onfiretoretire.net Open in urlscan Pro
199.250.217.131 Public Scan

URL:
http://onfiretoretire.net/
Submission: On October 06 via api (October 6th 2020, 1:45:58 am UTC) from DE

Summary HTTP 16 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 16 HTTP transactions. The main IP is 199.250.217.131, located in Los Angeles, United States and belongs to INMOTI-1, US. The main domain is onfiretoretire.net.

This is the only time onfiretoretire.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	199.250.217.131 199.250.217.131	54641 (INMOTI-1) (INMOTI-1)
2	35.185.75.14 35.185.75.14	15169 (GOOGLE) (GOOGLE)
1	213.5.71.251 213.5.71.251	51430 (ALTUS) (ALTUS)
2 5	2606:4700:303... 2606:4700:3035::681f:413a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:20:... 2606:4700:20::681a:993	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::681c:10c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.22.53.65 104.22.53.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	213.5.71.65 213.5.71.65	51430 (ALTUS) (ALTUS)
1	104.22.52.65 104.22.52.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	64.70.19.52 64.70.19.52	3561 (CENTURYLI...) (CENTURYLINK-LEGACY-SAVVIS)
16	10

5 199.250.217.131 (Los Angeles, United States)

ASN54641 (INMOTI-1, US)
PTR: ecbiz255.inmotionhosting.com

onfiretoretire.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.185.75.14 (United States)

ASN15169 (GOOGLE, US)
PTR: 14.75.185.35.bc.googleusercontent.com

videopal.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.5.71.251 (Netherlands)

ASN51430 (ALTUS, NL)
PTR: server1.allinoneprofits.com

aiop-response.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3035::681f:413a (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.trafficg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:993 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

trackr.leadsleap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::681c:10c5 (United States)

ASN13335 (CLOUDFLARENET, US)

trckapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.53.65 (United States)

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.5.71.65 (Netherlands)

ASN51430 (ALTUS, NL)
PTR: server1.allinoneprofits.biz

aiopsplashbuilder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.52.65 (United States)

ASN13335 (CLOUDFLARENET, US)

c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.70.19.52 (United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)
PTR: mailrelay.52.website.ws

cashandfreedom4u.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	trafficg.com 2 redirects www.trafficg.com	3 KB
5	onfiretoretire.net onfiretoretire.net	32 KB
2	statcounter.com www.statcounter.com c.statcounter.com	14 KB
2	videopal.me videopal.me	8 KB
1	cashandfreedom4u.ws cashandfreedom4u.ws	19 KB
1	aiopsplashbuilder.com aiopsplashbuilder.com	427 KB
1	trckapp.com trckapp.com	539 B
1	leadsleap.com 1 redirects trackr.leadsleap.com	474 B
1	aiop-response.com aiop-response.com	4 KB
16	9

	Domain	Requested by
5	www.trafficg.com	2 redirects onfiretoretire.net www.trafficg.com
5	onfiretoretire.net	onfiretoretire.net
2	videopal.me	onfiretoretire.net videopal.me
1	cashandfreedom4u.ws	onfiretoretire.net
1	c.statcounter.com	www.statcounter.com
1	aiopsplashbuilder.com	onfiretoretire.net
1	www.statcounter.com	onfiretoretire.net
1	trckapp.com	onfiretoretire.net
1	trackr.leadsleap.com	1 redirects
1	aiop-response.com	onfiretoretire.net
16	10

This site contains links to these domains. Also see Links.

Domain
aiop-response.com
trafficg.com
www.trafficg.com

Subject Issuer	Validity	Valid
videopal.me Let's Encrypt Authority X3	`2020-10-01` - `2020-12-30`	3 months	crt.sh
aiop-response.com cPanel, Inc. Certification Authority	`2020-07-27` - `2020-10-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-24` - `2021-07-24`	a year	crt.sh
www.aiopsplashbuilder.com Let's Encrypt Authority X3	`2020-08-18` - `2020-11-16`	3 months	crt.sh
us-dallas.statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-22` - `2020-10-29`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://onfiretoretire.net/
Frame ID: 3AB68A19FCB4542A7CF9D56E7129C1BB
Requests: 13 HTTP requests in this frame

