%2017%3A48%3A03%20GMT%2B0100%20(Midden-Europese%20standaardtijd)%22%2C%22-60%22%2C%22nl-NL%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
  • https://leikovoleikamarada.com/link?z=7205185&var={hostid} HTTP 302
  • https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7205185&axcusid1={hostid}&clid={ymid}&r=http%3A%2F%2Fleikovoleikamarada.com%2Flink%3Fz%3D7205185%26var%3D%7Bhostid%7D%26acb%3Dproxy-smart-link&axcusid2=&axadvid=0&axcamid=12885
Request Chain 4
  • http://leikovoleikamarada.com/link?z=7205185&var=null&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=12885 HTTP 307
  • https://leikovoleikamarada.com/link?z=7205185&var=null&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=12885
Request Chain 10
  • https://taiwoudoastuph.net/?z=7205186&syncedCookie=true&rhd=false HTTP 302
  • https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
jCZHCYI3OA_mZtczvVvCLCBNmtkRvoHRdqsEM5iVH5hHYpzA8NtX8JzcAYVmfYDKw40EK6R3g_m9euuzHOKnYBWKmKKluL6KcAQfS79OKYtlleLAnkF2VhjaJg3zRA
28874465-24580-ex.alumniterist.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28874465-24580-ex.alumniterist.com/jCZHCYI3OA_mZtczvVvCLCBNmtkRvoHRdqsEM5iVH5hHYpzA8NtX8JzcAYVmfYDKw40EK6R3g_m9euuzHOKnYBWKmKKluL6KcAQfS79OKYtlleLAnkF2VhjaJg3zRA?kws=dvaj%2Conly%2Cnude%2Cmodel%2Caoi%2Ctsukasa%2Cjav%2Cquick&abl=0&fsb=0&pageUri=https%3A%2F%2Fjavquick.com%...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.208.22.4 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
ee61a12b9a070a09dd3d93a0cd29f61d6f6f944160b457c1cf3557e4b3e778e3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime
31536000
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html
date
Tue, 26 Nov 2024 16:48:03 GMT
expires
Tue, 26 Nov 2024 16:48:03 UTC
last-modified
Tue, 26 Nov 2024 16:48:03 UTC
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma
no-cache
referrer-policy
unsafe-url
server
nginx
vary
Accept-Encoding
/
ads.google.com/ 		0
0
r.html
cdntechone.com/
Redirect Chain
  • https://28874465-24580-ex.alumniterist.com/jCZHCYI3OA_mZtczvVvCLCBNmtkRvoHRdqsEM5iVH5hHYpzA8NtX8JzcAYVmfYDKw40EK6R3g_m9euuzHOKnYBWKmKKluL6KcAQfS79OKYtlleLAnkF2VhjaJg3zRA?kws=dvaj%2Conly%2Cnude%2Cmo...
  • https://leikovoleikamarada.com/link?z=7205185&var={hostid}
  • https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7205185&axcusid1={hostid}&clid={ymid}&r=http%3A%2F%2Fleikovoleikamarada.com%2Flink%3Fz%3D7205185%26var%3D%7Bhostid%7D...
20 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7205185&axcusid1={hostid}&clid={ymid}&r=http%3A%2F%2Fleikovoleikamarada.com%2Flink%3Fz%3D7205185%26var%3D%7Bhostid%7D%26acb%3Dproxy-smart-link&axcusid2=&axadvid=0&axcamid=12885
Requested by
Host: 28874465-24580-ex.alumniterist.com
URL: https://28874465-24580-ex.alumniterist.com/jCZHCYI3OA_mZtczvVvCLCBNmtkRvoHRdqsEM5iVH5hHYpzA8NtX8JzcAYVmfYDKw40EK6R3g_m9euuzHOKnYBWKmKKluL6KcAQfS79OKYtlleLAnkF2VhjaJg3zRA?kws=dvaj%2Conly%2Cnude%2Cmodel%2Caoi%2Ctsukasa%2Cjav%2Cquick&abl=0&fsb=0&pageUri=https%3A%2F%2Fjavquick.com%...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f8b540ccf7bfb15d7c172f7b1c08124a65059ecf81430298b2075a8b733a63

