www.northernhunting.com Open in urlscan Pro
162.159.135.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://register-hypesquad.com/
Effective URL:
https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_co...
Submission: On July 12 via api (July 12th 2022, 12:40:09 am UTC) from US — Scanned from DE

Summary HTTP 31 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 14 domains to perform 31 HTTP transactions. The main IP is 162.159.135.42, located in and belongs to CLOUDFLARENET, US. The main domain is www.northernhunting.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 2nd 2021. Valid for: a year.

This is the only time www.northernhunting.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	103.224.212.220 103.224.212.220	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 5	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1	78.46.197.88 78.46.197.88	24940 (HETZNER-AS) (HETZNER-AS)
2	157.90.169.168 157.90.169.168	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2606:4700::68... 2606:4700::6813:a860	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2606:4700:20:... 2606:4700:20::6819:9455	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	162.159.135.42 162.159.135.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::6812:24f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a04:4e42:1b:... 2a04:4e42:1b::307	54113 (FASTLY) (FASTLY)
4	2606:4700::68... 2606:4700::6812:1f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	152.195.34.116 152.195.34.116	15133 (EDGECAST) (EDGECAST)
1	84.17.46.53 84.17.46.53	60068 (CDN77 ^_^) (CDN77 ^_^)
1	68.142.70.14 68.142.70.14	22822 (LLNW) (LLNW)
1	163.171.128.148 163.171.128.148	54994 (QUANTILNE...) (QUANTILNETWORKS)
1	2600:9000:225... 2600:9000:2250:a200:1b:9b5:7e00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.192.65 151.101.192.65	54113 (FASTLY) (FASTLY)
1	104.16.53.99 104.16.53.99	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
31	17

2 103.224.212.220 (Australia) 2 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-212-220.above.com

register-hypesquad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.224.182.206 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

1redirc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.197.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de

clever-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.169.168 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de

lookandfind.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:a860 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.srvtrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::6819:9455 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ndt5.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.159.135.42 (None, )

ASN13335 (CLOUDFLARENET, US)

www.northernhunting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:24f6 (United States)

ASN13335 (CLOUDFLARENET, US)

performance.radar.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.radar.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:1b::307 (United States)

ASN54113 (FASTLY, US)

exactly-huge-arachnid.edgecompute.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
uniquely-peaceful-hagfish.edgecompute.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:1f8 (United States)

ASN13335 (CLOUDFLARENET, US)

serverless-benchmarks-rust.compute-pipe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
serverless-benchmarks-js.compute-pipe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

stackpath-map3.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.195.34.116 (United States)

ASN15133 (EDGECAST, US)

vdms-ssl.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com

jsdelivr.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.142.70.14 (United States)

ASN22822 (LLNW, US)
PTR: https-68-142-70-14.any.llnw.net

p17003.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.171.128.148 (Germany)

ASN54994 (QUANTILNETWORKS, US)

cdnetworks.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:a200:1b:9b5:7e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

p29.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.65 (United States)

ASN54113 (FASTLY, US)

fastly.cedexis-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.53.99 (None, )

ASN13335 (CLOUDFLARENET, US)

ptcfc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cedexis-test.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	cedexis-test.com stackpath-map3.cedexis-test.com — Cisco Umbrella Rank: 20081 vdms-ssl.cedexis-test.com — Cisco Umbrella Rank: 12546 p17003.cedexis-test.com — Cisco Umbrella Rank: 35153 cdnetworks.cedexis-test.com — Cisco Umbrella Rank: 12844 p29.cedexis-test.com — Cisco Umbrella Rank: 12519 fastly.cedexis-test.com — Cisco Umbrella Rank: 12623	603 KB
5	1redirc.com 1 redirects 1redirc.com — Cisco Umbrella Rank: 123533	8 KB
4	compute-pipe.com serverless-benchmarks-rust.compute-pipe.com — Cisco Umbrella Rank: 64177 serverless-benchmarks-js.compute-pipe.com — Cisco Umbrella Rank: 63777	981 B
4	edgecompute.app exactly-huge-arachnid.edgecompute.app — Cisco Umbrella Rank: 64805 uniquely-peaceful-hagfish.edgecompute.app — Cisco Umbrella Rank: 64323	782 B
3	cloudflare.com performance.radar.cloudflare.com api.radar.cloudflare.com — Cisco Umbrella Rank: 30381	6 KB
3	northernhunting.com www.northernhunting.com	4 KB
2	ndt5.net 2 redirects ndt5.net	2 KB
2	srvtrck.com 1 redirects r.srvtrck.com — Cisco Umbrella Rank: 61559	1 KB
2	lookandfind.me lookandfind.me — Cisco Umbrella Rank: 405135	1 KB
2	register-hypesquad.com 2 redirects register-hypesquad.com	2 KB
1	akamaized.net cedexis-test.akamaized.net — Cisco Umbrella Rank: 21612	100 KB
1	ptcfc.com ptcfc.com — Cisco Umbrella Rank: 11187	100 KB
1	b-cdn.net jsdelivr.b-cdn.net — Cisco Umbrella Rank: 122267	101 KB
1	clever-redirect.com clever-redirect.com	679 B
31	14

	Domain	Requested by
5	1redirc.com	1 redirects 1redirc.com
3	www.northernhunting.com	r.srvtrck.com www.northernhunting.com
2	api.radar.cloudflare.com	performance.radar.cloudflare.com
2	uniquely-peaceful-hagfish.edgecompute.app	www.northernhunting.com
2	serverless-benchmarks-js.compute-pipe.com	www.northernhunting.com
2	serverless-benchmarks-rust.compute-pipe.com	www.northernhunting.com
2	exactly-huge-arachnid.edgecompute.app	www.northernhunting.com
2	ndt5.net	2 redirects
2	r.srvtrck.com	1 redirects lookandfind.me
2	lookandfind.me	clever-redirect.com
2	register-hypesquad.com	2 redirects
1	cedexis-test.akamaized.net	www.northernhunting.com
1	ptcfc.com	www.northernhunting.com
1	fastly.cedexis-test.com	www.northernhunting.com
1	p29.cedexis-test.com	www.northernhunting.com
1	cdnetworks.cedexis-test.com	www.northernhunting.com
1	p17003.cedexis-test.com	www.northernhunting.com
1	jsdelivr.b-cdn.net	www.northernhunting.com
1	vdms-ssl.cedexis-test.com	www.northernhunting.com
1	stackpath-map3.cedexis-test.com	www.northernhunting.com
1	performance.radar.cloudflare.com	www.northernhunting.com
1	clever-redirect.com	1redirc.com
31	22

This site contains links to these domains. Also see Links.

Domain
dash.cloudflare.com
support.cloudflare.com
www.cloudflare.com

Subject Issuer	Validity	Valid
tracker.clever-redirect.com R3	`2022-06-06` - `2022-09-04`	3 months	crt.sh
lookandfind.me R3	`2022-07-02` - `2022-09-30`	3 months	crt.sh
*.srvtrck.com Go Daddy Secure Certificate Authority - G2	`2021-12-23` - `2023-01-24`	a year	crt.sh
northernhunting.com Cloudflare Inc ECC CA-3	`2021-08-02` - `2022-08-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-13` - `2023-06-13`	a year	crt.sh
*.edgecompute.app GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-18` - `2022-11-19`	a year	crt.sh
p45890.cedexis-test.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-23` - `2023-06-23`	a year	crt.sh
p16999.cedexis-test.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-02`	a year	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-07` - `2022-11-11`	a year	crt.sh
p17003.cedexis-test.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-07` - `2023-06-07`	a year	crt.sh
p36.cedexis-test.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-09` - `2023-05-09`	a year	crt.sh
*.cedexis-test.com Amazon	`2021-11-16` - `2022-12-14`	a year	crt.sh
fastly.cedexis-test.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/
Frame ID: 7E80C901416557987B4209E2930F784D
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Access denied

Page URL History Show full URLs

http://register-hypesquad.com/ HTTP 302
https://register-hypesquad.com/ HTTP 302
http://1redirc.com/r2.php?e=jYo5PhHQM9XYp3l7GCLmiH49fi96ckdUZzN5b2sxK0hoN1lNMjFMdCtUbFlRcUhQMGN... Page URL
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D14802... HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=1480204868&sid=20220712104003f8bf0b688e4e76b5b3 Page URL
https://lookandfind.me/s/a?t=21&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=northernhunting.com&s1=721... Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Fr.srvtrck.com%2Fv1%2Fredirect%3Ftype%3DlinkId%26id%3Dbeb... Page URL
https://r.srvtrck.com/v1/redirect?type=linkId&id=beb64eb5507449f784ba643a40ef3926&api_key=d35c1f42... HTTP 302
https://r.srvtrck.com/v2/go?t=5t8pc%3A6%2Fbd555n9t1c5%3Fci4176517l5%3D0652170%264i32v5s7%268w9%3D5... Page URL
https://ndt5.net/c/?si=14681&li=1632378&wi=255978&ws=v030400013510c5874547d4fc45c18985753b260... HTTP 301
https://ndt5.net/redirect/global.php?dai_url_domain=www.northernhunting.com&dai_url_add=utm_s... HTTP 301
https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campa... Page URL

Detected technologies

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Page Statistics

31
Requests

87 %
HTTPS

37 %
IPv6

14
Domains

22
Subdomains

17
IPs

5
Countries

926 kB
Transfer

945 kB
Size

9
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://dash.cloudflare.com/?to=/:account/:zone/firewall
Title: Firewall Events Log

Search URL Search Domain Scan URL

URL: https://support.cloudflare.com/hc/articles/360029779472-Troubleshooting-Cloudflare-1XXX-errors#error1020
Title: Troubleshooting guide

Search URL Search Domain Scan URL

URL: https://www.cloudflare.com/
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://register-hypesquad.com/ HTTP 302
https://register-hypesquad.com/ HTTP 302
http://1redirc.com/r2.php?e=jYo5PhHQM9XYp3l7GCLmiH49fi96ckdUZzN5b2sxK0hoN1lNMjFMdCtUbFlRcUhQMGNCUHF3M2szS090R0w1WjVVbzNWR0U1dmF4V29VZnhlSjVacitpK0JrZUFlcVdxMU5MbUtsZ2tSR255UCtBaVdXU1RTSUxOOG9XUmRZYXVSVVVkdzVNRVVVa0hqL0FmbmZhSnlUUm43a2UxWURBZWNnNEZqYnNJUmRsa1BrVXFKLzU3cmx4LzNSN1RHeTRDSWQyNEdSR1Z2c3pIMll6bDFueFQwNTFDeTZZZFFHN2x4VVFWR1dZQ2VIS2RvMXJMSitwbnIyajFYK0xsRDFqZFhiVzdpeVc1N0NIZWRSM1kvRHY4cDhxcUlmT2tpWTIybE4xdm1LM2xwQk5lekcyWXN6MWJkUm9qUjFvTVhyZFBKQ0h5c3hpTnNDa1hIUklzWEJmbHVISlYwM0UzWURUbEpuRE05Rm1VWjAyUjRQMEgxMVhCcTlVWnZFVjAvb1NsSnFTd01UaHlSaGk5NkNlS21ZWjlhaTVnYWxNbFJYVW9VZEd3MCtEWFN4SkdwRVRxeFFMZEo3Wnp0dTR2aUlhNWI3RFIyTXp1d3ZvdU9LaGhJN0l2TDM1WG1Dc3dBekJlTHpQL1p6ZTY1TW1reGpwenBlMHhYVTdYVVJNeDZ0NXVEaHRzanZzMWRpNDRlQklIT3VzM0YxTjBVa2QrdkRLQVpkSFFMV1BuQyttSzJJRXJZYWVFMDAzS29Db3dRN1F0ZVppaVlmR096YlhYWmlqeUM4U2NYaVRsbkJkTWlKN1pDaEFtc1ZSdXdFSXhCMGVnZHFKWFNGendzejhHUWpQbHlobm1ZK0xHMTF1THVETnYvcHRtRFpaSktKa1M0NUU4aXpvOXZLUG5IaUhjK1Rmbm54L0VZam10c0VqSmZqZ0oyVTRLcnNhelZEb2g3SFFEbmZpT0Vaek5yTCt5aC80dUdoaXAxSGJOWE9nVmNjc1BSa3lNQ1Z4cVAyZ2NvR1pabkIzUFlxZmZGNTRVeUtZWHRIZmFLViszeC8yVWhDdWJZNWh6Y2E4MGc9PQ%3D%3D Page URL
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1480204868%26sid%3D20220712104003f8bf0b688e4e76b5b3&s=j&enc=vBZ6gZOr2yAcrWqh2UAiiH49fldsdjN6RWJXOXVsWDJ4WHl2ZlBFSXQ1NmpQRUNOb0R5RytPenk2alRVdi9SajVNWWFubHNIQnpIMWNWWHhtYjNKb2ZNb05OL1BIVForUzlOSXlQUHl4TzdRUE9uemptMXVNTU1WSDM2L2xJMTZxbms3YW1scTNjR0Z0YzBGVmxzVFV5Zy9WUDBCZ0pjenk1UUdVRnN1aWNDVjdjb1ZNeEIxVDd3ajR0QXhoWkdFRlJ0Qm56VnVNa0dqL3dlbWwwT010TmlZdGNzRHRjQmUrRW4xQTJpamZ1MytVLy9GYktqVU1RQWVLVzV1TU15ZnV4dmtnNWQ2WjZ0UGxzSVVRaUNKSEhOdEppNWVjN1R4WkV0dklBQWh6bmJZZU5STFdOMTQ1NE9QdVIwNzN0KzBhY0pYMmhwS1Z2Q1M1dlNZMW03SDJzMmZDOHRLK2hDY0t4QXdueEhNTjAxRk9hTFFwWEFuQ3BNYzk2VHZVdnNhOGsxZkZ0UjFHMmF6V2tjc0ROZ2g0dnZBbm50a0pTZ1QwT1dQckpSWkRrUVFrYVFad0xMV2Z6cisrcW1BaVJPMnhGUTBwaDg2OEFkQUIyc1B3L2lBaGFmb0ZVOVRGV2J6R0NtYTNQSkdJSTg2YjRGYUZ5cG5ZR1IzMmNHNXJTVHdsd2xzbG95OFl2YmtwTFZ5cVNNaVdFcUVCNi8rTWYzcjB1c0FuY0c5NjR5VGYvaithUGtWSzcyNndJSWxPWFNtYVlPazNTTk9ZSFlkdko2NmtVWjM5ZHEzcWdkZFZOdHROaXpNS0RvOTNiY0VKVVVTSllRN1o1UHUrUXJyU2I2Y1dWUFFCdTl4OFptSjJrY3htczVjTEI1OFJLN1FENGNudGtGdUx6NTFxSHlDa1p3YXRMVlFTRnFKL2YzTkJ3c0k3cWFIbzNmcDUzcXB6WDlUcGZNOEF0UENBdnZpVnFrU3ovc0pMYTI5Y3d1TUFOdjFhUjMzMFBoNEswcW81bEhhc0U0YzQ5azkwZHkrdFd5ZTdDYnNLZkN4Q2ZXYXJFeENvejV1ZkRuWWgrOUlxcTVpcUNFUXdlVklrWTU0ekNxeVFyTEpYR0NybHk0R0ErRi9hb28rb21laFMzZW45bjBXa0I1a250Si9YdnBtblQ0dlRrdk4yUkVDVmdlT3ZzPQ%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=1480204868&sid=20220712104003f8bf0b688e4e76b5b3 Page URL
https://lookandfind.me/s/a?t=21&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=northernhunting.com&s1=721614&s2=&s3=1480204868&s5=cf Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Fr.srvtrck.com%2Fv1%2Fredirect%3Ftype%3DlinkId%26id%3Dbeb64eb5507449f784ba643a40ef3926%26api_key%3Dd35c1f4292afde1e9fb345dc83743d87%26site_id%3Dd39d1304c4dc46fd8b97e5fd5300bb65%26dch%3Dfeed%26ad_t%3Dadvertiser%26yk_tag%3D59cb44c131f3be4ce221abcaa4965ca9&h=907463a4fbbb1e47dfefa62f7f064a9d Page URL
https://r.srvtrck.com/v1/redirect?type=linkId&id=beb64eb5507449f784ba643a40ef3926&api_key=d35c1f4292afde1e9fb345dc83743d87&site_id=d39d1304c4dc46fd8b97e5fd5300bb65&dch=feed&ad_t=advertiser&yk_tag=59cb44c131f3be4ce221abcaa4965ca9 HTTP 302
https://r.srvtrck.com/v2/go?t=5t8pc%3A6%2Fbd555n9t1c5%3Fci4176517l5%3D0652170%264i32v5s7%268w9%3D50%3D0w08033311ci8%264844d%3Dfs4%2Fc%2F8e8.7t3n2%2F0satch&s=https%3A%2F%2Flookandfind.me%2F&e=1&ai=d540580bef7241e69491c9f97c6038e2&sct=0&ct=1657586405814&cu=c5874547d4fc45c18985753b260ca8c5&ykuid=14363642d74b4c47ad5cd06d3c16c231&sc=1&cs=60d1ea28558e5a525e1666cbbd415e88 Page URL
https://ndt5.net/c/?si=14681&li=1632378&wi=255978&ws=v030400013510c5874547d4fc45c18985753b260ca8c5 HTTP 301
https://ndt5.net/redirect/global.php?dai_url_domain=www.northernhunting.com&dai_url_add=utm_source%3Ddaisycon%26utm_medium%3Daffiliate%26utm_term%3DYieldKit+GmbH%26utm_campaign%3D410yieldk%26utm_content%3Dhttps%3A%2F%2Fr.srvtrck.com%2F&dai_url= HTTP 301
https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://register-hypesquad.com/ HTTP 302
https://register-hypesquad.com/ HTTP 302
http://1redirc.com/r2.php?e=jYo5PhHQM9XYp3l7GCLmiH49fi96ckdUZzN5b2sxK0hoN1lNMjFMdCtUbFlRcUhQMGNCUHF3M2szS090R0w1WjVVbzNWR0U1dmF4V29VZnhlSjVacitpK0JrZUFlcVdxMU5MbUtsZ2tSR255UCtBaVdXU1RTSUxOOG9XUmRZYXVSVVVkdzVNRVVVa0hqL0FmbmZhSnlUUm43a2UxWURBZWNnNEZqYnNJUmRsa1BrVXFKLzU3cmx4LzNSN1RHeTRDSWQyNEdSR1Z2c3pIMll6bDFueFQwNTFDeTZZZFFHN2x4VVFWR1dZQ2VIS2RvMXJMSitwbnIyajFYK0xsRDFqZFhiVzdpeVc1N0NIZWRSM1kvRHY4cDhxcUlmT2tpWTIybE4xdm1LM2xwQk5lekcyWXN6MWJkUm9qUjFvTVhyZFBKQ0h5c3hpTnNDa1hIUklzWEJmbHVISlYwM0UzWURUbEpuRE05Rm1VWjAyUjRQMEgxMVhCcTlVWnZFVjAvb1NsSnFTd01UaHlSaGk5NkNlS21ZWjlhaTVnYWxNbFJYVW9VZEd3MCtEWFN4SkdwRVRxeFFMZEo3Wnp0dTR2aUlhNWI3RFIyTXp1d3ZvdU9LaGhJN0l2TDM1WG1Dc3dBekJlTHpQL1p6ZTY1TW1reGpwenBlMHhYVTdYVVJNeDZ0NXVEaHRzanZzMWRpNDRlQklIT3VzM0YxTjBVa2QrdkRLQVpkSFFMV1BuQyttSzJJRXJZYWVFMDAzS29Db3dRN1F0ZVppaVlmR096YlhYWmlqeUM4U2NYaVRsbkJkTWlKN1pDaEFtc1ZSdXdFSXhCMGVnZHFKWFNGendzejhHUWpQbHlobm1ZK0xHMTF1THVETnYvcHRtRFpaSktKa1M0NUU4aXpvOXZLUG5IaUhjK1Rmbm54L0VZam10c0VqSmZqZ0oyVTRLcnNhelZEb2g3SFFEbmZpT0Vaek5yTCt5aC80dUdoaXAxSGJOWE9nVmNjc1BSa3lNQ1Z4cVAyZ2NvR1pabkIzUFlxZmZGNTRVeUtZWHRIZmFLViszeC8yVWhDdWJZNWh6Y2E4MGc9PQ%3D%3D

Request Chain 4

http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1480204868%26sid%3D20220712104003f8bf0b688e4e76b5b3&s=j&enc=vBZ6gZOr2yAcrWqh2UAiiH49fldsdjN6RWJXOXVsWDJ4WHl2ZlBFSXQ1NmpQRUNOb0R5RytPenk2alRVdi9SajVNWWFubHNIQnpIMWNWWHhtYjNKb2ZNb05OL1BIVForUzlOSXlQUHl4TzdRUE9uemptMXVNTU1WSDM2L2xJMTZxbms3YW1scTNjR0Z0YzBGVmxzVFV5Zy9WUDBCZ0pjenk1UUdVRnN1aWNDVjdjb1ZNeEIxVDd3ajR0QXhoWkdFRlJ0Qm56VnVNa0dqL3dlbWwwT010TmlZdGNzRHRjQmUrRW4xQTJpamZ1MytVLy9GYktqVU1RQWVLVzV1TU15ZnV4dmtnNWQ2WjZ0UGxzSVVRaUNKSEhOdEppNWVjN1R4WkV0dklBQWh6bmJZZU5STFdOMTQ1NE9QdVIwNzN0KzBhY0pYMmhwS1Z2Q1M1dlNZMW03SDJzMmZDOHRLK2hDY0t4QXdueEhNTjAxRk9hTFFwWEFuQ3BNYzk2VHZVdnNhOGsxZkZ0UjFHMmF6V2tjc0ROZ2g0dnZBbm50a0pTZ1QwT1dQckpSWkRrUVFrYVFad0xMV2Z6cisrcW1BaVJPMnhGUTBwaDg2OEFkQUIyc1B3L2lBaGFmb0ZVOVRGV2J6R0NtYTNQSkdJSTg2YjRGYUZ5cG5ZR1IzMmNHNXJTVHdsd2xzbG95OFl2YmtwTFZ5cVNNaVdFcUVCNi8rTWYzcjB1c0FuY0c5NjR5VGYvaithUGtWSzcyNndJSWxPWFNtYVlPazNTTk9ZSFlkdko2NmtVWjM5ZHEzcWdkZFZOdHROaXpNS0RvOTNiY0VKVVVTSllRN1o1UHUrUXJyU2I2Y1dWUFFCdTl4OFptSjJrY3htczVjTEI1OFJLN1FENGNudGtGdUx6NTFxSHlDa1p3YXRMVlFTRnFKL2YzTkJ3c0k3cWFIbzNmcDUzcXB6WDlUcGZNOEF0UENBdnZpVnFrU3ovc0pMYTI5Y3d1TUFOdjFhUjMzMFBoNEswcW81bEhhc0U0YzQ5azkwZHkrdFd5ZTdDYnNLZkN4Q2ZXYXJFeENvejV1ZkRuWWgrOUlxcTVpcUNFUXdlVklrWTU0ekNxeVFyTEpYR0NybHk0R0ErRi9hb28rb21laFMzZW45bjBXa0I1a250Si9YdnBtblQ0dlRrdk4yUkVDVmdlT3ZzPQ%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=1480204868&sid=20220712104003f8bf0b688e4e76b5b3

Request Chain 7

https://r.srvtrck.com/v1/redirect?type=linkId&id=beb64eb5507449f784ba643a40ef3926&api_key=d35c1f4292afde1e9fb345dc83743d87&site_id=d39d1304c4dc46fd8b97e5fd5300bb65&dch=feed&ad_t=advertiser&yk_tag=59cb44c131f3be4ce221abcaa4965ca9 HTTP 302
https://r.srvtrck.com/v2/go?t=5t8pc%3A6%2Fbd555n9t1c5%3Fci4176517l5%3D0652170%264i32v5s7%268w9%3D50%3D0w08033311ci8%264844d%3Dfs4%2Fc%2F8e8.7t3n2%2F0satch&s=https%3A%2F%2Flookandfind.me%2F&e=1&ai=d540580bef7241e69491c9f97c6038e2&sct=0&ct=1657586405814&cu=c5874547d4fc45c18985753b260ca8c5&ykuid=14363642d74b4c47ad5cd06d3c16c231&sc=1&cs=60d1ea28558e5a525e1666cbbd415e88

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

r2.php Show response
1redirc.com/
Redirect Chain

http://register-hypesquad.com/
https://register-hypesquad.com/
http://1redirc.com/r2.php?e=jYo5PhHQM9XYp3l7GCLmiH49fi96ckdUZzN5b2sxK0hoN1lNMjFMdCtUbFlRcUhQMGNCUHF3M2szS090R0w1WjVVbzNWR0U1dmF4V29VZnhlSjVacitpK0JrZUFlcVdxMU5MbUtsZ2tSR255UCtBaVdXU1RTSUxOOG9XUmRZY...

4 KB
2 KB

328ms
167ms

Document
text/html

103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/r2.php?e=jYo5PhHQM9XYp3l7GCLmiH49fi96ckdUZzN5b2sxK0hoN1lNMjFMdCtUbFlRcUhQMGNCUHF3M2szS090R0w1WjVVbzNWR0U1dmF4V29VZnhlSjVacitpK0JrZUFlcVdxMU5MbUtsZ2tSR255UCtBaVdXU1RTSUxOOG9XUmRZYXVSVVVkdzVNRVVVa0hqL0FmbmZhSnlUUm43a2UxWURBZWNnNEZqYnNJUmRsa1BrVXFKLzU3cmx4LzNSN1RHeTRDSWQyNEdSR1Z2c3pIMll6bDFueFQwNTFDeTZZZFFHN2x4VVFWR1dZQ2VIS2RvMXJMSitwbnIyajFYK0xsRDFqZFhiVzdpeVc1N0NIZWRSM1kvRHY4cDhxcUlmT2tpWTIybE4xdm1LM2xwQk5lekcyWXN6MWJkUm9qUjFvTVhyZFBKQ0h5c3hpTnNDa1hIUklzWEJmbHVISlYwM0UzWURUbEpuRE05Rm1VWjAyUjRQMEgxMVhCcTlVWnZFVjAvb1NsSnFTd01UaHlSaGk5NkNlS21ZWjlhaTVnYWxNbFJYVW9VZEd3MCtEWFN4SkdwRVRxeFFMZEo3Wnp0dTR2aUlhNWI3RFIyTXp1d3ZvdU9LaGhJN0l2TDM1WG1Dc3dBekJlTHpQL1p6ZTY1TW1reGpwenBlMHhYVTdYVVJNeDZ0NXVEaHRzanZzMWRpNDRlQklIT3VzM0YxTjBVa2QrdkRLQVpkSFFMV1BuQyttSzJJRXJZYWVFMDAzS29Db3dRN1F0ZVppaVlmR096YlhYWmlqeUM4U2NYaVRsbkJkTWlKN1pDaEFtc1ZSdXdFSXhCMGVnZHFKWFNGendzejhHUWpQbHlobm1ZK0xHMTF1THVETnYvcHRtRFpaSktKa1M0NUU4aXpvOXZLUG5IaUhjK1Rmbm54L0VZam10c0VqSmZqZ0oyVTRLcnNhelZEb2g3SFFEbmZpT0Vaek5yTCt5aC80dUdoaXAxSGJOWE9nVmNjc1BSa3lNQ1Z4cVAyZ2NvR1pabkIzUFlxZmZGNTRVeUtZWHRIZmFLViszeC8yVWhDdWJZNWh6Y2E4MGc9PQ%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 5560dc927bc7a9cf62c9a3c2d796f1f838182a8d950d76fe3b0ac90f256c5569

