urlscan.io logo urlscan.io
SecurityTrails logo

theadultstream.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/f1z5eg4er35h1erb/mjbrbvze.html#AsXMTiGS7f.RMMt?dVlHTwccST7ycyDKNcdcJZcKc9jc8jvxScbbb5c
Effective URL: https://theadultstream.com/ifyr/en/
Submission: On July 10 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 13 domains to perform 48 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is theadultstream.com.
TLS certificate: Issued by GTS CA 1P5 on June 6th 2023. Valid for: 3 months.
This is the only time theadultstream.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 1 172.111.38.203 63023 (AS-GLOBAL...)
1 209.236.123.144 30277 (DFW-DATAC...)
1 4 2606:4700:303... 13335 (CLOUDFLAR...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
18 67.212.184.146 32475 (SINGLEHOP...)
12 18 51.68.81.31 16276 (OVH)
5 5 34.90.46.36 396982 (GOOGLE-CL...)
1 8 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 34.91.234.242 396982 (GOOGLE-CL...)
1 188.114.97.3 13335 (CLOUDFLAR...)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 188.114.96.3 13335 (CLOUDFLAR...)
48 10
1    2a00:1450:4001:82f::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    172.111.38.203 (Reston, United States)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: garcia.acquaintancelanguage.uk
rentalproperty.uk.com
1    209.236.123.144 (United States)

ASN30277 (DFW-DATACENTER, US)
PTR: 209.236.123.144
enlightenhigh.com
4    2606:4700:3031::ac43:92ee (United States)

ASN13335 (CLOUDFLARENET, US)
lynku.jukminung.com
6    2606:4700:3030::6815:4a8d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
18    67.212.184.146 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
rezi.turetou.com
18    51.68.81.31 (Saint-Venant, France)

ASN16276 (OVH, FR)
www.turbotrck.art
5    34.90.46.36 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.46.90.34.bc.googleusercontent.com
admoustache.media-412.com
8    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
tonic.eygenci.com
1    34.91.234.242 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 242.234.91.34.bc.googleusercontent.com
harrenmedia.g2afse.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
armorads.aftrad-visit.com
4    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
theadultstream.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
cdn.diclotrans.com
Apex Domain
Subdomains		 Transfer
18 turbotrck.art
www.turbotrck.art — Cisco Umbrella Rank: 755346
31 KB
18 turetou.com
rezi.turetou.com — Cisco Umbrella Rank: 911551
32 KB
8 eygenci.com
tonic.eygenci.com — Cisco Umbrella Rank: 759913
11 KB
6 addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 373647
6 KB
5 media-412.com
admoustache.media-412.com — Cisco Umbrella Rank: 678179
1 KB
4 theadultstream.com
theadultstream.com
4 KB
4 jukminung.com
lynku.jukminung.com
7 KB
1 diclotrans.com
cdn.diclotrans.com — Cisco Umbrella Rank: 474597
4 KB
1 aftrad-visit.com
armorads.aftrad-visit.com — Cisco Umbrella Rank: 126724
520 B
1 g2afse.com
harrenmedia.g2afse.com — Cisco Umbrella Rank: 412088
318 B
1 enlightenhigh.com
enlightenhigh.com
450 B
1 uk.com
rentalproperty.uk.com
278 B
1 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 506
602 B
48 13
Domain Requested by
18 www.turbotrck.art 12 redirects rezi.turetou.com
18 rezi.turetou.com lynku.jukminung.com
rezi.turetou.com
tonic.eygenci.com
8 tonic.eygenci.com 1 redirects www.turbotrck.art
tonic.eygenci.com
6 cdn.addlnk.com lynku.jukminung.com
tonic.eygenci.com
5 admoustache.media-412.com 5 redirects
4 theadultstream.com armorads.aftrad-visit.com
theadultstream.com
4 lynku.jukminung.com 1 redirects enlightenhigh.com
lynku.jukminung.com
1 cdn.diclotrans.com theadultstream.com
1 armorads.aftrad-visit.com www.turbotrck.art
1 harrenmedia.g2afse.com 1 redirects
1 enlightenhigh.com storage.googleapis.com
1 rentalproperty.uk.com 1 redirects
1 storage.googleapis.com
48 13

This site contains no links.

Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
enlightenhigh.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-20 -
2024-03-18		 a year crt.sh
addlnk.com
GTS CA 1P5		 2023-06-13 -
2023-09-11		 3 months crt.sh
rezi.turetou.com
R3		 2023-07-03 -
2023-10-01		 3 months crt.sh
www.turbotrck.art
R3		 2023-06-28 -
2023-09-26		 3 months crt.sh
eygenci.com
E1		 2023-05-21 -
2023-08-19		 3 months crt.sh
aftrad-visit.com
GTS CA 1P5		 2023-06-14 -
2023-09-12		 3 months crt.sh
theadultstream.com
GTS CA 1P5		 2023-06-06 -
2023-09-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://theadultstream.com/ifyr/en/
Frame ID: 535412ECD43571A92F3AF75C22A9CB05
Requests: 44 HTTP requests in this frame

Frame: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
Frame ID: F839682B4B8C808FD00AA481C6C00AF6
Requests: 2 HTTP requests in this frame

Frame: https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
Frame ID: 4304D4C6FAC178FB040AF3CEA25E48C6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Access to content

Page URL History Show full URLs

  1. https://storage.googleapis.com/f1z5eg4er35h1erb/mjbrbvze.html Page URL
  2. http://rentalproperty.uk.com/anchorAsXMTiGS7f.RMMt?dVlHTwccST7ycyDKNcdcJZcKc9jc8jvxScbbb5c HTTP 302
    https://enlightenhigh.com/1761922d293dab53800/2_747285_2762801/1975_6453219_4234545_38/725074601_178-1... Page URL
  3. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1357545050&pubid=690089 Page URL
  4. https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream... Page URL
  5. https://rezi.turetou.com/?utm_term=7254294733277626393 Page URL
  6. https://rezi.turetou.com/proc.php?12382e7f18fe6857be7a804d261bd6f41b8f8319 Page URL
  7. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294733277626393&website... Page URL
  8. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294733277626393&website... HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294733277626393&website... HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=3300053eff079a7331a9315c079ce0bc... HTTP 302
    https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea178bf7b0001e45be6&pubid=503 Page URL
  9. https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream... Page URL
  10. https://rezi.turetou.com/?utm_term=7254294737572593708 Page URL
  11. https://rezi.turetou.com/proc.php?6964a25aa2d90283eb2dcd76114d0aa85498fe69 Page URL
  12. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294737572593708&website... Page URL
  13. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294737572593708&website... HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294737572593708&website... HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=3300039aa372153e6ede6db476f15818... HTTP 302
    https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea2a3d4990001c7e3c9&pubid=503 Page URL
  14. https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream... Page URL
  15. https://rezi.turetou.com/?utm_term=7254294741867560995 Page URL
  16. https://rezi.turetou.com/proc.php?7e59ced1bdd621ccdbd8aee07a779a61553f0ac6 Page URL
  17. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294741867560995&website... Page URL
  18. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294741867560995&website... HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294741867560995&website... HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=3300065603442087b5697d6aa5f8519f... HTTP 302
    https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea3df3fd8000198e709&pubid=503 Page URL
  19. https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream... Page URL
  20. https://rezi.turetou.com/?utm_term=7254294746162528301 Page URL
  21. https://rezi.turetou.com/proc.php?5fea6debedda6707a9190a9e803e1bf1070d0065 Page URL
  22. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294746162528301&website... Page URL
  23. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294746162528301&website... HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294746162528301&website... HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330002be25ea917547283f55eff2e4af... HTTP 302
    https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea496101d00019bd758&pubid=503 Page URL
  24. https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream... Page URL
  25. https://rezi.turetou.com/?utm_term=7254294750457495587 Page URL
  26. https://rezi.turetou.com/proc.php?2aa92759b0729a523ce834f2f571e5b6abb29070 Page URL
  27. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294750457495587&website... Page URL
  28. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294750457495587&website... HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294750457495587&website... HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=3300079d67196b2719b2c2c957aa74f7... HTTP 302
    https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea4cbd3560001312331&pubid=503 Page URL
  29. https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream... Page URL
  30. https://rezi.turetou.com/?utm_term=7254294754752462868 Page URL
  31. https://rezi.turetou.com/proc.php?19709a4289c45bc0235203c4e4e5cc4f7dcd64ec Page URL
  32. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294754752462868&website... Page URL
  33. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294754752462868&website... HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294754752462868&website... HTTP 302
    https://harrenmedia.g2afse.com/sl?id=5db1a4743bf47917e8f252cf&pid=228&sub2=132435&sub1=2300029e8bf0191bcc51... HTTP 302
    https://armorads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=106&network_id=1&click_id=64ac6e... Page URL
  34. https://theadultstream.com/ifyr/en/ Page URL

