urlscan.io logo urlscan.io
SecurityTrails logo

trendshops.net Open in urlscan Pro
172.67.191.6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.saig.ch/
Effective URL: https://trendshops.net/promote/gear4music.ie
Submission: On July 24 via api from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 12 domains to perform 16 HTTP transactions. The main IP is 172.67.191.6, located in United States and belongs to CLOUDFLARENET, US. The main domain is trendshops.net. The Cisco Umbrella rank of the primary domain is 906568.
TLS certificate: Issued by GTS CA 1P5 on June 3rd 2024. Valid for: 3 months.
This is the only time trendshops.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 185.53.178.50 61969 (TEAMINTER...)
1 18.66.121.69 16509 (AMAZON-02)
2 34.197.235.46 14618 (AMAZON-AES)
1 1 173.239.53.32 27257 (WEBAIR-IN...)
1 1 52.59.165.42 16509 (AMAZON-02)
3 31.220.27.134 39572 (ADVANCEDH...)
2 23.109.5.68 7979 (SERVERS-COM)
2 212.117.186.84 7979 (SERVERS-COM)
1 1 188.42.108.76 7979 (SERVERS-COM)
1 1 5.9.85.57 24940 (HETZNER-AS)
1 2 172.67.191.6 13335 (CLOUDFLAR...)
16 8
4    185.53.178.50 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)
www.saig.ch
1    18.66.121.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-121-69.fra60.r.cloudfront.net
d38psrni17bvxu.cloudfront.net
2    34.197.235.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-235-46.compute-1.amazonaws.com
tanis-ats.com
1    173.239.53.32 (New York, United States)

ASN27257 (WEBAIR-INTERNET, US)
xml-v4.starvalue-3.online
1    52.59.165.42 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: eu-ip-1.short.io
go.advertia.click
3    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
viinufhg.com
2    23.109.5.68 (Netherlands)

ASN7979 (SERVERS-COM, US)
ww.acquisitionfantasy.com
2    212.117.186.84 (Luxembourg, Luxembourg)

ASN7979 (SERVERS-COM, US)
forgrowbane.top
1    188.42.108.76 (Luxembourg)

ASN7979 (SERVERS-COM, US)
wz.bicronglagah.shop
1    5.9.85.57 (Giessen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.57.85.9.5.clients.your-server.de
plorexdry.com
2    172.67.191.6 (United States)

ASN13335 (CLOUDFLARENET, US)
trendshops.net
Apex Domain
Subdomains		 Transfer
4 saig.ch
www.saig.ch
2 KB
3 viinufhg.com
viinufhg.com — Cisco Umbrella Rank: 860393
22 KB
2 trendshops.net
trendshops.net — Cisco Umbrella Rank: 906568
2 KB
2 forgrowbane.top
forgrowbane.top
682 B
2 acquisitionfantasy.com
ww.acquisitionfantasy.com — Cisco Umbrella Rank: 891228
17 KB
2 tanis-ats.com
tanis-ats.com — Cisco Umbrella Rank: 304284
4 KB
1 plorexdry.com
plorexdry.com — Cisco Umbrella Rank: 667944
492 B
1 bicronglagah.shop
wz.bicronglagah.shop — Cisco Umbrella Rank: 192228
718 B
1 advertia.click
go.advertia.click
117 B
1 starvalue-3.online
xml-v4.starvalue-3.online
186 B
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
1 KB
0 linksprf.com Failed
r.linksprf.com Failed
16 12
Domain Requested by
4 www.saig.ch d38psrni17bvxu.cloudfront.net
www.saig.ch
3 viinufhg.com tanis-ats.com
viinufhg.com
2 trendshops.net 1 redirects ww.acquisitionfantasy.com
2 forgrowbane.top ww.acquisitionfantasy.com
2 ww.acquisitionfantasy.com
2 tanis-ats.com www.saig.ch
tanis-ats.com
1 plorexdry.com 1 redirects
1 wz.bicronglagah.shop 1 redirects
1 go.advertia.click 1 redirects
1 xml-v4.starvalue-3.online 1 redirects
1 d38psrni17bvxu.cloudfront.net www.saig.ch
0 r.linksprf.com Failed trendshops.net
16 12

This site contains no links.

