urlscan.io logo urlscan.io
SecurityTrails logo

adslivetraining.com Open in urlscan Pro
2606:4700:3037::ac43:9a93  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/3jUSvzCi6g
Effective URL: https://adslivetraining.com/u-o_rzrmOTR_wbia_SJlAeGMAintKDGgQHVqBGifq4k/?clck=166144428410000TDETV436448888384Vbf&sid=104190...
Submission: On August 25 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 17 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3037::ac43:9a93, located in United States and belongs to CLOUDFLARENET, US. The main domain is adslivetraining.com. The Cisco Umbrella rank of the primary domain is 418715.
TLS certificate: Issued by E1 on July 1st 2022. Valid for: 3 months.
This is the only time adslivetraining.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.69 13414 (TWITTER)
1 1 107.181.160.9 204957 (GREENFLOI...)
1 207.99.40.82 8001 (COLOGIX)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 65.60.58.179 32475 (SINGLEHOP...)
2 3 51.68.81.31 16276 (OVH)
1 1 34.90.46.36 396982 (GOOGLE-CL...)
1 1 51.161.115.163 16276 (OVH)
1 2 51.83.143.92 16276 (OVH)
1 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 3 35.186.193.41 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 172.67.26.25 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 172.67.199.13 13335 (CLOUDFLAR...)
21 15
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    107.181.160.9 (Los Angeles, United States)

ASN204957 (GREENFLOID-AS, US)
PTR: rsauae.com
rsauae.com
1    207.99.40.82 (Hoboken, United States)

ASN8001 (COLOGIX, US)
astonishedsound.com
4    2606:4700:3032::6815:1cae (United States)

ASN13335 (CLOUDFLARENET, US)
lynku.jukminung.com
1    2606:4700:3030::ac43:bfdd (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
3    65.60.58.179 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
otto.sherlowcke.com
3    51.68.81.31 (France)

ASN16276 (OVH, FR)
www.offermyvist.com
1    34.90.46.36 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.46.90.34.bc.googleusercontent.com
admoustache.go2affise.com
1    51.161.115.163 (Canada)

ASN16276 (OVH, FR)
PTR: ns572483.ip-51-161-115.net
t2.blowingwnd.com
2    51.83.143.92 (France)

ASN16276 (OVH, FR)
PTR: ns3155458.ip-51-83-143.eu
pollo.trffcsource.com
2    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
popmyads.com
3    35.186.193.41 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 41.193.186.35.bc.googleusercontent.com
www.linkonclick.com
1    2606:4700:3037::ac43:9a93 (United States)

ASN13335 (CLOUDFLARENET, US)
adslivetraining.com
1    172.67.26.25 (United States)

ASN13335 (CLOUDFLARENET, US)
feed.r-tb.com
1    2606:4700:20::ac43:4809 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.ocmhood.com
2    2606:4700:20::681a:6e4 (United States)

ASN13335 (CLOUDFLARENET, US)
t.ocmhood.com
1    172.67.199.13 (United States)

ASN13335 (CLOUDFLARENET, US)
t.c-rtb.com
Apex Domain
Subdomains		 Transfer
4 jukminung.com
lynku.jukminung.com
24 KB
3 ocmhood.com
cdn.ocmhood.com — Cisco Umbrella Rank: 24874
t.ocmhood.com — Cisco Umbrella Rank: 9189
12 KB
3 linkonclick.com
www.linkonclick.com — Cisco Umbrella Rank: 278566
4 KB
3 offermyvist.com
www.offermyvist.com
6 KB
3 sherlowcke.com
otto.sherlowcke.com
7 KB
2 popmyads.com
popmyads.com — Cisco Umbrella Rank: 262869
2 KB
2 trffcsource.com
pollo.trffcsource.com
1 KB
1 c-rtb.com
t.c-rtb.com
1 r-tb.com
feed.r-tb.com — Cisco Umbrella Rank: 89208
1 KB
1 adslivetraining.com
adslivetraining.com — Cisco Umbrella Rank: 418715
73 KB
1 blowingwnd.com
t2.blowingwnd.com
293 B
1 go2affise.com
admoustache.go2affise.com — Cisco Umbrella Rank: 368153
236 B
1 addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 350326
1 KB
1 astonishedsound.com
astonishedsound.com
450 B
1 rsauae.com
rsauae.com
267 B
1 t.co
t.co — Cisco Umbrella Rank: 489
615 B
0 amung.us Failed
whos.amung.us Failed
21 17
Domain Requested by
4 lynku.jukminung.com astonishedsound.com
t.co
lynku.jukminung.com
3 www.linkonclick.com 2 redirects
3 www.offermyvist.com 2 redirects otto.sherlowcke.com
3 otto.sherlowcke.com lynku.jukminung.com
otto.sherlowcke.com
2 t.ocmhood.com cdn.ocmhood.com
2 popmyads.com 1 redirects pollo.trffcsource.com
2 pollo.trffcsource.com 1 redirects www.offermyvist.com
1 t.c-rtb.com adslivetraining.com
1 cdn.ocmhood.com adslivetraining.com
1 feed.r-tb.com adslivetraining.com
1 adslivetraining.com www.linkonclick.com
1 t2.blowingwnd.com 1 redirects
1 admoustache.go2affise.com 1 redirects
1 cdn.addlnk.com lynku.jukminung.com
1 astonishedsound.com t.co
1 rsauae.com 1 redirects
1 t.co
0 whos.amung.us Failed popmyads.com
21 18

This site contains no links.

Subject Issuer Validity Valid
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
astonishedsound.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-13 -
2023-07-12		 a year crt.sh
*.jukminung.com
E1		 2022-07-20 -
2022-10-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-15 -
2023-05-15		 a year crt.sh
otto.sherlowcke.com
R3		 2022-07-05 -
2022-10-03		 3 months crt.sh
www.offermyvist.com
R3		 2022-07-03 -
2022-10-01		 3 months crt.sh
lone-star.landingtrack.com
R3		 2022-08-03 -
2022-11-01		 3 months crt.sh
*.adslivetraining.com
E1		 2022-07-01 -
2022-09-29		 3 months crt.sh
ocmhood.com
Cloudflare Inc ECC CA-3		 2022-05-04 -
2023-05-04		 a year crt.sh
*.c-rtb.com
GTS CA 1P5		 2022-08-25 -
2022-11-23		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://adslivetraining.com/u-o_rzrmOTR_wbia_SJlAeGMAintKDGgQHVqBGifq4k/?clck=166144428410000TDETV436448888384Vbf&sid=1041905-329088980-0
Frame ID: CCCC55DF8F1F54118196AFD273DD5C73
Requests: 22 HTTP requests in this frame

Frame: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661443200
Frame ID: 87AD541CA7E96AEE57D1A9C0521900ED
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ich bin kein Roboter

Page URL History Show full URLs

  1. https://t.co/3jUSvzCi6g Page URL
  2. http://rsauae.com/file.html?cbbbbcccnttYcxDmfcdc9kcpc5yMxckzFcbbbbc HTTP 302
    https://astonishedsound.com/176153e83857879f800/2_20002_2620647/1567_1447470_3709282_11/1_217-64-151-6 Page URL
  3. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1281661920&pubid=690061 Page URL
  4. https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream... Page URL
  5. https://otto.sherlowcke.com/?utm_term=7135848855332978733&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
  6. https://otto.sherlowcke.com/proc.php?2f7509eef428646c359d962d5c33fc15739c69db Page URL
  7. https://www.offermyvist.com/?sl=5533050-eafc0&data1=Track1&data2=Track2&tag=M7135848855332978733&website... Page URL
  8. https://www.offermyvist.com/?sl=5533050-eafc0&data1=Track1&data2=Track2&tag=M7135848855332978733&website... HTTP 302
    https://www.offermyvist.com/?sl=5533050-eafc0&data1=Track1&data2=Track2&tag=M7135848855332978733&website... HTTP 302
    https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000a28d15ad732c27ef91b94ddb424... HTTP 302
    https://t2.blowingwnd.com/l.php?p=c:o6450ylcdnn31butk&d=624e9ea3e8e2a8163b65d246&pid=6307a0bbaf6d97000... HTTP 302
    https://pollo.trffcsource.com/p.php?p=c:9qopki6xy15aicnnk&d=603611c5b7eaf46891533240&s=ys-503 Page URL
  9. https://pollo.trffcsource.com/p.php?p=c:9qopki6xy15aicnnk&d=603611c5b7eaf46891533240&s=ys-503&bv=1 HTTP 302
    https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20= Page URL
  10. https://popmyads.com/gget HTTP 302
    http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646613250 Page URL
  11. http://www.linkonclick.com/jump/next.php?stamat=m%257C%252Cso2fvI2MqB1dQO0dEdHP3xP.ff6%252CS0kXXHXf2ck-... HTTP 302
    http://www.linkonclick.com/script/i.php?stamat=m%257C%252C%252Cg3M6YjZjtGU3BJ-GH0dEdHP3xP.70b%252Cu6aEk... HTTP 302
    https://adslivetraining.com/u-o_rzrmOTR_wbia_SJlAeGMAintKDGgQHVqBGifq4k/?clck=166144428410000TDETV436448... Page URL

Page Statistics

21
Requests

90 %
HTTPS

35 %
IPv6

17
Domains

18
Subdomains

15
IPs

4
Countries

130 kB
Transfer

315 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/3jUSvzCi6g Page URL
  2. http://rsauae.com/file.html?cbbbbcccnttYcxDmfcdc9kcpc5yMxckzFcbbbbc HTTP 302
    https://astonishedsound.com/176153e83857879f800/2_20002_2620647/1567_1447470_3709282_11/1_217-64-151-6 Page URL
  3. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1281661920&pubid=690061 Page URL
  4. https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=1e173fea&cid=pub7f4b09752f9c456996a846588c1b1d86&2=690061 Page URL
  5. https://otto.sherlowcke.com/?utm_term=7135848855332978733&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90 Page URL
  6. https://otto.sherlowcke.com/proc.php?2f7509eef428646c359d962d5c33fc15739c69db Page URL
  7. https://www.offermyvist.com/?sl=5533050-eafc0&data1=Track1&data2=Track2&tag=M7135848855332978733&website=13260-5e3e68e7-e3bc9087&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90 Page URL
  8. https://www.offermyvist.com/?sl=5533050-eafc0&data1=Track1&data2=Track2&tag=M7135848855332978733&website=13260-5e3e68e7-e3bc9087&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90&eyeg=f8a4d8e592050f9e04213002a40ff0ea&eyer=0.9442552763888046&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
    https://www.offermyvist.com/?sl=5533050-eafc0&data1=Track1&data2=Track2&tag=M7135848855332978733&website=13260-5e3e68e7-e3bc9087&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90&eyeg=3&eyer=0.9442552763888046&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
    https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000a28d15ad732c27ef91b94ddb424ad5840825-202208-flb*5533050-eafc0*M7135848855332978733*sl_5533050-eafc0*50dd17fe732345ddcef8a4519f67fcd77fecd371*13260-5e3e68e7-e3bc9087*13260 HTTP 302
    https://t2.blowingwnd.com/l.php?p=c:o6450ylcdnn31butk&d=624e9ea3e8e2a8163b65d246&pid=6307a0bbaf6d9700013a76fb&s=503 HTTP 302
    https://pollo.trffcsource.com/p.php?p=c:9qopki6xy15aicnnk&d=603611c5b7eaf46891533240&s=ys-503 Page URL
  9. https://pollo.trffcsource.com/p.php?p=c:9qopki6xy15aicnnk&d=603611c5b7eaf46891533240&s=ys-503&bv=1 HTTP 302
    https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20= Page URL
  10. https://popmyads.com/gget HTTP 302
    http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646613250 Page URL
  11. http://www.linkonclick.com/jump/next.php?stamat=m%257C%252Cso2fvI2MqB1dQO0dEdHP3xP.ff6%252CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM8JUm5HksBtX5-SSJ8vLRk6sQQdGgDhC8DO2lEpOlLseA%252C%252C&cbpage=http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646613250&cbur=0.3215335893302551&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
    http://www.linkonclick.com/script/i.php?stamat=m%257C%252C%252Cg3M6YjZjtGU3BJ-GH0dEdHP3xP.70b%252Cu6aEkhrvdyhaIDx0k1cw4YBjlxcE_2vSgBtwOYxMEZfUSPL0JLy0WC6nimTRlIrHDD-tYL9RxMKJvdxHqSjJO9eiT-3yU27DtYKQgRrmEPaiBM1LYiSkb2vf9Pnus7DQb0-hak_B1aFLDSbOWTcvM5g9Q2VDXbXiulW-w-llcbqE7unbwfVfduVNpCY_l5rEWRajypQKZWcYlTQooERRN5KnQksjLEJsK_GtJDw7XjGMItPDtS8mutI3eSF4TzJ5OM-BVeJii_d6hS3D8vTiB_oFLOVhDmptBxLw-y2O5HnVQuKvM9Fh1Lwu4nMygzf4VDXqlNJfHiNpIuJ0o5BN1hgwFcaPSY49n0-D-yMMGxvdCjjxvjGDPaylcirnEApNLp8MFBElgchhza64bc4LLf2Xi0QNgf2Wv2nK7y7yRHLV_azTJNk15TaPaLgYUSDN9CvZUw5EP_3nQN9vJuWXq2VM09QKKMQL83NxRhRE5oZS_jD8iNtU9_sY43xcYY2hjtITHSvCsPGHjActPD4wOsEUny9w6G2h1MW3SROUyOaeDLX_SXBgBOyExGYNU21Dy1acOdE53-A3AIJmKRtzL79ToDOE43UoSF51NGV06g9RcVnS9ktwa7l_HM3Bw9Fx466Y4KF38UoN_QLGTdAjBQ%252C%252C HTTP 302
    https://adslivetraining.com/u-o_rzrmOTR_wbia_SJlAeGMAintKDGgQHVqBGifq4k/?clck=166144428410000TDETV436448888384Vbf&sid=1041905-329088980-0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://rsauae.com/file.html?cbbbbcccnttYcxDmfcdc9kcpc5yMxckzFcbbbbc HTTP 302
  • https://astonishedsound.com/176153e83857879f800/2_20002_2620647/1567_1447470_3709282_11/1_217-64-151-6
Request Chain 11
  • https://www.offermyvist.com/?sl=5533050-eafc0&data1=Track1&data2=Track2&tag=M7135848855332978733&website=13260-5e3e68e7-e3bc9087&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90&eyeg=f8a4d8e592050f9e04213002a40ff0ea&eyer=0.9442552763888046&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
  • https://www.offermyvist.com/?sl=5533050-eafc0&data1=Track1&data2=Track2&tag=M7135848855332978733&website=13260-5e3e68e7-e3bc9087&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90&eyeg=3&eyer=0.9442552763888046&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
  • https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000a28d15ad732c27ef91b94ddb424ad5840825-202208-flb*5533050-eafc0*M7135848855332978733*sl_5533050-eafc0*50dd17fe732345ddcef8a4519f67fcd77fecd371*13260-5e3e68e7-e3bc9087*13260 HTTP 302
  • https://t2.blowingwnd.com/l.php?p=c:o6450ylcdnn31butk&d=624e9ea3e8e2a8163b65d246&pid=6307a0bbaf6d9700013a76fb&s=503 HTTP 302
  • https://pollo.trffcsource.com/p.php?p=c:9qopki6xy15aicnnk&d=603611c5b7eaf46891533240&s=ys-503
Request Chain 12
  • https://pollo.trffcsource.com/p.php?p=c:9qopki6xy15aicnnk&d=603611c5b7eaf46891533240&s=ys-503&bv=1 HTTP 302
  • https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
Request Chain 14
  • https://popmyads.com/gget HTTP 302
  • http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646613250

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
3jUSvzCi6g
t.co/ 		395 B
615 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/3jUSvzCi6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Content-Security-Policy referrer always;
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
230
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Thu, 25 Aug 2022 16:17:55 GMT
expires
Thu, 25 Aug 2022 16:22:56 GMT
referrer-policy
unsafe-url
server
tsa_o
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
53245dc632b10e23af50fcabf0d4429378298a4b7ee2c6bd61aeb15209969d2d
x-response-time
187
x-xss-protection
0
1_217-64-151-6
astonishedsound.com/176153e83857879f800/2_20002_2620647/1567_1447470_3709282_11/
Redirect Chain
  • http://rsauae.com/file.html?cbbbbcccnttYcxDmfcdc9kcpc5yMxckzFcbbbbc
  • https://astonishedsound.com/176153e83857879f800/2_20002_2620647/1567_1447470_3709282_11/1_217-64-151-6
137 B
450 B 		Document
General
Check archive.org
Download Go to
Full URL
https://astonishedsound.com/176153e83857879f800/2_20002_2620647/1567_1447470_3709282_11/1_217-64-151-6
Requested by
Host: t.co
URL: https://t.co/3jUSvzCi6g
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.99.40.82 Hoboken, United States, ASN8001 (COLOGIX, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://t.co/3jUSvzCi6g
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
137
Content-Type
text/html; charset=UTF-8
Date
Thu, 25 Aug 2022 16:18:01 GMT
Server
Apache

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 25 Aug 2022 16:17:56 GMT
Location
https://astonishedsound.com/176153e83857879f800/2_20002_2620647/1567_1447470_3709282_11/1_217-64-151-6
Server
Apache
9e8aef8068
lynku.jukminung.com/rc/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/rc/9e8aef8068?affclick=1281661920&pubid=690061
Requested by
Host: astonishedsound.com
URL: https://astonishedsound.com/176153e83857879f800/2_20002_2620647/1567_1447470_3709282_11/1_217-64-151-6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e7a9b3c04dc9ea6d10cea161ba83745e6c65c782768d4f9ed4cd8c024205842

Request headers

Referer
https://astonishedsound.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7405a427cbaa3762-MXP
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Thu, 25 Aug 2022 16:18:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsgpHOTJDrkqNTIVy4fIzxYzh7zmeLR%2BjzNcrgVLC2z1i2wRRWtFuO767tfjd1w0lf5ZndPnjooK6eS2eJ%2FDkBappYIIb5E8Pdzj5N2RNi9VRkunYgeflmSIy1flI85y9%2FnpTA%2B8rNLCEof5q8HFXtx5"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1281661920&pubid=690061
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:bfdd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 16:18:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5639
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
145A9WDQZ6KZEM5G
x-amz-id-2
oH2Z6AiyurqdqXtt/ggqOVbTiu0x5FocEeAgETB4VZJUiY/cfUS7OAmzQeLuQ3eAJ1yTqJdl/MlMcrXjrywTpA==
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzuhZqO44tX%2BMqM5%2BQSQqRnkKuyL5v1L7rrwOHIN2%2BL%2B1OWmQd84XSDi9JLT%2BrNzi0%2Bgh77AXleynFN5%2FFYW5dCBdtcja6m50d86u99mfH%2FTRyp37Rg2lhf0WLZnTjUnFgbHxMCxbOrLZ0X3ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7405a4293f67baa6-MXP
cf-bgj
minify
invisible.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 87AD 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661443200
Requested by
Host: t.co
URL: https://t.co/3jUSvzCi6g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60ec8970dad0c9c573238a24bb67f5a841f8bb63e7f75ecb272e1b9cead3fcce

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 16:18:01 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vjcWb7QsYqgFsDSfHyXjqEG3qQWSX66WK7Rxj2JBBj43yOI9rOr1T0XOXe%2FNKCwWfwLEC72Vt1gIyI%2FBdVd9HhhdUgz7Cv12Wf%2FqKPEOGYSvx4bf7bJp%2FkleM2flcJur%2FZ6wye2uuvJYsHE1gYUMXPf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7405a429df5f3762-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 87AD 		20 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 16:18:01 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ilPSjnSi9KFZnOH%2FT6q%2BOCeBYtRSKEnX%2Fc6DqYJAL90GE%2FYKXPlMhej73AX8271ibWPf8I%2BhL5Qz0yrEgcrVqO5qx5SOulIWwnXKndDYLDGxAYC5GclTKwy9%2BYYjRleb7RAGPoEFqWI1%2BtKxDG1HjRoM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7405a42a1fe23762-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
otto.sherlowcke.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=1e173fea&cid=pub7f4b09752f9c456996a846588c1b1d86&2=690061
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1281661920&pubid=690061
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.1.9
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 16:18:02 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://otto.sherlowcke.com/?utm_term=7135848855332978733&ver=4viyaptcjo
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.1.9
7405a427cbaa3762
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 87AD 		2 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/7405a427cbaa3762
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661443200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Aug 2022 16:18:02 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFNHew%2BtsHR3Af2eqkqgCewO1xOaVu%2F6lJQwURv%2BzUANuQCR8jKu2VccWit2ZXnnjkD6TNHbaCLpYdJxBYAwFFXZF7FRBANo%2B5OwqRf5MPmQDJeF4Z9%2FPvLBvhG76CIPQk48uQayvuDcKFQ%2FkQ8zbaSa"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7405a42c7ed50e06-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
otto.sherlowcke.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://otto.sherlowcke.com/?utm_term=7135848855332978733&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90
Requested by
Host: otto.sherlowcke.com
URL: https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=1e173fea&cid=pub7f4b09752f9c456996a846588c1b1d86&2=690061
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.1.9
Resource Hash
d98f6732bdd107a22dba25cfaa34291cae96ae911a55968ddeeedaeb0359c83d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=1e173fea&cid=pub7f4b09752f9c456996a846588c1b1d86&2=690061
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 25 Aug 2022 16:18:02 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.1.9
proc.php
otto.sherlowcke.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://otto.sherlowcke.com/proc.php?2f7509eef428646c359d962d5c33fc15739c69db
Requested by
Host: otto.sherlowcke.com
URL: https://otto.sherlowcke.com/?utm_term=7135848855332978733&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.1.9
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://otto.sherlowcke.com/?utm_term=7135848855332978733&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 16:18:02 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.offermyvist.com/?sl=5533050-eafc0&data1=Track1&data2=Track2&tag=M7135848855332978733&website=13260-5e3e68e7-e3bc9087&placement=13260
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.1.9
/
www.offermyvist.com/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.offermyvist.com/?sl=5533050-eafc0&data1=Track1&data2=Track2&tag=M7135848855332978733&website=13260-5e3e68e7-e3bc9087&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90
Requested by
Host: otto.sherlowcke.com
URL: https://otto.sherlowcke.com/proc.php?2f7509eef428646c359d962d5c33fc15739c69db
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://otto.sherlowcke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Thu, 25 Aug 2022 16:18:03 GMT
Transfer-Encoding
chunked
p.php
pollo.trffcsource.com/
Redirect Chain
  • https://www.offermyvist.com/?sl=5533050-eafc0&data1=Track1&data2=Track2&tag=M7135848855332978733&website=13260-5e3e68e7-e3bc9087&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8cc...
  • https://www.offermyvist.com/?sl=5533050-eafc0&data1=Track1&data2=Track2&tag=M7135848855332978733&website=13260-5e3e68e7-e3bc9087&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8cc...
  • https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000a28d15ad732c27ef91b94ddb424ad5840825-202208-flb*5533050-eafc0*M7135848855332978733*sl_5533050-eafc0*50dd17fe732345...
  • https://t2.blowingwnd.com/l.php?p=c:o6450ylcdnn31butk&d=624e9ea3e8e2a8163b65d246&pid=6307a0bbaf6d9700013a76fb&s=503
  • https://pollo.trffcsource.com/p.php?p=c:9qopki6xy15aicnnk&d=603611c5b7eaf46891533240&s=ys-503
884 B
859 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pollo.trffcsource.com/p.php?p=c:9qopki6xy15aicnnk&d=603611c5b7eaf46891533240&s=ys-503
Requested by
Host: www.offermyvist.com
URL: https://www.offermyvist.com/?sl=5533050-eafc0&data1=Track1&data2=Track2&tag=M7135848855332978733&website=13260-5e3e68e7-e3bc9087&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.83.143.92 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3155458.ip-51-83-143.eu
Software
nginx /
Resource Hash

Request headers

Referer
https://www.offermyvist.com/?sl=5533050-eafc0&data1=Track1&data2=Track2&tag=M7135848855332978733&website=13260-5e3e68e7-e3bc9087&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 25 Aug 2022 16:18:03 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 25 Aug 2022 16:18:03 GMT
Location
https://pollo.trffcsource.com/p.php?p=c:9qopki6xy15aicnnk&d=603611c5b7eaf46891533240&s=ys-503
Raund
19t
Round
1217p3t0dz
Server
nginx
aHR0cDovL3RyYWZmaXgxMy5jb20=
popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/
Redirect Chain
  • https://pollo.trffcsource.com/p.php?p=c:9qopki6xy15aicnnk&d=603611c5b7eaf46891533240&s=ys-503&bv=1
  • https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
Requested by
Host: pollo.trffcsource.com
URL: https://pollo.trffcsource.com/p.php?p=c:9qopki6xy15aicnnk&d=603611c5b7eaf46891533240&s=ys-503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

Referer
https://pollo.trffcsource.com/p.php?p=c:9qopki6xy15aicnnk&d=603611c5b7eaf46891533240&s=ys-503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7405a437be1abaf3-MXP
content-encoding
br
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 16:18:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40IYhNiwC21FPsqnOMC2PfGirfkDHCWlHJR3MKGb0t9adBv6sA4JPO68WNjdWSPZPMi81QgOE2ER64Xt%2FhV0jVHuTy1otsWJn2J2Kb%2BKaVyj%2FdOjdU1hHaJltrB1yIOBkzNg6CvuAgHH5GA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
DENY
x-powered-by
PHP/7.1.33

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 25 Aug 2022 16:18:04 GMT
Location
https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
Raund
2g2
Round
11kgq037yu
Server
nginx
popmyads.png
whos.amung.us/swidget/ 		0
0
next.php
www.linkonclick.com/jump/
Redirect Chain
  • https://popmyads.com/gget
  • http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646613250
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646613250
Protocol
HTTP/1.1
Server
35.186.193.41 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
41.193.186.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://popmyads.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 25 Aug 2022 16:18:04 GMT
Server
openresty
Transfer-Encoding
chunked
Via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7405a4387eea0f6a-MXP
content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 16:18:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646613250
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kppTuDCUpK0ral5a8tN3iOu8%2B6i8Zlr7gusTQfNZJyqNLDRRxhOLZmulhjkUQTNRB94a%2BgiU%2FXsBr2O6DcrVxQ84OaY8KEUIP7u8AExPmDh3xQaAgznrWKI1JRBc4MnYSEAqEM1XusnfoE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
Primary Request /
adslivetraining.com/u-o_rzrmOTR_wbia_SJlAeGMAintKDGgQHVqBGifq4k/
Redirect Chain
  • http://www.linkonclick.com/jump/next.php?stamat=m%257C%252Cso2fvI2MqB1dQO0dEdHP3xP.ff6%252CS0kXXHXf2ck-DOZ9HRvwuM9aL_G46JdZU-2oa3bmXM8JUm5HksBtX5-SSJ8vLRk6sQQdGgDhC8DO2lEpOlLseA%252C%252C&cbpage=ht...
  • http://www.linkonclick.com/script/i.php?stamat=m%257C%252C%252Cg3M6YjZjtGU3BJ-GH0dEdHP3xP.70b%252Cu6aEkhrvdyhaIDx0k1cw4YBjlxcE_2vSgBtwOYxMEZfUSPL0JLy0WC6nimTRlIrHDD-tYL9RxMKJvdxHqSjJO9eiT-3yU27DtYK...
  • https://adslivetraining.com/u-o_rzrmOTR_wbia_SJlAeGMAintKDGgQHVqBGifq4k/?clck=166144428410000TDETV436448888384Vbf&sid=1041905-329088980-0
169 KB
73 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adslivetraining.com/u-o_rzrmOTR_wbia_SJlAeGMAintKDGgQHVqBGifq4k/?clck=166144428410000TDETV436448888384Vbf&sid=1041905-329088980-0
Requested by
Host: www.linkonclick.com
URL: http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646613250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfd5c6cd2dca9434eee4dc3545fd332ad1259fbf84f2ad33bedff81aa2f4fa92

Request headers

Referer
http://www.linkonclick.com/jump/next.php?r=1041905&sub1=0646613250
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7405a43ce862bab8-MXP
content-encoding
br
content-type
text/html
date
Thu, 25 Aug 2022 16:18:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zujehpYmfit7DxOz6X0u0d%2Fou3dg3J2sLYk%2B%2FFwwF%2BT%2B9iegiZnrUkrpmyZp%2BPzWYiEpp43mYu3sd5XdrbT3%2F0m5EJK1mqMyLvVubRY1C%2Ftq4Z%2BWYJ8rBvG5PAYyphBkhAA7fr5fx%2FkoYXqkl0oksBMa"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Date
Thu, 25 Aug 2022 16:18:04 GMT
Location
https://adslivetraining.com/u-o_rzrmOTR_wbia_SJlAeGMAintKDGgQHVqBGifq4k/?clck=166144428410000TDETV436448888384Vbf&sid=1041905-329088980-0
Referrer-Policy
no-referrer
Server
openresty
Transfer-Encoding
chunked
Via
1.1 google
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
AFU1kAAPatM
feed.r-tb.com/v1/native/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://feed.r-tb.com/v1/native/AFU1kAAPatM?subid=54989&uid=90734656-9457-4ee1-9637-60b0ef0e234d&kw=download%20install
Requested by
Host: adslivetraining.com
URL: https://adslivetraining.com/u-o_rzrmOTR_wbia_SJlAeGMAintKDGgQHVqBGifq4k/?clck=166144428410000TDETV436448888384Vbf&sid=1041905-329088980-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.26.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c82b28e1310017d4de91810eeeb1228f341de0b7904c2ee2b5390170c93350

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adslivetraining.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 16:18:05 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
model
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7405a43eccd290ec-FRA
hood.js
cdn.ocmhood.com/sdk/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ocmhood.com/sdk/hood.js?hf=Hood
Requested by
Host: adslivetraining.com
URL: https://adslivetraining.com/u-o_rzrmOTR_wbia_SJlAeGMAintKDGgQHVqBGifq4k/?clck=166144428410000TDETV436448888384Vbf&sid=1041905-329088980-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4809 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0605a6f06ab4dbbb5b33d119fbd09dfeac10a06b851a5b57d8f76d9546cada9b

Request headers

Referer
https://adslivetraining.com/
Origin
https://adslivetraining.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 16:18:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6521
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
service-worker-allowed
/
last-modified
Mon, 15 Aug 2022 12:17:06 GMT
server
cloudflare
etag
W/"62fa3942-2a53"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yA1%2Fl6JxPfvQJcJ%2B6hgfyS8PUOa%2BCBCGdHVea7IIpEix3UWD%2BEfA%2BmU%2BTdWzBk8ZCOBiWWv0HTE1WbeWqUivIV2yInIzRGW1UTKVjF3QIDWjV%2FxyOf6sL%2BGVYO%2FMqG%2Fu91Qy4MX0ihWS0ue2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7405a43eee4183a8-MXP
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
activity
t.ocmhood.com/v2/ 		0
273 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: cdn.ocmhood.com
URL: https://cdn.ocmhood.com/sdk/hood.js?hf=Hood
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adslivetraining.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 25 Aug 2022 16:18:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TMdn9r6OFbs0J%2BN07KofgLxjq9FWyDc%2BrRY0%2FnNwUwE4jZxpgJ3iNYvrpycrk0w8EcMynlaI3uBXcH8%2F6zTq2vgS9R7vLZC903lNmhZftK55QGFcwndDo8%2BIIXaKdD6v%2FnmQOZq1%2FiRUjU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
7405a43f9d6a3754-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
activity
t.ocmhood.com/v2/ 		0
525 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: cdn.ocmhood.com
URL: https://cdn.ocmhood.com/sdk/hood.js?hf=Hood
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adslivetraining.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 25 Aug 2022 16:18:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TFx7aB4woEijI8urU8KieOZItEh8DdkOC5p7hx%2Bou913bHO4yO5QkgMT5xE5fT5UXI8WVCyW2jAQNTS7ns%2B7FlDWNSnxApuiloDd2927mYDvUOf68qVXSNlUyqtcj5V25HWhI1eZ9lDjHA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
7405a43f9d6e3754-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
imp
t.c-rtb.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.c-rtb.com/imp?l2=hhlzwjp6HjKZxVZMzp6c3gtQT0pBLfsrgw35H9HR4sVAl8c9iVhZlHT87SnulpcNlPZpJVysD46ipStdIHrhQJcpPofictWH821HIRUEP_NhIPm-4Z0KFKMG_ywT1pk5JB1E34yLZZblTh6sqMcr0zKi5ltmOYIDruSiVLODFkmEAupKh-Oh6dLLYYpuD3Mz
Requested by
Host: adslivetraining.com
URL: https://adslivetraining.com/u-o_rzrmOTR_wbia_SJlAeGMAintKDGgQHVqBGifq4k/?clck=166144428410000TDETV436448888384Vbf&sid=1041905-329088980-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.199.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adslivetraining.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 16:18:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xg5psZBWRPOyihZAN%2BHL8KmUk5qFgUEzfU3gvxI9%2FQukp6xQoPEPhb1vc3HUYf9D3GIR66%2FwLbNxvbz7ICPIRRMe8t0whRzpXOs5fyHE6up9nkArY56J7EkIzXwWKw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7405a440cb50b89a-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
whos.amung.us
URL
https://whos.amung.us/swidget/popmyads.png

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| qs function| importOmpServiceWorker function| initOmpServiceWorker function| getLpType function| fetchAd function| getOCP function| popme function| pbcid function| finalRedirect function| goNextStep function| goToRedirectonAllow function| goToRedirectSmart2 function| isPushApiSupported function| uuidv4 object| ad number| cpc number| o_eid string| o_ocid string| fallback_url function| before_redirect_block object| get_push_obj_data function| Hood

7 Cookies

Domain/Path Name / Value
adslivetraining.com/u-o_rzrmOTR_wbia_SJlAeGMAintKDGgQHVqBGifq4k Name: session
Value: hdWICT6wMaD83KfZ1twqFHN6r-DsX9wZ
.t.co/ Name: muc
Value: f645c2ba-d32d-4209-afd9-bb0ff214fdad
astonishedsound.com/ Name: uid15295
Value: 1281661920-20220825121801-a182c9661e1efbc2e4fb1af2a2d20d00-
lynku.jukminung.com/ Name: AWSALB
Value: 8LvFNGQV6aeuiW9ZF0K7I6X2GXn8OjLImwHWexa/ghecC8q5YWBNsfMf4AqL+t6QXpakbtdWk+aS8VBXfydaXwwpHm8a4IhvWXpRdmVc9jXjx5gqW77P9B6qvHVz
.jukminung.com/ Name: __cf_bm
Value: 2wAlB5IGXZ9vBxGG5CL7zCrf7P0OVeXslnIk6tnEbDI-1661444282-0-AdY2eDrvkiEhHzmk83r+vO0UmI+/WxZ9psVTATPT/mQGsbcbljqfdH/XrS8pSfh03RFPAEchmEHob7lZ/0AtSSzszZb1BsHCi7RcRET9MzhsciWyPVazEjohJr93sNRAqA==
otto.sherlowcke.com/ Name: u
Value: 428417d175b8386d443d6d5b98ba09c1
admoustache.go2affise.com/ Name: afclick
Value: 6307a0bbaf6d9700013a76fb

1 Console Messages

Source Level URL
Text
security error URL: https://t.co/3jUSvzCi6g
Message:
Unrecognized Content-Security-Policy directive 'referrer'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy referrer always;
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admoustache.go2affise.com
adslivetraining.com
astonishedsound.com
cdn.addlnk.com
cdn.ocmhood.com
feed.r-tb.com
lynku.jukminung.com
otto.sherlowcke.com
pollo.trffcsource.com
popmyads.com
rsauae.com
t.c-rtb.com
t.co
t.ocmhood.com
t2.blowingwnd.com
whos.amung.us
www.linkonclick.com
www.offermyvist.com
whos.amung.us
104.244.42.69
107.181.160.9
172.67.199.13
172.67.26.25
207.99.40.82
2606:4700:20::681a:6e4
2606:4700:20::ac43:4809
2606:4700:3030::ac43:bfdd
2606:4700:3032::6815:1cae
2606:4700:3037::ac43:9a93
2a06:98c1:3121::c
34.90.46.36
35.186.193.41
51.161.115.163
51.68.81.31
51.83.143.92
65.60.58.179
0605a6f06ab4dbbb5b33d119fbd09dfeac10a06b851a5b57d8f76d9546cada9b
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
60ec8970dad0c9c573238a24bb67f5a841f8bb63e7f75ecb272e1b9cead3fcce
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
8e7a9b3c04dc9ea6d10cea161ba83745e6c65c782768d4f9ed4cd8c024205842
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
cfd5c6cd2dca9434eee4dc3545fd332ad1259fbf84f2ad33bedff81aa2f4fa92
d98f6732bdd107a22dba25cfaa34291cae96ae911a55968ddeeedaeb0359c83d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f
f5c82b28e1310017d4de91810eeeb1228f341de0b7904c2ee2b5390170c93350