Page Statistics

48
Requests

96 %
HTTPS

38 %
IPv6

13
Domains

13
Subdomains

10
IPs

4
Countries

91 kB
Transfer

143 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/f1z5eg4er35h1erb/mjbrbvze.html Page URL
  2. http://rentalproperty.uk.com/anchorAsXMTiGS7f.RMMt?dVlHTwccST7ycyDKNcdcJZcKc9jc8jvxScbbb5c HTTP 302
    https://enlightenhigh.com/1761922d293dab53800/2_747285_2762801/1975_6453219_4234545_38/725074601_178-162-209-137$ Page URL
  3. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1357545050&pubid=690089 Page URL
  4. https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=f82429a8&cid=pub304f64505aeb4c70a6e949913b228e7e&2=690089 Page URL
  5. https://rezi.turetou.com/?utm_term=7254294733277626393 Page URL
  6. https://rezi.turetou.com/proc.php?12382e7f18fe6857be7a804d261bd6f41b8f8319 Page URL
  7. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294733277626393&website=13260-a70cb436-7494a7ec&placement=13260 Page URL
  8. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294733277626393&website=13260-a70cb436-7494a7ec&placement=13260&eyeg=5dcc940d6dec1c93c49ae71bdf180a4d&eyer=0.2730663698168385&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294733277626393&website=13260-a70cb436-7494a7ec&placement=13260&eyeg=3&eyer=0.2730663698168385&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=3300053eff079a7331a9315c079ce0bce09da0710-202307-flb*5564921-b2be6*M7254294733277626393*sl_5564921-b2be6*0583f2df622331d06a7b897de9e4b5e3f32da9b1*13260-a70cb436-7494a7ec*13260 HTTP 302
    https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea178bf7b0001e45be6&pubid=503 Page URL
  9. https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8fe20426&cid=pub3cee1f8a37664b4aa60415403b94dd6d&2=503 Page URL
  10. https://rezi.turetou.com/?utm_term=7254294737572593708 Page URL
  11. https://rezi.turetou.com/proc.php?6964a25aa2d90283eb2dcd76114d0aa85498fe69 Page URL
  12. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294737572593708&website=13260-df6da59c-edac2c33&placement=13260 Page URL
  13. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294737572593708&website=13260-df6da59c-edac2c33&placement=13260&eyeg=41babade95d086e8d88dc9c9baccb760&eyer=0.8913185956395335&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294737572593708&website=13260-df6da59c-edac2c33&placement=13260&eyeg=3&eyer=0.8913185956395335&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=3300039aa372153e6ede6db476f158189b40f0710-202307-flb*5564921-b2be6*M7254294737572593708*sl_5564921-b2be6*237cbf610cad05a8af495238007d8c10f94ea533*13260-df6da59c-edac2c33*13260 HTTP 302
    https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea2a3d4990001c7e3c9&pubid=503 Page URL
  14. https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8fe20426&cid=pub3cee1f8a37664b4aa60415403b94dd6d&2=503 Page URL
  15. https://rezi.turetou.com/?utm_term=7254294741867560995 Page URL
  16. https://rezi.turetou.com/proc.php?7e59ced1bdd621ccdbd8aee07a779a61553f0ac6 Page URL
  17. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294741867560995&website=13260-df6da59c-edac2c33&placement=13260 Page URL
  18. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294741867560995&website=13260-df6da59c-edac2c33&placement=13260&eyeg=3d2f586bd2227641167800e36eb4dc80&eyer=0.6644829870420763&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294741867560995&website=13260-df6da59c-edac2c33&placement=13260&eyeg=3&eyer=0.6644829870420763&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=3300065603442087b5697d6aa5f8519f590950710-202307-flb*5564921-b2be6*M7254294741867560995*sl_5564921-b2be6*222f1cd5f9a29866e352d9d44f8ec914c55405d7*13260-df6da59c-edac2c33*13260 HTTP 302
    https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea3df3fd8000198e709&pubid=503 Page URL
  19. https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8fe20426&cid=pub3cee1f8a37664b4aa60415403b94dd6d&2=503 Page URL
  20. https://rezi.turetou.com/?utm_term=7254294746162528301 Page URL
  21. https://rezi.turetou.com/proc.php?5fea6debedda6707a9190a9e803e1bf1070d0065 Page URL
  22. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294746162528301&website=13260-df6da59c-edac2c33&placement=13260 Page URL
  23. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294746162528301&website=13260-df6da59c-edac2c33&placement=13260&eyeg=0a8ff2e9e133bd3d1c9b21ad5d850947&eyer=0.22032131014982137&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294746162528301&website=13260-df6da59c-edac2c33&placement=13260&eyeg=3&eyer=0.22032131014982137&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330002be25ea917547283f55eff2e4af1b96b0710-202307-flb*5564921-b2be6*M7254294746162528301*sl_5564921-b2be6*66756fefaed7c158b7348335154f069324a0c7e5*13260-df6da59c-edac2c33*13260 HTTP 302
    https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea496101d00019bd758&pubid=503 Page URL
  24. https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8fe20426&cid=pub3cee1f8a37664b4aa60415403b94dd6d&2=503 Page URL
  25. https://rezi.turetou.com/?utm_term=7254294750457495587 Page URL
  26. https://rezi.turetou.com/proc.php?2aa92759b0729a523ce834f2f571e5b6abb29070 Page URL
  27. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294750457495587&website=13260-df6da59c-edac2c33&placement=13260 Page URL
  28. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294750457495587&website=13260-df6da59c-edac2c33&placement=13260&eyeg=95c63c26233005ea9f5da129ba404210&eyer=0.3543991146376855&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294750457495587&website=13260-df6da59c-edac2c33&placement=13260&eyeg=3&eyer=0.3543991146376855&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=3300079d67196b2719b2c2c957aa74f7aeeb90710-202307-flb*5564921-b2be6*M7254294750457495587*sl_5564921-b2be6*85df967e79b228147d0ef5089256452fc0918cdf*13260-df6da59c-edac2c33*13260 HTTP 302
    https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea4cbd3560001312331&pubid=503 Page URL
  29. https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8fe20426&cid=pub3cee1f8a37664b4aa60415403b94dd6d&2=503 Page URL
  30. https://rezi.turetou.com/?utm_term=7254294754752462868 Page URL
  31. https://rezi.turetou.com/proc.php?19709a4289c45bc0235203c4e4e5cc4f7dcd64ec Page URL
  32. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294754752462868&website=13260-df6da59c-edac2c33&placement=13260 Page URL
  33. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294754752462868&website=13260-df6da59c-edac2c33&placement=13260&eyeg=b9c1a629e761378e4d0cb104e8a9cf47&eyer=0.4760929780295884&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294754752462868&website=13260-df6da59c-edac2c33&placement=13260&eyeg=3&eyer=0.4760929780295884&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
    https://harrenmedia.g2afse.com/sl?id=5db1a4743bf47917e8f252cf&pid=228&sub2=132435&sub1=2300029e8bf0191bcc5100e3c1cb07b4786eb0710-202307-flb*5564921-b2be6*M7254294754752462868*sl_5564921-b2be6*f7371759a353f21733000840fe4a42af13b89d1e*13260-df6da59c-edac2c33*13260 HTTP 302
    https://armorads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=106&network_id=1&click_id=64ac6ea680a0a0000115bee5&source=228&sub_source= Page URL
  34. https://theadultstream.com/ifyr/en/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://rentalproperty.uk.com/anchorAsXMTiGS7f.RMMt?dVlHTwccST7ycyDKNcdcJZcKc9jc8jvxScbbb5c HTTP 302
  • https://enlightenhigh.com/1761922d293dab53800/2_747285_2762801/1975_6453219_4234545_38/725074601_178-162-209-137$
Request Chain 4
  • https://lynku.jukminung.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
Request Chain 10
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294733277626393&website=13260-a70cb436-7494a7ec&placement=13260&eyeg=5dcc940d6dec1c93c49ae71bdf180a4d&eyer=0.2730663698168385&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294733277626393&website=13260-a70cb436-7494a7ec&placement=13260&eyeg=3&eyer=0.2730663698168385&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=3300053eff079a7331a9315c079ce0bce09da0710-202307-flb*5564921-b2be6*M7254294733277626393*sl_5564921-b2be6*0583f2df622331d06a7b897de9e4b5e3f32da9b1*13260-a70cb436-7494a7ec*13260 HTTP 302
  • https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea178bf7b0001e45be6&pubid=503
Request Chain 12
  • https://tonic.eygenci.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
Request Chain 18
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294737572593708&website=13260-df6da59c-edac2c33&placement=13260&eyeg=41babade95d086e8d88dc9c9baccb760&eyer=0.8913185956395335&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294737572593708&website=13260-df6da59c-edac2c33&placement=13260&eyeg=3&eyer=0.8913185956395335&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=3300039aa372153e6ede6db476f158189b40f0710-202307-flb*5564921-b2be6*M7254294737572593708*sl_5564921-b2be6*237cbf610cad05a8af495238007d8c10f94ea533*13260-df6da59c-edac2c33*13260 HTTP 302
  • https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea2a3d4990001c7e3c9&pubid=503
Request Chain 24
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294741867560995&website=13260-df6da59c-edac2c33&placement=13260&eyeg=3d2f586bd2227641167800e36eb4dc80&eyer=0.6644829870420763&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294741867560995&website=13260-df6da59c-edac2c33&placement=13260&eyeg=3&eyer=0.6644829870420763&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=3300065603442087b5697d6aa5f8519f590950710-202307-flb*5564921-b2be6*M7254294741867560995*sl_5564921-b2be6*222f1cd5f9a29866e352d9d44f8ec914c55405d7*13260-df6da59c-edac2c33*13260 HTTP 302
  • https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea3df3fd8000198e709&pubid=503
Request Chain 30
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294746162528301&website=13260-df6da59c-edac2c33&placement=13260&eyeg=0a8ff2e9e133bd3d1c9b21ad5d850947&eyer=0.22032131014982137&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294746162528301&website=13260-df6da59c-edac2c33&placement=13260&eyeg=3&eyer=0.22032131014982137&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330002be25ea917547283f55eff2e4af1b96b0710-202307-flb*5564921-b2be6*M7254294746162528301*sl_5564921-b2be6*66756fefaed7c158b7348335154f069324a0c7e5*13260-df6da59c-edac2c33*13260 HTTP 302
  • https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea496101d00019bd758&pubid=503
Request Chain 36
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294750457495587&website=13260-df6da59c-edac2c33&placement=13260&eyeg=95c63c26233005ea9f5da129ba404210&eyer=0.3543991146376855&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294750457495587&website=13260-df6da59c-edac2c33&placement=13260&eyeg=3&eyer=0.3543991146376855&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=3300079d67196b2719b2c2c957aa74f7aeeb90710-202307-flb*5564921-b2be6*M7254294750457495587*sl_5564921-b2be6*85df967e79b228147d0ef5089256452fc0918cdf*13260-df6da59c-edac2c33*13260 HTTP 302
  • https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea4cbd3560001312331&pubid=503
Request Chain 42
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294754752462868&website=13260-df6da59c-edac2c33&placement=13260&eyeg=b9c1a629e761378e4d0cb104e8a9cf47&eyer=0.4760929780295884&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294754752462868&website=13260-df6da59c-edac2c33&placement=13260&eyeg=3&eyer=0.4760929780295884&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
  • https://harrenmedia.g2afse.com/sl?id=5db1a4743bf47917e8f252cf&pid=228&sub2=132435&sub1=2300029e8bf0191bcc5100e3c1cb07b4786eb0710-202307-flb*5564921-b2be6*M7254294754752462868*sl_5564921-b2be6*f7371759a353f21733000840fe4a42af13b89d1e*13260-df6da59c-edac2c33*13260 HTTP 302
  • https://armorads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=106&network_id=1&click_id=64ac6ea680a0a0000115bee5&source=228&sub_source=

