benteyispa.com Open in urlscan Pro
185.32.28.133  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://www.moneyeveryday.eu.org/ Page URL
2. https://redirecting3.eu/p/d5rw/PwGa/d5lY Page URL
3. https://benteyispa.com/?cat=1&groupds=111&clientId=473&productId=1714&flow=1&publisher_id={publisher_id}&tracking=mlClick-lZIYDyVk Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ www.moneyeveryday.eu.org/	70 KB 15 KB	720ms 105ms	Document text/html	2607:f8b0:4004:c1d::79 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.moneyeveryday.eu.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::79 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers cache-control private, max-age=0 content-encoding gzip content-length 14778 content-type text/html; charset=UTF-8 date Wed, 31 Jul 2024 05:55:34 GMT etag W/"8c34986a745074a9359b9d4725ad4fde8749eeddb83c23b6fc49698ee41d959c" expires Wed, 31 Jul 2024 05:55:34 GMT last-modified Fri, 08 Mar 2024 13:39:26 GMT server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	clipboard.min.js www.gstatic.com/external_hosted/clipboardjs/	12 KB 4 KB	52ms 18ms	Script text/javascript	2607:f8b0:4004:c1d::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js Requested by Host: www.moneyeveryday.eu.org URL: https://www.moneyeveryday.eu.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.moneyeveryday.eu.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 05:55:34 GMT content-encoding br x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3475 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=0 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 31 Jul 2024 05:55:34 GMT
GET H2	200	Copy+of+Copy+of+the+movie+update+logo.png blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEixfBOFAKhLCTeir7x9OLOnJXVWZ9B8vGo21_qV1zd1BeseNt6UsnA3h3G-xDFIk7-rmIdCfFkUTn8Ag7y7OxMDhQYubwgisTlpoXZiUVWo9txhTg9ixoo-b52RE1VOmQ/s220/	6 KB 7 KB	663ms 581ms	Image image/png	2607:f8b0:400d:c0e::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEixfBOFAKhLCTeir7x9OLOnJXVWZ9B8vGo21_qV1zd1BeseNt6UsnA3h3G-xDFIk7-rmIdCfFkUTn8Ag7y7OxMDhQYubwgisTlpoXZiUVWo9txhTg9ixoo-b52RE1VOmQ/s220/Copy+of+Copy+of+the+movie+update+logo.png Requested by Host: www.moneyeveryday.eu.org URL: https://www.moneyeveryday.eu.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c0e::84 Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.moneyeveryday.eu.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 05:55:34 GMT x-content-type-options nosniff server fife etag "v12" vary Origin content-type image/png access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="Copy of Copy of the movie update logo.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6515 x-xss-protection 0 expires Thu, 01 Aug 2024 05:55:34 GMT
GET H2	200	3748704217-indie_compiled.js resources.blogblog.com/blogblog/data/res/	134 KB 46 KB	61ms 22ms	Script text/javascript	2607:f8b0:400d:c1d::bf GOOGLE
General Check archive.org Show headers Download Go to Full URL https://resources.blogblog.com/blogblog/data/res/3748704217-indie_compiled.js Requested by Host: www.moneyeveryday.eu.org URL: https://www.moneyeveryday.eu.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c1d::bf Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.moneyeveryday.eu.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 15:30:58 GMT content-encoding gzip x-content-type-options nosniff age 570276 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46847 x-xss-protection 0 last-modified Tue, 23 Jul 2024 23:54:31 GMT server sffe vary Accept-Encoding report-to {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-type text/javascript cache-control public, max-age=604800 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="blogger-tech" expires Wed, 31 Jul 2024 15:30:58 GMT
GET H2	200	2613211189-widgets.js www.blogger.com/static/v1/widgets/	141 KB 51 KB	106ms 23ms	Script text/javascript	2607:f8b0:400d:c1d::bf GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.blogger.com/static/v1/widgets/2613211189-widgets.js Requested by Host: www.moneyeveryday.eu.org URL: https://www.moneyeveryday.eu.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c1d::bf Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.moneyeveryday.eu.org/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 09:43:32 GMT content-encoding gzip x-content-type-options nosniff age 418322 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51304 x-xss-protection 0 last-modified Thu, 25 Jul 2024 10:05:12 GMT server sffe vary Accept-Encoding report-to {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="blogger-tech" expires Sat, 26 Jul 2025 09:43:32 GMT
