s.viitojkf.com Open in urlscan Pro
31.220.27.135 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://narkiewicziga.pl/
Effective URL:
https://s.viitojkf.com/h/1312/m3pusqperz7fvk5n3kyhk46vw3flnaotzz3uu7kconafqmdvezctzowzsxmxcbjt2bl6qsg3klx42uhuk2m4e562g...
Submission: On October 22 via api (October 22nd 2024, 2:09:49 am UTC) from BE — Scanned from PL

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 4 countries across 6 domains to perform 8 HTTP transactions. The main IP is 31.220.27.135, located in Amsterdam, Netherlands and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is s.viitojkf.com.
TLS certificate: Issued by R11 on October 17th 2024. Valid for: 3 months.

This is the only time s.viitojkf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.155.184.34 185.155.184.34	6898 (AS-6898 C...) (AS-6898 C41.CH SAGL - LUGANO Data Center)
1 1	3.76.71.197 3.76.71.197	16509 (AMAZON-02) (AMAZON-02)
2 2	104.21.94.98 104.21.94.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	31.220.27.135 31.220.27.135	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
8	4

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

narkiewicziga.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.155.184.34 (Switzerland)

ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH)

der.yogamitmyrna.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.76.71.197 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-71-197.eu-central-1.compute.amazonaws.com

e6e388c4.fenrawrye.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.94.98 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ipeky.dc-rotator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssp-dc-trk.dc-rotator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.220.27.135 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.viitojkf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	viitojkf.com s.viitojkf.com	21 KB
2	dc-rotator.com 2 redirects ipeky.dc-rotator.com ssp-dc-trk.dc-rotator.com	4 KB
2	yogamitmyrna.de der.yogamitmyrna.de	63 KB
1	fenrawrye.live 1 redirects e6e388c4.fenrawrye.live	455 B
1	narkiewicziga.pl narkiewicziga.pl	888 B
0	earn.eu Failed cfd.earn.eu Failed
8	6

	Domain	Requested by
3	s.viitojkf.com	der.yogamitmyrna.de s.viitojkf.com
2	der.yogamitmyrna.de	narkiewicziga.pl
1	ssp-dc-trk.dc-rotator.com	1 redirects
1	ipeky.dc-rotator.com	1 redirects
1	e6e388c4.fenrawrye.live	1 redirects
1	narkiewicziga.pl
0	cfd.earn.eu Failed
8	7

This site contains no links.

Subject Issuer	Validity	Valid
narkiewicziga.pl WE1	`2024-10-16` - `2025-01-14`	3 months	crt.sh
der.yogamitmyrna.de E5	`2024-09-29` - `2024-12-28`	3 months	crt.sh
viitojkf.com R11	`2024-10-17` - `2025-01-15`	3 months	crt.sh

This page contains 1 frames:

Frame: https://cfd.earn.eu/?tagtag_uid=d52a8e618bc26cb1e4483a3262fbe730&admitad_uid=d52a8e618bc26cb1e4483a3262fbe730&utm_source=admitad
Frame ID: 4F0954906EE852FE32203B35519D6BE1
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://narkiewicziga.pl/ Page URL
https://der.yogamitmyrna.de/?u=w6gp605&o=q1pkab5&t=narkiewicziga.pl Page URL
https://e6e388c4.fenrawrye.live/pelbbjde/?u=w6gp605&o=q1pkab5&t=narkiewicziga.pl&f=1&sid=t6~iuqgigjud1tvifi4... HTTP 302
https://ipeky.dc-rotator.com/dc?pl=pUDXrZrnZkywHW1RPUuKlQ&cid=c22f50f5-9ee0-458d-bb00-9140fd3fe2f7&sub_id... HTTP 302
https://ssp-dc-trk.dc-rotator.com/trk?s1=QkO94lRa%2B12S59%2BRNxeQXw9ugC%2F522Lf3ZghlvS3GbmSG4D9cKLYvlySCwM%2FG... HTTP 302
https://s.viitojkf.com/h/1312/m3pusqperz7fvk5n3kyhk46vw3flnaotzz3uu7kconafqmdvezctzowzsxmxcbjt2bl6q... Page URL