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
mjbrbvze.html
storage.googleapis.com/f1z5eg4er35h1erb/ 		115 B
602 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/f1z5eg4er35h1erb/mjbrbvze.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2290
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
115
content-type
text/html
date
Mon, 10 Jul 2023 20:10:19 GMT
etag
"7b9eef490165d6f237e763fad5f2a7fd"
expires
Mon, 10 Jul 2023 21:10:19 GMT
last-modified
Mon, 17 Oct 2022 14:38:26 GMT
server
UploadServer
x-goog-generation
1666017506672767
x-goog-hash
crc32c=ejCi6A== md5=e57vSQFl1vI352P61fKn/Q==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
115
x-guploader-uploadid
ADPycdsZhmKpI1LFzHBl3kfk49sdWIdZgNhGXo17Xw8XhamngZwF8pWR01qVVHST23tj7Em2clLTqwcP4J0Pnx58B6gdscIt9hsm
725074601_178-162-209-137$
enlightenhigh.com/1761922d293dab53800/2_747285_2762801/1975_6453219_4234545_38/
Redirect Chain
  • http://rentalproperty.uk.com/anchorAsXMTiGS7f.RMMt?dVlHTwccST7ycyDKNcdcJZcKc9jc8jvxScbbb5c
  • https://enlightenhigh.com/1761922d293dab53800/2_747285_2762801/1975_6453219_4234545_38/725074601_178-162-209-137$
137 B
450 B 		Document
General
Check archive.org
Download Go to
Full URL
https://enlightenhigh.com/1761922d293dab53800/2_747285_2762801/1975_6453219_4234545_38/725074601_178-162-209-137$
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/f1z5eg4er35h1erb/mjbrbvze.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.236.123.144 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
209.236.123.144
Software
Apache /
Resource Hash

Request headers

Referer
https://storage.googleapis.com/f1z5eg4er35h1erb/mjbrbvze.html#AsXMTiGS7f.RMMt?dVlHTwccST7ycyDKNcdcJZcKc9jc8jvxScbbb5c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
137
Content-Type
text/html; charset=UTF-8
Date
Mon, 10 Jul 2023 20:48:31 GMT
Server
Apache

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 10 Jul 2023 20:48:29 GMT
Location
https://enlightenhigh.com/1761922d293dab53800/2_747285_2762801/1975_6453219_4234545_38/725074601_178-162-209-137$
Server
Apache
9e8aef8068
lynku.jukminung.com/rc/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/rc/9e8aef8068?affclick=1357545050&pubid=690089
Requested by
Host: enlightenhigh.com
URL: https://enlightenhigh.com/1761922d293dab53800/2_747285_2762801/1975_6453219_4234545_38/725074601_178-162-209-137$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecad2fdd5c1aa8a90a860c35e8502cfe6040d9558dfe9db9995f4a2a08bd8a04

Request headers

Referer
https://enlightenhigh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e4bab05fc819b6a-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Mon, 10 Jul 2023 20:48:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWviInWHVD6Q%2FXF4ugeSxWkxieyEVobr6rLRNLwQlZl%2Fl8xxCAmel6OrbBEAUVLpEf5b%2BDBoOxEv4AIBXizg%2FViCAeEU%2F8Drh%2Fs1bFaq%2BsAHN9bN%2BTAQkK0658Q%2FxVx0n700RvspZoUdGmiL5RY3OrRp"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1357545050&pubid=690089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4a8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 20:48:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
595CTRW8VHXCQVR2
age
6048
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
oL/QL+U2SLwsfmrIshqQ4TmsOFUMvPMj/jMb9DZtiaP3fwytZ+A/ZaTo4yR4+3H0ipWJtvMmoQQ=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tixq3oPiLw%2FPT6lzXupJAq%2FyxLGec5EHoD4xuxcYR4phnnJdIYl9oY2%2BuHh%2Fkqc2chWuhHOohMXVbD%2FWssNdUPf6C60b6M5p6UfixoZnJueRz9L0tqVzJYiLCax1fZalARlf%2BzAxrVi%2FULVzTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7e4bab06f9c53664-FRA
invisible.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/ Frame F839
Redirect Chain
  • https://lynku.jukminung.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
Protocol
H3
Server
2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0168ccedf3a7788d796a6876c292899799a25451f4f7a6fdd0e5232a9d916597
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 20:48:31 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9EZjWcKr6wypnviJrb%2BnLc3xyhnUV4Hw0meozfUwYTsQepuPHhoHRSvjxQcFZiP%2B1VsP5lCNAZgt5bd5%2Fc7vaaRNFF3uglZqx8l9u%2FnoiY%2BXyy4rZslRr3r9yLTjf2h7mw74Cze%2Bwq3ra3HP4w9ZFgW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7e4bab073cfabb95-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 10 Jul 2023 20:48:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5fK7vD7InscIkT7Z4odxm9VK5ptUsOI9qVt8TH451kl1x6Xfd1cw6bCQr53%2FDIJWt4vZjbJxu%2FdRChQwBthhG8SaiOwGAMJDNRi%2Fu4Meo0%2BBgDAhg4ztjUDeJIB5R0J%2BWNnCoaSOJv7%2B31EcCCtDw3l"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
cache-control
max-age=300, public
cf-ray
7e4bab072dd19b6a-FRA
alt-svc
h3=":443"; ma=86400
7e4bab05fc819b6a
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame F839 		0
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/7e4bab05fc819b6a
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 10 Jul 2023 20:48:32 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yk1IFTRGjSccWXnFh%2F0Wa9Sn0Du8rM8eBYLj3pKuw9G40ZrVqI2jKZRzbzSkOZSNG%2B8jvnWqq8Rd0DimDKWch%2FlQjgbzSQIPbsMR9XaE1a%2BMAuN05vBVy2I73y80OSlUTOu5kEOyYTEphP0hcbJ9NqWl"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7e4bab080e08bb95-FRA
alt-svc
h3=":443"; ma=86400
/
rezi.turetou.com/ 		1 KB
923 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=f82429a8&cid=pub304f64505aeb4c70a6e949913b228e7e&2=690089
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1357545050&pubid=690089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 10 Jul 2023 20:48:32 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://rezi.turetou.com/?utm_term=7254294733277626393
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
rezi.turetou.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rezi.turetou.com/?utm_term=7254294733277626393
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=f82429a8&cid=pub304f64505aeb4c70a6e949913b228e7e&2=690089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
c2f013c630de19ece53d776a6df4c4d80b9e1e73d3432a4add2f19ff96e156f0

Request headers

Referer
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=f82429a8&cid=pub304f64505aeb4c70a6e949913b228e7e&2=690089
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 10 Jul 2023 20:48:32 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
proc.php
rezi.turetou.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rezi.turetou.com/proc.php?12382e7f18fe6857be7a804d261bd6f41b8f8319
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_term=7254294733277626393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Referer
https://rezi.turetou.com/?utm_term=7254294733277626393
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 10 Jul 2023 20:48:32 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294733277626393&website=13260-a70cb436-7494a7ec&placement=13260
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
www.turbotrck.art/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294733277626393&website=13260-a70cb436-7494a7ec&placement=13260
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/proc.php?12382e7f18fe6857be7a804d261bd6f41b8f8319
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 Saint-Venant, France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://rezi.turetou.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Mon, 10 Jul 2023 20:48:32 GMT
Transfer-Encoding
chunked
a91581ead4
tonic.eygenci.com/rc/
Redirect Chain
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294733277626393&website=13260-a70cb436-7494a7ec&placement=13260&eyeg=5dcc940d6dec1c93c49ae71bdf180a4d&eyer=0.273066369...
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294733277626393&website=13260-a70cb436-7494a7ec&placement=13260&eyeg=3&eyer=0.2730663698168385&eyei=0&eyew=1600&eyeh=1...
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=3300053eff079a7331a9315c079ce0bce09da0710-202307-flb*5564921-b2be6*M7254294733277626393*sl_5564921-b2be6*0583f2df622331...
  • https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea178bf7b0001e45be6&pubid=503
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea178bf7b0001e45be6&pubid=503
Requested by
Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294733277626393&website=13260-a70cb436-7494a7ec&placement=13260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d0aa3d9e70f29dd19a50161f1537be6ec3e547be23f3eb24611c2eea5c8b1db

