urlscan.io logo urlscan.io
SecurityTrails logo

sc2.darfilms.com Open in urlscan Pro
2606:4700:3036::681b:a1db  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mixupabc.com/d/2960?nsid=105977&partner_subid=&referer=&inif=n&params=6|8|24|24|1|0|1367|863|16|27|-8|-7|Amer...
Effective URL: https://sc2.darfilms.com/?utm_source=c3ef90752b0411a1&a_token=33d531022bfd0cd7bd61abde971c5938dcb51e65&a_click_id=AGKv918...
Submission: On January 08 via manual from RO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 13 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3036::681b:a1db, located in United States and belongs to CLOUDFLARENET, US. The main domain is sc2.darfilms.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 29th 2020. Valid for: a year.
This is the only time sc2.darfilms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 204.155.145.103 40824 (WZCOM-)
1 1 162.209.115.23 27357 (RACKSPACE)
1 3 173.236.118.99 32475 (SINGLEHOP...)
1 1 172.67.183.40 13335 (CLOUDFLAR...)
2 2 198.134.116.30 27257 (WEBAIR-IN...)
2 2 51.83.143.92 16276 (OVH)
2 2 37.187.163.175 16276 (OVH)
2 212.32.250.3 60781 (LEASEWEB-...)
1 3 188.72.236.136 35415 (WEBZILLA)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 188.72.236.132 35415 (WEBZILLA)
11 5
1    204.155.145.103 (Dallas, United States)

ASN40824 (WZCOM-, US)
PTR: proven.masterliberty.com
mixupabc.com
1    162.209.115.23 (San Antonio, United States)

ASN27357 (RACKSPACE, US)
track.clickeoads.com
3    173.236.118.99 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
convertions.clickeoadstrack.xyz
1    172.67.183.40 (United States)

ASN13335 (CLOUDFLARENET, US)
tracking.armorads.com
2    198.134.116.30 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)
go.whiteanemone.xyz
go.winterseas.xyz
2    51.83.143.92 (Poland)

ASN16276 (OVH, FR)
PTR: ns3155458.ip-51-83-143.eu
guay.labtrffc.com
2    37.187.163.175 (France)

ASN16276 (OVH, FR)
PTR: ns377301.ip-37-187-163.eu
track3.trackthetides.club
2    212.32.250.3 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
maroola.aditms.me
3    188.72.236.136 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: 1f2-12-d2456-136.webazilla.com
xsoftwarexexpertx.com
bests0luti0n.com
3    2606:4700:3036::681b:a1db (United States)

ASN13335 (CLOUDFLARENET, US)
sc2.darfilms.com
2    188.72.236.132 (Netherlands)

ASN35415 (WEBZILLA, NL)
jyv-24.com
Domain Requested by
3 sc2.darfilms.com sc2.darfilms.com
3 convertions.clickeoadstrack.xyz 1 redirects convertions.clickeoadstrack.xyz
2 jyv-24.com sc2.darfilms.com
2 bests0luti0n.com sc2.darfilms.com
2 maroola.aditms.me convertions.clickeoadstrack.xyz
2 track3.trackthetides.club 2 redirects
2 guay.labtrffc.com 2 redirects
1 xsoftwarexexpertx.com 1 redirects
1 go.winterseas.xyz 1 redirects
1 go.whiteanemone.xyz 1 redirects
1 tracking.armorads.com 1 redirects
1 track.clickeoads.com 1 redirects
1 mixupabc.com 1 redirects
11 13

This site contains no links.