GET H3	200	d5lY Show response redirecting3.eu/p/d5rw/PwGa/	109 KB 82 KB	974ms 779ms	Document text/html	2606:4700:3031::ac43:96cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://redirecting3.eu/p/d5rw/PwGa/d5lY Requested by Host: www.moneyeveryday.eu.org URL: https://www.moneyeveryday.eu.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:96cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa1a0975689966db3180e2f7321711a7cfc6654485a442ad7155875af73bbc87 Request headers Referer https://www.moneyeveryday.eu.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache, no-store, private cf-cache-status DYNAMIC cf-ray 8abb571b9d988c59-EWR content-encoding br content-type text/html; charset=UTF-8 date Wed, 31 Jul 2024 05:55:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j4xXfkND%2Ftwm7QR5Q1DjLK1YcQZn9EWDohjQC%2Fby%2FQN6FAVsNj50E0hJd88xfzJ7GHq3jiuEYSk5V%2BgjIrG97eYCfrXF7pVJLScUbwgkbqWOCujHHBkuPQhYc2JoemPOe0w2W8Yk%2BhO44i2e4Aw%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-robots-tag noindex, nofollow
GET H3	200	envoirment.js Show response redirecting3.eu/js/	32 KB 12 KB	320ms 319ms	Script application/javascript	2606:4700:3031::ac43:96cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://redirecting3.eu/js/envoirment.js?id=a535a99b3fccb8f0756e Requested by Host: redirecting3.eu URL: https://redirecting3.eu/p/d5rw/PwGa/d5lY Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:96cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2360f05aaa5110f0891046d08ab93ee8bfd6249debd8d8c1d173eac2dd5e172 Request headers device-memory 8 Referer https://redirecting3.eu/p/d5rw/PwGa/d5lY User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 05:55:35 GMT content-encoding gzip cf-cache-status REVALIDATED last-modified Tue, 10 May 2022 11:24:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"627a4b7c-8078" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Re7A%2FCf9LGQ3YHkKYY%2BT%2FFx5sheXKxzDALCUcA7icphS8YHcaeO8FY7SaIZCwapvYwqxoem%2FNOYn5EY%2F0aON1Al9QR83EDSQnOmJ%2FaRgmlcXukDnKu7Ozy1ERhkp3Q84dKYePwCImvqXDhQ%2BZzw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8abb5720884e8c59-EWR alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	80 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d9b9fdfdff9f8b92ccce4dae925bd5f7beecf001ce2507bf085788899da2cd50 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	71ms 22ms	Script text/javascript	2607:f8b0:400d:c00::64 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: redirecting3.eu URL: https://redirecting3.eu/p/d5rw/PwGa/d5lY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c00::64 Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://redirecting3.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 31 Jul 2024 05:46:10 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 565 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Wed, 31 Jul 2024 07:46:10 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	15 B 222 B	24ms 23ms	XHR text/plain	2607:f8b0:400d:c00::64 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=855772516&t=pageview&_s=1&dl=https%3A%2F%2Fredirecting3.eu%2Fp%2Fd5rw%2FPwGa%2Fd5lY&dr=https%3A%2F%2Fwww.moneyeveryday.eu.org%2F&ul=en-us&de=UTF-8&dt=Win%20Money%20-%202%20clicks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=105936228&gjid=2050446750&cid=141323471.1722405335&tid=UA-110090096-2&_gid=157352190.1722405335&_r=1&_slc=1&z=404371103 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c00::64 Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 4d99c18018fde2d6060269d70d24f6ffc2435d83367c7e66b9b4f731ea551351 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://redirecting3.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 31 Jul 2024 05:55:35 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://redirecting3.eu cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect www.google-analytics.com/	35 B 112 B	25ms 24ms	Ping image/gif	2607:f8b0:400d:c00::64 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c00::64 Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://redirecting3.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Wed, 31 Jul 2024 05:55:35 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin https://redirecting3.eu cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	260 KB 92 KB	75ms 25ms	Script application/javascript	2607:f8b0:400d:c04::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-9R803BRQ9Q&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b99582f332a3c0ce575b4bf96b4035ec28b2ad80d65c74dba72d655f97e815c0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://redirecting3.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 05:55:35 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93796 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 31 Jul 2024 05:55:35 GMT