Subject Issuer Validity Valid
www.saig.ch
R11		 2024-07-19 -
2024-10-17		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
tanis-ats.com
Amazon RSA 2048 M02		 2024-07-02 -
2025-07-31		 a year crt.sh
viinufhg.com
R11		 2024-06-24 -
2024-09-22		 3 months crt.sh
clicks-sin.endpointhere.com
R10		 2024-06-29 -
2024-09-27		 3 months crt.sh
forgrowbane.top
R11		 2024-06-07 -
2024-09-05		 3 months crt.sh
trendshops.net
GTS CA 1P5		 2024-06-03 -
2024-09-01		 3 months crt.sh

This page contains 1 frames:

Frame: https://r.linksprf.com/v1/redirect?type=linkId&id=e846bb641dbe46f6b0a94efbf61a3f55&api_key=ee1f727badbf678cf871350faf6f3dcf&site_id=39e9e6bac6884700826f1fd7b1cb5908&dch=feed&ad_t=advertiser&yk_tag=bh770c816136de1880d847d7d3088013&source=https%3A%2F%2Ftrendshops.net&url=https%3A%2F%2Fgear4music.ie
Frame ID: 58CAA96E5B8AF8F60EEB5CDA2B0B8C70
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.saig.ch/ Page URL
  2. http://tanis-ats.com/zclkvisitor/653f6660-49a5-11ef-a690-0affdd9f7951/85aefdc2-9ed0-48aa-922d-60f... HTTP 307
    https://tanis-ats.com/zclkvisitor/653f6660-49a5-11ef-a690-0affdd9f7951/85aefdc2-9ed0-48aa-922d-60f... Page URL
  3. https://tanis-ats.com/zclkredirect?visitid=653f6660-49a5-11ef-a690-0affdd9f7951&type=js&browserWid... Page URL
  4. http://xml-v4.starvalue-3.online/click?seat=2922854&i=nIk8I*yoDlU_0 HTTP 307
    https://xml-v4.starvalue-3.online/click?seat=2922854&i=nIk8I*yoDlU_0 HTTP 302
    https://go.advertia.click/active HTTP 302
    https://viinufhg.com/dc/?blockID=351755&tb=http%3A%2F%2Ftubemate.us Page URL
  5. http://ww.acquisitionfantasy.com/jssearch/r5Cdx8Q1K3KCWrny2HsKyBBFvlsE7LW5wRKnEJWbr9J36BIXZxfQ7fml9ZNdP43Uyvg... HTTP 307
    https://ww.acquisitionfantasy.com/jssearch/r5Cdx8Q1K3KCWrny2HsKyBBFvlsE7LW5wRKnEJWbr9J36BIXZxfQ7fml9ZNdP43Uyvg... Page URL
  6. https://wz.bicronglagah.shop/ri/81270?md=snI0Z3YioDMsISYioTMyUDLiMnI6ISM2ADM4FjMwAjIsIiYiojIxYDMwgXMyADMi... HTTP 302
    https://plorexdry.com/r/b?s=9450172775&s3=245044&p=1&rsid=ee9436a5c38e647ea3b735ef83e17a5e&d=https... HTTP 302
    https://trendshops.net/share/bh7?shop=gear4music.ie&nid=3&var1=9450172775&var2=sel-yk&var3=245044&u... HTTP 302
    https://trendshops.net/promote/gear4music.ie Page URL

