urlscan.io logo urlscan.io
SecurityTrails logo

extoffoliga.com Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://informmedeliveryusps.com/
Effective URL: https://extoffoliga.com/html/similar/?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wqg5rr260p6qmt043innt15l&cid=wqg5r...
Submission: On September 07 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 6 domains to perform 21 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is extoffoliga.com.
TLS certificate: Issued by WE1 on August 31st 2024. Valid for: 3 months.
This is the only time extoffoliga.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.172.228.26 14061 (DIGITALOC...)
1 2 52.117.247.211 36351 (SOFTLAYER)
1 1 2600:9000:255... 16509 (AMAZON-02)
7 188.114.97.3 13335 (CLOUDFLAR...)
12 139.45.197.250 9002 (RETN-AS)
1 139.45.195.8 9002 (RETN-AS)
21 4
1    167.172.228.26 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
informmedeliveryusps.com
2    52.117.247.211 (United States)

ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com
intckdom.com
p374591.intckdom.com
1    2600:9000:2555:c400:1b:5b15:9a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
my.toruftuiov.com
7    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
extoffoliga.com
12    139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)
laugoust.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
Apex Domain
Subdomains		 Transfer
12 laugoust.com
laugoust.com — Cisco Umbrella Rank: 230136
19 KB
7 extoffoliga.com
extoffoliga.com
24 KB
2 intckdom.com
intckdom.com — Cisco Umbrella Rank: 351023
p374591.intckdom.com
2 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 5822
544 B
1 toruftuiov.com
my.toruftuiov.com — Cisco Umbrella Rank: 94230
2 KB
1 informmedeliveryusps.com
informmedeliveryusps.com
1 KB
21 6
Domain Requested by
12 laugoust.com extoffoliga.com
laugoust.com
7 extoffoliga.com p374591.intckdom.com
extoffoliga.com
laugoust.com
1 my.rtmark.net laugoust.com
1 my.toruftuiov.com 1 redirects
1 p374591.intckdom.com
1 intckdom.com 1 redirects
1 informmedeliveryusps.com 1 redirects
21 7

This site contains links to these domains. Also see Links.

Domain
my.toruftuiov.com
Subject Issuer Validity Valid
*.intckdom.com
Sectigo RSA Domain Validation Secure Server CA		 2024-07-09 -
2025-07-09		 a year crt.sh
extoffoliga.com
WE1		 2024-08-31 -
2024-11-29		 3 months crt.sh
laugoust.com
E6		 2024-07-11 -
2024-10-09		 3 months crt.sh
rtmark.net
R11		 2024-08-30 -
2024-11-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://extoffoliga.com/html/similar/?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wqg5rr260p6qmt043innt15l&cid=wqg5rr260p6qmt043innt15l&campaign.id=42741c3c-7033-411b-9d7d-aa6eccb8b43d&cep=9yNpxtAUS-H0fT-mmOby4BoUHjTvkNuoA96D4aHVZa4AWggpGc3MRuiDu970hteCk_7qVXdhdpaV7JOS71AKL5PasYWj7CuXCDCuG-ScBOzM1-GgYHovU-KGmSjiSIOaL-irFvWmPvIlMtyDOHuCAP9TUfn7AE1ScohEJ1Dwi70RTxIGycRB5nNig3D_P8GKj9O4d9-IZMiyly1JiJnzKJWvATKeryyFRXfNXnSOOjca-79AV4zJfIPw03n8pcYNmffSNoy-m_gqb1Raf0GqPVHLw7zRN4fXzqde_GIWalpJizEvl9Kf0qGUk0lmPEHNQ_Tv0b1mFOuYR6C10ej14ykixQAPFBnOe-tS28d1o3UvGq28iBznQAJ7l0sQ-yO-G0hbFl9QkfDdo7HAjOatWid-1rnVaW6xPgP-orXr2gTPMXPF6YkdeWSXKfEjLbkRWIJsBvFoxHBrBCZhtcBSIXUfB_d9xcQb4kIxi5WLNUewlBZO6ErZ7V8uxh_Jzjp5OPRjJk0NBMfKYGCTe-Lx4xDozvLUXUoNk_IcA6LS99tphiThIi6gfKZuQhdUz7t9B5BlJ_7v0fzSyzh41rTMeLbrEyUHl9Kp8xr1cflJLwoeFNFEuSYQBOF1cBG_K9xodyJ0dIkJbQROBVPI8N2uIa6x4-O5P4rS7PvbBZOdoaU&lptoken=175025b37471555153f0&source=443895569&keyword=informmedeliveryusps.com+RO&geo=GB&campaignname=United+States+-+Direct+-+Cleaner+-+Totalav+globalwhite&device=Mobile&os=Android+10.x+Mobile&browser=Chrome+116&carrier=UNKNOWN&CREATIVE-ID=%40%40CREATIVE-ID%40%40&bid=0.005&clickid=90873161830
Frame ID: 9A781BA3229C36EFC71C5C0FA51FB6A9
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Attention!

Page URL History Show full URLs

  1. http://informmedeliveryusps.com/ HTTP 307
    https://informmedeliveryusps.com/ HTTP 302
    https://intckdom.com/aS/feedclick?s=IKaS41W5VyZ3B4od8oTtHXGt_aH4FBmD80-NduorFgpzzJfZKe-3pRG_6U4hq... HTTP 302
    https://p374591.intckdom.com/adServe/domainClick?ai=J3F4Iyh18u2FFumE8e4MRzEdMQXJ6NYMW4cwfylJm6jnECSJ65Gcj... Page URL
  2. https://my.toruftuiov.com/42741c3c-7033-411b-9d7d-aa6eccb8b43d?source=443895569&keyword=informmedelive... HTTP 302
    https://extoffoliga.com/html/similar/?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wqg5rr260p6qmt... Page URL

Page Statistics

21
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

7
Subdomains

4
IPs

3
Countries

45 kB
Transfer

91 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://informmedeliveryusps.com/ HTTP 307
    https://informmedeliveryusps.com/ HTTP 302
    https://intckdom.com/aS/feedclick?s=IKaS41W5VyZ3B4od8oTtHXGt_aH4FBmD80-NduorFgpzzJfZKe-3pRG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlEFmHqGJpUI0SHDiPMuvbMgWv6tOH8lSlHWVUL2gXgUyatsBFMaSTc1RQ5RxkQPBqyyTn3ctXNy-q0_VhSfQvd26pAQuBqO7nUJbtBUPMCIUFe1ajP4l698KYsKLO8wm7XY3asBuUwnN1LZSEwzQsJ3lBmHVcJ8Tzka3pFFugz4-vLD_ODUSdE8KG6xXgXwkw4e51mGuadFSvYxStUWgpnED3XGEZIPmWBmCEvrqOs5Zlg14XNWbKKoe7Fixja3GravPeOYs2HmNOIqR_2XzmTcrjFcNz3dVMi-rJ1K2XZ8-jPwX5MWYscDd1gb2W-hHkkIkDkPGKz8KmP3WaKU7AD-Jiwbn1V_zKukDTQIhzlJe4Apx4dJuV7JWSgvvw0_UGzmzeXFd3tkn1OEzRsTkD0j-3XHGFW_dJh0I440zpU2s4kqg31B0IQGk1eZSSS38rThR1dD07ehhTq4Vasm50LHQxf8afKH30hQjuI_WfkJpCMQ906Il5WyrkBDCpVFCobAoZhbtqOygRAH2uYAPWNoSSKp_BtYARt3RsiQ8rJx4S5xMhqXq2IJZq_kQ4iLjeRtkmu1-agbprhqvkxel_e9JHnauU2zK993R1EK6659LKCFm1UCSKVR8i9NAwN0GqGlWfKycT0mXhiPASr6WD_IMvzLq03_Ikxb4jNTMpNTgtIaBR-y87bYOXDKZTfovsrTlyBzutJLXJbZW2MQ4BAjkAMBNHt_TTmphmVCSO7SmJTAxRdK58TT2QJRpN-eyMb-eKe6YQY4qVUQVxnRCYPZTcuAkaerOYTN1IGBrHzC0HDH6FIe0NTnhDF60iyVDrqB6NUit6FEYLRbLirBn0pcShz0A2FdRRFibTM80gVCuzi0hTb947Z-Qa3HjxA-6WbajwOM4GmlZIMQ7PN-_RnRtUK-7xMAHrE9X3AYQsCpAEn3pdnGSoQntiSd_6AiFH3gLrizg5bIXitSBEREQ4RkYFSQ3Lz5utLGwsRRX9JzMMxYMRwisSyW4UKVXLIUgDq2oIlaUhe4-JeKaP7K1ewgmFxxcjfl2jWjRlBavzIZ9OeYGVfsA2k7giq8-3_GfzHPhoH8PV_uw9T3nccNjlAQu7hkyFqwyBWhURjYqpBBtYUozPf79BZBkEbcjRNE1OglpHiBQK3NZLyUZ9RAQQfy6_aOyq4cbJLwORbEz30J5eHZwHxENVFTmNarfilbf41MoMurGD2xsm1Gyf_TSTd_reQYsBMuaMATeaHKbjvxZSfbihgaz8RBzbFH3P91Fb2JcILhesmiPaWYqUpkUGOfRR5JugWxqnmBwBDbaLSR7K22m0YiriK3QD5TbX7VfTtcKcC1nX9AavayyW8Qr4leF-8HRrbc13OdrnCsCNKZVAnFwPy0jHV0UxvQhX_xt8xiMVdntXIxs HTTP 302
    https://p374591.intckdom.com/adServe/domainClick?ai=J3F4Iyh18u2FFumE8e4MRzEdMQXJ6NYMW4cwfylJm6jnECSJ65GcjwiXH4MPb3lP_Ou1IY0Ct5fTn5vTRqNUTzScp2NspAPN-wZysUmPSygGnw3UKqTcaWqAQTR_kWOHxecuIWlWALwG9_hEhxtCR_XryofFEOcZ_KtfrrZhsbKydzzPNTbxZkv7EJ8xQviaeyZeB4t_suqwm3apsrzxIzV8UQa3LJ3ZlreU4cSLooeVsUcPwTh0ww8B78vhYDGtkbV2h-MNKjtED7_tidyXhqpLE-yGBL8l0YRCaYQ-zjhfSPcxVQni-afdnKfr5HD5hH96neDjclCgu6tNLJtXf_NVWUy-lk7PFjuED_lYu80Xu88wSWywELxBhUNI1iZDeG75T0AK4q1x6QIhKEl2-24Ho5c3-uyByYQap6RQGI_YpSV9jY8ZpQ&ui=IKaS41W5VyZ3B4od8oTtHZd6KIoZavoq5BqBrDJxXOECQ0lmUE87EtxIlMqWsjVGu1QLKAfj3bXzxmYZI2424iFno5U39Vobqp8eQ3GN9R3e4W8W0KYA_A&si=1&oref=67b6f2b461ceea8bdbbf0e8d9148d983&optunit=OdrnCsCNKZVAnFwPy0jHV0UxvQhX_xt8ZZJCxAdeOqU&rb=d_wwTvPFgK4&rr=1&isco=t&abtg=0 Page URL
  2. https://my.toruftuiov.com/42741c3c-7033-411b-9d7d-aa6eccb8b43d?source=443895569&keyword=informmedeliveryusps.com+RO&geo=GB&campaignname=United+States+-+Direct+-+Cleaner+-+Totalav+globalwhite&device=Mobile&os=Android+10.x+Mobile&browser=Chrome+116&carrier=UNKNOWN&CREATIVE-ID=@@CREATIVE-ID@@&bid=0.005&clickid=90873161830 HTTP 302
    https://extoffoliga.com/html/similar/?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wqg5rr260p6qmt043innt15l&cid=wqg5rr260p6qmt043innt15l&campaign.id=42741c3c-7033-411b-9d7d-aa6eccb8b43d&cep=9yNpxtAUS-H0fT-mmOby4BoUHjTvkNuoA96D4aHVZa4AWggpGc3MRuiDu970hteCk_7qVXdhdpaV7JOS71AKL5PasYWj7CuXCDCuG-ScBOzM1-GgYHovU-KGmSjiSIOaL-irFvWmPvIlMtyDOHuCAP9TUfn7AE1ScohEJ1Dwi70RTxIGycRB5nNig3D_P8GKj9O4d9-IZMiyly1JiJnzKJWvATKeryyFRXfNXnSOOjca-79AV4zJfIPw03n8pcYNmffSNoy-m_gqb1Raf0GqPVHLw7zRN4fXzqde_GIWalpJizEvl9Kf0qGUk0lmPEHNQ_Tv0b1mFOuYR6C10ej14ykixQAPFBnOe-tS28d1o3UvGq28iBznQAJ7l0sQ-yO-G0hbFl9QkfDdo7HAjOatWid-1rnVaW6xPgP-orXr2gTPMXPF6YkdeWSXKfEjLbkRWIJsBvFoxHBrBCZhtcBSIXUfB_d9xcQb4kIxi5WLNUewlBZO6ErZ7V8uxh_Jzjp5OPRjJk0NBMfKYGCTe-Lx4xDozvLUXUoNk_IcA6LS99tphiThIi6gfKZuQhdUz7t9B5BlJ_7v0fzSyzh41rTMeLbrEyUHl9Kp8xr1cflJLwoeFNFEuSYQBOF1cBG_K9xodyJ0dIkJbQROBVPI8N2uIa6x4-O5P4rS7PvbBZOdoaU&lptoken=175025b37471555153f0&source=443895569&keyword=informmedeliveryusps.com+RO&geo=GB&campaignname=United+States+-+Direct+-+Cleaner+-+Totalav+globalwhite&device=Mobile&os=Android+10.x+Mobile&browser=Chrome+116&carrier=UNKNOWN&CREATIVE-ID=%40%40CREATIVE-ID%40%40&bid=0.005&clickid=90873161830 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://informmedeliveryusps.com/ HTTP 307
  • https://informmedeliveryusps.com/ HTTP 302
  • https://intckdom.com/aS/feedclick?s=IKaS41W5VyZ3B4od8oTtHXGt_aH4FBmD80-NduorFgpzzJfZKe-3pRG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlEFmHqGJpUI0SHDiPMuvbMgWv6tOH8lSlHWVUL2gXgUyatsBFMaSTc1RQ5RxkQPBqyyTn3ctXNy-q0_VhSfQvd26pAQuBqO7nUJbtBUPMCIUFe1ajP4l698KYsKLO8wm7XY3asBuUwnN1LZSEwzQsJ3lBmHVcJ8Tzka3pFFugz4-vLD_ODUSdE8KG6xXgXwkw4e51mGuadFSvYxStUWgpnED3XGEZIPmWBmCEvrqOs5Zlg14XNWbKKoe7Fixja3GravPeOYs2HmNOIqR_2XzmTcrjFcNz3dVMi-rJ1K2XZ8-jPwX5MWYscDd1gb2W-hHkkIkDkPGKz8KmP3WaKU7AD-Jiwbn1V_zKukDTQIhzlJe4Apx4dJuV7JWSgvvw0_UGzmzeXFd3tkn1OEzRsTkD0j-3XHGFW_dJh0I440zpU2s4kqg31B0IQGk1eZSSS38rThR1dD07ehhTq4Vasm50LHQxf8afKH30hQjuI_WfkJpCMQ906Il5WyrkBDCpVFCobAoZhbtqOygRAH2uYAPWNoSSKp_BtYARt3RsiQ8rJx4S5xMhqXq2IJZq_kQ4iLjeRtkmu1-agbprhqvkxel_e9JHnauU2zK993R1EK6659LKCFm1UCSKVR8i9NAwN0GqGlWfKycT0mXhiPASr6WD_IMvzLq03_Ikxb4jNTMpNTgtIaBR-y87bYOXDKZTfovsrTlyBzutJLXJbZW2MQ4BAjkAMBNHt_TTmphmVCSO7SmJTAxRdK58TT2QJRpN-eyMb-eKe6YQY4qVUQVxnRCYPZTcuAkaerOYTN1IGBrHzC0HDH6FIe0NTnhDF60iyVDrqB6NUit6FEYLRbLirBn0pcShz0A2FdRRFibTM80gVCuzi0hTb947Z-Qa3HjxA-6WbajwOM4GmlZIMQ7PN-_RnRtUK-7xMAHrE9X3AYQsCpAEn3pdnGSoQntiSd_6AiFH3gLrizg5bIXitSBEREQ4RkYFSQ3Lz5utLGwsRRX9JzMMxYMRwisSyW4UKVXLIUgDq2oIlaUhe4-JeKaP7K1ewgmFxxcjfl2jWjRlBavzIZ9OeYGVfsA2k7giq8-3_GfzHPhoH8PV_uw9T3nccNjlAQu7hkyFqwyBWhURjYqpBBtYUozPf79BZBkEbcjRNE1OglpHiBQK3NZLyUZ9RAQQfy6_aOyq4cbJLwORbEz30J5eHZwHxENVFTmNarfilbf41MoMurGD2xsm1Gyf_TSTd_reQYsBMuaMATeaHKbjvxZSfbihgaz8RBzbFH3P91Fb2JcILhesmiPaWYqUpkUGOfRR5JugWxqnmBwBDbaLSR7K22m0YiriK3QD5TbX7VfTtcKcC1nX9AavayyW8Qr4leF-8HRrbc13OdrnCsCNKZVAnFwPy0jHV0UxvQhX_xt8xiMVdntXIxs HTTP 302
  • https://p374591.intckdom.com/adServe/domainClick?ai=J3F4Iyh18u2FFumE8e4MRzEdMQXJ6NYMW4cwfylJm6jnECSJ65GcjwiXH4MPb3lP_Ou1IY0Ct5fTn5vTRqNUTzScp2NspAPN-wZysUmPSygGnw3UKqTcaWqAQTR_kWOHxecuIWlWALwG9_hEhxtCR_XryofFEOcZ_KtfrrZhsbKydzzPNTbxZkv7EJ8xQviaeyZeB4t_suqwm3apsrzxIzV8UQa3LJ3ZlreU4cSLooeVsUcPwTh0ww8B78vhYDGtkbV2h-MNKjtED7_tidyXhqpLE-yGBL8l0YRCaYQ-zjhfSPcxVQni-afdnKfr5HD5hH96neDjclCgu6tNLJtXf_NVWUy-lk7PFjuED_lYu80Xu88wSWywELxBhUNI1iZDeG75T0AK4q1x6QIhKEl2-24Ho5c3-uyByYQap6RQGI_YpSV9jY8ZpQ&ui=IKaS41W5VyZ3B4od8oTtHZd6KIoZavoq5BqBrDJxXOECQ0lmUE87EtxIlMqWsjVGu1QLKAfj3bXzxmYZI2424iFno5U39Vobqp8eQ3GN9R3e4W8W0KYA_A&si=1&oref=67b6f2b461ceea8bdbbf0e8d9148d983&optunit=OdrnCsCNKZVAnFwPy0jHV0UxvQhX_xt8ZZJCxAdeOqU&rb=d_wwTvPFgK4&rr=1&isco=t&abtg=0

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
domainClick
p374591.intckdom.com/adServe/
Redirect Chain
  • http://informmedeliveryusps.com/
  • https://informmedeliveryusps.com/
  • https://intckdom.com/aS/feedclick?s=IKaS41W5VyZ3B4od8oTtHXGt_aH4FBmD80-NduorFgpzzJfZKe-3pRG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlEFmHqGJpUI0SHDiPMuvbMgWv6tOH8lSlHWVUL2gXgUyatsBFMaSTc1RQ5RxkQPBqy...
  • https://p374591.intckdom.com/adServe/domainClick?ai=J3F4Iyh18u2FFumE8e4MRzEdMQXJ6NYMW4cwfylJm6jnECSJ65GcjwiXH4MPb3lP_Ou1IY0Ct5fTn5vTRqNUTzScp2NspAPN-wZysUmPSygGnw3UKqTcaWqAQTR_kWOHxecuIWlWALwG9_hEh...
516 B
973 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p374591.intckdom.com/adServe/domainClick?ai=J3F4Iyh18u2FFumE8e4MRzEdMQXJ6NYMW4cwfylJm6jnECSJ65GcjwiXH4MPb3lP_Ou1IY0Ct5fTn5vTRqNUTzScp2NspAPN-wZysUmPSygGnw3UKqTcaWqAQTR_kWOHxecuIWlWALwG9_hEhxtCR_XryofFEOcZ_KtfrrZhsbKydzzPNTbxZkv7EJ8xQviaeyZeB4t_suqwm3apsrzxIzV8UQa3LJ3ZlreU4cSLooeVsUcPwTh0ww8B78vhYDGtkbV2h-MNKjtED7_tidyXhqpLE-yGBL8l0YRCaYQ-zjhfSPcxVQni-afdnKfr5HD5hH96neDjclCgu6tNLJtXf_NVWUy-lk7PFjuED_lYu80Xu88wSWywELxBhUNI1iZDeG75T0AK4q1x6QIhKEl2-24Ho5c3-uyByYQap6RQGI_YpSV9jY8ZpQ&ui=IKaS41W5VyZ3B4od8oTtHZd6KIoZavoq5BqBrDJxXOECQ0lmUE87EtxIlMqWsjVGu1QLKAfj3bXzxmYZI2424iFno5U39Vobqp8eQ3GN9R3e4W8W0KYA_A&si=1&oref=67b6f2b461ceea8bdbbf0e8d9148d983&optunit=OdrnCsCNKZVAnFwPy0jHV0UxvQhX_xt8ZZJCxAdeOqU&rb=d_wwTvPFgK4&rr=1&isco=t&abtg=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.117.247.211 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
d3.f7.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 07 Sep 2024 21:15:53 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sat, 07 Sep 2024 21:15:52 GMT
Location
https://p374591.intckdom.com/adServe/domainClick?ai=J3F4Iyh18u2FFumE8e4MRzEdMQXJ6NYMW4cwfylJm6jnECSJ65GcjwiXH4MPb3lP_Ou1IY0Ct5fTn5vTRqNUTzScp2NspAPN-wZysUmPSygGnw3UKqTcaWqAQTR_kWOHxecuIWlWALwG9_hEhxtCR_XryofFEOcZ_KtfrrZhsbKydzzPNTbxZkv7EJ8xQviaeyZeB4t_suqwm3apsrzxIzV8UQa3LJ3ZlreU4cSLooeVsUcPwTh0ww8B78vhYDGtkbV2h-MNKjtED7_tidyXhqpLE-yGBL8l0YRCaYQ-zjhfSPcxVQni-afdnKfr5HD5hH96neDjclCgu6tNLJtXf_NVWUy-lk7PFjuED_lYu80Xu88wSWywELxBhUNI1iZDeG75T0AK4q1x6QIhKEl2-24Ho5c3-uyByYQap6RQGI_YpSV9jY8ZpQ&ui=IKaS41W5VyZ3B4od8oTtHZd6KIoZavoq5BqBrDJxXOECQ0lmUE87EtxIlMqWsjVGu1QLKAfj3bXzxmYZI2424iFno5U39Vobqp8eQ3GN9R3e4W8W0KYA_A&si=1&oref=67b6f2b461ceea8bdbbf0e8d9148d983&optunit=OdrnCsCNKZVAnFwPy0jHV0UxvQhX_xt8ZZJCxAdeOqU&rb=d_wwTvPFgK4&rr=1&isco=t&abtg=0
Server
nginx
Primary Request /
extoffoliga.com/html/similar/
Redirect Chain
  • https://my.toruftuiov.com/42741c3c-7033-411b-9d7d-aa6eccb8b43d?source=443895569&keyword=informmedeliveryusps.com+RO&geo=GB&campaignname=United+States+-+Direct+-+Cleaner+-+Totalav+globalwhite&device...
  • https://extoffoliga.com/html/similar/?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wqg5rr260p6qmt043innt15l&cid=wqg5rr260p6qmt043innt15l&campaign.id=42741c3c-7033-411b-9d7d-aa6eccb8b43d&cep=9yNp...
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://extoffoliga.com/html/similar/?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wqg5rr260p6qmt043innt15l&cid=wqg5rr260p6qmt043innt15l&campaign.id=42741c3c-7033-411b-9d7d-aa6eccb8b43d&cep=9yNpxtAUS-H0fT-mmOby4BoUHjTvkNuoA96D4aHVZa4AWggpGc3MRuiDu970hteCk_7qVXdhdpaV7JOS71AKL5PasYWj7CuXCDCuG-ScBOzM1-GgYHovU-KGmSjiSIOaL-irFvWmPvIlMtyDOHuCAP9TUfn7AE1ScohEJ1Dwi70RTxIGycRB5nNig3D_P8GKj9O4d9-IZMiyly1JiJnzKJWvATKeryyFRXfNXnSOOjca-79AV4zJfIPw03n8pcYNmffSNoy-m_gqb1Raf0GqPVHLw7zRN4fXzqde_GIWalpJizEvl9Kf0qGUk0lmPEHNQ_Tv0b1mFOuYR6C10ej14ykixQAPFBnOe-tS28d1o3UvGq28iBznQAJ7l0sQ-yO-G0hbFl9QkfDdo7HAjOatWid-1rnVaW6xPgP-orXr2gTPMXPF6YkdeWSXKfEjLbkRWIJsBvFoxHBrBCZhtcBSIXUfB_d9xcQb4kIxi5WLNUewlBZO6ErZ7V8uxh_Jzjp5OPRjJk0NBMfKYGCTe-Lx4xDozvLUXUoNk_IcA6LS99tphiThIi6gfKZuQhdUz7t9B5BlJ_7v0fzSyzh41rTMeLbrEyUHl9Kp8xr1cflJLwoeFNFEuSYQBOF1cBG_K9xodyJ0dIkJbQROBVPI8N2uIa6x4-O5P4rS7PvbBZOdoaU&lptoken=175025b37471555153f0&source=443895569&keyword=informmedeliveryusps.com+RO&geo=GB&campaignname=United+States+-+Direct+-+Cleaner+-+Totalav+globalwhite&device=Mobile&os=Android+10.x+Mobile&browser=Chrome+116&carrier=UNKNOWN&CREATIVE-ID=%40%40CREATIVE-ID%40%40&bid=0.005&clickid=90873161830
Requested by
Host: p374591.intckdom.com
URL: https://p374591.intckdom.com/adServe/domainClick?ai=J3F4Iyh18u2FFumE8e4MRzEdMQXJ6NYMW4cwfylJm6jnECSJ65GcjwiXH4MPb3lP_Ou1IY0Ct5fTn5vTRqNUTzScp2NspAPN-wZysUmPSygGnw3UKqTcaWqAQTR_kWOHxecuIWlWALwG9_hEhxtCR_XryofFEOcZ_KtfrrZhsbKydzzPNTbxZkv7EJ8xQviaeyZeB4t_suqwm3apsrzxIzV8UQa3LJ3ZlreU4cSLooeVsUcPwTh0ww8B78vhYDGtkbV2h-MNKjtED7_tidyXhqpLE-yGBL8l0YRCaYQ-zjhfSPcxVQni-afdnKfr5HD5hH96neDjclCgu6tNLJtXf_NVWUy-lk7PFjuED_lYu80Xu88wSWywELxBhUNI1iZDeG75T0AK4q1x6QIhKEl2-24Ho5c3-uyByYQap6RQGI_YpSV9jY8ZpQ&ui=IKaS41W5VyZ3B4od8oTtHZd6KIoZavoq5BqBrDJxXOECQ0lmUE87EtxIlMqWsjVGu1QLKAfj3bXzxmYZI2424iFno5U39Vobqp8eQ3GN9R3e4W8W0KYA_A&si=1&oref=67b6f2b461ceea8bdbbf0e8d9148d983&optunit=OdrnCsCNKZVAnFwPy0jHV0UxvQhX_xt8ZZJCxAdeOqU&rb=d_wwTvPFgK4&rr=1&isco=t&abtg=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8033ac6b55b08eebdd88c5a9d8b5be8340a11ecb7442ed5c57a5e6501804eb6f

Request headers

Referer
https://p374591.intckdom.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8bf9b77e2f1cbf07-LHR
content-encoding
br
content-type
text/html
date
Sat, 07 Sep 2024 21:15:53 GMT
last-modified
Thu, 20 Jun 2024 12:18:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VIQKnwf1VVppc7pMujEAnj2NjaCVjVtHMIRKmmG8lsF8XcjxO9OZTDxZWFEEEfa85NObWFXCk%2FX5x5UzDxPW1u3UWrkKE2Tx%2FMw4NmlyTn%2F5sSfaLHwzWonXk6jFTx8lRN4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Sat, 07 Sep 2024 21:15:53 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://extoffoliga.com/html/similar/?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wqg5rr260p6qmt043innt15l&cid=wqg5rr260p6qmt043innt15l&campaign.id=42741c3c-7033-411b-9d7d-aa6eccb8b43d&cep=9yNpxtAUS-H0fT-mmOby4BoUHjTvkNuoA96D4aHVZa4AWggpGc3MRuiDu970hteCk_7qVXdhdpaV7JOS71AKL5PasYWj7CuXCDCuG-ScBOzM1-GgYHovU-KGmSjiSIOaL-irFvWmPvIlMtyDOHuCAP9TUfn7AE1ScohEJ1Dwi70RTxIGycRB5nNig3D_P8GKj9O4d9-IZMiyly1JiJnzKJWvATKeryyFRXfNXnSOOjca-79AV4zJfIPw03n8pcYNmffSNoy-m_gqb1Raf0GqPVHLw7zRN4fXzqde_GIWalpJizEvl9Kf0qGUk0lmPEHNQ_Tv0b1mFOuYR6C10ej14ykixQAPFBnOe-tS28d1o3UvGq28iBznQAJ7l0sQ-yO-G0hbFl9QkfDdo7HAjOatWid-1rnVaW6xPgP-orXr2gTPMXPF6YkdeWSXKfEjLbkRWIJsBvFoxHBrBCZhtcBSIXUfB_d9xcQb4kIxi5WLNUewlBZO6ErZ7V8uxh_Jzjp5OPRjJk0NBMfKYGCTe-Lx4xDozvLUXUoNk_IcA6LS99tphiThIi6gfKZuQhdUz7t9B5BlJ_7v0fzSyzh41rTMeLbrEyUHl9Kp8xr1cflJLwoeFNFEuSYQBOF1cBG_K9xodyJ0dIkJbQROBVPI8N2uIa6x4-O5P4rS7PvbBZOdoaU&lptoken=175025b37471555153f0&source=443895569&keyword=informmedeliveryusps.com+RO&geo=GB&campaignname=United+States+-+Direct+-+Cleaner+-+Totalav+globalwhite&device=Mobile&os=Android+10.x+Mobile&browser=Chrome+116&carrier=UNKNOWN&CREATIVE-ID=%40%40CREATIVE-ID%40%40&bid=0.005&clickid=90873161830
pragma
no-cache
server
nginx
via
1.1 697d4bd23eb9c2b8ceb5e7a65e15f560.cloudfront.net (CloudFront)
x-amz-cf-id
unkmQkVAtJGlZI8lYZVo4DdgojXBLcN9AI7ZscdIaPUmJKdcrj1QHQ==
x-amz-cf-pop
LHR61-P7
x-cache
Miss from cloudfront
script.js
extoffoliga.com/html/similar/files/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://extoffoliga.com/html/similar/files/script.js
Requested by
Host: extoffoliga.com
URL: https://extoffoliga.com/html/similar/?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wqg5rr260p6qmt043innt15l&cid=wqg5rr260p6qmt043innt15l&campaign.id=42741c3c-7033-411b-9d7d-aa6eccb8b43d&cep=9yNpxtAUS-H0fT-mmOby4BoUHjTvkNuoA96D4aHVZa4AWggpGc3MRuiDu970hteCk_7qVXdhdpaV7JOS71AKL5PasYWj7CuXCDCuG-ScBOzM1-GgYHovU-KGmSjiSIOaL-irFvWmPvIlMtyDOHuCAP9TUfn7AE1ScohEJ1Dwi70RTxIGycRB5nNig3D_P8GKj9O4d9-IZMiyly1JiJnzKJWvATKeryyFRXfNXnSOOjca-79AV4zJfIPw03n8pcYNmffSNoy-m_gqb1Raf0GqPVHLw7zRN4fXzqde_GIWalpJizEvl9Kf0qGUk0lmPEHNQ_Tv0b1mFOuYR6C10ej14ykixQAPFBnOe-tS28d1o3UvGq28iBznQAJ7l0sQ-yO-G0hbFl9QkfDdo7HAjOatWid-1rnVaW6xPgP-orXr2gTPMXPF6YkdeWSXKfEjLbkRWIJsBvFoxHBrBCZhtcBSIXUfB_d9xcQb4kIxi5WLNUewlBZO6ErZ7V8uxh_Jzjp5OPRjJk0NBMfKYGCTe-Lx4xDozvLUXUoNk_IcA6LS99tphiThIi6gfKZuQhdUz7t9B5BlJ_7v0fzSyzh41rTMeLbrEyUHl9Kp8xr1cflJLwoeFNFEuSYQBOF1cBG_K9xodyJ0dIkJbQROBVPI8N2uIa6x4-O5P4rS7PvbBZOdoaU&lptoken=175025b37471555153f0&source=443895569&keyword=informmedeliveryusps.com+RO&geo=GB&campaignname=United+States+-+Direct+-+Cleaner+-+Totalav+globalwhite&device=Mobile&os=Android+10.x+Mobile&browser=Chrome+116&carrier=UNKNOWN&CREATIVE-ID=%40%40CREATIVE-ID%40%40&bid=0.005&clickid=90873161830
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30857aa45982c07b003a6f59633778679dab3aa87976aa9f2cb1ced984d9a82c