Page Statistics

8
Requests

75 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

4
IPs

4
Countries

85 kB
Transfer

112 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://narkiewicziga.pl/ Page URL
https://der.yogamitmyrna.de/?u=w6gp605&o=q1pkab5&t=narkiewicziga.pl Page URL
https://e6e388c4.fenrawrye.live/pelbbjde/?u=w6gp605&o=q1pkab5&t=narkiewicziga.pl&f=1&sid=t6~iuqgigjud1tvifi4b3ie4y4h&fp=p8Ntm6bNUxb6DDQ%2FOEwERQ%3D%3D HTTP 302
https://ipeky.dc-rotator.com/dc?pl=pUDXrZrnZkywHW1RPUuKlQ&cid=c22f50f5-9ee0-458d-bb00-9140fd3fe2f7&sub_id=l40873&ccode=PL HTTP 302
https://ssp-dc-trk.dc-rotator.com/trk?s1=QkO94lRa%2B12S59%2BRNxeQXw9ugC%2F522Lf3ZghlvS3GbmSG4D9cKLYvlySCwM%2FGa6TTlw9jYzO0u%2FR1zW%2BzgOtnQCVDLvRBMOcKr6LcfmBM6U8hXwzNN97OH5z04WJT1LgmiwAk564hlDAGvl3rBB1e03MvekyTQiWHcnuwHXDCntk6FTCBeBtibQpL%2FY0cbxmB8wRsdxVodEBBqsmApXFcL6F6Yq23nSdvpcS3UMG4Uy1y9An4T5WTIEyt%2BqbT7P0%2FvrwSFMicEHBR1egf5qn58R34guqHV93c21oqqlfwjflPx%2FvBfWPIQhjXEd922N0Bd1rC7slfUXLfFzEx4Kpm5Xj5RfaWTsS%2Fna3G6mTuvKsQELexrDqkLWLyschwBg5QtKxHw3BfdcuamUkEXRYNEZ9posYvtrBRXqvNtHRTd8RsSSLrrqHEf3mo4s0rFcXOCyWDRmHKWFmOj3v%2BcWGKto1d8Tp%2B7LWsNrt%2BJQ28W5%2BKkJv0BViEYch%2Bt5GIp4l15Tx9MQuapDtUf%2Bu%2FBA%2FtRiDrM4rZsj9TRGN%2F33TJktKbvRbYfkzw1FmKpHl61BjX9jFFTeC0Wcrc5zyiTuaJhBhTF04%2Fp8hNAI02%2FKJAqRzcNddDVVIBCgU%2BL60ogSIGj4GFynilTS0LiuV08XccBZcbV8AekkpdPIwrQ0EfwAWvtQOg9nQr5jkmsxkwxClPX1ZyZtpZ1D5Ja1C2Rs2wsyAkuT7Smn07iZz77AbhoDdlkWBoA8Kz7Nq8amIOBEydEZEEprp%2BX4y0qUlKUBQbHOB8Uf0dOCLLWByUzwoNLFuHnKa8hmG9VAl25yYJkwIiAv%2FWwcTxc00HtY2BqPTvg5%2BbM5PF7t6JGXMVNHFdD1NA7F5oEZOKaqsg0P%2B3qhsTjjZlRl3w7DTDUP7PIAshneQL7E97sEStYr5aF5gBun6O37r0tt2AShGD6oLR5KOJRkdhxIwOaUnZZMim%2BTdbcWTwwu6l1pPIiqR6S82V90T9GrrGJInNoE1wM3Tclj1vUUKK%2Ftr5b5Nmacfhco%2FSVBRedknQK7cfXw1f74mcZ9p%2FF0qFXpASIei6EKnYWfdS2s4M%2BmI%2FF%2FdFezuNf4OrwHR%2FZGkLy0%2FEHFARNRC9T2%2BVXgWv6lOpBTN0ygT5zxpW4IvPfqdFD0rZ5xqNoUx9P8oKtKsfJ5TvGodmROL6LWLC5TSx6SDMGICO%2B1iPDKlY9jXuivw8UxI8lZDB36oUVsAV8HuPVfasflM%2FOevEXhSeidbFGmuR%2Fh1mma%2BnOR2Bjb1F9Onz1ZOvqnQxjmK2AqY%2By9UrmOwF9ISc3iRg%2BL3HyxGHoSTpgX%2BO42jxtPGxCcuhAKTUY2B4KcDKiacuTXbQ1WkN%2Bbnm27RiwgwewD3tiEpLFX15md3RdAujcmhPzGnWgkM9nSrC1jOL%2BtBeUaGRRJvxZLoCIh6%2F2RlaFX0Xy1b3i2ULGSTi6%2FdcLV8%2BD7QIAonj8VaCMzSEZRbEBZ4aJ%2BK4aOGKrV0MgNXFI0uQ%2FXmVcZfc9cpgZSz%2B8oy9pmAIFnArtiRLLmBcfpGrsk88Nf16qexcCJz77jbNrkwLFvXZoskT5FYrzGGoH%2FrMca7SsGFXszgt5CwRTQMoN6ea%2B1%2FzVTKH5KF5xRkcpEh&type=2&brid=fc9ad342b720484d9278a37a3cb2227d&nrid=b043ffa896ef6b5e10c86a8b1d898638 HTTP 302
https://s.viitojkf.com/h/1312/m3pusqperz7fvk5n3kyhk46vw3flnaotzz3uu7kconafqmdvezctzowzsxmxcbjt2bl6qsg3klx42uhuk2m4e562gpzpf6gqyd3mdzactbfmqye7nstlv5hwx6gkzsnslg2fnl4d27om7dmnq6xxdstm3wvobkfxt2ejfnkjyzffrwkrgqorj5cvno6hptdvsnh2qutrxjwepfcsjlewfuh6mtafl27xi6jtllmlqljepi3wng75a4lrulvetrfun5izgsvvt6eois5wjpuhdozvjtmebporvxgwjedwnbewoqttlnyf42ltpzje4wl6pntxs62kmihhy2d4mv54c4ld7j3i7d4h4zd3yqt2w5b2y2m6mwoufakdvj57epfjkorf7id2trs6q5trndtxdkdkit2fzm2nnh7wqs6ykne6e5wh56hm4tkfbz47hieoofrkrb27kjxwmraiieu2g7afunh74sp5rvkymtebyrp2w4gktq2pe4dz3bzmzlh2n7wusxwwuzky6ssb76juxbrullxzk35toos5766n4cijrhal5zbfssq3incugdbmfvtc24kdpycxi2rcpj3uorkxd5frchtjlvzfo423mmxh4a2pb4uhyruhucm7lh6ezs32yqsz6xekxyd3fdundyhbxsj27nfwmax63jfj5resfhett2vv6lcwmfox36r6nblbajaehjkgsqz4eq5bcgabeytskfzbaygfkpj3eieheqkfkibumxa3h4oxkxvpnn4es6ml4wy7ettmozfhes4jwnpgjdwdpfma2ihrzbgu5el6kr7wyuclvewbkppvbhh5dw52ocvawzzvr7qacsdi4wqu2amh2m5fgtf3qn2msygqt7uey===?u=https%3A%2F%2Fgrfpr.com%2Fg%2Foee73ry1x800cefa0dfd47526a8cb9%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://narkiewicziga.pl/favicon.ico HTTP 0
http://narkiewicziga.pl/favicon.svg

