bestaddin.com Open in urlscan Pro
2606:4700:3036::6815:2863 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://chealth.net/
Effective URL:
https://bestaddin.com/LnfasV43sxOb3HPLDy1Y5eZCWFFdznrvg7eRbOKl4QE/?cid=90259150134&sid=400050699&s=0.0075
Submission: On April 21 via api (April 21st 2023, 3:59:55 am UTC) from JP — Scanned from JP

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3036::6815:2863, located in United States and belongs to CLOUDFLARENET, US. The main domain is bestaddin.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 7th 2023. Valid for: a year.

This is the only time bestaddin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	64.91.240.248 64.91.240.248	32244 (LIQUIDWEB) (LIQUIDWEB)
1 2	52.117.247.211 52.117.247.211	36351 (SOFTLAYER) (SOFTLAYER)
2	2606:4700:303... 2606:4700:3036::6815:2863	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.21.21.106 104.21.21.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4809	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::681a:6e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	7

2 64.91.240.248 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: crocodile.parklogic.com

chealth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.117.247.211 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com

myckdom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p237996.myckdom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6815:2863 (United States)

ASN13335 (CLOUDFLARENET, US)

bestaddin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.21.106 (None, )

ASN13335 (CLOUDFLARENET, US)

feed.cn-rtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.cn-rtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4809 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:6e4 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	ocmhood.com sdk.ocmhood.com — Cisco Umbrella Rank: 59090 cdn.ocmhood.com — Cisco Umbrella Rank: 25015 t.ocmhood.com — Cisco Umbrella Rank: 10434	14 KB
2	cn-rtb.com feed.cn-rtb.com — Cisco Umbrella Rank: 56155 t.cn-rtb.com — Cisco Umbrella Rank: 65866	862 B
2	bestaddin.com bestaddin.com	13 KB
2	myckdom.com 1 redirects myckdom.com — Cisco Umbrella Rank: 42165 p237996.myckdom.com	1 KB
2	chealth.net chealth.net	12 KB
11	5

	Domain	Requested by
2	t.ocmhood.com	sdk.ocmhood.com
2	bestaddin.com	p237996.myckdom.com bestaddin.com
2	chealth.net	chealth.net
1	t.cn-rtb.com	bestaddin.com
1	cdn.ocmhood.com	sdk.ocmhood.com
1	sdk.ocmhood.com	bestaddin.com
1	feed.cn-rtb.com	bestaddin.com
1	p237996.myckdom.com	chealth.net
1	myckdom.com	1 redirects
11	9

This site contains no links.

Subject Issuer	Validity	Valid
byjus.co R3	`2023-02-07` - `2023-05-08`	3 months	crt.sh
*.myckdom.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-03-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-07` - `2024-03-05`	a year	crt.sh
*.cn-rtb.com GTS CA 1P5	`2023-02-22` - `2023-05-23`	3 months	crt.sh
ocmhood.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bestaddin.com/LnfasV43sxOb3HPLDy1Y5eZCWFFdznrvg7eRbOKl4QE/?cid=90259150134&sid=400050699&s=0.0075
Frame ID: 6CAD77F3785233519AF566C7CD888AE9
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ロボットでない場合は、[許可]をクリックします

Page URL History Show full URLs

https://chealth.net/ Page URL
https://chealth.net/page/bouncy.php?&bpae=GbhGc6HGgiR5j3O3s92U4H0i6MFAbFkIoiOX3hRKTCBrqfDGC%2F3j... Page URL
https://myckdom.com/aS/feedclick?s=IKaS41W5VyY0vZyYm90r4K9MBV3U4zwRJXf9Q5qT25VMuphxVmGYYfl2FM-NJ... HTTP 302
https://p237996.myckdom.com/adServe/domainClick?ai=BoN40UxkLSzUrBJUO7l-sxDkpxMQahaVFnYn29oJ03CsWvdh7vYlL... Page URL
https://bestaddin.com/LnfasV43sxOb3HPLDy1Y5eZCWFFdznrvg7eRbOKl4QE/?cid=90259150134&sid=400050699&s... Page URL

Page Statistics

11
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

9
Subdomains

7
IPs

2
Countries

40 kB
Transfer

73 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://chealth.net/ Page URL
https://chealth.net/page/bouncy.php?&bpae=GbhGc6HGgiR5j3O3s92U4H0i6MFAbFkIoiOX3hRKTCBrqfDGC%2F3jjj5Zrzly4zS1Wq5mT%2FlUlk75wpUmAI95Z92H2JpCE8v73HK2bYV5xcnD9hXatAU3cwIrHelRWBkCj1z2cfO42lE6BVLC0nS9Xyf6l%2FW8wiDhYLwItQqeTBFq8AB40ZO%2B2Jw2Hm0pllaworH8fMmrjSgjIIhuIgZ1%2Fb%2FE1HmLUZ3qSR1zEposfXSDIE8KWSM9RwvWGjg8IQTx8Z9HBlpP13S37vCU28O81oBqhuTzv6tYR2RuPmOeHi8F%2BMQC9kLF4RTYc%2Fi6r6Cz5NfafmZFXcyP20xITRWr9NRYEn4ji5Lr2stFVTpBlz3sYarLMaVEqxz5u%2BwLO4ozHsGaUg7%2FdKK%2B%2B7PYRFGHnhnarrVrFEvu0c3itwDmEsBzybAZfvuHIF7jLfzv6ErI4T6jAbbe7a%2FYQn5ovLaBEWTRCwXNTSJE%2BTHfAH13cULrzLWLgJvSy0FpbM%2BOSdNRBidVRJWocCd6wK9yWMsOL9DOE2UPqAvQrRkRRZb8n7b%2F9PFSlyFELHHX5ErbfdeAJngnQUurUmHIuhCQQw4McbQU3jBSwqXHKib39mSy4xMMbUxZ89%2BCUpFuoHl3lD3BXOLQ2QDgrUhF%2B2THQudy75zkU3%2FpWsRpsEqH46Pzls6JtEr85g3m6bsD4VAbr69tqXaDvpyB%2BQ%2FO2rloqGw%2BWJaGs2ZOd4vibOCASVi1JvmHSTCxsef1z%2BPyuf%2FZBxsMILdixq2ZsWQPcTwwSJ0HCq8R1BbPYDfvZzTtSSL9N6puu2FgZ5y4cKFPhuvz%2FcYA0qXR565w1Z1HLgjPtToPP6Id1PHEunBacSD%2FsKmixEILh3cRi3UcIqV4oWvulqCd92ksVcrKHyVGKyHpL4XFlmmhwGs3NpFwXCVAdVU1oiTz%2BK%2BwpXYLg7BKg4AGpbWMQ4sh8NZm1gnDs%2BGv1%2B1eLy%2Fl%2Fq4vxjIns6HHWcImUxVlDRLBK5%2B8OEFAtPCEipe%2FgKv3eFwTb2odqKZgN92BZ%2FugSRjo%2Fr8R0ySwBp90FnY%2FDMIcN7HhXjNc2MrUAA9MNPiAU6p38edwqf7Lt24qeDd3mXEEbeok8e80BdbmKU09hcaLakCWs6BHAT0Yj9POXMp5kyl2L%2BivKgWXxOsi3xFzLsh3MqKO5g063GXR3Trbxi9AkvMK2ZoJR8Zt2fYfLiBvlh1eoHv3uI6s4tPsYcm2fPxqsH2hnslwDEd1niMKuPQE7VjcD%2BkKCUjEBEVa9EGkyV78%2BOyhKo12bfzQ4n5UlayMQjli19920JpLSZXS3EiRucuzzpcNHsdMWgePVY32NtasGLXtCCqyozpzEsz735t%2F1nWG0S%2BQ%2FRBcM0dO3n63vSl9Uy1zVCvi7zspf%2FMQle1UARtqGC3PjlLRHyFsAf%2FDaQfIb%2FpJi7%2FcVIIfQZjEZXfTKXILVoZOJVjsWjPxhTv4AH%2BF0m9FzS30STWKVAzjLet4y%2BG2viznw31WnSTUBuzRX3qFex4q4DEeJGAdRFctRthbnlOegApMO82H8eaqZOjT%2FzKqd5ZcRJSWwWI3SYiDBXQ%2FhVXqom2hFLimXhSIEplNhgVPSFxHA7zTPkLXNxOe9uYZhnEAuFxckd1Y3gU%2BTr3yvvDCHWGKQ2mmLxger7tDGfOD1yXaXT5TKbEd3rL%2FNkpDjBjvFS08Di6z3bsis44DpFj6299FkIwa5CezPTd1QyWacPu9%2FdtjytEhikDVhvnxhDsPj3oZDNMsZ3icXR1Fbemew735Jflg2FegS%2FxYW93QWs%2BMxbgFOqSLo7o6HZc%2FUyATTPjM7ad6p57P1Fkivy3iE5xdmzjlstr40YyWQGbPyvuK8w4QQA%3D%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
https://myckdom.com/aS/feedclick?s=IKaS41W5VyY0vZyYm90r4K9MBV3U4zwRJXf9Q5qT25VMuphxVmGYYfl2FM-NJCcpmIMBUk7ob4rp6O7CY8H5otvV17wkvfiSxVzUh4G27zB_xj91QQmqsi50NcRFyZ7xqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU0-86FSM7rhMaWSrOheTa6A7DwhSPGmPGj2pZxe9lvYniduM17uT6tbD6DK_qmS1fQP7g_4T3zevVp-9w-Po5HGJ1rvNXooDVRcPNKDlcjHa6jg7a3FZQad5UpNQaBLgdH7aUKHVimNYFtWMKNa_IbT_At0eVNg7Wp9_KIHWldKU8ctvsLJhuNeYwJo7ibBvWpoEdReyMroloJLKOj9PHBQlkXkPq0vQApvMYfACFkFRqhzXNbgAzWui-bh8J4ZSGDlMj0ukasSl-tke3WAz5WbHIRfLvw_NAorlAi1TN6B-edxOfKeoxTvk914YcaBN5lhnBpgbZwZMvcyMjjPrgpdONHavHeWu9B_zMUR5FISspbCG58Fb6O4TaH-YQwVqjdzO0kTXZoX_ybA4UrXIfYAcayZw0oqLaW8AEy-huNqUdcFI4jpvSQ2dSA7_H7vBj2OsUehMeL0TB5M1lYDo9DY75s2TZ2KY2DSLPpFZW8a7VDzHiOg8FnZIWJm1bpKKlZDwBUYZJGMc3YUvVhmJjoSZm2eXv0cT6ejZRUazoiM1T_Y6h0DqrWINhpHguJ-iuBrvDXKPbjC5ZumtAdCXk3j2OfQyPDezl8NluXnwMDK5VbAdLsm6TIqnPGpurVIgUk6naTKBGJbE0rxlo1nYWC5PsGbmkEEnIg88nK5p_m_yaEbdeSBxnJYajlqm453RMLdeZiSlp8uY8hlUFIfyBj-1s_6SN_9Bt4mSe6FKMq5X5lqUO9m3OLdlgAKEj1KVgQhnrS4H7D-eRMtg_dacQAjr_O4xQ_HBfwRQ3x_zrHTnGB2wAvhfC9U7mYdKiWU3z9H-3uz5Zt3HaJbzIrK5N9EmlDaB7tSj71nxBZbuPpufgYxIEoB2FTxDZW6g141J0FUMOCtRPh07PhXmretIozc1AbS0PSXZp0Vx7N5t9vxBGk_cvFOjY7Csy3CjqQFwki5jcQ3iK6PGpbXfYSdsRbDC7uGTIWrDIE1sbWvDOf4m_JtRaXw-alpHzBWb14ifIPl1uP1F2Nms0pUIAV4nSVtQxZOAHLO5DdSvbIshVvGyGqZJOovHMXuF9atz_MHqpLf7wJQiwhz4gUE7W9Vaf4s5W3uFJHMgxaJpWSWxfGM8dFvW06ua_kJ025yvteDmDkIGT7Nddl_ICZPm-hxGMijHzBWb14ifIPhfvB0a23Ndwot8xkTCjQapIZ5mAsFfr5lkkLEB146pQ HTTP 302
https://p237996.myckdom.com/adServe/domainClick?ai=BoN40UxkLSzUrBJUO7l-sxDkpxMQahaVFnYn29oJ03CsWvdh7vYlLJgnsIRFzZp_vsJQjQGaEGyH9fE_QqR6gk9i_TRclVxeeUOO8_gldaJdpOF1ScxyV5FGL3HNM2iZpLSZmparWHUKLfMZEwo0GnzIdgxjliIzYlZ0CBoMUA4lO7oBdjPsrgot8xkTCjQaovl-tZBjGz4VRS_DtvIGWM5nlyW7IrcGGjwz4uLhdRhaJIIlCxVZgL7AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU04fFcxJ0StShp2s0_34CATUuHZzeSQTgkyFv_aZQC5A4r4FDOdw858tImbOeXz24ZULVrisSgPMAVWQdFTAZXOx7j-HGqYGJ1kd-mBua0Ris5Q8cw7P3FJb&ui=IKaS41W5VyY0vZyYm90r4ItTvvbnS_Jp5BqBrDJxXOHlbe4UkcyDFgaFNxwl0Jkh062AWwyl1OqpeD-dGg0vFwg32cXraFzWFhrsbR-bPLV58QsxhD7l0g&si=1&oref=0e2cf2173ee362ca438aca30871206d8&optunit=Ci3zGRMKNBop2HskEjiwAA&rb=S0lUVNVU7Ek&rr=4&abtg=0 Page URL
https://bestaddin.com/LnfasV43sxOb3HPLDy1Y5eZCWFFdznrvg7eRbOKl4QE/?cid=90259150134&sid=400050699&s=0.0075 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://myckdom.com/aS/feedclick?s=IKaS41W5VyY0vZyYm90r4K9MBV3U4zwRJXf9Q5qT25VMuphxVmGYYfl2FM-NJCcpmIMBUk7ob4rp6O7CY8H5otvV17wkvfiSxVzUh4G27zB_xj91QQmqsi50NcRFyZ7xqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU0-86FSM7rhMaWSrOheTa6A7DwhSPGmPGj2pZxe9lvYniduM17uT6tbD6DK_qmS1fQP7g_4T3zevVp-9w-Po5HGJ1rvNXooDVRcPNKDlcjHa6jg7a3FZQad5UpNQaBLgdH7aUKHVimNYFtWMKNa_IbT_At0eVNg7Wp9_KIHWldKU8ctvsLJhuNeYwJo7ibBvWpoEdReyMroloJLKOj9PHBQlkXkPq0vQApvMYfACFkFRqhzXNbgAzWui-bh8J4ZSGDlMj0ukasSl-tke3WAz5WbHIRfLvw_NAorlAi1TN6B-edxOfKeoxTvk914YcaBN5lhnBpgbZwZMvcyMjjPrgpdONHavHeWu9B_zMUR5FISspbCG58Fb6O4TaH-YQwVqjdzO0kTXZoX_ybA4UrXIfYAcayZw0oqLaW8AEy-huNqUdcFI4jpvSQ2dSA7_H7vBj2OsUehMeL0TB5M1lYDo9DY75s2TZ2KY2DSLPpFZW8a7VDzHiOg8FnZIWJm1bpKKlZDwBUYZJGMc3YUvVhmJjoSZm2eXv0cT6ejZRUazoiM1T_Y6h0DqrWINhpHguJ-iuBrvDXKPbjC5ZumtAdCXk3j2OfQyPDezl8NluXnwMDK5VbAdLsm6TIqnPGpurVIgUk6naTKBGJbE0rxlo1nYWC5PsGbmkEEnIg88nK5p_m_yaEbdeSBxnJYajlqm453RMLdeZiSlp8uY8hlUFIfyBj-1s_6SN_9Bt4mSe6FKMq5X5lqUO9m3OLdlgAKEj1KVgQhnrS4H7D-eRMtg_dacQAjr_O4xQ_HBfwRQ3x_zrHTnGB2wAvhfC9U7mYdKiWU3z9H-3uz5Zt3HaJbzIrK5N9EmlDaB7tSj71nxBZbuPpufgYxIEoB2FTxDZW6g141J0FUMOCtRPh07PhXmretIozc1AbS0PSXZp0Vx7N5t9vxBGk_cvFOjY7Csy3CjqQFwki5jcQ3iK6PGpbXfYSdsRbDC7uGTIWrDIE1sbWvDOf4m_JtRaXw-alpHzBWb14ifIPl1uP1F2Nms0pUIAV4nSVtQxZOAHLO5DdSvbIshVvGyGqZJOovHMXuF9atz_MHqpLf7wJQiwhz4gUE7W9Vaf4s5W3uFJHMgxaJpWSWxfGM8dFvW06ua_kJ025yvteDmDkIGT7Nddl_ICZPm-hxGMijHzBWb14ifIPhfvB0a23Ndwot8xkTCjQapIZ5mAsFfr5lkkLEB146pQ HTTP 302
https://p237996.myckdom.com/adServe/domainClick?ai=BoN40UxkLSzUrBJUO7l-sxDkpxMQahaVFnYn29oJ03CsWvdh7vYlLJgnsIRFzZp_vsJQjQGaEGyH9fE_QqR6gk9i_TRclVxeeUOO8_gldaJdpOF1ScxyV5FGL3HNM2iZpLSZmparWHUKLfMZEwo0GnzIdgxjliIzYlZ0CBoMUA4lO7oBdjPsrgot8xkTCjQaovl-tZBjGz4VRS_DtvIGWM5nlyW7IrcGGjwz4uLhdRhaJIIlCxVZgL7AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU04fFcxJ0StShp2s0_34CATUuHZzeSQTgkyFv_aZQC5A4r4FDOdw858tImbOeXz24ZULVrisSgPMAVWQdFTAZXOx7j-HGqYGJ1kd-mBua0Ris5Q8cw7P3FJb&ui=IKaS41W5VyY0vZyYm90r4ItTvvbnS_Jp5BqBrDJxXOHlbe4UkcyDFgaFNxwl0Jkh062AWwyl1OqpeD-dGg0vFwg32cXraFzWFhrsbR-bPLV58QsxhD7l0g&si=1&oref=0e2cf2173ee362ca438aca30871206d8&optunit=Ci3zGRMKNBop2HskEjiwAA&rb=S0lUVNVU7Ek&rr=4&abtg=0

11 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ chealth.net/	6 KB 7 KB	1403ms 311ms	Document text/html	64.91.240.248 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://chealth.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 64.91.240.248 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS crocodile.parklogic.com Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Fri, 21 Apr 2023 03:59:49 GMT Keep-Alive timeout=5, max=100 Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 Transfer-Encoding chunked X-Powered-By PHP/5.4.16
GET H/1.1	200 OK	bouncy.php chealth.net/page/	5 KB 5 KB	161ms 161ms	Document text/html	64.91.240.248 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://chealth.net/page/bouncy.php?&bpae=GbhGc6HGgiR5j3O3s92U4H0i6MFAbFkIoiOX3hRKTCBrqfDGC%2F3jjj5Zrzly4zS1Wq5mT%2FlUlk75wpUmAI95Z92H2JpCE8v73HK2bYV5xcnD9hXatAU3cwIrHelRWBkCj1z2cfO42lE6BVLC0nS9Xyf6l%2FW8wiDhYLwItQqeTBFq8AB40ZO%2B2Jw2Hm0pllaworH8fMmrjSgjIIhuIgZ1%2Fb%2FE1HmLUZ3qSR1zEposfXSDIE8KWSM9RwvWGjg8IQTx8Z9HBlpP13S37vCU28O81oBqhuTzv6tYR2RuPmOeHi8F%2BMQC9kLF4RTYc%2Fi6r6Cz5NfafmZFXcyP20xITRWr9NRYEn4ji5Lr2stFVTpBlz3sYarLMaVEqxz5u%2BwLO4ozHsGaUg7%2FdKK%2B%2B7PYRFGHnhnarrVrFEvu0c3itwDmEsBzybAZfvuHIF7jLfzv6ErI4T6jAbbe7a%2FYQn5ovLaBEWTRCwXNTSJE%2BTHfAH13cULrzLWLgJvSy0FpbM%2BOSdNRBidVRJWocCd6wK9yWMsOL9DOE2UPqAvQrRkRRZb8n7b%2F9PFSlyFELHHX5ErbfdeAJngnQUurUmHIuhCQQw4McbQU3jBSwqXHKib39mSy4xMMbUxZ89%2BCUpFuoHl3lD3BXOLQ2QDgrUhF%2B2THQudy75zkU3%2FpWsRpsEqH46Pzls6JtEr85g3m6bsD4VAbr69tqXaDvpyB%2BQ%2FO2rloqGw%2BWJaGs2ZOd4vibOCASVi1JvmHSTCxsef1z%2BPyuf%2FZBxsMILdixq2ZsWQPcTwwSJ0HCq8R1BbPYDfvZzTtSSL9N6puu2FgZ5y4cKFPhuvz%2FcYA0qXR565w1Z1HLgjPtToPP6Id1PHEunBacSD%2FsKmixEILh3cRi3UcIqV4oWvulqCd92ksVcrKHyVGKyHpL4XFlmmhwGs3NpFwXCVAdVU1oiTz%2BK%2BwpXYLg7BKg4AGpbWMQ4sh8NZm1gnDs%2BGv1%2B1eLy%2Fl%2Fq4vxjIns6HHWcImUxVlDRLBK5%2B8OEFAtPCEipe%2FgKv3eFwTb2odqKZgN92BZ%2FugSRjo%2Fr8R0ySwBp90FnY%2FDMIcN7HhXjNc2MrUAA9MNPiAU6p38edwqf7Lt24qeDd3mXEEbeok8e80BdbmKU09hcaLakCWs6BHAT0Yj9POXMp5kyl2L%2BivKgWXxOsi3xFzLsh3MqKO5g063GXR3Trbxi9AkvMK2ZoJR8Zt2fYfLiBvlh1eoHv3uI6s4tPsYcm2fPxqsH2hnslwDEd1niMKuPQE7VjcD%2BkKCUjEBEVa9EGkyV78%2BOyhKo12bfzQ4n5UlayMQjli19920JpLSZXS3EiRucuzzpcNHsdMWgePVY32NtasGLXtCCqyozpzEsz735t%2F1nWG0S%2BQ%2FRBcM0dO3n63vSl9Uy1zVCvi7zspf%2FMQle1UARtqGC3PjlLRHyFsAf%2FDaQfIb%2FpJi7%2FcVIIfQZjEZXfTKXILVoZOJVjsWjPxhTv4AH%2BF0m9FzS30STWKVAzjLet4y%2BG2viznw31WnSTUBuzRX3qFex4q4DEeJGAdRFctRthbnlOegApMO82H8eaqZOjT%2FzKqd5ZcRJSWwWI3SYiDBXQ%2FhVXqom2hFLimXhSIEplNhgVPSFxHA7zTPkLXNxOe9uYZhnEAuFxckd1Y3gU%2BTr3yvvDCHWGKQ2mmLxger7tDGfOD1yXaXT5TKbEd3rL%2FNkpDjBjvFS08Di6z3bsis44DpFj6299FkIwa5CezPTd1QyWacPu9%2FdtjytEhikDVhvnxhDsPj3oZDNMsZ3icXR1Fbemew735Jflg2FegS%2FxYW93QWs%2BMxbgFOqSLo7o6HZc%2FUyATTPjM7ad6p57P1Fkivy3iE5xdmzjlstr40YyWQGbPyvuK8w4QQA%3D%3D&redirectType=js&inIframe=false&inPopUp=false Requested by Host: chealth.net URL: https://chealth.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 64.91.240.248 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS crocodile.parklogic.com Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16 Resource Hash Request headers Referer https://chealth.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Fri, 21 Apr 2023 03:59:50 GMT Keep-Alive timeout=5, max=99 Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 Transfer-Encoding chunked X-Powered-By PHP/5.4.16
GET H2	200	domainClick p237996.myckdom.com/adServe/ Redirect Chain https://myckdom.com/aS/feedclick?s=IKaS41W5VyY0vZyYm90r4K9MBV3U4zwRJXf9Q5qT25VMuphxVmGYYfl2FM-NJCcpmIMBUk7ob4rp6O7CY8H5otvV17wkvfiSxVzUh4G27zB_xj91QQmqsi50NcRFyZ7xqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOE... https://p237996.myckdom.com/adServe/domainClick?ai=BoN40UxkLSzUrBJUO7l-sxDkpxMQahaVFnYn29oJ03CsWvdh7vYlLJgnsIRFzZp_vsJQjQGaEGyH9fE_QqR6gk9i_TRclVxeeUOO8_gldaJdpOF1ScxyV5FGL3HNM2iZpLSZmparWHUKLfMZEw...	301 B 610 B	162ms 155ms	Document text/html	52.117.247.211 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://p237996.myckdom.com/adServe/domainClick?ai=BoN40UxkLSzUrBJUO7l-sxDkpxMQahaVFnYn29oJ03CsWvdh7vYlLJgnsIRFzZp_vsJQjQGaEGyH9fE_QqR6gk9i_TRclVxeeUOO8_gldaJdpOF1ScxyV5FGL3HNM2iZpLSZmparWHUKLfMZEwo0GnzIdgxjliIzYlZ0CBoMUA4lO7oBdjPsrgot8xkTCjQaovl-tZBjGz4VRS_DtvIGWM5nlyW7IrcGGjwz4uLhdRhaJIIlCxVZgL7AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU04fFcxJ0StShp2s0_34CATUuHZzeSQTgkyFv_aZQC5A4r4FDOdw858tImbOeXz24ZULVrisSgPMAVWQdFTAZXOx7j-HGqYGJ1kd-mBua0Ris5Q8cw7P3FJb&ui=IKaS41W5VyY0vZyYm90r4ItTvvbnS_Jp5BqBrDJxXOHlbe4UkcyDFgaFNxwl0Jkh062AWwyl1OqpeD-dGg0vFwg32cXraFzWFhrsbR-bPLV58QsxhD7l0g&si=1&oref=0e2cf2173ee362ca438aca30871206d8&optunit=Ci3zGRMKNBop2HskEjiwAA&rb=S0lUVNVU7Ek&rr=4&abtg=0 Requested by Host: chealth.net URL: https://chealth.net/page/bouncy.php?&bpae=GbhGc6HGgiR5j3O3s92U4H0i6MFAbFkIoiOX3hRKTCBrqfDGC%2F3jjj5Zrzly4zS1Wq5mT%2FlUlk75wpUmAI95Z92H2JpCE8v73HK2bYV5xcnD9hXatAU3cwIrHelRWBkCj1z2cfO42lE6BVLC0nS9Xyf6l%2FW8wiDhYLwItQqeTBFq8AB40ZO%2B2Jw2Hm0pllaworH8fMmrjSgjIIhuIgZ1%2Fb%2FE1HmLUZ3qSR1zEposfXSDIE8KWSM9RwvWGjg8IQTx8Z9HBlpP13S37vCU28O81oBqhuTzv6tYR2RuPmOeHi8F%2BMQC9kLF4RTYc%2Fi6r6Cz5NfafmZFXcyP20xITRWr9NRYEn4ji5Lr2stFVTpBlz3sYarLMaVEqxz5u%2BwLO4ozHsGaUg7%2FdKK%2B%2B7PYRFGHnhnarrVrFEvu0c3itwDmEsBzybAZfvuHIF7jLfzv6ErI4T6jAbbe7a%2FYQn5ovLaBEWTRCwXNTSJE%2BTHfAH13cULrzLWLgJvSy0FpbM%2BOSdNRBidVRJWocCd6wK9yWMsOL9DOE2UPqAvQrRkRRZb8n7b%2F9PFSlyFELHHX5ErbfdeAJngnQUurUmHIuhCQQw4McbQU3jBSwqXHKib39mSy4xMMbUxZ89%2BCUpFuoHl3lD3BXOLQ2QDgrUhF%2B2THQudy75zkU3%2FpWsRpsEqH46Pzls6JtEr85g3m6bsD4VAbr69tqXaDvpyB%2BQ%2FO2rloqGw%2BWJaGs2ZOd4vibOCASVi1JvmHSTCxsef1z%2BPyuf%2FZBxsMILdixq2ZsWQPcTwwSJ0HCq8R1BbPYDfvZzTtSSL9N6puu2FgZ5y4cKFPhuvz%2FcYA0qXR565w1Z1HLgjPtToPP6Id1PHEunBacSD%2FsKmixEILh3cRi3UcIqV4oWvulqCd92ksVcrKHyVGKyHpL4XFlmmhwGs3NpFwXCVAdVU1oiTz%2BK%2BwpXYLg7BKg4AGpbWMQ4sh8NZm1gnDs%2BGv1%2B1eLy%2Fl%2Fq4vxjIns6HHWcImUxVlDRLBK5%2B8OEFAtPCEipe%2FgKv3eFwTb2odqKZgN92BZ%2FugSRjo%2Fr8R0ySwBp90FnY%2FDMIcN7HhXjNc2MrUAA9MNPiAU6p38edwqf7Lt24qeDd3mXEEbeok8e80BdbmKU09hcaLakCWs6BHAT0Yj9POXMp5kyl2L%2BivKgWXxOsi3xFzLsh3MqKO5g063GXR3Trbxi9AkvMK2ZoJR8Zt2fYfLiBvlh1eoHv3uI6s4tPsYcm2fPxqsH2hnslwDEd1niMKuPQE7VjcD%2BkKCUjEBEVa9EGkyV78%2BOyhKo12bfzQ4n5UlayMQjli19920JpLSZXS3EiRucuzzpcNHsdMWgePVY32NtasGLXtCCqyozpzEsz735t%2F1nWG0S%2BQ%2FRBcM0dO3n63vSl9Uy1zVCvi7zspf%2FMQle1UARtqGC3PjlLRHyFsAf%2FDaQfIb%2FpJi7%2FcVIIfQZjEZXfTKXILVoZOJVjsWjPxhTv4AH%2BF0m9FzS30STWKVAzjLet4y%2BG2viznw31WnSTUBuzRX3qFex4q4DEeJGAdRFctRthbnlOegApMO82H8eaqZOjT%2FzKqd5ZcRJSWwWI3SYiDBXQ%2FhVXqom2hFLimXhSIEplNhgVPSFxHA7zTPkLXNxOe9uYZhnEAuFxckd1Y3gU%2BTr3yvvDCHWGKQ2mmLxger7tDGfOD1yXaXT5TKbEd3rL%2FNkpDjBjvFS08Di6z3bsis44DpFj6299FkIwa5CezPTd1QyWacPu9%2FdtjytEhikDVhvnxhDsPj3oZDNMsZ3icXR1Fbemew735Jflg2FegS%2FxYW93QWs%2BMxbgFOqSLo7o6HZc%2FUyATTPjM7ad6p57P1Fkivy3iE5xdmzjlstr40YyWQGbPyvuK8w4QQA%3D%3D&redirectType=js&inIframe=false&inPopUp=false Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.117.247.211 , United States, ASN36351 (SOFTLAYER, US), Reverse DNS d3.f7.7534.ip4.static.sl-reverse.com Software nginx / Resource Hash Request headers Referer https://chealth.net/page/bouncy.php?&bpae=GbhGc6HGgiR5j3O3s92U4H0i6MFAbFkIoiOX3hRKTCBrqfDGC%2F3jjj5Zrzly4zS1Wq5mT%2FlUlk75wpUmAI95Z92H2JpCE8v73HK2bYV5xcnD9hXatAU3cwIrHelRWBkCj1z2cfO42lE6BVLC0nS9Xyf6l%2FW8wiDhYLwItQqeTBFq8AB40ZO%2B2Jw2Hm0pllaworH8fMmrjSgjIIhuIgZ1%2Fb%2FE1HmLUZ3qSR1zEposfXSDIE8KWSM9RwvWGjg8IQTx8Z9HBlpP13S37vCU28O81oBqhuTzv6tYR2RuPmOeHi8F%2BMQC9kLF4RTYc%2Fi6r6Cz5NfafmZFXcyP20xITRWr9NRYEn4ji5Lr2stFVTpBlz3sYarLMaVEqxz5u%2BwLO4ozHsGaUg7%2FdKK%2B%2B7PYRFGHnhnarrVrFEvu0c3itwDmEsBzybAZfvuHIF7jLfzv6ErI4T6jAbbe7a%2FYQn5ovLaBEWTRCwXNTSJE%2BTHfAH13cULrzLWLgJvSy0FpbM%2BOSdNRBidVRJWocCd6wK9yWMsOL9DOE2UPqAvQrRkRRZb8n7b%2F9PFSlyFELHHX5ErbfdeAJngnQUurUmHIuhCQQw4McbQU3jBSwqXHKib39mSy4xMMbUxZ89%2BCUpFuoHl3lD3BXOLQ2QDgrUhF%2B2THQudy75zkU3%2FpWsRpsEqH46Pzls6JtEr85g3m6bsD4VAbr69tqXaDvpyB%2BQ%2FO2rloqGw%2BWJaGs2ZOd4vibOCASVi1JvmHSTCxsef1z%2BPyuf%2FZBxsMILdixq2ZsWQPcTwwSJ0HCq8R1BbPYDfvZzTtSSL9N6puu2FgZ5y4cKFPhuvz%2FcYA0qXR565w1Z1HLgjPtToPP6Id1PHEunBacSD%2FsKmixEILh3cRi3UcIqV4oWvulqCd92ksVcrKHyVGKyHpL4XFlmmhwGs3NpFwXCVAdVU1oiTz%2BK%2BwpXYLg7BKg4AGpbWMQ4sh8NZm1gnDs%2BGv1%2B1eLy%2Fl%2Fq4vxjIns6HHWcImUxVlDRLBK5%2B8OEFAtPCEipe%2FgKv3eFwTb2odqKZgN92BZ%2FugSRjo%2Fr8R0ySwBp90FnY%2FDMIcN7HhXjNc2MrUAA9MNPiAU6p38edwqf7Lt24qeDd3mXEEbeok8e80BdbmKU09hcaLakCWs6BHAT0Yj9POXMp5kyl2L%2BivKgWXxOsi3xFzLsh3MqKO5g063GXR3Trbxi9AkvMK2ZoJR8Zt2fYfLiBvlh1eoHv3uI6s4tPsYcm2fPxqsH2hnslwDEd1niMKuPQE7VjcD%2BkKCUjEBEVa9EGkyV78%2BOyhKo12bfzQ4n5UlayMQjli19920JpLSZXS3EiRucuzzpcNHsdMWgePVY32NtasGLXtCCqyozpzEsz735t%2F1nWG0S%2BQ%2FRBcM0dO3n63vSl9Uy1zVCvi7zspf%2FMQle1UARtqGC3PjlLRHyFsAf%2FDaQfIb%2FpJi7%2FcVIIfQZjEZXfTKXILVoZOJVjsWjPxhTv4AH%2BF0m9FzS30STWKVAzjLet4y%2BG2viznw31WnSTUBuzRX3qFex4q4DEeJGAdRFctRthbnlOegApMO82H8eaqZOjT%2FzKqd5ZcRJSWwWI3SYiDBXQ%2FhVXqom2hFLimXhSIEplNhgVPSFxHA7zTPkLXNxOe9uYZhnEAuFxckd1Y3gU%2BTr3yvvDCHWGKQ2mmLxger7tDGfOD1yXaXT5TKbEd3rL%2FNkpDjBjvFS08Di6z3bsis44DpFj6299FkIwa5CezPTd1QyWacPu9%2FdtjytEhikDVhvnxhDsPj3oZDNMsZ3icXR1Fbemew735Jflg2FegS%2FxYW93QWs%2BMxbgFOqSLo7o6HZc%2FUyATTPjM7ad6p57P1Fkivy3iE5xdmzjlstr40YyWQGbPyvuK8w4QQA%3D%3D&redirectType=js&inIframe=false&inPopUp=false Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers content-encoding gzip content-type text/html;charset=ISO-8859-1 date Fri, 21 Apr 2023 03:59:50 GMT server nginx vary Accept-Encoding Redirect headers content-length 0 date Fri, 21 Apr 2023 03:59:50 GMT location https://p237996.myckdom.com/adServe/domainClick?ai=BoN40UxkLSzUrBJUO7l-sxDkpxMQahaVFnYn29oJ03CsWvdh7vYlLJgnsIRFzZp_vsJQjQGaEGyH9fE_QqR6gk9i_TRclVxeeUOO8_gldaJdpOF1ScxyV5FGL3HNM2iZpLSZmparWHUKLfMZEwo0GnzIdgxjliIzYlZ0CBoMUA4lO7oBdjPsrgot8xkTCjQaovl-tZBjGz4VRS_DtvIGWM5nlyW7IrcGGjwz4uLhdRhaJIIlCxVZgL7AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU04fFcxJ0StShp2s0_34CATUuHZzeSQTgkyFv_aZQC5A4r4FDOdw858tImbOeXz24ZULVrisSgPMAVWQdFTAZXOx7j-HGqYGJ1kd-mBua0Ris5Q8cw7P3FJb&ui=IKaS41W5VyY0vZyYm90r4ItTvvbnS_Jp5BqBrDJxXOHlbe4UkcyDFgaFNxwl0Jkh062AWwyl1OqpeD-dGg0vFwg32cXraFzWFhrsbR-bPLV58QsxhD7l0g&si=1&oref=0e2cf2173ee362ca438aca30871206d8&optunit=Ci3zGRMKNBop2HskEjiwAA&rb=S0lUVNVU7Ek&rr=4&abtg=0 server nginx
GET H2	200	Primary Request / Show response bestaddin.com/LnfasV43sxOb3HPLDy1Y5eZCWFFdznrvg7eRbOKl4QE/	27 KB 13 KB	332ms 304ms	Document text/html	2606:4700:3036::6815:2863 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bestaddin.com/LnfasV43sxOb3HPLDy1Y5eZCWFFdznrvg7eRbOKl4QE/?cid=90259150134&sid=400050699&s=0.0075 Requested by Host: p237996.myckdom.com URL: https://p237996.myckdom.com/adServe/domainClick?ai=BoN40UxkLSzUrBJUO7l-sxDkpxMQahaVFnYn29oJ03CsWvdh7vYlLJgnsIRFzZp_vsJQjQGaEGyH9fE_QqR6gk9i_TRclVxeeUOO8_gldaJdpOF1ScxyV5FGL3HNM2iZpLSZmparWHUKLfMZEwo0GnzIdgxjliIzYlZ0CBoMUA4lO7oBdjPsrgot8xkTCjQaovl-tZBjGz4VRS_DtvIGWM5nlyW7IrcGGjwz4uLhdRhaJIIlCxVZgL7AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU04fFcxJ0StShp2s0_34CATUuHZzeSQTgkyFv_aZQC5A4r4FDOdw858tImbOeXz24ZULVrisSgPMAVWQdFTAZXOx7j-HGqYGJ1kd-mBua0Ris5Q8cw7P3FJb&ui=IKaS41W5VyY0vZyYm90r4ItTvvbnS_Jp5BqBrDJxXOHlbe4UkcyDFgaFNxwl0Jkh062AWwyl1OqpeD-dGg0vFwg32cXraFzWFhrsbR-bPLV58QsxhD7l0g&si=1&oref=0e2cf2173ee362ca438aca30871206d8&optunit=Ci3zGRMKNBop2HskEjiwAA&rb=S0lUVNVU7Ek&rr=4&abtg=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2863 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e482c7c081ca8efa66d5890ff9663abed367ce301421c7e1c3aecb2b8db6d265` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version access-control-allow-origin * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7bb2b7766b52f6ea-NRT content-encoding br content-type text/html date Fri, 21 Apr 2023 03:59:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJJ5VDiiaqOGWNhaN7DJ2ajoKeeWF%2BVhummYSesc46IiasVYN8ItYocbG%2BcWgW7zx0AXXbFTeSC1a1rcZZF8lZ1lFTcDvz8VuA0ilMqk79xLvyyDx6YUpQCWZFAYyapwl888M2gJPuaGnoQn"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2` Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET H2	200	AFU1kAAPatM Show response feed.cn-rtb.com/v1/native/	657 B 862 B	768ms 752ms	Fetch application/json	104.21.21.106 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://feed.cn-rtb.com/v1/native/AFU1kAAPatM?subid=63908&uid=d7593f4d-170a-4258-80f8-f359d207c95e&kw=download%20install Requested by Host: bestaddin.com URL: https://bestaddin.com/LnfasV43sxOb3HPLDy1Y5eZCWFFdznrvg7eRbOKl4QE/?cid=90259150134&sid=400050699&s=0.0075 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.21.106 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6ca63a094129da77e63436bccd4848381da0c6f9f8915214b0d15aa701522d41` Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestaddin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:59:51 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare model report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3wCYqpDqS3bhOr79tVh49HRdsUSN%2Bqizo%2BmoQJN6CLvjIxuOv7%2BIsf58p6HvMJHUzgzq1ovrDq0PBxs5%2BMRjv3rgr2XDF7L2qf89vexoIU5AyncKXFNxzTXvVSO%2FHNOrYw%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-cache cf-ray 7bb2b778aeb6f6d9-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	conf.json Show response bestaddin.com/hood/YmVzdGFkZGluLmNvbQ==/	49 B 406 B	156ms 154ms	Fetch application/json	2606:4700:3036::6815:2863 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bestaddin.com/hood/YmVzdGFkZGluLmNvbQ==/conf.json Requested by Host: bestaddin.com URL: https://bestaddin.com/LnfasV43sxOb3HPLDy1Y5eZCWFFdznrvg7eRbOKl4QE/?cid=90259150134&sid=400050699&s=0.0075 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2863 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `69f33145c96e06528420f9bebc6f47bf083ee842cb37531b42c55d6215a1a91f` Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestaddin.com/LnfasV43sxOb3HPLDy1Y5eZCWFFdznrvg7eRbOKl4QE/?cid=90259150134&sid=400050699&s=0.0075 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:59:51 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Tue, 07 Mar 2023 11:03:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"640719f9-31" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abY%2F1mlCUkLSzQzro4ImGQR6qP7Kw4Qc32ScwpeYzlBciKlZYDjpvh%2FFZdmWW%2B1xiGDfEBwtdKKt4RY584KY04RcPe2li6t8%2Fn4FyDQoj4UQ8hHMq40wRDIZ0EZ%2Fg4aDH%2BWlPhrdCR9lGufM"}],"group":"cf-nel","max_age":604800} content-type application/json cf-ray 7bb2b7789ce2f6ea-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET DATA	200 OK	truncated /	748 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23` Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	ht.js Show response sdk.ocmhood.com/sdk/	29 KB 12 KB	29ms 14ms	Script application/javascript	2606:4700:20::ac43:4809 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2IX8xNDY4MjE0NotH Requested by Host: bestaddin.com URL: https://bestaddin.com/LnfasV43sxOb3HPLDy1Y5eZCWFFdznrvg7eRbOKl4QE/?cid=90259150134&sid=400050699&s=0.0075 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4809 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `21665b9600ac889b2ba06e3af0a300b2ecdd03e4f48e9de954f7ab04d0ff9c6d` Request headers Referer https://bestaddin.com/ Origin https://bestaddin.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:59:51 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3500 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 service-worker-allowed / last-modified Tue, 04 Apr 2023 11:17:27 GMT server cloudflare etag W/"642c0747-2e62" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53oaHD7JGauFgxY7xs5UmkIlUuQFT2rOtGGwGA6gslKBtZN9DHfPN7eNdMQ%2BDaLHfi9FliJeyFMhozHg7FI2x2SPzzxhpWlXpgiVkPLKmBP7iapx0pW9%2BpRvRmu7%2BuOEvLW48GBreUu5FB0VyQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cf-ray 7bb2b779acb480d7-NRT
GET H2	200	NjY4ZwSkNAFfmDQ2IX8xNDY4MjE0NotH.js Show response cdn.ocmhood.com/tag/	191 B 711 B	25ms 9ms	Script application/javascript	2606:4700:20::681a:6e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.ocmhood.com/tag/NjY4ZwSkNAFfmDQ2IX8xNDY4MjE0NotH.js Requested by Host: sdk.ocmhood.com URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2IX8xNDY4MjE0NotH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c38e033d87ae159300d690eb6b8e3d9124ed3d8f65010314f74246f6f7beb7ce` Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestaddin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:59:51 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 887 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 service-worker-allowed / last-modified Tue, 24 Jan 2023 10:19:03 GMT server cloudflare etag W/"63cfb097-bf" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctGOY7HrohV9MgOpt6xWUS3kviWTwrh5Nb7Hb43uwJD65UPon4955BF%2FGw3cm3n650fY6heGE4CPHjB6r2YVxuH9rv2HNZ3Da3sR2VCtZk%2B89qG9s4ZV5ZdJo6BGcmGWAUT%2BD0Hsomx39ug9PQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=300 cf-ray 7bb2b779f838afb7-NRT
POST H2	201	activity t.ocmhood.com/v2/	0 307 B	83ms 81ms	Ping application/octet-stream	2606:4700:20::681a:6e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.ocmhood.com/v2/activity Requested by Host: sdk.ocmhood.com URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2IX8xNDY4MjE0NotH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://bestaddin.com/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 21 Apr 2023 03:59:51 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZchuQhaw%2FKY4sC1czMtEQKbHXQKCekVSW9Zo9n%2BgsnDBJTH7wOxlJeePnG6vQHAPpHvOWZwNVhHy%2Bl6DPeS%2BhrHEYHOhHhu2uSo4ENKCrx%2FA%2BKJFb30Hx8WB%2BHturg0wrS9GrBSbURkh2T4%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control no-cache cf-ray 7bb2b77a184fafb7-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H2	201	activity t.ocmhood.com/v2/	0 268 B	81ms 81ms	Ping application/octet-stream	2606:4700:20::681a:6e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.ocmhood.com/v2/activity Requested by Host: sdk.ocmhood.com URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2IX8xNDY4MjE0NotH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://bestaddin.com/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 21 Apr 2023 03:59:51 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Jx4%2FNoK4CLHlPI30DX4KGMyLqYFnThHR2ghKi%2B0QC74qsicHZeC5rb3Cr7Gugj%2FjeRJxXm9GtfdQ14kqAePM5wp9PIqm72XpQRXP2Quvlrwj6RJXn%2BhMITRFLa9MhCvpRo8WxE2ghmNHLw%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control no-cache cf-ray 7bb2b77a1855afb7-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	imp t.cn-rtb.com/	0 0	89ms 86ms	Fetch	104.21.21.106 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.cn-rtb.com/imp?l2=5yWzgu-m-4s2Lj_AsuGJLGeAwUKo1363hN-SDC0Ue7YUBJEbUdt1RE5f-G_vnxCdsEMnR_7yBAp_DcA4G7U35tPwLfb9mLMOIq9bFx2hqf5PATnoUdg8r-s7ujnaJgZ7zd_fise_yNwvXY7e7YwUPW1JiZIIRV2VAm2IBBA16dMjl9VWx1eNJMkUMehlczcq Requested by Host: bestaddin.com URL: https://bestaddin.com/LnfasV43sxOb3HPLDy1Y5eZCWFFdznrvg7eRbOKl4QE/?cid=90259150134&sid=400050699&s=0.0075 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.21.106 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestaddin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:59:51 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BGj2k3BA9z7yJk5aLW%2BxYeN9cz4TMl2jMvJdWNpU4bfWmtC3gH1svfjtlxDlSPjKToOGK%2FhcxtCcE0Kq0%2FkY7jjhK8mjocQHAl4M1r2K9FjmKkgOu%2F7l3JxOdIxrYo%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cache-control no-cache cf-ray 7bb2b77d6a42f6d9-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bestaddin.com/LnfasV43sxOb3HPLDy1Y5eZCWFFdznrvg7eRbOKl4QE	1969-12-31 23:59:59	Name: session Value: 8Qixg7EqDl04beqLdEl-HaGtvU3ctWxh
.myckdom.com/	1970-01-20 15:33:21	Name: rhid Value: 83150929086
.myckdom.com/	1970-01-20 11:14:13	Name: loi Value: ad_1473740_off_916585_aff_840_cid_237996-CHEALTH.NET_ts_1682049590
.bestaddin.com/	1970-01-20 19:59:45	Name: _ht_v Value: 1682049591.4477739162
.bestaddin.com/	1970-01-20 11:14:11	Name: _ht_s Value: 1682049591.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bestaddin.com
cdn.ocmhood.com
chealth.net
feed.cn-rtb.com
myckdom.com
p237996.myckdom.com
sdk.ocmhood.com
t.cn-rtb.com
t.ocmhood.com
104.21.21.106
2606:4700:20::681a:6e4
2606:4700:20::ac43:4809
2606:4700:3036::6815:2863
52.117.247.211
64.91.240.248
21665b9600ac889b2ba06e3af0a300b2ecdd03e4f48e9de954f7ab04d0ff9c6d
69f33145c96e06528420f9bebc6f47bf083ee842cb37531b42c55d6215a1a91f
6ca63a094129da77e63436bccd4848381da0c6f9f8915214b0d15aa701522d41
a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23
c38e033d87ae159300d690eb6b8e3d9124ed3d8f65010314f74246f6f7beb7ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e482c7c081ca8efa66d5890ff9663abed367ce301421c7e1c3aecb2b8db6d265
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

bestaddin.com Open in urlscan Pro 2606:4700:3036::6815:2863 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

100 %HTTPS

50 %IPv6

5 Domains

9 Subdomains

7 IPs

2 Countries

40 kBTransfer

73 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

5 Cookies

Indicators

bestaddin.com Open in urlscan Pro
2606:4700:3036::6815:2863 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

9
Subdomains

7
IPs

2
Countries

40 kB
Transfer

73 kB
Size

5
Cookies

11 HTTP transactions
2 data transactions