Request headers

Referer
https://extoffoliga.com/html/similar/?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wqg5rr260p6qmt043innt15l&cid=wqg5rr260p6qmt043innt15l&campaign.id=42741c3c-7033-411b-9d7d-aa6eccb8b43d&cep=9yNpxtAUS-H0fT-mmOby4BoUHjTvkNuoA96D4aHVZa4AWggpGc3MRuiDu970hteCk_7qVXdhdpaV7JOS71AKL5PasYWj7CuXCDCuG-ScBOzM1-GgYHovU-KGmSjiSIOaL-irFvWmPvIlMtyDOHuCAP9TUfn7AE1ScohEJ1Dwi70RTxIGycRB5nNig3D_P8GKj9O4d9-IZMiyly1JiJnzKJWvATKeryyFRXfNXnSOOjca-79AV4zJfIPw03n8pcYNmffSNoy-m_gqb1Raf0GqPVHLw7zRN4fXzqde_GIWalpJizEvl9Kf0qGUk0lmPEHNQ_Tv0b1mFOuYR6C10ej14ykixQAPFBnOe-tS28d1o3UvGq28iBznQAJ7l0sQ-yO-G0hbFl9QkfDdo7HAjOatWid-1rnVaW6xPgP-orXr2gTPMXPF6YkdeWSXKfEjLbkRWIJsBvFoxHBrBCZhtcBSIXUfB_d9xcQb4kIxi5WLNUewlBZO6ErZ7V8uxh_Jzjp5OPRjJk0NBMfKYGCTe-Lx4xDozvLUXUoNk_IcA6LS99tphiThIi6gfKZuQhdUz7t9B5BlJ_7v0fzSyzh41rTMeLbrEyUHl9Kp8xr1cflJLwoeFNFEuSYQBOF1cBG_K9xodyJ0dIkJbQROBVPI8N2uIa6x4-O5P4rS7PvbBZOdoaU&lptoken=175025b37471555153f0&source=443895569&keyword=informmedeliveryusps.com+RO&geo=GB&campaignname=United+States+-+Direct+-+Cleaner+-+Totalav+globalwhite&device=Mobile&os=Android+10.x+Mobile&browser=Chrome+116&carrier=UNKNOWN&CREATIVE-ID=%40%40CREATIVE-ID%40%40&bid=0.005&clickid=90873161830
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 07 Sep 2024 21:15:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Jun 2024 12:18:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5710
etag
W/"66741e09-642f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FZeGULT%2Bn6LbxtaTiCxypNVUm1zwhvB0tUVkngUThNmsV7Pc44ieeW8mh9kGttJ2EWHPQI4LjlzXfKZW3iLBOWOU7tpZHlYZrj9XNs53DurQT8ci%2FtvJ%2BnKq%2B%2BzcR42ySdk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8bf9b77edfd9bf07-LHR
alt-svc
h3=":443"; ma=86400
style.css
extoffoliga.com/html/similar/files/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://extoffoliga.com/html/similar/files/style.css
Requested by
Host: extoffoliga.com
URL: https://extoffoliga.com/html/similar/?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wqg5rr260p6qmt043innt15l&cid=wqg5rr260p6qmt043innt15l&campaign.id=42741c3c-7033-411b-9d7d-aa6eccb8b43d&cep=9yNpxtAUS-H0fT-mmOby4BoUHjTvkNuoA96D4aHVZa4AWggpGc3MRuiDu970hteCk_7qVXdhdpaV7JOS71AKL5PasYWj7CuXCDCuG-ScBOzM1-GgYHovU-KGmSjiSIOaL-irFvWmPvIlMtyDOHuCAP9TUfn7AE1ScohEJ1Dwi70RTxIGycRB5nNig3D_P8GKj9O4d9-IZMiyly1JiJnzKJWvATKeryyFRXfNXnSOOjca-79AV4zJfIPw03n8pcYNmffSNoy-m_gqb1Raf0GqPVHLw7zRN4fXzqde_GIWalpJizEvl9Kf0qGUk0lmPEHNQ_Tv0b1mFOuYR6C10ej14ykixQAPFBnOe-tS28d1o3UvGq28iBznQAJ7l0sQ-yO-G0hbFl9QkfDdo7HAjOatWid-1rnVaW6xPgP-orXr2gTPMXPF6YkdeWSXKfEjLbkRWIJsBvFoxHBrBCZhtcBSIXUfB_d9xcQb4kIxi5WLNUewlBZO6ErZ7V8uxh_Jzjp5OPRjJk0NBMfKYGCTe-Lx4xDozvLUXUoNk_IcA6LS99tphiThIi6gfKZuQhdUz7t9B5BlJ_7v0fzSyzh41rTMeLbrEyUHl9Kp8xr1cflJLwoeFNFEuSYQBOF1cBG_K9xodyJ0dIkJbQROBVPI8N2uIa6x4-O5P4rS7PvbBZOdoaU&lptoken=175025b37471555153f0&source=443895569&keyword=informmedeliveryusps.com+RO&geo=GB&campaignname=United+States+-+Direct+-+Cleaner+-+Totalav+globalwhite&device=Mobile&os=Android+10.x+Mobile&browser=Chrome+116&carrier=UNKNOWN&CREATIVE-ID=%40%40CREATIVE-ID%40%40&bid=0.005&clickid=90873161830
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
488a5c2dd9224508e7a7d8410f2b543902e43b4d50fe01207baa7dfbbe25c267

Request headers

Referer
https://extoffoliga.com/html/similar/?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wqg5rr260p6qmt043innt15l&cid=wqg5rr260p6qmt043innt15l&campaign.id=42741c3c-7033-411b-9d7d-aa6eccb8b43d&cep=9yNpxtAUS-H0fT-mmOby4BoUHjTvkNuoA96D4aHVZa4AWggpGc3MRuiDu970hteCk_7qVXdhdpaV7JOS71AKL5PasYWj7CuXCDCuG-ScBOzM1-GgYHovU-KGmSjiSIOaL-irFvWmPvIlMtyDOHuCAP9TUfn7AE1ScohEJ1Dwi70RTxIGycRB5nNig3D_P8GKj9O4d9-IZMiyly1JiJnzKJWvATKeryyFRXfNXnSOOjca-79AV4zJfIPw03n8pcYNmffSNoy-m_gqb1Raf0GqPVHLw7zRN4fXzqde_GIWalpJizEvl9Kf0qGUk0lmPEHNQ_Tv0b1mFOuYR6C10ej14ykixQAPFBnOe-tS28d1o3UvGq28iBznQAJ7l0sQ-yO-G0hbFl9QkfDdo7HAjOatWid-1rnVaW6xPgP-orXr2gTPMXPF6YkdeWSXKfEjLbkRWIJsBvFoxHBrBCZhtcBSIXUfB_d9xcQb4kIxi5WLNUewlBZO6ErZ7V8uxh_Jzjp5OPRjJk0NBMfKYGCTe-Lx4xDozvLUXUoNk_IcA6LS99tphiThIi6gfKZuQhdUz7t9B5BlJ_7v0fzSyzh41rTMeLbrEyUHl9Kp8xr1cflJLwoeFNFEuSYQBOF1cBG_K9xodyJ0dIkJbQROBVPI8N2uIa6x4-O5P4rS7PvbBZOdoaU&lptoken=175025b37471555153f0&source=443895569&keyword=informmedeliveryusps.com+RO&geo=GB&campaignname=United+States+-+Direct+-+Cleaner+-+Totalav+globalwhite&device=Mobile&os=Android+10.x+Mobile&browser=Chrome+116&carrier=UNKNOWN&CREATIVE-ID=%40%40CREATIVE-ID%40%40&bid=0.005&clickid=90873161830
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 07 Sep 2024 21:15:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Jun 2024 12:18:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5710
etag
W/"66741e0a-27bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ACvE6Jf59XsL3IcGI3xz2rnqZoqdwvRvCoRWFHWNku9RiuuH3lP8WsE72eHcWDj0av4UITw0HEuUBoEihWtXympGCb21mppvHLhtHTv1RcGYyu19ZTGqDLZW3sXmkst2J4M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8bf9b77edfdbbf07-LHR
alt-svc
h3=":443"; ma=86400
icon.png
extoffoliga.com/html/similar/files/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://extoffoliga.com/html/similar/files/icon.png
Requested by
Host: extoffoliga.com
URL: https://extoffoliga.com/html/similar/?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wqg5rr260p6qmt043innt15l&cid=wqg5rr260p6qmt043innt15l&campaign.id=42741c3c-7033-411b-9d7d-aa6eccb8b43d&cep=9yNpxtAUS-H0fT-mmOby4BoUHjTvkNuoA96D4aHVZa4AWggpGc3MRuiDu970hteCk_7qVXdhdpaV7JOS71AKL5PasYWj7CuXCDCuG-ScBOzM1-GgYHovU-KGmSjiSIOaL-irFvWmPvIlMtyDOHuCAP9TUfn7AE1ScohEJ1Dwi70RTxIGycRB5nNig3D_P8GKj9O4d9-IZMiyly1JiJnzKJWvATKeryyFRXfNXnSOOjca-79AV4zJfIPw03n8pcYNmffSNoy-m_gqb1Raf0GqPVHLw7zRN4fXzqde_GIWalpJizEvl9Kf0qGUk0lmPEHNQ_Tv0b1mFOuYR6C10ej14ykixQAPFBnOe-tS28d1o3UvGq28iBznQAJ7l0sQ-yO-G0hbFl9QkfDdo7HAjOatWid-1rnVaW6xPgP-orXr2gTPMXPF6YkdeWSXKfEjLbkRWIJsBvFoxHBrBCZhtcBSIXUfB_d9xcQb4kIxi5WLNUewlBZO6ErZ7V8uxh_Jzjp5OPRjJk0NBMfKYGCTe-Lx4xDozvLUXUoNk_IcA6LS99tphiThIi6gfKZuQhdUz7t9B5BlJ_7v0fzSyzh41rTMeLbrEyUHl9Kp8xr1cflJLwoeFNFEuSYQBOF1cBG_K9xodyJ0dIkJbQROBVPI8N2uIa6x4-O5P4rS7PvbBZOdoaU&lptoken=175025b37471555153f0&source=443895569&keyword=informmedeliveryusps.com+RO&geo=GB&campaignname=United+States+-+Direct+-+Cleaner+-+Totalav+globalwhite&device=Mobile&os=Android+10.x+Mobile&browser=Chrome+116&carrier=UNKNOWN&CREATIVE-ID=%40%40CREATIVE-ID%40%40&bid=0.005&clickid=90873161830
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b4b554f43b00e9e849f657f13bddb78644df48deb2f8b96e6cbc7d4ac4dc05b

