urlscan.io logo urlscan.io
SecurityTrails logo

heliophasic.com Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://notube.net/p/
Effective URL: https://heliophasic.com/SZfD2sLP?cost=0.003485&currency=usd&external_id=879356303095636191&creative_id=22385805&ad_campa...
Submission: On November 10 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 21 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is heliophasic.com. The Cisco Umbrella rank of the primary domain is 711348.
TLS certificate: Issued by WE1 on October 5th 2024. Valid for: 3 months.
This is the only time heliophasic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.27.206.87 13335 (CLOUDFLAR...)
2 13 104.18.22.222 13335 (CLOUDFLAR...)
10 188.114.96.3 13335 (CLOUDFLAR...)
21 2
Apex Domain
Subdomains		 Transfer
13 goobakocaup.com
goobakocaup.com
33 KB
8 heliophasic.com
heliophasic.com — Cisco Umbrella Rank: 711348
90 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10912
2 KB
1 notube.net
notube.net — Cisco Umbrella Rank: 691049
3 KB
21 4
Domain Requested by
13 goobakocaup.com 2 redirects goobakocaup.com
8 heliophasic.com heliophasic.com
2 my.rtmark.net goobakocaup.com
1 notube.net 1 redirects
21 4

This site contains no links.

Subject Issuer Validity Valid
goobakocaup.com
WE1		 2024-10-23 -
2025-01-21		 3 months crt.sh
my.rtmark.net
WE1		 2024-11-06 -
2025-02-04		 3 months crt.sh
heliophasic.com
WE1		 2024-10-05 -
2025-01-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://heliophasic.com/SZfD2sLP?cost=0.003485&currency=usd&external_id=879356303095636191&creative_id=22385805&ad_campaign_id=8785804&source=6118780&sub_id_1=windows&sub_id_2=chrome&sub_id_3=desktop&sub_id_4={zone_type}&sub_id_5=22385805
Frame ID: 8BDE4AAF26CB4F2ED1948E93605F4A4E
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Browser-Update

Page URL History Show full URLs

  1. https://notube.net/p/ HTTP 302
    https://goobakocaup.com/4/4113315 Page URL
  2. https://goobakocaup.com/?z=4113315&syncedCookie=true&rhd=false HTTP 302
    https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x Page URL
  3. https://goobakocaup.com/?z=6118780&syncedCookie=false&rhd=false HTTP 302
    https://heliophasic.com/SZfD2sLP?cost=0.003485&currency=usd&external_id=879356303095636191&creative_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

122 kB
Transfer

401 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://notube.net/p/ HTTP 302
    https://goobakocaup.com/4/4113315 Page URL
  2. https://goobakocaup.com/?z=4113315&syncedCookie=true&rhd=false HTTP 302
    https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x Page URL
  3. https://goobakocaup.com/?z=6118780&syncedCookie=false&rhd=false HTTP 302
    https://heliophasic.com/SZfD2sLP?cost=0.003485&currency=usd&external_id=879356303095636191&creative_id=22385805&ad_campaign_id=8785804&source=6118780&sub_id_1=windows&sub_id_2=chrome&sub_id_3=desktop&sub_id_4={zone_type}&sub_id_5=22385805 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://notube.net/p/ HTTP 302
  • https://goobakocaup.com/4/4113315
Request Chain 6
  • https://goobakocaup.com/?z=4113315&syncedCookie=true&rhd=false HTTP 302
  • https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
4113315
goobakocaup.com/4/
Redirect Chain
  • https://notube.net/p/
  • https://goobakocaup.com/4/4113315
30 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://goobakocaup.com/4/4113315
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a06609e7768c9adccf6d1e3a42ab45bdba329f20f86ccd57e6c9a76646f8b2a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8e03d1d1bd4f4d93-FRA
content-encoding
gzip
content-type
text/html; charset=utf8
date
Sun, 10 Nov 2024 05:59:59 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
d65b9f1e2b5b523828f85e7f3c7bea6a

Redirect headers

age
3083
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=7200
cf-cache-status
HIT
cf-ray
8e03d1d16cebdb06-FRA
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none' default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none' default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none' default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none' default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none' default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none' default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none' default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none' default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none' default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none' default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none' default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; media-src 'self' 'unsafe-inline' *;img-src 'self' blob: data: *; style-src 'self' 'unsafe-inline' *; font-src 'self' *; frame-src 'self' *; connect-src 'self' *; object-src 'none'
content-type
text/html; charset=UTF-8
date
Sun, 10 Nov 2024 05:59:58 GMT
location
https://goobakocaup.com/4/4113315
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NA%2BOUNQTPzH%2BLLdc5vtTleVTPxZmp12q0jwOs6KsX0hISWza%2F1mJYt0frkmd8ltdHfsKELOV6I56cuU4dIk5SRwuLbhwyX93nqHA7i38NIyFZgBMIxg1%2FzOW9V8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=7256&sent=13&recv=9&lost=0&retrans=0&sent_bytes=4299&recv_bytes=4452&delivery_rate=90228&cwnd=12000&unsent_bytes=0&cid=361ebcdded1cb95b&ts=21&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff nosniff nosniff nosniff nosniff nosniff nosniff nosniff nosniff nosniff nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block 1; mode=block 1; mode=block 1; mode=block 1; mode=block 1; mode=block 1; mode=block 1; mode=block 1; mode=block 1; mode=block 1; mode=block
img.gif
my.rtmark.net/ 		43 B
827 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=00811047e21d4726e4b26f7dec0c79f1&z=4113315&p_rid=81e09dfe-d869-44cf-a73c-4042b345f87f&p_src=sf
Requested by
Host: goobakocaup.com
URL: https://goobakocaup.com/4/4113315
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://goobakocaup.com/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XavGngYTXSX%2FMrVukSTLsuHYfXXD%2B6Ia7Qi3Ah46OGpklHM7gbxvcftBMm5cqRoTu57hJ2iUXkyrnwCKQpdALMLVLGsDqaiuM%2BSVA3Zp2cBnNk5le6ETItHYMOGMAjIs"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6884&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4135&recv_bytes=4490&delivery_rate=85952&cwnd=12000&unsent_bytes=0&cid=750414d5580d8d14&ts=27&x=1", cfHdrFlush;dur=0
date
Sun, 10 Nov 2024 05:59:59 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8e03d1d24820d366-FRA
access-control-allow-origin
*
content-length
43
server
cloudflare
sftouch
goobakocaup.com/ 		43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goobakocaup.com/sftouch?userId=00811047e21d4726e4b26f7dec0c79f1&z=4113315&p_rid=81e09dfe-d869-44cf-a73c-4042b345f87f&p_src=sf&branchId=0&rb=YJIU0HcAMYSYT_w2rn74kHa9cLP8lQYUIE6BNycYlGmBnrMUb5CKWJH472mMohEKtPd9kC8JqDGZabUzkxjLiQOz5g2JGBXWoS4roWBi5ERasrttsvbqnf25k6pI0K6jHWiOTOK0z6pQgu0ddQVkoqPipRq8xLHWOnWZOFOrJ5ygrQ01-2BI1kzdWcFYD555At_y9ICwvhX11Idmn0N0l7YWU8E63_kaX-XAenhSM33MrGMa4hQdTkKVFEDTo_jExsIcsw1CM40AQVg_Gqq1q7X_z-FZXFMOTVqKtyaGRVFG85Ce7ljS1J28OXJiA7m_&w_img=1
Requested by
Host: goobakocaup.com
URL: https://goobakocaup.com/4/4113315
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://goobakocaup.com/4/4113315

