Submitted URL: http://photo.mmg4rt5.sbs/I7yIP2G
Effective URL: https://mediasama.com/starharem/05/n/?cep=P6I6BBq3sU6W34O5Haye8vkZMVCZ86JrXEodWXzHLLNdW-6rnmSCHCseA6yICVwQYoqvV8w20np4...
Submission: On December 28 via manual from IT — Scanned from IT

Summary

This website contacted 11 IPs in 6 countries across 17 domains to perform 20 HTTP transactions. The main IP is 144.217.67.42, located in Beauharnois, Canada and belongs to OVH, FR. The main domain is mediasama.com. The Cisco Umbrella rank of the primary domain is 188027.
TLS certificate: Issued by R3 on November 16th 2022. Valid for: 3 months.
This is the only time mediasama.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 146.19.173.119 213373 (IPCONNECT)
1 1 64.227.23.114 14061 (DIGITALOC...)
3 99.198.108.194 32475 (SINGLEHOP...)
2 3 51.68.82.147 16276 (OVH)
1 1 34.90.46.36 396982 (GOOGLE-CL...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 34.91.234.242 396982 (GOOGLE-CL...)
1 1 51.161.115.163 16276 (OVH)
1 2 51.83.143.92 16276 (OVH)
2 4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 3.212.50.125 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 3 35.186.193.41 15169 (GOOGLE)
1 1 18.194.134.212 16509 (AMAZON-02)
4 144.217.67.42 16276 (OVH)
20 11
Apex Domain
Subdomains
Transfer
4 mediasama.com
mediasama.com — Cisco Umbrella Rank: 188027
356 KB
4 popmyads.com
popmyads.com — Cisco Umbrella Rank: 135913
4 KB
4 tuarong.com
gads.tuarong.com
25 KB
3 linkonclick.com
www.linkonclick.com — Cisco Umbrella Rank: 225200
4 KB
3 turbotrck.art
www.turbotrck.art
8 KB
3 redirectmaster.com
monkey.redirectmaster.com
7 KB
2 amung.us
whos.amung.us — Cisco Umbrella Rank: 9585
widgets.amung.us — Cisco Umbrella Rank: 10582
698 B
2 trffclb.com
ron.trffclb.com — Cisco Umbrella Rank: 173218
1 KB
1 gaming-adult.com
www.gaming-adult.com — Cisco Umbrella Rank: 176501
1 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
20 KB
1 pritha-ner.com
pritha-ner.com — Cisco Umbrella Rank: 464896
495 B
1 blowingwnd.com
t3.blowingwnd.com — Cisco Umbrella Rank: 376416
299 B
1 gositego.live
track.gositego.live — Cisco Umbrella Rank: 207610
292 B
1 addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 295511
1 KB
1 go2affise.com
admoustache.go2affise.com — Cisco Umbrella Rank: 466057
240 B
1 thegadgetguru.club
polo.thegadgetguru.club — Cisco Umbrella Rank: 862734
295 B
1 mmg4rt5.sbs
photo.mmg4rt5.sbs
318 B
20 17
Domain Requested by
4 mediasama.com www.linkonclick.com
mediasama.com
4 popmyads.com 2 redirects ron.trffclb.com
4 gads.tuarong.com www.turbotrck.art
monkey.redirectmaster.com
gads.tuarong.com
3 www.linkonclick.com 2 redirects popmyads.com
3 www.turbotrck.art 2 redirects monkey.redirectmaster.com
3 monkey.redirectmaster.com monkey.redirectmaster.com
2 ron.trffclb.com 1 redirects gads.tuarong.com
1 www.gaming-adult.com 1 redirects
1 www.google-analytics.com popmyads.com
www.google-analytics.com
1 pritha-ner.com 1 redirects
1 widgets.amung.us
1 whos.amung.us 1 redirects
1 t3.blowingwnd.com 1 redirects
1 track.gositego.live 1 redirects
1 cdn.addlnk.com gads.tuarong.com
1 admoustache.go2affise.com 1 redirects
1 polo.thegadgetguru.club 1 redirects
1 photo.mmg4rt5.sbs 1 redirects
20 18

This site contains links to these domains. Also see Links.

Domain
www.gaming-adult.com
Subject Issuer Validity Valid
monkey.redirectmaster.com
R3
2022-11-03 -
2023-02-01
3 months crt.sh
www.turbotrck.art
R3
2022-10-30 -
2023-01-28
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-20 -
2023-06-20
a year crt.sh
lone-star.landingtrack.com
R3
2022-12-19 -
2023-03-19
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
mediasama.com
R3
2022-11-16 -
2023-02-14
3 months crt.sh

This page contains 2 frames:

Primary Page: https://mediasama.com/starharem/05/n/?cep=P6I6BBq3sU6W34O5Haye8vkZMVCZ86JrXEodWXzHLLNdW-6rnmSCHCseA6yICVwQYoqvV8w20np4456b9WdYGT4BrI-6X6L4p2ZlVm4N-hZoB8lgwuQvqBKtfDMzR-Zvrnfndl6DaDPYL_bws2_S2dlMW8VE-xWY_u0LV5ZYDB-QxjMsxToHIhHU_EfYhTkdNJXhacNyFsjCsBjhQCYwRfyHsKIZBWd8ImfrJS_44SX1LLJ8Q2eQnM9IwnuceXcC2_t3hoyhDc_UvJsGD6nOt7LVic3q_UAsLKit7pinuNGjcmHGGAzMzgkiEod-5SYE7DHPotTYqTpHlyBy36o8hTBARwJxt7xCoN0O28RykgVh2B6b7EpSWrMIJgLdJn_HC7L4MzovMBoHhbuWg71qlKcK16W5jzFDySSA7Vc5pOWDC7grx2fXU5uYO7yQWi7vDvcHbbXRsRwasWiQcmV-H_r0TMD9blHSgZUS8NXwT5WyPAR3ycxyUN9VUPvjZQDk&lptoken=16fb72cb210868a397c1&campid=301795620&zoneid=1041905-1925098581-0&ssp=&vertical=250100000000&externalid=167221509710000TITTV432307609224V53
Frame ID: 264EA367C99C78E9C9EB5A69F008EDAE
Requests: 17 HTTP requests in this frame