Request headers

Referer
https://28874465-24580-ex.alumniterist.com/jCZHCYI3OA_mZtczvVvCLCBNmtkRvoHRdqsEM5iVH5hHYpzA8NtX8JzcAYVmfYDKw40EK6R3g_m9euuzHOKnYBWKmKKluL6KcAQfS79OKYtlleLAnkF2VhjaJg3zRA?kws=dvaj%2Conly%2Cnude%2Cmodel%2Caoi%2Ctsukasa%2Cjav%2Cquick&abl=0&fsb=0&pageUri=https%3A%2F%2Fjavquick.com%...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
device-memory
8

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e8b5d2b1d5766ce-AMS
content-encoding
zstd
content-type
text/html
date
Tue, 26 Nov 2024 16:48:04 GMT
last-modified
Thu, 11 Jul 2024 10:23:50 GMT
link
<https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aOzB7En9VWpzYjpOo0ncTOWScOf9J4fjpQi5wbWvdCd1gDhRn7rgeu8qBqbwEEFAHIteejvckC8IWWg7dMnByOmYhMBRBz0djScZQSgulfUpCToAPS0E6ZRRM4PlLtDO0w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=22015&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4157&recv_bytes=4863&delivery_rate=863&cwnd=12000&unsent_bytes=0&cid=36428fa50f52f988&ts=120&x=1" cfHdrFlush;dur=0

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Tue, 26 Nov 2024 16:48:04 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://cdntechone.com>; rel="dns-prefetch preconnect"
location
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7205185&axcusid1={hostid}&clid={ymid}&r=http%3A%2F%2Fleikovoleikamarada.com%2Flink%3Fz%3D7205185%26var%3D%7Bhostid%7D%26acb%3Dproxy-smart-link&axcusid2=&axadvid=0&axcamid=12885
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
x-content-type-options
nosniff
add
datatechone.com/log/ 		2 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853&ruid=9f941805-3696-4d97-b039-efb5bb29f159
Requested by
Host: cdntechone.com
URL: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7205185&axcusid1={hostid}&clid={ymid}&r=http%3A%2F%2Fleikovoleikamarada.com%2Flink%3Fz%3D7205185%26var%3D%7Bhostid%7D%26acb%3Dproxy-smart-link&axcusid2=&axadvid=0&axcamid=12885
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://cdntechone.com/

Response headers

Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://cdntechone.com
Content-Length
2
Date
Tue, 26 Nov 2024 16:48:06 GMT
Content-Type
text/plain; charset=utf-8
Server
nginx/1.19.10
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
link
leikovoleikamarada.com/
Redirect Chain
  • http://leikovoleikamarada.com/link?z=7205185&var=null&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=12885
  • https://leikovoleikamarada.com/link?z=7205185&var=null&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=12885
31 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://leikovoleikamarada.com/link?z=7205185&var=null&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=12885
Requested by
Host: cdntechone.com
URL: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7205185&axcusid1={hostid}&clid={ymid}&r=http%3A%2F%2Fleikovoleikamarada.com%2Flink%3Fz%3D7205185%26var%3D%7Bhostid%7D%26acb%3Dproxy-smart-link&axcusid2=&axadvid=0&axcamid=12885
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
4df77274dce43fc9b2894ad9a7a0655a86419e003475d5c088af0bdf9c233745
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7205185&axcusid1={hostid}&clid={ymid}&r=http%3A%2F%2Fleikovoleikamarada.com%2Flink%3Fz%3D7205185%26var%3D%7Bhostid%7D%26acb%3Dproxy-smart-link&axcusid2=&axadvid=0&axcamid=12885
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Tue, 26 Nov 2024 16:48:06 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
04e81a7a60ea22d3041dee07aa3e25cc