Request Chain 5

https://grfpr.com/g/oee73ry1x800cefa0dfd47526a8cb9/ HTTP 302
https://cfd.earn.eu/?tagtag_uid=d52a8e618bc26cb1e4483a3262fbe730&admitad_uid=d52a8e618bc26cb1e4483a3262fbe730&utm_source=admitad

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	/ Show response narkiewicziga.pl/	279 B 888 B	113ms 72ms	Document text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://narkiewicziga.pl/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ae7d4904da024c677c340ddf4a9850a391f4ddf60636ecc88259ea3815ae91e7` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8d65f26e8cabbf23-WAW content-encoding zstd content-type text/html; charset=UTF-8 date Tue, 22 Oct 2024 02:09:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sqFGPemHRbC5wefSUvOHneFVZfkLFWaVQkwmnnlLcb2AuBYMMpIjpUyuUlbUJK%2BmDG8rbtSSHPOL9wOhLlqrmpo%2FQ6DWfk2dOWF4glJZDTbkIVchLdHwgTWbbmd15tkJB49u"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=24217&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4162&recv_bytes=4445&delivery_rate=24438&cwnd=12000&unsent_bytes=0&cid=ed5975295c104383&ts=79&x=1" cfExtPri cfHdrFlush;dur=0 vary accept-encoding
GET		favicon.svg narkiewicziga.pl/ Redirect Chain https://narkiewicziga.pl/favicon.ico http://narkiewicziga.pl/favicon.svg	0 0