Subject Issuer Validity Valid
convertions.clickeoadstrack.xyz
Let's Encrypt Authority X3		 2020-11-28 -
2021-02-26		 3 months crt.sh
maroola.aditms.me
Go Daddy Secure Certificate Authority - G2		 2020-06-15 -
2021-06-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-29 -
2021-08-29		 a year crt.sh
bests0luti0n.com
Let's Encrypt Authority X3		 2020-11-27 -
2021-02-25		 3 months crt.sh
jyv-24.com
R3		 2021-01-01 -
2021-04-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://sc2.darfilms.com/?utm_source=c3ef90752b0411a1&a_token=33d531022bfd0cd7bd61abde971c5938dcb51e65&a_click_id=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&aff_sub=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&a_tb=https%3A%2F%2Fbests0luti0n.com%2Fb%3Ftoken%3Dbf14645cd4bb28c6d72d60924dec0d1643712b9c%26c%3DAGKv918zqQQA2CUCAERLFgAMAMQkDV8A
Frame ID: 597D897E748396B5438DA2FE8C4B2D10
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://mixupabc.com/d/2960?nsid=105977&partner_subid=&referer=&inif=n&params=6|8|24|24|1|0|1367|... HTTP 302
    https://track.clickeoads.com/310128821?sub1=1610067806752324-3pCFlx-2960-12954&sub2=MTA1OTc3_3359_2960&is... HTTP 307
    https://convertions.clickeoadstrack.xyz/?utm_medium=0e215cac066361c0da35367d7773af9052a0df59&utm_campaign=All0116&ci... Page URL
  2. https://convertions.clickeoadstrack.xyz/?utm_term=6915188579719184563&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
  3. https://convertions.clickeoadstrack.xyz/proc.php?54ed176da8a24833a4ad7531e405f4a279a43521 HTTP 302
    http://tracking.armorads.com/sl?id=5faa890a127bd6bcbd27203b&pid=4&sub1=M6915188579719184563&sub2=15688&su... HTTP 302
    https://go.whiteanemone.xyz/redirect?feed=276309&auth=ebuQy0&url=http%3A%2F%2Fcryptocore.xyz&pub_clickid... HTTP 302
    https://guay.labtrffc.com/l.php?p=c:l312xvi_932jkpeqt&d=5fe36418910f697781101d52&s=276309&d2=cryptocor... HTTP 302
    https://track3.trackthetides.club/l.php?p=c:j1z0vtg88hc57vlji&d=5fe367da96b6e509430785cb&pid=5ff7af615ace71263... HTTP 302
    https://maroola.aditms.me/sl?id=5f6b47ee127bd6bcbd271f32&pid=1106&sub1=5ff7af61be6e5d2a9e69e401&sub2=l... Page URL
  4. https://go.winterseas.xyz/redirect?feed=282379&url=https%3A%2F%2Fnewsverse.top&query=https%3A%2F%2Fnew... HTTP 302
    https://guay.labtrffc.com/l.php?p=c:l312xvi_932jkpeqt&d=5fe36418910f697781101d52&s=282379&d2=newsverse... HTTP 302
    https://track3.trackthetides.club/l.php?p=c:j1z0vtg88hc57vlji&d=5fe367da96b6e509430785cb&pid=5ff7af61b9d7af5a9... HTTP 302
    https://maroola.aditms.me/sl?id=5f6b47ee127bd6bcbd271f32&pid=1106&sub1=5ff7af614d18a6694462cfb0&sub2=l... Page URL
  5. https://xsoftwarexexpertx.com/VcrmB0a0f4a26adb4721db753f3308ba9c9efdcfef1a5?q={KEYWORD}&s3=5ff7af62834f1f0... HTTP 302
    https://sc2.darfilms.com/?utm_source=c3ef90752b0411a1&a_token=33d531022bfd0cd7bd61abde971c5938dcb51e6... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