Response headers

access-control-max-age
86400
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 10 Nov 2024 05:59:59 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
2c662c5aa354fcffd5020d8a971faecc
cf-ray
8e03d1d22d7d4d93-FRA
access-control-allow-origin
*
content-length
43
server
cloudflare
add
goobakocaup.com/log/ 		12 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://goobakocaup.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=81e09dfe-d869-44cf-a73c-4042b345f87f
Requested by
Host: goobakocaup.com
URL: https://goobakocaup.com/4/4113315
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://goobakocaup.com/4/4113315

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
cf-ray
8e03d1d29c0c18c7-FRA
access-control-allow-origin
https://goobakocaup.com
alt-svc
h3=":443"; ma=86400
content-length
12
date
Sun, 10 Nov 2024 05:59:59 GMT
content-type
application/json; charset=utf-8
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
add
goobakocaup.com/async_log/ 		0
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://goobakocaup.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=81e09dfe-d869-44cf-a73c-4042b345f87f
Requested by
Host: goobakocaup.com
URL: https://goobakocaup.com/4/4113315
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://goobakocaup.com/4/4113315

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
cf-ray
8e03d1d2ac1618c7-FRA
access-control-allow-origin
https://goobakocaup.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 10 Nov 2024 05:59:59 GMT
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
favicon.ico
goobakocaup.com/ 		0
219 B 		Other
General
Check archive.org
Download Go to
Full URL
https://goobakocaup.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://goobakocaup.com/4/4113315

Response headers

cache-control
public, max-age=315360000
cf-cache-status
HIT
pragma
public
age
330640
cf-ray
8e03d1d2ac1718c7-FRA
expires
Wed, 08 Nov 2034 05:59:59 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 10 Nov 2024 05:59:59 GMT
vary
Accept-Encoding
server
cloudflare
6118780
goobakocaup.com/4/
Redirect Chain
  • https://goobakocaup.com/?z=4113315&syncedCookie=true&rhd=false
  • https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x
31 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d8c25788b32f13d915af12db2b847186bfd09d4673fd363fcb789c0e953b311
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://goobakocaup.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8e03d1d31c6918c7-FRA
content-encoding
gzip
content-type
text/html; charset=utf8
date
Sun, 10 Nov 2024 05:59:59 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
cbe7b1950c9def688e3284f0f20b0ac6

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://goobakocaup.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8e03d1d2dc3b18c7-FRA
content-length
0
date
Sun, 10 Nov 2024 05:59:59 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://goobakocaup.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x
pragma
no-cache
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
1e1fccf722c1443ca3953ff772db40f4
img.gif
my.rtmark.net/ 		43 B
811 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=00811047e21d4726e4b26f7dec0c79f1&z=6118780&p_rid=ace9628e-6939-4cfa-90b2-bfa7eced02dc&p_src=sf
Requested by
Host: goobakocaup.com
URL: https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://goobakocaup.com/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qzRgPnoEaLfFNv7uM6ixlSGdU6f9SOnlmGEC2muaqHJTA27K2DB4HgE0cAVTQ1%2Bohefvsym9qen8%2F19%2F1BjtPWNSkNHHManBquuT46p%2BzhdWO96rrpFw4NIZmUdj0lYk"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6847&sent=14&recv=11&lost=0&retrans=0&sent_bytes=5008&recv_bytes=4957&delivery_rate=59827&cwnd=12000&unsent_bytes=0&cid=750414d5580d8d14&ts=212&x=1", cfHdrFlush;dur=0
date
Sun, 10 Nov 2024 05:59:59 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8e03d1d379c0d366-FRA
access-control-allow-origin
https://goobakocaup.com
content-length
43
server
cloudflare
sftouch
goobakocaup.com/ 		43 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goobakocaup.com/sftouch?userId=00811047e21d4726e4b26f7dec0c79f1&z=6118780&p_rid=ace9628e-6939-4cfa-90b2-bfa7eced02dc&p_src=sf&branchId=0&rb=tuILgvZLXq68mzMnVkYlG1NqLxpQyR9VDyWZw25p2690lMN02AvS4yfbKmPbePktq3gndJXTaDAr9r8y8k0EP4x5KtO22KyZ0XHP578JX-rIwGb6Lkbz6H-hQfIgPpW-UxaNyfBaUhvFg8XE1h28P37ncJbm_WJUCQRsSU75u-g8pFDc5VBRQA7pp2c0-EyySKmc_LAw0lY9Dz_vCs7ONvHE2N6RiEbQs1Ea3hJh8uanbr7Mn8NVNhNBsguSOhuTKqv5blNyTvKXYnNgCpFyGSgqJmKsHLN995dsymdJLXlM1hzWlEjnpNR605KbcVkeigReJQ==&w_img=1
Requested by
Host: goobakocaup.com
URL: https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x

Response headers

access-control-max-age
86400
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 10 Nov 2024 05:59:59 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
771c8543c4ef90491377772859ab1d82
cf-ray
8e03d1d37ca118c7-FRA
access-control-allow-origin
*
content-length
43
server
cloudflare
add
goobakocaup.com/log/ 		12 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://goobakocaup.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=ace9628e-6939-4cfa-90b2-bfa7eced02dc
Requested by
Host: goobakocaup.com
URL: https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
cf-ray
8e03d1d3acbe18c7-FRA
access-control-allow-origin
https://goobakocaup.com
alt-svc
h3=":443"; ma=86400
content-length
12
date
Sun, 10 Nov 2024 05:59:59 GMT
content-type
application/json; charset=utf-8
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
add
goobakocaup.com/async_log/ 		0
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://goobakocaup.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=ace9628e-6939-4cfa-90b2-bfa7eced02dc
Requested by
Host: goobakocaup.com
URL: https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
cf-ray
8e03d1d3bcc618c7-FRA
access-control-allow-origin
https://goobakocaup.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 10 Nov 2024 05:59:59 GMT
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
favicon.ico
goobakocaup.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://goobakocaup.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x

Response headers

cache-control
public, max-age=315360000
cf-cache-status
HIT
pragma
public
age
330640
cf-ray
8e03d1d2ac1718c7-FRA
expires
Wed, 08 Nov 2034 05:59:59 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 10 Nov 2024 05:59:59 GMT
vary
Accept-Encoding
server
cloudflare
Primary Request SZfD2sLP
heliophasic.com/
Redirect Chain
  • https://goobakocaup.com/?z=6118780&syncedCookie=false&rhd=false
  • https://heliophasic.com/SZfD2sLP?cost=0.003485&currency=usd&external_id=879356303095636191&creative_id=22385805&ad_campaign_id=8785804&source=6118780&sub_id_1=windows&sub_id_2=chrome&sub_id_3=deskt...
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heliophasic.com/SZfD2sLP?cost=0.003485&currency=usd&external_id=879356303095636191&creative_id=22385805&ad_campaign_id=8785804&source=6118780&sub_id_1=windows&sub_id_2=chrome&sub_id_3=desktop&sub_id_4={zone_type}&sub_id_5=22385805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af0549036d0e0284bcfc616aeb161cac38a600838187e97603ca4aff97709358

