zring.jukminung.com Open in urlscan Pro
2606:4700:3032::6815:1cae Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html#5NRMQUXSNG6K.5NRMQUXSNG6K?d4DLLCcc9rhdcx8Fmcdc8VcBc66ZVjhVzcbbb4G
Effective URL:
https://zring.jukminung.com/rc/22e841bd3c?affclick=22101612_01_371812_011c258ae92ac&pubid=a371812s&affe=rdmfl
Submission: On October 16 via manual (October 16th 2022, 10:18:11 am UTC) from PL — Scanned from DE

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 5 countries across 11 domains to perform 30 HTTP transactions. The main IP is 2606:4700:3032::6815:1cae, located in United States and belongs to CLOUDFLARENET, US. The main domain is zring.jukminung.com.
TLS certificate: Issued by E1 on September 19th 2022. Valid for: 3 months.

This is the only time zring.jukminung.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a00:1450:400... 2a00:1450:4001:811::2010	15169 (GOOGLE) (GOOGLE)
1 1	190.92.179.145 190.92.179.145	55293 (A2HOSTING) (A2HOSTING)
1	103.94.27.139 103.94.27.139	136375 (CHLTECH-A...) (CHLTECH-AS Chl Technology)
7	2606:4700:303... 2606:4700:3032::6815:1cae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3033::6815:1446	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	65.60.58.179 65.60.58.179	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
6 9	51.68.85.158 51.68.85.158	16276 (OVH) (OVH)
2 2	34.141.137.168 34.141.137.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	8

1 2a00:1450:4001:811::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 190.92.179.145 (United States) 1 redirects

ASN55293 (A2HOSTING, US)
PTR: rivers.goodimpressionsteps.org.uk

weatherthisday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.94.27.139 (India)

ASN136375 (CHLTECH-AS Chl Technology, IN)
PTR: tlews.prompany.com

freebirdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3032::6815:1cae (United States)

ASN13335 (CLOUDFLARENET, US)

lynku.jukminung.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zring.jukminung.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3033::6815:1446 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.addlnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 65.60.58.179 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

otto.sherlowcke.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 51.68.85.158 (France) 6 redirects

ASN16276 (OVH, FR)

www.wewillserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.141.137.168 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.137.141.34.bc.googleusercontent.com

admoustache.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

myofferplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.bl-easycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	wewillserv.com 6 redirects www.wewillserv.com	18 KB
9	sherlowcke.com otto.sherlowcke.com	21 KB
7	jukminung.com lynku.jukminung.com zring.jukminung.com	48 KB
4	addlnk.com cdn.addlnk.com — Cisco Umbrella Rank: 400192	4 KB
2	myofferplus.com myofferplus.com — Cisco Umbrella Rank: 745624	3 KB
2	go2affise.com 2 redirects admoustache.go2affise.com — Cisco Umbrella Rank: 591801	421 B
1	bl-easycdn.com t.bl-easycdn.com	9 KB
1	freebirdnet.com freebirdnet.com	450 B
1	weatherthisday.com 1 redirects weatherthisday.com	273 B
1	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 403	695 B
0	99deals.cyou Failed 99deals.cyou Failed
30	11

	Domain	Requested by
9	www.wewillserv.com	6 redirects otto.sherlowcke.com
9	otto.sherlowcke.com	lynku.jukminung.com otto.sherlowcke.com myofferplus.com
4	zring.jukminung.com	t.bl-easycdn.com storage.googleapis.com zring.jukminung.com
4	cdn.addlnk.com	lynku.jukminung.com myofferplus.com zring.jukminung.com
3	lynku.jukminung.com	freebirdnet.com storage.googleapis.com lynku.jukminung.com
2	myofferplus.com	www.wewillserv.com
2	admoustache.go2affise.com	2 redirects
1	t.bl-easycdn.com	www.wewillserv.com
1	freebirdnet.com	storage.googleapis.com
1	weatherthisday.com	1 redirects
1	storage.googleapis.com
0	99deals.cyou Failed	zring.jukminung.com
30	12

This site contains no links.

Subject Issuer	Validity	Valid
storage.googleapis.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
freebirdnet.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-12` - `2023-05-12`	a year	crt.sh
*.jukminung.com E1	`2022-09-19` - `2022-12-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-15` - `2023-05-15`	a year	crt.sh
otto.sherlowcke.com R3	`2022-09-13` - `2022-12-12`	3 months	crt.sh
www.wewillserv.com R3	`2022-10-09` - `2023-01-07`	3 months	crt.sh

This page contains 3 frames:

Frame: https://99deals.cyou/clk/NmdRdEcxOXJqaTJWclFybjlLZWxkd2trS0JpdU9QOFU0QWczMjh5U00rOD0?uc=pubc340d5cab67447acb3e44f1f0b5dcdab&tsid=8a71a381
Frame ID: 81C87072F365322D7CA3B232EACEE7DB
Requests: 24 HTTP requests in this frame

Frame: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665907200
Frame ID: E97EBF0E703CC0C1B28CFDBF4995986C
Requests: 3 HTTP requests in this frame