11
Requests

100 %
HTTPS

9 %
IPv6

13
Domains

13
Subdomains

5
IPs

4
Countries

20 kB
Transfer

49 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mixupabc.com/d/2960?nsid=105977&partner_subid=&referer=&inif=n&params=6|8|24|24|1|0|1367|863|16|27|-8|-7|America/Vancouver|en-US|Linux%20x86_64|Google%20Inc.|Google%20SwiftShader|-1|32|256|16|32|1|1|0.125|8192|261|16|8192|8192|8192|32|1|16|1036|64|128|1056|12|60|7|8|8|4|8192|8192|12|24|16384|24|50188|50208|64|4|64&rt=bb&rank=5 HTTP 302
    https://track.clickeoads.com/310128821?sub1=1610067806752324-3pCFlx-2960-12954&sub2=MTA1OTc3_3359_2960&isubid=1610067806752324-3pCFlx-2960-12954&icid=12954 HTTP 307
    https://convertions.clickeoadstrack.xyz/?utm_medium=0e215cac066361c0da35367d7773af9052a0df59&utm_campaign=All0116&cid=4b28d482effc8b136330d716&1=0147-e021d690c1 Page URL
  2. https://convertions.clickeoadstrack.xyz/?utm_term=6915188579719184563&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f Page URL
  3. https://convertions.clickeoadstrack.xyz/proc.php?54ed176da8a24833a4ad7531e405f4a279a43521 HTTP 302
    http://tracking.armorads.com/sl?id=5faa890a127bd6bcbd27203b&pid=4&sub1=M6915188579719184563&sub2=15688&sub3=15688-bbd9ba7b HTTP 302
    https://go.whiteanemone.xyz/redirect?feed=276309&auth=ebuQy0&url=http%3A%2F%2Fcryptocore.xyz&pub_clickid=5ff7af60685bfd0001c15e99&sub1=4-15688&query=http%3A%2F%2Fcryptocore.xyz HTTP 302
    https://guay.labtrffc.com/l.php?p=c:l312xvi_932jkpeqt&d=5fe36418910f697781101d52&s=276309&d2=cryptocore.xyz HTTP 302
    https://track3.trackthetides.club/l.php?p=c:j1z0vtg88hc57vlji&d=5fe367da96b6e509430785cb&pid=5ff7af615ace71263f345ca1&source=lambda2_276309&data1=guay.labtrffc.com&data2= HTTP 302
    https://maroola.aditms.me/sl?id=5f6b47ee127bd6bcbd271f32&pid=1106&sub1=5ff7af61be6e5d2a9e69e401&sub2=lambda2_276309 Page URL
  4. https://go.winterseas.xyz/redirect?feed=282379&url=https%3A%2F%2Fnewsverse.top&query=https%3A%2F%2Fnewsverse.top&pub_clickid=5ff7af61834f1f0001940ee7&subid=1106_lambda2_276309 HTTP 302
    https://guay.labtrffc.com/l.php?p=c:l312xvi_932jkpeqt&d=5fe36418910f697781101d52&s=282379&d2=newsverse.top HTTP 302
    https://track3.trackthetides.club/l.php?p=c:j1z0vtg88hc57vlji&d=5fe367da96b6e509430785cb&pid=5ff7af61b9d7af5a926747e5&source=lambda2_282379&data1=guay.labtrffc.com&data2= HTTP 302
    https://maroola.aditms.me/sl?id=5f6b47ee127bd6bcbd271f32&pid=1106&sub1=5ff7af614d18a6694462cfb0&sub2=lambda2_282379 Page URL
  5. https://xsoftwarexexpertx.com/VcrmB0a0f4a26adb4721db753f3308ba9c9efdcfef1a5?q={KEYWORD}&s3=5ff7af62834f1f0001940f65&s1=1106 HTTP 302
    https://sc2.darfilms.com/?utm_source=c3ef90752b0411a1&a_token=33d531022bfd0cd7bd61abde971c5938dcb51e65&a_click_id=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&aff_sub=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&a_tb=https%3A%2F%2Fbests0luti0n.com%2Fb%3Ftoken%3Dbf14645cd4bb28c6d72d60924dec0d1643712b9c%26c%3DAGKv918zqQQA2CUCAERLFgAMAMQkDV8A Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://mixupabc.com/d/2960?nsid=105977&partner_subid=&referer=&inif=n&params=6|8|24|24|1|0|1367|863|16|27|-8|-7|America/Vancouver|en-US|Linux%20x86_64|Google%20Inc.|Google%20SwiftShader|-1|32|256|16|32|1|1|0.125|8192|261|16|8192|8192|8192|32|1|16|1036|64|128|1056|12|60|7|8|8|4|8192|8192|12|24|16384|24|50188|50208|64|4|64&rt=bb&rank=5 HTTP 302
  • https://track.clickeoads.com/310128821?sub1=1610067806752324-3pCFlx-2960-12954&sub2=MTA1OTc3_3359_2960&isubid=1610067806752324-3pCFlx-2960-12954&icid=12954 HTTP 307
  • https://convertions.clickeoadstrack.xyz/?utm_medium=0e215cac066361c0da35367d7773af9052a0df59&utm_campaign=All0116&cid=4b28d482effc8b136330d716&1=0147-e021d690c1
Request Chain 2
  • https://convertions.clickeoadstrack.xyz/proc.php?54ed176da8a24833a4ad7531e405f4a279a43521 HTTP 302
  • http://tracking.armorads.com/sl?id=5faa890a127bd6bcbd27203b&pid=4&sub1=M6915188579719184563&sub2=15688&sub3=15688-bbd9ba7b HTTP 302
  • https://go.whiteanemone.xyz/redirect?feed=276309&auth=ebuQy0&url=http%3A%2F%2Fcryptocore.xyz&pub_clickid=5ff7af60685bfd0001c15e99&sub1=4-15688&query=http%3A%2F%2Fcryptocore.xyz HTTP 302
  • https://guay.labtrffc.com/l.php?p=c:l312xvi_932jkpeqt&d=5fe36418910f697781101d52&s=276309&d2=cryptocore.xyz HTTP 302
  • https://track3.trackthetides.club/l.php?p=c:j1z0vtg88hc57vlji&d=5fe367da96b6e509430785cb&pid=5ff7af615ace71263f345ca1&source=lambda2_276309&data1=guay.labtrffc.com&data2= HTTP 302
  • https://maroola.aditms.me/sl?id=5f6b47ee127bd6bcbd271f32&pid=1106&sub1=5ff7af61be6e5d2a9e69e401&sub2=lambda2_276309
Request Chain 3
  • https://go.winterseas.xyz/redirect?feed=282379&url=https%3A%2F%2Fnewsverse.top&query=https%3A%2F%2Fnewsverse.top&pub_clickid=5ff7af61834f1f0001940ee7&subid=1106_lambda2_276309 HTTP 302
  • https://guay.labtrffc.com/l.php?p=c:l312xvi_932jkpeqt&d=5fe36418910f697781101d52&s=282379&d2=newsverse.top HTTP 302
  • https://track3.trackthetides.club/l.php?p=c:j1z0vtg88hc57vlji&d=5fe367da96b6e509430785cb&pid=5ff7af61b9d7af5a926747e5&source=lambda2_282379&data1=guay.labtrffc.com&data2= HTTP 302
  • https://maroola.aditms.me/sl?id=5f6b47ee127bd6bcbd271f32&pid=1106&sub1=5ff7af614d18a6694462cfb0&sub2=lambda2_282379

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
convertions.clickeoadstrack.xyz/
Redirect Chain
  • https://mixupabc.com/d/2960?nsid=105977&partner_subid=&referer=&inif=n&params=6|8|24|24|1|0|1367|863|16|27|-8|-7|America/Vancouver|en-US|Linux%20x86_64|Google%20Inc.|Google%20SwiftShader|-1|32|256|...
  • https://track.clickeoads.com/310128821?sub1=1610067806752324-3pCFlx-2960-12954&sub2=MTA1OTc3_3359_2960&isubid=1610067806752324-3pCFlx-2960-12954&icid=12954
  • https://convertions.clickeoadstrack.xyz/?utm_medium=0e215cac066361c0da35367d7773af9052a0df59&utm_campaign=All0116&cid=4b28d482effc8b136330d716&1=0147-e021d690c1
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://convertions.clickeoadstrack.xyz/?utm_medium=0e215cac066361c0da35367d7773af9052a0df59&utm_campaign=All0116&cid=4b28d482effc8b136330d716&1=0147-e021d690c1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.118.99 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.4.10
Resource Hash
23bb2d1fbdc0a876c6b8726e2fb62b0ea7061c702f2ead57eb81abf5d5cefdef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
convertions.clickeoadstrack.xyz
:scheme
https
:path
/?utm_medium=0e215cac066361c0da35367d7773af9052a0df59&utm_campaign=All0116&cid=4b28d482effc8b136330d716&1=0147-e021d690c1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

server
nginx
date
Fri, 08 Jan 2021 01:03:28 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.4.10
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=4e6f73bebc151c19b3367d5ae0a3978a; expires=Sat, 08-Jan-2022 01:03:28 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip

Redirect headers

server
nginx/1.16.1
cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Fri, 08 Jan 2021 01:03:27 GMT
location
https://convertions.clickeoadstrack.xyz/?utm_medium=0e215cac066361c0da35367d7773af9052a0df59&utm_campaign=All0116&cid=4b28d482effc8b136330d716&1=0147-e021d690c1
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
set-cookie
PHPSESSID=ae5c8uvi7haq0lg58ou4foomqf; path=/
x-powered-by
PHP/7.3.25
/
convertions.clickeoadstrack.xyz/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://convertions.clickeoadstrack.xyz/?utm_term=6915188579719184563&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
Requested by
Host: convertions.clickeoadstrack.xyz
URL: https://convertions.clickeoadstrack.xyz/?utm_medium=0e215cac066361c0da35367d7773af9052a0df59&utm_campaign=All0116&cid=4b28d482effc8b136330d716&1=0147-e021d690c1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.118.99 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.4.10
Resource Hash
3501d68dee090e392dfafe7c1b114ed12153c721dfec193f1d582a0ee92c8af2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
convertions.clickeoadstrack.xyz
:scheme
https
:path
/?utm_term=6915188579719184563&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://convertions.clickeoadstrack.xyz/?utm_medium=0e215cac066361c0da35367d7773af9052a0df59&utm_campaign=All0116&cid=4b28d482effc8b136330d716&1=0147-e021d690c1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
u=4e6f73bebc151c19b3367d5ae0a3978a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0
Referer
https://convertions.clickeoadstrack.xyz/?utm_medium=0e215cac066361c0da35367d7773af9052a0df59&utm_campaign=All0116&cid=4b28d482effc8b136330d716&1=0147-e021d690c1

Response headers

server
nginx
date
Fri, 08 Jan 2021 01:03:28 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-powered-by
PHP/7.4.10
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
sl
maroola.aditms.me/
Redirect Chain
  • https://convertions.clickeoadstrack.xyz/proc.php?54ed176da8a24833a4ad7531e405f4a279a43521
  • http://tracking.armorads.com/sl?id=5faa890a127bd6bcbd27203b&pid=4&sub1=M6915188579719184563&sub2=15688&sub3=15688-bbd9ba7b
  • https://go.whiteanemone.xyz/redirect?feed=276309&auth=ebuQy0&url=http%3A%2F%2Fcryptocore.xyz&pub_clickid=5ff7af60685bfd0001c15e99&sub1=4-15688&query=http%3A%2F%2Fcryptocore.xyz
  • https://guay.labtrffc.com/l.php?p=c:l312xvi_932jkpeqt&d=5fe36418910f697781101d52&s=276309&d2=cryptocore.xyz
  • https://track3.trackthetides.club/l.php?p=c:j1z0vtg88hc57vlji&d=5fe367da96b6e509430785cb&pid=5ff7af615ace71263f345ca1&source=lambda2_276309&data1=guay.labtrffc.com&data2=
  • https://maroola.aditms.me/sl?id=5f6b47ee127bd6bcbd271f32&pid=1106&sub1=5ff7af61be6e5d2a9e69e401&sub2=lambda2_276309
292 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://maroola.aditms.me/sl?id=5f6b47ee127bd6bcbd271f32&pid=1106&sub1=5ff7af61be6e5d2a9e69e401&sub2=lambda2_276309
Requested by
Host: convertions.clickeoadstrack.xyz
URL: https://convertions.clickeoadstrack.xyz/?utm_term=6915188579719184563&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.32.250.3 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
5744b3a447cfa6231fc77b77235c888ab8e2a2cadab52441cd0a192454314bfa

Request headers

:method
GET
:authority
maroola.aditms.me
:scheme
https
:path
/sl?id=5f6b47ee127bd6bcbd271f32&pid=1106&sub1=5ff7af61be6e5d2a9e69e401&sub2=lambda2_276309
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0
Referer
https://convertions.clickeoadstrack.xyz/?utm_term=6915188579719184563&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f#

Response headers

server
nginx
date
Fri, 08 Jan 2021 01:03:29 GMT
content-type
text/html; charset=utf-8
set-cookie
afclick=5ff7af61834f1f0001940ee7; Expires=Sat, 08 Jan 2022 01:03:29 GMT; Secure; SameSite=None
content-encoding
gzip

Redirect headers

Server
nginx
Date
Fri, 08 Jan 2021 01:03:29 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Round
116xvvu9lu
Raund
5c7576995f5f9072bb113e92-5c7578065f5f9074003256f2
Location
https://maroola.aditms.me/sl?id=5f6b47ee127bd6bcbd271f32&pid=1106&sub1=5ff7af61be6e5d2a9e69e401&sub2=lambda2_276309
sl
maroola.aditms.me/
Redirect Chain
  • https://go.winterseas.xyz/redirect?feed=282379&url=https%3A%2F%2Fnewsverse.top&query=https%3A%2F%2Fnewsverse.top&pub_clickid=5ff7af61834f1f0001940ee7&subid=1106_lambda2_276309
  • https://guay.labtrffc.com/l.php?p=c:l312xvi_932jkpeqt&d=5fe36418910f697781101d52&s=282379&d2=newsverse.top
  • https://track3.trackthetides.club/l.php?p=c:j1z0vtg88hc57vlji&d=5fe367da96b6e509430785cb&pid=5ff7af61b9d7af5a926747e5&source=lambda2_282379&data1=guay.labtrffc.com&data2=
  • https://maroola.aditms.me/sl?id=5f6b47ee127bd6bcbd271f32&pid=1106&sub1=5ff7af614d18a6694462cfb0&sub2=lambda2_282379
240 B
391 B 		Document
General
Check archive.org
Download Go to
Full URL
https://maroola.aditms.me/sl?id=5f6b47ee127bd6bcbd271f32&pid=1106&sub1=5ff7af614d18a6694462cfb0&sub2=lambda2_282379
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.32.250.3 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
51d3c83e66265db7905123e599bf2922ff046ddb10361d3af71235802b34cf2b

Request headers

:method
GET
:authority
maroola.aditms.me
:scheme
https
:path
/sl?id=5f6b47ee127bd6bcbd271f32&pid=1106&sub1=5ff7af614d18a6694462cfb0&sub2=lambda2_282379
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
afclick=5ff7af61834f1f0001940ee7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0
Referer
https://maroola.aditms.me/sl?id=5f6b47ee127bd6bcbd271f32&pid=1106&sub1=5ff7af61be6e5d2a9e69e401&sub2=lambda2_276309

Response headers

server
nginx
date
Fri, 08 Jan 2021 01:03:30 GMT
content-type
text/html; charset=utf-8
set-cookie
afclick=5ff7af62834f1f0001940f65; Expires=Sat, 08 Jan 2022 01:03:30 GMT; Secure; SameSite=None
content-encoding
gzip

Redirect headers

Server
nginx
Date
Fri, 08 Jan 2021 01:03:29 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Round
116xvvu9lu
Raund
5c7576995f5f9072bb113e92-5c7578065f5f9074003256f2
Location
https://maroola.aditms.me/sl?id=5f6b47ee127bd6bcbd271f32&pid=1106&sub1=5ff7af614d18a6694462cfb0&sub2=lambda2_282379
Primary Request /
sc2.darfilms.com/
Redirect Chain
  • https://xsoftwarexexpertx.com/VcrmB0a0f4a26adb4721db753f3308ba9c9efdcfef1a5?q={KEYWORD}&s3=5ff7af62834f1f0001940f65&s1=1106
  • https://sc2.darfilms.com/?utm_source=c3ef90752b0411a1&a_token=33d531022bfd0cd7bd61abde971c5938dcb51e65&a_click_id=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&aff_sub=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&a_tb=http...
13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sc2.darfilms.com/?utm_source=c3ef90752b0411a1&a_token=33d531022bfd0cd7bd61abde971c5938dcb51e65&a_click_id=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&aff_sub=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&a_tb=https%3A%2F%2Fbests0luti0n.com%2Fb%3Ftoken%3Dbf14645cd4bb28c6d72d60924dec0d1643712b9c%26c%3DAGKv918zqQQA2CUCAERLFgAMAMQkDV8A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:a1db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09b0cb600417f67d45b277c26a1da3aee25722ac3de392792191c5e444b23236

Request headers

:method
GET
:authority
sc2.darfilms.com
:scheme
https
:path
/?utm_source=c3ef90752b0411a1&a_token=33d531022bfd0cd7bd61abde971c5938dcb51e65&a_click_id=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&aff_sub=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&a_tb=https%3A%2F%2Fbests0luti0n.com%2Fb%3Ftoken%3Dbf14645cd4bb28c6d72d60924dec0d1643712b9c%26c%3DAGKv918zqQQA2CUCAERLFgAMAMQkDV8A
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0
Referer
https://maroola.aditms.me/sl?id=5f6b47ee127bd6bcbd271f32&pid=1106&sub1=5ff7af614d18a6694462cfb0&sub2=lambda2_282379

Response headers

date
Fri, 08 Jan 2021 01:03:30 GMT
content-type
text/html
set-cookie
__cfduid=d75fb9608028c539c179f5d5899e749241610067810; expires=Sun, 07-Feb-21 01:03:30 GMT; path=/; domain=.darfilms.com; HttpOnly; SameSite=Lax; Secure
last-modified
Tue, 21 Apr 2020 10:50:22 GMT
cf-cache-status
DYNAMIC
cf-request-id
07811e2f8f00002b16eda84000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9YMLaEk2h9AHJEGpKoUuljiDwVpy5g51xaERRJdFpyMQM9A1%2FIcarje7xXbwVdwFvfoidwK2URQxs7pMCKRs9tI8PP9a8E9dIupHXAkJ596rDeHCidprP3WqgQbT"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
60e1ffc5bb032b16-FRA
content-encoding
br

Redirect headers

server
nginx/1.18.0
date
Fri, 08 Jan 2021 01:03:29 GMT
content-type
text/html; charset=utf-8
content-length
356
location
https://sc2.darfilms.com/?utm_source=c3ef90752b0411a1&a_token=33d531022bfd0cd7bd61abde971c5938dcb51e65&a_click_id=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&aff_sub=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&a_tb=https%3A%2F%2Fbests0luti0n.com%2Fb%3Ftoken%3Dbf14645cd4bb28c6d72d60924dec0d1643712b9c%26c%3DAGKv918zqQQA2CUCAERLFgAMAMQkDV8A
set-cookie
bd_context=nZvm381qeHH9OJ1PaCEPuRpokmlsn2TGdmPbjCEfIbXz4ivxdNwPc6icEUkvsZWM+vZg+m9FG/V8YAodKaLbUMD28lrnXXN8H6z0rnZBa4KiToNuKdBwRuNeKiFL/mJlwhPni2Fx02WaayMSXc4KhyGRxXiuj8lLCufasUJcGQQBf/dcJpijN404mQa5iFfogY31SASG0P+7zx32EugS0qp546xaTSLfnl0fNXVTBfunWI9Fvgxpal61KnQYBmCnfsOSvSLPv2iKn3v2w3nkT35Uy9nspac7MFuHFOkag1CTtF67KHOqmHDPrIx5F3GtSUBw; Expires=Sat, 08 Jan 2022 01:03:30 GMT
preloader.js
sc2.darfilms.com/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc2.darfilms.com/preloader.js
Requested by
Host: sc2.darfilms.com
URL: https://sc2.darfilms.com/?utm_source=c3ef90752b0411a1&a_token=33d531022bfd0cd7bd61abde971c5938dcb51e65&a_click_id=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&aff_sub=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&a_tb=https%3A%2F%2Fbests0luti0n.com%2Fb%3Ftoken%3Dbf14645cd4bb28c6d72d60924dec0d1643712b9c%26c%3DAGKv918zqQQA2CUCAERLFgAMAMQkDV8A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:a1db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf7d87243c39cb805c638ba0dbde493fd77e9c9dff41cb1cb3a71e0d5e373b27

Request headers

Referer
https://sc2.darfilms.com/?utm_source=c3ef90752b0411a1&a_token=33d531022bfd0cd7bd61abde971c5938dcb51e65&a_click_id=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&aff_sub=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&a_tb=https%3A%2F%2Fbests0luti0n.com%2Fb%3Ftoken%3Dbf14645cd4bb28c6d72d60924dec0d1643712b9c%26c%3DAGKv918zqQQA2CUCAERLFgAMAMQkDV8A
User-Agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

date
Fri, 08 Jan 2021 01:03:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 22 Jan 2020 11:00:21 GMT
server
cloudflare
etag
W/"5e282b45-141c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UIHIW06BzcmU4lmfJSsV5sqO1pkqUG%2BKxYIGS%2FsJOZ%2BpOf7BC%2FBnmLn2kY9icN2uXpjTjdXtYFeE6RPu0g4FTtRjev7bC%2F63Su20pgQs%2BIqOe21muxStxP%2FpoFP3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
60e1ffc61b6d2b16-FRA
cf-request-id
07811e2fd300002b162cb0d000000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
build.js
sc2.darfilms.com/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc2.darfilms.com/build.js?v=111
Requested by
Host: sc2.darfilms.com
URL: https://sc2.darfilms.com/?utm_source=c3ef90752b0411a1&a_token=33d531022bfd0cd7bd61abde971c5938dcb51e65&a_click_id=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&aff_sub=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&a_tb=https%3A%2F%2Fbests0luti0n.com%2Fb%3Ftoken%3Dbf14645cd4bb28c6d72d60924dec0d1643712b9c%26c%3DAGKv918zqQQA2CUCAERLFgAMAMQkDV8A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:a1db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d91c8ab1bf7dbcddfd169c7e00002b586b2b407a94c2c4354b16c14e06ea89d7

Request headers

Referer
https://sc2.darfilms.com/?utm_source=c3ef90752b0411a1&a_token=33d531022bfd0cd7bd61abde971c5938dcb51e65&a_click_id=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&aff_sub=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&a_tb=https%3A%2F%2Fbests0luti0n.com%2Fb%3Ftoken%3Dbf14645cd4bb28c6d72d60924dec0d1643712b9c%26c%3DAGKv918zqQQA2CUCAERLFgAMAMQkDV8A
User-Agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

date
Fri, 08 Jan 2021 01:03:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 21 Apr 2020 10:50:13 GMT
server
cloudflare
etag
W/"5e9ecfe5-4a5d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=swqLzeE9IQ8NMy1NF3b8RAEo2M0b1Nr853pUZjpmOdDz8zWN3wqfNn%2FtTL%2FSgn0%2FbIwavDIleYQrIEhaUTe5zzduS059K%2F0UmH5S8t5clytO9un0YYsJvW9x69C2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
60e1ffc61b6e2b16-FRA
cf-request-id
07811e2fd400002b165b8e9000000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
AGKv918zqQQA2CUCAERLFgAMAMQkDV8A
bests0luti0n.com/rtb/p/c/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://bests0luti0n.com/rtb/p/c/AGKv918zqQQA2CUCAERLFgAMAMQkDV8A
Protocol
H2
Server
188.72.236.136 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
1f2-12-d2456-136.webazilla.com
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://sc2.darfilms.com
User-Agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.18.0
date
Fri, 08 Jan 2021 01:03:30 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://sc2.darfilms.com
AGKv918zqQQA2CUCAERLFgAMAMQkDV8A
jyv-24.com/a/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://jyv-24.com/a/AGKv918zqQQA2CUCAERLFgAMAMQkDV8A?instance=KyxNik5u3dX6JGFqSawoVrR8iB2np9ld&token=33d531022bfd0cd7bd61abde971c5938dcb51e65&utm_source=c3ef90752b0411a1
Protocol
HTTP/1.1
Server
188.72.236.132 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://sc2.darfilms.com
User-Agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.18.0
Date
Fri, 08 Jan 2021 01:03:30 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://sc2.darfilms.com
AGKv918zqQQA2CUCAERLFgAMAMQkDV8A
bests0luti0n.com/rtb/p/c/ 		68 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bests0luti0n.com/rtb/p/c/AGKv918zqQQA2CUCAERLFgAMAMQkDV8A
Requested by
Host: sc2.darfilms.com
URL: https://sc2.darfilms.com/build.js?v=111
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.72.236.136 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
1f2-12-d2456-136.webazilla.com
Software
nginx/1.18.0 /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

Referer
https://sc2.darfilms.com/?utm_source=c3ef90752b0411a1&a_token=33d531022bfd0cd7bd61abde971c5938dcb51e65&a_click_id=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&aff_sub=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&a_tb=https%3A%2F%2Fbests0luti0n.com%2Fb%3Ftoken%3Dbf14645cd4bb28c6d72d60924dec0d1643712b9c%26c%3DAGKv918zqQQA2CUCAERLFgAMAMQkDV8A
User-Agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0
Content-Type
application/json

Response headers

date
Fri, 08 Jan 2021 01:03:30 GMT
last-modified
Fri, 21 Feb 2020 21:35:12 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
https://sc2.darfilms.com
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
content-length
68
AGKv918zqQQA2CUCAERLFgAMAMQkDV8A
jyv-24.com/a/ 		3 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jyv-24.com/a/AGKv918zqQQA2CUCAERLFgAMAMQkDV8A?instance=KyxNik5u3dX6JGFqSawoVrR8iB2np9ld&token=33d531022bfd0cd7bd61abde971c5938dcb51e65&utm_source=c3ef90752b0411a1
Requested by
Host: sc2.darfilms.com
URL: https://sc2.darfilms.com/build.js?v=111
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.72.236.132 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Request headers

Referer
https://sc2.darfilms.com/?utm_source=c3ef90752b0411a1&a_token=33d531022bfd0cd7bd61abde971c5938dcb51e65&a_click_id=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&aff_sub=AGKv918zqQQA2CUCAERLFgAMAMQkDV8A&a_tb=https%3A%2F%2Fbests0luti0n.com%2Fb%3Ftoken%3Dbf14645cd4bb28c6d72d60924dec0d1643712b9c%26c%3DAGKv918zqQQA2CUCAERLFgAMAMQkDV8A
User-Agent
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0
Content-Type
application/json

Response headers

Date
Fri, 08 Jan 2021 01:03:30 GMT
Server
nginx/1.18.0
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sc2.darfilms.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Content-Length
3

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| BD_PRELOADER function| getNewUrl function| loadMore

1 Cookies

Domain/Path Name / Value
.darfilms.com/ Name: __cfduid
Value: d75fb9608028c539c179f5d5899e749241610067810

2 Console Messages

Source Level URL
Text
console-api log URL: https://sc2.darfilms.com/build.js?v=111(Line 1)
Message:
�PNG  IHDR�  IDATx�cb` ��IEND�B`�
console-api error URL: https://sc2.darfilms.com/build.js?v=111(Line 1)
Message:
Error: UNEXPECTED_BEHAVIOR

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;