Request headers

Referer
https://extoffoliga.com/html/similar/?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wqg5rr260p6qmt043innt15l&cid=wqg5rr260p6qmt043innt15l&campaign.id=42741c3c-7033-411b-9d7d-aa6eccb8b43d&cep=9yNpxtAUS-H0fT-mmOby4BoUHjTvkNuoA96D4aHVZa4AWggpGc3MRuiDu970hteCk_7qVXdhdpaV7JOS71AKL5PasYWj7CuXCDCuG-ScBOzM1-GgYHovU-KGmSjiSIOaL-irFvWmPvIlMtyDOHuCAP9TUfn7AE1ScohEJ1Dwi70RTxIGycRB5nNig3D_P8GKj9O4d9-IZMiyly1JiJnzKJWvATKeryyFRXfNXnSOOjca-79AV4zJfIPw03n8pcYNmffSNoy-m_gqb1Raf0GqPVHLw7zRN4fXzqde_GIWalpJizEvl9Kf0qGUk0lmPEHNQ_Tv0b1mFOuYR6C10ej14ykixQAPFBnOe-tS28d1o3UvGq28iBznQAJ7l0sQ-yO-G0hbFl9QkfDdo7HAjOatWid-1rnVaW6xPgP-orXr2gTPMXPF6YkdeWSXKfEjLbkRWIJsBvFoxHBrBCZhtcBSIXUfB_d9xcQb4kIxi5WLNUewlBZO6ErZ7V8uxh_Jzjp5OPRjJk0NBMfKYGCTe-Lx4xDozvLUXUoNk_IcA6LS99tphiThIi6gfKZuQhdUz7t9B5BlJ_7v0fzSyzh41rTMeLbrEyUHl9Kp8xr1cflJLwoeFNFEuSYQBOF1cBG_K9xodyJ0dIkJbQROBVPI8N2uIa6x4-O5P4rS7PvbBZOdoaU&lptoken=175025b37471555153f0&source=443895569&keyword=informmedeliveryusps.com+RO&geo=GB&campaignname=United+States+-+Direct+-+Cleaner+-+Totalav+globalwhite&device=Mobile&os=Android+10.x+Mobile&browser=Chrome+116&carrier=UNKNOWN&CREATIVE-ID=%40%40CREATIVE-ID%40%40&bid=0.005&clickid=90873161830
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 07 Sep 2024 21:15:54 GMT
cf-cache-status
HIT
last-modified
Thu, 20 Jun 2024 12:18:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5710
etag
"66741e09-20b2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ontJSa%2BMC%2FhR%2B1mRkK78J%2BMN9PAhP3dUvc6OiDUCSFcxTjQSYJF%2FQi55NJEghIpZpCmCrWtoVMKmE43n6CBymtYnfgtaFyifz%2BxSRLG6WFsoH%2BGy8i5EwfYJaL1isRfgAEo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bf9b77edfddbf07-LHR
alt-svc
h3=":443"; ma=86400
content-length
8370
alert.mp3
extoffoliga.com/html/similar/sounds/ 		0
0 		Media
General
Check archive.org
Download Go to
Full URL
https://extoffoliga.com/html/similar/sounds/alert.mp3
Requested by
Host: extoffoliga.com
URL: https://extoffoliga.com/html/similar/?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wqg5rr260p6qmt043innt15l&cid=wqg5rr260p6qmt043innt15l&campaign.id=42741c3c-7033-411b-9d7d-aa6eccb8b43d&cep=9yNpxtAUS-H0fT-mmOby4BoUHjTvkNuoA96D4aHVZa4AWggpGc3MRuiDu970hteCk_7qVXdhdpaV7JOS71AKL5PasYWj7CuXCDCuG-ScBOzM1-GgYHovU-KGmSjiSIOaL-irFvWmPvIlMtyDOHuCAP9TUfn7AE1ScohEJ1Dwi70RTxIGycRB5nNig3D_P8GKj9O4d9-IZMiyly1JiJnzKJWvATKeryyFRXfNXnSOOjca-79AV4zJfIPw03n8pcYNmffSNoy-m_gqb1Raf0GqPVHLw7zRN4fXzqde_GIWalpJizEvl9Kf0qGUk0lmPEHNQ_Tv0b1mFOuYR6C10ej14ykixQAPFBnOe-tS28d1o3UvGq28iBznQAJ7l0sQ-yO-G0hbFl9QkfDdo7HAjOatWid-1rnVaW6xPgP-orXr2gTPMXPF6YkdeWSXKfEjLbkRWIJsBvFoxHBrBCZhtcBSIXUfB_d9xcQb4kIxi5WLNUewlBZO6ErZ7V8uxh_Jzjp5OPRjJk0NBMfKYGCTe-Lx4xDozvLUXUoNk_IcA6LS99tphiThIi6gfKZuQhdUz7t9B5BlJ_7v0fzSyzh41rTMeLbrEyUHl9Kp8xr1cflJLwoeFNFEuSYQBOF1cBG_K9xodyJ0dIkJbQROBVPI8N2uIa6x4-O5P4rS7PvbBZOdoaU&lptoken=175025b37471555153f0&source=443895569&keyword=informmedeliveryusps.com+RO&geo=GB&campaignname=United+States+-+Direct+-+Cleaner+-+Totalav+globalwhite&device=Mobile&os=Android+10.x+Mobile&browser=Chrome+116&carrier=UNKNOWN&CREATIVE-ID=%40%40CREATIVE-ID%40%40&bid=0.005&clickid=90873161830
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://extoffoliga.com/html/similar/?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wqg5rr260p6qmt043innt15l&cid=wqg5rr260p6qmt043innt15l&campaign.id=42741c3c-7033-411b-9d7d-aa6eccb8b43d&cep=9yNpxtAUS-H0fT-mmOby4BoUHjTvkNuoA96D4aHVZa4AWggpGc3MRuiDu970hteCk_7qVXdhdpaV7JOS71AKL5PasYWj7CuXCDCuG-ScBOzM1-GgYHovU-KGmSjiSIOaL-irFvWmPvIlMtyDOHuCAP9TUfn7AE1ScohEJ1Dwi70RTxIGycRB5nNig3D_P8GKj9O4d9-IZMiyly1JiJnzKJWvATKeryyFRXfNXnSOOjca-79AV4zJfIPw03n8pcYNmffSNoy-m_gqb1Raf0GqPVHLw7zRN4fXzqde_GIWalpJizEvl9Kf0qGUk0lmPEHNQ_Tv0b1mFOuYR6C10ej14ykixQAPFBnOe-tS28d1o3UvGq28iBznQAJ7l0sQ-yO-G0hbFl9QkfDdo7HAjOatWid-1rnVaW6xPgP-orXr2gTPMXPF6YkdeWSXKfEjLbkRWIJsBvFoxHBrBCZhtcBSIXUfB_d9xcQb4kIxi5WLNUewlBZO6ErZ7V8uxh_Jzjp5OPRjJk0NBMfKYGCTe-Lx4xDozvLUXUoNk_IcA6LS99tphiThIi6gfKZuQhdUz7t9B5BlJ_7v0fzSyzh41rTMeLbrEyUHl9Kp8xr1cflJLwoeFNFEuSYQBOF1cBG_K9xodyJ0dIkJbQROBVPI8N2uIa6x4-O5P4rS7PvbBZOdoaU&lptoken=175025b37471555153f0&source=443895569&keyword=informmedeliveryusps.com+RO&geo=GB&campaignname=United+States+-+Direct+-+Cleaner+-+Totalav+globalwhite&device=Mobile&os=Android+10.x+Mobile&browser=Chrome+116&carrier=UNKNOWN&CREATIVE-ID=%40%40CREATIVE-ID%40%40&bid=0.005&clickid=90873161830
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Range
bytes=0-

