urlscan.io logo urlscan.io
SecurityTrails logo

webep1.com Open in urlscan Pro
51.83.241.106  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://60minutesovertime.co/
Effective URL: https://webep1.com/click/6501/5df8ef3b25f5a8156da7baf9?p1=at107999_a188671_m12_p134708_cDE_s157be421a792aa6d5c00661...
Submission: On August 03 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 8 domains to perform 9 HTTP transactions. The main IP is 51.83.241.106, located in Moscow, Russian Federation and belongs to OVH, FR. The main domain is webep1.com.
TLS certificate: Issued by Certum Domain Validation CA SHA2 on June 1st 2020. Valid for: 2 years.
This is the only time webep1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 45.33.23.183 63949 (LINODE-AP...)
2 167.233.8.197 24940 (HETZNER-AS)
1 1 3.224.214.180 14618 (AMAZON-AES)
1 1 78.46.197.88 24940 (HETZNER-AS)
2 157.90.169.168 24940 (HETZNER-AS)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 51.83.241.106 16276 (OVH)
1 146.59.21.128 16276 (OVH)
9 6
2    45.33.23.183 (Richardson, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li977-183.members.linode.com
60minutesovertime.co
2    167.233.8.197 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.197.8.233.167.clients.your-server.de
track.vcdc.com
1    3.224.214.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-214-180.compute-1.amazonaws.com
antig-hra.com
1    78.46.197.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de
clever-redirect.com
2    157.90.169.168 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de
lookandfind.me
1    2606:4700:3036::6815:1a18 (United States)

ASN13335 (CLOUDFLARENET, US)
utkv6nyu.de
1    51.83.241.106 (Moscow, Russian Federation)

ASN16276 (OVH, FR)
PTR: ip106.ip-51-83-241.eu
webep1.com
1    146.59.21.128 (France)

ASN16276 (OVH, FR)
PTR: ip128.ip-146-59-21.eu
image.weben1.com
Domain Requested by
2 lookandfind.me track.vcdc.com
2 track.vcdc.com 60minutesovertime.co
track.vcdc.com
2 60minutesovertime.co 60minutesovertime.co
1 image.weben1.com webep1.com
1 webep1.com lookandfind.me
1 utkv6nyu.de 1 redirects
1 clever-redirect.com 1 redirects
1 antig-hra.com 1 redirects
9 8

This site contains links to these domains. Also see Links.

Domain
www.prezentzycia.pl
Subject Issuer Validity Valid
track.vcdc.com
GlobeSSL DV CA		 2020-10-28 -
2021-10-28		 a year crt.sh
lookandfind.me
R3		 2021-07-06 -
2021-10-04		 3 months crt.sh
*.webep1.com
Certum Domain Validation CA SHA2		 2020-06-01 -
2022-06-01		 2 years crt.sh
image.weben1.com
R3		 2021-07-14 -
2021-10-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://webep1.com/click/6501/5df8ef3b25f5a8156da7baf9?p1=at107999_a188671_m12_p134708_cDE_s157be421a792aa6d5c006617dfca32bd
Frame ID: 28D368AF7896912DA05CBD4AD5025DB5
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://60minutesovertime.co/ Page URL
  2. https://track.vcdc.com/proceed.php?domain=60minutesovertime.co&hash=be3c23f3928fcdd45bab287d5cd7ade... Page URL
  3. https://track.vcdc.com/beam.php?tcid=&target=aHR0cDovL2FudGlnLWhyYS5jb20vemN2aXNpdG9yLzRhNGQyYTAxLW... Page URL
  4. http://antig-hra.com/zcvisitor/4a4d2a01-f489-11eb-ada6-0a56e4da8efd/6019173b-675e-4852-98f4-d4f47... HTTP 302
    https://clever-redirect.com/s/r6?s=r6a&s2=lima-gnu-3gnlxnme6&s3=gridelin-bear&c=PL HTTP 302
    https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=prezentzycia.pl&s1=r6a&s2=l... Page URL
  5. https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3... Page URL
  6. https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=157be421a792aa6d5c006617d... HTTP 302
    https://webep1.com/click/6501/5df8ef3b25f5a8156da7baf9?p1=at107999_a188671_m12_p134708_cDE_s157... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

9
Requests

67 %
HTTPS

13 %
IPv6

8
Domains

8
Subdomains

6
IPs

4
Countries

13 kB
Transfer

14 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://60minutesovertime.co/ Page URL
  2. https://track.vcdc.com/proceed.php?domain=60minutesovertime.co&hash=be3c23f3928fcdd45bab287d5cd7ade9&u=eyJkb21haW4iOiI2MG1pbnV0ZXNvdmVydGltZS5jbyIsImRvbWFpbl9pZCI6IjIyNDE2NzUyIiwiZm9sZGVyX2lkIjpudWxsLCJtaWQiOiIyMjQiLCJmaWx0ZXJfaWQiOm51bGwsImFkdmVydGlzZXJfaWQiOiI4IiwidGFyZ2V0IjoiaHR0cDpcL1wvYW50aWctaHJhLmNvbVwvemN2aXNpdG9yXC80YTRkMmEwMS1mNDg5LTExZWItYWRhNi0wYTU2ZTRkYThlZmRcLzYwMTkxNzNiLTY3NWUtNDg1Mi05OGY0LWQ0ZjQ3ZWRiYjk3Mj9jYW1wYWlnbmlkPTI5OGRlN2QwLTlkZmItMTFlYi1hNDA4LTEyNTM1MGFjZmMzZCIsImlwX2FkZHJlc3MiOiIxOTQuMTEwLjExNC4yMTIiLCJ0eXBlIjoiamF2YV9yZWRpcmVjdCIsImJpZCI6IjAuMDAwNzAifQ== Page URL
  3. https://track.vcdc.com/beam.php?tcid=&target=aHR0cDovL2FudGlnLWhyYS5jb20vemN2aXNpdG9yLzRhNGQyYTAxLWY0ODktMTFlYi1hZGE2LTBhNTZlNGRhOGVmZC82MDE5MTczYi02NzVlLTQ4NTItOThmNC1kNGY0N2VkYmI5NzI/Y2FtcGFpZ25pZD0yOThkZTdkMC05ZGZiLTExZWItYTQwOC0xMjUzNTBhY2ZjM2Q=&hash=2322c9347c1484e94c497eea1f5f1282&m=MjI0 Page URL
  4. http://antig-hra.com/zcvisitor/4a4d2a01-f489-11eb-ada6-0a56e4da8efd/6019173b-675e-4852-98f4-d4f47edbb972?campaignid=298de7d0-9dfb-11eb-a408-125350acfc3d HTTP 302
    https://clever-redirect.com/s/r6?s=r6a&s2=lima-gnu-3gnlxnme6&s3=gridelin-bear&c=PL HTTP 302
    https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=prezentzycia.pl&s1=r6a&s2=lima-gnu-3gnlxnme6&s3=gridelin-bear Page URL
  5. https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D157be421a792aa6d5c006617dfca32bd%26url%3Dhttps%253A%252F%252Fwww.prezentzycia.pl%252F&h=3c496552ac2c7e4d02b9ae90e6128000 Page URL
  6. https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=157be421a792aa6d5c006617dfca32bd&url=https%3A%2F%2Fwww.prezentzycia.pl%2F HTTP 302
    https://webep1.com/click/6501/5df8ef3b25f5a8156da7baf9?p1=at107999_a188671_m12_p134708_cDE_s157be421a792aa6d5c006617dfca32bd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://antig-hra.com/zcvisitor/4a4d2a01-f489-11eb-ada6-0a56e4da8efd/6019173b-675e-4852-98f4-d4f47edbb972?campaignid=298de7d0-9dfb-11eb-a408-125350acfc3d HTTP 302
  • https://clever-redirect.com/s/r6?s=r6a&s2=lima-gnu-3gnlxnme6&s3=gridelin-bear&c=PL HTTP 302
  • https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=prezentzycia.pl&s1=r6a&s2=lima-gnu-3gnlxnme6&s3=gridelin-bear

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
60minutesovertime.co/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://60minutesovertime.co/
Protocol
HTTP/1.1
Server
45.33.23.183 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li977-183.members.linode.com
Software
openresty/1.13.6.1 /
Resource Hash
59fa0f580341a0933c8d6398e8fa7197fd52a99b6afbad032391a5d46671d0cc

Request headers

Host
60minutesovertime.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
openresty/1.13.6.1
Date
Tue, 03 Aug 2021 18:33:24 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1844
Connection
close
Vary
Accept-Language
Content-Language
en
Cookie set 1
60minutesovertime.co/mtm/async/.eJxdjEsOwjAMRO-SZQlNJSQEVJwFucFNLTUfErdEQtydlMICdm_e2PMQUyRxEkpIAdGkgoUi9hgxrmHwiS8OLJa4byy5iTH5GSOTxVr75VNrDFx6xsxqYDtKCGEkDUzeqbyYTf63dmxv56Y-SrJgUMFM_Qfv2IWvDc7IS... 		587 B
887 B 		Fetch
General
Check archive.org
Download Go to
Full URL
http://60minutesovertime.co/mtm/async/.eJxdjEsOwjAMRO-SZQlNJSQEVJwFucFNLTUfErdEQtydlMICdm_e2PMQUyRxEkpIAdGkgoUi9hgxrmHwiS8OLJa4byy5iTH5GSOTxVr75VNrDFx6xsxqYDtKCGEkDUzeqbyYTf63dmxv56Y-SrJgUMFM_Qfv2IWvDc7ISlXv08PPQCLj8LrFrAdwBtv53O3WRfF8AbLSSa0:1mAzEC:H3UwhY5LZZRdWBx67O3p-FFm8aQ/1
Requested by
Host: 60minutesovertime.co
URL: http://60minutesovertime.co/
Protocol
HTTP/1.1
Server
45.33.23.183 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li977-183.members.linode.com
Software
openresty/1.13.6.1 /
Resource Hash
96930d402d0f9e198717a2e728781279fd1aad9c6a24e23dfb46b37c67457ce5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
60minutesovertime.co
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://60minutesovertime.co/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://60minutesovertime.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 18:33:26 GMT
Server
openresty/1.13.6.1
Vary
Accept-Language
Content-Language
en
Set-Cookie
mtm_delivered=""; expires=Tue, 03-Aug-2021 19:33:26 GMT; Max-Age=3600; Path=/
Connection
close
Content-Type
text/html; charset=utf-8
Content-Length
587
proceed.php
track.vcdc.com/ 		0
0
proceed.php
track.vcdc.com/ 		659 B
852 B 		Document
General
Check archive.org
Download Go to
Full URL
https://track.vcdc.com/proceed.php?domain=60minutesovertime.co&hash=be3c23f3928fcdd45bab287d5cd7ade9&u=eyJkb21haW4iOiI2MG1pbnV0ZXNvdmVydGltZS5jbyIsImRvbWFpbl9pZCI6IjIyNDE2NzUyIiwiZm9sZGVyX2lkIjpudWxsLCJtaWQiOiIyMjQiLCJmaWx0ZXJfaWQiOm51bGwsImFkdmVydGlzZXJfaWQiOiI4IiwidGFyZ2V0IjoiaHR0cDpcL1wvYW50aWctaHJhLmNvbVwvemN2aXNpdG9yXC80YTRkMmEwMS1mNDg5LTExZWItYWRhNi0wYTU2ZTRkYThlZmRcLzYwMTkxNzNiLTY3NWUtNDg1Mi05OGY0LWQ0ZjQ3ZWRiYjk3Mj9jYW1wYWlnbmlkPTI5OGRlN2QwLTlkZmItMTFlYi1hNDA4LTEyNTM1MGFjZmMzZCIsImlwX2FkZHJlc3MiOiIxOTQuMTEwLjExNC4yMTIiLCJ0eXBlIjoiamF2YV9yZWRpcmVjdCIsImJpZCI6IjAuMDAwNzAifQ==
Requested by
Host: 60minutesovertime.co
URL: http://60minutesovertime.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.8.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.197.8.233.167.clients.your-server.de
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
track.vcdc.com
:scheme
https
:path
/proceed.php?domain=60minutesovertime.co&hash=be3c23f3928fcdd45bab287d5cd7ade9&u=eyJkb21haW4iOiI2MG1pbnV0ZXNvdmVydGltZS5jbyIsImRvbWFpbl9pZCI6IjIyNDE2NzUyIiwiZm9sZGVyX2lkIjpudWxsLCJtaWQiOiIyMjQiLCJmaWx0ZXJfaWQiOm51bGwsImFkdmVydGlzZXJfaWQiOiI4IiwidGFyZ2V0IjoiaHR0cDpcL1wvYW50aWctaHJhLmNvbVwvemN2aXNpdG9yXC80YTRkMmEwMS1mNDg5LTExZWItYWRhNi0wYTU2ZTRkYThlZmRcLzYwMTkxNzNiLTY3NWUtNDg1Mi05OGY0LWQ0ZjQ3ZWRiYjk3Mj9jYW1wYWlnbmlkPTI5OGRlN2QwLTlkZmItMTFlYi1hNDA4LTEyNTM1MGFjZmMzZCIsImlwX2FkZHJlc3MiOiIxOTQuMTEwLjExNC4yMTIiLCJ0eXBlIjoiamF2YV9yZWRpcmVjdCIsImJpZCI6IjAuMDAwNzAifQ==
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://60minutesovertime.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://60minutesovertime.co/

Response headers

server
nginx
date
Tue, 03 Aug 2021 18:33:26 GMT
content-type
text/html; charset=utf8
content-length
659
cache-control
no-cache, must-revalidate
content-encoding
none
x-content-type-options
nosniff
x-xss-protection
1; mode=block
beam.php
track.vcdc.com/ 		991 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://track.vcdc.com/beam.php?tcid=&target=aHR0cDovL2FudGlnLWhyYS5jb20vemN2aXNpdG9yLzRhNGQyYTAxLWY0ODktMTFlYi1hZGE2LTBhNTZlNGRhOGVmZC82MDE5MTczYi02NzVlLTQ4NTItOThmNC1kNGY0N2VkYmI5NzI/Y2FtcGFpZ25pZD0yOThkZTdkMC05ZGZiLTExZWItYTQwOC0xMjUzNTBhY2ZjM2Q=&hash=2322c9347c1484e94c497eea1f5f1282&m=MjI0
Requested by
Host: track.vcdc.com
URL: https://track.vcdc.com/proceed.php?domain=60minutesovertime.co&hash=be3c23f3928fcdd45bab287d5cd7ade9&u=eyJkb21haW4iOiI2MG1pbnV0ZXNvdmVydGltZS5jbyIsImRvbWFpbl9pZCI6IjIyNDE2NzUyIiwiZm9sZGVyX2lkIjpudWxsLCJtaWQiOiIyMjQiLCJmaWx0ZXJfaWQiOm51bGwsImFkdmVydGlzZXJfaWQiOiI4IiwidGFyZ2V0IjoiaHR0cDpcL1wvYW50aWctaHJhLmNvbVwvemN2aXNpdG9yXC80YTRkMmEwMS1mNDg5LTExZWItYWRhNi0wYTU2ZTRkYThlZmRcLzYwMTkxNzNiLTY3NWUtNDg1Mi05OGY0LWQ0ZjQ3ZWRiYjk3Mj9jYW1wYWlnbmlkPTI5OGRlN2QwLTlkZmItMTFlYi1hNDA4LTEyNTM1MGFjZmMzZCIsImlwX2FkZHJlc3MiOiIxOTQuMTEwLjExNC4yMTIiLCJ0eXBlIjoiamF2YV9yZWRpcmVjdCIsImJpZCI6IjAuMDAwNzAifQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.233.8.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.197.8.233.167.clients.your-server.de
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
track.vcdc.com
:scheme
https
:path
/beam.php?tcid=&target=aHR0cDovL2FudGlnLWhyYS5jb20vemN2aXNpdG9yLzRhNGQyYTAxLWY0ODktMTFlYi1hZGE2LTBhNTZlNGRhOGVmZC82MDE5MTczYi02NzVlLTQ4NTItOThmNC1kNGY0N2VkYmI5NzI/Y2FtcGFpZ25pZD0yOThkZTdkMC05ZGZiLTExZWItYTQwOC0xMjUzNTBhY2ZjM2Q=&hash=2322c9347c1484e94c497eea1f5f1282&m=MjI0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Tue, 03 Aug 2021 18:33:26 GMT
content-type
text/html; charset=UTF-8
content-length
991
cache-control
no-cache, must-revalidate
content-encoding
none
x-content-type-options
nosniff
x-xss-protection
1; mode=block
a
lookandfind.me/s/
Redirect Chain
  • http://antig-hra.com/zcvisitor/4a4d2a01-f489-11eb-ada6-0a56e4da8efd/6019173b-675e-4852-98f4-d4f47edbb972?campaignid=298de7d0-9dfb-11eb-a408-125350acfc3d
  • https://clever-redirect.com/s/r6?s=r6a&s2=lima-gnu-3gnlxnme6&s3=gridelin-bear&c=PL
  • https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=prezentzycia.pl&s1=r6a&s2=lima-gnu-3gnlxnme6&s3=gridelin-bear
433 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=prezentzycia.pl&s1=r6a&s2=lima-gnu-3gnlxnme6&s3=gridelin-bear
Requested by
Host: track.vcdc.com
URL: https://track.vcdc.com/beam.php?tcid=&target=aHR0cDovL2FudGlnLWhyYS5jb20vemN2aXNpdG9yLzRhNGQyYTAxLWY0ODktMTFlYi1hZGE2LTBhNTZlNGRhOGVmZC82MDE5MTczYi02NzVlLTQ4NTItOThmNC1kNGY0N2VkYmI5NzI/Y2FtcGFpZ25pZD0yOThkZTdkMC05ZGZiLTExZWItYTQwOC0xMjUzNTBhY2ZjM2Q=&hash=2322c9347c1484e94c497eea1f5f1282&m=MjI0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.169.90.157.clients.your-server.de
Software
Apache/2.4.46 (codeit) OpenSSL/1.1.1j PHP/7.4.16 / PHP/7.4.16
Resource Hash

Request headers

:method
GET
:authority
lookandfind.me
:scheme
https
:path
/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=prezentzycia.pl&s1=r6a&s2=lima-gnu-3gnlxnme6&s3=gridelin-bear
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://track.vcdc.com/beam.php?tcid=&target=aHR0cDovL2FudGlnLWhyYS5jb20vemN2aXNpdG9yLzRhNGQyYTAxLWY0ODktMTFlYi1hZGE2LTBhNTZlNGRhOGVmZC82MDE5MTczYi02NzVlLTQ4NTItOThmNC1kNGY0N2VkYmI5NzI/Y2FtcGFpZ25pZD0yOThkZTdkMC05ZGZiLTExZWItYTQwOC0xMjUzNTBhY2ZjM2Q=&hash=2322c9347c1484e94c497eea1f5f1282&m=MjI0

Response headers

date
Tue, 03 Aug 2021 18:33:27 GMT
server
Apache/2.4.46 (codeit) OpenSSL/1.1.1j PHP/7.4.16
referrer-policy
strict-origin-when-cross-origin
x-powered-by
PHP/7.4.16
content-length
433
content-type
text/html; charset=UTF-8

Redirect headers

date
Tue, 03 Aug 2021 18:33:27 GMT
server
Apache/2.4.46 (codeit) OpenSSL/1.1.1i PHP/7.4.15
referrer-policy
no-referrer
x-powered-by
PHP/7.4.15
location
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=prezentzycia.pl&s1=r6a&s2=lima-gnu-3gnlxnme6&s3=gridelin-bear
content-length
0
content-type
text/html; charset=UTF-8
r
lookandfind.me/s/ 		349 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D157be421a792aa6d5c006617dfca32bd%26url%3Dhttps%253A%252F%252Fwww.prezentzycia.pl%252F&h=3c496552ac2c7e4d02b9ae90e6128000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.169.90.157.clients.your-server.de
Software
Apache/2.4.46 (codeit) OpenSSL/1.1.1j PHP/7.4.16 / PHP/7.4.16
Resource Hash

Request headers

:method
GET
:authority
lookandfind.me
:scheme
https
:path
/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D157be421a792aa6d5c006617dfca32bd%26url%3Dhttps%253A%252F%252Fwww.prezentzycia.pl%252F&h=3c496552ac2c7e4d02b9ae90e6128000
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=prezentzycia.pl&s1=r6a&s2=lima-gnu-3gnlxnme6&s3=gridelin-bear
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=prezentzycia.pl&s1=r6a&s2=lima-gnu-3gnlxnme6&s3=gridelin-bear

Response headers

date
Tue, 03 Aug 2021 18:33:27 GMT
server
Apache/2.4.46 (codeit) OpenSSL/1.1.1j PHP/7.4.16
referrer-policy
strict-origin-when-cross-origin
x-powered-by
PHP/7.4.16
content-length
349
content-type
text/html; charset=UTF-8
Primary Request Cookie set 5df8ef3b25f5a8156da7baf9
webep1.com/click/6501/
Redirect Chain
  • https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=157be421a792aa6d5c006617dfca32bd&url=https%3A%2F%2Fwww.prezentzycia.pl%2F
  • https://webep1.com/click/6501/5df8ef3b25f5a8156da7baf9?p1=at107999_a188671_m12_p134708_cDE_s157be421a792aa6d5c006617dfca32bd
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://webep1.com/click/6501/5df8ef3b25f5a8156da7baf9?p1=at107999_a188671_m12_p134708_cDE_s157be421a792aa6d5c006617dfca32bd
Requested by
Host: lookandfind.me
URL: https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D157be421a792aa6d5c006617dfca32bd%26url%3Dhttps%253A%252F%252Fwww.prezentzycia.pl%252F&h=3c496552ac2c7e4d02b9ae90e6128000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.83.241.106 Moscow, Russian Federation, ASN16276 (OVH, FR),
Reverse DNS
ip106.ip-51-83-241.eu
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
634606a049eb063bb031b455d100bce2d9fd3235dc02c6e3c893f4ad48114daa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
webep1.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://lookandfind.me/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D157be421a792aa6d5c006617dfca32bd%26url%3Dhttps%253A%252F%252Fwww.prezentzycia.pl%252F&h=3c496552ac2c7e4d02b9ae90e6128000

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Tue, 03 Aug 2021 18:33:27 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Set-Cookie
VisitorGuid=fe5dcffd-388e-435c-8189-b7dbfbfcdd3c; expires=Wed, 03 Aug 2022 18:33:27 GMT; domain=webep1.com; path=/; secure; samesite=none
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip

Redirect headers

date
Tue, 03 Aug 2021 18:33:27 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache post-check=0, pre-check=0
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Tue, 03 Aug 2021 18:33:27 GMT
location
https://webep1.com/click/6501/5df8ef3b25f5a8156da7baf9?p1=at107999_a188671_m12_p134708_cDE_s157be421a792aa6d5c006617dfca32bd
p3p
policyref="/w3c/p3p.xml", CP="NOI CUR OUR STP"
pragma
no-cache
set-cookie
PHPSESSID=97nnvbhcs5ijka7o8eu2jcs0g1; path=/
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlPPEsyCuktnTH%2B%2FZla3FnIlMRuuJ4ZnqY5%2BdZi3aUtiTXXsXGKW%2FRvhxEQFV5yVSw0j1nqwLzVmnJXdL%2FhRMDsDleaawiXSkV8%2B6cGqrxOUSwcDIf7GjpiQ%2FTIKVoR5FdeI8dV%2FB91g8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6791a26a3d664abc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
1wZ_gdoUsgECeganxcnidGyV0TFzda-fS.png
image.weben1.com/logo/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.weben1.com/logo/1wZ_gdoUsgECeganxcnidGyV0TFzda-fS.png
Requested by
Host: webep1.com
URL: https://webep1.com/click/6501/5df8ef3b25f5a8156da7baf9?p1=at107999_a188671_m12_p134708_cDE_s157be421a792aa6d5c006617dfca32bd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.59.21.128 , France, ASN16276 (OVH, FR),
Reverse DNS
ip128.ip-146-59-21.eu
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
95f67300202f0e51a3f78598253730f6c627d0d91b15cd15c4b2ea6745d9ca19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://webep1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 18:33:27 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
3829253E001CB581FB820D89C1CBFEFB
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
public,max-age=7200
Connection
keep-alive
Content-Length
5013

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
track.vcdc.com
URL
https://track.vcdc.com/proceed.php?domain=60minutesovertime.co&hash=be3c23f3928fcdd45bab287d5cd7ade9&u=eyJkb21haW4iOiI2MG1pbnV0ZXNvdmVydGltZS5jbyIsImRvbWFpbl9pZCI6IjIyNDE2NzUyIiwiZm9sZGVyX2lkIjpudWxsLCJtaWQiOiIyMjQiLCJmaWx0ZXJfaWQiOm51bGwsImFkdmVydGlzZXJfaWQiOiI4IiwidGFyZ2V0IjoiaHR0cDpcL1wvYW50aWctaHJhLmNvbVwvemN2aXNpdG9yXC80YTRkMmEwMS1mNDg5LTExZWItYWRhNi0wYTU2ZTRkYThlZmRcLzYwMTkxNzNiLTY3NWUtNDg1Mi05OGY0LWQ0ZjQ3ZWRiYjk3Mj9jYW1wYWlnbmlkPTI5OGRlN2QwLTlkZmItMTFlYi1hNDA4LTEyNTM1MGFjZmMzZCIsImlwX2FkZHJlc3MiOiIxOTQuMTEwLjExNC4yMTIiLCJ0eXBlIjoiamF2YV9yZWRpcmVjdCIsImJpZCI6IjAuMDAwNzAifQ==

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| setCookie

1 Cookies

Domain/Path Name / Value
.webep1.com/ Name: VisitorGuid
Value: fe5dcffd-388e-435c-8189-b7dbfbfcdd3c