POST H3	204	collect www.google-analytics.com/g/	0 0	23ms 23ms	Fetch text/plain	2607:f8b0:400d:c00::64 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-9R803BRQ9Q&gtm=45je47t0v9123073336za200&_p=1722405335387&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=95250752&ul=en-us&sr=1600x1200&cid=141323471.1722405335&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fredirecting3.eu%2Fp%2Fd5rw%2FPwGa%2Fd5lY&dr=https%3A%2F%2Fwww.moneyeveryday.eu.org%2F&dt=Win%20Money%20-%202%20clicks&sid=1722405335&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1526 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-9R803BRQ9Q&cx=c&_slc=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:400d:c00::64 Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://redirecting3.eu/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 31 Jul 2024 05:55:35 GMT server Golfe2 content-type text/plain access-control-allow-origin https://redirecting3.eu cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	finger redirecting3.eu/	20 B 463 B	153ms 153ms	XHR application/json	2606:4700:3031::ac43:96cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://redirecting3.eu/finger Requested by Host: redirecting3.eu URL: https://redirecting3.eu/js/envoirment.js?id=a535a99b3fccb8f0756e Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:96cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers device-memory 8 Referer https://redirecting3.eu/p/d5rw/PwGa/d5lY User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type application/json Response headers date Wed, 31 Jul 2024 05:55:35 GMT content-encoding gzip cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GP%2BCaotvh%2FWKC3CUc6z6J0B2slh1p1aLIVU3jyKNdwJlLaZuyYcawCum6pujatzykwgIEMIhLQsDh3ObbFkTyPM0R9fC97SZgHlu%2BVRmJjxdTPM5EsXJWlZtA19KFESjqK3JzXx%2Bd42QlouPpwc%3D"}],"group":"cf-nel","max_age":604800} content-type application/json cache-control no-cache, private cf-ray 8abb57240a498c59-EWR alt-svc h3=":443"; ma=86400
GET H3	404	favicon.ico redirecting3.eu/	548 B 574 B	337ms 336ms	Other text/html	2606:4700:3031::ac43:96cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://redirecting3.eu/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:96cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers device-memory 8 Referer https://redirecting3.eu/p/d5rw/PwGa/d5lY User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 05:55:36 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gaeV2mfNFPTg9iE%2FVYI%2F7ZiCE3g%2F8wIn0DCnEIz2ozIXCbdp4JGaK7W7J%2FmnYmtZHRdTuFdyDwToSyWxehI0tr4OpXPZkqltwHPNohMy4MDcg15LoHr56vejDDBc%2FofDzeKoVuOwSHyZz1dSB%2BE%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 8abb57240a4a8c59-EWR alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	Primary Request / Show response benteyispa.com/	58 KB 59 KB	630ms 227ms	Document text/html	185.32.28.133 AS_ADAM Adam Data...
General Check archive.org Show headers Download Go to Full URL https://benteyispa.com/?cat=1&groupds=111&clientId=473&productId=1714&flow=1&publisher_id={publisher_id}&tracking=mlClick-lZIYDyVk Requested by Host: redirecting3.eu URL: https://redirecting3.eu/js/envoirment.js?id=a535a99b3fccb8f0756e Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.32.28.133 , Spain, ASN15699 (AS_ADAM Adam Datacenter, ES), Reverse DNS Software nginx / Resource Hash dc1ccde946f01d03e502652c9e4ad9ce7ca3641a685560f4cef6974d225a868a Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://redirecting3.eu/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Connection keep-alive Content-Type text/html; charset=UTF-8 Date Wed, 31 Jul 2024 05:55:29 GMT Server nginx Strict-Transport-Security max-age=63072000; includeSubDomains; preload Transfer-Encoding chunked X-Content-Type-Options nosniff
GET DATA	200 OK	truncated /	690 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 37254c64d955725748a4ab9b8970d9a71a2faeb45097278fd984b17b680a0f33 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	29 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 97d303ac8fb8a79708cc1a814b602b4d12c0d333df3e8020f4637096b7ba8848 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cc7370f2c9aad61952fe3794398e54f918c52b344556b600bf8081b66fedb50e Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 79ca701aef7346fa8888b41b99b660db8053844118cbc97cf7e5d9db56693997 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 78d6b231a5130507de3652eca6d09f22a594abee3a3d2012a2da9d6dbee064ae Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	backlink_back_button.js Show response benteyispa.com/assets/js/	632 B 982 B	100ms 99ms	Script application/javascript	185.32.28.133 AS_ADAM Adam Data...