Frame: https://zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665907200
Frame ID: 1F5883D406825107133FE0C98F4B9A3A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html Page URL
http://weatherthisday.com/anchor5NRMQUXSNG6K.5NRMQUXSNG6K?d4DLLCcc9rhdcx8Fmcdc8VcBc66ZVjhVzcbbb4G HTTP 302
https://freebirdnet.com/1764309711a30760000/2_719024_2611137/1555_4253654_3872123_31/567742012_217-6... Page URL
https://lynku.jukminung.com/rc/9e8aef8068?affclick=1294434044&pubid=690391 Page URL
https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream... Page URL
https://otto.sherlowcke.com/?utm_term=7155052483042082819&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
https://otto.sherlowcke.com/proc.php?71f687afa7d3298042593289b79ac9703ddd2a34 Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052483042082819&website... Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052483042082819&website... HTTP 302
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052483042082819&website... HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000ce59346c9c2b143a8cf4c40c074... HTTP 302
https://myofferplus.com/rc/a91581ead4?affclick=634bda5336d2470001539b58&pubid=503 Page URL
https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream... Page URL
https://otto.sherlowcke.com/?utm_term=7155052487337050160&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
https://otto.sherlowcke.com/proc.php?109bf9affa4a6b17895f4fd73ea6100939bb3203 Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website... Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website... HTTP 302
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website... HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000f14e988f729055bd45b53f464aa... HTTP 302
https://myofferplus.com/rc/a91581ead4?affclick=634bda54855b9f00010798a8&pubid=503 Page URL
https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream... Page URL
https://otto.sherlowcke.com/?utm_term=7155052487337050160&ver=4viyaptcjo&c=1&utm_content=fdc2c69a9cafac9... Page URL
https://otto.sherlowcke.com/proc.php?5af339be20e388e542808bf78178b7175990978a Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website... Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website... HTTP 302
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website... HTTP 302
https://t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=c53c8247fbc9da4a1897aa6c4... Page URL
https://zring.jukminung.com/rc/22e841bd3c?affclick=22101612_01_371812_011c258ae92ac&pubid=a371812s&affe=... Page URL

Page Statistics

30
Requests

93 %
HTTPS

44 %
IPv6

11
Domains

12
Subdomains

8
IPs

5
Countries

101 kB
Transfer

222 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html Page URL
http://weatherthisday.com/anchor5NRMQUXSNG6K.5NRMQUXSNG6K?d4DLLCcc9rhdcx8Fmcdc8VcBc66ZVjhVzcbbb4G HTTP 302
https://freebirdnet.com/1764309711a30760000/2_719024_2611137/1555_4253654_3872123_31/567742012_217-64-151-29 Page URL
https://lynku.jukminung.com/rc/9e8aef8068?affclick=1294434044&pubid=690391 Page URL
https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=0441a9aa&cid=pubeed08cd04423436f971c89aef03ecc90&2=690391 Page URL
https://otto.sherlowcke.com/?utm_term=7155052483042082819&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d Page URL
https://otto.sherlowcke.com/proc.php?71f687afa7d3298042593289b79ac9703ddd2a34 Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052483042082819&website=13260-ba0efb09-611c524e&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9e Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052483042082819&website=13260-ba0efb09-611c524e&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9e&eyeg=6b0fa0010c9fd19a35f69feec150ba32&eyer=0.7388397787363679&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052483042082819&website=13260-ba0efb09-611c524e&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9e&eyeg=3&eyer=0.7388397787363679&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000ce59346c9c2b143a8cf4c40c074cd0171016-202210-flb*5467509-4538f*M7155052483042082819*sl_5467509-4538f*6bc490eb58e850645657343ee006917cd5d2bce7*13260-ba0efb09-611c524e*13260 HTTP 302
https://myofferplus.com/rc/a91581ead4?affclick=634bda5336d2470001539b58&pubid=503 Page URL
https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=f31e77b4&cid=pub4335d7641b414e329d3ef97c4b1aa234&2=503 Page URL
https://otto.sherlowcke.com/?utm_term=7155052487337050160&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d Page URL
https://otto.sherlowcke.com/proc.php?109bf9affa4a6b17895f4fd73ea6100939bb3203 Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website=13260-e8537fa9-1cf44765&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website=13260-e8537fa9-1cf44765&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=f42a5b238a6b9c9cf70e8d8e93d1fe9d&eyer=0.8678280631070823&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website=13260-e8537fa9-1cf44765&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=3&eyer=0.8678280631070823&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000f14e988f729055bd45b53f464aa210d01016-202210-flb*5467509-4538f*M7155052487337050160*sl_5467509-4538f*98c938e7da988e4ab2095b77722b25df98d57362*13260-e8537fa9-1cf44765*13260 HTTP 302
https://myofferplus.com/rc/a91581ead4?affclick=634bda54855b9f00010798a8&pubid=503 Page URL
https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=f31e77b4&cid=pub4335d7641b414e329d3ef97c4b1aa234&2=503 Page URL
https://otto.sherlowcke.com/?utm_term=7155052487337050160&ver=4viyaptcjo&c=1&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d Page URL
https://otto.sherlowcke.com/proc.php?5af339be20e388e542808bf78178b7175990978a Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website=13260-e8537fa9-1cf44765&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d Page URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website=13260-e8537fa9-1cf44765&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=2584b3e82f4c8bbf0e8f2c5d8c1d461d&eyer=0.7611636834997446&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website=13260-e8537fa9-1cf44765&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=3&eyer=0.7611636834997446&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
https://t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=c53c8247fbc9da4a1897aa6c42abb45f1016-202210-flb Page URL
https://zring.jukminung.com/rc/22e841bd3c?affclick=22101612_01_371812_011c258ae92ac&pubid=a371812s&affe=rdmfl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://weatherthisday.com/anchor5NRMQUXSNG6K.5NRMQUXSNG6K?d4DLLCcc9rhdcx8Fmcdc8VcBc66ZVjhVzcbbb4G HTTP 302
https://freebirdnet.com/1764309711a30760000/2_719024_2611137/1555_4253654_3872123_31/567742012_217-64-151-29