Page Statistics

16
Requests

81 %
HTTPS

0 %
IPv6

12
Domains

12
Subdomains

8
IPs

4
Countries

48 kB
Transfer

98 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.saig.ch/ Page URL
  2. http://tanis-ats.com/zclkvisitor/653f6660-49a5-11ef-a690-0affdd9f7951/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=6549edb2-49a5-11ef-a690-0affdd9f7951 HTTP 307
    https://tanis-ats.com/zclkvisitor/653f6660-49a5-11ef-a690-0affdd9f7951/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=6549edb2-49a5-11ef-a690-0affdd9f7951 Page URL
  3. https://tanis-ats.com/zclkredirect?visitid=653f6660-49a5-11ef-a690-0affdd9f7951&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FZurich Page URL
  4. http://xml-v4.starvalue-3.online/click?seat=2922854&i=nIk8I*yoDlU_0 HTTP 307
    https://xml-v4.starvalue-3.online/click?seat=2922854&i=nIk8I*yoDlU_0 HTTP 302
    https://go.advertia.click/active HTTP 302
    https://viinufhg.com/dc/?blockID=351755&tb=http%3A%2F%2Ftubemate.us Page URL
  5. http://ww.acquisitionfantasy.com/jssearch/r5Cdx8Q1K3KCWrny2HsKyBBFvlsE7LW5wRKnEJWbr9J36BIXZxfQ7fml9ZNdP43UyvgxPlghCQ9eM3rTR1qZG8fhZL-fKcjtXz6WYZKUVqJvuxLex4l1a0Q9PmR6AqKSLYiv6-W36tzov4kQlW770Ct2wHdZvD2g2-0dAvkmWjO4iC0ZK092D-AUnjlM3or9rGphfNpZaNIPRypeB9DGrfAIOG3b28Uq4w9VG_mDl3_jWUgReqzQYlir_LdG3OwQAk_93R9bIFDO1OduvtV9_2f2UWaxW9Yvx6ZdxH2unD6iQjs6s1sZFdPJToDpj3R3JnMqKDTq9l8J0dH4jx_iSmQtQxVFUbsCw5X7BMNyoCcvA_7QbB7IXIRmXcrMKSyed3u66OjUBeXQTwOQKTo HTTP 307
    https://ww.acquisitionfantasy.com/jssearch/r5Cdx8Q1K3KCWrny2HsKyBBFvlsE7LW5wRKnEJWbr9J36BIXZxfQ7fml9ZNdP43UyvgxPlghCQ9eM3rTR1qZG8fhZL-fKcjtXz6WYZKUVqJvuxLex4l1a0Q9PmR6AqKSLYiv6-W36tzov4kQlW770Ct2wHdZvD2g2-0dAvkmWjO4iC0ZK092D-AUnjlM3or9rGphfNpZaNIPRypeB9DGrfAIOG3b28Uq4w9VG_mDl3_jWUgReqzQYlir_LdG3OwQAk_93R9bIFDO1OduvtV9_2f2UWaxW9Yvx6ZdxH2unD6iQjs6s1sZFdPJToDpj3R3JnMqKDTq9l8J0dH4jx_iSmQtQxVFUbsCw5X7BMNyoCcvA_7QbB7IXIRmXcrMKSyed3u66OjUBeXQTwOQKTo Page URL
  6. https://wz.bicronglagah.shop/ri/81270?md=snI0Z3YioDMsISYioTMyUDLiMnI6ISM2ADM4FjMwAjIsIiYiojIxYDMwgXMyADMiwiIyJiOiICLiEnI6ICa0RHczpzLvc3duE2YxVXazlGdp9mbmFmb0F2c55yYv12LqN3clFmcjh2LyVzQkhHORFzSzs0QXJnb5JDSztUeCJkR2x2cFdDTXVzdStkbFp0ViJXOKNjNClEWahnZRdjZtxWOa5EZQRzMVlndnhHUsdGaDFVOl10MyRlUxEnWHhjZopFTtY2SjpGdYpnNXllWLVlVxpkd1hHTlhHNsFTYwEVOQ1mU2EUcLNFTZlmd20yVzYDd69md0sWUsd1N3AzQ0JzdIRmW2RkMnJTLwQWQ2tWbXp2T0k2Qwo1SwkjME1SQV5mas10MvJXOydEcoZmTwpVYOlEUSlHclJUOEdkIsICaioTNzczNsICbiojIkVWLDhkIsICdioTLxIDMsIieiojN3ATMsIyaioDNsISdiojI2czY3ImZ1MTYkJzMwImMxQWO0UjN0ICLiYmI6YWYsNXZsIydoJiOi42b0BSauBSamJXYtVmIsISaoJiOi42b0BSauBSamJXYtVmIsISZiojIwZXekBTMtlWYzZmNzonMiwiIvJiO0JXdlxiItJiOxcjMxgTM2AjM1EzN1wiI3JiOiUyNCViMyQXa0xWZlIjMlMTQlIjMlIjMlIzQlIjMrVWe39mckNXJyITJzEUJ1IUJ1QUJyMUJyIDdvB3dvJHZzViMyUyMBVSNCViMyEGZ2Vmc0l2clJXJzEUMlIjMlUDRlcDRiwiI0NnI6ADLiAncioTMsICZtJiO4wiIoNmI6gDLiIGbioTMsIiYjJiOywiI2ZnI6ISSuRXZsBSSuNmLiwiI2JnI6ISSuRXZsBSSyl2cg8Ecl52RMBSRudWauVmIsISYjJiOwwiIjRnI6ISdutmbvdnbiwiIjVGdiojI0cmIsIyYkxWbioTLxwiIjRGbioTOukDLiMmc0RnI6ITNwwiI012ciojNwwiIjVmI6Qnc1VGLiMGZiojM0wiIvJnI6ICbh5GZzNWYwVWLwJXatFmc5JSf&param_2=110001186&param=842&param_3=1510777822818183&param_4=86.44.24.214 HTTP 302
    https://plorexdry.com/r/b?s=9450172775&s3=245044&p=1&rsid=ee9436a5c38e647ea3b735ef83e17a5e&d=https%3A%2F%2F HTTP 302
    https://trendshops.net/share/bh7?shop=gear4music.ie&nid=3&var1=9450172775&var2=sel-yk&var3=245044&url=https%3A%2F%2Fgear4music.ie&rtb_key=671c1dd9066432436f6043b28dc990d1&tsv=1721816026&shv=f98cb4fbdfa17db525b4604124c93d69 HTTP 302
    https://trendshops.net/promote/gear4music.ie Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://tanis-ats.com/zclkvisitor/653f6660-49a5-11ef-a690-0affdd9f7951/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=6549edb2-49a5-11ef-a690-0affdd9f7951 HTTP 307
  • https://tanis-ats.com/zclkvisitor/653f6660-49a5-11ef-a690-0affdd9f7951/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=6549edb2-49a5-11ef-a690-0affdd9f7951
Request Chain 7
  • http://xml-v4.starvalue-3.online/click?seat=2922854&i=nIk8I*yoDlU_0 HTTP 307
  • https://xml-v4.starvalue-3.online/click?seat=2922854&i=nIk8I*yoDlU_0 HTTP 302
  • https://go.advertia.click/active HTTP 302
  • https://viinufhg.com/dc/?blockID=351755&tb=http%3A%2F%2Ftubemate.us
Request Chain 9
  • http://ww.acquisitionfantasy.com/jssearch/r5Cdx8Q1K3KCWrny2HsKyBBFvlsE7LW5wRKnEJWbr9J36BIXZxfQ7fml9ZNdP43UyvgxPlghCQ9eM3rTR1qZG8fhZL-fKcjtXz6WYZKUVqJvuxLex4l1a0Q9PmR6AqKSLYiv6-W36tzov4kQlW770Ct2wHdZvD2g2-0dAvkmWjO4iC0ZK092D-AUnjlM3or9rGphfNpZaNIPRypeB9DGrfAIOG3b28Uq4w9VG_mDl3_jWUgReqzQYlir_LdG3OwQAk_93R9bIFDO1OduvtV9_2f2UWaxW9Yvx6ZdxH2unD6iQjs6s1sZFdPJToDpj3R3JnMqKDTq9l8J0dH4jx_iSmQtQxVFUbsCw5X7BMNyoCcvA_7QbB7IXIRmXcrMKSyed3u66OjUBeXQTwOQKTo HTTP 307
  • https://ww.acquisitionfantasy.com/jssearch/r5Cdx8Q1K3KCWrny2HsKyBBFvlsE7LW5wRKnEJWbr9J36BIXZxfQ7fml9ZNdP43UyvgxPlghCQ9eM3rTR1qZG8fhZL-fKcjtXz6WYZKUVqJvuxLex4l1a0Q9PmR6AqKSLYiv6-W36tzov4kQlW770Ct2wHdZvD2g2-0dAvkmWjO4iC0ZK092D-AUnjlM3or9rGphfNpZaNIPRypeB9DGrfAIOG3b28Uq4w9VG_mDl3_jWUgReqzQYlir_LdG3OwQAk_93R9bIFDO1OduvtV9_2f2UWaxW9Yvx6ZdxH2unD6iQjs6s1sZFdPJToDpj3R3JnMqKDTq9l8J0dH4jx_iSmQtQxVFUbsCw5X7BMNyoCcvA_7QbB7IXIRmXcrMKSyed3u66OjUBeXQTwOQKTo

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.saig.ch/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.saig.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.50 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy nginx /
Resource Hash
f40d0e9af87c24fcf6682408bd87142683dd63ffab27732884b65f1c744d175d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
accept-ch-lifetime
30
alt-svc
h3=":8443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 24 Jul 2024 10:13:39 GMT
host
{http.reverse_proxy.upstream.hostport}
server
Caddy nginx
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_SJ7YCLZAxkPTkSm7NE0EL561mHcFPB4DwW9PBfnJnvlJD+dL+hjc5di3E7RQA0h/dK4wdg+hkI9j+/32OUxG3A==
x-buckets
bucket011
x-domain
saig.ch
x-forwarded-host
www.saig.ch
x-language
english
x-redirect
zeropark_zeroclick
x-ssl-c
v1
x-ssl-proxy
v2
x-subdomain
www
x-template
tpl_CleanPeppermintBlack_twoclick
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: www.saig.ch
URL: https://www.saig.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.121.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-121-69.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

Referer
https://www.saig.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 04:35:29 GMT
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
last-modified
Thu, 21 Mar 2024 11:48:11 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
age
20290
etag
"65fc1e7b-448"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1096
x-amz-cf-id
gNgoTrkP-RlDeApTzkSQHf7jNEQFauivhN_6eVrBo4ejr232yIfIIg==
track.php
www.saig.ch/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.saig.ch/track.php?domain=saig.ch&toggle=browserjs&uid=MTcyMTgxNjAxOC43Mjk5OjZkZWRlYmVmOTNlYjhjOTYwZDMxOWRmYzlmOWQ3YmYxMmI0ZjNhZWIxZmMwYzVmNDY0NjFhZWE2ZWJmYjMxOGQ6NjZhMGQzZDJiMjM0Mg%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.50 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

device-memory
8
rtt
250
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://www.saig.ch/
dpr
1
downlink
10
ect
4g

Response headers

date
Wed, 24 Jul 2024 10:13:39 GMT
content-encoding
gzip
x-ssl-proxy
v2
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
host
{http.reverse_proxy.upstream.hostport}
server
Caddy, nginx
x-custom-track
browserjs
vary
Accept-Encoding
accept-ch-lifetime
30
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
x-forwarded-host
www.saig.ch
x-ssl-c
v1
alt-svc
h3=":8443"; ma=2592000
ls.php
www.saig.ch/ 		16 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.saig.ch/ls.php?t=66a0d3d3&token=6f57a8c0628ccc3a46b55fd92f174424a9be6779
Requested by
Host: www.saig.ch
URL: https://www.saig.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.50 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash

Request headers

device-memory
8
rtt
250
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://www.saig.ch/
dpr
1
downlink
10
ect
4g

Response headers

date
Wed, 24 Jul 2024 10:13:39 GMT
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_rEPD4ZsT2slO7nBqrJT40TeSME1zyKWt6Mu0h01fotuXUxpxRHvXQX4SAdKouXC27/CFjhgYzoJYvzh0HE2y5Q==
x-ssl-c
v1
alt-svc
h3=":8443"; ma=2592000
x-ssl-proxy
v2
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
host
{http.reverse_proxy.upstream.hostport}
server
Caddy, nginx
access-control-max-age
86400
access-control-allow-methods
POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
accept-ch-lifetime
30
charset
utf-8
x-forwarded-host
www.saig.ch
x-log-success
66a0d3d37b5e0db63f0e9ec6
track.php
www.saig.ch/ 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.saig.ch/track.php?click=b03d3e0ab9547a7d158c69a3ebdac4fbfa641beb&domain=saig.ch&uid=MTcyMTgxNjAxOC43Mjk5OjZkZWRlYmVmOTNlYjhjOTYwZDMxOWRmYzlmOWQ3YmYxMmI0ZjNhZWIxZmMwYzVmNDY0NjFhZWE2ZWJmYjMxOGQ6NjZhMGQzZDJiMjM0Mg%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NmEwZDNkMmIyMzBifHx8MTcyMTgxNjAxOS4wMTEyfGEyMWMwODRhN2QxYTM4MmU3N2FiZmU0YTgwZDI2ZDI4NmVmYTMyZmF8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw2ZjU3YThjMDYyOGNjYzNhNDZiNTVmZDkyZjE3NDQyNGE5YmU2Nzc5fDB8fDB8MHx8fA%3D%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.50 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash

Request headers

device-memory
8
rtt
250
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://www.saig.ch/
dpr
1
downlink
10
ect
4g

Response headers

date
Wed, 24 Jul 2024 10:13:39 GMT
content-encoding
gzip
x-ssl-proxy
v2
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
host
{http.reverse_proxy.upstream.hostport}
server
Caddy, nginx
x-custom-track
none
vary
Accept-Encoding
accept-ch-lifetime
30
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
x-forwarded-host
www.saig.ch
x-ssl-c
v1
x-view-match
true
alt-svc
h3=":8443"; ma=2592000
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
tanis-ats.com/zclkvisitor/653f6660-49a5-11ef-a690-0affdd9f7951/
Redirect Chain
  • http://tanis-ats.com/zclkvisitor/653f6660-49a5-11ef-a690-0affdd9f7951/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=6549edb2-49a5-11ef-a690-0affdd9f7951
  • https://tanis-ats.com/zclkvisitor/653f6660-49a5-11ef-a690-0affdd9f7951/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=6549edb2-49a5-11ef-a690-0affdd9f7951
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tanis-ats.com/zclkvisitor/653f6660-49a5-11ef-a690-0affdd9f7951/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=6549edb2-49a5-11ef-a690-0affdd9f7951
Requested by
Host: www.saig.ch
URL: https://www.saig.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.235.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-235-46.compute-1.amazonaws.com
Software
/
Resource Hash
c9c3c65f670e66df93e3753f854782a69c71466a90d3a454e6199e3dd9e281b6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://www.saig.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
3088
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Wed, 24 Jul 2024 10:13:40 GMT
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'

Redirect headers

Location
https://tanis-ats.com/zclkvisitor/653f6660-49a5-11ef-a690-0affdd9f7951/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=6549edb2-49a5-11ef-a690-0affdd9f7951
Non-Authoritative-Reason
HttpsUpgrades
zclkredirect
tanis-ats.com/ 		355 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tanis-ats.com/zclkredirect?visitid=653f6660-49a5-11ef-a690-0affdd9f7951&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FZurich
Requested by
Host: tanis-ats.com
URL: https://tanis-ats.com/zclkvisitor/653f6660-49a5-11ef-a690-0affdd9f7951/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=6549edb2-49a5-11ef-a690-0affdd9f7951
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.235.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-235-46.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://tanis-ats.com/zclkvisitor/653f6660-49a5-11ef-a690-0affdd9f7951/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=6549edb2-49a5-11ef-a690-0affdd9f7951
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
355
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Wed, 24 Jul 2024 10:13:41 GMT
redirected
JS
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'
/
viinufhg.com/dc/
Redirect Chain
  • http://xml-v4.starvalue-3.online/click?seat=2922854&i=nIk8I*yoDlU_0
  • https://xml-v4.starvalue-3.online/click?seat=2922854&i=nIk8I*yoDlU_0
  • https://go.advertia.click/active
  • https://viinufhg.com/dc/?blockID=351755&tb=http%3A%2F%2Ftubemate.us
51 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://viinufhg.com/dc/?blockID=351755&tb=http%3A%2F%2Ftubemate.us
Requested by
Host: tanis-ats.com
URL: https://tanis-ats.com/zclkredirect?visitid=653f6660-49a5-11ef-a690-0affdd9f7951&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FZurich
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
c111e45fdac21ac38e2021b7537c77a0bd50ed7ecfce821e0819b5098adfa71c

Request headers

Referer
https://tanis-ats.com/zclkredirect?visitid=653f6660-49a5-11ef-a690-0affdd9f7951&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FZurich
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Width, Viewport-Width, DPR, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 24 Jul 2024 10:13:43 GMT
server
nginx/1.23.2
vary
Accept-Encoding

Redirect headers

content-length
0
date
Wed, 24 Jul 2024 10:13:42 GMT
location
https://viinufhg.com/dc/?blockID=351755&tb=http%3A%2F%2Ftubemate.us
x-powered-by
Short.io/Edge
index
viinufhg.com/cnt/api/ 		0
222 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://viinufhg.com/cnt/api/index
Requested by
Host: viinufhg.com
URL: https://viinufhg.com/dc/?blockID=351755&tb=http%3A%2F%2Ftubemate.us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash

Request headers

device-memory
8
Referer
https://viinufhg.com/dc/?blockID=351755&tb=http%3A%2F%2Ftubemate.us
dpr
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width
1600
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 24 Jul 2024 10:13:43 GMT
server
nginx/1.23.2
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://viinufhg.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type
content-length
0
r5Cdx8Q1K3KCWrny2HsKyBBFvlsE7LW5wRKnEJWbr9J36BIXZxfQ7fml9ZNdP43UyvgxPlghCQ9eM3rTR1qZG8fhZL-fKcjtXz6WYZKUVqJvuxLex4l1a0Q9PmR6AqKSLYiv6-W36tzov4kQlW770Ct2wHdZvD2g2-0dAvkmWjO4iC0ZK092D-AUnjlM3or9rGphf...
ww.acquisitionfantasy.com/jssearch/
Redirect Chain
  • http://ww.acquisitionfantasy.com/jssearch/r5Cdx8Q1K3KCWrny2HsKyBBFvlsE7LW5wRKnEJWbr9J36BIXZxfQ7fml9ZNdP43UyvgxPlghCQ9eM3rTR1qZG8fhZL-fKcjtXz6WYZKUVqJvuxLex4l1a0Q9PmR6AqKSLYiv6-W36tzov4kQlW770Ct2wHd...
  • https://ww.acquisitionfantasy.com/jssearch/r5Cdx8Q1K3KCWrny2HsKyBBFvlsE7LW5wRKnEJWbr9J36BIXZxfQ7fml9ZNdP43UyvgxPlghCQ9eM3rTR1qZG8fhZL-fKcjtXz6WYZKUVqJvuxLex4l1a0Q9PmR6AqKSLYiv6-W36tzov4kQlW770Ct2wH...
39 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ww.acquisitionfantasy.com/jssearch/r5Cdx8Q1K3KCWrny2HsKyBBFvlsE7LW5wRKnEJWbr9J36BIXZxfQ7fml9ZNdP43UyvgxPlghCQ9eM3rTR1qZG8fhZL-fKcjtXz6WYZKUVqJvuxLex4l1a0Q9PmR6AqKSLYiv6-W36tzov4kQlW770Ct2wHdZvD2g2-0dAvkmWjO4iC0ZK092D-AUnjlM3or9rGphfNpZaNIPRypeB9DGrfAIOG3b28Uq4w9VG_mDl3_jWUgReqzQYlir_LdG3OwQAk_93R9bIFDO1OduvtV9_2f2UWaxW9Yvx6ZdxH2unD6iQjs6s1sZFdPJToDpj3R3JnMqKDTq9l8J0dH4jx_iSmQtQxVFUbsCw5X7BMNyoCcvA_7QbB7IXIRmXcrMKSyed3u66OjUBeXQTwOQKTo
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.5.68 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
ce82283929bbcca549f1a775678b428c2a2cfcc964c144a6c42c9655acb069a6
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://viinufhg.com/dc/?blockID=351755&tb=http%3A%2F%2Ftubemate.us
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 24 Jul 2024 10:13:44 GMT
Keep-Alive
timeout=20
Server
nginx
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff

Redirect headers

Location
https://ww.acquisitionfantasy.com/jssearch/r5Cdx8Q1K3KCWrny2HsKyBBFvlsE7LW5wRKnEJWbr9J36BIXZxfQ7fml9ZNdP43UyvgxPlghCQ9eM3rTR1qZG8fhZL-fKcjtXz6WYZKUVqJvuxLex4l1a0Q9PmR6AqKSLYiv6-W36tzov4kQlW770Ct2wHdZvD2g2-0dAvkmWjO4iC0ZK092D-AUnjlM3or9rGphfNpZaNIPRypeB9DGrfAIOG3b28Uq4w9VG_mDl3_jWUgReqzQYlir_LdG3OwQAk_93R9bIFDO1OduvtV9_2f2UWaxW9Yvx6ZdxH2unD6iQjs6s1sZFdPJToDpj3R3JnMqKDTq9l8J0dH4jx_iSmQtQxVFUbsCw5X7BMNyoCcvA_7QbB7IXIRmXcrMKSyed3u66OjUBeXQTwOQKTo
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
viinufhg.com/ 		0
45 B 		Other
General
Check archive.org
Download Go to
Full URL
https://viinufhg.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash

Request headers

device-memory
8
Referer
https://viinufhg.com/dc/?blockID=351755&tb=http%3A%2F%2Ftubemate.us
dpr
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width
1600

Response headers

date
Wed, 24 Jul 2024 10:13:43 GMT
server
nginx/1.23.2
/
forgrowbane.top/cuid/ 		32 B
682 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://forgrowbane.top/cuid/?f=https%3A%2F%2Fww.acquisitionfantasy.com
Requested by
Host: ww.acquisitionfantasy.com
URL: https://ww.acquisitionfantasy.com/jssearch/r5Cdx8Q1K3KCWrny2HsKyBBFvlsE7LW5wRKnEJWbr9J36BIXZxfQ7fml9ZNdP43UyvgxPlghCQ9eM3rTR1qZG8fhZL-fKcjtXz6WYZKUVqJvuxLex4l1a0Q9PmR6AqKSLYiv6-W36tzov4kQlW770Ct2wHdZvD2g2-0dAvkmWjO4iC0ZK092D-AUnjlM3or9rGphfNpZaNIPRypeB9DGrfAIOG3b28Uq4w9VG_mDl3_jWUgReqzQYlir_LdG3OwQAk_93R9bIFDO1OduvtV9_2f2UWaxW9Yvx6ZdxH2unD6iQjs6s1sZFdPJToDpj3R3JnMqKDTq9l8J0dH4jx_iSmQtQxVFUbsCw5X7BMNyoCcvA_7QbB7IXIRmXcrMKSyed3u66OjUBeXQTwOQKTo
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
212.117.186.84 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
0f14c4e0df2afec04172f35b2c1205881f74375efafffecf5e98479432b6c516
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://ww.acquisitionfantasy.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 24 Jul 2024 10:13:45 GMT
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Server
nginx
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://ww.acquisitionfantasy.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
32
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for
/
forgrowbane.top/cuid/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://forgrowbane.top/cuid/?f=https%3A%2F%2Fww.acquisitionfantasy.com
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
212.117.186.84 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ww.acquisitionfantasy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://ww.acquisitionfantasy.com
Access-Control-Max-Age
600
Connection
keep-alive
Content-Length
0
Date
Wed, 24 Jul 2024 10:13:44 GMT
Keep-Alive
timeout=20
Server
nginx
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
favicon.ico
ww.acquisitionfantasy.com/ 		17 B
204 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ww.acquisitionfantasy.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.5.68 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
277f2d7e3a6052596759f08e13cb758707e039f52fbf27803380786da5e403a5

Request headers

Referer
https://ww.acquisitionfantasy.com/jssearch/r5Cdx8Q1K3KCWrny2HsKyBBFvlsE7LW5wRKnEJWbr9J36BIXZxfQ7fml9ZNdP43UyvgxPlghCQ9eM3rTR1qZG8fhZL-fKcjtXz6WYZKUVqJvuxLex4l1a0Q9PmR6AqKSLYiv6-W36tzov4kQlW770Ct2wHdZvD2g2-0dAvkmWjO4iC0ZK092D-AUnjlM3or9rGphfNpZaNIPRypeB9DGrfAIOG3b28Uq4w9VG_mDl3_jWUgReqzQYlir_LdG3OwQAk_93R9bIFDO1OduvtV9_2f2UWaxW9Yvx6ZdxH2unD6iQjs6s1sZFdPJToDpj3R3JnMqKDTq9l8J0dH4jx_iSmQtQxVFUbsCw5X7BMNyoCcvA_7QbB7IXIRmXcrMKSyed3u66OjUBeXQTwOQKTo
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 24 Jul 2024 10:13:44 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
17
Content-Type
text/plain; charset=utf-8
Primary Request gear4music.ie
trendshops.net/promote/
Redirect Chain
  • https://wz.bicronglagah.shop/ri/81270?md=snI0Z3YioDMsISYioTMyUDLiMnI6ISM2ADM4FjMwAjIsIiYiojIxYDMwgXMyADMiwiIyJiOiICLiEnI6ICa0RHczpzLvc3duE2YxVXazlGdp9mbmFmb0F2c55yYv12LqN3clFmcjh2LyVzQkhHORFzSzs0QX...
  • https://plorexdry.com/r/b?s=9450172775&s3=245044&p=1&rsid=ee9436a5c38e647ea3b735ef83e17a5e&d=https%3A%2F%2F
  • https://trendshops.net/share/bh7?shop=gear4music.ie&nid=3&var1=9450172775&var2=sel-yk&var3=245044&url=https%3A%2F%2Fgear4music.ie&rtb_key=671c1dd9066432436f6043b28dc990d1&tsv=1721816026&shv=f98cb4f...
  • https://trendshops.net/promote/gear4music.ie
1 KB
856 B 		Document
General
Check archive.org
Download Go to
Full URL
https://trendshops.net/promote/gear4music.ie
Requested by
Host: ww.acquisitionfantasy.com
URL: https://ww.acquisitionfantasy.com/jssearch/r5Cdx8Q1K3KCWrny2HsKyBBFvlsE7LW5wRKnEJWbr9J36BIXZxfQ7fml9ZNdP43UyvgxPlghCQ9eM3rTR1qZG8fhZL-fKcjtXz6WYZKUVqJvuxLex4l1a0Q9PmR6AqKSLYiv6-W36tzov4kQlW770Ct2wHdZvD2g2-0dAvkmWjO4iC0ZK092D-AUnjlM3or9rGphfNpZaNIPRypeB9DGrfAIOG3b28Uq4w9VG_mDl3_jWUgReqzQYlir_LdG3OwQAk_93R9bIFDO1OduvtV9_2f2UWaxW9Yvx6ZdxH2unD6iQjs6s1sZFdPJToDpj3R3JnMqKDTq9l8J0dH4jx_iSmQtQxVFUbsCw5X7BMNyoCcvA_7QbB7IXIRmXcrMKSyed3u66OjUBeXQTwOQKTo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.191.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5f79fd78f0245a818b427880f73a9be04d8cd0edd5f3afb6072767b2d1960ea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8a8323bd9b19bdf9-DUB
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 24 Jul 2024 10:13:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wf9DtyUf3AD9an6ChQ6Rtr%2BmkCz2JDTEGzsTJLmAEIbyW9HJ%2BK7%2Fl0oo5XfE%2BiF7rlN2yiLfayDOg9sbV%2BbnGiX8ikSSCsYjJYsWhdLhGxM0B%2BosqNlZfXFm3mb8cF26sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8a8323bc6abebdf9-DUB
content-type
text/html; charset=UTF-8
date
Wed, 24 Jul 2024 10:13:47 GMT
location
https://trendshops.net/promote/gear4music.ie
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DT28aNeZ4mjEPjL6KgnxqSvSV5Ig1a29sZSw3jVAJJzKJwdqulAhAN2kC1jhFib6oi0F69aZLfBVx5ztu8shV0VBO6m6Q%2FpxlRt9ItVeL5fGKGmbSKlK0qKCUAy4tTljjA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
redirect
r.linksprf.com/v1/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
r.linksprf.com
URL
https://r.linksprf.com/v1/redirect?type=linkId&id=e846bb641dbe46f6b0a94efbf61a3f55&api_key=ee1f727badbf678cf871350faf6f3dcf&site_id=39e9e6bac6884700826f1fd7b1cb5908&dch=feed&ad_t=advertiser&yk_tag=bh770c816136de1880d847d7d3088013&source=https%3A%2F%2Ftrendshops.net&url=https%3A%2F%2Fgear4music.ie

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
.viinufhg.com/ Name: sspUid
Value: b6e82b4c8b88e7928d0042f429727ce7
.forgrowbane.top/ Name: a97fa794a0f9
Value: 67c7bf53ad230b21d94564
wz.bicronglagah.shop/ Name: cvn1
Value: CwaAAAAAAhQBCgASm3wGAQM%3D
wz.bicronglagah.shop/ Name: GL_BC
Value: eJxjYGBgEmEU5EyKNzQytDQxNRJh5EpbcPkWGyMAL%2FAFNA%3D%3D

2 Console Messages

Source Level URL
Text
security warning URL: https://viinufhg.com/dc/?blockID=351755&tb=http%3A%2F%2Ftubemate.us(Line 10)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://ww.acquisitionfantasy.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)