Redirect headers

Location
https://leikovoleikamarada.com/link?z=7205185&var=null&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=12885
Non-Authoritative-Reason
HttpsUpgrades
sftouch
taiwoudoastuph.net/ 		43 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taiwoudoastuph.net/sftouch?userId=04812083ae5f487ce510a167b450e76e&z=7205186&p_rid=4ffc9ffd-da27-460e-99bf-0b73186498ae&p_src=sf&branchId=0&rb=LmO7wRWgZa074hi8hpHChCYeBoTws7gbQuFSriOVZMPKwYeudjIEv9Q3nvlVdGF8iLaIvft1E-lFOUWXIO6c3Sk2_ymMfN_TapkH6vwmAENfZMEalE6DPUi_EtF-uM9F1GD8r6PhHqDfp5PgvrBSUftmlMe6ItVoO-cP9lPmp7CPZV3JPZrXyVQpu7sOl3UWUAJB_lvD42tekjkYFtDVbpu44-CI3OwZR5GHZKWVeR5gKzQTGborIfiOGBE7sVtFNKQysG5sW-U0M6LrMXfmmFQmxd5XC1egNGTIBteuedXpaY1rHWCaFziuSIAj8idg-_oyRXUGoCK2PbK2&w_img=1
Requested by
Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var=null&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=12885
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://leikovoleikamarada.com/

Response headers

access-control-max-age
86400
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 16:48:08 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
de3cdaf238642d558911452642a9e5d2
cf-ray
8e8b5d42ccf49fee-AMS
access-control-allow-origin
*
content-length
43
server
cloudflare
add
leikovoleikamarada.com/log/ 		12 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leikovoleikamarada.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=4ffc9ffd-da27-460e-99bf-0b73186498ae
Requested by
Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var=null&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=12885
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://leikovoleikamarada.com/link?z=7205185&var=null&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=12885

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
access-control-allow-origin
https://leikovoleikamarada.com
content-length
12
date
Tue, 26 Nov 2024 16:48:08 GMT
content-type
application/json; charset=utf-8
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
img.gif
my.rtmark.net/ 		43 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=04812083ae5f487ce510a167b450e76e&z=7205186&p_rid=4ffc9ffd-da27-460e-99bf-0b73186498ae&p_src=sf
Requested by
Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var=null&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=12885
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://leikovoleikamarada.com/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RAv%2F4WwVJzY%2BK%2FVC77yHUZWzZw4Q90jBml0Gvuw4syXVJ9HGpRE178crRfEHNBCGvbGPSxexA2GhZK3nUY0H1LEBRy2P2mKrzbQp%2BkKLCtLU5TQPKZtbSVn0YEFyy8pj"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17254&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4137&recv_bytes=4487&delivery_rate=20590&cwnd=12000&unsent_bytes=0&cid=61d8c7153d7c86a5&ts=144&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 16:48:08 GMT
content-type
image/gif
priority
u=1,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8e8b5d4498b506c0-AMS
access-control-allow-origin
*
content-length
43
server
cloudflare
add
leikovoleikamarada.com/async_log/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leikovoleikamarada.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=4ffc9ffd-da27-460e-99bf-0b73186498ae
Requested by
Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var=null&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=12885
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://leikovoleikamarada.com/link?z=7205185&var=null&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=12885

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
access-control-allow-origin
https://leikovoleikamarada.com
content-length
0
date
Tue, 26 Nov 2024 16:48:08 GMT
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
favicon.ico
leikovoleikamarada.com/ 		0
150 B 		Other
General
Check archive.org
Download Go to
Full URL
https://leikovoleikamarada.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://leikovoleikamarada.com/link?z=7205185&var=null&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=12885

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
date
Tue, 26 Nov 2024 16:48:08 GMT
pragma
public
server
nginx
6118780
taiwoudoastuph.net/4/
Redirect Chain
  • https://taiwoudoastuph.net/?z=7205186&syncedCookie=true&rhd=false
  • https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x
31 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abaa1a17959a0a961c925a50c1e67c1d666ef4863ad2debdfe5952011d656d1f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://leikovoleikamarada.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8e8b5d4a5af91c86-AMS
content-encoding
gzip
content-type
text/html; charset=utf8
date
Tue, 26 Nov 2024 16:48:09 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
1523815b1353a6cd834b9721c3e9cbd7