Frame: https://gads.tuarong.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1672214400
Frame ID: 0BD0671A302FC743ADBB8CB235FE4E13
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Star Harem

Page URL History Show full URLs

  1. http://photo.mmg4rt5.sbs/I7yIP2G HTTP 302
    https://polo.thegadgetguru.club/?k=4123f996a295663f7e7f12aa20e07876&type=mainstream&subtype=global HTTP 302
    https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
  2. https://monkey.redirectmaster.com/?utm_term=7182109136329375824&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
  3. https://monkey.redirectmaster.com/proc.php?2a9a535786591859009eb2d66b4269dcad51bda7 Page URL
  4. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7182109136329375824&website... Page URL
  5. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7182109136329375824&website... HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7182109136329375824&website... HTTP 302
    https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=330005c6fe7fa60f27645aca7d8fc9bd... HTTP 302
    https://gads.tuarong.com/rc/a91581ead4?affclick=63abfa36cbd3560001b87a96&pubid=503 Page URL
  6. https://track.gositego.live/sl?id=6372315a14cb732daa6b203e&pid=930&sub1=pubb916953093024959b97992ec1647d... HTTP 302
    https://t3.blowingwnd.com/p.php?p=c:8pnojh5wwryg9ycmq&d=61b86bb2caff0c3520644fec&pid=CLICKID&s=SUBID&p... HTTP 302
    https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_930_81b90edf_503 Page URL
  7. https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_930_81b90edf_503... HTTP 302
    https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20= Page URL
  8. https://popmyads.com/gget HTTP 302
    http://pritha-ner.com/0646613510?adTagId=20111650-aa5d-11e6-a4a9-0e855f2e0669&fallbackUrl=https://... HTTP 302
    https://popmyads.com/return/30?clickid=3fafdbb8-8687-11ed-87eb-12006ade57b9 Page URL
  9. https://popmyads.com/returngo/MTY3MjIxNTA5NlFhTEt1WU10SDVvcE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA... HTTP 302
    http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646613510 Page URL
  10. http://www.linkonclick.com/jump/next.php?stamat=m%257C%252CkIhNuYhZrB1dQO0dEdHP3xP.6f4%252CS0kXXHXf2ck-... HTTP 302
    http://www.linkonclick.com/script/i.php?stamat=m%257C%252C%252CgiF6IjdroGU3B5-GH0dEdHP3xP.575%252CVCzTA... HTTP 302
    https://www.gaming-adult.com/29e2c81a-f5c1-4948-8427-0378025457be?campid=301795620&zoneid=1041905-1925098... HTTP 302
    https://mediasama.com/starharem/05/n/?cep=P6I6BBq3sU6W34O5Haye8vkZMVCZ86JrXEodWXzHLLNdW-6rnmSCHCse... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