Request headers

Referer
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294733277626393&website=13260-a70cb436-7494a7ec&placement=13260
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e4bab0f5bfa30c3-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Mon, 10 Jul 2023 20:48:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhvcFnmXJCpDecJEYogkIODzx4b3s73Hjgw25rnigMp6k4okrMVN%2BSvYZBPReqOUfMKwTASy4X8C0XJb84zfY309Dg8b%2BSSSXrZWX7tEujfJWr0cYIO0qcPe3x%2B7wwCNhEsKHYfGeaedSZi%2FtkIwpA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Mon, 10 Jul 2023 20:48:33 GMT
location
https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea178bf7b0001e45be6&pubid=503
referer
referrer-policy
no-referrer
server
nginx
x-adjust-use-original-forwarded-for
1
redirect.css
cdn.addlnk.com/ 		1 KB
710 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea178bf7b0001e45be6&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4a8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 20:48:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
595CTRW8VHXCQVR2
age
6050
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
oL/QL+U2SLwsfmrIshqQ4TmsOFUMvPMj/jMb9DZtiaP3fwytZ+A/ZaTo4yR4+3H0ipWJtvMmoQQ=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tqe3NQDBfcnvgknoUs6BH4m%2BvTiMec%2FBBhlpLxoP8bRFLjJjHY3%2B6pzS9yNCr3N8JXM1MLAOzmht0A3MlQ2Cze04jj3EZqIJUYyoCVDtcY0b3qAzz0a22IOsyTxv3Ro%2BEAcWpRi1lWWvfuOrig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7e4bab101bcd3664-FRA
invisible.js
tonic.eygenci.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/ Frame 4304
Redirect Chain
  • https://tonic.eygenci.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
Protocol
H2
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f30912cc77d226ebc6782d415ab92ccbadd8619919912e8610a0990efb2f5872
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 20:48:33 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfoJQfAa%2FZ5CIFmOvkgZ3EqWYZZhv3vZQ3Z8V7gLOKeFH1zNjfIdu2bSOtliLbCzupyBXgCrdQkO1kF%2Bhhlg%2FfdWORkNZ0zQaAqqbfV6i5VqnhGBvLDmGUKCjBYp1mCSiIkyevcSmC5aNTTDyCT%2BAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7e4bab105d0830c3-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 10 Jul 2023 20:48:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KYF5jXEVvDCq6dJ9Y7sUFkRw8iMY35yUXljrPGj1Y3Ze6gO8qVkc2dbNohSLnltScWNzZ5EcX2Eh6nOydcewoduCwIur7IZnxwKyabm0NPnW2gIfnn4ToHK9DIp9wifd4EdaLBg8kZZWU0asxoj7g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
cache-control
max-age=300, public
cf-ray
7e4bab104cf430c3-FRA
alt-svc
h3=":443"; ma=86400
7e4bab0f5bfa30c3
tonic.eygenci.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 4304 		0
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/g/cv/result/7e4bab0f5bfa30c3
Requested by
Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 10 Jul 2023 20:48:33 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maS9GFusDO%2Belk4Dj4Lan0uD62v1USoYXLyKuFiHJO3QnYcEd8EO8nPNNNaJtdscvKpRxHOeCdPrCGJp9QZmH6HzkIvsQJIUH3hpx71bKjZZQk1morbB24ziAexYmn2RZxvARqRL2mrT4K8sXsgjNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7e4bab110ddc92a2-FRA
alt-svc
h3=":443"; ma=86400
/
rezi.turetou.com/ 		1 KB
922 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8fe20426&cid=pub3cee1f8a37664b4aa60415403b94dd6d&2=503
Requested by
Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea178bf7b0001e45be6&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 10 Jul 2023 20:48:33 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://rezi.turetou.com/?utm_term=7254294737572593708
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
rezi.turetou.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rezi.turetou.com/?utm_term=7254294737572593708
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8fe20426&cid=pub3cee1f8a37664b4aa60415403b94dd6d&2=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
d0d7d771b5dd367cffeb0c69a480278a8f05324e7f0ca03fed11929ee809722e

Request headers

Referer
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8fe20426&cid=pub3cee1f8a37664b4aa60415403b94dd6d&2=503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 10 Jul 2023 20:48:33 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
proc.php
rezi.turetou.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rezi.turetou.com/proc.php?6964a25aa2d90283eb2dcd76114d0aa85498fe69
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_term=7254294737572593708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Referer
https://rezi.turetou.com/?utm_term=7254294737572593708
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 10 Jul 2023 20:48:33 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294737572593708&website=13260-df6da59c-edac2c33&placement=13260
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
www.turbotrck.art/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294737572593708&website=13260-df6da59c-edac2c33&placement=13260
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/proc.php?6964a25aa2d90283eb2dcd76114d0aa85498fe69
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 Saint-Venant, France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://rezi.turetou.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Mon, 10 Jul 2023 20:48:34 GMT
Transfer-Encoding
chunked
a91581ead4
tonic.eygenci.com/rc/
Redirect Chain
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294737572593708&website=13260-df6da59c-edac2c33&placement=13260&eyeg=41babade95d086e8d88dc9c9baccb760&eyer=0.891318595...
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294737572593708&website=13260-df6da59c-edac2c33&placement=13260&eyeg=3&eyer=0.8913185956395335&eyei=0&eyew=1600&eyeh=1...
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=3300039aa372153e6ede6db476f158189b40f0710-202307-flb*5564921-b2be6*M7254294737572593708*sl_5564921-b2be6*237cbf610cad05...
  • https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea2a3d4990001c7e3c9&pubid=503
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea2a3d4990001c7e3c9&pubid=503
Requested by
Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294737572593708&website=13260-df6da59c-edac2c33&placement=13260
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59648c5474fb48c5a9671e0975538d3557dad6b5933ac31e02b6129840374dd0

Request headers

Referer
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294737572593708&website=13260-df6da59c-edac2c33&placement=13260
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e4bab1579c092a2-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Mon, 10 Jul 2023 20:48:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OoPDqN5B%2FngOxmGDTQQHSenW588jmZCeCvTyZzFaBmKAZd9AARxffwHem%2BgZC7YEkUGJZERu0LbVkGQ9Ns1GXHWedRH0Yp%2FRGp1bSgDIg%2BfBVSa0nIjXewD%2BCEi1Kx%2BBuHmxDWA6hWOos9SCAmcvTw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Mon, 10 Jul 2023 20:48:34 GMT
location
https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea2a3d4990001c7e3c9&pubid=503
referer
referrer-policy
no-referrer
server
nginx
x-adjust-use-original-forwarded-for
1
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea2a3d4990001c7e3c9&pubid=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4a8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 20:48:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NG3WEQ5NJ4PQVZ4F
age
2454
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
QxX22n6jD9gBrjBZ6ohlWbPu+une0ezSYrlZ/gpY7cQk926tnR/U/t0VdL75pShx4aODRqNqN5k=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbh%2F6vsAHqaGRJolU6%2B9mY31YsDI7BcTF4ZH6rMGc1IrMOhurPKIV5vy5Q%2BYCC1y9wyO9WaIpTdor%2F9CF85xySY58Faaz8VU%2FREZT89sZFzHAbV16hR8EWWLu2VHJUB0uSrNSSmflOFwm8LfIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7e4bab15ff679290-FRA
/
rezi.turetou.com/ 		1 KB
924 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8fe20426&cid=pub3cee1f8a37664b4aa60415403b94dd6d&2=503
Requested by
Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea2a3d4990001c7e3c9&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 10 Jul 2023 20:48:34 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://rezi.turetou.com/?utm_term=7254294741867560995
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
rezi.turetou.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rezi.turetou.com/?utm_term=7254294741867560995
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8fe20426&cid=pub3cee1f8a37664b4aa60415403b94dd6d&2=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
61177f7053392e7db4ee351b2183d68bbe2da112aa8a5ce5c7a1021335b0a139

Request headers

Referer
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8fe20426&cid=pub3cee1f8a37664b4aa60415403b94dd6d&2=503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 10 Jul 2023 20:48:34 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
proc.php
rezi.turetou.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rezi.turetou.com/proc.php?7e59ced1bdd621ccdbd8aee07a779a61553f0ac6
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_term=7254294741867560995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Referer
https://rezi.turetou.com/?utm_term=7254294741867560995
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 10 Jul 2023 20:48:35 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294741867560995&website=13260-df6da59c-edac2c33&placement=13260
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
www.turbotrck.art/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294741867560995&website=13260-df6da59c-edac2c33&placement=13260
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/proc.php?7e59ced1bdd621ccdbd8aee07a779a61553f0ac6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 Saint-Venant, France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://rezi.turetou.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Mon, 10 Jul 2023 20:48:35 GMT
Transfer-Encoding
chunked
a91581ead4
tonic.eygenci.com/rc/
Redirect Chain
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294741867560995&website=13260-df6da59c-edac2c33&placement=13260&eyeg=3d2f586bd2227641167800e36eb4dc80&eyer=0.664482987...
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294741867560995&website=13260-df6da59c-edac2c33&placement=13260&eyeg=3&eyer=0.6644829870420763&eyei=0&eyew=1600&eyeh=1...
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=3300065603442087b5697d6aa5f8519f590950710-202307-flb*5564921-b2be6*M7254294741867560995*sl_5564921-b2be6*222f1cd5f9a298...
  • https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea3df3fd8000198e709&pubid=503
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea3df3fd8000198e709&pubid=503
Requested by
Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294741867560995&website=13260-df6da59c-edac2c33&placement=13260
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59648c5474fb48c5a9671e0975538d3557dad6b5933ac31e02b6129840374dd0

Request headers

Referer
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294741867560995&website=13260-df6da59c-edac2c33&placement=13260
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e4bab1c1ee292a2-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Mon, 10 Jul 2023 20:48:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yi1vrQh445kEekZ2qDBYYN4vww8p20fBAbDicHdJZ8Ryh96p39rIs275G2ghfVmTO6q0a9o1U7QQ0DXzyzToqFpat438MFgiie%2Fw1AMd%2FH231%2FPPG%2B9w0iMtRsFUuZ0IFcuAshTB250vYQFxSc11wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Mon, 10 Jul 2023 20:48:35 GMT
location
https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea3df3fd8000198e709&pubid=503
referer
referrer-policy
no-referrer
server
nginx
x-adjust-use-original-forwarded-for
1
redirect.css
cdn.addlnk.com/ 		1 KB
997 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea3df3fd8000198e709&pubid=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4a8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 20:48:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NG3WEQ5NJ4PQVZ4F
age
2455
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
QxX22n6jD9gBrjBZ6ohlWbPu+une0ezSYrlZ/gpY7cQk926tnR/U/t0VdL75pShx4aODRqNqN5k=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYGkFUS9p1SvD8ouWkpShp7%2ByuPLu1AFORchtd4QCTr9Uw5C8xN%2BU%2FUp7eMNvbvjc50QBtK%2B0huBULUDNULM%2BhusJsndHD%2BX3c2Cc34rM%2BdeVPsyjiEXtjlrs0ucOsw2uc5DBVJZ7MdbasiSCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7e4bab1c6e1e9290-FRA
/
rezi.turetou.com/ 		1 KB
924 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8fe20426&cid=pub3cee1f8a37664b4aa60415403b94dd6d&2=503
Requested by
Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea3df3fd8000198e709&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 10 Jul 2023 20:48:35 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://rezi.turetou.com/?utm_term=7254294746162528301
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
rezi.turetou.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rezi.turetou.com/?utm_term=7254294746162528301
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8fe20426&cid=pub3cee1f8a37664b4aa60415403b94dd6d&2=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
b98312eb03c7040ef716987ea9c4e71ab91f508e51438235246f7ad27f5494a5

Request headers

Referer
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8fe20426&cid=pub3cee1f8a37664b4aa60415403b94dd6d&2=503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 10 Jul 2023 20:48:35 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
proc.php
rezi.turetou.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rezi.turetou.com/proc.php?5fea6debedda6707a9190a9e803e1bf1070d0065
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_term=7254294746162528301
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Referer
https://rezi.turetou.com/?utm_term=7254294746162528301
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 10 Jul 2023 20:48:35 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294746162528301&website=13260-df6da59c-edac2c33&placement=13260
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
www.turbotrck.art/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294746162528301&website=13260-df6da59c-edac2c33&placement=13260
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/proc.php?5fea6debedda6707a9190a9e803e1bf1070d0065
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 Saint-Venant, France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://rezi.turetou.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Mon, 10 Jul 2023 20:48:35 GMT
Transfer-Encoding
chunked
a91581ead4
tonic.eygenci.com/rc/
Redirect Chain
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294746162528301&website=13260-df6da59c-edac2c33&placement=13260&eyeg=0a8ff2e9e133bd3d1c9b21ad5d850947&eyer=0.220321310...
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294746162528301&website=13260-df6da59c-edac2c33&placement=13260&eyeg=3&eyer=0.22032131014982137&eyei=0&eyew=1600&eyeh=...
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330002be25ea917547283f55eff2e4af1b96b0710-202307-flb*5564921-b2be6*M7254294746162528301*sl_5564921-b2be6*66756fefaed7c1...
  • https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea496101d00019bd758&pubid=503
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea496101d00019bd758&pubid=503
Requested by
Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294746162528301&website=13260-df6da59c-edac2c33&placement=13260
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59648c5474fb48c5a9671e0975538d3557dad6b5933ac31e02b6129840374dd0

Request headers

Referer
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294746162528301&website=13260-df6da59c-edac2c33&placement=13260
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e4bab218acf92a2-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Mon, 10 Jul 2023 20:48:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttPCj01vDX0mdGeaHha7ZtTTqlILWg%2B%2F5kc5BzOVo99o5nR%2BGQIthAXOICTTjssifkpHcLcBONXwczUty1AzCbCmaTwvQathBtuT7N%2B9%2BcQ1wqBH1toU%2BxGaCpKEHRD9F%2B1KIRuYsU3gjrlViUV7gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Mon, 10 Jul 2023 20:48:36 GMT
location
https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea496101d00019bd758&pubid=503
referer
referrer-policy
no-referrer
server
nginx
x-adjust-use-original-forwarded-for
1
redirect.css
cdn.addlnk.com/ 		1 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea496101d00019bd758&pubid=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4a8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 20:48:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NG3WEQ5NJ4PQVZ4F
age
2456
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
QxX22n6jD9gBrjBZ6ohlWbPu+une0ezSYrlZ/gpY7cQk926tnR/U/t0VdL75pShx4aODRqNqN5k=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7EkpF7RCQq8CzM2xjYoaLDhOHlcrZ2G8E8uklBA%2F4frmrhYpHHXAUBIm%2BtLzvP09H4yBQcvT20o16ROS3Q7Z%2B407yDMadwEU26aWughWuMy8P1fvPlvrj924qgtH6R%2BV7eVjfJ9WeOlzaYq9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7e4bab21eb4d9290-FRA
/
rezi.turetou.com/ 		1 KB
923 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8fe20426&cid=pub3cee1f8a37664b4aa60415403b94dd6d&2=503
Requested by
Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea496101d00019bd758&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 10 Jul 2023 20:48:36 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://rezi.turetou.com/?utm_term=7254294750457495587
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
rezi.turetou.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rezi.turetou.com/?utm_term=7254294750457495587
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8fe20426&cid=pub3cee1f8a37664b4aa60415403b94dd6d&2=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
cfaca908f59c93e4ff3516ab86ee1a1b27e3e374074d7e530a75ec91e59a54fc

Request headers

Referer
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8fe20426&cid=pub3cee1f8a37664b4aa60415403b94dd6d&2=503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 10 Jul 2023 20:48:36 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
proc.php
rezi.turetou.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rezi.turetou.com/proc.php?2aa92759b0729a523ce834f2f571e5b6abb29070
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_term=7254294750457495587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Referer
https://rezi.turetou.com/?utm_term=7254294750457495587
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 10 Jul 2023 20:48:36 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294750457495587&website=13260-df6da59c-edac2c33&placement=13260
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
www.turbotrck.art/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294750457495587&website=13260-df6da59c-edac2c33&placement=13260
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/proc.php?2aa92759b0729a523ce834f2f571e5b6abb29070
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 Saint-Venant, France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://rezi.turetou.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Mon, 10 Jul 2023 20:48:36 GMT
Transfer-Encoding
chunked
a91581ead4
tonic.eygenci.com/rc/
Redirect Chain
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294750457495587&website=13260-df6da59c-edac2c33&placement=13260&eyeg=95c63c26233005ea9f5da129ba404210&eyer=0.354399114...
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294750457495587&website=13260-df6da59c-edac2c33&placement=13260&eyeg=3&eyer=0.3543991146376855&eyei=0&eyew=1600&eyeh=1...
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=3300079d67196b2719b2c2c957aa74f7aeeb90710-202307-flb*5564921-b2be6*M7254294750457495587*sl_5564921-b2be6*85df967e79b228...
  • https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea4cbd3560001312331&pubid=503
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea4cbd3560001312331&pubid=503
Requested by
Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294750457495587&website=13260-df6da59c-edac2c33&placement=13260
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59648c5474fb48c5a9671e0975538d3557dad6b5933ac31e02b6129840374dd0

Request headers

Referer
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294750457495587&website=13260-df6da59c-edac2c33&placement=13260
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e4bab274f3d92a2-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Mon, 10 Jul 2023 20:48:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyU2dRpT825gLsW4IPpHmpk0gUw%2BkWv0JZxZClkCVeWWahT9LiRmToMH%2FvACb31LF1aaTgfw3iPKx2VndlaGs111fxkNHcufngjNu3Js%2BYRCYxlSy01y%2FgtAvhrUlvnI481z%2BqZpURmBefRuLqd3Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Mon, 10 Jul 2023 20:48:36 GMT
location
https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea4cbd3560001312331&pubid=503
referer
referrer-policy
no-referrer
server
nginx
x-adjust-use-original-forwarded-for
1
redirect.css
cdn.addlnk.com/ 		1 KB
991 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea4cbd3560001312331&pubid=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:4a8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 20:48:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NG3WEQ5NJ4PQVZ4F
age
2457
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
QxX22n6jD9gBrjBZ6ohlWbPu+une0ezSYrlZ/gpY7cQk926tnR/U/t0VdL75pShx4aODRqNqN5k=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQaFXaqoApz5rbGT3IHaoXYV8r%2F7xMC7S2qocaMGnGs%2BxGC43TIa8Z5Llpmp65GnbD1TCtPjprpPIOCbaLtoSKQnrr0FovwKqpfyxyYEWEEFqWCSEKstsCEghYcD2tvT4h2jMKkzxLKYsJ5Gdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7e4bab2798729290-FRA
/
rezi.turetou.com/ 		1 KB
921 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8fe20426&cid=pub3cee1f8a37664b4aa60415403b94dd6d&2=503
Requested by
Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=64ac6ea4cbd3560001312331&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 10 Jul 2023 20:48:37 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://rezi.turetou.com/?utm_term=7254294754752462868
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
rezi.turetou.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rezi.turetou.com/?utm_term=7254294754752462868
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8fe20426&cid=pub3cee1f8a37664b4aa60415403b94dd6d&2=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
380ee4e970ead7ea069ad05cd9ea7717c9033dcfd531e5f7ee710c6d4454af3d

Request headers

Referer
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8fe20426&cid=pub3cee1f8a37664b4aa60415403b94dd6d&2=503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 10 Jul 2023 20:48:37 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
proc.php
rezi.turetou.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rezi.turetou.com/proc.php?19709a4289c45bc0235203c4e4e5cc4f7dcd64ec
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_term=7254294754752462868
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Referer
https://rezi.turetou.com/?utm_term=7254294754752462868
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 10 Jul 2023 20:48:37 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294754752462868&website=13260-df6da59c-edac2c33&placement=13260
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
www.turbotrck.art/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294754752462868&website=13260-df6da59c-edac2c33&placement=13260
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/proc.php?19709a4289c45bc0235203c4e4e5cc4f7dcd64ec
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 Saint-Venant, France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://rezi.turetou.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Mon, 10 Jul 2023 20:48:38 GMT
Transfer-Encoding
chunked
smartlink
armorads.aftrad-visit.com/track/
Redirect Chain
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294754752462868&website=13260-df6da59c-edac2c33&placement=13260&eyeg=b9c1a629e761378e4d0cb104e8a9cf47&eyer=0.476092978...
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294754752462868&website=13260-df6da59c-edac2c33&placement=13260&eyeg=3&eyer=0.4760929780295884&eyei=0&eyew=1600&eyeh=1...
  • https://harrenmedia.g2afse.com/sl?id=5db1a4743bf47917e8f252cf&pid=228&sub2=132435&sub1=2300029e8bf0191bcc5100e3c1cb07b4786eb0710-202307-flb*5564921-b2be6*M7254294754752462868*sl_5564921-b2be6*f7371...
  • https://armorads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=106&network_id=1&click_id=64ac6ea680a0a0000115bee5&source=228&sub_source=
83 B
520 B 		Document
General
Check archive.org
Download Go to
Full URL
https://armorads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=106&network_id=1&click_id=64ac6ea680a0a0000115bee5&source=228&sub_source=
Requested by
Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294754752462868&website=13260-df6da59c-edac2c33&placement=13260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7254294754752462868&website=13260-df6da59c-edac2c33&placement=13260
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e4bab2f1ce59b3d-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 10 Jul 2023 20:48:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Hl54PfOYFPsoGIhOY5uIvo9PApvFnyc1tratjxfVwTCOeCW3GRnAdw7xasLfjQGvPkW60wTs0v%2Bn0F0WTUld%2BbmVI8HX1ygOFdm6SoIyHzUQ1OUcjd09C7II88nr%2BD6OSv7TirixRM6MIXZ"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

access-control-allow-origin
*
content-length
0
date
Mon, 10 Jul 2023 20:48:38 GMT
location
https://armorads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=106&network_id=1&click_id=64ac6ea680a0a0000115bee5&source=228&sub_source=
referer
referrer-policy
no-referrer
server
nginx
x-adjust-use-original-forwarded-for
1
Primary Request /
theadultstream.com/ifyr/en/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://theadultstream.com/ifyr/en/
Requested by
Host: armorads.aftrad-visit.com
URL: https://armorads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=106&network_id=1&click_id=64ac6ea680a0a0000115bee5&source=228&sub_source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a00daca8ed147bebc252339be4ee87d22e6994ca149bad2f6d342d072b6989b

Request headers

Referer
https://armorads.aftrad-visit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
6256
alt-svc
h3=":443"; ma=86400
cache-control
max-age=86400
cf-cache-status
HIT
cf-ray
7e4bab2fabd72bc7-FRA
content-encoding
br
content-type
text/html
date
Mon, 10 Jul 2023 20:48:38 GMT
last-modified
Fri, 07 Jul 2023 08:23:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7KNTKfrvNvtlY5wfcluuMCS8XS1uZwt%2F7RwDC%2FkAuKKYUCqovFqn6zjxkL6fVTTw%2FI8S0vMT%2BH5fFGPwoC5ob3lPUbODvbhi66jNjdGgMT%2B7WUKrfjZPwN10x0q84FnwZwVojlrEQfdBTGEvXAcHqxA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
import.css
theadultstream.com/ifyr/en/css/ 		44 B
388 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://theadultstream.com/ifyr/en/css/import.css
Requested by
Host: theadultstream.com
URL: https://theadultstream.com/ifyr/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62c31f95678b549616b703ca89d0d8a0f99e1b9137a2e1472413c387c40655b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theadultstream.com/ifyr/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 20:48:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=46
alt-svc
h3=":443"; ma=86400
content-length
44
cf-bgj
minify
last-modified
Fri, 07 Jul 2023 08:23:47 GMT
server
cloudflare
etag
"64a7cb93-2e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2FETpwZxBVIcVuBQkvOacVLwFrELhJA%2BLptrt9n6X0enes%2BzddWSuF7ZfSe5yomCNuraStLNSz4cwnlSEYSd1SmvnePNrALqBw0a5BbdchwJkq78TdclLbqjOhM2zlUCqIunhdtGhXtn6vne7yBaFzo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
7e4bab2fcbea2bc7-FRA
lib.js
cdn.diclotrans.com/sdk/v1/794/b5150ad09549f7e654b1196b005434044c8f50bd/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.diclotrans.com/sdk/v1/794/b5150ad09549f7e654b1196b005434044c8f50bd/lib.js
Requested by
Host: theadultstream.com
URL: https://theadultstream.com/ifyr/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ebe27b70aa6f3896e2e819c4e85b622729cf7ce9a20def09345331f53fa7018