Response headers

date
Sat, 07 Sep 2024 21:15:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
34
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tDrkVFDrcZys0tQmArrFDeyuLA5RXHGeT6dDxAt8dLGbGlQ02HRL%2FJ2g8NhouIr42uDMymdYStdPSB4qoHp9AF3KQytTQR4vz0OeWkTFjt9DZcgv76vAOXttGi9KagsLH1A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8bf9b77ff924bf07-LHR
alt-svc
h3=":443"; ma=86400
micro.tag.min.js
laugoust.com/act/files/ 		43 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://laugoust.com/act/files/micro.tag.min.js?z=7630069&ymid=wqg5rr260p6qmt043innt15l&var=42741c3c-7033-411b-9d7d-aa6eccb8b43d&sw=/sw-check-permissions-b552e.js
Requested by
Host: extoffoliga.com
URL: https://extoffoliga.com/html/similar/?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wqg5rr260p6qmt043innt15l&cid=wqg5rr260p6qmt043innt15l&campaign.id=42741c3c-7033-411b-9d7d-aa6eccb8b43d&cep=9yNpxtAUS-H0fT-mmOby4BoUHjTvkNuoA96D4aHVZa4AWggpGc3MRuiDu970hteCk_7qVXdhdpaV7JOS71AKL5PasYWj7CuXCDCuG-ScBOzM1-GgYHovU-KGmSjiSIOaL-irFvWmPvIlMtyDOHuCAP9TUfn7AE1ScohEJ1Dwi70RTxIGycRB5nNig3D_P8GKj9O4d9-IZMiyly1JiJnzKJWvATKeryyFRXfNXnSOOjca-79AV4zJfIPw03n8pcYNmffSNoy-m_gqb1Raf0GqPVHLw7zRN4fXzqde_GIWalpJizEvl9Kf0qGUk0lmPEHNQ_Tv0b1mFOuYR6C10ej14ykixQAPFBnOe-tS28d1o3UvGq28iBznQAJ7l0sQ-yO-G0hbFl9QkfDdo7HAjOatWid-1rnVaW6xPgP-orXr2gTPMXPF6YkdeWSXKfEjLbkRWIJsBvFoxHBrBCZhtcBSIXUfB_d9xcQb4kIxi5WLNUewlBZO6ErZ7V8uxh_Jzjp5OPRjJk0NBMfKYGCTe-Lx4xDozvLUXUoNk_IcA6LS99tphiThIi6gfKZuQhdUz7t9B5BlJ_7v0fzSyzh41rTMeLbrEyUHl9Kp8xr1cflJLwoeFNFEuSYQBOF1cBG_K9xodyJ0dIkJbQROBVPI8N2uIa6x4-O5P4rS7PvbBZOdoaU&lptoken=175025b37471555153f0&source=443895569&keyword=informmedeliveryusps.com+RO&geo=GB&campaignname=United+States+-+Direct+-+Cleaner+-+Totalav+globalwhite&device=Mobile&os=Android+10.x+Mobile&browser=Chrome+116&carrier=UNKNOWN&CREATIVE-ID=%40%40CREATIVE-ID%40%40&bid=0.005&clickid=90873161830
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
762b81d6779b2960a57926dd59e146549acc2e2d40f1c817065bef0b83571785

Request headers

Referer
https://extoffoliga.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Sat, 07 Sep 2024 21:15:54 GMT
content-encoding
gzip
last-modified
Fri, 06 Sep 2024 12:52:21 GMT
server
nginx
etag
W/"66dafb05-add6"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
favicon.ico
extoffoliga.com/ 		564 B
568 B 		Other
General
Check archive.org
Download Go to
Full URL
https://extoffoliga.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed6f6f2144998175c846a99d2a0faab5bf7b6ace318f0fe2dc4bfeaf4700c1d8

Request headers

Referer
https://extoffoliga.com/html/similar/?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wqg5rr260p6qmt043innt15l&cid=wqg5rr260p6qmt043innt15l&campaign.id=42741c3c-7033-411b-9d7d-aa6eccb8b43d&cep=9yNpxtAUS-H0fT-mmOby4BoUHjTvkNuoA96D4aHVZa4AWggpGc3MRuiDu970hteCk_7qVXdhdpaV7JOS71AKL5PasYWj7CuXCDCuG-ScBOzM1-GgYHovU-KGmSjiSIOaL-irFvWmPvIlMtyDOHuCAP9TUfn7AE1ScohEJ1Dwi70RTxIGycRB5nNig3D_P8GKj9O4d9-IZMiyly1JiJnzKJWvATKeryyFRXfNXnSOOjca-79AV4zJfIPw03n8pcYNmffSNoy-m_gqb1Raf0GqPVHLw7zRN4fXzqde_GIWalpJizEvl9Kf0qGUk0lmPEHNQ_Tv0b1mFOuYR6C10ej14ykixQAPFBnOe-tS28d1o3UvGq28iBznQAJ7l0sQ-yO-G0hbFl9QkfDdo7HAjOatWid-1rnVaW6xPgP-orXr2gTPMXPF6YkdeWSXKfEjLbkRWIJsBvFoxHBrBCZhtcBSIXUfB_d9xcQb4kIxi5WLNUewlBZO6ErZ7V8uxh_Jzjp5OPRjJk0NBMfKYGCTe-Lx4xDozvLUXUoNk_IcA6LS99tphiThIi6gfKZuQhdUz7t9B5BlJ_7v0fzSyzh41rTMeLbrEyUHl9Kp8xr1cflJLwoeFNFEuSYQBOF1cBG_K9xodyJ0dIkJbQROBVPI8N2uIa6x4-O5P4rS7PvbBZOdoaU&lptoken=175025b37471555153f0&source=443895569&keyword=informmedeliveryusps.com+RO&geo=GB&campaignname=United+States+-+Direct+-+Cleaner+-+Totalav+globalwhite&device=Mobile&os=Android+10.x+Mobile&browser=Chrome+116&carrier=UNKNOWN&CREATIVE-ID=%40%40CREATIVE-ID%40%40&bid=0.005&clickid=90873161830
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 07 Sep 2024 21:15:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
60
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7yyCTqnDXbPjYdWWCOC8vmFmmpXIgsEAQGfgz3sskIvU%2F0r7tG2SFQdC6xYcFXfBuj1Je3AHYo8SOoW1GqgGduXaaVXM89CxwYW%2BRvqu6LOkoW8obgr3RjJeyK2zwyMQMlk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8bf9b7817b0ebf07-LHR
alt-svc
h3=":443"; ma=86400
sw-check-permissions-b552e.js
extoffoliga.com/ 		0
718 B 		Other
General
Check archive.org
Download Go to
Full URL
https://extoffoliga.com/sw-check-permissions-b552e.js?var=42741c3c-7033-411b-9d7d-aa6eccb8b43d&ymid=wqg5rr260p6qmt043innt15l&zoneId=7630069
Requested by
Host: laugoust.com
URL: https://laugoust.com/act/files/micro.tag.min.js?z=7630069&ymid=wqg5rr260p6qmt043innt15l&var=42741c3c-7033-411b-9d7d-aa6eccb8b43d&sw=/sw-check-permissions-b552e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extoffoliga.com/html/similar/?lang=en&brand=Samsung&model=Galaxy%20A20&txn_id=wqg5rr260p6qmt043innt15l&cid=wqg5rr260p6qmt043innt15l&campaign.id=42741c3c-7033-411b-9d7d-aa6eccb8b43d&cep=9yNpxtAUS-H0fT-mmOby4BoUHjTvkNuoA96D4aHVZa4AWggpGc3MRuiDu970hteCk_7qVXdhdpaV7JOS71AKL5PasYWj7CuXCDCuG-ScBOzM1-GgYHovU-KGmSjiSIOaL-irFvWmPvIlMtyDOHuCAP9TUfn7AE1ScohEJ1Dwi70RTxIGycRB5nNig3D_P8GKj9O4d9-IZMiyly1JiJnzKJWvATKeryyFRXfNXnSOOjca-79AV4zJfIPw03n8pcYNmffSNoy-m_gqb1Raf0GqPVHLw7zRN4fXzqde_GIWalpJizEvl9Kf0qGUk0lmPEHNQ_Tv0b1mFOuYR6C10ej14ykixQAPFBnOe-tS28d1o3UvGq28iBznQAJ7l0sQ-yO-G0hbFl9QkfDdo7HAjOatWid-1rnVaW6xPgP-orXr2gTPMXPF6YkdeWSXKfEjLbkRWIJsBvFoxHBrBCZhtcBSIXUfB_d9xcQb4kIxi5WLNUewlBZO6ErZ7V8uxh_Jzjp5OPRjJk0NBMfKYGCTe-Lx4xDozvLUXUoNk_IcA6LS99tphiThIi6gfKZuQhdUz7t9B5BlJ_7v0fzSyzh41rTMeLbrEyUHl9Kp8xr1cflJLwoeFNFEuSYQBOF1cBG_K9xodyJ0dIkJbQROBVPI8N2uIa6x4-O5P4rS7PvbBZOdoaU&lptoken=175025b37471555153f0&source=443895569&keyword=informmedeliveryusps.com+RO&geo=GB&campaignname=United+States+-+Direct+-+Cleaner+-+Totalav+globalwhite&device=Mobile&os=Android+10.x+Mobile&browser=Chrome+116&carrier=UNKNOWN&CREATIVE-ID=%40%40CREATIVE-ID%40%40&bid=0.005&clickid=90873161830
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 07 Sep 2024 21:15:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 19 Jun 2024 15:50:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6672fe39-234"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oQmSwJhDrAwtFevAKFE0fsiOBUJXRHMpC70T%2B7H0C%2FEw5kqZWzNXvPIGQtc50EJi8y6pTHvXQr7dgUMMBJAlIqLmzfTbWH1Gm9GmUkps1mBM7nAO43UDUfxhTJaZ%2FW3v1vU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8bf9b7817b15bf07-LHR
alt-svc
h3=":443"; ma=86400
zone
laugoust.com/ 		0
335 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://laugoust.com/zone?pub=0&zone_id=7630069&is_mobile=true&domain=extoffoliga.com&var=42741c3c-7033-411b-9d7d-aa6eccb8b43d&ymid=wqg5rr260p6qmt043innt15l&var_3=&var_4=&dsig=&tg=1&sw=3.1.555&trace_id=30d1fb71-aa4e-4847-8c8a-9220e5f6cdea&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=&drf=
Requested by
Host: laugoust.com
URL: https://laugoust.com/act/files/micro.tag.min.js?z=7630069&ymid=wqg5rr260p6qmt043innt15l&var=42741c3c-7033-411b-9d7d-aa6eccb8b43d&sw=/sw-check-permissions-b552e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://extoffoliga.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 07 Sep 2024 21:15:54 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server
nginx
access-control-allow-origin
https://extoffoliga.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
event
laugoust.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://laugoust.com/event
Requested by
Host: laugoust.com
URL: https://laugoust.com/act/files/micro.tag.min.js?z=7630069&ymid=wqg5rr260p6qmt043innt15l&var=42741c3c-7033-411b-9d7d-aa6eccb8b43d&sw=/sw-check-permissions-b552e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extoffoliga.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
text/plain;charset=UTF-8

Response headers
gid.js
my.rtmark.net/ 		65 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=7630069&checkDuplicate=true&ymid=wqg5rr260p6qmt043innt15l&var=42741c3c-7033-411b-9d7d-aa6eccb8b43d&source=pusher
Requested by
Host: laugoust.com
URL: https://laugoust.com/act/files/micro.tag.min.js?z=7630069&ymid=wqg5rr260p6qmt043innt15l&var=42741c3c-7033-411b-9d7d-aa6eccb8b43d&sw=/sw-check-permissions-b552e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9608a2b9f041dfcfb249d79c6b3ad2c349744e86322ff739ea0db34be0900dd6
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://extoffoliga.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 07 Sep 2024 21:15:54 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://extoffoliga.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
event
laugoust.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://laugoust.com/event
Requested by
Host: laugoust.com
URL: https://laugoust.com/act/files/micro.tag.min.js?z=7630069&ymid=wqg5rr260p6qmt043innt15l&var=42741c3c-7033-411b-9d7d-aa6eccb8b43d&sw=/sw-check-permissions-b552e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extoffoliga.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
text/plain;charset=UTF-8

Response headers
event
laugoust.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://laugoust.com/event
Requested by
Host: laugoust.com
URL: https://laugoust.com/act/files/micro.tag.min.js?z=7630069&ymid=wqg5rr260p6qmt043innt15l&var=42741c3c-7033-411b-9d7d-aa6eccb8b43d&sw=/sw-check-permissions-b552e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extoffoliga.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
text/plain;charset=UTF-8

Response headers
event
laugoust.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://laugoust.com/event
Requested by
Host: laugoust.com
URL: https://laugoust.com/act/files/micro.tag.min.js?z=7630069&ymid=wqg5rr260p6qmt043innt15l&var=42741c3c-7033-411b-9d7d-aa6eccb8b43d&sw=/sw-check-permissions-b552e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extoffoliga.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
text/plain;charset=UTF-8

Response headers
event
laugoust.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://laugoust.com/event
Requested by
Host: laugoust.com
URL: https://laugoust.com/act/files/micro.tag.min.js?z=7630069&ymid=wqg5rr260p6qmt043innt15l&var=42741c3c-7033-411b-9d7d-aa6eccb8b43d&sw=/sw-check-permissions-b552e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extoffoliga.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
text/plain;charset=UTF-8

Response headers
zone
laugoust.com/ 		569 B
939 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://laugoust.com/zone?pub=0&zone_id=7630069&is_mobile=true&domain=extoffoliga.com&var=42741c3c-7033-411b-9d7d-aa6eccb8b43d&ymid=wqg5rr260p6qmt043innt15l&var_3=&var_4=&dsig=&tg=1&sw=3.1.555&trace_id=30d1fb71-aa4e-4847-8c8a-9220e5f6cdea&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: laugoust.com
URL: https://laugoust.com/act/files/micro.tag.min.js?z=7630069&ymid=wqg5rr260p6qmt043innt15l&var=42741c3c-7033-411b-9d7d-aa6eccb8b43d&sw=/sw-check-permissions-b552e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
104a0716a8941d184c920f95bc50fe29a5e00a858f6d12ec509a8a8acf0da8ec
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://extoffoliga.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 07 Sep 2024 21:15:54 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type
application/json; charset=utf-8
access-control-allow-origin
https://extoffoliga.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
569
event
laugoust.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://laugoust.com/event
Requested by
Host: laugoust.com
URL: https://laugoust.com/act/files/micro.tag.min.js?z=7630069&ymid=wqg5rr260p6qmt043innt15l&var=42741c3c-7033-411b-9d7d-aa6eccb8b43d&sw=/sw-check-permissions-b552e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extoffoliga.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
text/plain;charset=UTF-8

Response headers
event
laugoust.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://laugoust.com/event
Requested by
Host: laugoust.com
URL: https://laugoust.com/act/files/micro.tag.min.js?z=7630069&ymid=wqg5rr260p6qmt043innt15l&var=42741c3c-7033-411b-9d7d-aa6eccb8b43d&sw=/sw-check-permissions-b552e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extoffoliga.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
text/plain;charset=UTF-8

Response headers
event
laugoust.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://laugoust.com/event
Requested by
Host: laugoust.com
URL: https://laugoust.com/act/files/micro.tag.min.js?z=7630069&ymid=wqg5rr260p6qmt043innt15l&var=42741c3c-7033-411b-9d7d-aa6eccb8b43d&sw=/sw-check-permissions-b552e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extoffoliga.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
text/plain;charset=UTF-8

Response headers
event
laugoust.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://laugoust.com/event
Requested by
Host: laugoust.com
URL: https://laugoust.com/act/files/micro.tag.min.js?z=7630069&ymid=wqg5rr260p6qmt043innt15l&var=42741c3c-7033-411b-9d7d-aa6eccb8b43d&sw=/sw-check-permissions-b552e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extoffoliga.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| getURLParameter function| replaceTokens function| updateContent string| alertText object| url string| pci string| ppi object| s object| zfgformats

5 Cookies

Domain/Path Name / Value
.intckdom.com/ Name: rhid
Value: 83809340194
.intckdom.com/ Name: loi
Value: ad_1828267_off_1270833_aff_88847_cid_374591-INFORMMEDELIVERYUSPS.COM_ts_1725743753
.my.toruftuiov.com/ Name: 42741c3c-7033-411b-9d7d-aa6eccb8b43d-v4
Value: 8yR4uaGX383ui1hmT7dAJrqtQ69dyuGTjXurZ-GQGY8
.my.toruftuiov.com/ Name: cep-v4
Value: I65_VwXbI1eUO1rdkST-EPMjYktOxTZrQ_Xte43jhHtdb1E3ZPjFpYSe5MQs9TBk6jobXMs_NokOhyD1nQOnJL9AxjtummfCZLzbkxhYrL55wLl2RkevIVmi62SNO4YXdnQEbM6AJtCoKlNWJshhv-2xXJLuQoGUuKzUZ19NNLGKPB93q7I-h_pgYPKh8lDS-jb8iOd-cDDD4z444uft_CkYlKYRmuolIFkQmnxjCRIwUnpMZjGUbK9Y0Sw6jHNmFCIMijPf-0k_HHgOg826MxhPSKw5WXH0l7QVTK4-ZdrH0Psr3_xkhusOdB_81JhHelUvUyooJsuDQx6tN1xJK47LWfNQWtUj5dJfQ6ccexq4pzqpvPZ9rLXEmNKb-4SpPk2EhWm7iJzmCzVIVX2QNScICm0Zx5J1OlPorgeVmMicJ77j6bQK0Trtu1ZzITLw1egKXWbkUhxez_bq0YrGEdZ4dSWEBpEG6-BTWOUWWhv_Ih5yszatVRs5dGbDE2y-SZIp7UKrRJz_3zg4jvQkb1RJWmA6On6w-F5d7w1-3BLMTBGphL-aHJl9lColR9Pl1K4B8IrSq8h3p3mH5DQ0K_V0o6dSAUqSWmJZejvEIIvSmZEq14HDHdqAUlt6pN2XmjiVqXJyhDxrvyqRmf9UquC-ybBGxHP8W_yU--E2CEs
my.rtmark.net/ Name: ID
Value: 0180d074186b4c47f10eaf026310864d

2 Console Messages

Source Level URL
Text
network error URL: https://extoffoliga.com/html/similar/sounds/alert.mp3
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://extoffoliga.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()