20
Requests

85 %
HTTPS

29 %
IPv6

17
Domains

18
Subdomains

11
IPs

6
Countries

423 kB
Transfer

497 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://photo.mmg4rt5.sbs/I7yIP2G HTTP 302
    https://polo.thegadgetguru.club/?k=4123f996a295663f7e7f12aa20e07876&type=mainstream&subtype=global HTTP 302
    https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
  2. https://monkey.redirectmaster.com/?utm_term=7182109136329375824&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673 Page URL
  3. https://monkey.redirectmaster.com/proc.php?2a9a535786591859009eb2d66b4269dcad51bda7 Page URL
  4. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7182109136329375824&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673 Page URL
  5. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7182109136329375824&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673&eyeg=49d697dfbda5804942f03a584b901635&eyer=0.46993805250800924&eyei=0&eyew=1600&eyeh=1200&eyetd=222211114232&eyef=https%3A%2F%2Fmonkey.redirectmaster.com%2F HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7182109136329375824&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673&eyeg=3&eyer=0.46993805250800924&eyei=0&eyew=1600&eyeh=1200&eyetd=222211114232&eyef=https%3A%2F%2Fmonkey.redirectmaster.com%2F HTTP 302
    https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=330005c6fe7fa60f27645aca7d8fc9bdad4a11228-202212-flb*5564921-b2be6*M7182109136329375824*sl_5564921-b2be6*027789e52b36691cb8fbddc840ebfb5c82a7aa4b*4400-bd34abaz*4400 HTTP 302
    https://gads.tuarong.com/rc/a91581ead4?affclick=63abfa36cbd3560001b87a96&pubid=503 Page URL
  6. https://track.gositego.live/sl?id=6372315a14cb732daa6b203e&pid=930&sub1=pubb916953093024959b97992ec1647d1b6&sub2=81b90edf_503 HTTP 302
    https://t3.blowingwnd.com/p.php?p=c:8pnojh5wwryg9ycmq&d=61b86bb2caff0c3520644fec&pid=CLICKID&s=SUBID&pid=63abfa378135b700019a16d1&s=930_81b90edf_503 HTTP 302
    https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_930_81b90edf_503 Page URL
  7. https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_930_81b90edf_503&bv=1 HTTP 302
    https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20= Page URL
  8. https://popmyads.com/gget HTTP 302
    http://pritha-ner.com/0646613510?adTagId=20111650-aa5d-11e6-a4a9-0e855f2e0669&fallbackUrl=https://popmyads.com/return/30 HTTP 302
    https://popmyads.com/return/30?clickid=3fafdbb8-8687-11ed-87eb-12006ade57b9 Page URL
  9. https://popmyads.com/returngo/MTY3MjIxNTA5NlFhTEt1WU10SDVvcE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDguMC41MzU5LjEyNCBTYWZhcmkvNTM3LjM2/30/1600x1200/8/4/0 HTTP 302
    http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646613510 Page URL
  10. http://www.linkonclick.com/jump/next.php?stamat=m%257C%252CkIhNuYhZrB1dQO0dEdHP3xP.6f4%252CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM8JUm5HksBtX5-SSJ8vLRk6SqRVfJ-1xxxsprPVVEZ-Gw%252C%252C&cbpage=http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646613510&cbur=0.9787721394427347&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
    http://www.linkonclick.com/script/i.php?stamat=m%257C%252C%252CgiF6IjdroGU3B5-GH0dEdHP3xP.575%252CVCzTABP7h7-9knT59xAYxcF2WH4ZkHWBwl-BAw9bSR5_a6O9ub4NxpoQYksxjCj9FVeKASkW6tdNkHSqScxLzmq9rR1l9LggfT_bRLJwaYgYAnTiK7mVyoxuCnjfIleDGgn2yEeG_xAtPS1KAywOwJZbEwggsR4r88_rXF-U7V3l0hcRRSAEhGs0bKPn2m0O8ndUdGBd5Ym42obTXWFrGA5j_ENkwl4BmhMdqqESHEVq0mRUya4z6ZzQj7nfy6S_1JLSKt0ZJuMMwmxNTlt4KRogfRUHCBZl9fCMeDYS30bCdQe8j5pManPFEMhT0oCTpu2XV1NvH7WRmnMTABsjiiWdDntf5d9suVXtY4m2VAhm0LS578csVC-o6oDBloA7BJOwCzdYR4zfPhshaQYToxTAcWQmd4A13Ghtms4sCKcMDjVDsyxoHO7mucaMLQQAZuKml07F18uyr37vQbDCUg8k0ycnHY-Fakr9uR3Ls0x_dPFdH2WHu2M2sBGycSoqknkNnwNxm2o67W-oEvvdita6AbUt2B1_CYPtVxUjSp2DZQZ5BnQjJCZ__Wzz1wWMO0RBE8Zk_xD5tbGFd8ohRg%252C%252C HTTP 302
    https://www.gaming-adult.com/29e2c81a-f5c1-4948-8427-0378025457be?campid=301795620&zoneid=1041905-1925098581-0&ssp=&vertical=250100000000&externalid=167221509710000TITTV432307609224V53 HTTP 302
    https://mediasama.com/starharem/05/n/?cep=P6I6BBq3sU6W34O5Haye8vkZMVCZ86JrXEodWXzHLLNdW-6rnmSCHCseA6yICVwQYoqvV8w20np4456b9WdYGT4BrI-6X6L4p2ZlVm4N-hZoB8lgwuQvqBKtfDMzR-Zvrnfndl6DaDPYL_bws2_S2dlMW8VE-xWY_u0LV5ZYDB-QxjMsxToHIhHU_EfYhTkdNJXhacNyFsjCsBjhQCYwRfyHsKIZBWd8ImfrJS_44SX1LLJ8Q2eQnM9IwnuceXcC2_t3hoyhDc_UvJsGD6nOt7LVic3q_UAsLKit7pinuNGjcmHGGAzMzgkiEod-5SYE7DHPotTYqTpHlyBy36o8hTBARwJxt7xCoN0O28RykgVh2B6b7EpSWrMIJgLdJn_HC7L4MzovMBoHhbuWg71qlKcK16W5jzFDySSA7Vc5pOWDC7grx2fXU5uYO7yQWi7vDvcHbbXRsRwasWiQcmV-H_r0TMD9blHSgZUS8NXwT5WyPAR3ycxyUN9VUPvjZQDk&lptoken=16fb72cb210868a397c1&campid=301795620&zoneid=1041905-1925098581-0&ssp=&vertical=250100000000&externalid=167221509710000TITTV432307609224V53 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://photo.mmg4rt5.sbs/I7yIP2G HTTP 302
  • https://polo.thegadgetguru.club/?k=4123f996a295663f7e7f12aa20e07876&type=mainstream&subtype=global HTTP 302
  • https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Request Chain 4
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7182109136329375824&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673&eyeg=49d697dfbda5804942f03a584b901635&eyer=0.46993805250800924&eyei=0&eyew=1600&eyeh=1200&eyetd=222211114232&eyef=https%3A%2F%2Fmonkey.redirectmaster.com%2F HTTP 302
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7182109136329375824&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673&eyeg=3&eyer=0.46993805250800924&eyei=0&eyew=1600&eyeh=1200&eyetd=222211114232&eyef=https%3A%2F%2Fmonkey.redirectmaster.com%2F HTTP 302
  • https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=330005c6fe7fa60f27645aca7d8fc9bdad4a11228-202212-flb*5564921-b2be6*M7182109136329375824*sl_5564921-b2be6*027789e52b36691cb8fbddc840ebfb5c82a7aa4b*4400-bd34abaz*4400 HTTP 302
  • https://gads.tuarong.com/rc/a91581ead4?affclick=63abfa36cbd3560001b87a96&pubid=503
Request Chain 8
  • https://track.gositego.live/sl?id=6372315a14cb732daa6b203e&pid=930&sub1=pubb916953093024959b97992ec1647d1b6&sub2=81b90edf_503 HTTP 302
  • https://t3.blowingwnd.com/p.php?p=c:8pnojh5wwryg9ycmq&d=61b86bb2caff0c3520644fec&pid=CLICKID&s=SUBID&pid=63abfa378135b700019a16d1&s=930_81b90edf_503 HTTP 302
  • https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_930_81b90edf_503
Request Chain 10
  • https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_930_81b90edf_503&bv=1 HTTP 302
  • https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
Request Chain 11
  • https://whos.amung.us/swidget/popmyads.png HTTP 307
  • https://widgets.amung.us/draw/?w=small&n=11800&c=ffc20e000000&p=left
Request Chain 12
  • https://popmyads.com/gget HTTP 302
  • http://pritha-ner.com/0646613510?adTagId=20111650-aa5d-11e6-a4a9-0e855f2e0669&fallbackUrl=https://popmyads.com/return/30 HTTP 302
  • https://popmyads.com/return/30?clickid=3fafdbb8-8687-11ed-87eb-12006ade57b9
Request Chain 14
  • https://popmyads.com/returngo/MTY3MjIxNTA5NlFhTEt1WU10SDVvcE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDguMC41MzU5LjEyNCBTYWZhcmkvNTM3LjM2/30/1600x1200/8/4/0 HTTP 302
  • http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646613510

