urlscan.io logo urlscan.io
SecurityTrails logo

schuster.marketing Open in urlscan Pro
78.46.101.118  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://28889463-22781-ex.situnifecal.com/jSZED4c1OArjZtczvVjELyZNldkRvoHRdvoDM8OeEpgSM82c9dlSoMyOANZnf4Wbw4wOdfB0h_7seuuzHOKnYBaKmqOlubqK...
Effective URL: https://schuster.marketing/t.php?u=aHR0cHM6Ly9hc3NldHMuaWtobmFpZS5saW5rL2NsaWNrLmh0bWw%2Fd2djYW1wYWlnbmlkPTE1MjU0NzUmd2dwcm...
Submission: On December 06 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 10 domains to perform 15 HTTP transactions. The main IP is 78.46.101.118, located in Germany and belongs to HETZNER-AS Hetzner Online GmbH, DE. The main domain is schuster.marketing.
TLS certificate: Issued by R11 on November 28th 2024. Valid for: 3 months.
This is the only time schuster.marketing was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 88.208.22.1 39572 (ADVANCEDH...)
1 2a00:1450:400... 15169 (GOOGLE)
3 87.236.177.88 207728 (EUROHOSTE...)
3 109.206.175.73 50245 (SERVEREL-...)
2 31.220.27.154 39572 (ADVANCEDH...)
1 206.54.181.250 35415 (WEBZILLA ...)
1 78.46.101.74 24940 (HETZNER-A...)
1 78.46.101.118 24940 (HETZNER-A...)
15 9
2    88.208.22.1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
PTR: mail.armadaboard.com
28889463-22781-ex.situnifecal.com
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ads.google.com
3    87.236.177.88 (Bulgaria)

ASN207728 (EUROHOSTER EUROHOSTER Ltd., BG)
PTR: srv24007.hosted-by-eurohoster.org
eu34.adsy.ink
3    109.206.175.73 (Amsterdam, Netherlands)

ASN50245 (SERVEREL-AS Serverel Inc., US)
PTR: 109.206.175.73.serverel.net
clicks.easyfilms4us.com
2    31.220.27.154 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
afrdtech.com
1    206.54.181.250 (United States)

ASN35415 (WEBZILLA Webzilla B.V., NL)
PTR: 1c2-14-d8685-250.webazilla.com
latest-554768.tsidfrri.ru
1    78.46.101.74 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.74.101.46.78.clients.your-server.de
approved.website
1    78.46.101.118 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.118.101.46.78.clients.your-server.de
schuster.marketing
Domain Requested by
3 clicks.easyfilms4us.com eu34.adsy.ink
3 eu34.adsy.ink 28889463-22781-ex.situnifecal.com
eu34.adsy.ink
2 afrdtech.com eu34.adsy.ink
2 28889463-22781-ex.situnifecal.com 1 redirects
1 schuster.marketing approved.website
1 approved.website latest-554768.tsidfrri.ru
1 latest-554768.tsidfrri.ru
1 ads.google.com 28889463-22781-ex.situnifecal.com
0 www.webshop-outlet.nl Failed schuster.marketing
0 rpo.by Failed eu34.adsy.ink
15 10

This site contains no links.

Subject Issuer Validity Valid
*.situnifecal.com
R11		 2024-11-19 -
2025-02-17		 3 months crt.sh
adwords.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
clicks.easyfilms4us.com
R11		 2024-12-01 -
2025-03-01		 3 months crt.sh
afrdtech.com
R11		 2024-11-05 -
2025-02-03		 3 months crt.sh
*.tsidfrri.ru
R10		 2024-10-07 -
2025-01-05		 3 months crt.sh
approved.website
R10		 2024-10-12 -
2025-01-10		 3 months crt.sh
schuster.marketing
R11		 2024-11-28 -
2025-02-26		 3 months crt.sh

This page contains 1 frames:

Frame: https://www.webshop-outlet.nl/?wgu=291555_1525475_17334938937358_4271232d40&wgexpiry=1765029893&source=webgains&siteid=1525475
Frame ID: 17E1D3E9E47D407542668F7333D0B471
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://28889463-22781-ex.situnifecal.com/jSZED4c1OArjZtczvVjELyZNldkRvoHRdvoDM8OeEpgSM82c9dlSoMyOANZnf4Wbw4wOdfB0h_7s... Page URL
  2. https://28889463-22781-ex.situnifecal.com/jSZED4c1OArjZtczvVjELyZNldkRvoHRdvoDM8OeEpgSM82c9dlSoMyOANZnf4Wbw4wOdfB0h_7s... HTTP 307
    http://eu34.adsy.ink/pop/clk/1/1733493889/6f8c140ed3b64c718136be7fd1f3b3d0 HTTP 307
    https://eu34.adsy.ink/pop/clk/1/1733493889/6f8c140ed3b64c718136be7fd1f3b3d0 HTTP 307
    http://eu34.adsy.ink/pop/clk/1/1733493889/6f8c140ed3b64c718136be7fd1f3b3d0 Page URL
  3. https://clicks.easyfilms4us.com/b2/c/c/redir?cid=25&did=YWhhWUg&eid=15294&nid=10017&sid=3266505811oEnhbfPC&t... Page URL
  4. https://latest-554768.tsidfrri.ru/click?node=507&winPrice=0.00046899999999999996&force=1&winCurrency=USD&id=17... Page URL
  5. https://approved.website/wgn_out.php?c=NL&campaign_id=554768&wm_account_id=614911&wm_site_id=614911-1... Page URL
  6. https://schuster.marketing/t.php?u=aHR0cHM6Ly9hc3NldHMuaWtobmFpZS5saW5rL2NsaWNrLmh0bWw%2Fd2djYW1wYWlnbm... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

15
Requests

67 %
HTTPS

13 %
IPv6

10
Domains

10
Subdomains

9
IPs

5
Countries

27 kB
Transfer

60 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://28889463-22781-ex.situnifecal.com/jSZED4c1OArjZtczvVjELyZNldkRvoHRdvoDM8OeEpgSM82c9dlSoMyOANZnf4Wbw4wOdfB0h_7seuuzHOKnYBaKmqOlubqKcAIfSLVORD74HDSDtXBLT1zzLTXN7w?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fxcavy.com%2Fsearch%2Fprincess-honey-toilet-poop%2F&referer=https%3A%2F...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=0 Page URL
  2. https://28889463-22781-ex.situnifecal.com/jSZED4c1OArjZtczvVjELyZNldkRvoHRdvoDM8OeEpgSM82c9dlSoMyOANZnf4Wbw4wOdfB0h_7seuuzHOKnYBaKmqOlubqKcAIfSLVORD74HDSDtXBLT1zzLTXN7w?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fxcavy.com%2Fsearch%2Fprincess-honey-toilet-poop%2F&referer=https%3A%2F...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=0&pageUri=https%3A%2F%2Fxcavy.com%2Fsearch%2Fprincess-honey-toilet-poop%2F&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2228%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Fri%20Dec%2006%202024%2015%3A04%3A49%20GMT%2B0100%20(Midden-Europese%20standaardtijd)%22%2C%22-60%22%2C%22nl-NL%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
    http://eu34.adsy.ink/pop/clk/1/1733493889/6f8c140ed3b64c718136be7fd1f3b3d0 HTTP 307
    https://eu34.adsy.ink/pop/clk/1/1733493889/6f8c140ed3b64c718136be7fd1f3b3d0 HTTP 307
    http://eu34.adsy.ink/pop/clk/1/1733493889/6f8c140ed3b64c718136be7fd1f3b3d0 Page URL
  3. https://clicks.easyfilms4us.com/b2/c/c/redir?cid=25&did=YWhhWUg&eid=15294&nid=10017&sid=3266505811oEnhbfPC&ts=1733493889&ttl=300&v=v5.12.13 Page URL
  4. https://latest-554768.tsidfrri.ru/click?node=507&winPrice=0.00046899999999999996&force=1&winCurrency=USD&id=1733493840000-8391 Page URL
  5. https://approved.website/wgn_out.php?c=NL&campaign_id=554768&wm_account_id=614911&wm_site_id=614911-173375809513789&tsrc=pu Page URL
  6. https://schuster.marketing/t.php?u=aHR0cHM6Ly9hc3NldHMuaWtobmFpZS5saW5rL2NsaWNrLmh0bWw%2Fd2djYW1wYWlnbmlkPTE1MjU0NzUmd2dwcm9ncmFtaWQ9MjkxNTU1JnV0bV9zb3VyY2U9d2ViZ2FpbnMmdXRtX21lZGl1bT1hZmZpbGlhdGUmdXRtX2NhbXBhaWduPXdlYmdhaW5zX05MXzI5MTU1NV8yJmNsaWNrcmVmPU5MXzI5MTU1NV8xNzMzNDkzODkyNzE3MA%3D%3D&t=NjE0OTExeHh4NjE0OTExLTE3MzM3NTgwOTUxMzc4OQ%3D%3D&c=NL&tb=pu Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://28889463-22781-ex.situnifecal.com/jSZED4c1OArjZtczvVjELyZNldkRvoHRdvoDM8OeEpgSM82c9dlSoMyOANZnf4Wbw4wOdfB0h_7seuuzHOKnYBaKmqOlubqKcAIfSLVORD74HDSDtXBLT1zzLTXN7w?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fxcavy.com%2Fsearch%2Fprincess-honey-toilet-poop%2F&referer=https%3A%2F...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=0&pageUri=https%3A%2F%2Fxcavy.com%2Fsearch%2Fprincess-honey-toilet-poop%2F&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2228%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Fri%20Dec%2006%202024%2015%3A04%3A49%20GMT%2B0100%20(Midden-Europese%20standaardtijd)%22%2C%22-60%22%2C%22nl-NL%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
  • http://eu34.adsy.ink/pop/clk/1/1733493889/6f8c140ed3b64c718136be7fd1f3b3d0 HTTP 307
  • https://eu34.adsy.ink/pop/clk/1/1733493889/6f8c140ed3b64c718136be7fd1f3b3d0 HTTP 307
  • http://eu34.adsy.ink/pop/clk/1/1733493889/6f8c140ed3b64c718136be7fd1f3b3d0
Request Chain 13
  • https://assets.ikhnaie.link/click.html?wgcampaignid=1525475&wgprogramid=291555&utm_source=webgains&utm_medium=affiliate&utm_campaign=webgains_NL_291555_2&clickref=NL_291555_17334938927170 HTTP 302
  • https://www.webshop-outlet.nl/?wgu=291555_1525475_17334938937358_4271232d40&wgexpiry=1765029893&source=webgains&siteid=1525475

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
jSZED4c1OArjZtczvVjELyZNldkRvoHRdvoDM8OeEpgSM82c9dlSoMyOANZnf4Wbw4wOdfB0h_7seuuzHOKnYBaKmqOlubqKcAIfSLVORD74HDSDtXBLT1zzLTXN7w
28889463-22781-ex.situnifecal.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28889463-22781-ex.situnifecal.com/jSZED4c1OArjZtczvVjELyZNldkRvoHRdvoDM8OeEpgSM82c9dlSoMyOANZnf4Wbw4wOdfB0h_7seuuzHOKnYBaKmqOlubqKcAIfSLVORD74HDSDtXBLT1zzLTXN7w?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fxcavy.com%2Fsearch%2Fprincess-honey-toilet-poop%2F&referer=https%3A%2F...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.208.22.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
mail.armadaboard.com
Software
nginx /
Resource Hash
2032db01039440e8982601b41f33d53320b5cd77c8b30a6c313103c21f09d6dd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime
31536000
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html
date
Fri, 06 Dec 2024 14:04:49 GMT
expires
Fri, 06 Dec 2024 14:04:49 UTC
last-modified
Fri, 06 Dec 2024 14:04:49 UTC
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma
no-cache
referrer-policy
unsafe-url
server
nginx
vary
Accept-Encoding
/
ads.google.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.google.com/
Requested by
Host: 28889463-22781-ex.situnifecal.com
URL: https://28889463-22781-ex.situnifecal.com/jSZED4c1OArjZtczvVjELyZNldkRvoHRdvoDM8OeEpgSM82c9dlSoMyOANZnf4Wbw4wOdfB0h_7seuuzHOKnYBaKmqOlubqKcAIfSLVORD74HDSDtXBLT1zzLTXN7w?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fxcavy.com%2Fsearch%2Fprincess-honey-toilet-poop%2F&referer=https%3A%2F...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://28889463-22781-ex.situnifecal.com/jSZED4c1OArjZtczvVjELyZNldkRvoHRdvoDM8OeEpgSM82c9dlSoMyOANZnf4Wbw4wOdfB0h_7seuuzHOKnYBaKmqOlubqKcAIfSLVORD74HDSDtXBLT1zzLTXN7w?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fxcavy.com%2Fsearch%2Fprincess-honey-toilet-poop%2F&referer=https%3A%2F...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=0

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1103
date
Fri, 06 Dec 2024 14:04:50 GMT
content-type
text/html; charset=UTF-8
6f8c140ed3b64c718136be7fd1f3b3d0
eu34.adsy.ink/pop/clk/1/1733493889/
Redirect Chain
  • https://28889463-22781-ex.situnifecal.com/jSZED4c1OArjZtczvVjELyZNldkRvoHRdvoDM8OeEpgSM82c9dlSoMyOANZnf4Wbw4wOdfB0h_7seuuzHOKnYBaKmqOlubqKcAIfSLVORD74HDSDtXBLT1zzLTXN7w?kws=&abl=0&fsb=0&pageUri=htt...
  • http://eu34.adsy.ink/pop/clk/1/1733493889/6f8c140ed3b64c718136be7fd1f3b3d0
  • https://eu34.adsy.ink/pop/clk/1/1733493889/6f8c140ed3b64c718136be7fd1f3b3d0
  • http://eu34.adsy.ink/pop/clk/1/1733493889/6f8c140ed3b64c718136be7fd1f3b3d0
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://eu34.adsy.ink/pop/clk/1/1733493889/6f8c140ed3b64c718136be7fd1f3b3d0
Requested by
Host: 28889463-22781-ex.situnifecal.com
URL: https://28889463-22781-ex.situnifecal.com/jSZED4c1OArjZtczvVjELyZNldkRvoHRdvoDM8OeEpgSM82c9dlSoMyOANZnf4Wbw4wOdfB0h_7seuuzHOKnYBaKmqOlubqKcAIfSLVORD74HDSDtXBLT1zzLTXN7w?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fxcavy.com%2Fsearch%2Fprincess-honey-toilet-poop%2F&referer=https%3A%2F...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=0
Protocol
HTTP/1.1
Server
87.236.177.88 , Bulgaria, ASN207728 (EUROHOSTER EUROHOSTER Ltd., BG),
Reverse DNS
srv24007.hosted-by-eurohoster.org
Software
nginx/1.26.1 / PHP/8.1.27
Resource Hash
9902198cc47e5cb83f577dda5bd04cdd8ec9677ef629b1ba7f76ff1965cb7a8e

Request headers

Referer
https://28889463-22781-ex.situnifecal.com/jSZED4c1OArjZtczvVjELyZNldkRvoHRdvoDM8OeEpgSM82c9dlSoMyOANZnf4Wbw4wOdfB0h_7seuuzHOKnYBaKmqOlubqKcAIfSLVORD74HDSDtXBLT1zzLTXN7w?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fxcavy.com%2Fsearch%2Fprincess-honey-toilet-poop%2F&referer=https%3A%2F...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
device-memory
8

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Authorization
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://kaminari.systems
Connection
close
Content-Encoding
gzip
Content-Length
758
Content-Type
text/html; charset=UTF-8
Date
Fri, 06 Dec 2024 14:04:50 GMT
Refresh
1; url=https://clicks.easyfilms4us.com/b2/c/c/redir?cid=25&did=YWhhWUg&eid=15294&nid=10017&sid=3266505811oEnhbfPC&ts=1733493889&ttl=300&v=v5.12.13
Server
nginx/1.26.1
Vary
Accept-Encoding,User-Agent
X-Powered-By
PHP/8.1.27
X-SERVER-TIME-1
0.006

Redirect headers

Location
http://eu34.adsy.ink/pop/clk/1/1733493889/6f8c140ed3b64c718136be7fd1f3b3d0
Non-Authoritative-Reason
HttpsUpgrades
nurl
clicks.easyfilms4us.com/ 		0
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clicks.easyfilms4us.com/nurl?sid=3266505811oEnhbfPC
Requested by
Host: eu34.adsy.ink
URL: http://eu34.adsy.ink/pop/clk/1/1733493889/6f8c140ed3b64c718136be7fd1f3b3d0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.206.175.73 Amsterdam, Netherlands, ASN50245 (SERVEREL-AS Serverel Inc., US),
Reverse DNS
109.206.175.73.serverel.net
Software
dspclick-v3.13.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://eu34.adsy.ink/

Response headers

date
Fri, 06 Dec 2024 14:04:50 GMT
server
dspclick-v3.13.4
content-length
0
kaminary.php
eu34.adsy.ink/api/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://eu34.adsy.ink/api/kaminary.php
Requested by
Host: eu34.adsy.ink
URL: http://eu34.adsy.ink/pop/clk/1/1733493889/6f8c140ed3b64c718136be7fd1f3b3d0
Protocol
HTTP/1.1
Server
87.236.177.88 , Bulgaria, ASN207728 (EUROHOSTER EUROHOSTER Ltd., BG),
Reverse DNS
srv24007.hosted-by-eurohoster.org
Software
nginx/1.26.1 / PHP/8.1.27
Resource Hash
1eebd9ba6af97c8bc7de5316e8546cb8235127ae28fe95f847118d006ff7f2e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://eu34.adsy.ink/pop/clk/1/1733493889/6f8c140ed3b64c718136be7fd1f3b3d0

Response headers

X-Server-Host
eu34.adsy.ink
X-Server-IP
87.236.177.88
Content-Encoding
gzip
X-Real-IP
31.204.150.141
Connection
close
Content-Length
18272
Date
Fri, 06 Dec 2024 14:04:51 GMT
Content-Type
application/javascript
X-Powered-By
PHP/8.1.27
Server
nginx/1.26.1
Vary
Accept-Encoding,User-Agent
favicon.ico
eu34.adsy.ink/ 		0
190 B 		Other
General
Check archive.org
Download Go to
Full URL
http://eu34.adsy.ink/favicon.ico
Protocol
HTTP/1.1
Server
87.236.177.88 , Bulgaria, ASN207728 (EUROHOSTER EUROHOSTER Ltd., BG),
Reverse DNS
srv24007.hosted-by-eurohoster.org
Software
nginx/1.26.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://eu34.adsy.ink/pop/clk/1/1733493889/6f8c140ed3b64c718136be7fd1f3b3d0

Response headers

X-Server-Host
eu34.adsy.ink
X-Server-IP
87.236.177.88
X-Real-IP
31.204.150.141
Date
Fri, 06 Dec 2024 14:04:51 GMT
Server
nginx/1.26.1
Connection
close
check
afrdtech.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://afrdtech.com/v2/check
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.154 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://eu34.adsy.ink
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,pragma,Authorization,
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, PATCH, HEAD, TRACE, CONNECT
access-control-allow-origin
http://eu34.adsy.ink
date
Fri, 06 Dec 2024 14:04:51 GMT
server
nginx
check
afrdtech.com/v2/ 		66 B
338 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://afrdtech.com/v2/check
Requested by
Host: eu34.adsy.ink
URL: http://eu34.adsy.ink/api/kaminary.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.154 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
10f922d99c3b40e3d8390e30be71beb0e2c1cdceaa800f17e4bd9b093d7f290c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/json
Referer
http://eu34.adsy.ink/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
http://eu34.adsy.ink
date
Fri, 06 Dec 2024 14:04:51 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type
/
rpo.by/ 		0
0
redir
clicks.easyfilms4us.com/b2/c/c/ 		497 B
625 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clicks.easyfilms4us.com/b2/c/c/redir?cid=25&did=YWhhWUg&eid=15294&nid=10017&sid=3266505811oEnhbfPC&ts=1733493889&ttl=300&v=v5.12.13
Requested by
Host: eu34.adsy.ink
URL: http://eu34.adsy.ink/pop/clk/1/1733493889/6f8c140ed3b64c718136be7fd1f3b3d0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.206.175.73 Amsterdam, Netherlands, ASN50245 (SERVEREL-AS Serverel Inc., US),
Reverse DNS
109.206.175.73.serverel.net
Software
dspclick-v3.13.4 /
Resource Hash
0e47b6f0ac65b50d79a4d9dc664152a19de96279ab8d6a7b305aa9800bc770d3

Request headers

Referer
http://eu34.adsy.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Content-Length
497
Content-Type
text/html
Date
Fri, 06 Dec 2024 14:04:51 GMT
Server
dspclick-v3.13.4
click
latest-554768.tsidfrri.ru/ 		429 B
726 B 		Document
General
Check archive.org
Download Go to
Full URL
https://latest-554768.tsidfrri.ru/click?node=507&winPrice=0.00046899999999999996&force=1&winCurrency=USD&id=1733493840000-8391
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.54.181.250 , United States, ASN35415 (WEBZILLA Webzilla B.V., NL),
Reverse DNS
1c2-14-d8685-250.webazilla.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
private, no-cache, no-store, must-revalidate
connection
close
date
Fri, 06 Dec 2024 14:04:52 GMT
expires
-1
pragma
no-cache
transfer-encoding
chunked
favicon.ico
clicks.easyfilms4us.com/ 		0
108 B 		Other
General
Check archive.org
Download Go to
Full URL
https://clicks.easyfilms4us.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.206.175.73 Amsterdam, Netherlands, ASN50245 (SERVEREL-AS Serverel Inc., US),
Reverse DNS
109.206.175.73.serverel.net
Software
dspclick-v3.13.4 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Date
Fri, 06 Dec 2024 14:04:51 GMT
Server
dspclick-v3.13.4
Content-Length
0
wgn_out.php
approved.website/ 		953 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://approved.website/wgn_out.php?c=NL&campaign_id=554768&wm_account_id=614911&wm_site_id=614911-173375809513789&tsrc=pu
Requested by
Host: latest-554768.tsidfrri.ru
URL: https://latest-554768.tsidfrri.ru/click?node=507&winPrice=0.00046899999999999996&force=1&winCurrency=USD&id=1733493840000-8391
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.46.101.74 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.74.101.46.78.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

Referer
https://latest-554768.tsidfrri.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-type
text/html; charset=UTF-8
date
Fri, 06 Dec 2024 14:04:52 GMT
last-modified
Friday, 06-Dec-2024 14:04:52 GMT
server
nginx
Primary Request t.php
schuster.marketing/ 		651 B
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://schuster.marketing/t.php?u=aHR0cHM6Ly9hc3NldHMuaWtobmFpZS5saW5rL2NsaWNrLmh0bWw%2Fd2djYW1wYWlnbmlkPTE1MjU0NzUmd2dwcm9ncmFtaWQ9MjkxNTU1JnV0bV9zb3VyY2U9d2ViZ2FpbnMmdXRtX21lZGl1bT1hZmZpbGlhdGUmdXRtX2NhbXBhaWduPXdlYmdhaW5zX05MXzI5MTU1NV8yJmNsaWNrcmVmPU5MXzI5MTU1NV8xNzMzNDkzODkyNzE3MA%3D%3D&t=NjE0OTExeHh4NjE0OTExLTE3MzM3NTgwOTUxMzc4OQ%3D%3D&c=NL&tb=pu
Requested by
Host: approved.website
URL: https://approved.website/wgn_out.php?c=NL&campaign_id=554768&wm_account_id=614911&wm_site_id=614911-173375809513789&tsrc=pu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
78.46.101.118 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.118.101.46.78.clients.your-server.de
Software
nginx /
Resource Hash
84b7a89dbde2a02124960f979b5408dbb26e7f3cee783dbe746a6cc15d85f8f5

Request headers

Referer
https://approved.website/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-type
text/html; charset=UTF-8
date
Fri, 06 Dec 2024 14:04:53 GMT
last-modified
Friday, 06-Dec-2024 14:04:53 GMT
server
nginx
/
www.webshop-outlet.nl/
Redirect Chain
  • https://assets.ikhnaie.link/click.html?wgcampaignid=1525475&wgprogramid=291555&utm_source=webgains&utm_medium=affiliate&utm_campaign=webgains_NL_291555_2&clickref=NL_291555_17334938927170
  • https://www.webshop-outlet.nl/?wgu=291555_1525475_17334938937358_4271232d40&wgexpiry=1765029893&source=webgains&siteid=1525475
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rpo.by
URL
https://rpo.by/
Domain
www.webshop-outlet.nl
URL
https://www.webshop-outlet.nl/?wgu=291555_1525475_17334938937358_4271232d40&wgexpiry=1765029893&source=webgains&siteid=1525475

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
latest-554768.tsidfrri.ru/ Name: clickId_554768
Value: 507-1733493840000-47

5 Console Messages

Source Level URL
Text
rendering warning URL: https://28889463-22781-ex.situnifecal.com/jSZED4c1OArjZtczvVjELyZNldkRvoHRdvoDM8OeEpgSM82c9dlSoMyOANZnf4Wbw4wOdfB0h_7seuuzHOKnYBaKmqOlubqKcAIfSLVORD74HDSDtXBLT1zzLTXN7w?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fxcavy.com%2Fsearch%2Fprincess-honey-toilet-poop%2F&referer=https%3A%2F...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=0
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0601D00142C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://ads.google.com/
Message:
Failed to load resource: the server responded with a status of 429 ()
security warning URL: http://eu34.adsy.ink/api/kaminary.php(Line 4)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
rendering warning URL: http://eu34.adsy.ink/pop/clk/1/1733493889/6f8c140ed3b64c718136be7fd1f3b3d0
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A090CB00142C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://clicks.easyfilms4us.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)