GET H/1.1	200 OK	/ Show response der.yogamitmyrna.de/	62 KB 63 KB	220ms 65ms	Document text/html	185.155.184.34 LUGANO Data Center
General Check archive.org Show headers Download Go to Full URL https://der.yogamitmyrna.de/?u=w6gp605&o=q1pkab5&t=narkiewicziga.pl Requested by Host: narkiewicziga.pl URL: https://narkiewicziga.pl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305 Server 185.155.184.34 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH), Reverse DNS Software openresty / Resource Hash `1d767403b29ddea4c307850996f67ea5cf25b038eef2a2c0d36c4f7abf6a606e` Request headers Referer https://narkiewicziga.pl/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers Cache-Control no-transform Connection keep-alive Content-Length 63806 Content-Type text/html Date Tue, 22 Oct 2024 02:09:46 GMT Server openresty cache-control private
GET H/1.1	204 No Content	favicon.ico der.yogamitmyrna.de/	0 136 B	56ms 55ms	Other text/plain	185.155.184.34 LUGANO Data Center
General Check archive.org Show headers Download Go to Full URL https://der.yogamitmyrna.de/favicon.ico Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305 Server 185.155.184.34 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH), Reverse DNS Software openresty / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://der.yogamitmyrna.de/?u=w6gp605&o=q1pkab5&t=narkiewicziga.pl Response headers Cache-Control no-transform Date Tue, 22 Oct 2024 02:09:46 GMT Server openresty Connection keep-alive
GET H2	200	Primary Request m3pusqperz7fvk5n3kyhk46vw3flnaotzz3uu7kconafqmdvezctzowzsxmxcbjt2bl6qsg3klx42uhuk2m4e562gpzpf6gqyd3mdzactbfmqye7nstlv5hwx6gkzsnslg2fnl4d27om7dmnq6xxdstm3wvobkfxt2ejfnkjyzffrwkrgqorj5cvno6hptdvsnh2q... Show response s.viitojkf.com/h/1312/ Redirect Chain https://e6e388c4.fenrawrye.live/pelbbjde/?u=w6gp605&o=q1pkab5&t=narkiewicziga.pl&f=1&sid=t6~iuqgigjud1tvifi4b3ie4y4h&fp=p8Ntm6bNUxb6DDQ%2FOEwERQ%3D%3D https://ipeky.dc-rotator.com/dc?pl=pUDXrZrnZkywHW1RPUuKlQ&cid=c22f50f5-9ee0-458d-bb00-9140fd3fe2f7&sub_id=l40873&ccode=PL https://ssp-dc-trk.dc-rotator.com/trk?s1=QkO94lRa%2B12S59%2BRNxeQXw9ugC%2F522Lf3ZghlvS3GbmSG4D9cKLYvlySCwM%2FGa6TTlw9jYzO0u%2FR1zW%2BzgOtnQCVDLvRBMOcKr6LcfmBM6U8hXwzNN97OH5z04WJT1LgmiwAk564hlDAGvl3... https://s.viitojkf.com/h/1312/m3pusqperz7fvk5n3kyhk46vw3flnaotzz3uu7kconafqmdvezctzowzsxmxcbjt2bl6qsg3klx42uhuk2m4e562gpzpf6gqyd3mdzactbfmqye7nstlv5hwx6gkzsnslg2fnl4d27om7dmnq6xxdstm3wvobkfxt2ejfnk...	50 KB 21 KB	314ms 91ms	Document text/html	31.220.27.135 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://s.viitojkf.com/h/1312/m3pusqperz7fvk5n3kyhk46vw3flnaotzz3uu7kconafqmdvezctzowzsxmxcbjt2bl6qsg3klx42uhuk2m4e562gpzpf6gqyd3mdzactbfmqye7nstlv5hwx6gkzsnslg2fnl4d27om7dmnq6xxdstm3wvobkfxt2ejfnkjyzffrwkrgqorj5cvno6hptdvsnh2qutrxjwepfcsjlewfuh6mtafl27xi6jtllmlqljepi3wng75a4lrulvetrfun5izgsvvt6eois5wjpuhdozvjtmebporvxgwjedwnbewoqttlnyf42ltpzje4wl6pntxs62kmihhy2d4mv54c4ld7j3i7d4h4zd3yqt2w5b2y2m6mwoufakdvj57epfjkorf7id2trs6q5trndtxdkdkit