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
monkey.redirectmaster.com/
Redirect Chain
  • http://photo.mmg4rt5.sbs/I7yIP2G
  • https://polo.thegadgetguru.club/?k=4123f996a295663f7e7f12aa20e07876&type=mainstream&subtype=global
  • https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
3 KB
2 KB
Document
General
Full URL
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 28 Dec 2022 08:11:33 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://monkey.redirectmaster.com/?utm_term=7182109136329375824&ver=4viyaptcjo
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.2.0

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Dec 2022 08:11:33 GMT
Location
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Server
nginx/1.16.1 (Ubuntu)
/
monkey.redirectmaster.com/
8 KB
3 KB
Document
General
Full URL
https://monkey.redirectmaster.com/?utm_term=7182109136329375824&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673
Requested by
Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
4be5b952e95dc9a7f7038fcefc730aaf1ae769b1cc4acb3949f45eab765c20cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 28 Dec 2022 08:11:34 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
proc.php
monkey.redirectmaster.com/
3 KB
2 KB
Document
General
Full URL
https://monkey.redirectmaster.com/proc.php?2a9a535786591859009eb2d66b4269dcad51bda7
Requested by
Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_term=7182109136329375824&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://monkey.redirectmaster.com/?utm_term=7182109136329375824&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 28 Dec 2022 08:11:34 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7182109136329375824&website=4400-bd34abaz&placement=4400
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
www.turbotrck.art/
7 KB
7 KB
Document
General
Full URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7182109136329375824&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673
Requested by
Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/proc.php?2a9a535786591859009eb2d66b4269dcad51bda7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.82.147 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://monkey.redirectmaster.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Wed, 28 Dec 2022 08:11:34 GMT
Transfer-Encoding
chunked
a91581ead4
gads.tuarong.com/rc/
Redirect Chain
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7182109136329375824&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858...
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7182109136329375824&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858...
  • https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=330005c6fe7fa60f27645aca7d8fc9bdad4a11228-202212-flb*5564921-b2be6*M7182109136329375824*sl_5564921-b2be6*027789e52b3669...
  • https://gads.tuarong.com/rc/a91581ead4?affclick=63abfa36cbd3560001b87a96&pubid=503
3 KB
2 KB
Document
General
Full URL
https://gads.tuarong.com/rc/a91581ead4?affclick=63abfa36cbd3560001b87a96&pubid=503
Requested by
Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7182109136329375824&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2ef0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
208cbbfc4378f4ad99044af7f00e02d620688f232cb1e7ecc5dc5362ebbb9121

Request headers

Referer
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7182109136329375824&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7808d3776fd259c5-MXP
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Wed, 28 Dec 2022 08:11:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XJp28Xf2tXms%2BHslMQDtbiBQ1IPhOFw2SL6sMWFUN4NhIrAhukwvXyLUGhwVi11MlQJC5sFM8L6TBEFMup2Bodj8VsIUHhNc1ed9QmmSwyUw%2BXB%2BPDgttrKQUj1Qc0CXzLmpKGcuEvazz55P4Kg"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Wed, 28 Dec 2022 08:11:34 GMT
location
https://gads.tuarong.com/rc/a91581ead4?affclick=63abfa36cbd3560001b87a96&pubid=503
server
nginx
x-adjust-use-original-forwarded-for
1
redirect.css
cdn.addlnk.com/
1 KB
1 KB
Stylesheet
General
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: gads.tuarong.com
URL: https://gads.tuarong.com/rc/a91581ead4?affclick=63abfa36cbd3560001b87a96&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4a8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 08:11:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
145A9WDQZ6KZEM5G
age
297
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
oH2Z6AiyurqdqXtt/ggqOVbTiu0x5FocEeAgETB4VZJUiY/cfUS7OAmzQeLuQ3eAJ1yTqJdl/MlMcrXjrywTpA==
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlNLw9Mn77uP1YLiAdY4lfkedRsMUbmM0FainwJZOedsiPoJfsnWBnYPJ4F7B%2FsYT6dp%2FmBI9jqJ7cckILmNR2IePib5MNszpIv4vwr%2FBFIW4Mn9Pk8PRcEbCZUDMVotL8JEBiOO49ExW8XZhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7808d378ac08ba85-MXP
invisible.js
gads.tuarong.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 0BD0
34 KB
14 KB
Script
General
Full URL
https://gads.tuarong.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1672214400
Requested by
Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2ef0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a537168049e4155c3895e8bcf234f33b223add1ecfcd33abc5f87d4e62c3c48

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 08:11:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QejMNh%2B9PkArkQY%2Famlt%2BDaRyKV0ZmbqRVtaOqSS2DDDo0Kufperx4HkgSITYJpv%2BqCGO8ysz0uCnJDluTENpRRyweE6uLNMc8OsD5RvQ3MCcZqaPP9wo7v4DBADqOCK5mbi%2F%2F%2FTL50nTFXxnmJI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7808d378e99459c5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
gads.tuarong.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 0BD0
20 KB
8 KB
Other
General
Full URL
https://gads.tuarong.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:2ef0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a397aca8e20dd88609aee4e4c8ecc9664ba131e4117b98ab9773dd7944e7387