Frame: http://onfiretoretire.net/videos/boss1.mp4
Frame ID: 14509A6F2C0D7CE390FC72E1178650DA
Requests: 9 HTTP requests in this frame

Frame: https://videopal.me/embed/z9aqkdXjuAce?referer=http%3A%2F%2Fonfiretoretire.net%2F
Frame ID: 6A36A462B181A57C1A66F9B8A817DAEB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /statcounter\.com\/counter\/counter/i

Page Statistics

16
Requests

56 %
HTTPS

30 %
IPv6

9
Domains

10
Subdomains

10
IPs

2
Countries

505 kB
Transfer

1903 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://aiop-response.com/p_p_d_p.php

Search URL Search Domain Scan URL

URL: http://trafficg.com/clicker2.php?id=150285&nks=30434

Search URL Search Domain Scan URL

URL: http://www.trafficg.com/index.php?member=flefebre
Title: TrafficG - Free Traffic and Website Promotion!

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://www.trafficg.com/trafficg.js HTTP 301
https://www.trafficg.com/trafficg.js

Request Chain 5

http://www.trafficg.com/trafficg2.js HTTP 301
https://www.trafficg.com/trafficg2.js

Request Chain 6

http://trackr.leadsleap.com/pixel.php?l=67473 HTTP 302
https://trckapp.com/pixel.php?l=67473

Request Chain 21

http://videopal.me/embed/z9aqkdXjuAce?referer=http%3A%2F%2Fonfiretoretire.net%2F HTTP 307
https://videopal.me/embed/z9aqkdXjuAce?referer=http%3A%2F%2Fonfiretoretire.net%2F

16 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
onfiretoretire.net/ 8 KB
8 KB 548ms
432ms Document
text/html 199.250.217.131
INMOTI-1

General

Check archive.org

Show headers Download Go to

Full URL: http://onfiretoretire.net/
Protocol: HTTP/1.1
Server: 199.250.217.131 Los Angeles, United States, ASN54641 (INMOTI-1, US),
Reverse DNS: ecbiz255.inmotionhosting.com
Software: Apache /
Resource Hash: 5b2789bcd1570fc005d15dee423bd2d8db633565ef60e9c6c81357a2e2614db2

Request headers

Host: onfiretoretire.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 06 Oct 2020 01:45:32 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=3, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK vp_player.min.js Show response
videopal.me/js/ 7 KB
8 KB 739ms
121ms Script
application/javascript 35.185.75.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://videopal.me/js/vp_player.min.js?v=1.1.28

Requested by

Host: onfiretoretire.net
URL: http://onfiretoretire.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.185.75.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

14.75.185.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

06a9b7fe58f93df230701937e4eb1f31194ea3770363f8e9fb5da42cf493372e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://onfiretoretire.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 06 Oct 2020 01:45:33 GMT
Last-Modified: Mon, 08 Apr 2019 19:02:23 GMT
Server: nginx
ETag: "5cab9abf-1d90"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7568

GET
H/1.1 200
OK retire468x60_t.gif
onfiretoretire.net/images/banners/ 23 KB
23 KB 99ms
98ms Image
image/gif 199.250.217.131
INMOTI-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://onfiretoretire.net/images/banners/retire468x60_t.gif
Requested by: Host: onfiretoretire.net
URL: http://onfiretoretire.net/
Protocol: HTTP/1.1
Server: 199.250.217.131 Los Angeles, United States, ASN54641 (INMOTI-1, US),
Reverse DNS: ecbiz255.inmotionhosting.com
Software: Apache /
Resource Hash: 3ce594a235e1551974f8a6701038b2cdd55521f2220a4501583e3d1f7ed92f35

Request headers

Referer: http://onfiretoretire.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 06 Oct 2020 01:45:33 GMT
Last-Modified: Thu, 18 Oct 2018 02:29:27 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 23404

