www.pointway.site Open in urlscan Pro
2a04:3542:1000:910:80c8:eeff:fe8b:30bf  Public Scan

Submitted URL: https://www.bokkermotorbyke.fashion/?sl=5876460-6bcd1&pub_click_id={External_ID_from_traffic_source}&site={subID}&pub_sub_id={sub_su...
Effective URL: https://www.pointway.site/win_gold_min?tid=65cstmdif4jtwzwc3agow4co0,16502323,5,3829&ctrack=1734634445.1951568832&p=3829&p...
Submission: On December 19 via manual from AR — Scanned from GB

Summary

This website contacted 8 IPs in 5 countries across 10 domains to perform 26 HTTP transactions. The main IP is 2a04:3542:1000:910:80c8:eeff:fe8b:30bf, located in Madrid, Spain and belongs to UPCLOUD UpCloud Ltd, FI. The main domain is www.pointway.site.
TLS certificate: Issued by E6 on December 4th 2024. Valid for: 3 months.
This is the only time www.pointway.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 51.68.85.158 16276 (OVH OVH SAS)
8 99.198.106.194 32475 (SINGLEHOP...)
4 6 51.68.81.31 16276 (OVH OVH SAS)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 2a05:d018:e36... 16509 (AMAZON-02)
1 1 2a04:3542:100... 202053 (UPCLOUD U...)
6 2a04:3542:100... 202053 (UPCLOUD U...)
1 2a00:1450:400... 15169 (GOOGLE)
4 116.202.247.159 24940 (HETZNER-A...)
1 2001:4860:480... 15169 (GOOGLE)
26 8
Domain Requested by
8 pim.walloveriron.homes www.bokkermotorbyke.fashion
pim.walloveriron.homes
www.invariableblue.fashion
6 www.pointway.site t.krampenpampe.com
www.pointway.site
6 www.invariableblue.fashion 4 redirects pim.walloveriron.homes
4 carriers.mobilemediaportals.com www.pointway.site
3 t.krampenpampe.com www.invariableblue.fashion
3 www.bokkermotorbyke.fashion 2 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.pointway.site
1 1d6ceb3b060.terrifictc.net 1 redirects
1 cddtsecure.com 1 redirects
26 10

This site contains links to these domains. Also see Links.

Domain
lockspeed.one
Subject Issuer Validity Valid
www.bokkermotorbyke.fashion
R10
2024-10-28 -
2025-01-26
3 months crt.sh
pim.walloveriron.homes
E6
2024-12-15 -
2025-03-15
3 months crt.sh
www.invariableblue.fashion
R10
2024-10-28 -
2025-01-26
3 months crt.sh
krampenpampe.com
WE1
2024-11-08 -
2025-02-06
3 months crt.sh
*.pointway.site
E6
2024-12-04 -
2025-03-04
3 months crt.sh
*.google-analytics.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
mobilemediaportals.com
R10
2024-12-04 -
2025-03-04
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.pointway.site/win_gold_min?tid=65cstmdif4jtwzwc3agow4co0,16502323,5,3829&ctrack=1734634445.1951568832&p=3829&pi=17412&click_id=4757cc29ae95496d95773d8a155f572327055&media_type=mainstream
Frame ID: 74E1DF3A724234ED2C1FEEB94AE658C4
Requests: 26 HTTP requests in this frame

Screenshot

Page Title

Congratulations!

Page URL History Show full URLs

  1. https://www.bokkermotorbyke.fashion/?sl=5876460-6bcd1&pub_click_id={External_ID_from_traffic_source}&site={subID... Page URL
  2. https://www.bokkermotorbyke.fashion/?sl=5876460-6bcd1&pub_click_id={External_ID_from_traffic_source}&site={subID... HTTP 302
    https://www.bokkermotorbyke.fashion/?sl=5876460-6bcd1&pub_click_id=%7BExternal_ID_from_traffic_source%7D&site=%7... HTTP 302
    https://pim.walloveriron.homes/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=91... Page URL
  3. https://pim.walloveriron.homes/?utm_term=7450198198921986149&tid=4c696e7578207838365f3634 Page URL
  4. https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198198921986149&site=24829-2ec47214&pub_... Page URL
  5. https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198198921986149&site=24829-2ec47214&pub_... HTTP 302
    https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198198921986149&site=24829-2ec47214&pub_... HTTP 302
    https://pim.walloveriron.homes/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=84... Page URL
  6. https://pim.walloveriron.homes/?utm_term=7450198207511920700&tid=4c696e7578207838365f3634 Page URL
  7. https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198207511920700&site=24829-2ec47214&pub_... Page URL
  8. https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198207511920700&site=24829-2ec47214&pub_... HTTP 302
    https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198207511920700&site=24829-2ec47214&pub_... HTTP 302
    https://t.krampenpampe.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=3421670024049296296 Page URL
  9. https://cddtsecure.com/?a=17412&c=238825&s1=24589&s3=371812&s2=24121919_01_371812_f663bef49d83b HTTP 302
    https://1d6ceb3b060.terrifictc.net/?p=3829&media_type=mainstream&click_id=4757cc29ae95496d95773d8a155f572327055... HTTP 302
    https://www.pointway.site/win_gold_min?tid=65cstmdif4jtwzwc3agow4co0,16502323,5,3829&ctrack=1734634445... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

26
Requests

100 %
HTTPS

60 %
IPv6

10
Domains

10
Subdomains

8
IPs

5
Countries

290 kB
Transfer

724 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.bokkermotorbyke.fashion/?sl=5876460-6bcd1&pub_click_id={External_ID_from_traffic_source}&site={subID}&pub_sub_id={sub_subID} Page URL
  2. https://www.bokkermotorbyke.fashion/?sl=5876460-6bcd1&pub_click_id={External_ID_from_traffic_source}&site={subID}&pub_sub_id={sub_subID}&eyeg=a732cdceff49d5c610223f5ed0427d81&eyer=0.11842659078283013&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
    https://www.bokkermotorbyke.fashion/?sl=5876460-6bcd1&pub_click_id=%7BExternal_ID_from_traffic_source%7D&site=%7BsubID%7D&pub_sub_id=%7Bsub_subID%7D&eyeg=3&eyer=0.11842659078283013&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
    https://pim.walloveriron.homes/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=9104785744132564251&1=trk1_mdc_GB Page URL
  3. https://pim.walloveriron.homes/?utm_term=7450198198921986149&tid=4c696e7578207838365f3634 Page URL
  4. https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198198921986149&site=24829-2ec47214&pub_sub_id=24829 Page URL
  5. https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198198921986149&site=24829-2ec47214&pub_sub_id=24829&eyeg=5146505fb954766f0b1cb55e014a06ef&eyer=0.12042703147525669&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=pim.walloveriron.homes HTTP 302
    https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198198921986149&site=24829-2ec47214&pub_sub_id=24829&eyeg=3&eyer=0.12042703147525669&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=pim.walloveriron.homes HTTP 302
    https://pim.walloveriron.homes/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=8482483590249026778&1=trk1_mdc_GB Page URL
  6. https://pim.walloveriron.homes/?utm_term=7450198207511920700&tid=4c696e7578207838365f3634 Page URL
  7. https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198207511920700&site=24829-2ec47214&pub_sub_id=24829 Page URL
  8. https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198207511920700&site=24829-2ec47214&pub_sub_id=24829&eyeg=001a269f2d788518cbde4c98bb3a3027&eyer=0.8365555860551663&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=pim.walloveriron.homes HTTP 302
    https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198207511920700&site=24829-2ec47214&pub_sub_id=24829&eyeg=3&eyer=0.8365555860551663&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=pim.walloveriron.homes HTTP 302
    https://t.krampenpampe.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=3421670024049296296 Page URL
  9. https://cddtsecure.com/?a=17412&c=238825&s1=24589&s3=371812&s2=24121919_01_371812_f663bef49d83b HTTP 302
    https://1d6ceb3b060.terrifictc.net/?p=3829&media_type=mainstream&click_id=4757cc29ae95496d95773d8a155f572327055&pi=17412 HTTP 302
    https://www.pointway.site/win_gold_min?tid=65cstmdif4jtwzwc3agow4co0,16502323,5,3829&ctrack=1734634445.1951568832&p=3829&pi=17412&click_id=4757cc29ae95496d95773d8a155f572327055&media_type=mainstream Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://www.bokkermotorbyke.fashion/?sl=5876460-6bcd1&pub_click_id={External_ID_from_traffic_source}&site={subID}&pub_sub_id={sub_subID}&eyeg=a732cdceff49d5c610223f5ed0427d81&eyer=0.11842659078283013&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
  • https://www.bokkermotorbyke.fashion/?sl=5876460-6bcd1&pub_click_id=%7BExternal_ID_from_traffic_source%7D&site=%7BsubID%7D&pub_sub_id=%7Bsub_subID%7D&eyeg=3&eyer=0.11842659078283013&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
  • https://pim.walloveriron.homes/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=9104785744132564251&1=trk1_mdc_GB
Request Chain 6
  • https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198198921986149&site=24829-2ec47214&pub_sub_id=24829&eyeg=5146505fb954766f0b1cb55e014a06ef&eyer=0.12042703147525669&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=pim.walloveriron.homes HTTP 302
  • https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198198921986149&site=24829-2ec47214&pub_sub_id=24829&eyeg=3&eyer=0.12042703147525669&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=pim.walloveriron.homes HTTP 302
  • https://pim.walloveriron.homes/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=8482483590249026778&1=trk1_mdc_GB
Request Chain 11
  • https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198207511920700&site=24829-2ec47214&pub_sub_id=24829&eyeg=001a269f2d788518cbde4c98bb3a3027&eyer=0.8365555860551663&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=pim.walloveriron.homes HTTP 302
  • https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198207511920700&site=24829-2ec47214&pub_sub_id=24829&eyeg=3&eyer=0.8365555860551663&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=pim.walloveriron.homes HTTP 302
  • https://t.krampenpampe.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=3421670024049296296

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
www.bokkermotorbyke.fashion/
4 KB
4 KB
Document
General
Full URL
https://www.bokkermotorbyke.fashion/?sl=5876460-6bcd1&pub_click_id={External_ID_from_traffic_source}&site={subID}&pub_sub_id={sub_subID}
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.85.158 , United Kingdom, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Thu, 19 Dec 2024 18:54:02 GMT
Transfer-Encoding
chunked
/
pim.walloveriron.homes/
Redirect Chain
  • https://www.bokkermotorbyke.fashion/?sl=5876460-6bcd1&pub_click_id={External_ID_from_traffic_source}&site={subID}&pub_sub_id={sub_subID}&eyeg=a732cdceff49d5c610223f5ed0427d81&eyer=0.118426590782830...
  • https://www.bokkermotorbyke.fashion/?sl=5876460-6bcd1&pub_click_id=%7BExternal_ID_from_traffic_source%7D&site=%7BsubID%7D&pub_sub_id=%7Bsub_subID%7D&eyeg=3&eyer=0.11842659078283013&eyei=0&eyew=1600...
  • https://pim.walloveriron.homes/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=9104785744132564251&1=trk1_mdc_GB
1 KB
1 KB
Document
General
Full URL
https://pim.walloveriron.homes/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=9104785744132564251&1=trk1_mdc_GB
Requested by
Host: www.bokkermotorbyke.fashion
URL: https://www.bokkermotorbyke.fashion/?sl=5876460-6bcd1&pub_click_id={External_ID_from_traffic_source}&site={subID}&pub_sub_id={sub_subID}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.198.106.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
206f8fe79671cb7c29c1b362c974ac10dda6bca1228166f6e7252c6d76dd6aa8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.bokkermotorbyke.fashion/?sl=5876460-6bcd1&pub_click_id={External_ID_from_traffic_source}&site={subID}&pub_sub_id={sub_subID}
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc
h3=":443"; ma=604800; persist=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 19 Dec 2024 18:54:02 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding

Redirect headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
0
Date
Thu, 19 Dec 2024 18:54:02 GMT
Location
https://pim.walloveriron.homes/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=9104785744132564251&1=trk1_mdc_GB
/
pim.walloveriron.homes/
9 KB
3 KB
Document
General
Full URL
https://pim.walloveriron.homes/?utm_term=7450198198921986149&tid=4c696e7578207838365f3634
Requested by
Host: pim.walloveriron.homes
URL: https://pim.walloveriron.homes/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=9104785744132564251&1=trk1_mdc_GB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.198.106.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
2ce3b485292121f07efba166e0b8ee095c7e9f5c8368c32f984f3871a8a7c550
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pim.walloveriron.homes/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=9104785744132564251&1=trk1_mdc_GB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc
h3=":443"; ma=604800; persist=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 19 Dec 2024 18:54:03 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
favicon.ico
pim.walloveriron.homes/
1 KB
1 KB
Other
General
Full URL
https://pim.walloveriron.homes/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.198.106.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pim.walloveriron.homes/?utm_term=7450198198921986149&tid=4c696e7578207838365f3634

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=86400
etag
"64d60f4e-47e"
expires
Fri, 20 Dec 2024 18:54:03 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=604800; persist=1
content-length
1150
date
Thu, 19 Dec 2024 18:54:03 GMT
content-type
image/x-icon
last-modified
Fri, 11 Aug 2023 10:37:02 GMT
server
nginx
favicon.ico
pim.walloveriron.homes/
1 KB
0
Other
General
Full URL
https://pim.walloveriron.homes/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.198.106.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pim.walloveriron.homes/?utm_term=7450198198921986149&tid=4c696e7578207838365f3634

Response headers

cache-control
max-age=86400
etag
"64d60f4e-47e"
expires
Fri, 20 Dec 2024 18:54:03 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=604800; persist=1
content-length
1150
date
Thu, 19 Dec 2024 18:54:03 GMT
content-type
image/x-icon
last-modified
Fri, 11 Aug 2023 10:37:02 GMT
server
nginx
/
www.invariableblue.fashion/
4 KB
4 KB
Document
General
Full URL
https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198198921986149&site=24829-2ec47214&pub_sub_id=24829
Requested by
Host: pim.walloveriron.homes
URL: https://pim.walloveriron.homes/?utm_term=7450198198921986149&tid=4c696e7578207838365f3634
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 , United Kingdom, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://pim.walloveriron.homes/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Thu, 19 Dec 2024 18:54:04 GMT
Transfer-Encoding
chunked
/
pim.walloveriron.homes/
Redirect Chain
  • https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198198921986149&site=24829-2ec47214&pub_sub_id=24829&eyeg=5146505fb954766f0b1cb55e014a06ef&eyer=0.12042703147525669&eyei=0&eye...
  • https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198198921986149&site=24829-2ec47214&pub_sub_id=24829&eyeg=3&eyer=0.12042703147525669&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef...
  • https://pim.walloveriron.homes/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=8482483590249026778&1=trk1_mdc_GB
1 KB
1015 B
Document
General
Full URL
https://pim.walloveriron.homes/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=8482483590249026778&1=trk1_mdc_GB
Requested by
Host: www.invariableblue.fashion
URL: https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198198921986149&site=24829-2ec47214&pub_sub_id=24829
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.198.106.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198198921986149&site=24829-2ec47214&pub_sub_id=24829
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc
h3=":443"; ma=604800; persist=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 19 Dec 2024 18:54:04 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
accept-encoding

Redirect headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
0
Date
Thu, 19 Dec 2024 18:54:04 GMT
Location
https://pim.walloveriron.homes/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=8482483590249026778&1=trk1_mdc_GB
/
pim.walloveriron.homes/
9 KB
3 KB
Document
General
Full URL
https://pim.walloveriron.homes/?utm_term=7450198207511920700&tid=4c696e7578207838365f3634
Requested by
Host: pim.walloveriron.homes
URL: https://pim.walloveriron.homes/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=8482483590249026778&1=trk1_mdc_GB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.198.106.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
0c28cec9f3c4022f94b4df76e2ee372fab7f321466fc7ed4bc75d5154cba09af
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pim.walloveriron.homes/?utm_medium=5299fdedf06e5eb5a85c851edd0c6d0e8f49c422&utm_campaign=msl&cid=8482483590249026778&1=trk1_mdc_GB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc
h3=":443"; ma=604800; persist=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 19 Dec 2024 18:54:04 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
accept-encoding
favicon.ico
pim.walloveriron.homes/
1 KB
0
Other
General
Full URL
https://pim.walloveriron.homes/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.198.106.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pim.walloveriron.homes/?utm_term=7450198207511920700&tid=4c696e7578207838365f3634

Response headers

cache-control
max-age=86400
etag
"64d60f4e-47e"
expires
Fri, 20 Dec 2024 18:54:03 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=604800; persist=1
content-length
1150
date
Thu, 19 Dec 2024 18:54:03 GMT
content-type
image/x-icon
last-modified
Fri, 11 Aug 2023 10:37:02 GMT
server
nginx
favicon.ico
pim.walloveriron.homes/
1 KB
0
Other
General
Full URL
https://pim.walloveriron.homes/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.198.106.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pim.walloveriron.homes/?utm_term=7450198207511920700&tid=4c696e7578207838365f3634

Response headers

cache-control
max-age=86400
etag
"64d60f4e-47e"
expires
Fri, 20 Dec 2024 18:54:03 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=604800; persist=1
content-length
1150
date
Thu, 19 Dec 2024 18:54:03 GMT
content-type
image/x-icon
last-modified
Fri, 11 Aug 2023 10:37:02 GMT
server
nginx
/
www.invariableblue.fashion/
4 KB
4 KB
Document
General
Full URL
https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198207511920700&site=24829-2ec47214&pub_sub_id=24829
Requested by
Host: pim.walloveriron.homes
URL: https://pim.walloveriron.homes/?utm_term=7450198207511920700&tid=4c696e7578207838365f3634
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 , United Kingdom, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://pim.walloveriron.homes/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Thu, 19 Dec 2024 18:54:05 GMT
Transfer-Encoding
chunked
/
t.krampenpampe.com/directclick/
Redirect Chain
  • https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198207511920700&site=24829-2ec47214&pub_sub_id=24829&eyeg=001a269f2d788518cbde4c98bb3a3027&eyer=0.8365555860551663&eyei=0&eyew...
  • https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198207511920700&site=24829-2ec47214&pub_sub_id=24829&eyeg=3&eyer=0.8365555860551663&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=...
  • https://t.krampenpampe.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=3421670024049296296
25 KB
10 KB
Document
General
Full URL
https://t.krampenpampe.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=3421670024049296296
Requested by
Host: www.invariableblue.fashion
URL: https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198207511920700&site=24829-2ec47214&pub_sub_id=24829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bd782c7861fd57dd11f75b131b7e4799af36ef97820cef6c0ecbfed4040007b

Request headers

Referer
https://www.invariableblue.fashion/?sl=5864390-46768&pub_click_id=M7450198207511920700&site=24829-2ec47214&pub_sub_id=24829
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f499962ac5c3693-LHR
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Thu, 19 Dec 2024 18:54:05 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7L85shwXpsDF1CJH1MeKlrX3v%2BikEdgYW2iTzuoGJsD9uEIX2UyEzyRxikwBuW3iNrSNDmxmVJ7VQTU%2BR12p8BFB3bLLZNmtRra65xphr0VYgVakdDOZ61puJ9hZc1aJGd7RK7vvg7DoWD2mdgZXrEY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=26236&min_rtt=24037&rtt_var=5657&sent=7&recv=11&lost=0&retrans=0&sent_bytes=4020&recv_bytes=2430&delivery_rate=153472&cwnd=237&unsent_bytes=0&cid=8eb39fb7d4ba0da0&ts=328&x=0"
vary
accept-encoding

Redirect headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
0
Date
Thu, 19 Dec 2024 18:54:05 GMT
Location
https://t.krampenpampe.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=3421670024049296296
favicon.ico
t.krampenpampe.com/
108 B
585 B
Other
General
Full URL
https://t.krampenpampe.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zAlRduRQ09mFa7we2DW7loSLyE6h1qm04iOQvtvKSzMhKqsQIfVokde%2FsqmC2vbqxKTUdGo22xfPBL7eYjfJEPtw%2BLW%2BDUZhN%2FnNWjZ1YtvHkUycU3BSovXZq4go2iC8rz6nd3waKxIFs3iT1892eg4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f499964cf083693-LHR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=24990&min_rtt=23972&rtt_var=1878&sent=22&recv=19&lost=0&retrans=0&sent_bytes=14103&recv_bytes=2698&delivery_rate=712413&cwnd=241&unsent_bytes=0&cid=8eb39fb7d4ba0da0&ts=443&x=0"
date
Thu, 19 Dec 2024 18:54:05 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
Primary Request win_gold_min
www.pointway.site/
Redirect Chain
  • https://cddtsecure.com/?a=17412&c=238825&s1=24589&s3=371812&s2=24121919_01_371812_f663bef49d83b
  • https://1d6ceb3b060.terrifictc.net/?p=3829&media_type=mainstream&click_id=4757cc29ae95496d95773d8a155f572327055&pi=17412
  • https://www.pointway.site/win_gold_min?tid=65cstmdif4jtwzwc3agow4co0,16502323,5,3829&ctrack=1734634445.1951568832&p=3829&pi=17412&click_id=4757cc29ae95496d95773d8a155f572327055&media_type=mainstream
16 KB
8 KB
Document
General
Full URL
https://www.pointway.site/win_gold_min?tid=65cstmdif4jtwzwc3agow4co0,16502323,5,3829&ctrack=1734634445.1951568832&p=3829&pi=17412&click_id=4757cc29ae95496d95773d8a155f572327055&media_type=mainstream
Requested by
Host: t.krampenpampe.com
URL: https://t.krampenpampe.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=3421670024049296296
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:3542:1000:910:80c8:eeff:fe8b:30bf Madrid, Spain, ASN202053 (UPCLOUD UpCloud Ltd, FI),
Reverse DNS
Software
/
Resource Hash
e9423cf671c662fc7453a4cd32b643ed483ace0b8a3b1ce8bc1f5fd83bbca77a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 19 Dec 2024 18:54:06 GMT
log-id
34cd230d-71b5-4e7b-94ba-59c738979b23
vary
Accept-Encoding

Redirect headers

content-type
text/html; charset=UTF-8
date
Thu, 19 Dec 2024 18:54:05 GMT
location
https://www.pointway.site/win_gold_min?tid=65cstmdif4jtwzwc3agow4co0,16502323,5,3829&ctrack=1734634445.1951568832&p=3829&pi=17412&click_id=4757cc29ae95496d95773d8a155f572327055&media_type=mainstream
favicon.ico
t.krampenpampe.com/
108 B
0
Other
General
Full URL
https://t.krampenpampe.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zAlRduRQ09mFa7we2DW7loSLyE6h1qm04iOQvtvKSzMhKqsQIfVokde%2FsqmC2vbqxKTUdGo22xfPBL7eYjfJEPtw%2BLW%2BDUZhN%2FnNWjZ1YtvHkUycU3BSovXZq4go2iC8rz6nd3waKxIFs3iT1892eg4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f499964cf083693-LHR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=24990&min_rtt=23972&rtt_var=1878&sent=22&recv=19&lost=0&retrans=0&sent_bytes=14103&recv_bytes=2698&delivery_rate=712413&cwnd=241&unsent_bytes=0&cid=8eb39fb7d4ba0da0&ts=443&x=0"
date
Thu, 19 Dec 2024 18:54:05 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/
295 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2V6DGFRPKP
Requested by
Host: www.pointway.site
URL: https://www.pointway.site/win_gold_min?tid=65cstmdif4jtwzwc3agow4co0,16502323,5,3829&ctrack=1734634445.1951568832&p=3829&pi=17412&click_id=4757cc29ae95496d95773d8a155f572327055&media_type=mainstream
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
71952b4e3efa6bca256c7f9abd84a3822eb071cef067761e531544be0975f7e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.pointway.site/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 19 Dec 2024 18:54:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 18:54:06 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
103567
x-xss-protection
0
server
Google Tag Manager
app.css
www.pointway.site/css/offers/win_gold_min/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.pointway.site/css/offers/win_gold_min/app.css?id=4393b9ef49db5826d870295fe8ab6f3f
Requested by
Host: www.pointway.site
URL: https://www.pointway.site/win_gold_min?tid=65cstmdif4jtwzwc3agow4co0,16502323,5,3829&ctrack=1734634445.1951568832&p=3829&pi=17412&click_id=4757cc29ae95496d95773d8a155f572327055&media_type=mainstream
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:3542:1000:910:80c8:eeff:fe8b:30bf Madrid, Spain, ASN202053 (UPCLOUD UpCloud Ltd, FI),
Reverse DNS
Software
/
Resource Hash
518c664d6ae9c161379b0aff0d9e5b088dcacd5afa74dedfc8bc3fb38c851994

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.pointway.site/win_gold_min?tid=65cstmdif4jtwzwc3agow4co0,16502323,5,3829&ctrack=1734634445.1951568832&p=3829&pi=17412&click_id=4757cc29ae95496d95773d8a155f572327055&media_type=mainstream

Response headers

cache-control
max-age=31536000, public
content-encoding
gzip
etag
W/"6731fa7f-e19"
pragma
public
expires
Fri, 19 Dec 2025 18:54:06 GMT
date
Thu, 19 Dec 2024 18:54:06 GMT
content-type
text/css
last-modified
Mon, 11 Nov 2024 12:37:19 GMT
vary
Accept-Encoding
default@0.75x.png
www.pointway.site/img/prizes/iphone-16-pro/
14 KB
14 KB
Image
General
Full URL
https://www.pointway.site/img/prizes/iphone-16-pro/default@0.75x.png
Requested by
Host: www.pointway.site
URL: https://www.pointway.site/win_gold_min?tid=65cstmdif4jtwzwc3agow4co0,16502323,5,3829&ctrack=1734634445.1951568832&p=3829&pi=17412&click_id=4757cc29ae95496d95773d8a155f572327055&media_type=mainstream
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:3542:1000:910:80c8:eeff:fe8b:30bf Madrid, Spain, ASN202053 (UPCLOUD UpCloud Ltd, FI),
Reverse DNS
Software
/
Resource Hash
ae5da63a24dc1a364c25840c848f26ed4c5999edf1c0d2d4312c3277f35e47c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.pointway.site/win_gold_min?tid=65cstmdif4jtwzwc3agow4co0,16502323,5,3829&ctrack=1734634445.1951568832&p=3829&pi=17412&click_id=4757cc29ae95496d95773d8a155f572327055&media_type=mainstream

Response headers

cache-control
max-age=31536000, public
etag
"6731fa02-38f0"
pragma
public
expires
Fri, 19 Dec 2025 18:54:06 GMT
accept-ranges
bytes
content-length
14576
date
Thu, 19 Dec 2024 18:54:06 GMT
content-type
image/png
last-modified
Mon, 11 Nov 2024 12:35:14 GMT
app.js
www.pointway.site/js/
0
207 B
Script
General
Full URL
https://www.pointway.site/js/app.js?id=d41d8cd98f00b204e9800998ecf8427e
Requested by
Host: www.pointway.site
URL: https://www.pointway.site/win_gold_min?tid=65cstmdif4jtwzwc3agow4co0,16502323,5,3829&ctrack=1734634445.1951568832&p=3829&pi=17412&click_id=4757cc29ae95496d95773d8a155f572327055&media_type=mainstream
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:3542:1000:910:80c8:eeff:fe8b:30bf Madrid, Spain, ASN202053 (UPCLOUD UpCloud Ltd, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.pointway.site/win_gold_min?tid=65cstmdif4jtwzwc3agow4co0,16502323,5,3829&ctrack=1734634445.1951568832&p=3829&pi=17412&click_id=4757cc29ae95496d95773d8a155f572327055&media_type=mainstream

Response headers

cache-control
max-age=31536000, public
etag
"6731fa7f-0"
pragma
public
expires
Fri, 19 Dec 2025 18:54:06 GMT
accept-ranges
bytes
content-length
0
date
Thu, 19 Dec 2024 18:54:06 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 11 Nov 2024 12:37:19 GMT
app.js
www.pointway.site/js/offers/win_gold_min/
288 KB
95 KB
Script
General
Full URL
https://www.pointway.site/js/offers/win_gold_min/app.js?id=8a5b6974fa6c787a798dff7ff3bd38a9
Requested by
Host: www.pointway.site
URL: https://www.pointway.site/win_gold_min?tid=65cstmdif4jtwzwc3agow4co0,16502323,5,3829&ctrack=1734634445.1951568832&p=3829&pi=17412&click_id=4757cc29ae95496d95773d8a155f572327055&media_type=mainstream
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:3542:1000:910:80c8:eeff:fe8b:30bf Madrid, Spain, ASN202053 (UPCLOUD UpCloud Ltd, FI),
Reverse DNS
Software
/
Resource Hash
bb997337d4d030a6f8059b6db9df7425a35e3f19f8c543ff0366587a04b67837

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.pointway.site/win_gold_min?tid=65cstmdif4jtwzwc3agow4co0,16502323,5,3829&ctrack=1734634445.1951568832&p=3829&pi=17412&click_id=4757cc29ae95496d95773d8a155f572327055&media_type=mainstream

Response headers

cache-control
max-age=31536000, public
content-encoding
gzip
etag
W/"6731fa7e-48164"
pragma
public
expires
Fri, 19 Dec 2025 18:54:06 GMT
date
Thu, 19 Dec 2024 18:54:06 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 11 Nov 2024 12:37:18 GMT
vary
Accept-Encoding
bg.jpg
www.pointway.site/img/offers/win_gold_min/
31 KB
31 KB
Image
General
Full URL
https://www.pointway.site/img/offers/win_gold_min/bg.jpg
Requested by
Host: www.pointway.site
URL: https://www.pointway.site/css/offers/win_gold_min/app.css?id=4393b9ef49db5826d870295fe8ab6f3f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:3542:1000:910:80c8:eeff:fe8b:30bf Madrid, Spain, ASN202053 (UPCLOUD UpCloud Ltd, FI),
Reverse DNS
Software
/
Resource Hash
35b6e5cc0b3a23ad26e7e6e444998d4aa95d66add467bd2e110a3ae67c61a3c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.pointway.site/css/offers/win_gold_min/app.css?id=4393b9ef49db5826d870295fe8ab6f3f

Response headers

cache-control
max-age=31536000, public
etag
"6731fa7f-7b2f"
pragma
public
expires
Fri, 19 Dec 2025 18:54:06 GMT
accept-ranges
bytes
content-length
31535
date
Thu, 19 Dec 2024 18:54:06 GMT
content-type
image/jpeg
last-modified
Mon, 11 Nov 2024 12:37:19 GMT
ee.svg
carriers.mobilemediaportals.com/
6 KB
1 KB
Image
General
Full URL
https://carriers.mobilemediaportals.com/ee.svg
Requested by
Host: www.pointway.site
URL: https://www.pointway.site/win_gold_min?tid=65cstmdif4jtwzwc3agow4co0,16502323,5,3829&ctrack=1734634445.1951568832&p=3829&pi=17412&click_id=4757cc29ae95496d95773d8a155f572327055&media_type=mainstream
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.247.159 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.159.247.202.116.clients.your-server.de
Software
/
Resource Hash
71de862975fcbcdde74f898620cd72246f06aa708c76a4b6ac2a91bab0f68e78

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.pointway.site/

Response headers

content-encoding
gzip
date
Thu, 19 Dec 2024 18:54:06 GMT
etag
W/"66c5ad7c-18aa"
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding
last-modified
Wed, 21 Aug 2024 09:03:56 GMT
vodafone.svg
carriers.mobilemediaportals.com/
689 B
522 B
Image
General
Full URL
https://carriers.mobilemediaportals.com/vodafone.svg
Requested by
Host: www.pointway.site
URL: https://www.pointway.site/win_gold_min?tid=65cstmdif4jtwzwc3agow4co0,16502323,5,3829&ctrack=1734634445.1951568832&p=3829&pi=17412&click_id=4757cc29ae95496d95773d8a155f572327055&media_type=mainstream
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.247.159 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.159.247.202.116.clients.your-server.de
Software
/
Resource Hash
5d1f3eba861b3b61a94974c291157f6087eeb1aecd5adaf2b5d07a2257b12c96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.pointway.site/

Response headers

content-encoding
gzip
date
Thu, 19 Dec 2024 18:54:06 GMT
etag
W/"66c5ad7c-2b1"
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding
last-modified
Wed, 21 Aug 2024 09:03:56 GMT
three.svg
carriers.mobilemediaportals.com/
6 KB
2 KB
Image
General
Full URL
https://carriers.mobilemediaportals.com/three.svg
Requested by
Host: www.pointway.site
URL: https://www.pointway.site/win_gold_min?tid=65cstmdif4jtwzwc3agow4co0,16502323,5,3829&ctrack=1734634445.1951568832&p=3829&pi=17412&click_id=4757cc29ae95496d95773d8a155f572327055&media_type=mainstream
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.247.159 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.159.247.202.116.clients.your-server.de
Software
/
Resource Hash
a530a2345ee3f7e795d7ac8d1d630d15d40a8347ddadb807acff45c41ea31550

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.pointway.site/

Response headers

content-encoding
gzip
date
Thu, 19 Dec 2024 18:54:06 GMT
etag
W/"66c5ad7c-1934"
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding
last-modified
Wed, 21 Aug 2024 09:03:56 GMT
o2.svg
carriers.mobilemediaportals.com/
934 B
593 B
Image
General
Full URL
https://carriers.mobilemediaportals.com/o2.svg
Requested by
Host: www.pointway.site
URL: https://www.pointway.site/win_gold_min?tid=65cstmdif4jtwzwc3agow4co0,16502323,5,3829&ctrack=1734634445.1951568832&p=3829&pi=17412&click_id=4757cc29ae95496d95773d8a155f572327055&media_type=mainstream
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.247.159 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.159.247.202.116.clients.your-server.de
Software
/
Resource Hash
41e90ad513e7514c505e362ef2d490ff015e9d7997864b358cb06691672d8104

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.pointway.site/

Response headers

content-encoding
gzip
date
Thu, 19 Dec 2024 18:54:06 GMT
etag
W/"66c5ad7c-3a6"
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding
last-modified
Wed, 21 Aug 2024 09:03:56 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2V6DGFRPKP&gtm=45je4cc1v880168263za200&_p=1734634446176&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=714467138.1734634446&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734634446&sct=1&seg=0&dl=https%3A%2F%2Fwww.pointway.site%2Fwin_gold_min%3Ftid%3D65cstmdif4jtwzwc3agow4co0%2C16502323%2C5%2C3829%26ctrack%3D1734634445.1951568832%26p%3D3829%26pi%3D17412%26click_id%3D4757cc29ae95496d95773d8a155f572327055%26media_type%3Dmainstream&dt=Congratulations!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.ab=a&ep.flow=ivr&ep.offer=win_gold_min&ep.prize=iphone-16-pro&ep.category=ivr_win&ep.p=3829&tfd=851
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2V6DGFRPKP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.pointway.site/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.pointway.site
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 18:54:06 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| pd_options object| view number| w number| h function| step object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

29 Cookies

Domain/Path Name / Value
.krampenpampe.com/ Name: checkkeks
Value: 1
.krampenpampe.com/ Name: eTag
Value: 8c1eeeb6e37d0a6dd3fe4ce61118dd45
.krampenpampe.com/ Name: ck_uniques
Value: 1734720844%3A24589-115227
.krampenpampe.com/ Name: ck_uniquesPa
Value: 1734720844%3A103655
.krampenpampe.com/ Name: ck_sys_uniques_3
Value: 1
.krampenpampe.com/ Name: u_current_ads_view
Value: 103655----
.cddtsecure.com/ Name: gdm_suid_v2_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.cddtsecure.com/ Name: gdm_click_freq_v2_1_001
Value: 5zPJcCxhHja1E+c9WyNsULSZpR1uL2vrd5/kVcydISBiiCmtSxJAqrn562y112Ac
.cddtsecure.com/ Name: gdm_click_adv_freq_v2_1_001
Value: Noe/5evDT0YYJOp2kg0BwY1boA5ne4J6ziNhLC/HaEGxtZVdt19lZSipKDDSMsT3
.cddtsecure.com/ Name: gdm_click_adv_freq_v1_1_001
Value: Noe/5evDT0YYJOp2kg0BwY1boA5ne4J6ziNhLC/HaEGxtZVdt19lZSipKDDSMsT3
.cddtsecure.com/ Name: gdm_sid_v1_3_001
Value: 9iqKsQnymGukt/uTmkQHMxFso63IwAIIXo0+wCXkCE/knPE/o7bLDTSc+f1BiAN4Nhf3nRwpsJNPbNsT8zAEjiN+IuFqcOxQMU1bjIYzK2iXvW9EzmhWsunQLkbc7tLOAUGK2bB8FdCaq7WAB2dFG6zxnU8U2dbhLYPRjgiQTAxyzrqLJ4LX0bVqshBs9OAx2DB5oGDmzOk0rv9zOmMV56P3NV6c7nGPZinYlwfAb9/pIb0DznJ76SnicROR58AkGriIMhPzhXcfXiJfNyQ4mrzU+STfS3r+icLBQtw4Q60KlWg9WBKMuhRJ7Hu3HO4GSoCjiZgdNb+VA6Em49IFqoR1RZzu6+/fqDIq6EtkMNGYQJyePF+2HouuRNiS9fyJ3FbFbuxMA9YGLmxSYweMsPk3YA3oGDwsqyglariiWJsN91/L/XOTeJnu6cV6m7PVDzO9IfjKfKtUJrnfSSrHFKgqNJNK2jHKDmthAcYif1kHd13ZszKn8TzOpMAoNP0CYhnge8aB0JTLLAp3wdjYNjWC7QlgnX9taaxZ6l4SKMnGROamxmAUzeGEUwbOCdQTgmqNziyj8mMNN6RUTqo2PW+1AZvi5DOkN6LlXcePQmKjqSpj+IRrSPK+Ex/b/z3gf/+4kSdlc8NUsf290ZGUfAgGK8tcPbYQhyjHo//qef2JJl8OLDlyXLSo03CW7ZvU1BPtVWXk/HLQN+YeQAnkQDXCNjjdVy6P8im2WiftDOSGD2iYPJ6ReWnpmpzYchze4vgj3MK5g7XSzzI+MNAUKWINV1ooJzx/K1CTnZN9Us6Zc5sY6EAAnBmC/Pd797JgVCSWZLvXHCDEhLKZdYmZNiTNxmS+dHVS0LOE1uhyH9bjX/ASq8R2xApNSxNJtn1s3VPIQU7RyD5PY39PAhQn7tFTiQ3RKmSSzThb4WkDU8q0VyiubXK7jgI/4FEKlU0sYRNP5wqWhYyzrI+3sG+mUdKQ9T4fvb64sTfnHJwGsJ2NxXQNpBejW3AP1mJsCuJpJOZ5Kf7M4wSc7ty7VcrNo3L0WGhm1d8bK0fM59dNxEAd3ng5q5lyv6ZuY81jCHSyZfYG8KhCEob5ieKodU/AtS8PeVn9TlNKPRIjwQC3whg=
.cddtsecure.com/ Name: gdm_sid_v2_3_001
Value: 9iqKsQnymGukt/uTmkQHMxFso63IwAIIXo0+wCXkCE/knPE/o7bLDTSc+f1BiAN4Nhf3nRwpsJNPbNsT8zAEjiN+IuFqcOxQMU1bjIYzK2iXvW9EzmhWsunQLkbc7tLOAUGK2bB8FdCaq7WAB2dFG6zxnU8U2dbhLYPRjgiQTAxyzrqLJ4LX0bVqshBs9OAx2DB5oGDmzOk0rv9zOmMV56P3NV6c7nGPZinYlwfAb9/pIb0DznJ76SnicROR58AkGriIMhPzhXcfXiJfNyQ4mrzU+STfS3r+icLBQtw4Q60KlWg9WBKMuhRJ7Hu3HO4GSoCjiZgdNb+VA6Em49IFqoR1RZzu6+/fqDIq6EtkMNGYQJyePF+2HouuRNiS9fyJ3FbFbuxMA9YGLmxSYweMsPk3YA3oGDwsqyglariiWJsN91/L/XOTeJnu6cV6m7PVDzO9IfjKfKtUJrnfSSrHFKgqNJNK2jHKDmthAcYif1kHd13ZszKn8TzOpMAoNP0CYhnge8aB0JTLLAp3wdjYNjWC7QlgnX9taaxZ6l4SKMnGROamxmAUzeGEUwbOCdQTgmqNziyj8mMNN6RUTqo2PW+1AZvi5DOkN6LlXcePQmKjqSpj+IRrSPK+Ex/b/z3gf/+4kSdlc8NUsf290ZGUfAgGK8tcPbYQhyjHo//qef2JJl8OLDlyXLSo03CW7ZvU1BPtVWXk/HLQN+YeQAnkQDXCNjjdVy6P8im2WiftDOSGD2iYPJ6ReWnpmpzYchze4vgj3MK5g7XSzzI+MNAUKWINV1ooJzx/K1CTnZN9Us6Zc5sY6EAAnBmC/Pd797JgVCSWZLvXHCDEhLKZdYmZNiTNxmS+dHVS0LOE1uhyH9bjX/ASq8R2xApNSxNJtn1s3VPIQU7RyD5PY39PAhQn7tFTiQ3RKmSSzThb4WkDU8q0VyiubXK7jgI/4FEKlU0sYRNP5wqWhYyzrI+3sG+mUdKQ9T4fvb64sTfnHJwGsJ2NxXQNpBejW3AP1mJsCuJpJOZ5Kf7M4wSc7ty7VcrNo3L0WGhm1d8bK0fM59dNxEAd3ng5q5lyv6ZuY81jCHSyZfYG8KhCEob5ieKodU/AtS8PeVn9TlNKPRIjwQC3whg=
.cddtsecure.com/ Name: gdm_suid_v1_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.cddtsecure.com/ Name: gdm_uid_v2_1_001
Value: ijAoc412IhWoVIbiA2ZQGFHsuJEZuvHVeEX/xR4z7pBx57C4EtJPO/19e+yEnro0
.cddtsecure.com/ Name: gdm_click_freq_v1_1_001
Value: 5zPJcCxhHja1E+c9WyNsULSZpR1uL2vrd5/kVcydISBiiCmtSxJAqrn562y112Ac
.cddtsecure.com/ Name: gdm_uid_v1_1_001
Value: ijAoc412IhWoVIbiA2ZQGFHsuJEZuvHVeEX/xR4z7pBx57C4EtJPO/19e+yEnro0
.1d6ceb3b060.terrifictc.net/ Name: rts-trck
Value: 1
.terrifictc.net/ Name: t-uuid
Value: 65cstmdij3vflbko96eww0o4w
.terrifictc.net/ Name: ab
Value: A
.terrifictc.net/ Name: traffic-visited-domain
Value: pointway.site
.terrifictc.net/ Name: traffic-back-ivr
Value: ok
www.pointway.site/ Name: XSRF-TOKEN
Value: eyJpdiI6IlN1bGM2dGp2cHAva1g1VWx6ZzFVZVE9PSIsInZhbHVlIjoiMzZueGI5aUFHZGM3Nm5ibDU5Y1ZEK2Z2bDc4d2UySHRhY0NoYmNlUHoxK1dBOGlrNms2Mlp5ckVWa1NwL0JSL1V6MStHMnJ3UHRsalVjT3prODI0RWprRFpKVVJ1WkcxaHc2S3ErZy90OW9QaW1NV2F4dzA0cXhJL0tiQW1jS0kiLCJtYWMiOiIyMjQ0Y2FhM2M4NmJkZTFmZmY3NGQyMTJhM2ZmNzU3MGMyNDc0YWY4MmVlNmNiOWM5NjkxYWFhMjMzOTYyMjU3IiwidGFnIjoiIn0%3D
www.pointway.site/ Name: ivr_offers_session
Value: eyJpdiI6IlZuRGo0M3BNU2Y4eFN3Vk5hbVJtcFE9PSIsInZhbHVlIjoicCt0eU5McUZXNWEvYkJ3ai9KcExyeGRmaUNNUHh1V280Z1lXczVBTXN0Z1NqRkpWYXVZMXhoYVk4ZllGeDBYRnkyeG51bkNrbUdaeUg5N0NTc1JHV015MUZEaVhaNnF3T3JOM2txYldOMURWbTNiYWJsclErUHcxZW8yS1VRSkkiLCJtYWMiOiI1YjczMmY5MmE1NjQ2MmJhYWZmYzdhOTRkMzM4YWUwNWU3YTRiN2IyOWYwMDMyZmJmMmE5NTQ1YzEzZmI4YmNmIiwidGFnIjoiIn0%3D
www.pointway.site/ Name: domain-trk
Value: eyJpdiI6IjRsRWVxT2gvQlRFakJKbHVDNjZXd1E9PSIsInZhbHVlIjoiZzRuYkdmRitIWkt4UW9ocmdHL1FTa2VBWlI5UXkwWWFPeXkxRU51bGRIMTlEWmZYQXdZVFVjQ3hVYzNCcTkxdiIsIm1hYyI6IjNlZWRhMmJlM2VlYzc0Mzg2NzhmZTM0N2Y5MDUwYTdhZTQ0OWJlYzAxZGY2NTczODljM2ExZTlmYjY1YTNhMTkiLCJ0YWciOiIifQ%3D%3D
www.pointway.site/ Name: SESS_TRAF
Value: eyJpdiI6InlzcEZGVWEwbW1ETUcyTFF6NkhVUHc9PSIsInZhbHVlIjoic2xsQXN2dlI0VXBScUxBaEdEdkRYeUo0aFlXRlhZc3BWNnlva0thdUdvdDRmWnM1eVRTM2tRUUFtbi9UUHpqR1dvNUpCWXFtUG1Xem5rL1Zud0I2N1Z0dnR2ejAyL2padmc2NG81NW9NUG9aM1hwN2lyU0p1L0pPNWpOZkFhbnl6OEVmS0E3NEkwTGliRFJ6dytmNkVrYlV2d3FrY1RyS2htcldJdXgxU1RaWFZoMXBEOEVCYUJlS3prcE04a21YWkhzdzRtOGZlRHRCRnNkSTluMlZhOW9OQXE0cTJpd0FFYXdURXBpYms0OWJjdUhWS2JYdzhnWTVSc2paSG9MSnp6Sm50anBXQkVhN3QrenZWanpSUXhNaE5oRk9nR2Qycjc1NElIa1B0M1o4RUZEK2hVNkt6N1VzdXVITXlvNG8iLCJtYWMiOiI1NjZiZWRjYjYzYzgzYjBhMTJkMTgzYWMwMmNkNzhiMWQ5MmRmYmE3NThlNmZjNTMwMzQxYzk4YzlmMDQ3ZDdjIiwidGFnIjoiIn0%3D
www.pointway.site/ Name: visit
Value: eyJpdiI6IjB6ZnJzSDRiekxMdlBxYmV5a2ROa1E9PSIsInZhbHVlIjoiZWh1d3pJVlBFKzU1Skk4cEFveHYxNG1zQmdkRlExanIyMjdYS3ltQVNqSE9yaFE5MzBjUEVTaEJsWGtaWnVucyIsIm1hYyI6ImI3YzA5NjY1OTc5OTNkMmI5NWMwYzk1Y2M5ZTMyMWI3YjgxYjI4MTE4YWFkMWE0OTFkMjczN2U1YTNlNjEwN2MiLCJ0YWciOiIifQ%3D%3D
www.pointway.site/ Name: QFVS9L50WcZG6o7c36uTlEZKooLrNHeNCg8ekU4g
Value: eyJpdiI6Ikl5SVVPRmVjZ0Y2RXp4UFB2WEtjY0E9PSIsInZhbHVlIjoiUk1qR2Fsa0xueFhSV1RHM2toZGhnTDJoUzhwK0pybC95VjNkV3RIb1pzTmdienpPL241YVA2UzRGNUZxMDk1MDJzZENieTgvNWFsUllCVTVkbklaV0Y0ME5teURNSnprYVhYQlNGTnRpZnZpaDBvZExZZDA0WnhBZkRnbHo0SUZBbzlzQmZFK3dpYkkzVzJyTnQxUHM3ZEoxMmVKT2hyVVdrSldLWDhFTTc1WHJ5ck81Qm41cUVZd01namFObys5ai9tWlMrQzRCK2NyLzREc3ZOeVNybW5EN2U2cFJuOEtwS1lYUHVOUVA3NCthNFdmR2hzUXdNOG1BSWdBS0dweDBJTnlNR1FJZWZxSSsyVFRsVFVRdE9QY2RLcGRPOE5INzNpV3F5eTRRbGZraVl0Ny9raWkrYW5FdFBWdEsvaG9MU2s5bTl4TDZmU1pXcGcyRVM4S2Urd05jZzV3d0hKZWRNR0ttK1VrQkU0U3dSdDl0TzRNaFVUMUhiUm1HUlA1ZHc5ZVFnUHpJWXRwM2hxYnlUVWxiUzNoRkUwMFBvTGJUMWZiOVladEZJWnVLd3RZMDZjWllZcjIrd1hmMzJJNjJoWWtvYmJxOVZIOVA2UWZCMTluWlNFL296ck9rbStLd2FqOHRtZ21Ja25zRTJOenlUZm5ST0NPR2dnV2N4SXN5Y3JHODkwR0s0aDJrYmxQN1pRLy9DRWhRSG5NT1B1SkRueTBVbjJBcDRrN2Vrdkd2SVdwUFpyRE8vbjdyUzRGMmdQRlBDaEdFdzhkMVRnMkYxVHJXVjVmb0dRZ0dyTHUyb1poOHVtM2tmdz0iLCJtYWMiOiJmMTJkN2M2MmRjZGRjZjdhOTdiMmRiMDNhMjg0ZGNkMjk4MTRiNTMyODQwYzI1MjhiYjdjMTViODZhODNjODg4IiwidGFnIjoiIn0%3D
.pointway.site/ Name: _ga
Value: GA1.1.714467138.1734634446
.pointway.site/ Name: _ga_2V6DGFRPKP
Value: GS1.1.1734634446.1.0.1734634446.0.0.0

2 Console Messages

Source Level URL
Text
network error URL: https://t.krampenpampe.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://t.krampenpampe.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d6ceb3b060.terrifictc.net
carriers.mobilemediaportals.com
cddtsecure.com
pim.walloveriron.homes
region1.google-analytics.com
t.krampenpampe.com
www.bokkermotorbyke.fashion
www.googletagmanager.com
www.invariableblue.fashion
www.pointway.site
116.202.247.159
2001:4860:4802:34::36
2a00:1450:4001:82f::2008
2a04:3542:1000:910:80c8:eeff:fe8b:2ba4
2a04:3542:1000:910:80c8:eeff:fe8b:30bf
2a05:d018:e36:3910:1d4c:9919:7871:728a
2a06:98c1:3121::3
51.68.81.31
51.68.85.158
99.198.106.194
0c28cec9f3c4022f94b4df76e2ee372fab7f321466fc7ed4bc75d5154cba09af
206f8fe79671cb7c29c1b362c974ac10dda6bca1228166f6e7252c6d76dd6aa8
2bd782c7861fd57dd11f75b131b7e4799af36ef97820cef6c0ecbfed4040007b
2ce3b485292121f07efba166e0b8ee095c7e9f5c8368c32f984f3871a8a7c550
35b6e5cc0b3a23ad26e7e6e444998d4aa95d66add467bd2e110a3ae67c61a3c7
41e90ad513e7514c505e362ef2d490ff015e9d7997864b358cb06691672d8104
518c664d6ae9c161379b0aff0d9e5b088dcacd5afa74dedfc8bc3fb38c851994
5d1f3eba861b3b61a94974c291157f6087eeb1aecd5adaf2b5d07a2257b12c96
71952b4e3efa6bca256c7f9abd84a3822eb071cef067761e531544be0975f7e1
71de862975fcbcdde74f898620cd72246f06aa708c76a4b6ac2a91bab0f68e78
a530a2345ee3f7e795d7ac8d1d630d15d40a8347ddadb807acff45c41ea31550
ae5da63a24dc1a364c25840c848f26ed4c5999edf1c0d2d4312c3277f35e47c6
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
bb997337d4d030a6f8059b6db9df7425a35e3f19f8c543ff0366587a04b67837
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9423cf671c662fc7453a4cd32b643ed483ace0b8a3b1ce8bc1f5fd83bbca77a