2fzm2nnh7wqs6ykne6e5wh56hm4tkfbz47hieoofrkrb27kjxwmraiieu2g7afunh74sp5rvkymtebyrp2w4gktq2pe4dz3bzmzlh2n7wusxwwuzky6ssb76juxbrullxzk35toos5766n4cijrhal5zbfssq3incugdbmfvtc24kdpycxi2rcpj3uorkxd5frchtjlvzfo423mmxh4a2pb4uhyruhucm7lh6ezs32yqsz6xekxyd3fdundyhbxsj27nfwmax63jfj5resfhett2vv6lcwmfox36r6nblbajaehjkgsqz4eq5bcgabeytskfzbaygfkpj3eieheqkfkibumxa3h4oxkxvpnn4es6ml4wy7ettmozfhes4jwnpgjdwdpfma2ihrzbgu5el6kr7wyuclvewbkppvbhh5dw52ocvawzzvr7qacsdi4wqu2amh2m5fgtf3qn2msygqt7uey===?u=https%3A%2F%2Fgrfpr.com%2Fg%2Foee73ry1x800cefa0dfd47526a8cb9%2F Requested by Host: der.yogamitmyrna.de URL: https://der.yogamitmyrna.de/?u=w6gp605&o=q1pkab5&t=narkiewicziga.pl Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.220.27.135 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.23.2 / Resource Hash `d10b6b2ddb76b001207b8547c7d80c7ba0b49e2384475ab9e16f9ebb778750fa` Request headers Referer https://der.yogamitmyrna.de/?u=w6gp605&o=q1pkab5&t=narkiewicziga.pl Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ch Width, Viewport-Width, DPR, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version cache-control no-store content-encoding gzip content-type text/html; charset=utf-8 date Tue, 22 Oct 2024 02:09:47 GMT server nginx/1.23.2 vary Accept-Encoding Redirect headers accept-ch Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control max-age=0, no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 8d65f27fddd9b18b-WAW content-length 0 date Tue, 22 Oct 2024 02:09:47 GMT location https://s.viitojkf.com/h/1312/m3pusqperz7fvk5n3kyhk46vw3flnaotzz3uu7kconafqmdvezctzowzsxmxcbjt2bl6qsg3klx42uhuk2m4e562gpzpf6gqyd3mdzactbfmqye7nstlv5hwx6gkzsnslg2fnl4d27om7dmnq6xxdstm3wvobkfxt2ejfnkjyzffrwkrgqorj5cvno6hptdvsnh2qutrxjwepfcsjlewfuh6mtafl27xi6jtllmlqljepi3wng75a4lrulvetrfun5izgsvvt6eois5wjpuhdozvjtmebporvxgwjedwnbewoqttlnyf42ltpzje4wl6pntxs62kmihhy2d4mv54c4ld7j3i7d4h4zd3yqt2w5b2y2m6mwoufakdvj57epfjkorf7id2trs6q5trndtxdkdkit2fzm2nnh7wqs6ykne6e5wh56hm4tkfbz47hieoofrkrb27kjxwmraiieu2g7afunh74sp5rvkymtebyrp2w4gktq2pe4dz3bzmzlh2n7wusxwwuzky6ssb76juxbrullxzk35toos5766n4cijrhal5zbfssq3incugdbmfvtc24kdpycxi2rcpj3uorkxd5frchtjlvzfo423mmxh4a2pb4uhyruhucm7lh6ezs32yqsz6xekxyd3fdundyhbxsj27nfwmax63jfj5resfhett2vv6lcwmfox36r6nblbajaehjkgsqz4eq5bcgabeytskfzbaygfkpj3eieheqkfkibumxa3h4oxkxvpnn4es6ml4wy7ettmozfhes4jwnpgjdwdpfma2ihrzbgu5el6kr7wyuclvewbkppvbhh5dw52ocvawzzvr7qacsdi4wqu2amh2m5fgtf3qn2msygqt7uey===?u=https%3A%2F%2Fgrfpr.com%2Fg%2Foee73ry1x800cefa0dfd47526a8cb9%2F nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i referrer-policy no-referrer report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CuUdWh9uIKUsUhbICT09uN327CkDrn9aEfCOr4i%2BTA1ULq7yFF7RfKo%2BW4%2BLDZfQ33%2FZhlDgyKRgNs%2F8VCvHjlDwTpn%2BM%2FmKmIDWKm8Jqp1NTU0fI4NYmsOXNbtOES5bgj8OpMh0aJd8LcwD"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=24304&sent=15&recv=13&lost=0&retrans=0&sent_bytes=6544&recv_bytes=6473&delivery_rate=98507&cwnd=12000&unsent_bytes=0&cid=73c0092f3fffecd1&ts=958&x=1" cfExtPri cfHdrFlush;dur=0
POST H2	200	index s.viitojkf.com/cnt/api/	0 223 B	51ms 49ms	Ping application/json	31.220.27.135 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://s.viitojkf.com/cnt/api/index Requested by Host: s.viitojkf.com URL: https://s.viitojkf.com/h/1312/m3pusqperz7fvk5n3kyhk46vw3flnaotzz3uu7kconafqmdvezctzowzsxmxcbjt2bl6qsg3klx42uhuk2m4e562gpzpf6gqyd3mdzactbfmqye7nstlv5hwx6gkzsnslg2fnl4d27om7dmnq6xxdstm3wvobkfxt2ejfnkjyzffrwkrgqorj5cvno6hptdvsnh2qutrxjwepfcsjlewfuh6mtafl27xi6jtllmlqljepi3wng75a4lrulvetrfun5izgsvvt6eois5wjpuhdozvjtmebporvxgwjedwnbewoqttlnyf42ltpzje4wl6pntxs62kmihhy2d4mv54c4ld7j3i7d4h4zd3yqt2w5b2y2m6mwoufakdvj57epfjkorf7id2trs6q5trndtxdkdkit2fzm2nnh7wqs6ykne6e5wh56hm4tkfbz47hieoofrkrb27kjxwmraiieu2g7afunh74sp5rvkymtebyrp2w4gktq2pe4dz3bzmzlh2n7wusxwwuzky6ssb76juxbrullxzk35toos5766n4cijrhal5zbfssq3incugdbmfvtc24kdpycxi2rcpj3uorkxd5frchtjlvzfo423mmxh4a2pb4uhyruhucm7lh6ezs32yqsz6xekxyd3fdundyhbxsj27nfwmax63jfj5resfhett2vv6lcwmfox36r6nblbajaehjkgsqz4eq5bcgabeytskfzbaygfkpj3eieheqkfkibumxa3h4oxkxvpnn4es6ml4wy7ettmozfhes4jwnpgjdwdpfma2ihrzbgu5el6kr7wyuclvewbkppvbhh5dw52ocvawzzvr7qacsdi4wqu2amh2m5fgtf3qn2msygqt7uey===?u=https%3A%2F%2Fgrfpr.com%2Fg%2Foee73ry1x800cefa0dfd47526a8cb9%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.220.27.135 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.23.2 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers viewport-width 1600 dpr 1 Referer https://s.viitojkf.com/h/1312/m3pusqperz7fvk5n3kyhk46vw3flnaotzz3uu7kconafqmdvezctzowzsxmxcbjt2bl6qsg3klx42uhuk2m4e562gpzpf6gqyd3mdzactbfmqye7nstlv5hwx6gkzsnslg2fnl4d27om7dmnq6xxdstm3wvobkfxt2ejfnkjyzffrwkrgqorj5cvno6hptdvsnh2qutrxjwepfcsjlewfuh6mtafl27xi6jtllmlqljepi3wng75a4lrulvetrfun5izgsvvt6eois5wjpuhdozvjtmebporvxgwjedwnbewoqttlnyf42ltpzje4wl6pntxs62kmihhy2d4mv54c4ld7j3i7d4h4zd3yqt2w5b2y2m6mwoufakdvj57epfjkorf7id2trs6q5trndtxdkdkit2fzm2nnh7wqs6ykne6e5wh56hm4tkfbz47hieoofrkrb27kjxwmraiieu2g7afunh74sp5rvkymtebyrp2w4gktq2pe4dz3bzmzlh2n7wusxwwuzky6ssb76juxbrullxzk35toos5766n4cijrhal5zbfssq3incugdbmfvtc24kdpycxi2rcpj3uorkxd5frchtjlvzfo423mmxh4a2pb4uhyruhucm7lh6ezs32yqsz6xekxyd3fdundyhbxsj27nfwmax63jfj5resfhett2vv6lcwmfox36r6nblbajaehjkgsqz4eq5bcgabeytskfzbaygfkpj3eieheqkfkibumxa3h4oxkxvpnn4es6ml4wy7ettmozfhes4jwnpgjdwdpfma2ihrzbgu5el6kr7wyuclvewbkppvbhh5dw52ocvawzzvr7qacsdi4wqu2amh2m5fgtf3qn2msygqt7uey===?u=https%3A%2F%2Fgrfpr.com%2Fg%2Foee73ry1x800cefa0dfd47526a8cb9%2F User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 device-memory 8 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://s.viitojkf.com content-length 0 date Tue, 22 Oct 2024 02:09:48 GMT content-type application/json server nginx/1.23.2 access-control-allow-headers X-Requested-With, Cache-Control, Content-Type
GET		/ cfd.earn.eu/ Redirect Chain https://grfpr.com/g/oee73ry1x800cefa0dfd47526a8cb9/ https://cfd.earn.eu/?tagtag_uid=d52a8e618bc26cb1e4483a3262fbe730&admitad_uid=d52a8e618bc26cb1e4483a3262fbe730&utm_source=admitad	0 0

GET H2	204	favicon.ico s.viitojkf.com/	0 45 B	46ms 46ms	Other text/plain	31.220.27.135 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://s.viitojkf.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.220.27.135 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.23.2 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers viewport-width 1600 dpr 1 Referer https://s.viitojkf.com/h/1312/m3pusqperz7fvk5n3kyhk46vw3flnaotzz3uu7kconafqmdvezctzowzsxmxcbjt2bl6qsg3klx42uhuk2m4e562gpzpf6gqyd3mdzactbfmqye7nstlv5hwx6gkzsnslg2fnl4d27om7dmnq6xxdstm3wvobkfxt2ejfnkjyzffrwkrgqorj5cvno6hptdvsnh2qutrxjwepfcsjlewfuh6mtafl27xi6jtllmlqljepi3wng75a4lrulvetrfun5izgsvvt6eois5wjpuhdozvjtmebporvxgwjedwnbewoqttlnyf42ltpzje4wl6pntxs62kmihhy2d4mv54c4ld7j3i7d4h4zd3yqt2w5b2y2m6mwoufakdvj57epfjkorf7id2trs6q5trndtxdkdkit2fzm2nnh7wqs6ykne6e5wh56hm4tkfbz47hieoofrkrb27kjxwmraiieu2g7afunh74sp5rvkymtebyrp2w4gktq2pe4dz3bzmzlh2n7wusxwwuzky6ssb76juxbrullxzk35toos5766n4cijrhal5zbfssq3incugdbmfvtc24kdpycxi2rcpj3uorkxd5frchtjlvzfo423mmxh4a2pb4uhyruhucm7lh6ezs32yqsz6xekxyd3fdundyhbxsj27nfwmax63jfj5resfhett2vv6lcwmfox36r6nblbajaehjkgsqz4eq5bcgabeytskfzbaygfkpj3eieheqkfkibumxa3h4oxkxvpnn4es6ml4wy7ettmozfhes4jwnpgjdwdpfma2ihrzbgu5el6kr7wyuclvewbkppvbhh5dw52ocvawzzvr7qacsdi4wqu2amh2m5fgtf3qn2msygqt7uey===?u=https%3A%2F%2Fgrfpr.com%2Fg%2Foee73ry1x800cefa0dfd47526a8cb9%2F User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 device-memory 8 Response headers date Tue, 22 Oct 2024 02:09:48 GMT server nginx/1.23.2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: narkiewicziga.pl
URL: http://narkiewicziga.pl/favicon.svg

Domain: cfd.earn.eu
URL: https://cfd.earn.eu/?tagtag_uid=d52a8e618bc26cb1e4483a3262fbe730&admitad_uid=d52a8e618bc26cb1e4483a3262fbe730&utm_source=admitad

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| initb145b4849 object| kmnr object| m951

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
der.yogamitmyrna.de/	1969-12-31 23:59:59	Name: sid Value: t6~iuqgigjud1tvifi4b3ie4y4h
.der.yogamitmyrna.de/	1970-01-21 00:27:29	Name: cookie1 Value: true
der.yogamitmyrna.de/	1969-12-31 23:59:59	Name: p1 Value: https://fenrawrye.live/pelbbjde/
der.yogamitmyrna.de/	1969-12-31 23:59:59	Name: s1 Value: wyxriesmxqo1aena
.e6e388c4.fenrawrye.live/	1970-01-21 00:27:29	Name: cookie1 Value: true
ipeky.dc-rotator.com/	1970-01-21 10:02:02	Name: __dcu Value: 4afe0e30-392f-4605-9cf9-89573e7b8bb4

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://narkiewicziga.pl/ Message: Mixed Content: The page at 'https://narkiewicziga.pl/' was loaded over HTTPS, but requested an insecure favicon 'http://narkiewicziga.pl/favicon.svg'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://s.viitojkf.com/h/1312/m3pusqperz7fvk5n3kyhk46vw3flnaotzz3uu7kconafqmdvezctzowzsxmxcbjt2bl6qsg3klx42uhuk2m4e562gpzpf6gqyd3mdzactbfmqye7nstlv5hwx6gkzsnslg2fnl4d27om7dmnq6xxdstm3wvobkfxt2ejfnkjyzffrwkrgqorj5cvno6hptdvsnh2qutrxjwepfcsjlewfuh6mtafl27xi6jtllmlqljepi3wng75a4lrulvetrfun5izgsvvt6eois5wjpuhdozvjtmebporvxgwjedwnbewoqttlnyf42ltpzje4wl6pntxs62kmihhy2d4mv54c4ld7j3i7d4h4zd3yqt2w5b2y2m6mwoufakdvj57epfjkorf7id2trs6q5trndtxdkdkit2fzm2nnh7wqs6ykne6e5wh56hm4tkfbz47hieoofrkrb27kjxwmraiieu2g7afunh74sp5rvkymtebyrp2w4gktq2pe4dz3bzmzlh2n7wusxwwuzky6ssb76juxbrullxzk35toos5766n4cijrhal5zbfssq3incugdbmfvtc24kdpycxi2rcpj3uorkxd5frchtjlvzfo423mmxh4a2pb4uhyruhucm7lh6ezs32yqsz6xekxyd3fdundyhbxsj27nfwmax63jfj5resfhett2vv6lcwmfox36r6nblbajaehjkgsqz4eq5bcgabeytskfzbaygfkpj3eieheqkfkibumxa3h4oxkxvpnn4es6ml4wy7ettmozfhes4jwnpgjdwdpfma2ihrzbgu5el6kr7wyuclvewbkppvbhh5dw52ocvawzzvr7qacsdi4wqu2amh2m5fgtf3qn2msygqt7uey===?u=https%3A%2F%2Fgrfpr.com%2Fg%2Foee73ry1x800cefa0dfd47526a8cb9%2F(Line 12) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cfd.earn.eu
der.yogamitmyrna.de
e6e388c4.fenrawrye.live
ipeky.dc-rotator.com
narkiewicziga.pl
s.viitojkf.com
ssp-dc-trk.dc-rotator.com
cfd.earn.eu
narkiewicziga.pl
104.21.94.98
185.155.184.34
188.114.97.3
3.76.71.197
31.220.27.135
1d767403b29ddea4c307850996f67ea5cf25b038eef2a2c0d36c4f7abf6a606e
ae7d4904da024c677c340ddf4a9850a391f4ddf60636ecc88259ea3815ae91e7
d10b6b2ddb76b001207b8547c7d80c7ba0b49e2384475ab9e16f9ebb778750fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

s.viitojkf.com Open in urlscan Pro 31.220.27.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

8 Requests

75 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

4 IPs

4 Countries

85 kBTransfer

112 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

6 Cookies

2 Console Messages

Indicators

s.viitojkf.com Open in urlscan Pro
31.220.27.135 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

75 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

4
IPs

4
Countries

85 kB
Transfer

112 kB
Size

6
Cookies

8 HTTP transactions
0 data transactions