GET
H2 200 gdpbadge11.png
aiop-response.com/images/ 4 KB
4 KB 68ms
16ms Image
image/png 213.5.71.251
ALTUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aiop-response.com/images/gdpbadge11.png
Requested by: Host: onfiretoretire.net
URL: http://onfiretoretire.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.5.71.251 , Netherlands, ASN51430 (ALTUS, NL),
Reverse DNS: server1.allinoneprofits.com
Software: nginx /
Resource Hash: 8cf9b380fbbbea839d9cd232e238c36953c478071e3d68f2ce18848c97e28612

Request headers

Referer: http://onfiretoretire.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Tue, 06 Oct 2020 01:45:37 GMT
last-modified: Wed, 23 May 2018 13:33:55 GMT
server: nginx
etag: "5b056dc3-e1d"
content-type: image/png
status: 200
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 3613
expires: Thu, 05 Nov 2020 01:45:37 GMT

GET
H/1.1 200
OK spacer4x150_t.png
onfiretoretire.net/images/ 252 B
493 B 98ms
98ms Image
image/png 199.250.217.131
INMOTI-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://onfiretoretire.net/images/spacer4x150_t.png
Requested by: Host: onfiretoretire.net
URL: http://onfiretoretire.net/
Protocol: HTTP/1.1
Server: 199.250.217.131 Los Angeles, United States, ASN54641 (INMOTI-1, US),
Reverse DNS: ecbiz255.inmotionhosting.com
Software: Apache /
Resource Hash: 3ca886c0badd33b6ff9150f23a9e89e39309433d1b6dc56d1b525514ab9035fa

Request headers

Referer: http://onfiretoretire.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 06 Oct 2020 01:45:33 GMT
Last-Modified: Sun, 21 Apr 2019 18:39:27 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 252

GET
H2

200

trafficg.js Show response
www.trafficg.com/
Redirect Chain

http://www.trafficg.com/trafficg.js
https://www.trafficg.com/trafficg.js

382 B
786 B

28ms
10ms

Script
application/javascript

2606:4700:3035::681f:413a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trafficg.com/trafficg.js
Requested by: Host: onfiretoretire.net
URL: http://onfiretoretire.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:413a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69421f9181ca943bcd28b7ff7cc54bdff9d38315dcb470ec531c6eb0e2112c27

Request headers

Referer: http://onfiretoretire.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 01:45:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2019 20:38:53 GMT
server: cloudflare
age: 6139
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601948733"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5ddbb41fba4a1f51-FRA
cf-request-id: 059d2ee7d300001f5177269200000001

Redirect headers

Date: Tue, 06 Oct 2020 01:45:33 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601948733"}],"group":"cf-nel","max_age":604800}
Location: https://www.trafficg.com/trafficg.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5ddbb41f8f3b05d0-FRA
cf-request-id: 059d2ee7b4000005d0858de200000001
Expires: Tue, 06 Oct 2020 02:45:33 GMT

GET
H2

200

trafficg2.js Show response
www.trafficg.com/
Redirect Chain

http://www.trafficg.com/trafficg2.js
https://www.trafficg.com/trafficg2.js

380 B
317 B

12ms
11ms

Script
application/javascript

2606:4700:3035::681f:413a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trafficg.com/trafficg2.js
Requested by: Host: onfiretoretire.net
URL: http://onfiretoretire.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:413a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 667485d1b34c34e4d5c68fc5445825f6fb05c07191ca667178f189d69909f8fe

Request headers

Referer: http://onfiretoretire.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 01:45:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Jan 2004 21:42:39 GMT
server: cloudflare
age: 6139
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601948733"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5ddbb41fda671f51-FRA
cf-request-id: 059d2ee7e800001f517726a200000001

Redirect headers

Date: Tue, 06 Oct 2020 01:45:33 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601948733"}],"group":"cf-nel","max_age":604800}
Location: https://www.trafficg.com/trafficg2.js
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5ddbb41fcf9605d0-FRA
cf-request-id: 059d2ee7df000005d0858e1200000001
Expires: Tue, 06 Oct 2020 02:45:33 GMT