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://goobakocaup.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8e03d1d72b4e1086-HKG
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Sun, 10 Nov 2024 06:00:00 GMT
expires
Sun, 10 Nov 2024 06:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6fAgEdLpZwMEYpM6pf5WoDiD6HVmzMELybwEMPDiBvqkqcFRaJknhQ6E2IzWkcJohWfZZgdpAldatm1BPicuZaCbi5yKkDLHBtSHZGR2RGok0rpnLwQEKRwV5G%2Br0ec39HU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=266490&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4142&recv_bytes=4645&delivery_rate=98&cwnd=12000&unsent_bytes=0&cid=794b4ad3ef3765a3&ts=910&x=1" cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://goobakocaup.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8e03d1d3dcd818c7-FRA
content-length
0
date
Sun, 10 Nov 2024 05:59:59 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://heliophasic.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://heliophasic.com/SZfD2sLP?cost=0.003485&currency=usd&external_id=879356303095636191&creative_id=22385805&ad_campaign_id=8785804&source=6118780&sub_id_1=windows&sub_id_2=chrome&sub_id_3=desktop&sub_id_4={zone_type}&sub_id_5=22385805
pragma
no-cache
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
58ccd1c3661be39d3d7bae7966739fe4
favicon.ico
goobakocaup.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://goobakocaup.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://goobakocaup.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control
public, max-age=315360000
cf-cache-status
HIT
pragma
public
age
330640
cf-ray
8e03d1d2ac1718c7-FRA
expires
Wed, 08 Nov 2034 05:59:59 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 10 Nov 2024 05:59:59 GMT
vary
Accept-Encoding
server
cloudflare
bootstrap.min.css
heliophasic.com/lander/download-file-series-005---before-you-continue-2--opera-gx-_1730221368/assets/bootstrap/css/ 		227 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heliophasic.com/lander/download-file-series-005---before-you-continue-2--opera-gx-_1730221368/assets/bootstrap/css/bootstrap.min.css?h=a549af2a81cd9900ee897d8bc9c4b5e9
Requested by
Host: heliophasic.com
URL: https://heliophasic.com/SZfD2sLP?cost=0.003485&currency=usd&external_id=879356303095636191&creative_id=22385805&ad_campaign_id=8785804&source=6118780&sub_id_1=windows&sub_id_2=chrome&sub_id_3=desktop&sub_id_4={zone_type}&sub_id_5=22385805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26db49828d6701fcfce37a96da6ec3f0ed481abae49c8c9969a575b064413cad

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://heliophasic.com/SZfD2sLP?cost=0.003485&currency=usd&external_id=879356303095636191&creative_id=22385805&ad_campaign_id=8785804&source=6118780&sub_id_1=windows&sub_id_2=chrome&sub_id_3=desktop&sub_id_4={zone_type}&sub_id_5=22385805

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"672118e8-38d36"
age
173689
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ypTlyKYh4Fv7PKpACB8oOJ9%2FAZb3s1tPh0Vp5G8EoJaDJvtNvFzzL7DN3hfRoe8jcpY73GsoOm1N7n1699JDYuQzGgvPv2rjALikkf%2BpqUM9lqDgkFZ%2FrkewrmZSa8rzfbg%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 18 Nov 2024 05:45:11 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=264909&sent=15&recv=15&lost=0&retrans=0&sent_bytes=6660&recv_bytes=7839&delivery_rate=9607&cwnd=12000&unsent_bytes=0&cid=794b4ad3ef3765a3&ts=1198&x=1", cfHdrFlush;dur=261
date
Sun, 10 Nov 2024 06:00:00 GMT
content-type
text/css
last-modified
Tue, 29 Oct 2024 17:18:32 GMT
vary
Accept-Encoding
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e03d1dcea3f1086-HKG
access-control-allow-origin
*
server
cloudflare
tooltip.css
heliophasic.com/lander/download-file-series-005---before-you-continue-2--opera-gx-_1730221368/ 		617 B
1015 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heliophasic.com/lander/download-file-series-005---before-you-continue-2--opera-gx-_1730221368/tooltip.css
Requested by
Host: heliophasic.com
URL: https://heliophasic.com/SZfD2sLP?cost=0.003485&currency=usd&external_id=879356303095636191&creative_id=22385805&ad_campaign_id=8785804&source=6118780&sub_id_1=windows&sub_id_2=chrome&sub_id_3=desktop&sub_id_4={zone_type}&sub_id_5=22385805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d089eea5ebfd673062357fb87ff005e5fb8b0646a90e7102dc176e19459cbe

