urlscan.io logo urlscan.io
SecurityTrails logo

tapeadsenjoyer.com Open in urlscan Pro
2606:4700:3033::ac43:9a26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Effective URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Submission: On February 04 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 18 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3033::ac43:9a26, located in United States and belongs to CLOUDFLARENET, US. The main domain is tapeadsenjoyer.com.
TLS certificate: Issued by GTS CA 1P5 on January 12th 2024. Valid for: 3 months.
This is the only time tapeadsenjoyer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 2606:4700:303... 13335 (CLOUDFLAR...)
1 173.0.146.27 7979 (SERVERS-COM)
3 139.45.197.242 9002 (RETN-AS)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 174.137.133.18 27257 (WEBAIR-IN...)
1 104.21.17.211 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 139.45.195.254 9002 (RETN-AS)
1 139.45.195.8 9002 (RETN-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 4 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2604:9e00:1:1... 27257 (WEBAIR-IN...)
2 2 216.18.168.29 29789 (REFLECTED)
1 1 216.18.168.28 29789 (REFLECTED)
1 2 68.169.106.40 30602 (ISPRIME)
1 1 18.232.14.170 ()
1 2606:4700:303... ()
1 174.137.133.17 ()
22 14
7    2606:4700:3033::ac43:9a26 (United States)

ASN13335 (CLOUDFLARENET, US)
tapeadsenjoyer.com
1    173.0.146.27 (United States)

ASN7979 (SERVERS-COM, US)
az.mniumlapsers.com
3    139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)
bygliscortor.com
2    2606:4700:3030::ac43:bf2a (United States)

ASN13335 (CLOUDFLARENET, US)
zimpolo.com
1    174.137.133.18 (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.popmonetizer.net
1    104.21.17.211 (None, )

ASN13335 (CLOUDFLARENET, US)
bytogeticr.com
1    2606:4700:3036::ac43:c134 (United States)

ASN13335 (CLOUDFLARENET, US)
tzegilo.com
1    139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)
fleraprt.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    2606:4700:10::6816:21ac (United States)

ASN13335 (CLOUDFLARENET, US)
offerimage.com
4    2606:4700:3034::6815:5e98 (United States)

ASN13335 (CLOUDFLARENET, US)
a.adforcast.com
1    2604:9e00:1:129::2:b10 (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.acertb.com
2    216.18.168.29 (United States)

ASN29789 (REFLECTED, US)
tfosrv.com
1    216.18.168.28 (United States)

ASN29789 (REFLECTED, US)
trafforsrv.com
2    68.169.106.40 (United States)

ASN30602 (ISPRIME, US)
s.pemsrv.com
1    18.232.14.170 (None, )

ASN- ()
whelesignevated.com
1    2606:4700:3037::6815:1f3d (None, )

ASN- ()
affair-next.com
1    174.137.133.17 (None, )

ASN- ()
xml.zeusadx.com
Apex Domain
Subdomains		 Transfer
7 tapeadsenjoyer.com
tapeadsenjoyer.com
74 KB
4 adforcast.com
a.adforcast.com — Cisco Umbrella Rank: 114697
2 KB
3 bygliscortor.com
bygliscortor.com — Cisco Umbrella Rank: 195644
36 KB
2 pemsrv.com
s.pemsrv.com — Cisco Umbrella Rank: 26522
7 KB
2 tfosrv.com
tfosrv.com — Cisco Umbrella Rank: 121380
1 KB
2 zimpolo.com
zimpolo.com — Cisco Umbrella Rank: 127876
909 B
1 zeusadx.com
xml.zeusadx.com
139 B
1 affair-next.com
affair-next.com
1 whelesignevated.com
whelesignevated.com
572 B
1 trafforsrv.com
trafforsrv.com — Cisco Umbrella Rank: 143732
417 B
1 acertb.com
xml.acertb.com — Cisco Umbrella Rank: 123065
224 B
1 offerimage.com
offerimage.com — Cisco Umbrella Rank: 37758
8 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11663
546 B
1 fleraprt.com
fleraprt.com — Cisco Umbrella Rank: 22359
488 B
1 tzegilo.com
tzegilo.com — Cisco Umbrella Rank: 23635
8 KB
1 bytogeticr.com
bytogeticr.com — Cisco Umbrella Rank: 45813
1 popmonetizer.net
xml.popmonetizer.net — Cisco Umbrella Rank: 116301
139 B
1 mniumlapsers.com
az.mniumlapsers.com — Cisco Umbrella Rank: 130164
1 KB
22 18
Domain Requested by
7 tapeadsenjoyer.com 1 redirects tapeadsenjoyer.com
4 a.adforcast.com 2 redirects tapeadsenjoyer.com
3 bygliscortor.com tapeadsenjoyer.com
bygliscortor.com
2 s.pemsrv.com 1 redirects
2 tfosrv.com 2 redirects
2 zimpolo.com 1 redirects tapeadsenjoyer.com
1 xml.zeusadx.com
1 affair-next.com s.pemsrv.com
1 whelesignevated.com 1 redirects
1 trafforsrv.com 1 redirects
1 xml.acertb.com 1 redirects
1 offerimage.com
1 my.rtmark.net bygliscortor.com
1 fleraprt.com tzegilo.com
1 tzegilo.com bygliscortor.com
1 bytogeticr.com bygliscortor.com
1 xml.popmonetizer.net tapeadsenjoyer.com
1 az.mniumlapsers.com tapeadsenjoyer.com
22 18

This site contains links to these domains. Also see Links.

Domain
streamtape.com
Subject Issuer Validity Valid
tapeadsenjoyer.com
GTS CA 1P5		 2024-01-12 -
2024-04-11		 3 months crt.sh
az.mniumlapsers.com
R3		 2023-12-13 -
2024-03-12		 3 months crt.sh
bygliscortor.com
R3		 2023-11-30 -
2024-02-28		 3 months crt.sh
zimpolo.com
GTS CA 1P5		 2023-12-26 -
2024-03-25		 3 months crt.sh
*.popmonetizer.net
Sectigo RSA Domain Validation Secure Server CA		 2024-01-12 -
2025-01-11		 a year crt.sh
bytogeticr.com
GTS CA 1P5		 2023-12-10 -
2024-03-09		 3 months crt.sh
tzegilo.com
GTS CA 1P5		 2024-01-31 -
2024-04-30		 3 months crt.sh
fleraprt.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-09 -
2025-01-13		 a year crt.sh
rtmark.net
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
adforcast.com
GTS CA 1P5		 2023-12-17 -
2024-03-16		 3 months crt.sh
pemsrv.com
R3		 2023-12-18 -
2024-03-17		 3 months crt.sh
affair-next.com
GTS CA 1P5		 2024-01-13 -
2024-04-12		 3 months crt.sh
*.zeusadx.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-23 -
2024-10-23		 a year crt.sh

This page contains 4 frames:

Primary Page: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Frame ID: 4A09AD22D670A77ADF40546E1FBAE4E7
Requests: 14 HTTP requests in this frame

Frame: https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
Frame ID: ECB085F74496F8C60D581D5325D870AC
Requests: 2 HTTP requests in this frame

Frame: https://affair-next.com/
Frame ID: 9FCB0D5F21179400C733DE7CF6B341B7
Requests: 3 HTTP requests in this frame

Frame: https://xml.zeusadx.com/redirect?feed=537084&auth=jIoTIN&pubid=163132
Frame ID: 16AF3A0C5577F2049A5C1200C563256C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://tapeadsenjoyer.com/e/4bdro9pz3xudxd HTTP 302
    https://tapeadsenjoyer.com/e/4bdro9pz3xudxd Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

39 %
IPv6

18
Domains

18
Subdomains

14
IPs

3
Countries

131 kB
Transfer

431 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tapeadsenjoyer.com/e/4bdro9pz3xudxd HTTP 302
    https://tapeadsenjoyer.com/e/4bdro9pz3xudxd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://zimpolo.com/load HTTP 302
  • https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
Request Chain 17
  • https://a.adforcast.com/load HTTP 302
  • https://xml.acertb.com/redirect?feed=571726&auth=zXdo8a&pubid=158935 HTTP 302
  • https://tfosrv.com/show_std.php?id_site=13111&id_channel=60781&uf=true HTTP 302
  • https://tfosrv.com/impression.php?channel_id=60781&id=4de90a62-f6ee-409e-87fe-ed0ee7035a7c%3Af6b5c3a6-19d3-41ba-b7fd-da994774e8d1&site_id=13111&uuid=d06762c9-744c-4d6c-9f95-46ad68e3e733 HTTP 302
  • https://trafforsrv.com/click.php?id=4de90a62-f6ee-409e-87fe-ed0ee7035a7c%3Af6b5c3a6-19d3-41ba-b7fd-da994774e8d1 HTTP 302
  • https://s.pemsrv.com/splash.php?idzone=5040978&type=8
Request Chain 18
  • https://s.pemsrv.com/splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fa.adforcast.com%2F&tested=1&check=c1c53a2d9af7fd09837429fcb54a913a&screen_resolution=1600x1200&container_resolution=1920x1080&iframe=1 HTTP 302
  • https://whelesignevated.com/ab3603f9-d789-42b4-ba15-b044eba2ff33?campaign=3726341&banner=88864880&domain=porn.com&site=515128&zone=5040978&category=508&src_hostname=porn.com&cost=0.5&tags=a,adforcast,com&sub_id={sub_id}&actual_cost=0.0005 HTTP 302
  • https://affair-next.com/
Request Chain 20
  • https://a.adforcast.com/load HTTP 302
  • https://xml.zeusadx.com/redirect?feed=537084&auth=jIoTIN&pubid=163132

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 4bdro9pz3xudxd
tapeadsenjoyer.com/e/
Redirect Chain
  • http://tapeadsenjoyer.com/e/4bdro9pz3xudxd
  • https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
192 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9a26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a49b34f8c486d9bcf82acfbe89baa4a9ac4d0a9e6405590a65960d5a38fbf0bb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
850629bd1f7f4bbb-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 04 Feb 2024 21:56:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVeNp2Ttdrq6wDxP166xWDJv7XAQsh6VlAnIIZdxAvIpVoqYk1c8VBX%2Bn9y3pZdCRN68hQU9KYPvY6JSSjAyi0z4OAC3YrEIcu%2Fmp1yO%2Bwk2UCuFdQLhF%2FZmCpsjnGmDb1Dr9fj92BoEdX1xDbb18eg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
850629bbedd14bc9-BUF
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Date
Sun, 04 Feb 2024 21:56:20 GMT
Location
https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QppAHSxZvuo1i68k4wbfPs0US5n7cv%2BCxJD5Tf55ET4DWxauNobTZyywBW7XC75YN1GGT4%2BgJMqsZp%2BvE%2BMuvr60eRbZDg7Cg6gUCzLSim1L8zWeAqi3vnbT%2F%2FR05Y0WXsTvleAr3j2FkzrNzX2uJY%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
alt-svc
h3=":443"; ma=86400
jquery.min.js
tapeadsenjoyer.com/js/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tapeadsenjoyer.com/js/jquery.min.js
Requested by
Host: tapeadsenjoyer.com
URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9a26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 21:56:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 13 Dec 2020 16:27:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2808
etag
W/"5fd64104-15851"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wrPnDgrhd6%2BU%2F2DAh1j6frGl3E3Q9UYjkZJCA%2Fa3WeqSia6cuG%2BtedKGQrKbT0X0YXy9GONs%2BzJpp7OtRwYyKzan9olu3yGtoSglXva1rj4T2tQtcIAwkwn3xXut3mtuSKh2Pmvj6lPVRLgazb8VWcY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=345600
cf-ray
850629bea9a64bbb-BUF
alt-svc
h3=":443"; ma=86400
player3.css
tapeadsenjoyer.com/scss/ 		31 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tapeadsenjoyer.com/scss/player3.css
Requested by
Host: tapeadsenjoyer.com
URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9a26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18971692c07e9560df33060f42d907e1137ab53482d06396aab0525e9abd1274

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 21:56:20 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sun, 13 Dec 2020 16:27:48 GMT
server
cloudflare
age
0
etag
W/"5fd64104-7afc"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOxW8RCHpAj1PFN6Pq4GvLCsyX0VTOptFspweP7F%2FGxoMlYfXSg17%2FWkPqE2PHu%2FOvJ%2FBeZEqLPQv4ubRmqj6WVHWcxl7WR2F6fWBMcVseEhBcaqz064z29Am0%2BBi8djYCImDQbMfmFrapphsaUU2OQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=345600
cf-ray
850629bea9a24bbb-BUF
alt-svc
h3=":443"; ma=86400
adgpt.js
tapeadsenjoyer.com/ 		20 B
357 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tapeadsenjoyer.com/adgpt.js
Requested by
Host: tapeadsenjoyer.com
URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9a26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8964d85afd6d5d84b97872464646809c952ab900cdf5c5d7c3b7b4bdb74202fa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 21:56:20 GMT
cf-cache-status
HIT
last-modified
Tue, 28 Mar 2023 18:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2808
etag
"64232c29-14"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJijzOu%2BH14CgBVJC7%2BQo%2FGK3aF6eJ0TLWncwZnRkXIrymHuwTggmgTdWQ7ydNdWSwUBkuD2QkKX%2FmoMJ%2BvsorpkNXLS3c3x%2BuvipHDAywXBOKxhJU%2FYPnkSyKVWQi8CVJ6MbOSfoaMcUOjv3F18Tus%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=345600
accept-ranges
bytes
cf-ray
850629bea9a94bbb-BUF
alt-svc
h3=":443"; ma=86400
content-length
20
player.svg
tapeadsenjoyer.com/ 		5 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://tapeadsenjoyer.com/player.svg
Requested by
Host: tapeadsenjoyer.com
URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9a26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b0a89316b4c4edfcaecd47b2cd0a992c29219a6bf57a9f6dcda37a3f037a02e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 21:56:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 13 Dec 2020 16:27:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2807
etag
W/"5fd64104-15ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2dleRQlMqxYpDvcSs6bpl6AVGX%2FpTWcbvSlDv86sPzRursDvkcfvCaGQAh0isCpVUKP8Mf2LIN3WSHZ1BM4BN3fvVJHLh7Enkj9ADrFK4T%2FiCK3%2BRfXQ0xjIhnSkv04WeRYBBjzL7BOKviems65kwg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=345600
cf-ray
850629bf0a5d4bbb-BUF
alt-svc
h3=":443"; ma=86400
58191
az.mniumlapsers.com/gB9RS9Rqa8eV/ 		6 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az.mniumlapsers.com/gB9RS9Rqa8eV/58191
Requested by
Host: tapeadsenjoyer.com
URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
173.0.146.27 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tapeadsenjoyer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Sun, 04 Feb 2024 21:56:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://tapeadsenjoyer.com
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Credentials
true
Vary
Accept-Encoding
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
4bdro9pz3xudxd
tapeadsenjoyer.com/e/ 		0
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Requested by
Host: tapeadsenjoyer.com
URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9a26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 21:56:21 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JxeMl2djOfmD8tNY7BiF9XhRWTfpCWg%2BBYpGqy71tLuTtbHcHsKG50Jzg50YVziRkIhQhse24mgYJ606QD3FaoNIVPlnZ98ltPEzktudLTs%2FqASsoz3fj8uQ9gSEDCLTFNg3PcwqB8w%2BNDlZwPbk7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
private
cf-ray
850629bfca1d4bd3-BUF
alt-svc
h3=":443"; ma=86400
6325382
bygliscortor.com/400/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bygliscortor.com/400/6325382
Requested by
Host: tapeadsenjoyer.com
URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
021af49931aff1d16ac1a9d9838c2eebf2ebf20936926beb36b6d4a20d6ae23d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tapeadsenjoyer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 21:56:21 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
b008b848d7b83153e7cd078c008e1488
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
fJKjbg7Qps
zimpolo.com/sub/ Frame ECB0 		239 B
589 B 		Document
General
Check archive.org
Download Go to
Full URL
https://zimpolo.com/sub/fJKjbg7Qps
Requested by
Host: tapeadsenjoyer.com
URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:bf2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d7820d757464633f0cfef9e92bf9bafd9eedd4197fe0d2070c752fc8436be5

Request headers

Referer
https://tapeadsenjoyer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
850629c10ca14bc3-BUF
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 04 Feb 2024 21:56:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxBWosFvntDvBhLnfxgYzGocJKcVHyKXtuylSiW7GtJSqriwwuLAte%2FZNuYNeIGo3wDPfhJ%2BFYCB7rljp%2B8WbtmAIQvUCMxAHUekAm523stZMGBNTthDABQ5a7gOlV974yRY1g810GEPrg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
redirect
xml.popmonetizer.net/ Frame ECB0
Redirect Chain
  • https://zimpolo.com/load
  • https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
Requested by
Host: tapeadsenjoyer.com
URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.18 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://zimpolo.com
Referer
https://zimpolo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Sun, 04 Feb 2024 21:56:21 GMT
Server
nginx

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
850629c1fda64bc3-BUF
content-type
text/html; charset=utf-8
date
Sun, 04 Feb 2024 21:56:21 GMT
location
https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqfCS73DrMGX0B%2BVYlTzZ%2FYFeA9sSrIx98HPbJ9f%2B4S2TxVVM0pMK6AfrsrkNfp7irqjMwqKPJ9WL5Je7WWWqfDnxqM2R6dhxtYIHBBxmoA0msnjAPrlT%2BETtXU00qQvap9%2F82ybtIPoPw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
split_track
bytogeticr.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bytogeticr.com/split_track?dt=0&r=false&timeout=1000errm=
Requested by
Host: bygliscortor.com
URL: https://bygliscortor.com/400/6325382
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.17.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tapeadsenjoyer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 21:56:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljNcpjiVgWmwJWQuc7kYhpV%2BQhjj4QSP2V9yNNDYCNf%2ByS4Ys%2BVC75bcDlE6YcP8IRoo%2Fq7%2BmZ3CukXvDmgxhh4w7juTYesCT6GzKYlj%2B3YsugJlFoGF6ir9XjTpWupStw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
850629c2ed705425-YYZ
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length
0
alt-svc
h3=":443"; ma=86400
stattag.js
tzegilo.com/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tzegilo.com/stattag.js
Requested by
Host: bygliscortor.com
URL: https://bygliscortor.com/400/6325382
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tapeadsenjoyer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 21:56:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Sep 2023 08:19:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
419
etag
W/"64f987a8-4a4b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEIGXhTBUBFqKtle%2BKy0K48AdTrdmPIj8rqzb%2F%2Bd2GN%2BqIB4TMTIdX2usYjr%2FQ4PgebJWzw%2BPMOgt4f3hqunGPfyI8rsF3P8lvQ97MtNc8LcjsFLETAdxF8UakJ4BVWwB7y2dFl7Q%2BlpYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
850629c2fd096aed-BUF
link
<https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc
h3=":443"; ma=86400
add
fleraprt.com/log/ 		12 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by
Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://tapeadsenjoyer.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 04 Feb 2024 21:56:22 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://tapeadsenjoyer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
gid.js
my.rtmark.net/ 		65 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: bygliscortor.com
URL: https://bygliscortor.com/400/6325382
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
054400c7af6f9db2b98ef40c098ae71ecd8902b935e0d11ca434b1157059c968
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tapeadsenjoyer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 21:56:22 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tapeadsenjoyer.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
6325382
bygliscortor.com/500/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bygliscortor.com/500/6325382?excludes=&oaid=37cdea3a618a464c8fce700b88a732da&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Ftapeadsenjoyer.com%2Fe%2F4bdro9pz3xudxd&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&js_build=8&sw_version=v1.319.0
Requested by
Host: bygliscortor.com
URL: https://bygliscortor.com/400/6325382
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9dab0edbe60bf17b74374cf7410dcd0ce26e798f7b1a85a508190852af554aa3
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tapeadsenjoyer.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 04 Feb 2024 21:56:22 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
f458511df29d8a8e9237ce01d7695464
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://tapeadsenjoyer.com
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
6325382
bygliscortor.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bygliscortor.com/500/6325382?excludes=&oaid=37cdea3a618a464c8fce700b88a732da&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Ftapeadsenjoyer.com%2Fe%2F4bdro9pz3xudxd&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&js_build=8&sw_version=v1.319.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://tapeadsenjoyer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://tapeadsenjoyer.com
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Sun, 04 Feb 2024 21:56:22 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
0ccfc43f960ff2dee552363629b769b8.png
offerimage.com/www/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offerimage.com/www/images/0ccfc43f960ff2dee552363629b769b8.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:21ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
278d4648a09e18f980cef2025706ff54b9bad840ae57c79009bc17e0bd017c5d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tapeadsenjoyer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sun, 04 Feb 2024 21:56:22 GMT
cf-cache-status
HIT
last-modified
Sat, 08 Apr 2023 13:11:16 GMT
server
cloudflare
age
63217
etag
"643167f4-1e61"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
850629c91e2a6aed-BUF
content-length
7777
expires
Mon, 05 Feb 2024 04:22:40 GMT
XrhN0kTsdA
a.adforcast.com/sub/ Frame 9FCB 		233 B
586 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.adforcast.com/sub/XrhN0kTsdA
Requested by
Host: tapeadsenjoyer.com
URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5e98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c76bb1f5d2d2912efdb71aa2eac98265bb91dbee05d95cef2a0006d9db982cd

Request headers

Referer
https://tapeadsenjoyer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
850629ccfdaa4bbd-BUF
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 04 Feb 2024 21:56:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8nvIfbHBmzp8ExR6qF3z2%2BbfMkLZAZ1GCoLoouIuwV28n69IIDs2MS44Cs3WA46H94kIFXZkxwViIRFEfny8cN4XNXnnPSPfgTtkUSKDWf%2BUUxZNbQivDYjNKcOdxu%2BKKTurVhRjlzaN4PTovNI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
splash.php
s.pemsrv.com/ Frame 9FCB
Redirect Chain
  • https://a.adforcast.com/load
  • https://xml.acertb.com/redirect?feed=571726&auth=zXdo8a&pubid=158935
  • https://tfosrv.com/show_std.php?id_site=13111&id_channel=60781&uf=true
  • https://tfosrv.com/impression.php?channel_id=60781&id=4de90a62-f6ee-409e-87fe-ed0ee7035a7c%3Af6b5c3a6-19d3-41ba-b7fd-da994774e8d1&site_id=13111&uuid=d06762c9-744c-4d6c-9f95-46ad68e3e733
  • https://trafforsrv.com/click.php?id=4de90a62-f6ee-409e-87fe-ed0ee7035a7c%3Af6b5c3a6-19d3-41ba-b7fd-da994774e8d1
  • https://s.pemsrv.com/splash.php?idzone=5040978&type=8
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.pemsrv.com/splash.php?idzone=5040978&type=8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.169.106.40 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
nginx /
Resource Hash
5449258b1fdcfe61a7cd9b97c9ef8f09c8228584fc3ff2d5e7d223fe4dd8914b

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://a.adforcast.com
Referer
https://a.adforcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Access-Control-Allow-Headers
X-CH-VALUES
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 04 Feb 2024 21:56:24 GMT
Server
nginx
Transfer-Encoding
chunked
X-Robots-Tag
noindex, follow

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-length
0
date
Sun, 04 Feb 2024 21:56:24 GMT
location
https://s.pemsrv.com/splash.php?idzone=5040978&type=8
server
nginx
/
affair-next.com/ Frame 9FCB
Redirect Chain
  • https://s.pemsrv.com/splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fa.adforcast.com%2F&tested=1&check=c1c53a2d9af7fd09837429fcb54a913a&screen_resolution=1600x1200&container_resolution=1920x1080&i...
  • https://whelesignevated.com/ab3603f9-d789-42b4-ba15-b044eba2ff33?campaign=3726341&banner=88864880&domain=porn.com&site=515128&zone=5040978&category=508&src_hostname=porn.com&cost=0.5&tags=a,adforca...
  • https://affair-next.com/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://affair-next.com/
Requested by
Host: s.pemsrv.com
URL: https://s.pemsrv.com/splash.php?idzone=5040978&type=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1f3d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://s.pemsrv.com/splash.php?idzone=5040978&type=8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-DPR,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64,Sec-CH-Viewport-Height,Sec-CH-Viewport-Width,Sec-CH-Width,Content-DPR,Device-Memory,DPR,Viewport-Width,Width
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
600
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
850629d99a6d4bcc-BUF
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 04 Feb 2024 21:56:25 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgPOusE%2FVHtAEQcLLB%2BGSbC7odt%2BV78i%2FwkFZnw5i4Dvgdf06skAAzLjsBgPYifHTDQjWjxOraQcr683mh7bNX4ZANjyfTnnwEqj7zX7B%2FLLOC61tZvmWeg7%2BwiM4m9lSD1IvyfGZwJGZeOZuNU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Sun, 04 Feb 2024 21:56:25 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://affair-next.com
pragma
no-cache
server
nginx
31KJb9y
a.adforcast.com/sub/ Frame 16AF 		234 B
579 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.adforcast.com/sub/31KJb9y
Requested by
Host: tapeadsenjoyer.com
URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5e98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19c00057ff8dae0cdcc3c4732a8130c8697a9db345b122493e7661f2c2254454

Request headers

Referer
https://tapeadsenjoyer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
850629d90c194bd8-BUF
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 04 Feb 2024 21:56:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJAU2xEaEWHsDztBPgipaHa%2BIz01ehKuB6Z0%2BVMZ%2BsIHjuua5YmqU%2B2587yPx1vNEsGyXaEVvFiNWZiwdtFYdPiKtDuqDkZpIX3RzX1Hjpg6k0QDknhZ3SSF576kpYZB6UhUiFJ8BYeG0YO5QfQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
redirect
xml.zeusadx.com/ Frame 16AF
Redirect Chain
  • https://a.adforcast.com/load
  • https://xml.zeusadx.com/redirect?feed=537084&auth=jIoTIN&pubid=163132
0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.zeusadx.com/redirect?feed=537084&auth=jIoTIN&pubid=163132
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.17 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://a.adforcast.com
Referer
https://a.adforcast.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Sun, 04 Feb 2024 21:56:25 GMT
Server
nginx

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
850629db0e0b4bd8-BUF
content-type
text/html; charset=utf-8
date
Sun, 04 Feb 2024 21:56:25 GMT
location
https://xml.zeusadx.com/redirect?feed=537084&auth=jIoTIN&pubid=163132
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGq5TySVGVgFaKgHGevr%2FR60rfmqXVm2ILomxJ%2Bn16WrwIvN871J6Jw9qHLrkEyRI4XKGjDtY6VQmwOWdoRsrkTdkBm7bvDuHrhfWABiSlcDm6pgQmULjPjvmxmwgrrIXPgqf%2B8ZXGXVbZADSpk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| $ function| jQuery boolean| googleAd object| _pop object| _pao object| bgQuLHz_F_zS string| k object| _hds8bknrkc8 object| w7osmhw3pyc object| zfgformats function| setImmediate function| clearImmediate function| _ohknjom function| _ejetluj function| d function| b function| c function| a object| zfgstorage boolean| __lwkemfd9q__ object| __ds3dcV__ object| webpushlogs object| syncCallbacks number| __qwe33wweq__

10 Cookies

Domain/Path Name / Value
tapeadsenjoyer.com/ Name: _b
Value: kube14
az.mniumlapsers.com/ Name: GL_UI4
Value: eJw9jdtOhDAYhGE5qgs6CQ%2FgI7SLeLg0%2BxBektL%2By9aFdlMqxLe3MdGr%2BTL5JhNF0a65R7zmJZIv0eGRi6dWdqJ76%2BhZSHmQr%2FzUMsYVI96%2BEMeNXnovhol8inKZhfO9X1PsRzLktOylVVThIVh%2FzcXYzaTIBieMqpDNwZgqFIOz20KuSZAaMRPy49nZkNksPq1Dwg88sDaBY4adXZqkvkXxoY0Kw3qPHWd1nUe4u07Cn6ybe63yGNnohCLE7yil8DRa941C0XLx9grYSfX%2F%2Fu9vsnGGXNGqZTi3%2FkzuByTdTkE%3D
az.mniumlapsers.com/ Name: GL_GI10
Value: eJwNzD0OgkAQBtCdSQSNWnyBA3CCLZSY0GpPgxSUBBbYSHbIsv4cXw7wnlKK0xPYLjgWN13oS17oaw4awXUF7hzOtbPB9FkV2mBWkAeXDdg77EvzzRrxL1CH%2BP4ehnYWkEVSmp8Rlz1NNzmZZbQbZLfi8BC%2FiN8i0BIROEi8A699qkCfKPkDWCEjEg%3D%3D
my.rtmark.net/ Name: ID
Value: 37cdea3a618a464c8fce700b88a732da
bygliscortor.com/ Name: OAID
Value: 37cdea3a618a464c8fce700b88a732da
tfosrv.com/ Name: sppc_uuid
Value: d06762c9-744c-4d6c-9f95-46ad68e3e733
trafforsrv.com/ Name: sppc_uuid
Value: d45124da-3d10-4b1a-874d-13d2406060b5
.s.pemsrv.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265c00808bc6581.763476981346454586%22%3B%7D
.pemsrv.com/ Name: impressions
Value: bmbexmaenxgxmeablrcxmgeibsosorronxgxmeablrcxmgeibbbxseaonxgxmeablrcxmgeirrmbalronxgxmeabllosbgeibmbexmrcnxgxmeabllosbgeibbbxserbnxgxmeabllosbgeixmsseseonxgxmeabllosbgeibbecmmranxgxmeabllosbgeilxcosamcnxgxmeabllosbgeibsosorcenxgxmeabllosbgeibmooslabnxgxmeallmbamgxcceiceoexexxncgxmeallmbmegxcceilxolmorcncgxmeallmbmegxcceisxllammsnxgxmeallmbmegxcceimbbmcxranxgxmealllxxmgxcceimbbmcxrcnxgxmealllxxmgxcceimrmbbolbnxgxmealllaorgxcceimrmbbolcnxgxmealllaorgxcceimbbmcxrbnogxmemeexesmgxcceibxbaraaanogxmemeexcmegxcceialbbbllcnxgxmemeexcmegxcceilxsamrxonsgxmemeeobcsgxcceilxmeerabnsgxmemeeobcsgxcceilexexexenxgxmemeeamcrgxcceiblrbclobnxgxmemeemxalgxcceiloxcalrenxgxmemeebexlgxcceialbbblbenxgxmemeelersgxcceilxbmexcanxgxmemeelrmmgxcceimbxbmexbnsgxmemexeoaegxcceilesebbbbnsgxmemexeoaegxcceilesebblonsgxmemexeoaegxcceilesebblcncgxmemexeoaegxcceirxrlbalenxgxmemexeomegxcceiblbcbsxanxgxmemexosmlgxcceilxxamascnxgxmemexosmlgxcceileslcosenxgxmemexcsexgxcceibabalesenxgxmemexcsexgxcceilxsrooeanxgxmemexcsexgxcceileebcbxbnxgxmemexcsexgxcceiblccmraonxgxmemexcsexgxcceibbmbbmbanxgxmemexcsexgxcceisxllammmnxgxmemexcseogxcceilxlxxscanogxmemexcrsxgxcceibbxasrmenogxmemexmrssgxcceilxxelecbnxgxmemexmrssgxcceiblllbllanogxmemexmrssgxcceilooxacobnxgxmemexmrssgxcceilxloeaebnxgxmemexmrssgxcceilxlxxsconogxmemexmrssgxcceilxlxxsrenogxmemexmrssgxcceibcarremenxgxmemexmrssgxcceilesbxcebnxgxmemexmrssgxcceilxemsercnogxmemexmrssgxcceilermsrocnxgxmemexmrssgxcceilxmracrbnsgxmemexmrssgxcceilxmeeraansgxmemeoxrragxcceibscrmclenogxmemecoamegxcceilexxeseansgxmemecoamegxcceilxarcbxonogxmemecoamegxcceibacrmsconxgxmemecommegxcceimsleoaronxgxmemecobsagxcceilxemseccnxgxmemecobsagxcceilexrlscbnogxmemecasomgxcceibsoesmsanxgxmemerexcogxcceilooxccmanxgxmemerexcogxcceiloeboacbnxgxmemerexcogxcceileocaebenxgxmemeroroagxoaeibxslsorcnxgxmemeroroagxcceimoslreccnsgxmemerormlgxoaeibcsmcocencgxmemerormlgxoaeismrxbrbxnxgxmemersrlrgxcceismrxbrmrnxgxmemersrlrgxcceismrxbrlxnxgxmemersrlrgxcceilesamxbonogxmemersaecgxcceibmxsbeccnogxmemersaecgxcceilxxallbbnxgxmemersaecgxcceilxsermlbnxgxmemerrsmrgxcceileamblxcnxgxmemermcxbgxcceiloxaeascnxgxmemermcxbgxcceimearemmcnxgxmemermcxbgxcceilesbxceenxgxmemermcslgxoaeiblmlxxrenxgxmemermcrxgxcceibscrmcbbnxgxmemerbobxgxcceibrlelocbnxgxmemerbobxgxcceilecraoocnxgxmemerbobxgxcceilxlclaaansgxmemerlbmogxcceibbacbelcnxgxmemerlbmogxcceismrxbrbrnogxmemerlbmogxcceimlbsemoanrgxmemerlbmogxcceibxbbamsbnogxmemerlbmogxcceimaceoesbnxgxmemerlbmogxcceibbblacxonxgxmemerlbmogxcceilxemsemonxgxmemerlbmogxcceilxobcbccnxgxmemerllxlgxcceiblomrlobnxgxmemerllxlgxcceimaceoeocnxgxmemerllxlgxcceilxemseaonxgxmemerllxlgxcceiblomrloanxgxmemerllxlgxcceileeseaaenxgxmemeaxoomgxcceileaxsxconxgxmemeaxoomgxcceiblreolxcnxgxmemeaxoomgxcceibclaceabnxgxmemeaxoomgxcceiblreseaanxgxmemeaxoomgxcceibbesrosonxgxmemeaxoomgxcceilooxblrbnxgxmemeaxoobgxcceilecbmxaonxgxmemeaxoobgxcceibrbbmreenxgxmemeaxoobgxcceibcbccrlanxgxmemeacsxbgxcceicaaocabenxgxmemeacammgeilxsroooanxgxmemeacammgxcceicmoaaeebnxgxmemeacammgeibbalrsaonxgxmemeacammgxcceileebcbxcnxgxmemeacammgxcceibcbcrsxenxgxmemeacabegxcceibcbccracnxgxmemeamlcrgxcceibaeaobocnxgxmemeaborcgxcceimaceoeccnxgxmemeaborrgxcceiberrmlrcnxgxmemeaborrgxcceimrmbbolonxgxmemeaborrgxcceimaceoeoenxgxmemeaborrgxcceibrleloaenxgxmemeablcsgxcceibcbaxlrenxgxmemeablcsgxcceibbbmearanxgxmememoesogxcceibclesoabnxgxmememceobgxcceibclaemaenxgxmememceobgxcceibbasmaeanxgxmememceobgxcceialbmborenxgxmememceobgxcceibxcxxcxbnxgxmememceobgxcceilxxseocansgxmememrsmegxcceibcxobbaenxgxmememrsmegxcceibmssoeaenxgxmememrsmegxcceibmssoerbnxgxmememrsmegxcceibmssoeaonxgxmememrsmegxcceibcxobbacnxgxmememrsmegxcceiccmorsbonxgxmemembmargxcceibmrlrcmbncgxmemembmaagxcceileocaebcnrgxmemembmaagxcceileocaemonrgxmemembmaagxcceibamasxoonsgxmemembmaagxcceilxolmoransgxmemebxxcsgxcceibrmebasbnxgxmemebxxcsgxcceisxllammrnxgxmemebxxcsgxcceimblsoercncgxmemebxxaxgxcceicbseamaonxgxmemebxsobgxcceimblsoeronogxmemebxmcxgxcceibcecaacenxgxmemebxmcogxcceicbsbrmsbnxgxmemebxmcogxcceibbbmeaaonxgxmemeborccgxcceiblsaacmenxgxmemeborccgxcceilxaeaxbanxgxmemeboasrgxcceibmrlrcmanxgxmemeboasagxcceibbbacbbenxgxmemebsmbcgxcce
.pemsrv.com/ Name: c-tag
Value: %7B%22tag-link%22%3A%22v4%7C%7CUSA%7C5040978%7C88864880%7C0%7C%7C508%7C41%7C2%7C40%7C0%7C0%7C0%7C3111%7C5128638%7C5110629%7C0%7C0%7C2%7C2%7C0%7C0%7C1%7C0%7C0%7C1%7C65c00808bc6581.763476981346454586%7C7d50225126018211a146da15aa2e4803%7C0%7Ca.adforcast.com%7C1600x1200%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1707083784%7C5b761ffa9d7bc9ed5ee000d4e6bd8547%7Cok%22%7D

21 Console Messages

Source Level URL
Text
network error URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd(Line 71)
Message:
document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.
other warning URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tapeadsenjoyer.com/e/4bdro9pz3xudxd
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://affair-next.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.adforcast.com
affair-next.com
az.mniumlapsers.com
bygliscortor.com
bytogeticr.com
fleraprt.com
my.rtmark.net
offerimage.com
s.pemsrv.com
tapeadsenjoyer.com
tfosrv.com
trafforsrv.com
tzegilo.com
whelesignevated.com
xml.acertb.com
xml.popmonetizer.net
xml.zeusadx.com
zimpolo.com
104.21.17.211
139.45.195.254
139.45.195.8
139.45.197.242
173.0.146.27
174.137.133.17
174.137.133.18
18.232.14.170
216.18.168.28
216.18.168.29
2604:9e00:1:129::2:b10
2606:4700:10::6816:21ac
2606:4700:3030::ac43:bf2a
2606:4700:3033::ac43:9a26
2606:4700:3034::6815:5e98
2606:4700:3036::ac43:c134
2606:4700:3037::6815:1f3d
68.169.106.40
021af49931aff1d16ac1a9d9838c2eebf2ebf20936926beb36b6d4a20d6ae23d
054400c7af6f9db2b98ef40c098ae71ecd8902b935e0d11ca434b1157059c968
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
18971692c07e9560df33060f42d907e1137ab53482d06396aab0525e9abd1274
19c00057ff8dae0cdcc3c4732a8130c8697a9db345b122493e7661f2c2254454
1b0a89316b4c4edfcaecd47b2cd0a992c29219a6bf57a9f6dcda37a3f037a02e
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
278d4648a09e18f980cef2025706ff54b9bad840ae57c79009bc17e0bd017c5d
2c76bb1f5d2d2912efdb71aa2eac98265bb91dbee05d95cef2a0006d9db982cd
5449258b1fdcfe61a7cd9b97c9ef8f09c8228584fc3ff2d5e7d223fe4dd8914b
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
82d7820d757464633f0cfef9e92bf9bafd9eedd4197fe0d2070c752fc8436be5
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9
8964d85afd6d5d84b97872464646809c952ab900cdf5c5d7c3b7b4bdb74202fa
9dab0edbe60bf17b74374cf7410dcd0ce26e798f7b1a85a508190852af554aa3
a49b34f8c486d9bcf82acfbe89baa4a9ac4d0a9e6405590a65960d5a38fbf0bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855