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 08:11:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdHbaLDEV%2Bz4kt%2BKV%2BTI4raIJmvZGSDYvIio0RSMVFItJq%2BU0cPwOQIt6R9Af53bHsN8GPzTlNPJCaULqLQzv8ijp2OA9naoFcetSEkMvhUixknLR6%2FYWr6%2FqvKNBfUpwekNZueYUsWAmx4JvpcW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7808d3791ff459b9-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
f.php
ron.trffclb.com/
Redirect Chain
  • https://track.gositego.live/sl?id=6372315a14cb732daa6b203e&pid=930&sub1=pubb916953093024959b97992ec1647d1b6&sub2=81b90edf_503
  • https://t3.blowingwnd.com/p.php?p=c:8pnojh5wwryg9ycmq&d=61b86bb2caff0c3520644fec&pid=CLICKID&s=SUBID&pid=63abfa378135b700019a16d1&s=930_81b90edf_503
  • https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_930_81b90edf_503
891 B
864 B
Document
General
Full URL
https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_930_81b90edf_503
Requested by
Host: gads.tuarong.com
URL: https://gads.tuarong.com/rc/a91581ead4?affclick=63abfa36cbd3560001b87a96&pubid=503
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.83.143.92 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3155458.ip-51-83-143.eu
Software
nginx /
Resource Hash

Request headers

Referer
https://gads.tuarong.com/rc/a91581ead4?affclick=63abfa36cbd3560001b87a96&pubid=503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Dec 2022 08:11:36 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Dec 2022 08:11:35 GMT
Location
https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_930_81b90edf_503
Raund
xi
Round
1217p3t0dz
Server
nginx
7808d3776fd259c5
gads.tuarong.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 0BD0
2 B
673 B
XHR
General
Full URL
https://gads.tuarong.com/cdn-cgi/challenge-platform/h/g/cv/result/7808d3776fd259c5
Requested by
Host: gads.tuarong.com
URL: https://gads.tuarong.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1672214400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:2ef0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Dec 2022 08:11:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cijBkZGINKMXNOYrQwEBRCccY5bZ9T7uyD9av92joXwkzfobwhFJQCGGcf29IQ8vTNJDFd8SH%2F%2B8NcFfF9enU7IH7m9CLPpBtttsnVxB5IrvykSfOS8R%2FRJwP7IlZBzZSG2lf2f%2BIxtSUB4s%2F7d0"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7808d37b0a8759b9-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
aHR0cDovL3RyYWZmaXgxMy5jb20=
popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/
Redirect Chain
  • https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_930_81b90edf_503&bv=1
  • https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
2 KB
1 KB
Document
General
Full URL
https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
Requested by
Host: ron.trffclb.com
URL: https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_930_81b90edf_503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

Referer
https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_930_81b90edf_503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7808d37f4ec783b8-MXP
content-encoding
br
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=UTF-8
date
Wed, 28 Dec 2022 08:11:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TudwQX5XWEkAuHzeMUoEpji1ugfON3kDv%2FXDIV1x9ya9p7bUKRh3TYg1LbiZqm%2B%2BYRs9nmw7W7J3xh4p7IwHcuS%2Fr%2B9Nq%2BiJ9SFO47TVCdPHX9fT9vGoOEh8z6VCAvw5DQMnWfrX6d2vK1E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
DENY
x-powered-by
PHP/7.1.33

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Dec 2022 08:11:36 GMT
Location
https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
Raund
12uf2w0vxv-2v7
Round
11kgq037yu
Server
nginx
/
widgets.amung.us/draw/
Redirect Chain
  • https://whos.amung.us/swidget/popmyads.png
  • https://widgets.amung.us/draw/?w=small&n=11800&c=ffc20e000000&p=left
357 B
523 B
Image
General
Full URL
https://widgets.amung.us/draw/?w=small&n=11800&c=ffc20e000000&p=left
Protocol
H2
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://popmyads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 08:11:36 GMT
cf-cache-status
HIT
last-modified
Sun, 25 Dec 2022 07:48:44 GMT
server
cloudflare
age
260572
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
7808d380fcdf5a3d-MXP
expires
Mon, 26 Dec 2022 07:48:44 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=small&n=11800&c=ffc20e000000&p=left
date
Wed, 28 Dec 2022 08:11:36 GMT
cache-control
max-age=295
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7808d37ffb585a3d-MXP
content-type
text/html; charset=UTF-8
30
popmyads.com/return/
Redirect Chain
  • https://popmyads.com/gget
  • http://pritha-ner.com/0646613510?adTagId=20111650-aa5d-11e6-a4a9-0e855f2e0669&fallbackUrl=https://popmyads.com/return/30
  • https://popmyads.com/return/30?clickid=3fafdbb8-8687-11ed-87eb-12006ade57b9
1 KB
1 KB
Document
General
Full URL
https://popmyads.com/return/30?clickid=3fafdbb8-8687-11ed-87eb-12006ade57b9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://popmyads.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7808d381fa6483a2-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 28 Dec 2022 08:11:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5cqS93GjaWn%2FkmstiHTpC00HQa1gOyhl5kc3RJTAeQS744FJqDoZZl3nRawEiRF00e4Sg50Xe3ni47V28SCYhATbd5WtHib53vfMbIuBm0uVMVr4oJVAMgR9EEvzJsq6m1mlmOJiM%2FY2u08%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33

Redirect headers

Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Length
0
Date
Wed, 28 Dec 2022 08:11:36 GMT
Location
https://popmyads.com/return/30?clickid=3fafdbb8-8687-11ed-87eb-12006ade57b9
Server
MCgGedrF
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: popmyads.com
URL: https://popmyads.com/return/30?clickid=3fafdbb8-8687-11ed-87eb-12006ade57b9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://popmyads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Dec 2022 07:50:44 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1252
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 28 Dec 2022 09:50:44 GMT
next.php
www.linkonclick.com/jump/
Redirect Chain
  • https://popmyads.com/returngo/MTY3MjIxNTA5NlFhTEt1WU10SDVvcE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDguMC41MzU5LjEyNCB...
  • http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646613510
7 KB
3 KB
Document
General
Full URL
http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646613510
Requested by
Host: popmyads.com
URL: https://popmyads.com/return/30?clickid=3fafdbb8-8687-11ed-87eb-12006ade57b9
Protocol
HTTP/1.1
Server
35.186.193.41 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
41.193.186.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://popmyads.com/return/30?clickid=3fafdbb8-8687-11ed-87eb-12006ade57b9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 28 Dec 2022 08:11:36 GMT
Server
openresty
Transfer-Encoding
chunked
Via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7808d3828b4083a2-MXP
content-type
text/html; charset=UTF-8
date
Wed, 28 Dec 2022 08:11:36 GMT
location
http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646613510
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXgAVWMw1GelD7D1in%2BHVsw9aQTw5MRKT5r4Q4GXtid83DUOt10c4l2JykaQ2rmkdp5DMpBrJIRKo9NKPjK4%2FHBMjiyexN1GAPHppCjw%2Baa5BQOl4gJcPWaD5QogvYHxodLSTyYhih9t9e4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
collect
www.google-analytics.com/j/
0
0

Primary Request /
mediasama.com/starharem/05/n/
Redirect Chain
  • http://www.linkonclick.com/jump/next.php?stamat=m%257C%252CkIhNuYhZrB1dQO0dEdHP3xP.6f4%252CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM8JUm5HksBtX5-SSJ8vLRk6SqRVfJ-1xxxsprPVVEZ-Gw%252C%252C&cbpage=ht...
  • http://www.linkonclick.com/script/i.php?stamat=m%257C%252C%252CgiF6IjdroGU3B5-GH0dEdHP3xP.575%252CVCzTABP7h7-9knT59xAYxcF2WH4ZkHWBwl-BAw9bSR5_a6O9ub4NxpoQYksxjCj9FVeKASkW6tdNkHSqScxLzmq9rR1l9LggfT_...
  • https://www.gaming-adult.com/29e2c81a-f5c1-4948-8427-0378025457be?campid=301795620&zoneid=1041905-1925098581-0&ssp=&vertical=250100000000&externalid=167221509710000TITTV432307609224V53
  • https://mediasama.com/starharem/05/n/?cep=P6I6BBq3sU6W34O5Haye8vkZMVCZ86JrXEodWXzHLLNdW-6rnmSCHCseA6yICVwQYoqvV8w20np4456b9WdYGT4BrI-6X6L4p2ZlVm4N-hZoB8lgwuQvqBKtfDMzR-Zvrnfndl6DaDPYL_bws2_S2dlMW8V...
756 B
681 B
Document
General
Full URL
https://mediasama.com/starharem/05/n/?cep=P6I6BBq3sU6W34O5Haye8vkZMVCZ86JrXEodWXzHLLNdW-6rnmSCHCseA6yICVwQYoqvV8w20np4456b9WdYGT4BrI-6X6L4p2ZlVm4N-hZoB8lgwuQvqBKtfDMzR-Zvrnfndl6DaDPYL_bws2_S2dlMW8VE-xWY_u0LV5ZYDB-QxjMsxToHIhHU_EfYhTkdNJXhacNyFsjCsBjhQCYwRfyHsKIZBWd8ImfrJS_44SX1LLJ8Q2eQnM9IwnuceXcC2_t3hoyhDc_UvJsGD6nOt7LVic3q_UAsLKit7pinuNGjcmHGGAzMzgkiEod-5SYE7DHPotTYqTpHlyBy36o8hTBARwJxt7xCoN0O28RykgVh2B6b7EpSWrMIJgLdJn_HC7L4MzovMBoHhbuWg71qlKcK16W5jzFDySSA7Vc5pOWDC7grx2fXU5uYO7yQWi7vDvcHbbXRsRwasWiQcmV-H_r0TMD9blHSgZUS8NXwT5WyPAR3ycxyUN9VUPvjZQDk&lptoken=16fb72cb210868a397c1&campid=301795620&zoneid=1041905-1925098581-0&ssp=&vertical=250100000000&externalid=167221509710000TITTV432307609224V53
Requested by
Host: www.linkonclick.com
URL: http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646613510
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns536191.ip-144-217-67.net
Software
Apache /
Resource Hash
a4a8b7324551bf0f7a94760c16631ace892ba58578d53e9bd5a68537a71eacf1

Request headers

Referer
http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646613510
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
416
Content-Type
text/html
Date
Wed, 28 Dec 2022 08:11:37 GMT
ETag
"2f4-5dc47f2bf64f2-gzip"
Last-Modified
Sun, 10 Apr 2022 07:40:56 GMT
Server
Apache
Vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Wed, 28 Dec 2022 08:11:37 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://mediasama.com/starharem/05/n/?cep=P6I6BBq3sU6W34O5Haye8vkZMVCZ86JrXEodWXzHLLNdW-6rnmSCHCseA6yICVwQYoqvV8w20np4456b9WdYGT4BrI-6X6L4p2ZlVm4N-hZoB8lgwuQvqBKtfDMzR-Zvrnfndl6DaDPYL_bws2_S2dlMW8VE-xWY_u0LV5ZYDB-QxjMsxToHIhHU_EfYhTkdNJXhacNyFsjCsBjhQCYwRfyHsKIZBWd8ImfrJS_44SX1LLJ8Q2eQnM9IwnuceXcC2_t3hoyhDc_UvJsGD6nOt7LVic3q_UAsLKit7pinuNGjcmHGGAzMzgkiEod-5SYE7DHPotTYqTpHlyBy36o8hTBARwJxt7xCoN0O28RykgVh2B6b7EpSWrMIJgLdJn_HC7L4MzovMBoHhbuWg71qlKcK16W5jzFDySSA7Vc5pOWDC7grx2fXU5uYO7yQWi7vDvcHbbXRsRwasWiQcmV-H_r0TMD9blHSgZUS8NXwT5WyPAR3ycxyUN9VUPvjZQDk&lptoken=16fb72cb210868a397c1&campid=301795620&zoneid=1041905-1925098581-0&ssp=&vertical=250100000000&externalid=167221509710000TITTV432307609224V53
pragma
no-cache
server
nginx
styles.css
mediasama.com/starharem/05/assets/
3 KB
965 B
Stylesheet
General
Full URL
https://mediasama.com/starharem/05/assets/styles.css
Requested by
Host: mediasama.com
URL: https://mediasama.com/starharem/05/n/?cep=P6I6BBq3sU6W34O5Haye8vkZMVCZ86JrXEodWXzHLLNdW-6rnmSCHCseA6yICVwQYoqvV8w20np4456b9WdYGT4BrI-6X6L4p2ZlVm4N-hZoB8lgwuQvqBKtfDMzR-Zvrnfndl6DaDPYL_bws2_S2dlMW8VE-xWY_u0LV5ZYDB-QxjMsxToHIhHU_EfYhTkdNJXhacNyFsjCsBjhQCYwRfyHsKIZBWd8ImfrJS_44SX1LLJ8Q2eQnM9IwnuceXcC2_t3hoyhDc_UvJsGD6nOt7LVic3q_UAsLKit7pinuNGjcmHGGAzMzgkiEod-5SYE7DHPotTYqTpHlyBy36o8hTBARwJxt7xCoN0O28RykgVh2B6b7EpSWrMIJgLdJn_HC7L4MzovMBoHhbuWg71qlKcK16W5jzFDySSA7Vc5pOWDC7grx2fXU5uYO7yQWi7vDvcHbbXRsRwasWiQcmV-H_r0TMD9blHSgZUS8NXwT5WyPAR3ycxyUN9VUPvjZQDk&lptoken=16fb72cb210868a397c1&campid=301795620&zoneid=1041905-1925098581-0&ssp=&vertical=250100000000&externalid=167221509710000TITTV432307609224V53
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns536191.ip-144-217-67.net
Software
Apache /
Resource Hash
1d33808504239e64eace87111ea8a7445a220d3df410d280d541a98bbc1c06df

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://mediasama.com/starharem/05/n/?cep=P6I6BBq3sU6W34O5Haye8vkZMVCZ86JrXEodWXzHLLNdW-6rnmSCHCseA6yICVwQYoqvV8w20np4456b9WdYGT4BrI-6X6L4p2ZlVm4N-hZoB8lgwuQvqBKtfDMzR-Zvrnfndl6DaDPYL_bws2_S2dlMW8VE-xWY_u0LV5ZYDB-QxjMsxToHIhHU_EfYhTkdNJXhacNyFsjCsBjhQCYwRfyHsKIZBWd8ImfrJS_44SX1LLJ8Q2eQnM9IwnuceXcC2_t3hoyhDc_UvJsGD6nOt7LVic3q_UAsLKit7pinuNGjcmHGGAzMzgkiEod-5SYE7DHPotTYqTpHlyBy36o8hTBARwJxt7xCoN0O28RykgVh2B6b7EpSWrMIJgLdJn_HC7L4MzovMBoHhbuWg71qlKcK16W5jzFDySSA7Vc5pOWDC7grx2fXU5uYO7yQWi7vDvcHbbXRsRwasWiQcmV-H_r0TMD9blHSgZUS8NXwT5WyPAR3ycxyUN9VUPvjZQDk&lptoken=16fb72cb210868a397c1&campid=301795620&zoneid=1041905-1925098581-0&ssp=&vertical=250100000000&externalid=167221509710000TITTV432307609224V53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 28 Dec 2022 08:11:37 GMT
Content-Encoding
gzip
Last-Modified
Sun, 10 Apr 2022 07:06:34 GMT
Server
Apache
ETag
"bfa-5dc4777ca581b-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
701
LP32_BUTTON.png
mediasama.com/starharem/05/assets/img/n/
66 KB
66 KB
Image
General
Full URL
https://mediasama.com/starharem/05/assets/img/n/LP32_BUTTON.png
Requested by
Host: mediasama.com
URL: https://mediasama.com/starharem/05/n/?cep=P6I6BBq3sU6W34O5Haye8vkZMVCZ86JrXEodWXzHLLNdW-6rnmSCHCseA6yICVwQYoqvV8w20np4456b9WdYGT4BrI-6X6L4p2ZlVm4N-hZoB8lgwuQvqBKtfDMzR-Zvrnfndl6DaDPYL_bws2_S2dlMW8VE-xWY_u0LV5ZYDB-QxjMsxToHIhHU_EfYhTkdNJXhacNyFsjCsBjhQCYwRfyHsKIZBWd8ImfrJS_44SX1LLJ8Q2eQnM9IwnuceXcC2_t3hoyhDc_UvJsGD6nOt7LVic3q_UAsLKit7pinuNGjcmHGGAzMzgkiEod-5SYE7DHPotTYqTpHlyBy36o8hTBARwJxt7xCoN0O28RykgVh2B6b7EpSWrMIJgLdJn_HC7L4MzovMBoHhbuWg71qlKcK16W5jzFDySSA7Vc5pOWDC7grx2fXU5uYO7yQWi7vDvcHbbXRsRwasWiQcmV-H_r0TMD9blHSgZUS8NXwT5WyPAR3ycxyUN9VUPvjZQDk&lptoken=16fb72cb210868a397c1&campid=301795620&zoneid=1041905-1925098581-0&ssp=&vertical=250100000000&externalid=167221509710000TITTV432307609224V53
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns536191.ip-144-217-67.net
Software
Apache /
Resource Hash
7e9bc017e2eb19ae82618eca8a16d372b96126a299110c78b984285d159fcaee

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://mediasama.com/starharem/05/n/?cep=P6I6BBq3sU6W34O5Haye8vkZMVCZ86JrXEodWXzHLLNdW-6rnmSCHCseA6yICVwQYoqvV8w20np4456b9WdYGT4BrI-6X6L4p2ZlVm4N-hZoB8lgwuQvqBKtfDMzR-Zvrnfndl6DaDPYL_bws2_S2dlMW8VE-xWY_u0LV5ZYDB-QxjMsxToHIhHU_EfYhTkdNJXhacNyFsjCsBjhQCYwRfyHsKIZBWd8ImfrJS_44SX1LLJ8Q2eQnM9IwnuceXcC2_t3hoyhDc_UvJsGD6nOt7LVic3q_UAsLKit7pinuNGjcmHGGAzMzgkiEod-5SYE7DHPotTYqTpHlyBy36o8hTBARwJxt7xCoN0O28RykgVh2B6b7EpSWrMIJgLdJn_HC7L4MzovMBoHhbuWg71qlKcK16W5jzFDySSA7Vc5pOWDC7grx2fXU5uYO7yQWi7vDvcHbbXRsRwasWiQcmV-H_r0TMD9blHSgZUS8NXwT5WyPAR3ycxyUN9VUPvjZQDk&lptoken=16fb72cb210868a397c1&campid=301795620&zoneid=1041905-1925098581-0&ssp=&vertical=250100000000&externalid=167221509710000TITTV432307609224V53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 28 Dec 2022 08:11:38 GMT
Last-Modified
Mon, 11 Apr 2022 09:49:15 GMT
Server
Apache
Accept-Ranges
bytes
ETag
"108b3-5dc5ddb799897"
Content-Length
67763
Content-Type
image/png
LP32_BG.jpg
mediasama.com/starharem/05/assets/img/n/
288 KB
288 KB
Image
General
Full URL
https://mediasama.com/starharem/05/assets/img/n/LP32_BG.jpg
Requested by
Host: mediasama.com
URL: https://mediasama.com/starharem/05/assets/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.217.67.42 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns536191.ip-144-217-67.net
Software
Apache /
Resource Hash
ed83cb6f0787435ac4284c45e2c53b0c6aaddb9cb5365e1778f3a013efeac95a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://mediasama.com/starharem/05/assets/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 28 Dec 2022 08:11:38 GMT
Last-Modified
Mon, 11 Apr 2022 09:49:12 GMT
Server
Apache
Accept-Ranges
bytes
ETag
"47e4c-5dc5ddb4e71b5"
Content-Length
294476
Content-Type
image/jpeg

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=90736903&t=pageview&_s=1&dl=https%3A%2F%2Fpopmyads.com%2Freturn%2F30%3Fclickid%3D3fafdbb8-8687-11ed-87eb-12006ade57b9&ul=en-us&de=UTF-8&dt=PopMyAds%20Redirecting...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=1650725207&gjid=518127092&cid=1151067230.1672215097&tid=UA-43135408-1&_gid=1112659176.1672215097&_r=1&_slc=1&z=921895737

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

10 Cookies

Domain/Path Name / Value
monkey.redirectmaster.com/ Name: u
Value: c7f85c05fa3f90bdf12f7dc243d0ef43
admoustache.go2affise.com/ Name: afclick
Value: 63abfa36cbd3560001b87a96
gads.tuarong.com/ Name: AWSALB
Value: aYlgmfAngLQJb5Q2bg6UKNC/BFmieWyaMcRrUBemDc65H7wMCBbZzMM4cwX+I6FnVYKnIY1TkIbHR6HHBBxw/MrMmDvPC6rGTO21ktcbtn+AhJQomF5lwZu3H6R7
track.gositego.live/ Name: afclick
Value: 63abfa378135b700019a16d1
.tuarong.com/ Name: __cf_bm
Value: t4wtRfYzlKV1XpcnZTXKqsQ6NjIrrf..2pICYLTlAI8-1672215095-0-AR0QiA8IzAUVeSB82QdjVhLjtetY4pptauo3a8yOGMtiPhXjBhxNj7ow/09UQVmG6khCm1jm7Zbau42js+6cXkG+E6ZdXE0yMnLH4eAsoEerTRMbHgdcaPJklNrmUMVX13FEN38jHvt7+IMhkPpFw2c=
.popmyads.com/ Name: _ga
Value: GA1.2.1151067230.1672215097
.popmyads.com/ Name: _gid
Value: GA1.2.1112659176.1672215097
.popmyads.com/ Name: _gat
Value: 1
.www.gaming-adult.com/ Name: 29e2c81a-f5c1-4948-8427-0378025457be-v4
Value: q6ChjHLxpCrMuLnJWI7WKAOZD_KK2_7h-hshAIG4G7Q
.www.gaming-adult.com/ Name: cep-v4
Value: Lnf7dHfQHLI1VBYob0TrX0R6KtmPuVW_abEITIc9HSWRUsRjUw37EDhn2kYWk0wp90hIAV6eaWX-Yh5E-GdBQ5c0cdrOR0WAUGOfqGhGscx7RLI2JeLr9FSdcs0v8be9iXYcTvnAv-W9ORt1C0-gosj84K9r-1MLJV7tNDfSTgwrE5MOtpmht2ox-1FZnbEudVVSV6Jvj3Gn-3kp1zWZl070sI6nL2uqNxKMNluCpiW-Os1hTCq7sMPxqlAEnMQ5esxOhcI5nd_E-ghJEsbfWxEpKFI84LpwNgazw0L3FQfKsUco05fxrzuTS5s6oS_Q4zQiAtdz3M3fbcmsBJERrqePXp4fuc__5FgeehN3kgb6mCbXDBiZ5yLz_NcSuv7sMsOdqyQMMop0e1JJQn2ac6JjwWJ8AzSAikWY4gjcF7txukDmF6nyULzXXJr8WOLZrFSpzhoPcoQ8QJfNG4eJOJkRScidoMdIjCLV3I5LJL5Kt8iN8q9ukDppKj67LuJn

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;