scanflirts.com Open in urlscan Pro
199.36.158.100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://online-chat-box.blogspot.com/
Effective URL:
https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/?cep=WcH3e_PJJNRFnreNKosZsUR39c7ZaexSdth36kJD3wBKV8fwFC...
Submission: On July 29 via api (July 29th 2022, 2:00:30 pm UTC) from IE — Scanned from DE

Summary HTTP 24 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 12 domains to perform 24 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is scanflirts.com.
TLS certificate: Issued by GTS CA 1D4 on July 26th 2022. Valid for: 3 months.

This is the only time scanflirts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
4	178.162.199.80 178.162.199.80	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
1	18.194.228.39 18.194.228.39	16509 (AMAZON-02) (AMAZON-02)
2 2	18.195.123.247 18.195.123.247	16509 (AMAZON-02) (AMAZON-02)
9	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	94.130.164.161 94.130.164.161	24940 (HETZNER-AS) (HETZNER-AS)
3	95.211.229.245 95.211.229.245	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2600:1f18:454... 2600:1f18:454c:f520:fba5:6662:e604:4add	14618 (AMAZON-AES) (AMAZON-AES)
1	216.18.168.29 216.18.168.29	29789 (REFLECTED) (REFLECTED)
24	10

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

online-chat-box.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.162.199.80 (Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)

beeecdj.trsmartoffer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.228.39 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-228-39.eu-central-1.compute.amazonaws.com

cpttrcklnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.123.247 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-123-247.eu-central-1.compute.amazonaws.com

utu.ultraupsilon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gmg.gammaguest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 199.36.158.100 (United States)

ASN54113 (FASTLY, US)

scanflirts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.130.164.161 (Karlsruhe, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.161.164.130.94.clients.your-server.de

tsyndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

main.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:454c:f520:fba5:6662:e604:4add (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ads.traffichunt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.18.168.29 (United States)

ASN29789 (REFLECTED, US)

tfosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	scanflirts.com scanflirts.com	100 KB
4	trsmartoffer.com beeecdj.trsmartoffer.com	116 KB
3	exoclick.com main.exoclick.com — Cisco Umbrella Rank: 39049	1 KB
2	tsyndicate.com tsyndicate.com — Cisco Umbrella Rank: 10161	965 B
1	tfosrv.com tfosrv.com — Cisco Umbrella Rank: 101882	32 KB
1	traffichunt.com ads.traffichunt.com — Cisco Umbrella Rank: 92920	614 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	40 KB
1	gammaguest.com 1 redirects gmg.gammaguest.com — Cisco Umbrella Rank: 670719	1 KB
1	ultraupsilon.com 1 redirects utu.ultraupsilon.com	665 B
1	cpttrcklnk.com cpttrcklnk.com	1 KB
1	blogspot.com online-chat-box.blogspot.com	15 KB
0	nextgencounter.com Failed nextgencounter.com Failed
24	12

	Domain	Requested by
9	scanflirts.com	cpttrcklnk.com scanflirts.com
4	beeecdj.trsmartoffer.com	online-chat-box.blogspot.com beeecdj.trsmartoffer.com
3	main.exoclick.com
2	tsyndicate.com
1	tfosrv.com
1	ads.traffichunt.com
1	www.googletagmanager.com	scanflirts.com
1	gmg.gammaguest.com	1 redirects
1	utu.ultraupsilon.com	1 redirects
1	cpttrcklnk.com	beeecdj.trsmartoffer.com
1	online-chat-box.blogspot.com
0	nextgencounter.com Failed
24	12

This site contains links to these domains. Also see Links.

Domain
gmg.gammaguest.com
lonelypartners.com

Subject Issuer	Validity	Valid
misc-sni.blogspot.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
trsmartoffer.com R3	`2022-07-21` - `2022-10-19`	3 months	crt.sh
guardlnkcaptcha.com Amazon	`2022-07-20` - `2023-08-18`	a year	crt.sh
doorlist.app GTS CA 1D4	`2022-07-26` - `2022-10-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
tsyndicate.com R3	`2022-07-12` - `2022-10-10`	3 months	crt.sh
exoclick.com R3	`2022-05-16` - `2022-08-14`	3 months	crt.sh
traffichunt.com Amazon	`2022-07-28` - `2023-08-26`	a year	crt.sh
*.tfosrv.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-03` - `2022-11-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/?cep=WcH3e_PJJNRFnreNKosZsUR39c7ZaexSdth36kJD3wBKV8fwFCccvNYSmEwYiSGQoF5Z7stVcmwqRODaqZECRgVPrJVAXsZNPbrCrkhwdjOsU32voXqUUpw2MfLT0ZsWqzkB0zSSWW9XpuNX5tUGTvGsh21o-fS5ZZSGANtGjCQ1F_5hONTVomh6v_RkleMg0SqhqCbxHWhqcY64Ex7RGHiUtPeEvitMJqcCGoyKXSgY8xzs8dGsCeD2WCtaWkHa3pf6hBmGpjtrum18KLHlfcOB5KjghQ8RZ9QM5gddMokTyENJdEvsbgnJs-IzWu29sKMpVu098X00EzR9PFFEDrUPkkt3Vd-_sQii4lr9uVxpyp3rE5EBMgyp621oPuQOdjKrSJ-otiQVRq-hrKGse7acEoQZtm2q8OmkN_6dzT3HiOVzUQadycA-EkCP8Z0H9u78voade5OvFSk4hZtDSThOTLcsNQwTXXmMnWZT6tI&lptoken=1670590010b850d021e9&Ad=61451&BanID=542&CampaignID=&s1=89362&SpotName=&BLPID=&ePOM=&banner_id=&aff_id=882&flow_id=
Frame ID: 95F69F1C6A3AF538C95E131E8FC3C990
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

swiftfling.com

Page URL History Show full URLs

https://online-chat-box.blogspot.com/ Page URL
https://beeecdj.trsmartoffer.com/c/62c7a888d65d1 Page URL
https://cpttrcklnk.com/click?o=3510&a=542&sub_id1=44c5f18d2ec61f73b5d59ae250b81e0a&sub_id3=61451 Page URL
https://utu.ultraupsilon.com/b812c3ba-df4b-435d-9fb3-cb66f6a6a756?SourceID=61451&AffiliateID=542&s1=89362... HTTP 302
https://gmg.gammaguest.com/03089f85-095c-473b-8714-0f3fb52bd48d?Ad=61451&BanID=542&CampaignID=&s1=89362... HTTP 302
https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/?cep=WcH3e_PJJNRFnreNKosZsUR39c7Zae... Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

96 %
HTTPS

30 %
IPv6

12
Domains

12
Subdomains

10
IPs

3
Countries

307 kB
Transfer

518 kB
Size

14
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://gmg.gammaguest.com/click
Title: WEITER >>>

Search URL Search Domain Scan URL

URL: https://lonelypartners.com/cookies/
Title: Weiterlesen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://online-chat-box.blogspot.com/ Page URL
https://beeecdj.trsmartoffer.com/c/62c7a888d65d1 Page URL
https://cpttrcklnk.com/click?o=3510&a=542&sub_id1=44c5f18d2ec61f73b5d59ae250b81e0a&sub_id3=61451 Page URL
https://utu.ultraupsilon.com/b812c3ba-df4b-435d-9fb3-cb66f6a6a756?SourceID=61451&AffiliateID=542&s1=89362&aff_id=882&click_id=233ca9116d86b199530169207da0779a HTTP 302
https://gmg.gammaguest.com/03089f85-095c-473b-8714-0f3fb52bd48d?Ad=61451&BanID=542&CampaignID=&s1=89362&SpotName=&BLPID=&ePOM=&banner_id=&aff_id=882&flow_id= HTTP 302
https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/?cep=WcH3e_PJJNRFnreNKosZsUR39c7ZaexSdth36kJD3wBKV8fwFCccvNYSmEwYiSGQoF5Z7stVcmwqRODaqZECRgVPrJVAXsZNPbrCrkhwdjOsU32voXqUUpw2MfLT0ZsWqzkB0zSSWW9XpuNX5tUGTvGsh21o-fS5ZZSGANtGjCQ1F_5hONTVomh6v_RkleMg0SqhqCbxHWhqcY64Ex7RGHiUtPeEvitMJqcCGoyKXSgY8xzs8dGsCeD2WCtaWkHa3pf6hBmGpjtrum18KLHlfcOB5KjghQ8RZ9QM5gddMokTyENJdEvsbgnJs-IzWu29sKMpVu098X00EzR9PFFEDrUPkkt3Vd-_sQii4lr9uVxpyp3rE5EBMgyp621oPuQOdjKrSJ-otiQVRq-hrKGse7acEoQZtm2q8OmkN_6dzT3HiOVzUQadycA-EkCP8Z0H9u78voade5OvFSk4hZtDSThOTLcsNQwTXXmMnWZT6tI&lptoken=1670590010b850d021e9&Ad=61451&BanID=542&CampaignID=&s1=89362&SpotName=&BLPID=&ePOM=&banner_id=&aff_id=882&flow_id= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
online-chat-box.blogspot.com/ 64 KB
15 KB 265ms
197ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://online-chat-box.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 14576
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport
content-type: text/html; charset=UTF-8
date: Fri, 29 Jul 2022 14:00:19 GMT
etag: W/"a0400759e4d6380a5459e12a741ba261a79d4d07ff330b315c4f74885836d9f9"
expires: Fri, 29 Jul 2022 14:00:19 GMT
last-modified: Thu, 28 Jul 2022 06:50:18 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 62c7a888d65d1 Show response
beeecdj.trsmartoffer.com/c/ 3 KB
2 KB 663ms
516ms Document
text/html 178.162.199.80
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://beeecdj.trsmartoffer.com/c/62c7a888d65d1
Requested by: Host: online-chat-box.blogspot.com
URL: https://online-chat-box.blogspot.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: openresty/1.19.3.1 /
Resource Hash: 8d7a67c0f169dbe2f063bc1102db8a93ade951ab8a3a3e84e2c0f2c59fb26a4b

Request headers

Referer: https://online-chat-box.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 29 Jul 2022 14:00:19 GMT
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK jquery-2.js Show response
beeecdj.trsmartoffer.com/js/ 84 KB
84 KB 122ms
122ms Script
application/javascript 178.162.199.80
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://beeecdj.trsmartoffer.com/js/jquery-2.js
Requested by: Host: beeecdj.trsmartoffer.com
URL: https://beeecdj.trsmartoffer.com/c/62c7a888d65d1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: openresty/1.19.3.1 /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beeecdj.trsmartoffer.com/c/62c7a888d65d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:00:19 GMT
Last-Modified: Thu, 28 Jul 2022 12:41:42 GMT
Server: openresty/1.19.3.1
ETag: "62e28406-14e4a"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 85578

GET
H/1.1 200
OK fp2.min.js Show response
beeecdj.trsmartoffer.com/js/ 30 KB
30 KB 164ms
122ms Script
application/javascript 178.162.199.80
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://beeecdj.trsmartoffer.com/js/fp2.min.js
Requested by: Host: beeecdj.trsmartoffer.com
URL: https://beeecdj.trsmartoffer.com/c/62c7a888d65d1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: openresty/1.19.3.1 /
Resource Hash: 6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beeecdj.trsmartoffer.com/c/62c7a888d65d1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:00:19 GMT
Last-Modified: Thu, 28 Jul 2022 12:41:42 GMT
Server: openresty/1.19.3.1
ETag: "62e28406-77dd"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30685

