pefwfw.pro
Open in
urlscan Pro
91.228.153.90
Public Scan
Submitted URL: http://gurfv.pro/?target=-7EA5QCQIAAAPsTgOUOQAFEQkKEQEKAAE&ap=31666&clickid=oodNPTHRVHbPHNPW7wQHXUW20UunlmsqoopdK...
Effective URL: http://pefwfw.pro/azffrgtvqv/VigcrHRzKhi1yjb/?clickid=oodNPTHRVHbPHNPW7wQHXUW20UunlmsqoopdK6iWVU9UrqppXWUOndNM6qt0...
Submission: On June 27 via manual from JP
Effective URL: http://pefwfw.pro/azffrgtvqv/VigcrHRzKhi1yjb/?clickid=oodNPTHRVHbPHNPW7wQHXUW20UunlmsqoopdK6iWVU9UrqppXWUOndNM6qt0...
Submission: On June 27 via manual from JP
Summary
This website contacted 13 IPs
in 6 countries
across 15 domains to perform 29 HTTP transactions.
The main IP is 91.228.153.90, located in
Frankfurt, Germany and
belongs to DE-FIRSTCOLO www.first-colo.net, DE.
The main domain is pefwfw.pro.
This is the only time pefwfw.pro was scanned on urlscan.io!
This is the only time pefwfw.pro was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 2 | 91.228.153.90 91.228.153.90 | 44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net) | |
| 16 | 2a03:90c0:999... 2a03:90c0:9997::9997 | 199524 (GCORE) (GCORE) | |
| 1 | 91.228.153.25 91.228.153.25 | 44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net) | |
| 1 | 216.58.207.66 216.58.207.66 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 2 3 | 31.172.81.158 31.172.81.158 | 44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net) | |
| 5 5 | 31.172.81.159 31.172.81.159 | 44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net) | |
| 2 2 | 185.33.223.215 185.33.223.215 | 29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus) | |
| 2 3 | 31.172.81.172 31.172.81.172 | 44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:81c::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:816::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 31.172.81.242 31.172.81.242 | 44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net) | |
| 1 3 | 31.172.81.160 31.172.81.160 | 44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:820::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:820::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 88.208.41.102 88.208.41.102 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
| 29 | 13 |
2
91.228.153.90
(Frankfurt, Germany)
ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde252-7.fornex.org
ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde252-7.fornex.org
| gurfv.pro | |
| pefwfw.pro |
1
91.228.153.25
(Frankfurt, Germany)
ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde252-4.fornex.org
ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde252-4.fornex.org
| user-actrk.com |
1
216.58.207.66
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f2.1e100.net
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f2.1e100.net
| www.googleadservices.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 15 |
dadbab.info
dadbab.info |
401 KB |
| 7 |
user-grey.com
3 redirects
static.user-grey.com sync.user-grey.com |
9 KB |
| 5 |
adsniper.ru
5 redirects
sync3.adsniper.ru |
9 KB |
| 3 |
user-clicks.com
2 redirects
sync.user-clicks.com |
4 KB |
| 2 |
adnxs.com
2 redirects
ib.adnxs.com |
4 KB |
| 1 |
xl-trk.com
xl-trk.com |
136 B |
| 1 |
google.de
www.google.de |
107 B |
| 1 |
google.com
www.google.com |
116 B |
| 1 |
users-api.com
sync.users-api.com |
364 B |
| 1 |
googleapis.com
fonts.googleapis.com |
804 B |
| 1 |
doubleclick.net
googleads.g.doubleclick.net |
1 KB |
| 1 |
googleadservices.com
www.googleadservices.com |
7 KB |
| 1 |
user-actrk.com
user-actrk.com |
93 B |
| 1 |
pefwfw.pro
pefwfw.pro |
7 KB |
| 1 |
gurfv.pro
1 redirects
gurfv.pro |
914 B |
| 29 | 15 |
| Domain | Requested by | |
|---|---|---|
| 15 | dadbab.info |
pefwfw.pro
|
| 6 | sync.user-grey.com |
3 redirects
pefwfw.pro
|
| 5 | sync3.adsniper.ru | 5 redirects |
| 3 | sync.user-clicks.com |
2 redirects
pefwfw.pro
|
| 2 | ib.adnxs.com | 2 redirects |
| 1 | xl-trk.com |
pefwfw.pro
|
| 1 | www.google.de |
pefwfw.pro
|
| 1 | www.google.com |
pefwfw.pro
|
| 1 | sync.users-api.com |
pefwfw.pro
|
| 1 | fonts.googleapis.com |
pefwfw.pro
|
| 1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
| 1 | www.googleadservices.com |
static.user-grey.com
|
| 1 | user-actrk.com |
pefwfw.pro
|
| 1 | static.user-grey.com |
pefwfw.pro
|
| 1 | pefwfw.pro | |
| 1 | gurfv.pro | 1 redirects |
| 29 | 16 |
This site contains no links.
| Subject Issuer | Validity | Valid |
|---|
This page contains 1 frames:
Primary Page:
http://pefwfw.pro/azffrgtvqv/VigcrHRzKhi1yjb/?clickid=oodNPTHRVHbPHNPW7wQHXUW20UunlmsqoopdK6iWVU9UrqppXWUOndNM6qt0rpXW0zOmtqonnrdNbVNXLS6V0zpXSuldK6Z0rpXTOc6VznOnlcH2&city=&browserversion=67.0.3396&esub=-7EBBQCQMfaeG1pAED7E4DlDkzqzmyezChBAPSLAACEQ0KEQUiEQlCB25sMQAAf2FkY29tYm8&ip=148.251.45.254&brand=&countryname=Germany&ap=31666&device=Other&useragent=Mozilla/5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/67.0.3396.87%20Safari/537.36&model=&osversion=10.13.5&os=Mac%20OS%20X&browser=Chrome
Frame ID: 95A74264378A3729CC88A358481E877B
Requests: 29 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://gurfv.pro/?target=-7EA5QCQIAAAPsTgOUOQAFEQkKEQEKAAE&ap=31666&clickid=oodNPTHRVHbPHNPW7...
HTTP 302
http://pefwfw.pro/azffrgtvqv/VigcrHRzKhi1yjb/?clickid=oodNPTHRVHbPHNPW7wQHXUW20UunlmsqoopdK6iW... Page URL
Detected technologies
Lua
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
OpenResty
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Moment.js
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^moment$/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://gurfv.pro/?target=-7EA5QCQIAAAPsTgOUOQAFEQkKEQEKAAE&ap=31666&clickid=oodNPTHRVHbPHNPW7wQHXUW20UunlmsqoopdK6iWVU9UrqppXWUOndNM6qt0rpXW0zOmtqonnrdNbVNXLS6V0zpXSuldK6Z0rpXTOc6VznOnlcH2
HTTP 302
http://pefwfw.pro/azffrgtvqv/VigcrHRzKhi1yjb/?clickid=oodNPTHRVHbPHNPW7wQHXUW20UunlmsqoopdK6iWVU9UrqppXWUOndNM6qt0rpXW0zOmtqonnrdNbVNXLS6V0zpXSuldK6Z0rpXTOc6VznOnlcH2&city=&browserversion=67.0.3396&esub=-7EBBQCQMfaeG1pAED7E4DlDkzqzmyezChBAPSLAACEQ0KEQUiEQlCB25sMQAAf2FkY29tYm8&ip=148.251.45.254&brand=&countryname=Germany&ap=31666&device=Other&useragent=Mozilla/5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/67.0.3396.87%20Safari/537.36&model=&osversion=10.13.5&os=Mac%20OS%20X&browser=Chrome Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 16- http://sync.user-grey.com/?src=gp3&cid=A2D4FF&cmp=adcombo&act=load&event=start&s_trk={TR_KEY}&rawdata64=eyJuYXZpZ2F0aW9uU3RhcnQiOjE1MzAwODgzNzQ5MzcsInVubG9hZEV2ZW50U3RhcnQiOjAsInVubG9hZEV2ZW50RW5kIjowLCJyZWRpcmVjdFN0YXJ0IjowLCJyZWRpcmVjdEVuZCI6MCwiZmV0Y2hTdGFydCI6MTUzMDA4ODM3NTAyNiwiZG9tYWluTG9va3VwU3RhcnQiOjE1MzAwODgzNzQ5NjYsImRvbWFpbkxvb2t1cEVuZCI6MTUzMDA4ODM3NDk3OCwiY29ubmVjdFN0YXJ0IjoxNTMwMDg4Mzc0OTc4LCJjb25uZWN0RW5kIjoxNTMwMDg4Mzc0OTg0LCJzZWN1cmVDb25uZWN0aW9uU3RhcnQiOjAsInJlcXVlc3RTdGFydCI6MTUzMDA4ODM3NDk4NCwicmVzcG9uc2VTdGFydCI6MTUzMDA4ODM3NTAyNSwicmVzcG9uc2VFbmQiOjE1MzAwODgzNzUwMjYsImRvbUxvYWRpbmciOjE1MzAwODgzNzUwMjcsImRvbUludGVyYWN0aXZlIjowLCJkb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCI6MCwiZG9tQ29udGVudExvYWRlZEV2ZW50RW5kIjowLCJkb21Db21wbGV0ZSI6MCwibG9hZEV2ZW50U3RhcnQiOjAsImxvYWRFdmVudEVuZCI6MH0*&offer_id=14740&page_type=prelanding&page_id=31666&page_esub=-7EBBQCQMfaeG1pAED7E4DlDkzqzmyezChBAPSLAACEQ0KEQUiEQlCB25sMQAAf2FkY29tYm8&version=003 HTTP 302
- http://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi3l83ZBVIFyaDIuQ1aDgoFZXZlbnQSBXN0YXJ0WhEKCG9mZmVyX2lkEgUxNDc0MFpWCglwYWdlX2VzdWISSS03RUJCUUNRTWZhZUcxcEFFRDdFNERsRGt6cXpteWV6Q2hCQVBTTEFBQ0VRMEtFUVVpRVFsQ0IyNXNNUUFBZjJGa1kyOXRZbThaEAoHcGFnZV9pZBIFMzE2NjZaFwoJcGFnZV90eXBlEgpwcmVsYW5kaW5nWs4FCglyYXdkYXRhNjQSwAVleUp1WVhacFoyRjBhVzl1VTNSaGNuUWlPakUxTXpBd09EZ3pOelE1TXpjc0luVnViRzloWkVWMlpXNTBVM1JoY25RaU9qQXNJblZ1Ykc5aFpFVjJaVzUwUlc1a0lqb3dMQ0p5WldScGNtVmpkRk4wWVhKMElqb3dMQ0p5WldScGNtVmpkRVZ1WkNJNk1Dd2labVYwWTJoVGRHRnlkQ0k2TVRVek1EQTRPRE0zTlRBeU5pd2laRzl0WVdsdVRHOXZhM1Z3VTNSaGNuUWlPakUxTXpBd09EZ3pOelE1TmpZc0ltUnZiV0ZwYmt4dmIydDFjRVZ1WkNJNk1UVXpNREE0T0RNM05EazNPQ3dpWTI5dWJtVmpkRk4wWVhKMElqb3hOVE13TURnNE16YzBPVGM0TENKamIyNXVaV04wUlc1a0lqb3hOVE13TURnNE16YzBPVGcwTENKelpXTjFjbVZEYjI1dVpXTjBhVzl1VTNSaGNuUWlPakFzSW5KbGNYVmxjM1JUZEdGeWRDSTZNVFV6TURBNE9ETTNORGs0TkN3aWNtVnpjRzl1YzJWVGRHRnlkQ0k2TVRVek1EQTRPRE0zTlRBeU5Td2ljbVZ6Y0c5dWMyVkZibVFpT2pFMU16QXdPRGd6TnpVd01qWXNJbVJ2YlV4dllXUnBibWNpT2pFMU16QXdPRGd6TnpVd01qY3NJbVJ2YlVsdWRHVnlZV04wYVhabElqb3dMQ0prYjIxRGIyNTBaVzUwVEc5aFpHVmtSWFpsYm5SVGRHRnlkQ0k2TUN3aVpHOXRRMjl1ZEdWdWRFeHZZV1JsWkVWMlpXNTBSVzVrSWpvd0xDSmtiMjFEYjIxd2JHVjBaU0k2TUN3aWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0lteHZZV1JGZG1WdWRFVnVaQ0k2TUgwKloRCgVzX3RyaxIIe1RSX0tFWX1aDgoHdmVyc2lvbhIDMDAz8gEHYWRjb21ib_oBBGxvYWSCAgZBMkQ0RkaKAgh7VFJfS0VZfQ** HTTP 302
- http://sync3.adsniper.ru/?src=ss1&s_data=CAIQARi3l83ZBVIFyaDIuQ1aDgoFZXZlbnQSBXN0YXJ0WhEKCG9mZmVyX2lkEgUxNDc0MFpWCglwYWdlX2VzdWISSS03RUJCUUNRTWZhZUcxcEFFRDdFNERsRGt6cXpteWV6Q2hCQVBTTEFBQ0VRMEtFUVVpRVFsQ0IyNXNNUUFBZjJGa1kyOXRZbThaEAoHcGFnZV9pZBIFMzE2NjZaFwoJcGFnZV90eXBlEgpwcmVsYW5kaW5nWs4FCglyYXdkYXRhNjQSwAVleUp1WVhacFoyRjBhVzl1VTNSaGNuUWlPakUxTXpBd09EZ3pOelE1TXpjc0luVnViRzloWkVWMlpXNTBVM1JoY25RaU9qQXNJblZ1Ykc5aFpFVjJaVzUwUlc1a0lqb3dMQ0p5WldScGNtVmpkRk4wWVhKMElqb3dMQ0p5WldScGNtVmpkRVZ1WkNJNk1Dd2labVYwWTJoVGRHRnlkQ0k2TVRVek1EQTRPRE0zTlRBeU5pd2laRzl0WVdsdVRHOXZhM1Z3VTNSaGNuUWlPakUxTXpBd09EZ3pOelE1TmpZc0ltUnZiV0ZwYmt4dmIydDFjRVZ1WkNJNk1UVXpNREE0T0RNM05EazNPQ3dpWTI5dWJtVmpkRk4wWVhKMElqb3hOVE13TURnNE16YzBPVGM0TENKamIyNXVaV04wUlc1a0lqb3hOVE13TURnNE16YzBPVGcwTENKelpXTjFjbVZEYjI1dVpXTjBhVzl1VTNSaGNuUWlPakFzSW5KbGNYVmxjM1JUZEdGeWRDSTZNVFV6TURBNE9ETTNORGs0TkN3aWNtVnpjRzl1YzJWVGRHRnlkQ0k2TVRVek1EQTRPRE0zTlRBeU5Td2ljbVZ6Y0c5dWMyVkZibVFpT2pFMU16QXdPRGd6TnpVd01qWXNJbVJ2YlV4dllXUnBibWNpT2pFMU16QXdPRGd6TnpVd01qY3NJbVJ2YlVsdWRHVnlZV04wYVhabElqb3dMQ0prYjIxRGIyNTBaVzUwVEc5aFpHVmtSWFpsYm5SVGRHRnlkQ0k2TUN3aVpHOXRRMjl1ZEdWdWRFeHZZV1JsWkVWMlpXNTBSVzVrSWpvd0xDSmtiMjFEYjIxd2JHVjBaU0k2TUN3aWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0lteHZZV1JGZG1WdWRFVnVaQ0k2TUgwKloRCgVzX3RyaxIIe1RSX0tFWX1aDgoHdmVyc2lvbhIDMDAzogEQsHhDtHnkEeim6QAlkMgkN_IBB2FkY29tYm_6AQRsb2FkggIGQTJENEZGigIIe1RSX0tFWX0* HTTP 302
- http://sync.user-grey.com/?src=gp3&s_data=CAIQABi3l83ZBVoOCgVldmVudBIFc3RhcnRaEQoIb2ZmZXJfaWQSBTE0NzQwWlYKCXBhZ2VfZXN1YhJJLTdFQkJRQ1FNZmFlRzFwQUVEN0U0RGxEa3pxem15ZXpDaEJBUFNMQUFDRVEwS0VRVWlFUWxDQjI1c01RQUFmMkZrWTI5dFltOFoQCgdwYWdlX2lkEgUzMTY2NloXCglwYWdlX3R5cGUSCnByZWxhbmRpbmdazgUKCXJhd2RhdGE2NBLABWV5SnVZWFpwWjJGMGFXOXVVM1JoY25RaU9qRTFNekF3T0Rnek56UTVNemNzSW5WdWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0luVnViRzloWkVWMlpXNTBSVzVrSWpvd0xDSnlaV1JwY21WamRGTjBZWEowSWpvd0xDSnlaV1JwY21WamRFVnVaQ0k2TUN3aVptVjBZMmhUZEdGeWRDSTZNVFV6TURBNE9ETTNOVEF5Tml3aVpHOXRZV2x1VEc5dmEzVndVM1JoY25RaU9qRTFNekF3T0Rnek56UTVOallzSW1SdmJXRnBia3h2YjJ0MWNFVnVaQ0k2TVRVek1EQTRPRE0zTkRrM09Dd2lZMjl1Ym1WamRGTjBZWEowSWpveE5UTXdNRGc0TXpjME9UYzRMQ0pqYjI1dVpXTjBSVzVrSWpveE5UTXdNRGc0TXpjME9UZzBMQ0p6WldOMWNtVkRiMjV1WldOMGFXOXVVM1JoY25RaU9qQXNJbkpsY1hWbGMzUlRkR0Z5ZENJNk1UVXpNREE0T0RNM05EazROQ3dpY21WemNHOXVjMlZUZEdGeWRDSTZNVFV6TURBNE9ETTNOVEF5TlN3aWNtVnpjRzl1YzJWRmJtUWlPakUxTXpBd09EZ3pOelV3TWpZc0ltUnZiVXh2WVdScGJtY2lPakUxTXpBd09EZ3pOelV3TWpjc0ltUnZiVWx1ZEdWeVlXTjBhWFpsSWpvd0xDSmtiMjFEYjI1MFpXNTBURzloWkdWa1JYWmxiblJUZEdGeWRDSTZNQ3dpWkc5dFEyOXVkR1Z1ZEV4dllXUmxaRVYyWlc1MFJXNWtJam93TENKa2IyMURiMjF3YkdWMFpTSTZNQ3dpYkc5aFpFVjJaVzUwVTNSaGNuUWlPakFzSW14dllXUkZkbVZ1ZEVWdVpDSTZNSDAqWhEKBXNfdHJrEgh7VFJfS0VZfVoOCgd2ZXJzaW9uEgMwMDOiARCweEO0eeQR6KbpACWQyCQ38gEHYWRjb21ib_oBBGxvYWSCAgZBMkQ0RkaKAgh7VFJfS0VZfQ** HTTP 302
- http://sync.user-grey.com/?src=gp3&s_data=CAIQARi3l83ZBVoOCgVldmVudBIFc3RhcnRaEQoIb2ZmZXJfaWQSBTE0NzQwWlYKCXBhZ2VfZXN1YhJJLTdFQkJRQ1FNZmFlRzFwQUVEN0U0RGxEa3pxem15ZXpDaEJBUFNMQUFDRVEwS0VRVWlFUWxDQjI1c01RQUFmMkZrWTI5dFltOFoQCgdwYWdlX2lkEgUzMTY2NloXCglwYWdlX3R5cGUSCnByZWxhbmRpbmdazgUKCXJhd2RhdGE2NBLABWV5SnVZWFpwWjJGMGFXOXVVM1JoY25RaU9qRTFNekF3T0Rnek56UTVNemNzSW5WdWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0luVnViRzloWkVWMlpXNTBSVzVrSWpvd0xDSnlaV1JwY21WamRGTjBZWEowSWpvd0xDSnlaV1JwY21WamRFVnVaQ0k2TUN3aVptVjBZMmhUZEdGeWRDSTZNVFV6TURBNE9ETTNOVEF5Tml3aVpHOXRZV2x1VEc5dmEzVndVM1JoY25RaU9qRTFNekF3T0Rnek56UTVOallzSW1SdmJXRnBia3h2YjJ0MWNFVnVaQ0k2TVRVek1EQTRPRE0zTkRrM09Dd2lZMjl1Ym1WamRGTjBZWEowSWpveE5UTXdNRGc0TXpjME9UYzRMQ0pqYjI1dVpXTjBSVzVrSWpveE5UTXdNRGc0TXpjME9UZzBMQ0p6WldOMWNtVkRiMjV1WldOMGFXOXVVM1JoY25RaU9qQXNJbkpsY1hWbGMzUlRkR0Z5ZENJNk1UVXpNREE0T0RNM05EazROQ3dpY21WemNHOXVjMlZUZEdGeWRDSTZNVFV6TURBNE9ETTNOVEF5TlN3aWNtVnpjRzl1YzJWRmJtUWlPakUxTXpBd09EZ3pOelV3TWpZc0ltUnZiVXh2WVdScGJtY2lPakUxTXpBd09EZ3pOelV3TWpjc0ltUnZiVWx1ZEdWeVlXTjBhWFpsSWpvd0xDSmtiMjFEYjI1MFpXNTBURzloWkdWa1JYWmxiblJUZEdGeWRDSTZNQ3dpWkc5dFEyOXVkR1Z1ZEV4dllXUmxaRVYyWlc1MFJXNWtJam93TENKa2IyMURiMjF3YkdWMFpTSTZNQ3dpYkc5aFpFVjJaVzUwVTNSaGNuUWlPakFzSW14dllXUkZkbVZ1ZEVWdVpDSTZNSDAqWhEKBXNfdHJrEgh7VFJfS0VZfVoOCgd2ZXJzaW9uEgMwMDOiARCweEO0eeQR6KbpACWQyCQ38gEHYWRjb21ib_oBBGxvYWSCAgZBMkQ0RkaKAgh7VFJfS0VZfQ**
- https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.user-clicks.com%2F%3Fsrc%3Dgp3%26cmp%3Dadcombo%26cid%3DA2D4FF%26act%3Dload%26event%3Dmatch%26uid%3D%24UID&rawdata64=eyJuYXZpZ2F0aW9uU3RhcnQiOjE1MzAwODgzNzQ5MzcsInVubG9hZEV2ZW50U3RhcnQiOjAsInVubG9hZEV2ZW50RW5kIjowLCJyZWRpcmVjdFN0YXJ0IjowLCJyZWRpcmVjdEVuZCI6MCwiZmV0Y2hTdGFydCI6MTUzMDA4ODM3NTAyNiwiZG9tYWluTG9va3VwU3RhcnQiOjE1MzAwODgzNzQ5NjYsImRvbWFpbkxvb2t1cEVuZCI6MTUzMDA4ODM3NDk3OCwiY29ubmVjdFN0YXJ0IjoxNTMwMDg4Mzc0OTc4LCJjb25uZWN0RW5kIjoxNTMwMDg4Mzc0OTg0LCJzZWN1cmVDb25uZWN0aW9uU3RhcnQiOjAsInJlcXVlc3RTdGFydCI6MTUzMDA4ODM3NDk4NCwicmVzcG9uc2VTdGFydCI6MTUzMDA4ODM3NTAyNSwicmVzcG9uc2VFbmQiOjE1MzAwODgzNzUwMjYsImRvbUxvYWRpbmciOjE1MzAwODgzNzUwMjcsImRvbUludGVyYWN0aXZlIjowLCJkb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCI6MCwiZG9tQ29udGVudExvYWRlZEV2ZW50RW5kIjowLCJkb21Db21wbGV0ZSI6MCwibG9hZEV2ZW50U3RhcnQiOjAsImxvYWRFdmVudEVuZCI6MH0*&offer_id=14740&page_type=prelanding&page_id=31666&page_esub=-7EBBQCQMfaeG1pAED7E4DlDkzqzmyezChBAPSLAACEQ0KEQUiEQlCB25sMQAAf2FkY29tYm8&version=003 HTTP 302
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.user-clicks.com%252F%253Fsrc%253Dgp3%2526cmp%253Dadcombo%2526cid%253DA2D4FF%2526act%253Dload%2526event%253Dmatch%2526uid%253D%2524UID%26rawdata64%3DeyJuYXZpZ2F0aW9uU3RhcnQiOjE1MzAwODgzNzQ5MzcsInVubG9hZEV2ZW50U3RhcnQiOjAsInVubG9hZEV2ZW50RW5kIjowLCJyZWRpcmVjdFN0YXJ0IjowLCJyZWRpcmVjdEVuZCI6MCwiZmV0Y2hTdGFydCI6MTUzMDA4ODM3NTAyNiwiZG9tYWluTG9va3VwU3RhcnQiOjE1MzAwODgzNzQ5NjYsImRvbWFpbkxvb2t1cEVuZCI6MTUzMDA4ODM3NDk3OCwiY29ubmVjdFN0YXJ0IjoxNTMwMDg4Mzc0OTc4LCJjb25uZWN0RW5kIjoxNTMwMDg4Mzc0OTg0LCJzZWN1cmVDb25uZWN0aW9uU3RhcnQiOjAsInJlcXVlc3RTdGFydCI6MTUzMDA4ODM3NDk4NCwicmVzcG9uc2VTdGFydCI6MTUzMDA4ODM3NTAyNSwicmVzcG9uc2VFbmQiOjE1MzAwODgzNzUwMjYsImRvbUxvYWRpbmciOjE1MzAwODgzNzUwMjcsImRvbUludGVyYWN0aXZlIjowLCJkb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCI6MCwiZG9tQ29udGVudExvYWRlZEV2ZW50RW5kIjowLCJkb21Db21wbGV0ZSI6MCwibG9hZEV2ZW50U3RhcnQiOjAsImxvYWRFdmVudEVuZCI6MH0%2A%26offer_id%3D14740%26page_type%3Dprelanding%26page_id%3D31666%26page_esub%3D-7EBBQCQMfaeG1pAED7E4DlDkzqzmyezChBAPSLAACEQ0KEQUiEQlCB25sMQAAf2FkY29tYm8%26version%3D003 HTTP 302
- https://sync.user-clicks.com/?src=gp3&cmp=adcombo&cid=A2D4FF&act=load&event=match&uid=7420532173507311570&rawdata64=eyJuYXZpZ2F0aW9uU3RhcnQiOjE1MzAwODgzNzQ5MzcsInVubG9hZEV2ZW50U3RhcnQiOjAsInVubG9hZEV2ZW50RW5kIjowLCJyZWRpcmVjdFN0YXJ0IjowLCJyZWRpcmVjdEVuZCI6MCwiZmV0Y2hTdGFydCI6MTUzMDA4ODM3NTAyNiwiZG9tYWluTG9va3VwU3RhcnQiOjE1MzAwODgzNzQ5NjYsImRvbWFpbkxvb2t1cEVuZCI6MTUzMDA4ODM3NDk3OCwiY29ubmVjdFN0YXJ0IjoxNTMwMDg4Mzc0OTc4LCJjb25uZWN0RW5kIjoxNTMwMDg4Mzc0OTg0LCJzZWN1cmVDb25uZWN0aW9uU3RhcnQiOjAsInJlcXVlc3RTdGFydCI6MTUzMDA4ODM3NDk4NCwicmVzcG9uc2VTdGFydCI6MTUzMDA4ODM3NTAyNSwicmVzcG9uc2VFbmQiOjE1MzAwODgzNzUwMjYsImRvbUxvYWRpbmciOjE1MzAwODgzNzUwMjcsImRvbUludGVyYWN0aXZlIjowLCJkb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCI6MCwiZG9tQ29udGVudExvYWRlZEV2ZW50RW5kIjowLCJkb21Db21wbGV0ZSI6MCwibG9hZEV2ZW50U3RhcnQiOjAsImxvYWRFdmVudEVuZCI6MH0*&offer_id=14740&page_type=prelanding&page_id=31666&page_esub=-7EBBQCQMfaeG1pAED7E4DlDkzqzmyezChBAPSLAACEQ0KEQUiEQlCB25sMQAAf2FkY29tYm8&version=003 HTTP 302
- https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi3l83ZBVIFybie7ARaDgoFZXZlbnQSBW1hdGNoWhEKCG9mZmVyX2lkEgUxNDc0MFpWCglwYWdlX2VzdWISSS03RUJCUUNRTWZhZUcxcEFFRDdFNERsRGt6cXpteWV6Q2hCQVBTTEFBQ0VRMEtFUVVpRVFsQ0IyNXNNUUFBZjJGa1kyOXRZbThaEAoHcGFnZV9pZBIFMzE2NjZaFwoJcGFnZV90eXBlEgpwcmVsYW5kaW5nWs4FCglyYXdkYXRhNjQSwAVleUp1WVhacFoyRjBhVzl1VTNSaGNuUWlPakUxTXpBd09EZ3pOelE1TXpjc0luVnViRzloWkVWMlpXNTBVM1JoY25RaU9qQXNJblZ1Ykc5aFpFVjJaVzUwUlc1a0lqb3dMQ0p5WldScGNtVmpkRk4wWVhKMElqb3dMQ0p5WldScGNtVmpkRVZ1WkNJNk1Dd2labVYwWTJoVGRHRnlkQ0k2TVRVek1EQTRPRE0zTlRBeU5pd2laRzl0WVdsdVRHOXZhM1Z3VTNSaGNuUWlPakUxTXpBd09EZ3pOelE1TmpZc0ltUnZiV0ZwYmt4dmIydDFjRVZ1WkNJNk1UVXpNREE0T0RNM05EazNPQ3dpWTI5dWJtVmpkRk4wWVhKMElqb3hOVE13TURnNE16YzBPVGM0TENKamIyNXVaV04wUlc1a0lqb3hOVE13TURnNE16YzBPVGcwTENKelpXTjFjbVZEYjI1dVpXTjBhVzl1VTNSaGNuUWlPakFzSW5KbGNYVmxjM1JUZEdGeWRDSTZNVFV6TURBNE9ETTNORGs0TkN3aWNtVnpjRzl1YzJWVGRHRnlkQ0k2TVRVek1EQTRPRE0zTlRBeU5Td2ljbVZ6Y0c5dWMyVkZibVFpT2pFMU16QXdPRGd6TnpVd01qWXNJbVJ2YlV4dllXUnBibWNpT2pFMU16QXdPRGd6TnpVd01qY3NJbVJ2YlVsdWRHVnlZV04wYVhabElqb3dMQ0prYjIxRGIyNTBaVzUwVEc5aFpHVmtSWFpsYm5SVGRHRnlkQ0k2TUN3aVpHOXRRMjl1ZEdWdWRFeHZZV1JsWkVWMlpXNTBSVzVrSWpvd0xDSmtiMjFEYjIxd2JHVjBaU0k2TUN3aWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0lteHZZV1JGZG1WdWRFVnVaQ0k2TUgwKloaCgN1aWQSEzc0MjA1MzIxNzM1MDczMTE1NzBaDgoHdmVyc2lvbhIDMDAz8gEHYWRjb21ib_oBBGxvYWSCAgZBMkQ0RkY* HTTP 302
- https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARi3l83ZBVIFybie7ARaDgoFZXZlbnQSBW1hdGNoWhEKCG9mZmVyX2lkEgUxNDc0MFpWCglwYWdlX2VzdWISSS03RUJCUUNRTWZhZUcxcEFFRDdFNERsRGt6cXpteWV6Q2hCQVBTTEFBQ0VRMEtFUVVpRVFsQ0IyNXNNUUFBZjJGa1kyOXRZbThaEAoHcGFnZV9pZBIFMzE2NjZaFwoJcGFnZV90eXBlEgpwcmVsYW5kaW5nWs4FCglyYXdkYXRhNjQSwAVleUp1WVhacFoyRjBhVzl1VTNSaGNuUWlPakUxTXpBd09EZ3pOelE1TXpjc0luVnViRzloWkVWMlpXNTBVM1JoY25RaU9qQXNJblZ1Ykc5aFpFVjJaVzUwUlc1a0lqb3dMQ0p5WldScGNtVmpkRk4wWVhKMElqb3dMQ0p5WldScGNtVmpkRVZ1WkNJNk1Dd2labVYwWTJoVGRHRnlkQ0k2TVRVek1EQTRPRE0zTlRBeU5pd2laRzl0WVdsdVRHOXZhM1Z3VTNSaGNuUWlPakUxTXpBd09EZ3pOelE1TmpZc0ltUnZiV0ZwYmt4dmIydDFjRVZ1WkNJNk1UVXpNREE0T0RNM05EazNPQ3dpWTI5dWJtVmpkRk4wWVhKMElqb3hOVE13TURnNE16YzBPVGM0TENKamIyNXVaV04wUlc1a0lqb3hOVE13TURnNE16YzBPVGcwTENKelpXTjFjbVZEYjI1dVpXTjBhVzl1VTNSaGNuUWlPakFzSW5KbGNYVmxjM1JUZEdGeWRDSTZNVFV6TURBNE9ETTNORGs0TkN3aWNtVnpjRzl1YzJWVGRHRnlkQ0k2TVRVek1EQTRPRE0zTlRBeU5Td2ljbVZ6Y0c5dWMyVkZibVFpT2pFMU16QXdPRGd6TnpVd01qWXNJbVJ2YlV4dllXUnBibWNpT2pFMU16QXdPRGd6TnpVd01qY3NJbVJ2YlVsdWRHVnlZV04wYVhabElqb3dMQ0prYjIxRGIyNTBaVzUwVEc5aFpHVmtSWFpsYm5SVGRHRnlkQ0k2TUN3aVpHOXRRMjl1ZEdWdWRFeHZZV1JsWkVWMlpXNTBSVzVrSWpvd0xDSmtiMjFEYjIxd2JHVjBaU0k2TUN3aWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0lteHZZV1JGZG1WdWRFVnVaQ0k2TUgwKloaCgN1aWQSEzc0MjA1MzIxNzM1MDczMTE1NzBaDgoHdmVyc2lvbhIDMDAzogEQsGqkZnnkEeig1wAlkORcOPIBB2FkY29tYm_6AQRsb2FkggIGQTJENEZG HTTP 302
- https://sync.user-clicks.com/?src=gp3&s_data=CAIQABi3l83ZBVoOCgVldmVudBIFbWF0Y2haEQoIb2ZmZXJfaWQSBTE0NzQwWlYKCXBhZ2VfZXN1YhJJLTdFQkJRQ1FNZmFlRzFwQUVEN0U0RGxEa3pxem15ZXpDaEJBUFNMQUFDRVEwS0VRVWlFUWxDQjI1c01RQUFmMkZrWTI5dFltOFoQCgdwYWdlX2lkEgUzMTY2NloXCglwYWdlX3R5cGUSCnByZWxhbmRpbmdazgUKCXJhd2RhdGE2NBLABWV5SnVZWFpwWjJGMGFXOXVVM1JoY25RaU9qRTFNekF3T0Rnek56UTVNemNzSW5WdWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0luVnViRzloWkVWMlpXNTBSVzVrSWpvd0xDSnlaV1JwY21WamRGTjBZWEowSWpvd0xDSnlaV1JwY21WamRFVnVaQ0k2TUN3aVptVjBZMmhUZEdGeWRDSTZNVFV6TURBNE9ETTNOVEF5Tml3aVpHOXRZV2x1VEc5dmEzVndVM1JoY25RaU9qRTFNekF3T0Rnek56UTVOallzSW1SdmJXRnBia3h2YjJ0MWNFVnVaQ0k2TVRVek1EQTRPRE0zTkRrM09Dd2lZMjl1Ym1WamRGTjBZWEowSWpveE5UTXdNRGc0TXpjME9UYzRMQ0pqYjI1dVpXTjBSVzVrSWpveE5UTXdNRGc0TXpjME9UZzBMQ0p6WldOMWNtVkRiMjV1WldOMGFXOXVVM1JoY25RaU9qQXNJbkpsY1hWbGMzUlRkR0Z5ZENJNk1UVXpNREE0T0RNM05EazROQ3dpY21WemNHOXVjMlZUZEdGeWRDSTZNVFV6TURBNE9ETTNOVEF5TlN3aWNtVnpjRzl1YzJWRmJtUWlPakUxTXpBd09EZ3pOelV3TWpZc0ltUnZiVXh2WVdScGJtY2lPakUxTXpBd09EZ3pOelV3TWpjc0ltUnZiVWx1ZEdWeVlXTjBhWFpsSWpvd0xDSmtiMjFEYjI1MFpXNTBURzloWkdWa1JYWmxiblJUZEdGeWRDSTZNQ3dpWkc5dFEyOXVkR1Z1ZEV4dllXUmxaRVYyWlc1MFJXNWtJam93TENKa2IyMURiMjF3YkdWMFpTSTZNQ3dpYkc5aFpFVjJaVzUwVTNSaGNuUWlPakFzSW14dllXUkZkbVZ1ZEVWdVpDSTZNSDAqWhoKA3VpZBITNzQyMDUzMjE3MzUwNzMxMTU3MFoOCgd2ZXJzaW9uEgMwMDOiARCwaqRmeeQR6KDXACWQ5Fw48gEHYWRjb21ib_oBBGxvYWSCAgZBMkQ0RkY* HTTP 302
- https://sync.user-clicks.com/?src=gp3&s_data=CAIQARi3l83ZBVoOCgVldmVudBIFbWF0Y2haEQoIb2ZmZXJfaWQSBTE0NzQwWlYKCXBhZ2VfZXN1YhJJLTdFQkJRQ1FNZmFlRzFwQUVEN0U0RGxEa3pxem15ZXpDaEJBUFNMQUFDRVEwS0VRVWlFUWxDQjI1c01RQUFmMkZrWTI5dFltOFoQCgdwYWdlX2lkEgUzMTY2NloXCglwYWdlX3R5cGUSCnByZWxhbmRpbmdazgUKCXJhd2RhdGE2NBLABWV5SnVZWFpwWjJGMGFXOXVVM1JoY25RaU9qRTFNekF3T0Rnek56UTVNemNzSW5WdWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0luVnViRzloWkVWMlpXNTBSVzVrSWpvd0xDSnlaV1JwY21WamRGTjBZWEowSWpvd0xDSnlaV1JwY21WamRFVnVaQ0k2TUN3aVptVjBZMmhUZEdGeWRDSTZNVFV6TURBNE9ETTNOVEF5Tml3aVpHOXRZV2x1VEc5dmEzVndVM1JoY25RaU9qRTFNekF3T0Rnek56UTVOallzSW1SdmJXRnBia3h2YjJ0MWNFVnVaQ0k2TVRVek1EQTRPRE0zTkRrM09Dd2lZMjl1Ym1WamRGTjBZWEowSWpveE5UTXdNRGc0TXpjME9UYzRMQ0pqYjI1dVpXTjBSVzVrSWpveE5UTXdNRGc0TXpjME9UZzBMQ0p6WldOMWNtVkRiMjV1WldOMGFXOXVVM1JoY25RaU9qQXNJbkpsY1hWbGMzUlRkR0Z5ZENJNk1UVXpNREE0T0RNM05EazROQ3dpY21WemNHOXVjMlZUZEdGeWRDSTZNVFV6TURBNE9ETTNOVEF5TlN3aWNtVnpjRzl1YzJWRmJtUWlPakUxTXpBd09EZ3pOelV3TWpZc0ltUnZiVXh2WVdScGJtY2lPakUxTXpBd09EZ3pOelV3TWpjc0ltUnZiVWx1ZEdWeVlXTjBhWFpsSWpvd0xDSmtiMjFEYjI1MFpXNTBURzloWkdWa1JYWmxiblJUZEdGeWRDSTZNQ3dpWkc5dFEyOXVkR1Z1ZEV4dllXUmxaRVYyWlc1MFJXNWtJam93TENKa2IyMURiMjF3YkdWMFpTSTZNQ3dpYkc5aFpFVjJaVzUwVTNSaGNuUWlPakFzSW14dllXUkZkbVZ1ZEVWdVpDSTZNSDAqWhoKA3VpZBITNzQyMDUzMjE3MzUwNzMxMTU3MFoOCgd2ZXJzaW9uEgMwMDOiARCwaqRmeeQR6KDXACWQ5Fw48gEHYWRjb21ib_oBBGxvYWSCAgZBMkQ0RkY*
- http://sync.user-grey.com/?src=gp3&cid=A2D4FF&cmp=adcombo&act=load&event=domload&s_trk={TR_KEY}&rawdata64=eyJuYXZpZ2F0aW9uU3RhcnQiOjE1MzAwODgzNzQ5MzcsInVubG9hZEV2ZW50U3RhcnQiOjAsInVubG9hZEV2ZW50RW5kIjowLCJyZWRpcmVjdFN0YXJ0IjowLCJyZWRpcmVjdEVuZCI6MCwiZmV0Y2hTdGFydCI6MTUzMDA4ODM3NTAyNiwiZG9tYWluTG9va3VwU3RhcnQiOjE1MzAwODgzNzQ5NjYsImRvbWFpbkxvb2t1cEVuZCI6MTUzMDA4ODM3NDk3OCwiY29ubmVjdFN0YXJ0IjoxNTMwMDg4Mzc0OTc4LCJjb25uZWN0RW5kIjoxNTMwMDg4Mzc0OTg0LCJzZWN1cmVDb25uZWN0aW9uU3RhcnQiOjAsInJlcXVlc3RTdGFydCI6MTUzMDA4ODM3NDk4NCwicmVzcG9uc2VTdGFydCI6MTUzMDA4ODM3NTAyNSwicmVzcG9uc2VFbmQiOjE1MzAwODgzNzUwMjYsImRvbUxvYWRpbmciOjE1MzAwODgzNzUwMjcsImRvbUludGVyYWN0aXZlIjoxNTMwMDg4Mzc1MTg5LCJkb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCI6MTUzMDA4ODM3NTE4OSwiZG9tQ29udGVudExvYWRlZEV2ZW50RW5kIjowLCJkb21Db21wbGV0ZSI6MCwibG9hZEV2ZW50U3RhcnQiOjAsImxvYWRFdmVudEVuZCI6MH0*&offer_id=14740&page_type=prelanding&page_id=31666&page_esub=-7EBBQCQMfaeG1pAED7E4DlDkzqzmyezChBAPSLAACEQ0KEQUiEQlCB25sMQAAf2FkY29tYm8&version=003 HTTP 302
- http://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi3l83ZBVIFyaDIuQ1aEAoFZXZlbnQSB2RvbWxvYWRaEQoIb2ZmZXJfaWQSBTE0NzQwWlYKCXBhZ2VfZXN1YhJJLTdFQkJRQ1FNZmFlRzFwQUVEN0U0RGxEa3pxem15ZXpDaEJBUFNMQUFDRVEwS0VRVWlFUWxDQjI1c01RQUFmMkZrWTI5dFltOFoQCgdwYWdlX2lkEgUzMTY2NloXCglwYWdlX3R5cGUSCnByZWxhbmRpbmda7gUKCXJhd2RhdGE2NBLgBWV5SnVZWFpwWjJGMGFXOXVVM1JoY25RaU9qRTFNekF3T0Rnek56UTVNemNzSW5WdWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0luVnViRzloWkVWMlpXNTBSVzVrSWpvd0xDSnlaV1JwY21WamRGTjBZWEowSWpvd0xDSnlaV1JwY21WamRFVnVaQ0k2TUN3aVptVjBZMmhUZEdGeWRDSTZNVFV6TURBNE9ETTNOVEF5Tml3aVpHOXRZV2x1VEc5dmEzVndVM1JoY25RaU9qRTFNekF3T0Rnek56UTVOallzSW1SdmJXRnBia3h2YjJ0MWNFVnVaQ0k2TVRVek1EQTRPRE0zTkRrM09Dd2lZMjl1Ym1WamRGTjBZWEowSWpveE5UTXdNRGc0TXpjME9UYzRMQ0pqYjI1dVpXTjBSVzVrSWpveE5UTXdNRGc0TXpjME9UZzBMQ0p6WldOMWNtVkRiMjV1WldOMGFXOXVVM1JoY25RaU9qQXNJbkpsY1hWbGMzUlRkR0Z5ZENJNk1UVXpNREE0T0RNM05EazROQ3dpY21WemNHOXVjMlZUZEdGeWRDSTZNVFV6TURBNE9ETTNOVEF5TlN3aWNtVnpjRzl1YzJWRmJtUWlPakUxTXpBd09EZ3pOelV3TWpZc0ltUnZiVXh2WVdScGJtY2lPakUxTXpBd09EZ3pOelV3TWpjc0ltUnZiVWx1ZEdWeVlXTjBhWFpsSWpveE5UTXdNRGc0TXpjMU1UZzVMQ0prYjIxRGIyNTBaVzUwVEc5aFpHVmtSWFpsYm5SVGRHRnlkQ0k2TVRVek1EQTRPRE0zTlRFNE9Td2laRzl0UTI5dWRHVnVkRXh2WVdSbFpFVjJaVzUwUlc1a0lqb3dMQ0prYjIxRGIyMXdiR1YwWlNJNk1Dd2liRzloWkVWMlpXNTBVM1JoY25RaU9qQXNJbXh2WVdSRmRtVnVkRVZ1WkNJNk1IMCpaEQoFc190cmsSCHtUUl9LRVl9Wg4KB3ZlcnNpb24SAzAwM_IBB2FkY29tYm_6AQRsb2FkggIGQTJENEZGigIIe1RSX0tFWX0* HTTP 302
- http://sync.user-grey.com/?src=gp3&s_data=CAIQABi3l83ZBVoQCgVldmVudBIHZG9tbG9hZFoRCghvZmZlcl9pZBIFMTQ3NDBaVgoJcGFnZV9lc3ViEkktN0VCQlFDUU1mYWVHMXBBRUQ3RTREbERrenF6bXllekNoQkFQU0xBQUNFUTBLRVFVaUVRbENCMjVzTVFBQWYyRmtZMjl0WW04WhAKB3BhZ2VfaWQSBTMxNjY2WhcKCXBhZ2VfdHlwZRIKcHJlbGFuZGluZ1ruBQoJcmF3ZGF0YTY0EuAFZXlKdVlYWnBaMkYwYVc5dVUzUmhjblFpT2pFMU16QXdPRGd6TnpRNU16Y3NJblZ1Ykc5aFpFVjJaVzUwVTNSaGNuUWlPakFzSW5WdWJHOWhaRVYyWlc1MFJXNWtJam93TENKeVpXUnBjbVZqZEZOMFlYSjBJam93TENKeVpXUnBjbVZqZEVWdVpDSTZNQ3dpWm1WMFkyaFRkR0Z5ZENJNk1UVXpNREE0T0RNM05UQXlOaXdpWkc5dFlXbHVURzl2YTNWd1UzUmhjblFpT2pFMU16QXdPRGd6TnpRNU5qWXNJbVJ2YldGcGJreHZiMnQxY0VWdVpDSTZNVFV6TURBNE9ETTNORGszT0N3aVkyOXVibVZqZEZOMFlYSjBJam94TlRNd01EZzRNemMwT1RjNExDSmpiMjV1WldOMFJXNWtJam94TlRNd01EZzRNemMwT1RnMExDSnpaV04xY21WRGIyNXVaV04wYVc5dVUzUmhjblFpT2pBc0luSmxjWFZsYzNSVGRHRnlkQ0k2TVRVek1EQTRPRE0zTkRrNE5Dd2ljbVZ6Y0c5dWMyVlRkR0Z5ZENJNk1UVXpNREE0T0RNM05UQXlOU3dpY21WemNHOXVjMlZGYm1RaU9qRTFNekF3T0Rnek56VXdNallzSW1SdmJVeHZZV1JwYm1jaU9qRTFNekF3T0Rnek56VXdNamNzSW1SdmJVbHVkR1Z5WVdOMGFYWmxJam94TlRNd01EZzRNemMxTVRnNUxDSmtiMjFEYjI1MFpXNTBURzloWkdWa1JYWmxiblJUZEdGeWRDSTZNVFV6TURBNE9ETTNOVEU0T1N3aVpHOXRRMjl1ZEdWdWRFeHZZV1JsWkVWMlpXNTBSVzVrSWpvd0xDSmtiMjFEYjIxd2JHVjBaU0k2TUN3aWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0lteHZZV1JGZG1WdWRFVnVaQ0k2TUgwKloRCgVzX3RyaxIIe1RSX0tFWX1aDgoHdmVyc2lvbhIDMDAzogEQsHhDtHnkEeim6QAlkMgkN_IBB2FkY29tYm_6AQRsb2FkggIGQTJENEZGigIIe1RSX0tFWX0*
29 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
 Cookie set
/
pefwfw.pro/azffrgtvqv/VigcrHRzKhi1yjb/ Redirect Chain
|
23 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1.12.4.min.js
dadbab.info/content/shared/js/ |
95 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pix_o_ea3eca5a7bb34ce8deb4fdf6904e8b45.js
static.user-grey.com/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
placeholders-3.0.2.min.js
dadbab.info/content/shared/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
moment-with-locales-2.18.1.min.js
dadbab.info/content/shared/js/ |
243 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dr-dtime.js
dadbab.info/content/shared/js/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
order_me.js
dadbab.info/content/shared/js/ |
378 B 813 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
order_me.css
dadbab.info/content/shared/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
validation.js
dadbab.info/content/shared/js/ |
46 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
video_avid.js
dadbab.info/content/shared/js/ |
318 B 753 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
dadbab.info/content/VigcrHRzKhi1yjb/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.js
dadbab.info/content/VigcrHRzKhi1yjb/js/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
radar-scanner.gif
dadbab.info/content/VigcrHRzKhi1yjb/img/ |
100 KB 101 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
js.cookie.js
dadbab.info/content/shared/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
history.ielte7.min.js
dadbab.info/content/shared/js/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
sawpp.gif
user-actrk.com/trk/ |
0 93 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
conversion.js
www.googleadservices.com/pagead/ |
18 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
sync.user-grey.com/ Redirect Chain
|
43 B 434 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
sync.user-clicks.com/ Redirect Chain
|
43 B 434 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/513516174/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
css
fonts.googleapis.com/ |
7 KB 804 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
02.jpg
dadbab.info/content/VigcrHRzKhi1yjb/img/ |
79 KB 80 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
01.jpg
dadbab.info/content/VigcrHRzKhi1yjb/img/ |
57 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
e.js
sync.users-api.com/ |
64 B 364 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
sync.user-grey.com/ Redirect Chain
|
43 B 434 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.com/ads/user-lists/513516174/ |
42 B 116 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.de/ads/user-lists/513516174/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
track.gif
xl-trk.com/ |
0 136 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
sync.user-grey.com/ |
43 B 434 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
88 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| acrum_extra object| img string| lang_locale string| ccode string| ip_ccode boolean| iew function| $ function| jQuery object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_remarketing_for_search object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions object| Placeholders function| moment function| dtimes function| dtime function| dtime_nums object| months_localized object| days_localized object| phone_config object| defaults function| set_package_prices function| checkTimeZone function| setBrowser function| sendPhoneOrder function| cancelEvent function| RemoveUnload function| showLoader function| hideLoader function| sendOrderData function| renderQueryVariable function| move_next function| onEtag function| getParameterByName function| hide_warn function| Cookies function| get_params boolean| g_popupShown boolean| popup_tried function| show_pushwru_show object| jQuery1113005047013129870015 object| Unloader string| model string| browser string| brand string| appname boolean| s_trk number| hours boolean| domain_has_valid_cert boolean| show_gdpr_warning boolean| sawpp string| __sc_int_uid4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| pefwfw.pro/ | Name: previous_uniq Value: 1530088374 |
|
| pefwfw.pro/ | Name: offer_id_14740 Value: 1 |
|
| pefwfw.pro/ | Name: offer_14740_user_id Value: 20204 |
|
| pefwfw.pro/azffrgtvqv/VigcrHRzKhi1yjb | Name: randDate Value: 1527582775136 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dadbab.info
fonts.googleapis.com
googleads.g.doubleclick.net
gurfv.pro
ib.adnxs.com
pefwfw.pro
static.user-grey.com
sync.user-clicks.com
sync.user-grey.com
sync.users-api.com
sync3.adsniper.ru
user-actrk.com
www.google.com
www.google.de
www.googleadservices.com
xl-trk.com
185.33.223.215
216.58.207.66
2a00:1450:4001:816::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:820::2003
2a00:1450:4001:820::2004
2a03:90c0:9997::9997
31.172.81.158
31.172.81.159
31.172.81.160
31.172.81.172
31.172.81.242
88.208.41.102
91.228.153.25
91.228.153.90
00e0cb554dee87c741056db50f85509618811c28f4aa11b64ccd1920ace77144
079e99f427639d8e64efe4e797ee7814221f9014500b5bc5b3a7ad4928b692d6
0b505dd9bda8be866af003e4ba92003ba8dfb1284a8ca4898d71866b58dbf072
21d5dee4480dfdcee7fa915428a5593f4d99e390e70a479e0f688235e3240ea4
2addcc6d9c36be2a231a1e9830cc0a39a5152de989e7be9ca7099dd4ed7128fd
3d49fc411601b1a0a5ae9215d2da55472d01393cf9fb1e588cb5eb94aa2efb1e
49f65742f6167cc912833226339d4eb7e129c1118a81c34dfc6db04ea0f505d9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a423b0df260fa67d26563563e00c2000944ac7aafceb7448eb303705168688e
5be8a155a939619246dbf2bf2d966768becb1f1bb4765d166fd968efbb675440
80c3bdf4400ab2bd4a9dc1f1bc0fa3c2409ce594a96ad8c79478805b15bbd139
852449c339b75e7d52bcf85c691a250867c6427d0b7fcabfbb54f31fea37dad5
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
b6fa0fbbfaf5ce5dc4b1aaa8fbad93c6621120143c8e332f16d0f01a60a8dd24
babf6fd29c079790cc4d522f66f21af7c099e981080ddf11b5344b12b904e8a5
c0f3f8140331c77c21f89dd510641a1d3c89d2bd8ffec94a7ae2f1e1375efe93
c7019cba2004ebe060ca044a6de3c7013f0b8a46871b6cd4aad62200686fd317
d184002ecc00d65df4d74ae6dda26168934a2e35d8f6b9a61e95f0e63949ccbd
df20b52b06f482d9612cd5ea4dcd0c385cd49519bab63a4393545328757f8ce0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4ecd6c0c2635ffeaebe364c58e660e19914f2df250cfebdd724c8f216fa083e
fe9463166b41b5b741f0e18f2011687617754aa89395f9ca984a0888ba6a3a05
ff65a0e93299b4afe916cdbfa41fa478fdd9a69b7e35e9fdf40ca632dfc41198