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://heliophasic.com/SZfD2sLP?cost=0.003485&currency=usd&external_id=879356303095636191&creative_id=22385805&ad_campaign_id=8785804&source=6118780&sub_id_1=windows&sub_id_2=chrome&sub_id_3=desktop&sub_id_4={zone_type}&sub_id_5=22385805

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67211907-269"
age
305483
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IL0Z31HXj6E95PEy2JL49bEt6jCK73MNy14Fcnpr0QEPX5%2FqxeDuDTUpx7tgGQZUhSDiqEdvCb1efQK99%2FFMedW2Lz1Xw%2B4onWM%2FkCesI88C%2FKhO7Ro%2FeoQxRN%2BqF8kHdyU%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 16 Nov 2024 17:08:37 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=264909&sent=15&recv=15&lost=0&retrans=0&sent_bytes=6660&recv_bytes=7839&delivery_rate=9607&cwnd=12000&unsent_bytes=0&cid=794b4ad3ef3765a3&ts=1198&x=1", cfHdrFlush;dur=0
date
Sun, 10 Nov 2024 06:00:00 GMT
content-type
text/css
last-modified
Tue, 29 Oct 2024 17:19:03 GMT
vary
Accept-Encoding
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e03d1dcea431086-HKG
access-control-allow-origin
*
server
cloudflare
bootstrap.min.js
heliophasic.com/lander/download-file-series-005---before-you-continue-2--opera-gx-_1730221368/assets/bootstrap/js/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heliophasic.com/lander/download-file-series-005---before-you-continue-2--opera-gx-_1730221368/assets/bootstrap/js/bootstrap.min.js?h=374d178d651fa0eaf680a1fa7b40c788
Requested by
Host: heliophasic.com
URL: https://heliophasic.com/SZfD2sLP?cost=0.003485&currency=usd&external_id=879356303095636191&creative_id=22385805&ad_campaign_id=8785804&source=6118780&sub_id_1=windows&sub_id_2=chrome&sub_id_3=desktop&sub_id_4={zone_type}&sub_id_5=22385805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
073254afbfc06331b8b548b7fc0532b4ffe2cfdd588368dcc338e7abd50810e1

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://heliophasic.com/SZfD2sLP?cost=0.003485&currency=usd&external_id=879356303095636191&creative_id=22385805&ad_campaign_id=8785804&source=6118780&sub_id_1=windows&sub_id_2=chrome&sub_id_3=desktop&sub_id_4={zone_type}&sub_id_5=22385805

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"672118e8-13b21"
age
305483
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vARosSYL94%2Ff6BxNrD42FA51SyzvPjDR5SZloYV%2BvLnDOqmzZzW92JwN2WGa%2FKAeggxfry0bCR1kavvBJa%2FoxwR%2FbWaUAHaqFZmZOX06FNeCn9%2FV9YNxO7y%2FTZqZqlO%2B0g4%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 16 Nov 2024 17:08:37 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=264909&sent=15&recv=15&lost=0&retrans=0&sent_bytes=6660&recv_bytes=7839&delivery_rate=9607&cwnd=12000&unsent_bytes=0&cid=794b4ad3ef3765a3&ts=1198&x=1", cfHdrFlush;dur=0
date
Sun, 10 Nov 2024 06:00:00 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 17:18:32 GMT
vary
Accept-Encoding
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e03d1dcea461086-HKG
access-control-allow-origin
*
server
cloudflare
tooltip.js
heliophasic.com/lander/download-file-series-005---before-you-continue-2--opera-gx-_1730221368/ 		907 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heliophasic.com/lander/download-file-series-005---before-you-continue-2--opera-gx-_1730221368/tooltip.js
Requested by
Host: heliophasic.com
URL: https://heliophasic.com/SZfD2sLP?cost=0.003485&currency=usd&external_id=879356303095636191&creative_id=22385805&ad_campaign_id=8785804&source=6118780&sub_id_1=windows&sub_id_2=chrome&sub_id_3=desktop&sub_id_4={zone_type}&sub_id_5=22385805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd2beedfe485f9f82f0dc3e29c6a9ec0f125b57b8c7b417c2e2eccdd531a545e

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://heliophasic.com/SZfD2sLP?cost=0.003485&currency=usd&external_id=879356303095636191&creative_id=22385805&ad_campaign_id=8785804&source=6118780&sub_id_1=windows&sub_id_2=chrome&sub_id_3=desktop&sub_id_4={zone_type}&sub_id_5=22385805

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67211900-38b"
age
305481
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aCwMHrjHOVCHG1IrUfD2sBJPhmtVAH8sKdEvYymfandEbGvzMkiPTSRqGnzQYdxIfmdKV%2F2AZOxP7u5IRA04kw7HJNaDTOwJYqj9fF7JQOAoBR1i7kFLiSVadr%2F3hVUPAA8%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 16 Nov 2024 17:08:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=264909&sent=26&recv=15&lost=0&retrans=0&sent_bytes=18660&recv_bytes=7839&delivery_rate=9607&cwnd=12000&unsent_bytes=0&cid=794b4ad3ef3765a3&ts=1210&x=1", cfHdrFlush;dur=249
date
Sun, 10 Nov 2024 06:00:00 GMT
content-type
application/javascript
last-modified
Tue, 29 Oct 2024 17:18:56 GMT
vary
Accept-Encoding
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e03d1dcea471086-HKG
access-control-allow-origin
*
server
cloudflare
tooltip.html
heliophasic.com/lander/download-file-series-005---before-you-continue-2--opera-gx-_1730221368/ 		211 B
765 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://heliophasic.com/lander/download-file-series-005---before-you-continue-2--opera-gx-_1730221368/tooltip.html
Requested by
Host: heliophasic.com
URL: https://heliophasic.com/lander/download-file-series-005---before-you-continue-2--opera-gx-_1730221368/tooltip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef86c35fba6bcaf506d166eeba1357819960d5219ed2817d2793dc34f400ac34
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://heliophasic.com/SZfD2sLP?cost=0.003485&currency=usd&external_id=879356303095636191&creative_id=22385805&ad_campaign_id=8785804&source=6118780&sub_id_1=windows&sub_id_2=chrome&sub_id_3=desktop&sub_id_4={zone_type}&sub_id_5=22385805

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Go3wr%2F6lj7YNR6kth65770txLZCsYQ7LwXadb43Ctk7S1RoXWh6HnaI%2FQ9qrWFQNSExvByReugAf88kZXf0FNUL6xZBgm5sYs%2FqowDSf%2BzLBbh0pqTJf%2FNuy7%2FoGvshzDQI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e03d1e219531086-HKG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=272114&sent=72&recv=46&lost=0&retrans=0&sent_bytes=67119&recv_bytes=10615&delivery_rate=2286&cwnd=36000&unsent_bytes=0&cid=794b4ad3ef3765a3&ts=2333&x=1", cfHdrFlush;dur=0
date
Sun, 10 Nov 2024 06:00:01 GMT
content-type
text/html
last-modified
Tue, 29 Oct 2024 17:19:21 GMT
server
cloudflare
favicon.ico
heliophasic.com/ 		548 B
761 B 		Other
General
Check archive.org
Download Go to
Full URL
https://heliophasic.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://heliophasic.com/SZfD2sLP?cost=0.003485&currency=usd&external_id=879356303095636191&creative_id=22385805&ad_campaign_id=8785804&source=6118780&sub_id_1=windows&sub_id_2=chrome&sub_id_3=desktop&sub_id_4={zone_type}&sub_id_5=22385805