Request Chain 11

https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052483042082819&website=13260-ba0efb09-611c524e&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9e&eyeg=6b0fa0010c9fd19a35f69feec150ba32&eyer=0.7388397787363679&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052483042082819&website=13260-ba0efb09-611c524e&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9e&eyeg=3&eyer=0.7388397787363679&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000ce59346c9c2b143a8cf4c40c074cd0171016-202210-flb*5467509-4538f*M7155052483042082819*sl_5467509-4538f*6bc490eb58e850645657343ee006917cd5d2bce7*13260-ba0efb09-611c524e*13260 HTTP 302
https://myofferplus.com/rc/a91581ead4?affclick=634bda5336d2470001539b58&pubid=503

Request Chain 17

https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website=13260-e8537fa9-1cf44765&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=f42a5b238a6b9c9cf70e8d8e93d1fe9d&eyer=0.8678280631070823&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website=13260-e8537fa9-1cf44765&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=3&eyer=0.8678280631070823&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000f14e988f729055bd45b53f464aa210d01016-202210-flb*5467509-4538f*M7155052487337050160*sl_5467509-4538f*98c938e7da988e4ab2095b77722b25df98d57362*13260-e8537fa9-1cf44765*13260 HTTP 302
https://myofferplus.com/rc/a91581ead4?affclick=634bda54855b9f00010798a8&pubid=503

Request Chain 23

https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website=13260-e8537fa9-1cf44765&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=2584b3e82f4c8bbf0e8f2c5d8c1d461d&eyer=0.7611636834997446&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website=13260-e8537fa9-1cf44765&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=3&eyer=0.7611636834997446&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
https://t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=c53c8247fbc9da4a1897aa6c42abb45f1016-202210-flb

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 aemmfcylvxeo.html
storage.googleapis.com/hqyoqzatqthj/ 112 B
695 B 67ms
15ms Document
text/html 2a00:1450:4001:811::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-length: 112
content-type: text/html
date: Sun, 16 Oct 2022 10:01:07 GMT
etag: "5ea8dcbdee457e4eecc460e5573da042"
expires: Sun, 16 Oct 2022 11:01:07 GMT
last-modified: Thu, 14 Apr 2022 11:29:51 GMT
server: UploadServer
x-goog-generation: 1649935791079442
x-goog-hash: crc32c=m72cOA== md5=Xqjcve5Ffk7sxGDlVz2gQg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 112
x-guploader-uploadid: ADPycduw5v6C_EwVYRIeq9jEWNGyKTt-7GSXihHwl1XySL474YzTSMYWRxv8Tuj1_pcN7MWzR86QVU8-47duv39yIn_H49lxWLIr

GET
H/1.1

200
OK

567742012_217-64-151-29
freebirdnet.com/1764309711a30760000/2_719024_2611137/1555_4253654_3872123_31/
Redirect Chain

http://weatherthisday.com/anchor5NRMQUXSNG6K.5NRMQUXSNG6K?d4DLLCcc9rhdcx8Fmcdc8VcBc66ZVjhVzcbbb4G
https://freebirdnet.com/1764309711a30760000/2_719024_2611137/1555_4253654_3872123_31/567742012_217-64-151-29

137 B
450 B

2605ms
651ms

Document
text/html

103.94.27.139
CHLTECH-AS Chl Te...

General

Check archive.org

Show headers Download Go to

Full URL: https://freebirdnet.com/1764309711a30760000/2_719024_2611137/1555_4253654_3872123_31/567742012_217-64-151-29
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.94.27.139 , India, ASN136375 (CHLTECH-AS Chl Technology, IN),
Reverse DNS: tlews.prompany.com
Software: Apache /
Resource Hash

Request headers

Referer: https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html#5NRMQUXSNG6K.5NRMQUXSNG6K?d4DLLCcc9rhdcx8Fmcdc8VcBc66ZVjhVzcbbb4G
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Length: 137
Content-Type: text/html; charset=UTF-8
Date: Sun, 16 Oct 2022 10:17:53 GMT
Server: Apache

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sun, 16 Oct 2022 10:17:50 GMT
Location: https://freebirdnet.com/1764309711a30760000/2_719024_2611137/1555_4253654_3872123_31/567742012_217-64-151-29
Server: Apache

GET
H2 200 9e8aef8068 Show response
lynku.jukminung.com/rc/ 3 KB
2 KB 188ms
128ms Document
text/html 2606:4700:3032::6815:1cae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1294434044&pubid=690391
Requested by: Host: freebirdnet.com
URL: https://freebirdnet.com/1764309711a30760000/2_719024_2611137/1555_4253654_3872123_31/567742012_217-64-151-29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 232270322378ff5715ea4b13a165a3598acc073f468297fae2f6b3a7751f123e

Request headers

Referer: https://freebirdnet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75b00c230e6d92ab-FRA
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
date: Sun, 16 Oct 2022 10:17:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TolQBgZB%2FkLQSv32eRCPfM6aGkq4F%2BizwQk%2FSWj9P%2BbWJn0Z70SnCFqrdEZHuRqNJQx1LCwHkNeHrg55pFDA%2BW%2Bw5E557dV6Wbxstgu0EHG66CvyjjzPPEWspznLIktLRGZryp6nhtSB4sjcIXpWA%2FQ1"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Language, Cookie

GET
H2 200 redirect.css
cdn.addlnk.com/ 1 KB
1 KB 77ms
30ms Stylesheet
text/css 2606:4700:3033::6815:1446
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addlnk.com/redirect.css
Requested by: Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1294434044&pubid=690391
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:1446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 10:17:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: SK3KBGMKJ4YWWVBV
age: 5774
cf-polished: origSize=1680
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: eBDdEZo2g3ixnFPTboxVSgjMRQX3dQ63xWWEjrbl2vu0jkNe5fS7HtGt8F3jGl6QdU4QACxpR9I=
cf-bgj: minify
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
server: cloudflare
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urvcAqkX68NFSlkgjHpomdM4ygVPLkMHgbQSQPJH1hdigH4N6jucY3uFJFnHHOgVHL25gaZgQAfFAOcys71YGUow6Tbcdvhwg8mYUskq75wG7e8Xq%2Fv6KDfQ6E2%2B0Ep1LdWR1%2FMDLUC%2FZlDymg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 75b00c242b1390dc-FRA

GET
H2 200 invisible.js Show response
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame E97E 36 KB
13 KB 26ms
25ms Script
application/javascript 2606:4700:3032::6815:1cae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665907200
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6de055d3339fc8fd7b81e284114fafa3f379f1368e4ccad80c5ab53e7f5dc6f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 10:17:54 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUubsQ9yNXqpRIQJcBlTiuOd7jKy9Vt0FKtrymcdU%2Fq8yGBfND1RAq7yytCvDwV9vgY%2Bux29z%2Fl%2FA2OhAHShurgLXy7yshZtQ%2FZPtn%2FzG7syvagZKJDeZw050oisip9VgHAMnw%2FYfq4jZPfEn9zudlaK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75b00c24a93892ab-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame E97E 22 KB
8 KB 29ms
29ms Other
application/javascript 2606:4700:3032::6815:1cae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 10:17:54 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rf4y1vZQca8ivPD46orZixQ5mStbveS9GacYVaLZNaMy1oy4WkmVfZYYjvT0wYU0IBCSLTAGB3MwQRCR6RMBfcBtKmgXT7Pe%2FOC%2B1gQVn%2BKHiFNCBuCnhE4eJ4aVhJmcA5%2Fb8RWAVWDFuQoGW1qKGw9y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75b00c24d814916e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 /
otto.sherlowcke.com/ 3 KB
2 KB 359ms
117ms Document
text/html 65.60.58.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=0441a9aa&cid=pubeed08cd04423436f971c89aef03ecc90&2=690391

Requested by

Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1294434044&pubid=690391

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.1.9

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 16 Oct 2022 10:17:55 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://otto.sherlowcke.com/?utm_term=7155052483042082819&ver=4viyaptcjo
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.1.9

POST 75b00c230e6d92ab
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame E97E 0
0

GET
H2 200 / Show response
otto.sherlowcke.com/ 9 KB
3 KB 130ms
129ms Document
text/html 65.60.58.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://otto.sherlowcke.com/?utm_term=7155052483042082819&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d

Requested by

Host: otto.sherlowcke.com
URL: https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=0441a9aa&cid=pubeed08cd04423436f971c89aef03ecc90&2=690391

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.1.9

Resource Hash

5b446eaac78b7734562d9cf03d054ed732872491fae55df01cf61cbfcb3c570b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=0441a9aa&cid=pubeed08cd04423436f971c89aef03ecc90&2=690391
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 16 Oct 2022 10:17:55 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.1.9

GET
H2 200 proc.php
otto.sherlowcke.com/ 4 KB
2 KB 123ms
122ms Document
text/html 65.60.58.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://otto.sherlowcke.com/proc.php?71f687afa7d3298042593289b79ac9703ddd2a34

Requested by

Host: otto.sherlowcke.com
URL: https://otto.sherlowcke.com/?utm_term=7155052483042082819&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.1.9

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://otto.sherlowcke.com/?utm_term=7155052483042082819&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 16 Oct 2022 10:17:55 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052483042082819&website=13260-ba0efb09-611c524e&placement=13260
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.1.9

GET
H/1.1 200
OK /
www.wewillserv.com/ 5 KB
5 KB 93ms
19ms Document
text/html 51.68.85.158
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052483042082819&website=13260-ba0efb09-611c524e&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9e
Requested by: Host: otto.sherlowcke.com
URL: https://otto.sherlowcke.com/proc.php?71f687afa7d3298042593289b79ac9703ddd2a34
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.85.158 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://otto.sherlowcke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-transform
Connection: keep-alive
Content-Type: text/html
Date: Sun, 16 Oct 2022 10:17:55 GMT
Transfer-Encoding: chunked

GET
H2

200

a91581ead4 Show response
myofferplus.com/rc/
Redirect Chain

https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052483042082819&website=13260-ba0efb09-611c524e&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccb...
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052483042082819&website=13260-ba0efb09-611c524e&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccb...
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000ce59346c9c2b143a8cf4c40c074cd0171016-202210-flb*5467509-4538f*M7155052483042082819*sl_5467509-4538f*6bc490eb58e850...
https://myofferplus.com/rc/a91581ead4?affclick=634bda5336d2470001539b58&pubid=503

1 KB
1 KB

183ms
133ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://myofferplus.com/rc/a91581ead4?affclick=634bda5336d2470001539b58&pubid=503
Requested by: Host: www.wewillserv.com
URL: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052483042082819&website=13260-ba0efb09-611c524e&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab55aaeda467c5002ae01271fad06d268e451ba85d5e0a4d912ec3dd8377c7c2

Request headers

Referer: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052483042082819&website=13260-ba0efb09-611c524e&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75b00c2cc9aabbd7-FRA
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
date: Sun, 16 Oct 2022 10:17:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HK0E6rfWqgOaZAgm%2F1J03qH2RbhSnfsbssHVuPivzzHLCq7I7uHBzB05XgBceeUgTsFh4Gi2KyK%2Bw8Fcgu%2FCmVCQVWyx%2FtADMMdDZ7btb4ZLQzcSv37GuXxn670liTmDeYT78Ra%2BByJPvspapI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin: *
content-length: 0
date: Sun, 16 Oct 2022 10:17:55 GMT
location: https://myofferplus.com/rc/a91581ead4?affclick=634bda5336d2470001539b58&pubid=503
server: nginx

GET
H3 200 redirect.css
cdn.addlnk.com/ 1 KB
1 KB 67ms
47ms Stylesheet
text/css 2606:4700:3033::6815:1446
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addlnk.com/redirect.css
Requested by: Host: myofferplus.com
URL: https://myofferplus.com/rc/a91581ead4?affclick=634bda5336d2470001539b58&pubid=503
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:1446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 10:17:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: NG3WEQ5NJ4PQVZ4F
age: 432
cf-polished: origSize=1680
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: QxX22n6jD9gBrjBZ6ohlWbPu+une0ezSYrlZ/gpY7cQk926tnR/U/t0VdL75pShx4aODRqNqN5k=
cf-bgj: minify
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
server: cloudflare
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJcxFLT%2FJMVcgrxHP7ju4qo9mhgT7YTFTD%2Fhxp5BnJbdoItTQilO8JMbjGiWoxe4uJd3JbTY%2FxGAqe2zEUDoGUHn2ShyQ3MIVgmKk9hX4ZB06NDDr8XJowjVS5e90JM0jbhU2E1rvnw0arXerA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 75b00c2dcf0a9277-FRA

GET
H2 200 /
otto.sherlowcke.com/ 3 KB
2 KB 120ms
120ms Document
text/html 65.60.58.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=f31e77b4&cid=pub4335d7641b414e329d3ef97c4b1aa234&2=503

Requested by

Host: myofferplus.com
URL: https://myofferplus.com/rc/a91581ead4?affclick=634bda5336d2470001539b58&pubid=503

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.1.9

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 16 Oct 2022 10:17:56 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://otto.sherlowcke.com/?utm_term=7155052487337050160&ver=4viyaptcjo
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.1.9

GET
H2 200 / Show response
otto.sherlowcke.com/ 9 KB
3 KB 132ms
132ms Document
text/html 65.60.58.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://otto.sherlowcke.com/?utm_term=7155052487337050160&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d

Requested by

Host: otto.sherlowcke.com
URL: https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=f31e77b4&cid=pub4335d7641b414e329d3ef97c4b1aa234&2=503

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.1.9

Resource Hash

be1cf1de79f96756ee9501cf9fbd35e953a570139cfd35605cfc992efbd6257b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=f31e77b4&cid=pub4335d7641b414e329d3ef97c4b1aa234&2=503
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 16 Oct 2022 10:17:56 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.1.9

GET
H2 200 proc.php
otto.sherlowcke.com/ 4 KB
2 KB 127ms
127ms Document
text/html 65.60.58.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://otto.sherlowcke.com/proc.php?109bf9affa4a6b17895f4fd73ea6100939bb3203

Requested by

Host: otto.sherlowcke.com
URL: https://otto.sherlowcke.com/?utm_term=7155052487337050160&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.1.9

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://otto.sherlowcke.com/?utm_term=7155052487337050160&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 16 Oct 2022 10:17:56 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website=13260-e8537fa9-1cf44765&placement=13260
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.1.9

GET
H/1.1 200
OK /
www.wewillserv.com/ 5 KB
5 KB 22ms
21ms Document
text/html 51.68.85.158
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website=13260-e8537fa9-1cf44765&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Requested by: Host: otto.sherlowcke.com
URL: https://otto.sherlowcke.com/proc.php?109bf9affa4a6b17895f4fd73ea6100939bb3203
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.85.158 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://otto.sherlowcke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-transform
Connection: keep-alive
Content-Type: text/html
Date: Sun, 16 Oct 2022 10:17:56 GMT
Transfer-Encoding: chunked

GET
H3

200

a91581ead4 Show response
myofferplus.com/rc/
Redirect Chain

https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website=13260-e8537fa9-1cf44765&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccb...
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website=13260-e8537fa9-1cf44765&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccb...
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000f14e988f729055bd45b53f464aa210d01016-202210-flb*5467509-4538f*M7155052487337050160*sl_5467509-4538f*98c938e7da988e...
https://myofferplus.com/rc/a91581ead4?affclick=634bda54855b9f00010798a8&pubid=503

1 KB
1 KB

86ms
63ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://myofferplus.com/rc/a91581ead4?affclick=634bda54855b9f00010798a8&pubid=503
Requested by: Host: www.wewillserv.com
URL: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website=13260-e8537fa9-1cf44765&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b62090a7535ed867c55a917b35acc3ce1f98e85db06bb0493609d55edd6bc63d

Request headers

Referer: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website=13260-e8537fa9-1cf44765&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75b00c32d87a9202-FRA
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
date: Sun, 16 Oct 2022 10:17:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=foz5RXoQFp9im4amFuGbUe5oW%2BDcJwZtL9Q7C6muxGCF42QuNgzUeJi%2BbOidKPsSX8rBDkIf6WcWdTRcLrJtPrwqWASy%2BwLqMRFYJYJ2pSr07VD5CNOfuHAasiDhu6i9Gz4l1d7MxZcuQGZoNHA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin: *
content-length: 0
date: Sun, 16 Oct 2022 10:17:56 GMT
location: https://myofferplus.com/rc/a91581ead4?affclick=634bda54855b9f00010798a8&pubid=503
server: nginx

GET
H3 200 redirect.css
cdn.addlnk.com/ 1 KB
1009 B 28ms
27ms Stylesheet
text/css 2606:4700:3033::6815:1446
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addlnk.com/redirect.css
Requested by: Host: myofferplus.com
URL: https://myofferplus.com/rc/a91581ead4?affclick=634bda54855b9f00010798a8&pubid=503
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:1446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 10:17:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: NG3WEQ5NJ4PQVZ4F
age: 433
cf-polished: origSize=1680
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: QxX22n6jD9gBrjBZ6ohlWbPu+une0ezSYrlZ/gpY7cQk926tnR/U/t0VdL75pShx4aODRqNqN5k=
cf-bgj: minify
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
server: cloudflare
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpoCznghunxNTBryvUizStlMSByvCojva7Cm1i10HxdNhMA4PVaAoyAT%2Bq90as3YTfoc7jOcvi2x9PoJNTtxkaSFOZy51XvZDbe9cU2q%2BrwijMWnVMx3WksCjz0hStDIOv5zxVYS15buliSvbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 75b00c33488e9277-FRA

GET
H2 200 /
otto.sherlowcke.com/ 3 KB
2 KB 118ms
118ms Document
text/html 65.60.58.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=f31e77b4&cid=pub4335d7641b414e329d3ef97c4b1aa234&2=503

Requested by

Host: myofferplus.com
URL: https://myofferplus.com/rc/a91581ead4?affclick=634bda54855b9f00010798a8&pubid=503

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.1.9

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 16 Oct 2022 10:17:57 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://otto.sherlowcke.com/?utm_term=7155052487337050160&ver=4viyaptcjo&c=1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.1.9

GET
H2 200 / Show response
otto.sherlowcke.com/ 9 KB
3 KB 117ms
117ms Document
text/html 65.60.58.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://otto.sherlowcke.com/?utm_term=7155052487337050160&ver=4viyaptcjo&c=1&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d

Requested by

Host: otto.sherlowcke.com
URL: https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=f31e77b4&cid=pub4335d7641b414e329d3ef97c4b1aa234&2=503

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.1.9

Resource Hash

a7510b46770c3da01d844e68be4736eb7b6a42af6dad1aec38f57e3960ad6905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=f31e77b4&cid=pub4335d7641b414e329d3ef97c4b1aa234&2=503
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 16 Oct 2022 10:17:57 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.1.9

GET
H2 200 proc.php
otto.sherlowcke.com/ 4 KB
2 KB 118ms
117ms Document
text/html 65.60.58.179
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://otto.sherlowcke.com/proc.php?5af339be20e388e542808bf78178b7175990978a

Requested by

Host: otto.sherlowcke.com
URL: https://otto.sherlowcke.com/?utm_term=7155052487337050160&ver=4viyaptcjo&c=1&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.1.9

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://otto.sherlowcke.com/?utm_term=7155052487337050160&ver=4viyaptcjo&c=1&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 16 Oct 2022 10:17:57 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website=13260-e8537fa9-1cf44765&placement=13260
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.1.9

GET
H/1.1 200
OK /
www.wewillserv.com/ 5 KB
5 KB 18ms
18ms Document
text/html 51.68.85.158
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website=13260-e8537fa9-1cf44765&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Requested by: Host: otto.sherlowcke.com
URL: https://otto.sherlowcke.com/proc.php?5af339be20e388e542808bf78178b7175990978a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.85.158 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://otto.sherlowcke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-transform
Connection: keep-alive
Content-Type: text/html
Date: Sun, 16 Oct 2022 10:17:57 GMT
Transfer-Encoding: chunked

GET
H2

200

/ Show response
t.bl-easycdn.com/directclick/
Redirect Chain

https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website=13260-e8537fa9-1cf44765&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccb...
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website=13260-e8537fa9-1cf44765&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccb...
https://t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=c53c8247fbc9da4a1897aa6c42abb45f1016-202210-flb

25 KB
9 KB

223ms
172ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=c53c8247fbc9da4a1897aa6c42abb45f1016-202210-flb
Requested by: Host: www.wewillserv.com
URL: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website=13260-e8537fa9-1cf44765&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d717a72a69474d4c9faa5538508a124716bc561248b338c305e30b202e8e1a41

Request headers

Referer: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7155052487337050160&website=13260-e8537fa9-1cf44765&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75b00c382fbd9b63-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 16 Oct 2022 10:17:57 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atmQToU4TVBHDWrDYJqBxg7oqD5V8LpC8kWykX5yWERVz6xZsWFbUt5%2FgDS0qbRA2KydWj32gbApaa1qbIzg7nw1X%2Bw8vn8lpwPBqtFdz1hI5WckpuBRz%2FU3NyuavsuM1u8iSZK1XVQiibHo0G6r"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

Cache-Control: no-transform
Connection: keep-alive
Content-Length: 0
Date: Sun, 16 Oct 2022 10:17:57 GMT
Location: https://t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=c53c8247fbc9da4a1897aa6c42abb45f1016-202210-flb

GET
H2 200 Primary Request 22e841bd3c Show response
zring.jukminung.com/rc/ 3 KB
2 KB 145ms
133ms Document
text/html 2606:4700:3032::6815:1cae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zring.jukminung.com/rc/22e841bd3c?affclick=22101612_01_371812_011c258ae92ac&pubid=a371812s&affe=rdmfl
Requested by: Host: t.bl-easycdn.com
URL: https://t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=c53c8247fbc9da4a1897aa6c42abb45f1016-202210-flb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 730e1728e613747a9857a17968877f08e534451371d5c49745364df54d08b601

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75b00c397e5092ab-FRA
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
date: Sun, 16 Oct 2022 10:17:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPB3TwMYbWP5We%2B%2BDA8Xh0NYM112%2BLv%2FHUMaJJ4zL83SGNFKK%2FXstr7CaaDdN77RDCykJBSudkLy5hxpYVVqTRBUc59UbUntGjb%2FAMKnyABf7DAtj6XT4QijT4EBwpKYktbImu03ILYN%2FBJEmhW%2FKTcT"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Language, Cookie

GET
H3 200 redirect.css
cdn.addlnk.com/ 1 KB
1014 B 37ms
36ms Stylesheet
text/css 2606:4700:3033::6815:1446
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addlnk.com/redirect.css
Requested by: Host: zring.jukminung.com
URL: https://zring.jukminung.com/rc/22e841bd3c?affclick=22101612_01_371812_011c258ae92ac&pubid=a371812s&affe=rdmfl
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:1446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 10:17:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: NG3WEQ5NJ4PQVZ4F
age: 434
cf-polished: origSize=1680
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: QxX22n6jD9gBrjBZ6ohlWbPu+une0ezSYrlZ/gpY7cQk926tnR/U/t0VdL75pShx4aODRqNqN5k=
cf-bgj: minify
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
server: cloudflare
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjpbt3uE3nV1pewEQp9vF4INxc0EmDfFCciHorL%2BRf1MOIF0CiAws296eI0DqpcFHZSuOgNQS%2FyPar8ToxEPd%2BwJyOXmSAZ6wWAziUfRdU3syp%2BCBcDZjnFWHyAoLS6K8KktMzEf0G5YJslZWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 75b00c3a6db29277-FRA

GET
H3 200 invisible.js Show response
zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 1F58 38 KB
14 KB 48ms
47ms Script
application/javascript 2606:4700:3032::6815:1cae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665907200
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5762c0bc9f3ebfe0a0f8fc47c64f67d32770d90963bf1b2ee7d3057f05086dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 10:17:58 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vczVvY0rdt3%2F7q7JzBz3HB7s4L3Izx6xEtVJMqVvWIY8gkVxvh1TUt5iMe0hPPV5CTiFvu6lSUc1xrff2mWM%2B%2BQRsY8LFbLIUhDUMTbL5d1GEk0Re7I0cpdLkK6e%2FoRPg4VqZpT3JbWEf9EpkabyFjdu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75b00c3accc5916e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 1F58 26 KB
9 KB 24ms
23ms Other
application/javascript 2606:4700:3032::6815:1cae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 10:17:58 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cffpcVRHyki1dzXXUNMfs2aRBV3lNyS1%2Fg3UkdSKkytq54FsF9%2FXVNHwlYnFeGMAgiWtXLfr3Ybpa1NdfrFSUgJTFR1DSdhuTVxVGQ7OBHYMUJ6%2FVhxY2EjYX90%2FRjecMpMpHGr39vvPjpfw273%2BLhA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75b00c3b4e0c916e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET NmdRdEcxOXJqaTJWclFybjlLZWxkd2trS0JpdU9QOFU0QWczMjh5U00rOD0
99deals.cyou/clk/ 0
0

POST
H3 200 75b00c397e5092ab
zring.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 1F58 2 B
659 B 41ms
41ms XHR
text/plain 2606:4700:3032::6815:1cae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zring.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/75b00c397e5092ab
Requested by: Host: zring.jukminung.com
URL: https://zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665907200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 16 Oct 2022 10:17:58 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxPImJfgUobL5IzzbQtw2T6hSOxAswyj7Vu0%2F01SYYd%2BvI5Zr5vS7hZD10r0vOTnc19AAkJv9hV6okgCXkmeTyQ4L8uwAhUNboUSNpj%2BUFJdsqt%2BZq5ZycZL5TiYps7SUaHarzdxAIyDXSNwZlb1H1Et"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 75b00c3d8bda916e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lynku.jukminung.com
URL: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/75b00c230e6d92ab

Domain: 99deals.cyou
URL: https://99deals.cyou/clk/NmdRdEcxOXJqaTJWclFybjlLZWxkd2trS0JpdU9QOFU0QWczMjh5U00rOD0?uc=pubc340d5cab67447acb3e44f1f0b5dcdab&tsid=8a71a381

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
freebirdnet.com/	1970-01-20 07:28:27	Name: uid15295 Value: 1294434044-20221016061753-33fc7afdeef159f03cc5cee21d743cd4-
lynku.jukminung.com/	1970-01-20 06:55:20	Name: AWSALB Value: N/VOaqLe28DK8hGEi7YxJXRZ9VbpLraE4H1baBRYyf5VS2zS9x8vBemUlUq8tHfOgU+nWM1Xh7/YmoBtk5ZATwcBOIa2cTIF/VJt8rBDI/9+C1CDmBXYbVBFiIj2
otto.sherlowcke.com/	1970-01-20 15:30:51	Name: u Value: 02936ea60f2ec1e3d7f4731cb89704fa
admoustache.go2affise.com/	1970-01-20 15:30:51	Name: afclick Value: 634bda54855b9f00010798a8
myofferplus.com/	1970-01-20 06:55:20	Name: AWSALB Value: 0Sv+6xeSvq/F0K8wT76tUBENfkiFD5mlfUsO6xBq4QMcYr+TZG7AR655G/HtODHxv7479LxrSwz0xci/83/C1508x9SrxXwKap9g9gn+Mgoam51fC7XiuPF30dk9
.bl-easycdn.com/	1970-01-20 15:30:51	Name: checkkeks Value: 1
.bl-easycdn.com/	1970-01-20 06:46:41	Name: eTag Value: 626184e11eae7dc17e5005102afcfe6b
.bl-easycdn.com/	1970-01-20 15:30:51	Name: ck_uniques Value: 1666001876%3A24589-115227
.bl-easycdn.com/	1970-01-20 15:30:51	Name: ck_uniquesPa Value: 1666001876%3A89322
.bl-easycdn.com/	1970-01-20 06:46:41	Name: ck_sys_uniques_3 Value: 1
.bl-easycdn.com/	1970-01-20 06:46:41	Name: u_current_ads_view Value: 89322----
zring.jukminung.com/	1970-01-20 06:55:20	Name: AWSALB Value: 1Lo7TyCYRe6cxLcc19Yq9iz+qiET2f92ZAHAT04Snaepj+Xjkxzpkmj8JpRFeihBJ5vMW4aCJ0i3U4X8UwD2P5IPz2dkSEoqadGzJESaoiCRQvvrChonmJhkQRcB
.jukminung.com/	1970-01-20 06:45:17	Name: __cf_bm Value: Q_y9ZKt9zjS3Gpf3MJoyOsjVjSQErVc71PuGRXYDx1Q-1665915478-0-AT992aDGDbibk9BC7i8HbvOaEaRgCheidkWGOnPGe8gBMXEHzNUQyJ1Mbly+hWJJEN7z4H0IeWBsU1418LsP98TbgziaEFChPGO/VvrjIOsm5LhMx17T1HvIHHrrCSsDUw==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

99deals.cyou
admoustache.go2affise.com
cdn.addlnk.com
freebirdnet.com
lynku.jukminung.com
myofferplus.com
otto.sherlowcke.com
storage.googleapis.com
t.bl-easycdn.com
weatherthisday.com
www.wewillserv.com
zring.jukminung.com
99deals.cyou
lynku.jukminung.com
103.94.27.139
190.92.179.145
2606:4700:3032::6815:1cae
2606:4700:3033::6815:1446
2a00:1450:4001:811::2010
2a06:98c1:3121::3
34.141.137.168
51.68.85.158
65.60.58.179
232270322378ff5715ea4b13a165a3598acc073f468297fae2f6b3a7751f123e
5b446eaac78b7734562d9cf03d054ed732872491fae55df01cf61cbfcb3c570b
6de055d3339fc8fd7b81e284114fafa3f379f1368e4ccad80c5ab53e7f5dc6f1
730e1728e613747a9857a17968877f08e534451371d5c49745364df54d08b601
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
a5762c0bc9f3ebfe0a0f8fc47c64f67d32770d90963bf1b2ee7d3057f05086dc
a7510b46770c3da01d844e68be4736eb7b6a42af6dad1aec38f57e3960ad6905
ab55aaeda467c5002ae01271fad06d268e451ba85d5e0a4d912ec3dd8377c7c2
b62090a7535ed867c55a917b35acc3ce1f98e85db06bb0493609d55edd6bc63d
be1cf1de79f96756ee9501cf9fbd35e953a570139cfd35605cfc992efbd6257b
d717a72a69474d4c9faa5538508a124716bc561248b338c305e30b202e8e1a41

zring.jukminung.com Open in urlscan Pro 2606:4700:3032::6815:1cae Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

30 Requests

93 %HTTPS

44 %IPv6

11 Domains

12 Subdomains

8 IPs

5 Countries

101 kBTransfer

222 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

zring.jukminung.com Open in urlscan Pro
2606:4700:3032::6815:1cae Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

93 %
HTTPS

44 %
IPv6

11
Domains

12
Subdomains

8
IPs

5
Countries

101 kB
Transfer

222 kB
Size

13
Cookies

30 HTTP transactions
0 data transactions