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://leikovoleikamarada.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8e8b5d464cbb1c86-AMS
content-length
0
date
Tue, 26 Nov 2024 16:48:08 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://taiwoudoastuph.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x
pragma
no-cache
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
ae0bc77b8551f9b15beb7d0eefe9bfc0
favicon.ico
leikovoleikamarada.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://leikovoleikamarada.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://leikovoleikamarada.com/afu.php?zoneid=7205186&var=7205186&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
date
Tue, 26 Nov 2024 16:48:08 GMT
pragma
public
server
nginx
add
taiwoudoastuph.net/log/ 		0
0
img.gif
my.rtmark.net/ 		0
0
img.gif
my.rtmark.net/ 		43 B
877 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=0081208f81544913fdd4492ee0a0ee16&z=6118780&p_rid=c2101023-93ca-451e-b806-821213773088&p_src=sf
Requested by
Host: taiwoudoastuph.net
URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://taiwoudoastuph.net/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BOeWqo98c5%2FQ46LJdMFdrfbm70PU4sJARsgUWWO%2BWEQ5en1pilvD0zvK4KuAbFKkG5PNbfoPlFuxZGn%2BjOKnki5rEXiCwE37ZBt4m5tendJIHR1A%2BsEr4laLMuLB1R7K"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23082&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4143&recv_bytes=4523&delivery_rate=549&cwnd=12000&unsent_bytes=0&cid=8f6fa81afe97582c&ts=169&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 16:48:10 GMT
content-type
image/gif
priority
u=4,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8e8b5d511b6b9ff9-AMS
access-control-allow-origin
https://taiwoudoastuph.net
content-length
43
server
cloudflare
Primary Request red_u_plain.php
clcktrck.com/nl/s/
Redirect Chain
  • https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false
  • https://www.share365.net/vip/rds/nl?subId=885317629978616122&country=NL&campaignid=8543943
  • https://www.rewardany.com/store/transportbedrijfbakker-nl-cpc?pubId=10449&subId=885317629978616122&country=NL&campaignid=8543943
  • https://clcktrck.com/nl/s/red_u_plain.php?uid=340068843&t=direct&s=22207&pub=10449&d=transportbedrijfbakker.nl
568 B
734 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clcktrck.com/nl/s/red_u_plain.php?uid=340068843&t=direct&s=22207&pub=10449&d=transportbedrijfbakker.nl
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.73.249.248 -, , ASN (),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
62fa36077c43badd9b70ddedd8a29f50d6c2a009d52a35a0a4e4c0655bd89000

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://taiwoudoastuph.net
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
568
Content-Type
text/html
Date
Tue, 26 Nov 2024 16:48:12 GMT
Server
nginx/1.24.0 (Ubuntu)

Redirect headers

content-length
0
date
Tue, 26 Nov 2024 16:48:12 GMT
location
https://clcktrck.com/nl/s/red_u_plain.php?uid=340068843&t=direct&s=22207&pub=10449&d=transportbedrijfbakker.nl
server
nginx/1.18.0 (Ubuntu)
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sftouch
taiwoudoastuph.net/ 		43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taiwoudoastuph.net/sftouch?userId=0081208f81544913fdd4492ee0a0ee16&z=6118780&p_rid=c2101023-93ca-451e-b806-821213773088&p_src=sf&branchId=0&rb=wnnDh23q2csQvpLegYbBosE_TVfd1wxEiTae-ooekU2fS7CHJfiW7IB-BgE1fI7qnePx8mXTx-3aqbFpbiCUNcwe2FdYLBCQbg8WQvqi0wMLlE4rzn5PbW2LS38Pwf2_k0dV5pYzwkETeSICqSwE7EM1txi5iLt8gkiXj_sweiFSUgtlwa0AE8FyFts-CI58vg8T7pHTmBiryiw-PUiXnm3jGxTLCogqrM4uBhWTtJ9__YptwgS9O7qcHFgc7eNLKv-bx4A7mvZm6PpZFZjc1v0w7J2Dl7EzWYLyXhM0v380B1GjeaL17A==&w_img=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x

Response headers

access-control-max-age
86400
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 16:48:10 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
163605900f0773ac3dd30521a5c349d7
cf-ray
8e8b5d511bc50baa-AMS
access-control-allow-origin
*
content-length
43
server
cloudflare
add
taiwoudoastuph.net/async_log/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://taiwoudoastuph.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=c2101023-93ca-451e-b806-821213773088
Requested by
Host: taiwoudoastuph.net
URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://taiwoudoastuph.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
cf-ray
8e8b5d511bc80baa-AMS
access-control-allow-origin
https://taiwoudoastuph.net
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 26 Nov 2024 16:48:10 GMT
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
favicon.ico
clcktrck.com/ 		0
246 B 		Other
General
Check archive.org
Download Go to
Full URL
https://clcktrck.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.73.249.248 -, , ASN (),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://clcktrck.com/nl/s/red_u_plain.php?uid=340068843&t=direct&s=22207&pub=10449&d=transportbedrijfbakker.nl

Response headers

ETag
"645a16d2-0"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Date
Tue, 26 Nov 2024 16:48:13 GMT
Content-Type
image/x-icon
Last-Modified
Tue, 09 May 2023 09:48:02 GMT
Server
nginx/1.24.0 (Ubuntu)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.google.com
URL
https://ads.google.com/
Domain
taiwoudoastuph.net
URL
https://taiwoudoastuph.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=c2101023-93ca-451e-b806-821213773088
Domain
my.rtmark.net
URL
https://my.rtmark.net/img.gif?f=merge&userId=0081208f81544913fdd4492ee0a0ee16&z=6118780&p_rid=c2101023-93ca-451e-b806-821213773088&p_src=sf

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| onLazyPixel object| _nvksp5rgq function| nvksp5rgq object| __ds3dcv__

7 Cookies

Domain/Path Name / Value
leikovoleikamarada.com/ Name: OAID
Value: 04812083ae5f487ce510a167b450e76e
leikovoleikamarada.com/ Name: oaidts
Value: 1732639684
leikovoleikamarada.com/ Name: phpckd7205185
Value: true
leikovoleikamarada.com/ Name: allcnt
Value: 1
my.rtmark.net/ Name: ID
Value: 04812083ae5f487ce510a167b450e76e
taiwoudoastuph.net/ Name: OAID
Value: 0081208f81544913fdd4492ee0a0ee16
taiwoudoastuph.net/ Name: oaidts
Value: 1732639688

7 Console Messages

Source Level URL
Text
rendering warning URL: https://28874465-24580-ex.alumniterist.com/jCZHCYI3OA_mZtczvVvCLCBNmtkRvoHRdqsEM5iVH5hHYpzA8NtX8JzcAYVmfYDKw40EK6R3g_m9euuzHOKnYBWKmKKluL6KcAQfS79OKYtlleLAnkF2VhjaJg3zRA?kws=dvaj%2Conly%2Cnude%2Cmodel%2Caoi%2Ctsukasa%2Cjav%2Cquick&abl=0&fsb=0&pageUri=https%3A%2F%2Fjavquick.com%...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=0
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0E01C0074210000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=7205185&axcusid1={hostid}&clid={ymid}&r=http%3A%2F%2Fleikovoleikamarada.com%2Flink%3Fz%3D7205185%26var%3D%7Bhostid%7D%26acb%3Dproxy-smart-link&axcusid2=&axadvid=0&axcamid=12885
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0E01C0074210000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://leikovoleikamarada.com/link?z=7205185&var=null&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=12885
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0E01C0074210000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://leikovoleikamarada.com/afu.php?zoneid=7205186&var=7205186&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0C0720874210000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Europe/Amsterdam&bto=-60&bar=x(Line 81)
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0E01C0074210000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://taiwoudoastuph.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0101D0074210000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://clcktrck.com/nl/s/red_u_plain.php?uid=340068843&t=direct&s=22207&pub=10449&d=transportbedrijfbakker.nl
Message:
Failed to load resource: the server responded with a status of 502 (Bad Gateway)