GET
H/1.1 200
OK click.php
beeecdj.trsmartoffer.com/ 109 B
352 B 508ms
507ms XHR
text/html 178.162.199.80
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://beeecdj.trsmartoffer.com/click.php?sid=0822d5b1ba7bfa5da81a2ee03728ae16&fp=JTVCJTdCJTIya2V5JTIyJTNBJTIydXNlckFnZW50JTIyJTJDJTIydmFsdWUlMjIlM0ElMjJNb3ppbGxhJTJGNS4wJTIwKFdpbmRvd3MlMjBOVCUyMDEwLjAlM0IlMjBXaW42NCUzQiUyMHg2NCklMjBBcHBsZVdlYktpdCUyRjUzNy4zNiUyMChLSFRNTCUyQyUyMGxpa2UlMjBHZWNrbyklMjBDaHJvbWUlMkYxMDMuMC41MDYwLjEzNCUyMFNhZmFyaSUyRjUzNy4zNiUyMiU3RCUyQyU3QiUyMmtleSUyMiUzQSUyMndlYmRyaXZlciUyMiUyQyUyMnZhbHVlJTIyJTNBZmFsc2UlN0QlMkMlN0IlMjJrZXklMjIlM0ElMjJsYW5ndWFnZSUyMiUyQyUyMnZhbHVlJTIyJTNBJTIyZW4tVVMlMjIlN0QlMkMlN0IlMjJrZXklMjIlM0ElMjJjb2xvckRlcHRoJTIyJTJDJTIydmFsdWUlMjIlM0EyNCU3RCUyQyU3QiUyMmtleSUyMiUzQSUyMmRldmljZU1lbW9yeSUyMiUyQyUyMnZhbHVlJTIyJTNBOCU3RCUyQyU3QiUyMmtleSUyMiUzQSUyMmhhcmR3YXJlQ29uY3VycmVuY3klMjIlMkMlMjJ2YWx1ZSUyMiUzQTQlN0QlMkMlN0IlMjJrZXklMjIlM0ElMjJzY3JlZW5SZXNvbHV0aW9uJTIyJTJDJTIydmFsdWUlMjIlM0ElNUIxNjAwJTJDMTIwMCU1RCU3RCUyQyU3QiUyMmtleSUyMiUzQSUyMmF2YWlsYWJsZVNjcmVlblJlc29sdXRpb24lMjIlMkMlMjJ2YWx1ZSUyMiUzQSU1QjE2MDAlMkMxMjAwJTVEJTdEJTJDJTdCJTIya2V5JTIyJTNBJTIydGltZXpvbmVPZmZzZXQlMjIlMkMlMjJ2YWx1ZSUyMiUzQTAlN0QlMkMlN0IlMjJrZXklMjIlM0ElMjJ0aW1lem9uZSUyMiUyQyUyMnZhbHVlJTIyJTNBJTIyRXRjJTJGVW5rbm93biUyMiU3RCUyQyU3QiUyMmtleSUyMiUzQSUyMnNlc3Npb25TdG9yYWdlJTIyJTJDJTIydmFsdWUlMjIlM0F0cnVlJTdEJTJDJTdCJTIya2V5JTIyJTNBJTIybG9jYWxTdG9yYWdlJTIyJTJDJTIydmFsdWUlMjIlM0F0cnVlJTdEJTJDJTdCJTIya2V5JTIyJTNBJTIyaW5kZXhlZERiJTIyJTJDJTIydmFsdWUlMjIlM0F0cnVlJTdEJTJDJTdCJTIya2V5JTIyJTNBJTIyYWRkQmVoYXZpb3IlMjIlMkMlMjJ2YWx1ZSUyMiUzQWZhbHNlJTdEJTJDJTdCJTIya2V5JTIyJTNBJTIyb3BlbkRhdGFiYXNlJTIyJTJDJTIydmFsdWUlMjIlM0FmYWxzZSU3RCUyQyU3QiUyMmtleSUyMiUzQSUyMmNwdUNsYXNzJTIyJTJDJTIydmFsdWUlMjIlM0ElMjJub3QlMjBhdmFpbGFibGUlMjIlN0QlMkMlN0IlMjJrZXklMjIlM0ElMjJwbGF0Zm9ybSUyMiUyQyUyMnZhbHVlJTIyJTNBJTIyV2luMzIlMjIlN0QlMkMlN0IlMjJrZXklMjIlM0ElMjJ3ZWJnbFZlbmRvckFuZFJlbmRlcmVyJTIyJTJDJTIydmFsdWUlMjIlM0ElMjJJbnRlbCUyMEluYy5%2BSW50ZWwlMjBJcmlzJTIwT3BlbkdMJTIwRW5naW5lJTIyJTdEJTJDJTdCJTIya2V5JTIyJTNBJTIyaGFzTGllZExhbmd1YWdlcyUyMiUyQyUyMnZhbHVlJTIyJTNBZmFsc2UlN0QlMkMlN0IlMjJrZXklMjIlM0ElMjJoYXNMaWVkUmVzb2x1dGlvbiUyMiUyQyUyMnZhbHVlJTIyJTNBZmFsc2UlN0QlMkMlN0IlMjJrZXklMjIlM0ElMjJoYXNMaWVkT3MlMjIlMkMlMjJ2YWx1ZSUyMiUzQWZhbHNlJTdEJTJDJTdCJTIya2V5JTIyJTNBJTIyaGFzTGllZEJyb3dzZXIlMjIlMkMlMjJ2YWx1ZSUyMiUzQWZhbHNlJTdEJTJDJTdCJTIya2V5JTIyJTNBJTIydG91Y2hTdXBwb3J0JTIyJTJDJTIydmFsdWUlMjIlM0ElNUIwJTJDZmFsc2UlMkNmYWxzZSU1RCU3RCUyQyU3QiUyMmtleSUyMiUzQSUyMmF1ZGlvJTIyJTJDJTIydmFsdWUlMjIlM0ElMjIxMjQuMDQzNDc1Mjc1MTYwNzQlMjIlN0QlMkMlN0IlMjJrZXklMjIlM0ElMjJfX2hhc2glMjIlMkMlMjJ2YWx1ZSUyMiUzQSUyMmM2ZjVkOWI5NTY1YTZlMDg5NTdlZmE1YWQxN2U4MzY1JTIyJTdEJTVE
Requested by: Host: beeecdj.trsmartoffer.com
URL: https://beeecdj.trsmartoffer.com/js/jquery-2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: openresty/1.19.3.1 /
Resource Hash

Request headers

Accept: */*
Referer: https://beeecdj.trsmartoffer.com/c/62c7a888d65d1
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:00:20 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: openresty/1.19.3.1
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 click
cpttrcklnk.com/ 993 B
1 KB 494ms
407ms Document
text/html 18.194.228.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cpttrcklnk.com/click?o=3510&a=542&sub_id1=44c5f18d2ec61f73b5d59ae250b81e0a&sub_id3=61451
Requested by: Host: beeecdj.trsmartoffer.com
URL: https://beeecdj.trsmartoffer.com/c/62c7a888d65d1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.228.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-228-39.eu-central-1.compute.amazonaws.com
Software: nginx/1.20.0 / PHP/7.4.21
Resource Hash

Request headers

Referer: https://beeecdj.trsmartoffer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Fri, 29 Jul 2022 14:00:21 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.20.0
x-powered-by: PHP/7.4.21

GET
H2

200

Primary Request / Show response
scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/
Redirect Chain

https://utu.ultraupsilon.com/b812c3ba-df4b-435d-9fb3-cb66f6a6a756?SourceID=61451&AffiliateID=542&s1=89362&aff_id=882&click_id=233ca9116d86b199530169207da0779a
https://gmg.gammaguest.com/03089f85-095c-473b-8714-0f3fb52bd48d?Ad=61451&BanID=542&CampaignID=&s1=89362&SpotName=&BLPID=&ePOM=&banner_id=&aff_id=882&flow_id=
https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/?cep=WcH3e_PJJNRFnreNKosZsUR39c7ZaexSdth36kJD3wBKV8fwFCccvNYSmEwYiSGQoF5Z7stVcmwqRODaqZECRgVPrJVAXsZNPbrCrkhwdjOsU32voXqUUpw2MfLT0ZsW...

16 KB
3 KB

181ms
135ms

Document
text/html

199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/?cep=WcH3e_PJJNRFnreNKosZsUR39c7ZaexSdth36kJD3wBKV8fwFCccvNYSmEwYiSGQoF5Z7stVcmwqRODaqZECRgVPrJVAXsZNPbrCrkhwdjOsU32voXqUUpw2MfLT0ZsWqzkB0zSSWW9XpuNX5tUGTvGsh21o-fS5ZZSGANtGjCQ1F_5hONTVomh6v_RkleMg0SqhqCbxHWhqcY64Ex7RGHiUtPeEvitMJqcCGoyKXSgY8xzs8dGsCeD2WCtaWkHa3pf6hBmGpjtrum18KLHlfcOB5KjghQ8RZ9QM5gddMokTyENJdEvsbgnJs-IzWu29sKMpVu098X00EzR9PFFEDrUPkkt3Vd-_sQii4lr9uVxpyp3rE5EBMgyp621oPuQOdjKrSJ-otiQVRq-hrKGse7acEoQZtm2q8OmkN_6dzT3HiOVzUQadycA-EkCP8Z0H9u78voade5OvFSk4hZtDSThOTLcsNQwTXXmMnWZT6tI&lptoken=1670590010b850d021e9&Ad=61451&BanID=542&CampaignID=&s1=89362&SpotName=&BLPID=&ePOM=&banner_id=&aff_id=882&flow_id=

Requested by

Host: cpttrcklnk.com
URL: https://cpttrcklnk.com/click?o=3510&a=542&sub_id1=44c5f18d2ec61f73b5d59ae250b81e0a&sub_id3=61451

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7713b4f7be6065e8f85a840c35a75fbaf060a95765fafff8bf15b650645af7f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://cpttrcklnk.com/click?o=3510&a=542&sub_id1=44c5f18d2ec61f73b5d59ae250b81e0a&sub_id3=61451
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 2286
content-type: text/html; charset=utf-8
date: Fri, 29 Jul 2022 14:00:21 GMT
etag: "9b04ab825b41e98e440177cb2eed5c9220513aee3724a51fe118c088d3d34d59-br"
last-modified: Wed, 27 Jul 2022 15:07:13 GMT
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4073-HHN
x-timer: S1659103221.469607,VS0,VE118

Redirect headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Fri, 29 Jul 2022 14:00:21 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/?cep=WcH3e_PJJNRFnreNKosZsUR39c7ZaexSdth36kJD3wBKV8fwFCccvNYSmEwYiSGQoF5Z7stVcmwqRODaqZECRgVPrJVAXsZNPbrCrkhwdjOsU32voXqUUpw2MfLT0ZsWqzkB0zSSWW9XpuNX5tUGTvGsh21o-fS5ZZSGANtGjCQ1F_5hONTVomh6v_RkleMg0SqhqCbxHWhqcY64Ex7RGHiUtPeEvitMJqcCGoyKXSgY8xzs8dGsCeD2WCtaWkHa3pf6hBmGpjtrum18KLHlfcOB5KjghQ8RZ9QM5gddMokTyENJdEvsbgnJs-IzWu29sKMpVu098X00EzR9PFFEDrUPkkt3Vd-_sQii4lr9uVxpyp3rE5EBMgyp621oPuQOdjKrSJ-otiQVRq-hrKGse7acEoQZtm2q8OmkN_6dzT3HiOVzUQadycA-EkCP8Z0H9u78voade5OvFSk4hZtDSThOTLcsNQwTXXmMnWZT6tI&lptoken=1670590010b850d021e9&Ad=61451&BanID=542&CampaignID=&s1=89362&SpotName=&BLPID=&ePOM=&banner_id=&aff_id=882&flow_id=
pragma: no-cache
server: nginx

GET
H2 200 form.css
scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/css/ 6 KB
1 KB 36ms
34ms Stylesheet
text/css 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/css/form.css

Requested by

Host: scanflirts.com
URL: https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/?cep=WcH3e_PJJNRFnreNKosZsUR39c7ZaexSdth36kJD3wBKV8fwFCccvNYSmEwYiSGQoF5Z7stVcmwqRODaqZECRgVPrJVAXsZNPbrCrkhwdjOsU32voXqUUpw2MfLT0ZsWqzkB0zSSWW9XpuNX5tUGTvGsh21o-fS5ZZSGANtGjCQ1F_5hONTVomh6v_RkleMg0SqhqCbxHWhqcY64Ex7RGHiUtPeEvitMJqcCGoyKXSgY8xzs8dGsCeD2WCtaWkHa3pf6hBmGpjtrum18KLHlfcOB5KjghQ8RZ9QM5gddMokTyENJdEvsbgnJs-IzWu29sKMpVu098X00EzR9PFFEDrUPkkt3Vd-_sQii4lr9uVxpyp3rE5EBMgyp621oPuQOdjKrSJ-otiQVRq-hrKGse7acEoQZtm2q8OmkN_6dzT3HiOVzUQadycA-EkCP8Z0H9u78voade5OvFSk4hZtDSThOTLcsNQwTXXmMnWZT6tI&lptoken=1670590010b850d021e9&Ad=61451&BanID=542&CampaignID=&s1=89362&SpotName=&BLPID=&ePOM=&banner_id=&aff_id=882&flow_id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f3e1c56c6812962073c0b90e5504698940d234cb4cd5e2931a64a23f5f2c024

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/?cep=WcH3e_PJJNRFnreNKosZsUR39c7ZaexSdth36kJD3wBKV8fwFCccvNYSmEwYiSGQoF5Z7stVcmwqRODaqZECRgVPrJVAXsZNPbrCrkhwdjOsU32voXqUUpw2MfLT0ZsWqzkB0zSSWW9XpuNX5tUGTvGsh21o-fS5ZZSGANtGjCQ1F_5hONTVomh6v_RkleMg0SqhqCbxHWhqcY64Ex7RGHiUtPeEvitMJqcCGoyKXSgY8xzs8dGsCeD2WCtaWkHa3pf6hBmGpjtrum18KLHlfcOB5KjghQ8RZ9QM5gddMokTyENJdEvsbgnJs-IzWu29sKMpVu098X00EzR9PFFEDrUPkkt3Vd-_sQii4lr9uVxpyp3rE5EBMgyp621oPuQOdjKrSJ-otiQVRq-hrKGse7acEoQZtm2q8OmkN_6dzT3HiOVzUQadycA-EkCP8Z0H9u78voade5OvFSk4hZtDSThOTLcsNQwTXXmMnWZT6tI&lptoken=1670590010b850d021e9&Ad=61451&BanID=542&CampaignID=&s1=89362&SpotName=&BLPID=&ePOM=&banner_id=&aff_id=882&flow_id=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 27 Jul 2022 15:07:13 GMT
x-timer: S1659103222.610531,VS0,VE19
etag: "326d282ca435f68814b1d5e2b6feea16bbbfe7a4abb9eb5cb3c0c58f3ffda64f-br"
x-served-by: cache-hhn4073-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
date: Fri, 29 Jul 2022 14:00:21 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1105
x-cache-hits: 1

GET
H2 200 style.css
scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/css/ 7 KB
1 KB 17ms
16ms Stylesheet
text/css 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/css/style.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5dea4bfa0e4c04b2c5cef3d7f2e12e7309ec921b1584ac0bac9120003dfafcf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/?cep=WcH3e_PJJNRFnreNKosZsUR39c7ZaexSdth36kJD3wBKV8fwFCccvNYSmEwYiSGQoF5Z7stVcmwqRODaqZECRgVPrJVAXsZNPbrCrkhwdjOsU32voXqUUpw2MfLT0ZsWqzkB0zSSWW9XpuNX5tUGTvGsh21o-fS5ZZSGANtGjCQ1F_5hONTVomh6v_RkleMg0SqhqCbxHWhqcY64Ex7RGHiUtPeEvitMJqcCGoyKXSgY8xzs8dGsCeD2WCtaWkHa3pf6hBmGpjtrum18KLHlfcOB5KjghQ8RZ9QM5gddMokTyENJdEvsbgnJs-IzWu29sKMpVu098X00EzR9PFFEDrUPkkt3Vd-_sQii4lr9uVxpyp3rE5EBMgyp621oPuQOdjKrSJ-otiQVRq-hrKGse7acEoQZtm2q8OmkN_6dzT3HiOVzUQadycA-EkCP8Z0H9u78voade5OvFSk4hZtDSThOTLcsNQwTXXmMnWZT6tI&lptoken=1670590010b850d021e9&Ad=61451&BanID=542&CampaignID=&s1=89362&SpotName=&BLPID=&ePOM=&banner_id=&aff_id=882&flow_id=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 27 Jul 2022 15:07:13 GMT
x-timer: S1659103222.610999,VS0,VE1
etag: "395e079d5efdadb3b3c16c7e9cfdf85d2b446530703645900cd8b8f504aa68e1-br"
x-served-by: cache-hhn4073-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
date: Fri, 29 Jul 2022 14:00:21 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1376
x-cache-hits: 1

GET
H2 200 cookie.css
scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/css/ 4 KB
869 B 18ms
17ms Stylesheet
text/css 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/css/cookie.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b40186ca0c1ef0fa52f3939e22fe75662a459eeea23fa0ce3f71d5556a6e7b86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/?cep=WcH3e_PJJNRFnreNKosZsUR39c7ZaexSdth36kJD3wBKV8fwFCccvNYSmEwYiSGQoF5Z7stVcmwqRODaqZECRgVPrJVAXsZNPbrCrkhwdjOsU32voXqUUpw2MfLT0ZsWqzkB0zSSWW9XpuNX5tUGTvGsh21o-fS5ZZSGANtGjCQ1F_5hONTVomh6v_RkleMg0SqhqCbxHWhqcY64Ex7RGHiUtPeEvitMJqcCGoyKXSgY8xzs8dGsCeD2WCtaWkHa3pf6hBmGpjtrum18KLHlfcOB5KjghQ8RZ9QM5gddMokTyENJdEvsbgnJs-IzWu29sKMpVu098X00EzR9PFFEDrUPkkt3Vd-_sQii4lr9uVxpyp3rE5EBMgyp621oPuQOdjKrSJ-otiQVRq-hrKGse7acEoQZtm2q8OmkN_6dzT3HiOVzUQadycA-EkCP8Z0H9u78voade5OvFSk4hZtDSThOTLcsNQwTXXmMnWZT6tI&lptoken=1670590010b850d021e9&Ad=61451&BanID=542&CampaignID=&s1=89362&SpotName=&BLPID=&ePOM=&banner_id=&aff_id=882&flow_id=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 27 Jul 2022 15:07:13 GMT
x-timer: S1659103222.611009,VS0,VE1
etag: "697406b3301f49e1f8737bfae2f2b1d9f2d0d44cf3cbfa70377aa6f85390003b-br"
x-served-by: cache-hhn4073-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
date: Fri, 29 Jul 2022 14:00:21 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 756
x-cache-hits: 1

GET
H2 200 location-pin.svg
scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/images/ 1 KB
787 B 21ms
20ms Image
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/images/location-pin.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ba518a3dbf0ad572a44c511dedd766f52d0a95b9e85ef299be9976638b21e83f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/?cep=WcH3e_PJJNRFnreNKosZsUR39c7ZaexSdth36kJD3wBKV8fwFCccvNYSmEwYiSGQoF5Z7stVcmwqRODaqZECRgVPrJVAXsZNPbrCrkhwdjOsU32voXqUUpw2MfLT0ZsWqzkB0zSSWW9XpuNX5tUGTvGsh21o-fS5ZZSGANtGjCQ1F_5hONTVomh6v_RkleMg0SqhqCbxHWhqcY64Ex7RGHiUtPeEvitMJqcCGoyKXSgY8xzs8dGsCeD2WCtaWkHa3pf6hBmGpjtrum18KLHlfcOB5KjghQ8RZ9QM5gddMokTyENJdEvsbgnJs-IzWu29sKMpVu098X00EzR9PFFEDrUPkkt3Vd-_sQii4lr9uVxpyp3rE5EBMgyp621oPuQOdjKrSJ-otiQVRq-hrKGse7acEoQZtm2q8OmkN_6dzT3HiOVzUQadycA-EkCP8Z0H9u78voade5OvFSk4hZtDSThOTLcsNQwTXXmMnWZT6tI&lptoken=1670590010b850d021e9&Ad=61451&BanID=542&CampaignID=&s1=89362&SpotName=&BLPID=&ePOM=&banner_id=&aff_id=882&flow_id=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 27 Jul 2022 15:07:13 GMT
x-timer: S1659103222.618800,VS0,VE1
etag: "f67306d798219f1ebe9f4e4fd6e129ef03aa516dd70c2f8503acdd4d27203687-br"
x-served-by: cache-hhn4073-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=3600
date: Fri, 29 Jul 2022 14:00:21 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 663
x-cache-hits: 1

GET
H2 200 location-scaner.svg
scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/images/ 743 B
465 B 35ms
34ms Image
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/images/location-scaner.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

41249f5d8e39186e06897524f0f373fbf44fbfc94f040bde772de7388a552e9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/?cep=WcH3e_PJJNRFnreNKosZsUR39c7ZaexSdth36kJD3wBKV8fwFCccvNYSmEwYiSGQoF5Z7stVcmwqRODaqZECRgVPrJVAXsZNPbrCrkhwdjOsU32voXqUUpw2MfLT0ZsWqzkB0zSSWW9XpuNX5tUGTvGsh21o-fS5ZZSGANtGjCQ1F_5hONTVomh6v_RkleMg0SqhqCbxHWhqcY64Ex7RGHiUtPeEvitMJqcCGoyKXSgY8xzs8dGsCeD2WCtaWkHa3pf6hBmGpjtrum18KLHlfcOB5KjghQ8RZ9QM5gddMokTyENJdEvsbgnJs-IzWu29sKMpVu098X00EzR9PFFEDrUPkkt3Vd-_sQii4lr9uVxpyp3rE5EBMgyp621oPuQOdjKrSJ-otiQVRq-hrKGse7acEoQZtm2q8OmkN_6dzT3HiOVzUQadycA-EkCP8Z0H9u78voade5OvFSk4hZtDSThOTLcsNQwTXXmMnWZT6tI&lptoken=1670590010b850d021e9&Ad=61451&BanID=542&CampaignID=&s1=89362&SpotName=&BLPID=&ePOM=&banner_id=&aff_id=882&flow_id=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 27 Jul 2022 15:07:13 GMT
x-timer: S1659103222.618786,VS0,VE19
etag: "4ea39b659f0ee99934890c2580227665e1a03416eb80454410a2c0690cfa63be-br"
x-served-by: cache-hhn4073-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=3600
date: Fri, 29 Jul 2022 14:00:21 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 352
x-cache-hits: 1

GET
H2 200 jquery.min.js Show response
scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/js/ 87 KB
27 KB 17ms
16ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/js/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/?cep=WcH3e_PJJNRFnreNKosZsUR39c7ZaexSdth36kJD3wBKV8fwFCccvNYSmEwYiSGQoF5Z7stVcmwqRODaqZECRgVPrJVAXsZNPbrCrkhwdjOsU32voXqUUpw2MfLT0ZsWqzkB0zSSWW9XpuNX5tUGTvGsh21o-fS5ZZSGANtGjCQ1F_5hONTVomh6v_RkleMg0SqhqCbxHWhqcY64Ex7RGHiUtPeEvitMJqcCGoyKXSgY8xzs8dGsCeD2WCtaWkHa3pf6hBmGpjtrum18KLHlfcOB5KjghQ8RZ9QM5gddMokTyENJdEvsbgnJs-IzWu29sKMpVu098X00EzR9PFFEDrUPkkt3Vd-_sQii4lr9uVxpyp3rE5EBMgyp621oPuQOdjKrSJ-otiQVRq-hrKGse7acEoQZtm2q8OmkN_6dzT3HiOVzUQadycA-EkCP8Z0H9u78voade5OvFSk4hZtDSThOTLcsNQwTXXmMnWZT6tI&lptoken=1670590010b850d021e9&Ad=61451&BanID=542&CampaignID=&s1=89362&SpotName=&BLPID=&ePOM=&banner_id=&aff_id=882&flow_id=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 27 Jul 2022 15:07:13 GMT
x-timer: S1659103222.618370,VS0,VE1
etag: "adf7ee27abe439a2ad8b0002c7b346ae1cff9f409dada23746c717da1e6f96d9-br"
x-served-by: cache-hhn4073-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Fri, 29 Jul 2022 14:00:21 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 27955
x-cache-hits: 1

GET
H2 200 step.js Show response
scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/js/ 3 KB
893 B 20ms
19ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/js/step.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

11ed73b8f19930ef1d1f05da475baa3b0489d3b07d0deb5b73b4a2814911b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/?cep=WcH3e_PJJNRFnreNKosZsUR39c7ZaexSdth36kJD3wBKV8fwFCccvNYSmEwYiSGQoF5Z7stVcmwqRODaqZECRgVPrJVAXsZNPbrCrkhwdjOsU32voXqUUpw2MfLT0ZsWqzkB0zSSWW9XpuNX5tUGTvGsh21o-fS5ZZSGANtGjCQ1F_5hONTVomh6v_RkleMg0SqhqCbxHWhqcY64Ex7RGHiUtPeEvitMJqcCGoyKXSgY8xzs8dGsCeD2WCtaWkHa3pf6hBmGpjtrum18KLHlfcOB5KjghQ8RZ9QM5gddMokTyENJdEvsbgnJs-IzWu29sKMpVu098X00EzR9PFFEDrUPkkt3Vd-_sQii4lr9uVxpyp3rE5EBMgyp621oPuQOdjKrSJ-otiQVRq-hrKGse7acEoQZtm2q8OmkN_6dzT3HiOVzUQadycA-EkCP8Z0H9u78voade5OvFSk4hZtDSThOTLcsNQwTXXmMnWZT6tI&lptoken=1670590010b850d021e9&Ad=61451&BanID=542&CampaignID=&s1=89362&SpotName=&BLPID=&ePOM=&banner_id=&aff_id=882&flow_id=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 27 Jul 2022 15:07:13 GMT
x-timer: S1659103222.618803,VS0,VE1
etag: "76a98ad9b6ca2782d28686843618bf3fe1f04572ca7a3b59c435794d1426c372-br"
x-served-by: cache-hhn4073-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Fri, 29 Jul 2022 14:00:21 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 780
x-cache-hits: 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 114 KB
40 KB 69ms
28ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TMR4NP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f47c6c2cae6abdec77d222ebf5fc29628f2754d4f9bc6f1409ee252900f73e14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanflirts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40906
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 14:00:21 GMT

GET
H2 200 10.jpg
scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/images/ 64 KB
64 KB 17ms
17ms Image
image/jpeg 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/images/10.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cc764dbdd80f747c538f60d9041d37ea0e0774e383e7f1a9211e7780f0eb5d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanflirts.com/adu_de_20_08_27_t81_v1_2_ex2_re1_dis1_jv/?cep=WcH3e_PJJNRFnreNKosZsUR39c7ZaexSdth36kJD3wBKV8fwFCccvNYSmEwYiSGQoF5Z7stVcmwqRODaqZECRgVPrJVAXsZNPbrCrkhwdjOsU32voXqUUpw2MfLT0ZsWqzkB0zSSWW9XpuNX5tUGTvGsh21o-fS5ZZSGANtGjCQ1F_5hONTVomh6v_RkleMg0SqhqCbxHWhqcY64Ex7RGHiUtPeEvitMJqcCGoyKXSgY8xzs8dGsCeD2WCtaWkHa3pf6hBmGpjtrum18KLHlfcOB5KjghQ8RZ9QM5gddMokTyENJdEvsbgnJs-IzWu29sKMpVu098X00EzR9PFFEDrUPkkt3Vd-_sQii4lr9uVxpyp3rE5EBMgyp621oPuQOdjKrSJ-otiQVRq-hrKGse7acEoQZtm2q8OmkN_6dzT3HiOVzUQadycA-EkCP8Z0H9u78voade5OvFSk4hZtDSThOTLcsNQwTXXmMnWZT6tI&lptoken=1670590010b850d021e9&Ad=61451&BanID=542&CampaignID=&s1=89362&SpotName=&BLPID=&ePOM=&banner_id=&aff_id=882&flow_id=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Wed, 27 Jul 2022 15:07:13 GMT
x-timer: S1659103222.654331,VS0,VE1
etag: "f9bf4be4bd8c4eb420fc78f3ba9a63872c10716181e7adcce4d9ec3044b70c95"
x-served-by: cache-hhn4073-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=3600
date: Fri, 29 Jul 2022 14:00:21 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 65553
x-cache-hits: 1

GET
H2 200 06eb0705-463f-4b96-836b-64bf3cfa8631
tsyndicate.com/api/v1/retargeting/set/ 35 B
483 B 93ms
29ms Image
image/gif 94.130.164.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsyndicate.com/api/v1/retargeting/set/06eb0705-463f-4b96-836b-64bf3cfa8631?gtmcb=1671226979
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.164.161 Karlsruhe, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.164.130.94.clients.your-server.de
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanflirts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 14:00:21 GMT
server: nginx
x-api-version: 1
vary: *
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
content-length: 35
x-request-id: fe4c0ab936e1b061
expires: 0

GET
H/1.1 200
OK tag.php
main.exoclick.com/ 0
419 B 80ms
23ms Image
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=68831a8833a4917ff6b2c530dc3a4c1f&gtmcb=802072449
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanflirts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:00:21 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exoclick.com/ 0
419 B 80ms
23ms Image
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=33d8e6a4225d77ae914dff110feef000&gtmcb=439517612
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanflirts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:00:21 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET index.min.js
nextgencounter.com/ 0
0

GET
H/1.1 200
OK tag.php
main.exoclick.com/ 0
419 B 80ms
24ms Image
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=5ca8b60d120434a1134c010ca6272da6&gtmcb=256492616
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanflirts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Fri, 29 Jul 2022 14:00:21 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 /
ads.traffichunt.com/adv_ret/ 0
614 B 317ms
104ms Image
text/plain 2600:1f18:454c:f520:fba5:6662:e604:4add
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.traffichunt.com/adv_ret/?adv_pixel_id=861&nid=3&gtmcb=1072796675
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:454c:f520:fba5:6662:e604:4add Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanflirts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 14:00:21 GMT
server: nginx
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 e61f38d1-37ba-4a3d-9474-c0d9e0d9ea70
tsyndicate.com/api/v1/retargeting/set/ 35 B
482 B 93ms
30ms Image
image/gif 94.130.164.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsyndicate.com/api/v1/retargeting/set/e61f38d1-37ba-4a3d-9474-c0d9e0d9ea70?gtmcb=2042553234
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.164.161 Karlsruhe, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.164.130.94.clients.your-server.de
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanflirts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 14:00:21 GMT
server: nginx
x-api-version: 1
vary: *
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
content-length: 35
x-request-id: 88e5b44b20f0417e
expires: 0

GET
H/1.1 200
OK retargeting.js
tfosrv.com/ 32 KB
32 KB 99ms
27ms Image
text/javascript 216.18.168.29
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tfosrv.com/retargeting.js?id=981&gtmcb=1270769179
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.18.168.29 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanflirts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 14:00:21 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
transfer-encoding: chunked
content-type: text/javascript
x-request-id: 62E3E7F5-D812A81D01BB4898-40DB2B28
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nextgencounter.com
URL: https://nextgencounter.com/index.min.js?pk=d22e6e1bbef67e016bac3e7555dfcf6d&gtmcb=823533577

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.trsmartoffer.com/	1970-01-21 07:08:31	Name: SID Value: 0822d5b1ba7bfa5da81a2ee03728ae16
cpttrcklnk.com/	1970-01-20 05:34:55	Name: U-15e122e839dfdaa7ce969536f94aecf6 Value: unique
cpttrcklnk.com/	1970-01-20 05:01:48	Name: o_15e122e839dfdaa7ce969536f94aecf6 Value: 69fa8d5e-546e-453f-bead-e54164f10ab5
cpttrcklnk.com/	1969-12-31 23:59:59	Name: advanced-core Value: 1s7smfbem8ud4cr3pgq8nebf43
.utu.ultraupsilon.com/	1970-01-20 04:53:09	Name: b812c3ba-df4b-435d-9fb3-cb66f6a6a756-v4 Value: Y_UJ6fzXiNt-mt1qHDAJWEvKovFjn4w0GTmL6E0Tb1E
.utu.ultraupsilon.com/	1970-01-20 13:37:19	Name: cc-v4 Value: inF2106VWMFp2EAUqbFOCsk5692D9rrj4UfkncIG3yZu%2FyOkKJxBpQHe38DEMWHwX4W5ACq27LmfvL7uYRWHsgxP6GAIRwmj041LO8nApeNzIoXH5rl1y6Yn9tZetgMBNTFpbhYX3TJvTjbJcl53wg%3D%3D
.gmg.gammaguest.com/	1970-01-20 04:53:09	Name: 03089f85-095c-473b-8714-0f3fb52bd48d-v4 Value: aI2Kk1XEBRp2jpog9iSgmQhmBZ323mUHzg_YELl4ehw
.gmg.gammaguest.com/	1970-01-20 04:53:09	Name: cep-v4 Value: hn_FPKJaH9_gU5smS9QY7Y1m_dk_rkhmEgKvLgEohhtCPYHol73RPCzTh6Tj0rZzIT5XZO-N68OiXyW4kAe5PSWrlyLR_T82jdkrTXDyfPLIElUiX7CDBQQpPpizBf6bYyKIEoRb6cohygXWPTqI7OACHtIKlK4TKMy35M6ijetQS4lcTx_AX1SzSw60e7SPSHSG65AxUcFIyKOq58AcbzzME1VkyP2PJzkaPRyT75iUxnwvObIFud-RchlLFzlLBCO6skLfuk84XxKlOMrOWXBr2kyJRIxorGnuNeksaObPNztkYm1cb14hM2PwJPyIn2O5qymkpzFGUaNkv3qqt8UFb_ods0H71XFe_T5bqqOFOkRhf4JoFE1QBwpB5a4hIdCQdEcY5nopHOAnZMDcx4FgF38GqXLPkbeiOTGgStYVtHFNgQhvT9f0iqWcClMt1in01xV0Woc-Kh4xVDQwFkASLhN8TeahOiKc7olIVAU
.exoclick.com/	1970-01-20 13:37:19	Name: goals Value: a%3A1%3A%7Bi%3A83337%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-07-29%22%3B%7D%7D
tsyndicate.com/	1970-01-20 13:37:19	Name: ts_rt_06eb0705-463f-4b96-836b-64bf3cfa8631 Value: Z-i0GSOmRwwbN2LIkGEjx40cAQE=
tsyndicate.com/	1970-01-20 13:37:19	Name: ts_rt_e61f38d1-37ba-4a3d-9474-c0d9e0d9ea70 Value: Z-i0GSOmhwwYNGTUqDFDxgwaAQE=
ads.traffichunt.com/	1970-01-20 07:01:19	Name: new_adx_profile_guid Value: 4fd32c9e-8801-4c62-94d6-2938ef61eec2
ads.traffichunt.com/	1970-01-20 07:01:19	Name: new_3.adx_rt_0 Value: 861
ads.traffichunt.com/	1970-01-20 04:52:19	Name: new_3.adx_daily_rt_0 Value: 861

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.traffichunt.com
beeecdj.trsmartoffer.com
cpttrcklnk.com
gmg.gammaguest.com
main.exoclick.com
nextgencounter.com
online-chat-box.blogspot.com
scanflirts.com
tfosrv.com
tsyndicate.com
utu.ultraupsilon.com
www.googletagmanager.com
nextgencounter.com
178.162.199.80
18.194.228.39
18.195.123.247
199.36.158.100
216.18.168.29
2600:1f18:454c:f520:fba5:6662:e604:4add
2a00:1450:4001:80f::2001
2a00:1450:4001:828::2008
94.130.164.161
95.211.229.245
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
11ed73b8f19930ef1d1f05da475baa3b0489d3b07d0deb5b73b4a2814911b7f2
41249f5d8e39186e06897524f0f373fbf44fbfc94f040bde772de7388a552e9d
4f3e1c56c6812962073c0b90e5504698940d234cb4cd5e2931a64a23f5f2c024
5dea4bfa0e4c04b2c5cef3d7f2e12e7309ec921b1584ac0bac9120003dfafcf0
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e
7713b4f7be6065e8f85a840c35a75fbaf060a95765fafff8bf15b650645af7f5
8d7a67c0f169dbe2f063bc1102db8a93ade951ab8a3a3e84e2c0f2c59fb26a4b
b40186ca0c1ef0fa52f3939e22fe75662a459eeea23fa0ce3f71d5556a6e7b86
ba518a3dbf0ad572a44c511dedd766f52d0a95b9e85ef299be9976638b21e83f
cc764dbdd80f747c538f60d9041d37ea0e0774e383e7f1a9211e7780f0eb5d38
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f47c6c2cae6abdec77d222ebf5fc29628f2754d4f9bc6f1409ee252900f73e14

scanflirts.com Open in urlscan Pro 199.36.158.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

96 %HTTPS

30 %IPv6

12 Domains

12 Subdomains

10 IPs

3 Countries

307 kBTransfer

518 kBSize

14 Cookies

2 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

14 Cookies

Security Headers

Indicators

scanflirts.com Open in urlscan Pro
199.36.158.100 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

96 %
HTTPS

30 %
IPv6

12
Domains

12
Subdomains

10
IPs

3
Countries

307 kB
Transfer

518 kB
Size

14
Cookies

24 HTTP transactions
0 data transactions