General Check archive.org Show headers Download Go to Full URL https://benteyispa.com/assets/js/backlink_back_button.js Requested by Host: benteyispa.com URL: https://benteyispa.com/?cat=1&groupds=111&clientId=473&productId=1714&flow=1&publisher_id={publisher_id}&tracking=mlClick-lZIYDyVk Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.32.28.133 , Spain, ASN15699 (AS_ADAM Adam Datacenter, ES), Reverse DNS Software nginx / Resource Hash b1b1b5affe702bae9e97deabbdb3f19bcf8f12a1ddd410ff189c61c3bc159c06 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://benteyispa.com/?cat=1&groupds=111&clientId=473&productId=1714&flow=1&publisher_id={publisher_id}&tracking=mlClick-lZIYDyVk User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Wed, 31 Jul 2024 05:55:29 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Last-Modified Mon, 28 Nov 2022 14:36:49 GMT Server nginx ETag "6384c781-278" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 632

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| backLinkURL

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			redirecting3.eu/	1970-01-21 07:12:21	Name: 3d96f8e03a42123e5523adf5c57607ad Value: 3d96f8e03a42123e5523adf5c57607ad
			.redirecting3.eu/	1970-01-21 08:02:45	Name: _ga Value: GA1.2.141323471.1722405335
			.redirecting3.eu/	1970-01-20 22:28:11	Name: _gid Value: GA1.2.157352190.1722405335
			.redirecting3.eu/	1970-01-20 22:26:45	Name: _gat Value: 1
			.redirecting3.eu/	1970-01-21 08:02:45	Name: _ga_9R803BRQ9Q Value: GS1.2.1722405335.1.0.1722405335.0.0.0
			benteyispa.com/	1970-01-20 22:26:45	Name: redirect_user_data Value: %7B%22country%22%3A%22US%22%2C%22city%22%3Anull%2C%22isp%22%3A%22m247+europe%22%2C%22netspeed%22%3A%22%22%7D
			benteyispa.com/	1970-01-20 22:26:45	Name: _tracker_ikangoo Value: a%3A5%3A%7Bs%3A4%3A%22_key%22%3Bs%3A7%3A%22IKPANEL%22%3Bs%3A6%3A%22_subid%22%3Bs%3A16%3A%225002209344135963%22%3Bs%3A8%3A%22_country%22%3Bs%3A2%3A%22US%22%3Bs%3A4%3A%22_isp%22%3Bs%3A11%3A%22m247+europe%22%3Bs%3A5%3A%22_time%22%3Bi%3A1722405329%3B%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://redirecting3.eu/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

benteyispa.com
blogger.googleusercontent.com
redirecting3.eu
resources.blogblog.com
www.blogger.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.moneyeveryday.eu.org
185.32.28.133
2606:4700:3031::ac43:96cd
2607:f8b0:4004:c1d::5e
2607:f8b0:4004:c1d::79
2607:f8b0:400d:c00::64
2607:f8b0:400d:c04::61
2607:f8b0:400d:c0e::84
2607:f8b0:400d:c1d::bf
37254c64d955725748a4ab9b8970d9a71a2faeb45097278fd984b17b680a0f33
4d99c18018fde2d6060269d70d24f6ffc2435d83367c7e66b9b4f731ea551351
78d6b231a5130507de3652eca6d09f22a594abee3a3d2012a2da9d6dbee064ae
79ca701aef7346fa8888b41b99b660db8053844118cbc97cf7e5d9db56693997
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
97d303ac8fb8a79708cc1a814b602b4d12c0d333df3e8020f4637096b7ba8848
a2360f05aaa5110f0891046d08ab93ee8bfd6249debd8d8c1d173eac2dd5e172
aa1a0975689966db3180e2f7321711a7cfc6654485a442ad7155875af73bbc87
b1b1b5affe702bae9e97deabbdb3f19bcf8f12a1ddd410ff189c61c3bc159c06
b99582f332a3c0ce575b4bf96b4035ec28b2ad80d65c74dba72d655f97e815c0
cc7370f2c9aad61952fe3794398e54f918c52b344556b600bf8081b66fedb50e
d9b9fdfdff9f8b92ccce4dae925bd5f7beecf001ce2507bf085788899da2cd50
dc1ccde946f01d03e502652c9e4ad9ce7ca3641a685560f4cef6974d225a868a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd