urlscan.io logo urlscan.io
SecurityTrails logo

bootyheroes.com Open in urlscan Pro
138.201.149.27  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.hooligs.app/?pid=3&offer_id=43&ref_id=VjN8MjM1Nzg1MDJ8NTAwMjI1MHwyNDc4NDE0NDB8MTcyMjE2ODYxMnw0ZTM4MjY4My1kZT...
Effective URL: https://bootyheroes.com/?haff_pid=3&haff_oid=43&haff_cid=4ddc0000836c447d&haff_sub1=bn_adlt&haff_sub2=23578502&haff_sub3...
Submission: On July 28 via manual — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 6 HTTP transactions. The main IP is 138.201.149.27, located in Mannheim, Germany and belongs to HETZNER-AS, DE. The main domain is bootyheroes.com.
TLS certificate: Issued by R10 on June 19th 2024. Valid for: 3 months.
This is the only time bootyheroes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 188.114.97.3 13335 (CLOUDFLAR...)
1 138.201.149.27 24940 (HETZNER-AS)
1 2a04:4e42::729 54113 (FASTLY)
3 2a02:b48:8300::5 39572 (ADVANCEDH...)
6 4
Apex Domain
Subdomains		 Transfer
4 bootyheroes.com
bootyheroes.com
cdn.bootyheroes.com
597 KB
1 pxls4gm.space
pxls4gm.space
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 6607
16 KB
1 hooligs.app
click.hooligs.app — Cisco Umbrella Rank: 196068
713 B
6 4
Domain Requested by
3 cdn.bootyheroes.com bootyheroes.com
1 pxls4gm.space bootyheroes.com
1 browser.sentry-cdn.com bootyheroes.com
1 bootyheroes.com
1 click.hooligs.app 1 redirects
6 5

This site contains no links.

Subject Issuer Validity Valid
bootyheroes.com
R10		 2024-06-19 -
2024-09-17		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2024 Q2		 2024-06-04 -
2025-07-06		 a year crt.sh
cdn.bootyheroes.com
R11		 2024-07-07 -
2024-10-05		 3 months crt.sh
pxls4gm.space
WE1		 2024-07-08 -
2024-10-06		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://bootyheroes.com/?haff_pid=3&haff_oid=43&haff_cid=4ddc0000836c447d&haff_sub1=bn_adlt&haff_sub2=23578502&haff_sub3=&haff_tag=rs
Frame ID: 34DE396641052E632DD506AEFC2C1750
Requests: 5 HTTP requests in this frame

Frame: https://pxls4gm.space/iframe/61ae064c1b1a5?iframe
Frame ID: 813B0E550493B8F8B0C61DF76AF57BA5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Booty Heroes

Page URL History Show full URLs

  1. https://click.hooligs.app/?pid=3&offer_id=43&ref_id=VjN8MjM1Nzg1MDJ8NTAwMjI1MHwyNDc4NDE0NDB8MTcyMjE2OD... HTTP 302
    https://bootyheroes.com/?haff_pid=3&haff_oid=43&haff_cid=4ddc0000836c447d&haff_sub1=bn_adlt&haff_sub... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Page Statistics

6
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

614 kB
Transfer

2794 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.hooligs.app/?pid=3&offer_id=43&ref_id=VjN8MjM1Nzg1MDJ8NTAwMjI1MHwyNDc4NDE0NDB8MTcyMjE2ODYxMnw0ZTM4MjY4My1kZTExLTQxMjEtYjM3NC05M2JmNTk5NjRkZjl8MTAzLjExMy45OS44MXw2MHxzaD1jODUyMDE1NGY3MGE4NGE0NWY4NGIxYjA2ZWJjYTM5OGUyNGJhN2NlY2MwMWViYTQ5MTU3NjdhZDBlMDZlZDI0YzcwMTUxYjM1ZTBmNjcwNTgxNWU3NDVjZmE3MjkyY2YzNjc1OWUyNWIzYmY1Y2I2NDA1ZTBkNGY0ODc5MDk4Zjg0YTY4OTU3NTk4NGUwMzg0ZmM3YmZiMmU5ZWNjY2Q1ODQ5ZmQ4MDhiZjE5OTVmMzYwMTg4ODliMGM5MjE1fGxzPTZ8b3R2PWF8NjUyY2EyM2E3YzNiYzIzNTE2YjMxYTFiMTc2ZWJjNDk=&sub1=bn_adlt&sub2=23578502 HTTP 302
    https://bootyheroes.com/?haff_pid=3&haff_oid=43&haff_cid=4ddc0000836c447d&haff_sub1=bn_adlt&haff_sub2=23578502&haff_sub3=&haff_tag=rs Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bootyheroes.com/
Redirect Chain
  • https://click.hooligs.app/?pid=3&offer_id=43&ref_id=VjN8MjM1Nzg1MDJ8NTAwMjI1MHwyNDc4NDE0NDB8MTcyMjE2ODYxMnw0ZTM4MjY4My1kZTExLTQxMjEtYjM3NC05M2JmNTk5NjRkZjl8MTAzLjExMy45OS44MXw2MHxzaD1jODUyMDE1NGY3M...
  • https://bootyheroes.com/?haff_pid=3&haff_oid=43&haff_cid=4ddc0000836c447d&haff_sub1=bn_adlt&haff_sub2=23578502&haff_sub3=&haff_tag=rs
35 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bootyheroes.com/?haff_pid=3&haff_oid=43&haff_cid=4ddc0000836c447d&haff_sub1=bn_adlt&haff_sub2=23578502&haff_sub3=&haff_tag=rs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.149.27 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.27.149.201.138.clients.your-server.de
Software
/
Resource Hash
ef442adc3099cc64a539be24d0b701acebe4c9e0f286fcb495e13331b49467c3
Security Headers
Name Value
Strict-Transport-Security max-age=43200

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 28 Jul 2024 12:11:14 GMT
strict-transport-security
max-age=43200
vary
Accept-Encoding Cookie

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8aa4c548fa279957-FRA
content-language
en
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Sun, 28 Jul 2024 12:11:14 GMT
location
https://bootyheroes.com/?haff_pid=3&haff_oid=43&haff_cid=4ddc0000836c447d&haff_sub1=bn_adlt&haff_sub2=23578502&haff_sub3=&haff_tag=rs
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LZ8gsSxCmRQRraWmKbaz%2Fc8BqcEtIggm1atMVlq12QG4caEfdeKcWUjaxDFTCfXdK8UG9sh8pxTqYQ27T%2FAAcmBWfnom0kwQG7Fy1A7HgFG2enFDV4Dvugivu8Zr7nI5X2EC8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=43200
vary
Accept-Language, Origin
x-clickid
4ddc0000836c447d
x-content-type-options
nosniff
x-frame-options
DENY
bundle.min.js
browser.sentry-cdn.com/5.5.0/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/5.5.0/bundle.min.js
Requested by
Host: bootyheroes.com
URL: https://bootyheroes.com/?haff_pid=3&haff_oid=43&haff_cid=4ddc0000836c447d&haff_sub1=bn_adlt&haff_sub2=23578502&haff_sub3=&haff_tag=rs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
8c04755395b8f232c57d062a7669c3c414658299d29c6b6f83f1f30185d94ecb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bootyheroes.com/
Origin
https://bootyheroes.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 28 Jul 2024 12:11:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 05 Jul 2019 11:17:04 GMT
server
Fastly
age
2668922
etag
"39339cf627bc67e34d4c623bea4c0b4a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16371
expires
Fri, 27 Jun 2025 14:49:12 GMT
main.821a987b.js
cdn.bootyheroes.com//static/js/ 		3 MB
536 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootyheroes.com//static/js/main.821a987b.js
Requested by
Host: bootyheroes.com
URL: https://bootyheroes.com/?haff_pid=3&haff_oid=43&haff_cid=4ddc0000836c447d&haff_sub1=bn_adlt&haff_sub2=23578502&haff_sub3=&haff_tag=rs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8300::5 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
9eb5049ba6449299594d8559c32666c68c4e225830a04253ee971d683ac5a131

Request headers

Referer
https://bootyheroes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Mon, 28 Jul 2025 12:11:15 GMT
date
Sun, 28 Jul 2024 12:11:15 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2024 16:45:18 GMT
server
nginx
etag
W/"66a12f9e-297cf0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-proxy-cache
HIT
age1_x1.jpg
cdn.bootyheroes.com/static/assets/splash-screen/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bootyheroes.com/static/assets/splash-screen/age1_x1.jpg
Requested by
Host: bootyheroes.com
URL: https://bootyheroes.com/?haff_pid=3&haff_oid=43&haff_cid=4ddc0000836c447d&haff_sub1=bn_adlt&haff_sub2=23578502&haff_sub3=&haff_tag=rs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8300::5 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
3219bd9d6dc2d646982c1dde80d35e49c75a7d366f57781858bea2f4da1ff3ca

Request headers

Referer
https://bootyheroes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Mon, 28 Jul 2025 12:11:15 GMT
date
Sun, 28 Jul 2024 12:11:15 GMT
last-modified
Wed, 29 May 2024 17:19:53 GMT
server
nginx
etag
"665763b9-ca06"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
51718
x-proxy-cache
HIT
61ae064c1b1a5
pxls4gm.space/iframe/ Frame 813B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pxls4gm.space/iframe/61ae064c1b1a5?iframe
Requested by
Host: bootyheroes.com
URL: https://bootyheroes.com/?haff_pid=3&haff_oid=43&haff_cid=4ddc0000836c447d&haff_sub1=bn_adlt&haff_sub2=23578502&haff_sub3=&haff_tag=rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://bootyheroes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8aa4c54e9b829a1e-FRA
content-encoding
br
content-type
text/html
date
Sun, 28 Jul 2024 12:11:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w6nEEmxHihvwfgc1b7PpmsRhZHhJjqNpeRBFg9A%2BcjQqinXl4PXr4F7KL4SkhHYCTNDn0ouRmoEB5urjhh%2BryyYYohSN%2ByhTiCuPfSMRUKcW%2B3rIuJ80RfUmskvuRfoO"}],"group":"cf-nel","max_age":604800}
server
cloudflare
favicon-32x32.png
cdn.bootyheroes.com/static/assets/favicon/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.bootyheroes.com/static/assets/favicon/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:b48:8300::5 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
744bddc698df8061b1df37a1442adbf65803f3271a7b9ca8a26562714dc0b7ec

Request headers

Referer
https://bootyheroes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Mon, 28 Jul 2025 12:11:16 GMT
date
Sun, 28 Jul 2024 12:11:16 GMT
last-modified
Wed, 01 Feb 2023 11:59:23 GMT
server
nginx
etag
"63da541b-c1d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3101
x-proxy-cache
HIT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| GameAnalytics number| serverTime number| TIME_DELTA object| SETTINGS object| SPLASH_IMAGE object| AGE_VERIFY_SPLASH_IMAGE string| LOCALE function| logTiming object| Sentry object| __SENTRY__ object| webpackChunkclient object| regeneratorRuntime

18 Cookies

Domain/Path Name / Value
click.hooligs.app/ Name: haff_cid:3:43
Value: 4ddc0000836c447d
bootyheroes.com/ Name: csrftoken
Value: 4b280XKGPUqVJ4I1cx1hOBbnPD9OPkF4DAGBc5RS27pHggTDR2Gw7FrL2g2wBWrZ
bootyheroes.com/ Name: sessionid
Value: pmtqff82dddlpqp00kp54b5rikfwkc6m
.pxls4gm.space/ Name: c_1b811c1e4c1a43319a5a9211bdd94ee0
Value: 1
.pxls4gm.space/ Name: z_8509621ad703d5cde5b6b6aa5f51927d
Value: 1
my.rtmark.net/ Name: ID
Value: 0880a730e1774b85e37ef29172354dbb
.opoxv.com/ Name: goals
Value: a%3A1%3A%7Bi%3A98274%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222024-07-28%22%3B%7D%7D
.pemsrv.com/ Name: goals
Value: a%3A1%3A%7Bi%3A98274%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222024-07-28%22%3B%7D%7D
.magsrv.com/ Name: goals
Value: a%3A1%3A%7Bi%3A98274%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222024-07-28%22%3B%7D%7D
.realsrv.com/ Name: goals
Value: a%3A1%3A%7Bi%3A98274%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222024-07-28%22%3B%7D%7D
.orbsrv.com/ Name: goals
Value: a%3A1%3A%7Bi%3A98274%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222024-07-28%22%3B%7D%7D
.zlinkn.com/ Name: goals
Value: a%3A1%3A%7Bi%3A98274%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222024-07-28%22%3B%7D%7D
proftrafficcounter.com/ Name: uid_id2
Value: e69f96b8-53d1-4ae5-9d1a-ddeb21f0c2e9:3:1
proftrafficcounter.com/ Name: ak
Value: 2074,1722168675
proftrafficcounter.com/ Name: acl
Value: 20,0,1722168675
experttrafficmonitor.com/ Name: uid_id2
Value: e69f96b8-53d1-4ae5-9d1a-ddeb21f0c2e9:3:1
experttrafficmonitor.com/ Name: ak
Value: 2074,1722168675
experttrafficmonitor.com/ Name: acl
Value: 20,0,1722168675

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=43200