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theadultstream.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 20:48:38 GMT
content-encoding
br
referrer-policy
origin
cf-cache-status
HIT
last-modified
Mon, 10 Jul 2023 20:39:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
521
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5E7hpeLKuv5UE8HRSzdlWfDKeeUamN0QmULFK90LP5BQVYsTzD526JgbCkUwqNQOdU2Iw6oqBBY9v9OedjVbBig5Kq%2BmixfzyfETib8crGTvbF3%2BQpdANqSy7ke8FAN2AQ489MY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=14400, s-maxage=3600, proxy-revalidate
cf-ray
7e4bab30096b9c07-FRA
alt-svc
h3=":443"; ma=86400
styles.css
theadultstream.com/ifyr/en/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://theadultstream.com/ifyr/en/css/styles.css
Requested by
Host: theadultstream.com
URL: https://theadultstream.com/ifyr/en/css/import.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
092c4f9b591aa18507976c7fa1f052af6891b793a2997e028760056c742cb6a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theadultstream.com/ifyr/en/css/import.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 20:48:38 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 07 Jul 2023 08:23:47 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=4769
etag
W/"64a7cb93-12a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIUjMfp09tldWyDrmDy0%2FCXOFl9EzdkvQROoK1NEfi%2F3uzYRA9n3mjG8Gzzu1DBzcsmg%2FYiKIK2B4xnUP%2F7YKRog0MKEwj7qwJs8IpwmSVyEI5Sa7L3GeM8BFxvhD1YBPWI1otA077QC5zPJD8ZfFW8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
7e4bab2fec0a2bc7-FRA
alt-svc
h3=":443"; ma=86400
overrides.css
theadultstream.com/ifyr/en/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://theadultstream.com/ifyr/en/css/overrides.css
Requested by
Host: theadultstream.com
URL: https://theadultstream.com/ifyr/en/css/import.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61d889b0631bb1f4a9fb1d4ff6d3fd60b1b165662690373cc67b61b99c2c88c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://theadultstream.com/ifyr/en/css/import.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 20:48:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4314
cf-polished
origSize=1841
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 07 Jul 2023 08:23:47 GMT
server
cloudflare
etag
W/"64a7cb93-731"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfv2EuYKDysn0Ce1heO7b1LcxiiwpoQ3bknP4AAzjHbsoi0QvGprB%2BPL35gFlin85FM9Ac96N6ArThdlTJFGAqozgrNqVRJSMOZfK8HUjmr4%2F4TNIKoh1nkbdNNqcE3UdyW3n2H2AOZz1ShaVaDf9ZM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
7e4bab2fefcf1e54-FRA

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

7 Cookies

Domain/Path Name / Value
enlightenhigh.com/ Name: uid15295
Value: 1357545050-20230710164831-a83f91842449a7993c2766d7cc793693-
lynku.jukminung.com/ Name: AWSALB
Value: zV8jd0nxul0qW53CW7RSnUfNtCWjkzv2/1rYI8278xReIQlSslumwP228QRvlsd7rbKm99bvzh/VxkaAXXu0YZLoDlvY5WllNG/REPzPcubRh07BHiJnYHANUyAE
.jukminung.com/ Name: __cf_bm
Value: 4IhGt5Iq3yfG4ABxgHtvtV1WweGyvfqpyzFdWmnJWYM-1689022112-0-ATiYEc4TFT/h+XDgJkxh6/dflDbY+3rjOb87Nce7MiwfgJAJdyYZbY2bt8npBDAKZA==
.eygenci.com/ Name: __cf_bm
Value: vZS9y9LPE3ZbFuIRh_ifduOOhJ5qY6nYGSeYcKrFx7k-1689022113-0-AS2sbJR6jk6E+ynLADdH/ZNls+fQC9cQdhnb9cu8VDwLRRrtPkUlcGVjoOSHbKzigg==
admoustache.media-412.com/ Name: afclick
Value: 64ac6ea4cbd3560001312331
tonic.eygenci.com/ Name: AWSALB
Value: nMGJM5fbZkcMyeyaS6iHVnBuU4nW3T5RT0HHw6L9bqWENJjbdM2jh7Yzf0uFn3ReOZoasQuFGZTVaUHi+vslbV5WLJuGz8c670Cdfa4aQ4moD4Z52odyWAP2+nkn
harrenmedia.g2afse.com/ Name: afclick
Value: 64ac6ea680a0a0000115bee5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admoustache.media-412.com
armorads.aftrad-visit.com
cdn.addlnk.com
cdn.diclotrans.com
enlightenhigh.com
harrenmedia.g2afse.com
lynku.jukminung.com
rentalproperty.uk.com
rezi.turetou.com
storage.googleapis.com
theadultstream.com
tonic.eygenci.com
www.turbotrck.art
172.111.38.203
188.114.96.3
188.114.97.3
209.236.123.144
2606:4700:3030::6815:4a8d
2606:4700:3031::ac43:92ee
2a00:1450:4001:82f::2010
2a06:98c1:3120::3
2a06:98c1:3121::3
34.90.46.36
34.91.234.242
51.68.81.31
67.212.184.146
0168ccedf3a7788d796a6876c292899799a25451f4f7a6fdd0e5232a9d916597
092c4f9b591aa18507976c7fa1f052af6891b793a2997e028760056c742cb6a3
380ee4e970ead7ea069ad05cd9ea7717c9033dcfd531e5f7ee710c6d4454af3d
3a00daca8ed147bebc252339be4ee87d22e6994ca149bad2f6d342d072b6989b
59648c5474fb48c5a9671e0975538d3557dad6b5933ac31e02b6129840374dd0
61177f7053392e7db4ee351b2183d68bbe2da112aa8a5ce5c7a1021335b0a139
61d889b0631bb1f4a9fb1d4ff6d3fd60b1b165662690373cc67b61b99c2c88c6
62c31f95678b549616b703ca89d0d8a0f99e1b9137a2e1472413c387c40655b8
6ebe27b70aa6f3896e2e819c4e85b622729cf7ce9a20def09345331f53fa7018
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
8d0aa3d9e70f29dd19a50161f1537be6ec3e547be23f3eb24611c2eea5c8b1db
b98312eb03c7040ef716987ea9c4e71ab91f508e51438235246f7ad27f5494a5
c2f013c630de19ece53d776a6df4c4d80b9e1e73d3432a4add2f19ff96e156f0
cfaca908f59c93e4ff3516ab86ee1a1b27e3e374074d7e530a75ec91e59a54fc
d0d7d771b5dd367cffeb0c69a480278a8f05324e7f0ca03fed11929ee809722e
ecad2fdd5c1aa8a90a860c35e8502cfe6040d9558dfe9db9995f4a2a08bd8a04
f30912cc77d226ebc6782d415ab92ccbadd8619919912e8610a0990efb2f5872