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
77
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BWQkhVipJMBfKfbmXJOC%2BGw7d5cYzYnXS6r4n3gPdXh6q6HrVOpDhRtOF9wukQvCVqpH%2FK87cwjs9SFI%2BUeyB3bDMEuh6kP7%2F0z%2FDlku%2FrbzChJU%2B0Lanzpk4ZctA5%2Fj9vs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e03d1e219551086-HKG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=265585&sent=71&recv=45&lost=0&retrans=0&sent_bytes=66335&recv_bytes=10570&delivery_rate=123623&cwnd=36000&unsent_bytes=0&cid=794b4ad3ef3765a3&ts=2039&x=1", cfHdrFlush;dur=0
date
Sun, 10 Nov 2024 06:00:01 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
green-arrow-drawn-up2.png
heliophasic.com/lander/download-file-series-005---before-you-continue-2--opera-gx-_1730221368/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heliophasic.com/lander/download-file-series-005---before-you-continue-2--opera-gx-_1730221368/green-arrow-drawn-up2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b8ef3b68c456be455273b90fa4a7c4e41557128ed3901afb9950adb958b4f22

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Referer
https://heliophasic.com/SZfD2sLP?cost=0.003485&currency=usd&external_id=879356303095636191&creative_id=22385805&ad_campaign_id=8785804&source=6118780&sub_id_1=windows&sub_id_2=chrome&sub_id_3=desktop&sub_id_4={zone_type}&sub_id_5=22385805

Response headers

cf-cache-status
HIT
etag
"672118f6-719e"
age
406270
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FVuvVv02D6ZHlaEj2H%2FitSfbT4iw7p8gRF%2FF%2FiGj9jgCvFWkPvi%2FlJtFiTDJiTYfTpUf3s3AX7cQ6Xdje8qdYleDg5ylPCAG1t%2F3U6J0Wyg2W3boPkR%2FxsyZj291eYUhHrg%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 15 Nov 2024 13:08:52 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=270996&sent=74&recv=47&lost=0&retrans=0&sent_bytes=67931&recv_bytes=11437&delivery_rate=2959&cwnd=36000&unsent_bytes=0&cid=794b4ad3ef3765a3&ts=2615&x=1", cfHdrFlush;dur=0
date
Sun, 10 Nov 2024 06:00:02 GMT
content-type
image/png
last-modified
Tue, 29 Oct 2024 17:18:46 GMT
vary
Accept-Encoding
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e03d1e5ce851086-HKG
accept-ranges
bytes
access-control-allow-origin
*
content-length
29086
server
cloudflare

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| uidEvent object| bootstrap function| triggerTooltipAnimation

8 Cookies

Domain/Path Name / Value
goobakocaup.com/ Name: OAID
Value: 00811047e21d4726e4b26f7dec0c79f1
goobakocaup.com/ Name: oaidts
Value: 1731218399
my.rtmark.net/ Name: ID
Value: 00811047e21d4726e4b26f7dec0c79f1
goobakocaup.com/ Name: syncedCookie
Value: true
goobakocaup.com/ Name: captcha
Value: system
heliophasic.com/ Name: _subid
Value: 3phi61kgpv3g3
heliophasic.com/ Name: 9d22d
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjEzMDFcIjoxNzMxMjE4NDAwfSxcImNhbXBhaWduc1wiOntcIjYzOVwiOjE3MzEyMTg0MDB9LFwidGltZVwiOjE3MzEyMTg0MDB9In0.7E2GXo-My471IM4_jAUjiQzDX91mwNUnJnYYdWb9Ngk
heliophasic.com/ Name: _token
Value: uuid_3phi61kgpv3g3_3phi61kgpv3g367304be055e0e5.80494233

5 Console Messages

Source Level URL
Text
rendering warning URL: https://goobakocaup.com/4/4113315
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0501D007C1F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://goobakocaup.com/4/4113315
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F01C007C1F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://goobakocaup.com/4/6118780?var=4113315&btz=Europe/Berlin&bto=-60&bar=x
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0501D007C1F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://goobakocaup.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F01C007C1F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://heliophasic.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff