ost1trck.com Open in urlscan Pro
195.201.221.45 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.boaweb.nortonhelp.me/
Effective URL:
https://ost1trck.com/nlp/index.php?id=57NNC6XYilw7GcmzOKCE&s1=1944&s2=486838wbzfydv050&url_bnm_redirect=https://tmj-g...
Submission: On May 10 via automatic, source rescanner (May 10th 2022, 6:12:16 pm UTC) — Scanned from DE

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 5 countries across 13 domains to perform 41 HTTP transactions. The main IP is 195.201.221.45, located in Gunzenhausen, Germany and belongs to HETZNER-AS, DE. The main domain is ost1trck.com.
TLS certificate: Issued by R3 on March 24th 2022. Valid for: 3 months.

This is the only time ost1trck.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.234.210.242 103.234.210.242	38767 (IDNIC-AMS...) (IDNIC-AMSCLOUD-AS-ID PT Awan Media Semesta)
1 15	111.90.143.157 111.90.143.157	45839 (SHINJIRU-...) (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	165.22.198.175 165.22.198.175	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	143.198.248.64 143.198.248.64	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	195.201.221.45 195.201.221.45	24940 (HETZNER-AS) (HETZNER-AS)
1 1	52.58.114.47 52.58.114.47	16509 (AMAZON-02) (AMAZON-02)
1 1	212.32.252.82 212.32.252.82	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	2606:4700:303... 2606:4700:3035::ac43:ad6a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
41	10

1 103.234.210.242 (Indonesia)

ASN38767 (IDNIC-AMSCLOUD-AS-ID PT Awan Media Semesta, ID)
PTR: kolibri.superserver.co.id

www.boaweb.nortonhelp.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 111.90.143.157 (Malaysia) 1 redirects

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: server1.kamon.la

ads.specialadves.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
local.drakefollow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
links.drakefollow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 165.22.198.175 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

browntouchmysky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0.browntouchmysky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.198.248.64 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

di1.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.201.221.45 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.45.221.201.195.clients.your-server.de

ratpor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ost1trck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.114.47 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-114-47.eu-central-1.compute.amazonaws.com

tmj-glo.livenewsline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.252.82 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

veepn.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:ad6a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

veepn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	specialadves.com ads.specialadves.com — Cisco Umbrella Rank: 411427	6 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	20 KB
3	drakefollow.com 1 redirects local.drakefollow.com links.drakefollow.com Failed	2 KB
2	veepn.com 1 redirects veepn.com — Cisco Umbrella Rank: 350753	3 KB
2	browntouchmysky.com browntouchmysky.com Failed 0.browntouchmysky.com	36 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	98 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111 ajax.googleapis.com — Cisco Umbrella Rank: 432	35 KB
1	g2afse.com 1 redirects veepn.g2afse.com	422 B
1	livenewsline.com 1 redirects tmj-glo.livenewsline.com	538 B
1	ost1trck.com ost1trck.com	275 B
1	ratpor.com 1 redirects ratpor.com	614 B
1	di1.biz 1 redirects di1.biz — Cisco Umbrella Rank: 508365	484 B
1	nortonhelp.me www.boaweb.nortonhelp.me	6 KB
41	13

	Domain	Requested by
12	ads.specialadves.com	www.boaweb.nortonhelp.me
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	veepn.com	1 redirects
2	links.drakefollow.com	local.drakefollow.com
2	www.googletagmanager.com	www.boaweb.nortonhelp.me www.googletagmanager.com
1	veepn.g2afse.com	1 redirects
1	tmj-glo.livenewsline.com	1 redirects
1	ost1trck.com	www.boaweb.nortonhelp.me
1	ratpor.com	1 redirects
1	di1.biz	1 redirects
1	0.browntouchmysky.com	www.boaweb.nortonhelp.me
1	browntouchmysky.com	links.drakefollow.com
1	local.drakefollow.com	ads.specialadves.com
1	ajax.googleapis.com	www.boaweb.nortonhelp.me
1	fonts.googleapis.com	www.boaweb.nortonhelp.me
1	www.boaweb.nortonhelp.me
41	16

This site contains no links.

Subject Issuer	Validity	Valid
boaweb.co.uk cPanel, Inc. Certification Authority	`2022-02-23` - `2022-05-24`	3 months	crt.sh
specialadves.com R3	`2022-03-19` - `2022-06-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
local.drakefollow.com R3	`2022-05-02` - `2022-07-31`	3 months	crt.sh
links.drakefollow.com R3	`2022-05-02` - `2022-07-31`	3 months	crt.sh
chow-chow.top R3	`2022-05-07` - `2022-08-05`	3 months	crt.sh
ost1trck.com R3	`2022-03-24` - `2022-06-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-15` - `2022-07-14`	a year	crt.sh

This page contains 1 frames:

Frame: https://veepn.com/de/pricing/five-year/?VeePN_clickid=627aaafe38007b0001671e9b&VeePN_affiliate_id=1115&VeePN_offer_id=79&VeePN_sub1=454ed3f8-f3cf-46ea-9ead-f26b4b1fdfe7&VeePN_sub2=13478_1944&VeePN_sub3=&VeePN_sub4=&VeePN_sub5=&VeePN_sub6=&VeePN_sub7=&VeePN_sub8=
Frame ID: 073BE097B951CE3948F60CEB38792312
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.boaweb.nortonhelp.me/ Page URL
https://links.drakefollow.com/forward.php?did=45465&pid=246343&cid=3422 HTTP 302
https://links.drakefollow.com/forward.php?id=976&rid=11284&sid=567692&pid=7845 Page URL
https://browntouchmysky.com/go/mfrwcobrge5denzx?sub1=dombee&sub2=combo00 Page URL
https://0.browntouchmysky.com/index.php?p=mfrwcobrge5denzx&sub1=dombee&sub2=combo00 Page URL
https://di1.biz/?auf=gvrtszdegm5dinzvf4zdonzpgezc6nrzhe2tqzjtmmxtenbpge3dkmrsga3dgmzt&p=l&su... HTTP 302
https://ratpor.com/click.php?key=sqo6m43xdugr203bh0e4&clickid=2d132fa5-13ad-4433-bfd2-27838faa4... HTTP 302
https://ost1trck.com/nlp/index.php?id=57NNC6XYilw7GcmzOKCE&s1=1944&s2=486838wbzfydv050&url_bnm_re... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

63 %
HTTPS

42 %
IPv6

13
Domains

16
Subdomains

10
IPs

5
Countries

202 kB
Transfer

463 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.boaweb.nortonhelp.me/ Page URL
https://links.drakefollow.com/forward.php?did=45465&pid=246343&cid=3422 HTTP 302
https://links.drakefollow.com/forward.php?id=976&rid=11284&sid=567692&pid=7845 Page URL
https://browntouchmysky.com/go/mfrwcobrge5denzx?sub1=dombee&sub2=combo00 Page URL
https://0.browntouchmysky.com/index.php?p=mfrwcobrge5denzx&sub1=dombee&sub2=combo00 Page URL
https://di1.biz/?auf=gvrtszdegm5dinzvf4zdonzpgezc6nrzhe2tqzjtmmxtenbpge3dkmrsga3dgmzt&p=l&sub1=dombee&sub2=combo00&sub3=&sub4=&cpc=0&cpm=0 HTTP 302
https://ratpor.com/click.php?key=sqo6m43xdugr203bh0e4&clickid=2d132fa5-13ad-4433-bfd2-27838faa4a99&cost=0.0021&feedid=feed9475&creative=0&site=69958e3c&age=0&hash=69958e3c&campaign=61595 HTTP 302
https://ost1trck.com/nlp/index.php?id=57NNC6XYilw7GcmzOKCE&s1=1944&s2=486838wbzfydv050&url_bnm_redirect=https://tmj-glo.livenewsline.com/t/clk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://links.drakefollow.com/forward.php?did=45465&pid=246343&cid=3422 HTTP 302
https://links.drakefollow.com/forward.php?id=976&rid=11284&sid=567692&pid=7845

Request Chain 39

https://tmj-glo.livenewsline.com/t/clk?id=57NNC6XYilw7GcmzOKCE&s1=1944&s2=486838wbzfydv050 HTTP 302
https://veepn.g2afse.com/click?pid=1115&offer_id=79&sub1=454ed3f8-f3cf-46ea-9ead-f26b4b1fdfe7&sub2=13478_1944 HTTP 302
https://veepn.com/pricing/five-year/?VeePN_clickid=627aaafe38007b0001671e9b&VeePN_affiliate_id=1115&VeePN_offer_id=79&VeePN_sub1=454ed3f8-f3cf-46ea-9ead-f26b4b1fdfe7&VeePN_sub2=13478_1944&VeePN_sub3=&VeePN_sub4=&VeePN_sub5=&VeePN_sub6=&VeePN_sub7=&VeePN_sub8= HTTP 301
https://veepn.com/de/pricing/five-year/?VeePN_clickid=627aaafe38007b0001671e9b&VeePN_affiliate_id=1115&VeePN_offer_id=79&VeePN_sub1=454ed3f8-f3cf-46ea-9ead-f26b4b1fdfe7&VeePN_sub2=13478_1944&VeePN_sub3=&VeePN_sub4=&VeePN_sub5=&VeePN_sub6=&VeePN_sub7=&VeePN_sub8=

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
www.boaweb.nortonhelp.me/ 22 KB
6 KB 1677ms
898ms Document
text/html 103.234.210.242
IDNIC-AMSCLOUD-AS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.boaweb.nortonhelp.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.234.210.242 , Indonesia, ASN38767 (IDNIC-AMSCLOUD-AS-ID PT Awan Media Semesta, ID),
Reverse DNS: kolibri.superserver.co.id
Software: LiteSpeed / PHP/7.4.29
Resource Hash: 11e4be90cf2ea3b4dc9cc54a2f545aa50c74c87e0e482abb914cdefd54317078

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: public, max-age=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 10 May 2022 18:12:10 GMT
expires: Tue, 10 May 2022 18:12:10 GMT
link: <https://www.boaweb.co.uk/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding
x-powered-by: PHP/7.4.29

GET
H/1.1 200
OK steingerball.js
ads.specialadves.com/ 370 B
527 B 535ms
173ms Stylesheet
text/plain 111.90.143.157
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.specialadves.com/steingerball.js?v=23.9.3&/wp-content/themes/nicheplus/style.css
Requested by: Host: www.boaweb.nortonhelp.me
URL: https://www.boaweb.nortonhelp.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 111.90.143.157 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx /
Resource Hash: 0fca1c2a579488e76d0f4dea6f4259b12fed722cde03d75b7d724199dea003b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boaweb.nortonhelp.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 18:12:09 GMT
Server: nginx
Connection: keep-alive
Content-Length: 370
Content-Type: text/plain; charset=utf-8

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:400,700

Requested by

Host: www.boaweb.nortonhelp.me
URL: https://www.boaweb.nortonhelp.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d343190ab80adf06d442d61dded2102b66cd7751108bbc96a668ae2a1e135f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boaweb.nortonhelp.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 10 May 2022 17:37:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 10 May 2022 18:12:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 May 2022 18:12:11 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 91 KB
34 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: www.boaweb.nortonhelp.me
URL: https://www.boaweb.nortonhelp.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boaweb.nortonhelp.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 13:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 536516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33621
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 13:10:15 GMT

GET
H/1.1 200
OK steingerball.js Show response
ads.specialadves.com/ 370 B
527 B 569ms
198ms Script
text/plain 111.90.143.157
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.specialadves.com/steingerball.js?v=23.9.3&/wp-content/themes/nicheplus/js/modernizr.min.js
Requested by: Host: www.boaweb.nortonhelp.me
URL: https://www.boaweb.nortonhelp.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 111.90.143.157 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx /
Resource Hash: 0fca1c2a579488e76d0f4dea6f4259b12fed722cde03d75b7d724199dea003b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boaweb.nortonhelp.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 18:12:09 GMT
Server: nginx
Connection: keep-alive
Content-Length: 370
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK steingerball.js Show response
ads.specialadves.com/ 370 B
527 B 569ms
189ms Script
text/plain 111.90.143.157
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.specialadves.com/steingerball.js?v=23.9.3&/wp-content/themes/nicheplus/js/adsensiascript.js
Requested by: Host: www.boaweb.nortonhelp.me
URL: https://www.boaweb.nortonhelp.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 111.90.143.157 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx /
Resource Hash: 0fca1c2a579488e76d0f4dea6f4259b12fed722cde03d75b7d724199dea003b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boaweb.nortonhelp.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 18:12:09 GMT
Server: nginx
Connection: keep-alive
Content-Length: 370
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK steingerball.js
ads.specialadves.com/ 370 B
527 B 557ms
192ms Stylesheet
text/plain 111.90.143.157
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.specialadves.com/steingerball.js?v=23.9.3&/wp-content/plugins/contact-form-7/includes/css/styles_css&ver=5.5.3
Requested by: Host: www.boaweb.nortonhelp.me
URL: https://www.boaweb.nortonhelp.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 111.90.143.157 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx /
Resource Hash: 0fca1c2a579488e76d0f4dea6f4259b12fed722cde03d75b7d724199dea003b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boaweb.nortonhelp.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 18:12:09 GMT
Server: nginx
Connection: keep-alive
Content-Length: 370
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK steingerball.js Show response
ads.specialadves.com/ 370 B
527 B 570ms
182ms Script
text/plain 111.90.143.157
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.specialadves.com/steingerball.js?v=23.9.3&/wp-includes/js/jquery/jquery_min_js&ver=3.6.0
Requested by: Host: www.boaweb.nortonhelp.me
URL: https://www.boaweb.nortonhelp.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 111.90.143.157 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx /
Resource Hash: 0fca1c2a579488e76d0f4dea6f4259b12fed722cde03d75b7d724199dea003b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boaweb.nortonhelp.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 18:12:09 GMT
Server: nginx
Connection: keep-alive
Content-Length: 370
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK steingerball.js Show response
ads.specialadves.com/ 370 B
527 B 596ms
200ms Script
text/plain 111.90.143.157
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.specialadves.com/steingerball.js?v=23.9.3&/wp-includes/js/jquery/jquery-migrate_min_js&ver=3.3.2
Requested by: Host: www.boaweb.nortonhelp.me
URL: https://www.boaweb.nortonhelp.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 111.90.143.157 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx /
Resource Hash: 0fca1c2a579488e76d0f4dea6f4259b12fed722cde03d75b7d724199dea003b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boaweb.nortonhelp.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 18:12:09 GMT
Server: nginx
Connection: keep-alive
Content-Length: 370
Content-Type: text/plain; charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 44ms
20ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-214961285-1

Requested by

Host: www.boaweb.nortonhelp.me
URL: https://www.boaweb.nortonhelp.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d593493a7fc38b65863d4628d99162a6c778973683ac35278e4bff93b6a33d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boaweb.nortonhelp.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 18:12:12 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38878
x-xss-protection: 0
expires: Tue, 10 May 2022 18:12:12 GMT

GET
H/1.1 200
OK steingerball.js
ads.specialadves.com/ 370 B
370 B 180ms
179ms Image
text/plain 111.90.143.157
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.specialadves.com/steingerball.js?v=23.9.3&/wp-content/themes/nicheplus/images/home.png
Requested by: Host: www.boaweb.nortonhelp.me
URL: https://www.boaweb.nortonhelp.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 111.90.143.157 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boaweb.nortonhelp.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 18:12:10 GMT
Server: nginx
Connection: keep-alive
Content-Length: 370
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK steingerball.js
ads.specialadves.com/ 370 B
370 B 194ms
194ms Image
text/plain 111.90.143.157
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.specialadves.com/steingerball.js?v=23.9.3&/wp-content/uploads/2021/12/how-to-get-a-covid-passport-letter-UK-768x441.jpg
Requested by: Host: www.boaweb.nortonhelp.me
URL: https://www.boaweb.nortonhelp.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 111.90.143.157 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boaweb.nortonhelp.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 18:12:10 GMT
Server: nginx
Connection: keep-alive
Content-Length: 370
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK steingerball.js Show response
ads.specialadves.com/ 370 B
527 B 181ms
181ms Script
text/plain 111.90.143.157
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.specialadves.com/steingerball.js?v=23.9.3&/wp-includes/js/dist/vendor/regenerator-runtime_min_js&ver=0.13.9
Requested by: Host: www.boaweb.nortonhelp.me
URL: https://www.boaweb.nortonhelp.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 111.90.143.157 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx /
Resource Hash: 0fca1c2a579488e76d0f4dea6f4259b12fed722cde03d75b7d724199dea003b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boaweb.nortonhelp.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 18:12:10 GMT
Server: nginx
Connection: keep-alive
Content-Length: 370
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK steingerball.js Show response
ads.specialadves.com/ 370 B
527 B 181ms
181ms Script
text/plain 111.90.143.157
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.specialadves.com/steingerball.js?v=23.9.3&/wp-includes/js/dist/vendor/wp-polyfill_min_js&ver=3.15.0
Requested by: Host: www.boaweb.nortonhelp.me
URL: https://www.boaweb.nortonhelp.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 111.90.143.157 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx /
Resource Hash: 0fca1c2a579488e76d0f4dea6f4259b12fed722cde03d75b7d724199dea003b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boaweb.nortonhelp.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 18:12:10 GMT
Server: nginx
Connection: keep-alive
Content-Length: 370
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK steingerball.js Show response
ads.specialadves.com/ 370 B
527 B 182ms
181ms Script
text/plain 111.90.143.157
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.specialadves.com/steingerball.js?v=23.9.3&/wp-content/plugins/contact-form-7/includes/js/index_js&ver=5.5.3
Requested by: Host: www.boaweb.nortonhelp.me
URL: https://www.boaweb.nortonhelp.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 111.90.143.157 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx /
Resource Hash: 0fca1c2a579488e76d0f4dea6f4259b12fed722cde03d75b7d724199dea003b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boaweb.nortonhelp.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 18:12:10 GMT
Server: nginx
Connection: keep-alive
Content-Length: 370
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK qsWhDw Show response
local.drakefollow.com/ 331 B
1 KB 577ms
217ms Script
text/plain 111.90.143.157
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://local.drakefollow.com/qsWhDw
Requested by: Host: ads.specialadves.com
URL: https://ads.specialadves.com/steingerball.js?v=23.9.3&/wp-content/themes/nicheplus/js/modernizr.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 111.90.143.157 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx /
Resource Hash: b1e87b3d0c6b3254efd29f290588d5f695aedb5cc55d814d5516399f8adb3038

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boaweb.nortonhelp.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 18:12:10 GMT
Last-Modified: Tue, 10 May 2022 18:07:37 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Content-Length: 331
Expires: 0

GET
H/1.1 200
OK steingerball.js
ads.specialadves.com/ 370 B
370 B 176ms
176ms Image
text/plain 111.90.143.157
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.specialadves.com/steingerball.js?v=23.9.3&/wp-content/themes/nicheplus/images/bg11.jpg
Requested by: Host: www.boaweb.nortonhelp.me
URL: https://www.boaweb.nortonhelp.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 111.90.143.157 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boaweb.nortonhelp.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 18:12:10 GMT
Server: nginx
Connection: keep-alive
Content-Length: 370
Content-Type: text/plain; charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-214961285-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boaweb.nortonhelp.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6783
date: Tue, 10 May 2022 16:19:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 10 May 2022 18:19:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 159 KB
59 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1H771413J2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-214961285-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

821037e5802154c1d7cadd43ca210a5b2bd22b717f24705fc35c2d37e69869e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boaweb.nortonhelp.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 18:12:12 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60520
x-xss-protection: 0
expires: Tue, 10 May 2022 18:12:12 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 31ms
15ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=239692376&t=pageview&_s=1&dl=https%3A%2F%2Fwww.boaweb.nortonhelp.me%2F&ul=en-us&de=UTF-8&dt=BOAweb.co.uk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=449952751&gjid=972812890&cid=1279467586.1652206332&tid=UA-214961285-1&_gid=1774456212.1652206332&_r=1&gtm=2ou590&did=dZTNiMT&gdid=dZTNiMT&z=1113309547

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.boaweb.nortonhelp.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 May 2022 18:12:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.boaweb.nortonhelp.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 15ms
14ms Ping
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-1H771413J2&gtm=2oe590&_p=239692376&_z=ccd.tbB&cid=1279467586.1652206332&gdid=dZTNiMT&ul=en-us&sr=1600x1200&_s=1&sid=1652206332&sct=1&seg=0&dl=https%3A%2F%2Fwww.boaweb.nortonhelp.me%2F&dt=BOAweb.co.uk&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1H771413J2&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.boaweb.nortonhelp.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 18:12:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.boaweb.nortonhelp.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET forward.php
links.drakefollow.com/ 0
0

GET
H/1.1

200
OK

forward.php
links.drakefollow.com/
Redirect Chain

https://links.drakefollow.com/forward.php?did=45465&pid=246343&cid=3422
https://links.drakefollow.com/forward.php?id=976&rid=11284&sid=567692&pid=7845

834 B
615 B

174ms
174ms

Document
text/html

111.90.143.157
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://links.drakefollow.com/forward.php?id=976&rid=11284&sid=567692&pid=7845
Requested by: Host: local.drakefollow.com
URL: https://local.drakefollow.com/qsWhDw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 111.90.143.157 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx /
Resource Hash

Request headers

Referer: https://www.boaweb.nortonhelp.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 412
Content-Type: text/html; charset=UTF-8
Date: Tue, 10 May 2022 18:12:11 GMT
Server: nginx
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 10 May 2022 18:12:11 GMT
Location: https://links.drakefollow.com/forward.php?id=976&rid=11284&sid=567692&pid=7845
Server: nginx

POST collect
www.google-analytics.com/g/ 0
0

GET mfrwcobrge5denzx
browntouchmysky.com/go/ 0
0

GET
H2 200 mfrwcobrge5denzx Show response
browntouchmysky.com/go/ 18 KB
18 KB 53ms
20ms Document
text/html 165.22.198.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://browntouchmysky.com/go/mfrwcobrge5denzx?sub1=dombee&sub2=combo00

Requested by

Host: links.drakefollow.com
URL: https://links.drakefollow.com/forward.php?id=976&rid=11284&sid=567692&pid=7845

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

165.22.198.175 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f1e3253852ba400a4b6b2c1cbbbff0e8c372f85995cda8cb6257bfb106a3e660

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://links.drakefollow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-security-policy: img-src https: data:; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 10 May 2022 18:12:13 GMT
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 index.php Show response
0.browntouchmysky.com/ 18 KB
18 KB 29ms
22ms Document
text/html 165.22.198.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://0.browntouchmysky.com/index.php?p=mfrwcobrge5denzx&sub1=dombee&sub2=combo00

Requested by

Host: www.boaweb.nortonhelp.me
URL: https://www.boaweb.nortonhelp.me/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

165.22.198.175 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

0f4026d89be24dc4c6f5e5d554acbfa39a369a47d925e1f06fc2d1ae245dca70

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://browntouchmysky.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-security-policy: img-src https: data:; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 10 May 2022 18:12:13 GMT
server: nginx
strict-transport-security: max-age=31536000

GET
H2

200

Primary Request index.php Show response
ost1trck.com/nlp/
Redirect Chain

https://di1.biz/?auf=gvrtszdegm5dinzvf4zdonzpgezc6nrzhe2tqzjtmmxtenbpge3dkmrsga3dgmzt&p=l&sub1=dombee&sub2=combo00&sub3=&sub4=&cpc=0&cpm=0
https://ratpor.com/click.php?key=sqo6m43xdugr203bh0e4&clickid=2d132fa5-13ad-4433-bfd2-27838faa4a99&cost=0.0021&feedid=feed9475&creative=0&site=69958e3c&age=0&hash=69958e3c&campaign=61595
https://ost1trck.com/nlp/index.php?id=57NNC6XYilw7GcmzOKCE&s1=1944&s2=486838wbzfydv050&url_bnm_redirect=https://tmj-glo.livenewsline.com/t/clk

135 B
275 B

26ms
5ms

Document
text/html

195.201.221.45
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ost1trck.com/nlp/index.php?id=57NNC6XYilw7GcmzOKCE&s1=1944&s2=486838wbzfydv050&url_bnm_redirect=https://tmj-glo.livenewsline.com/t/clk

Requested by

Host: www.boaweb.nortonhelp.me
URL: https://www.boaweb.nortonhelp.me/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

195.201.221.45 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.45.221.201.195.clients.your-server.de

Software

nginx/1.18.0 /

Resource Hash

d4300a71e9cab7fb772a513bea39fd29fb50dd7e6cccce34573ad7da76281087

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://0.browntouchmysky.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 10 May 2022 18:12:14 GMT
server: nginx/1.18.0
strict-transport-security: max-age=31536000

Redirect headers

content-type: text/html; charset=UTF-8
date: Tue, 10 May 2022 18:12:14 GMT
location: https://ost1trck.com/nlp/index.php?id=57NNC6XYilw7GcmzOKCE&s1=1944&s2=486838wbzfydv050&url_bnm_redirect=https://tmj-glo.livenewsline.com/t/clk
server: nginx/1.18.0
strict-transport-security: max-age=31536000

GET
H3

200

/
veepn.com/de/pricing/five-year/
Redirect Chain

https://tmj-glo.livenewsline.com/t/clk?id=57NNC6XYilw7GcmzOKCE&s1=1944&s2=486838wbzfydv050
https://veepn.g2afse.com/click?pid=1115&offer_id=79&sub1=454ed3f8-f3cf-46ea-9ead-f26b4b1fdfe7&sub2=13478_1944
https://veepn.com/pricing/five-year/?VeePN_clickid=627aaafe38007b0001671e9b&VeePN_affiliate_id=1115&VeePN_offer_id=79&VeePN_sub1=454ed3f8-f3cf-46ea-9ead-f26b4b1fdfe7&VeePN_sub2=13478_1944&VeePN_sub...
https://veepn.com/de/pricing/five-year/?VeePN_clickid=627aaafe38007b0001671e9b&VeePN_affiliate_id=1115&VeePN_offer_id=79&VeePN_sub1=454ed3f8-f3cf-46ea-9ead-f26b4b1fdfe7&VeePN_sub2=13478_1944&VeePN_...

0
0

1190ms
1165ms

Document
text/html

2606:4700:3035::ac43:ad6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://veepn.com/de/pricing/five-year/?VeePN_clickid=627aaafe38007b0001671e9b&VeePN_affiliate_id=1115&VeePN_offer_id=79&VeePN_sub1=454ed3f8-f3cf-46ea-9ead-f26b4b1fdfe7&VeePN_sub2=13478_1944&VeePN_sub3=&VeePN_sub4=&VeePN_sub5=&VeePN_sub6=&VeePN_sub7=&VeePN_sub8=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:ad6a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.bluesnap.com https://.googleoptimize.com https://.clarity.ms https://.chatbot.com https://platform-api.sharethis.com https://.stripe.com https://.doubleclick.net https://bat.bing.com https://csp.withgoogle.com https://www.gstatic.com https://.gstatic.com https://.google.com https://.google-analytics.com https://connect.facebook.net https://.livechatinc.com https://.bluesnap.com https://ssl.kaptcha.com https://includestest.ccdc02.com/ https://cdnjs.cloudflare.com/ https://code.jquery.com/ https://ajax.googleapis.com/ https://optimize.google.com/ https://platform.twitter.com/ http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com https://tagmanager.google.com/ https://www.googletagmanager.com/ https://.stripe.com https://js-agent.newrelic.com https://bam.nr-data.net https://www.googleadservices.com https://img.sedoparking.com https://buttons-config.sharethis.com https://veepn.com/blog/ ; img-src * data:; style-src 'self' 'unsafe-inline' https://.bluesnap.com https://.googleoptimize.com https://.stripe.com https://fonts.googleapis.com https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://tagmanager.google.com/ https://veepn.com/blog/ ; font-src 'self' https://.bluesnap.com https://.googleoptimize.com https://.stripe.com https://themes.googleusercontent.com https://cdnjs.cloudflare.com/ https://fonts.gstatic.com/ http://static.hotjar.com https://static.hotjar.com https://veepn.com/blog/ data:; frame-src https://.bluesnap.com https://.googleoptimize.com https://.chatbot.com https://.bluesnap.com https://ssl.kaptcha.com https://.stripe.com https://s-static.ak.facebook.com https://.livechatinc.com https://www.google.com/recaptcha/ https://vars.hotjar.com 'self' https://optimize.google.com/ https://.facebook.com/ https://platform.twitter.com/ https://c.sharethis.mgr.consensu.org ; object-src 'none'; worker-src 'self' https://.bluesnap.com https://.googleoptimize.com https://.stripe.com https://vars.hotjar.com ; connect-src 'self' https://.bluesnap.com https://.googleoptimize.com https://.clarity.ms https://.chatbot.com https://.livechatinc.com https://www.google-analytics.com https://.stripe.com https://ssl.kaptcha.com http://.hotjar.com: http://.hotjar.io: https://.hotjar.com: https://.hotjar.io: wss://.hotjar.com wss://.hotjar.io https://ipleak.asnapi.com https://*.dig.mydnsip.com https://l.sharethis.com https://stats.g.doubleclick.net ; media-src 'self' https://cdn.livechatinc.com ; frame-ancestors 'self';
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ost1trck.com/nlp/index.php?id=57NNC6XYilw7GcmzOKCE&s1=1944&s2=486838wbzfydv050&url_bnm_redirect=https://tmj-glo.livenewsline.com/t/clk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7094a45adcc89b9b-FRA
content-encoding: br
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.bluesnap.com https://*.googleoptimize.com https://*.clarity.ms https://*.chatbot.com https://platform-api.sharethis.com https://*.stripe.com https://*.doubleclick.net https://bat.bing.com https://csp.withgoogle.com https://www.gstatic.com https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://connect.facebook.net https://*.livechatinc.com https://*.bluesnap.com https://ssl.kaptcha.com https://includestest.ccdc02.com/ https://cdnjs.cloudflare.com/ https://code.jquery.com/ https://ajax.googleapis.com/ https://optimize.google.com/ https://platform.twitter.com/ http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com https://tagmanager.google.com/ https://www.googletagmanager.com/ https://*.stripe.com https://js-agent.newrelic.com https://bam.nr-data.net https://www.googleadservices.com https://img.sedoparking.com https://buttons-config.sharethis.com https://veepn.com/blog/ ; img-src * data:; style-src 'self' 'unsafe-inline' https://*.bluesnap.com https://*.googleoptimize.com https://*.stripe.com https://fonts.googleapis.com https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://tagmanager.google.com/ https://veepn.com/blog/ ; font-src 'self' https://*.bluesnap.com https://*.googleoptimize.com https://*.stripe.com https://themes.googleusercontent.com https://cdnjs.cloudflare.com/ https://fonts.gstatic.com/ http://static.hotjar.com https://static.hotjar.com https://veepn.com/blog/ data:; frame-src https://*.bluesnap.com https://*.googleoptimize.com https://*.chatbot.com https://*.bluesnap.com https://ssl.kaptcha.com https://*.stripe.com https://s-static.ak.facebook.com https://*.livechatinc.com https://www.google.com/recaptcha/ https://vars.hotjar.com 'self' https://optimize.google.com/ https://*.facebook.com/ https://platform.twitter.com/ https://c.sharethis.mgr.consensu.org ; object-src 'none'; worker-src 'self' https://*.bluesnap.com https://*.googleoptimize.com https://*.stripe.com https://vars.hotjar.com ; connect-src 'self' https://*.bluesnap.com https://*.googleoptimize.com https://*.clarity.ms https://*.chatbot.com https://*.livechatinc.com https://www.google-analytics.com https://*.stripe.com https://ssl.kaptcha.com http://*.hotjar.com:* http://*.hotjar.io:* https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com wss://*.hotjar.io https://ipleak.asnapi.com https://*.dig.mydnsip.com https://l.sharethis.com https://stats.g.doubleclick.net ; media-src 'self' https://cdn.livechatinc.com ; frame-ancestors 'self';
content-type: text/html; charset=UTF-8
date: Tue, 10 May 2022 18:12:16 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmvB3YXdOksUQSKShQPzwWjTTX3i1NKVUuZe%2FpA3yybIbIgWUHs41kEh3i2fUW38z0vQxzgkVTCnculwKE2vSsz%2Bp%2BOJepoeqmFjn%2FJ6tqnP4OmK3dFHkfZSCKH3x%2FJHz8PgYRPOw50%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7094a4562acc9066-FRA
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.bluesnap.com https://*.googleoptimize.com https://*.clarity.ms https://*.chatbot.com https://platform-api.sharethis.com https://*.stripe.com https://*.doubleclick.net https://bat.bing.com https://csp.withgoogle.com https://www.gstatic.com https://*.gstatic.com https://*.google.com https://*.google-analytics.com https://connect.facebook.net https://*.livechatinc.com https://*.bluesnap.com https://ssl.kaptcha.com https://includestest.ccdc02.com/ https://cdnjs.cloudflare.com/ https://code.jquery.com/ https://ajax.googleapis.com/ https://optimize.google.com/ https://platform.twitter.com/ http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com https://tagmanager.google.com/ https://www.googletagmanager.com/ https://*.stripe.com https://js-agent.newrelic.com https://bam.nr-data.net https://www.googleadservices.com https://img.sedoparking.com https://buttons-config.sharethis.com https://veepn.com/blog/ ; img-src * data:; style-src 'self' 'unsafe-inline' https://*.bluesnap.com https://*.googleoptimize.com https://*.stripe.com https://fonts.googleapis.com https://cdnjs.cloudflare.com/ https://optimize.google.com/ https://tagmanager.google.com/ https://veepn.com/blog/ ; font-src 'self' https://*.bluesnap.com https://*.googleoptimize.com https://*.stripe.com https://themes.googleusercontent.com https://cdnjs.cloudflare.com/ https://fonts.gstatic.com/ http://static.hotjar.com https://static.hotjar.com https://veepn.com/blog/ data:; frame-src https://*.bluesnap.com https://*.googleoptimize.com https://*.chatbot.com https://*.bluesnap.com https://ssl.kaptcha.com https://*.stripe.com https://s-static.ak.facebook.com https://*.livechatinc.com https://www.google.com/recaptcha/ https://vars.hotjar.com 'self' https://optimize.google.com/ https://*.facebook.com/ https://platform.twitter.com/ https://c.sharethis.mgr.consensu.org ; object-src 'none'; worker-src 'self' https://*.bluesnap.com https://*.googleoptimize.com https://*.stripe.com https://vars.hotjar.com ; connect-src 'self' https://*.bluesnap.com https://*.googleoptimize.com https://*.clarity.ms https://*.chatbot.com https://*.livechatinc.com https://www.google-analytics.com https://*.stripe.com https://ssl.kaptcha.com http://*.hotjar.com:* http://*.hotjar.io:* https://*.hotjar.com:* https://*.hotjar.io:* wss://*.hotjar.com wss://*.hotjar.io https://ipleak.asnapi.com https://*.dig.mydnsip.com https://l.sharethis.com https://stats.g.doubleclick.net ; media-src 'self' https://cdn.livechatinc.com ; frame-ancestors 'self';
content-type: text/html; charset=UTF-8
date: Tue, 10 May 2022 18:12:15 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://veepn.com/de/pricing/five-year/?VeePN_clickid=627aaafe38007b0001671e9b&VeePN_affiliate_id=1115&VeePN_offer_id=79&VeePN_sub1=454ed3f8-f3cf-46ea-9ead-f26b4b1fdfe7&VeePN_sub2=13478_1944&VeePN_sub3=&VeePN_sub4=&VeePN_sub5=&VeePN_sub6=&VeePN_sub7=&VeePN_sub8=
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCN06OEaT1OkyiJ0dB2hodVJfc9%2FajN3OsI%2FjWdBAYlPghfrmBDheBa93mtRCrs2wmKKu1al5l2Zekvmspe92S0quTtQ1jLCEE5c1U2LqRvOz95297iRB0gjCpJMjpNz75vnfjc7zt0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: links.drakefollow.com
URL: https://links.drakefollow.com/forward.php?did=45465&pid=246343&cid=3422

Domain: links.drakefollow.com
URL: https://links.drakefollow.com/forward.php?did=45465&pid=246343&cid=3422

Domain: links.drakefollow.com
URL: https://links.drakefollow.com/forward.php?did=45465&pid=246343&cid=3422

Domain: links.drakefollow.com
URL: https://links.drakefollow.com/forward.php?did=45465&pid=246343&cid=3422

Domain: links.drakefollow.com
URL: https://links.drakefollow.com/forward.php?did=45465&pid=246343&cid=3422

Domain: links.drakefollow.com
URL: https://links.drakefollow.com/forward.php?did=45465&pid=246343&cid=3422

Domain: links.drakefollow.com
URL: https://links.drakefollow.com/forward.php?did=45465&pid=246343&cid=3422

Domain: links.drakefollow.com
URL: https://links.drakefollow.com/forward.php?did=45465&pid=246343&cid=3422

Domain: links.drakefollow.com
URL: https://links.drakefollow.com/forward.php?did=45465&pid=246343&cid=3422

Domain: links.drakefollow.com
URL: https://links.drakefollow.com/forward.php?did=45465&pid=246343&cid=3422

Domain: links.drakefollow.com
URL: https://links.drakefollow.com/forward.php?did=45465&pid=246343&cid=3422

Domain: links.drakefollow.com
URL: https://links.drakefollow.com/forward.php?did=45465&pid=246343&cid=3422

Domain: links.drakefollow.com
URL: https://links.drakefollow.com/forward.php?did=45465&pid=246343&cid=3422

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-1H771413J2&gtm=2oe590&_p=239692376&_z=ccd.tbB&cid=1279467586.1652206332&gdid=dZTNiMT&ul=en-us&sr=1600x1200&_s=2&sid=1652206332&sct=1&seg=0&dl=https%3A%2F%2Fwww.boaweb.nortonhelp.me%2F&dt=BOAweb.co.uk&en=user_engagement&_et=1438

Domain: browntouchmysky.com
URL: https://browntouchmysky.com/go/mfrwcobrge5denzx?sub1=dombee&sub2=combo00

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nortonhelp.me/	1970-01-20 02:58:12	Name: _gid Value: GA1.2.1774456212.1652206332
.nortonhelp.me/	1970-01-20 02:56:46	Name: _gat_gtag_UA_214961285_1 Value: 1
.nortonhelp.me/	1970-01-20 20:27:58	Name: _ga Value: GA1.1.1279467586.1652206332
.nortonhelp.me/	1970-01-20 20:27:58	Name: _ga_1H771413J2 Value: GS1.1.1652206332.1.0.1652206333.0
.browntouchmysky.com/	1970-01-20 03:39:58	Name: uuid Value: f8258cc2-2a66-4079-9029-d6df861b9844
.0.browntouchmysky.com/	1970-01-20 03:39:58	Name: uuid Value: f8258cc2-2a66-4079-9029-d6df861b9844
di1.biz/	1970-01-20 03:39:58	Name: uuid Value: 6790d365-f66e-4b72-8c6c-ca6ff0991457
.di1.biz/	1970-01-20 02:58:12	Name: ccid Value: %5B61595%5D
ratpor.com/	1970-01-20 02:58:12	Name: uclick Value: 8wbzfyxi
ratpor.com/	1970-01-20 02:58:12	Name: uclickhash Value: 8wbzfyxi-8wbzfydv-bz5m-0-8rik-wh9l-wha9-13ab00
tmj-glo.livenewsline.com/	1970-01-20 03:39:58	Name: uip Value: "[\"j7ZQzrfI5w\"\054 {\"Yj38A\": \"ywrVk69\"}]:1noULG:TBW7QMsNH4NomBjykrL39hFybCQ"
tmj-glo.livenewsline.com/	1970-01-20 03:40:05	Name: ydt_08f9b7e66b67408ab6333eff093e3798 Value: "[\"454ed3f8-f3cf-46ea-9ead-f26b4b1fdfe7\"]:1noULG:IcEz5j--uE54W2l8toRVzb_E_0g"
veepn.g2afse.com/	1970-01-20 11:42:22	Name: afclick Value: 627aaafe38007b0001671e9b
veepn.g2afse.com/	1970-01-20 11:42:22	Name: afoffers Value: {"79":1652206334}
.veepn.com/	1969-12-31 23:59:59	Name: advanced-auth Value: 0leipvofnnv4a7ukqva08sh6qq

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.browntouchmysky.com
ads.specialadves.com
ajax.googleapis.com
browntouchmysky.com
di1.biz
fonts.googleapis.com
links.drakefollow.com
local.drakefollow.com
ost1trck.com
ratpor.com
tmj-glo.livenewsline.com
veepn.com
veepn.g2afse.com
www.boaweb.nortonhelp.me
www.google-analytics.com
www.googletagmanager.com
browntouchmysky.com
links.drakefollow.com
www.google-analytics.com
103.234.210.242
111.90.143.157
143.198.248.64
165.22.198.175
195.201.221.45
212.32.252.82
2606:4700:3035::ac43:ad6a
2a00:1450:4001:813::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200e
52.58.114.47
0f4026d89be24dc4c6f5e5d554acbfa39a369a47d925e1f06fc2d1ae245dca70
0fca1c2a579488e76d0f4dea6f4259b12fed722cde03d75b7d724199dea003b3
11e4be90cf2ea3b4dc9cc54a2f545aa50c74c87e0e482abb914cdefd54317078
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
821037e5802154c1d7cadd43ca210a5b2bd22b717f24705fc35c2d37e69869e8
8d343190ab80adf06d442d61dded2102b66cd7751108bbc96a668ae2a1e135f3
8d593493a7fc38b65863d4628d99162a6c778973683ac35278e4bff93b6a33d6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b1e87b3d0c6b3254efd29f290588d5f695aedb5cc55d814d5516399f8adb3038
d4300a71e9cab7fb772a513bea39fd29fb50dd7e6cccce34573ad7da76281087
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1e3253852ba400a4b6b2c1cbbbff0e8c372f85995cda8cb6257bfb106a3e660
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

ost1trck.com Open in urlscan Pro 195.201.221.45 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

63 %HTTPS

42 %IPv6

13 Domains

16 Subdomains

10 IPs

5 Countries

202 kBTransfer

463 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

ost1trck.com Open in urlscan Pro
195.201.221.45 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

63 %
HTTPS

42 %
IPv6

13
Domains

16
Subdomains

10
IPs

5
Countries

202 kB
Transfer

463 kB
Size

15
Cookies

41 HTTP transactions
0 data transactions