GET
H2

200

pixel.php
trckapp.com/
Redirect Chain

http://trackr.leadsleap.com/pixel.php?l=67473
https://trckapp.com/pixel.php?l=67473

49 B
539 B

785ms
762ms

Image
image/gif

2606:4700:3035::681c:10c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trckapp.com/pixel.php?l=67473
Requested by: Host: onfiretoretire.net
URL: http://onfiretoretire.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:10c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd43aae038d37b63b2bb1993e42a3b0b1b6a0cfa65aba96c127f1fc7206ffecd

Request headers

Referer: http://onfiretoretire.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 01:45:34 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601948735"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
status: 200
cf-ray: 5ddbb4235c621772-FRA
cf-request-id: 059d2eea1700001772b09a1200000001

Redirect headers

Date: Tue, 06 Oct 2020 01:45:33 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Content-Type: text/html; charset=UTF-8
Location: https://trckapp.com/pixel.php?l=67473
Connection: keep-alive
CF-RAY: 5ddbb42118ae2c56-FRA
Content-Length: 0
cf-request-id: 059d2ee8b200002c56fc86f200000001

GET
H/1.1 200
OK boss1.mp4
onfiretoretire.net/videos/ Frame 1450 0
0 98ms
97ms Document
video/mp4 199.250.217.131
INMOTI-1

General

Check archive.org

Show headers Download Go to

Full URL: http://onfiretoretire.net/videos/boss1.mp4
Requested by: Host: onfiretoretire.net
URL: http://onfiretoretire.net/
Protocol: HTTP/1.1
Server: 199.250.217.131 Los Angeles, United States, ASN54641 (INMOTI-1, US),
Reverse DNS: ecbiz255.inmotionhosting.com
Software: Apache /
Resource Hash

Request headers

Host: onfiretoretire.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://onfiretoretire.net/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://onfiretoretire.net/

Response headers

Date: Tue, 06 Oct 2020 01:45:33 GMT
Server: Apache
Last-Modified: Fri, 01 Nov 2019 19:56:50 GMT
Accept-Ranges: bytes
Content-Length: 11202850
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: video/mp4

GET
H/1.1 200
OK counter.js Show response
www.statcounter.com/counter/ 35 KB
13 KB 39ms
23ms Script
application/x-javascript 104.22.53.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.statcounter.com/counter/counter.js
Requested by: Host: onfiretoretire.net
URL: http://onfiretoretire.net/
Protocol: HTTP/1.1
Server: 104.22.53.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf2a8872f1430be3664db06dca0206a77748b2b054a6f5b117970a9e5b95bcf5

Request headers

Referer: http://onfiretoretire.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 06 Oct 2020 01:45:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Sep 2020 17:30:23 GMT
Server: cloudflare
Age: 18022
ETag: W/"5f6b862f-8b91"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5ddbb4233a320ba5-AMS
cf-request-id: 059d2ee9fe00000ba58aab1200000001
Expires: Tue, 06 Oct 2020 08:45:11 GMT

GET
H/1.1 200
OK pjbuwctwssiqmucavdpk_(1).jpg
aiopsplashbuilder.com/images/flefebre/ 427 KB
427 KB 90ms
19ms Image
image/jpeg 213.5.71.65
ALTUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aiopsplashbuilder.com/images/flefebre/pjbuwctwssiqmucavdpk_(1).jpg
Requested by: Host: onfiretoretire.net
URL: http://onfiretoretire.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.5.71.65 , Netherlands, ASN51430 (ALTUS, NL),
Reverse DNS: server1.allinoneprofits.biz
Software: nginx /
Resource Hash: fa8dbe50fc243d17ce1e5f0ef53a1e638972c4758a190babd826e786eaefee0d

Request headers

Referer: http://onfiretoretire.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 06 Oct 2020 01:45:32 GMT
Last-Modified: Sun, 30 Sep 2018 13:59:08 GMT
Server: nginx
ETag: "5bb0d6ac-6abbc"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 437180
Expires: Thu, 05 Nov 2020 01:45:32 GMT

GET
H2 200 text.php Show response
c.statcounter.com/ 67 B
651 B 186ms
151ms XHR
application/json 104.22.52.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/text.php?sc_project=9416873&java=1&security=60d924e4&u1=F731088289B04FDB78981F14A5CCE8D6&sc_rum_f_s=0&sc_rum_f_e=1361&sc_rum_e_s=1363&sc_rum_e_e=1368&sc_random=0.21972358742549436&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//onfiretoretire.net/&t=On%20Fire%20To%20Retire!&rcat=d&rdom=d&rdomg=new&bb=1&sc_snum=1&sess=154f34&p=0&text=2&get_config=true
Requested by: Host: www.statcounter.com
URL: http://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.52.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3b99f5e6ccd8735471ce22d870a18c2322da09e94f1c951db0db4d7608665dc

Request headers

Referer: http://onfiretoretire.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5ddbb423ac261ea5-AMS
date: Tue, 06 Oct 2020 01:45:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: http://onfiretoretire.net
access-control-allow-credentials: true
content-type: application/json
cf-request-id: 059d2eea4a00001ea50f1c0200000001
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 getban2.php Show response
www.trafficg.com/ 156 B
443 B 386ms
385ms Script
text/html 2606:4700:3035::681f:413a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trafficg.com/getban2.php?mem=40958&k=Y&loc=-1&nks=74235
Requested by: Host: www.trafficg.com
URL: http://www.trafficg.com/trafficg.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:413a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5f436040d8cef71b8b53075bae58f9d57b88b42ab1a2b2cef27a73a7dadc972

Request headers

Referer: http://onfiretoretire.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Tue, 06 Oct 2020 01:45:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 06 Oct 2020 01:45:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601948734"}],"group":"cf-nel","max_age":604800}
content-type: text/html
status: 200
cache-control: no-store, no-cache, max-age=0, must-revalidate
cf-ray: 5ddbb4236ef71f51-FRA
cf-request-id: 059d2eea2200001f517727e200000001
expires: Tue, 06 Oct 2020 01:45:34 GMT

GET
DATA 200
OK truncated
/ Frame 1450 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1450 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 206
Partial Content boss1.mp4
onfiretoretire.net/videos/ Frame 1450 1 MB
0 191ms
178ms Media
video/mp4 199.250.217.131
INMOTI-1

General

Check archive.org

Show headers Download Go to

Full URL: http://onfiretoretire.net/videos/boss1.mp4
Requested by: Host: onfiretoretire.net
URL: http://onfiretoretire.net/
Protocol: HTTP/1.1
Server: 199.250.217.131 Los Angeles, United States, ASN54641 (INMOTI-1, US),
Reverse DNS: ecbiz255.inmotionhosting.com
Software: Apache /
Resource Hash

Request headers

Referer: http://onfiretoretire.net/videos/boss1.mp4
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 06 Oct 2020 01:45:34 GMT
Last-Modified: Fri, 01 Nov 2019 19:56:50 GMT
Server: Apache
Upgrade: h2,h2c
Content-Range: bytes 0-11202849/11202850
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: video/mp4
Keep-Alive: timeout=3, max=100
Content-Length: 11202850

GET
DATA 200
OK truncated
/ Frame 1450 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1450 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1450 178 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1450 352 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1450 243 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK cantmakemoney.jpg
cashandfreedom4u.ws/images/ 19 KB
19 KB 437ms
330ms Image
image/jpeg 64.70.19.52
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cashandfreedom4u.ws/images/cantmakemoney.jpg
Requested by: Host: onfiretoretire.net
URL: http://onfiretoretire.net/
Protocol: HTTP/1.1
Server: 64.70.19.52 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS: mailrelay.52.website.ws
Software: nginx/0.7.65 /
Resource Hash: 24031cc71ef439d81baa4185ac3588a219e7ed61c7728f3220fce4cea6a2d85d

Request headers

Referer: http://onfiretoretire.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 06 Oct 2020 01:45:34 GMT
Last-Modified: Sat, 11 Aug 2018 18:39:21 GMT
Server: nginx/0.7.65
ETag: "9c4373f-4a32-5732d2dc1f1e4"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18994

GET
H/1.1

200
OK

z9aqkdXjuAce
videopal.me/embed/ Frame 6A36
Redirect Chain

http://videopal.me/embed/z9aqkdXjuAce?referer=http%3A%2F%2Fonfiretoretire.net%2F
https://videopal.me/embed/z9aqkdXjuAce?referer=http%3A%2F%2Fonfiretoretire.net%2F

0
0

327ms
326ms

Document
text/html

35.185.75.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://videopal.me/embed/z9aqkdXjuAce?referer=http%3A%2F%2Fonfiretoretire.net%2F

Requested by

Host: videopal.me
URL: https://videopal.me/js/vp_player.min.js?v=1.1.28

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.185.75.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

14.75.185.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: videopal.me
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://onfiretoretire.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://onfiretoretire.net/

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Feature-Policy: autoplay *
Access-Control-Allow-Origin: *
Date: Tue, 06 Oct 2020 01:45:36 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

Location: https://videopal.me/embed/z9aqkdXjuAce?referer=http%3A%2F%2Fonfiretoretire.net%2F
Non-Authoritative-Reason: HSTS

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			onfiretoretire.net/	1969-12-31 23:59:59	Name: credit Value: true
			.onfiretoretire.net/	1970-01-20 06:30:20	Name: sc_is_visitor_unique Value: rx9416873.1601948734.F731088289B04FDB78981F14A5CCE8D6.1.1.1.1.1.1.1.1.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aiop-response.com
aiopsplashbuilder.com
c.statcounter.com
cashandfreedom4u.ws
onfiretoretire.net
trackr.leadsleap.com
trckapp.com
videopal.me
www.statcounter.com
www.trafficg.com
104.22.52.65
104.22.53.65
199.250.217.131
213.5.71.251
213.5.71.65
2606:4700:20::681a:993
2606:4700:3035::681c:10c5
2606:4700:3035::681f:413a
35.185.75.14
64.70.19.52
06a9b7fe58f93df230701937e4eb1f31194ea3770363f8e9fb5da42cf493372e
24031cc71ef439d81baa4185ac3588a219e7ed61c7728f3220fce4cea6a2d85d
3ca886c0badd33b6ff9150f23a9e89e39309433d1b6dc56d1b525514ab9035fa
3ce594a235e1551974f8a6701038b2cdd55521f2220a4501583e3d1f7ed92f35
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5b2789bcd1570fc005d15dee423bd2d8db633565ef60e9c6c81357a2e2614db2
5f3592a8b8037ea064764a2815799612063c6722d314d1d66d3a9391c3c16d66
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
667485d1b34c34e4d5c68fc5445825f6fb05c07191ca667178f189d69909f8fe
69421f9181ca943bcd28b7ff7cc54bdff9d38315dcb470ec531c6eb0e2112c27
8cf9b380fbbbea839d9cd232e238c36953c478071e3d68f2ce18848c97e28612
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
b5f436040d8cef71b8b53075bae58f9d57b88b42ab1a2b2cef27a73a7dadc972
bf2a8872f1430be3664db06dca0206a77748b2b054a6f5b117970a9e5b95bcf5
c3b99f5e6ccd8735471ce22d870a18c2322da09e94f1c951db0db4d7608665dc
dd43aae038d37b63b2bb1993e42a3b0b1b6a0cfa65aba96c127f1fc7206ffecd
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
fa8dbe50fc243d17ce1e5f0ef53a1e638972c4758a190babd826e786eaefee0d

onfiretoretire.net Open in urlscan Pro 199.250.217.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

16 Requests

56 %HTTPS

30 %IPv6

9 Domains

10 Subdomains

10 IPs

2 Countries

505 kBTransfer

1903 kBSize

2 Cookies

3 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

2 Cookies

Indicators

onfiretoretire.net Open in urlscan Pro
199.250.217.131 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

56 %
HTTPS

30 %
IPv6

9
Domains

10
Subdomains

10
IPs

2
Countries

505 kB
Transfer

1903 kB
Size

2
Cookies

16 HTTP transactions
7 data transactions