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Length: 2059
Content-Type: text/html; charset=UTF-8
Date: Tue, 12 Jul 2022 00:40:04 GMT
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 12 Jul 2022 00:40:03 GMT
Location: http://1redirc.com/r2.php?e=jYo5PhHQM9XYp3l7GCLmiH49fi96ckdUZzN5b2sxK0hoN1lNMjFMdCtUbFlRcUhQMGNCUHF3M2szS090R0w1WjVVbzNWR0U1dmF4V29VZnhlSjVacitpK0JrZUFlcVdxMU5MbUtsZ2tSR255UCtBaVdXU1RTSUxOOG9XUmRZYXVSVVVkdzVNRVVVa0hqL0FmbmZhSnlUUm43a2UxWURBZWNnNEZqYnNJUmRsa1BrVXFKLzU3cmx4LzNSN1RHeTRDSWQyNEdSR1Z2c3pIMll6bDFueFQwNTFDeTZZZFFHN2x4VVFWR1dZQ2VIS2RvMXJMSitwbnIyajFYK0xsRDFqZFhiVzdpeVc1N0NIZWRSM1kvRHY4cDhxcUlmT2tpWTIybE4xdm1LM2xwQk5lekcyWXN6MWJkUm9qUjFvTVhyZFBKQ0h5c3hpTnNDa1hIUklzWEJmbHVISlYwM0UzWURUbEpuRE05Rm1VWjAyUjRQMEgxMVhCcTlVWnZFVjAvb1NsSnFTd01UaHlSaGk5NkNlS21ZWjlhaTVnYWxNbFJYVW9VZEd3MCtEWFN4SkdwRVRxeFFMZEo3Wnp0dTR2aUlhNWI3RFIyTXp1d3ZvdU9LaGhJN0l2TDM1WG1Dc3dBekJlTHpQL1p6ZTY1TW1reGpwenBlMHhYVTdYVVJNeDZ0NXVEaHRzanZzMWRpNDRlQklIT3VzM0YxTjBVa2QrdkRLQVpkSFFMV1BuQyttSzJJRXJZYWVFMDAzS29Db3dRN1F0ZVppaVlmR096YlhYWmlqeUM4U2NYaVRsbkJkTWlKN1pDaEFtc1ZSdXdFSXhCMGVnZHFKWFNGendzejhHUWpQbHlobm1ZK0xHMTF1THVETnYvcHRtRFpaSktKa1M0NUU4aXpvOXZLUG5IaUhjK1Rmbm54L0VZam10c0VqSmZqZ0oyVTRLcnNhelZEb2g3SFFEbmZpT0Vaek5yTCt5aC80dUdoaXAxSGJOWE9nVmNjc1BSa3lNQ1Z4cVAyZ2NvR1pabkIzUFlxZmZGNTRVeUtZWHRIZmFLViszeC8yVWhDdWJZNWh6Y2E4MGc9PQ%3D%3D
Server: Apache/2.4.38 (Debian)

GET
H/1.1 200
OK jscheck.js Show response
1redirc.com/javascript/ 899 B
718 B 309ms
155ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/javascript/jscheck.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=jYo5PhHQM9XYp3l7GCLmiH49fi96ckdUZzN5b2sxK0hoN1lNMjFMdCtUbFlRcUhQMGNCUHF3M2szS090R0w1WjVVbzNWR0U1dmF4V29VZnhlSjVacitpK0JrZUFlcVdxMU5MbUtsZ2tSR255UCtBaVdXU1RTSUxOOG9XUmRZYXVSVVVkdzVNRVVVa0hqL0FmbmZhSnlUUm43a2UxWURBZWNnNEZqYnNJUmRsa1BrVXFKLzU3cmx4LzNSN1RHeTRDSWQyNEdSR1Z2c3pIMll6bDFueFQwNTFDeTZZZFFHN2x4VVFWR1dZQ2VIS2RvMXJMSitwbnIyajFYK0xsRDFqZFhiVzdpeVc1N0NIZWRSM1kvRHY4cDhxcUlmT2tpWTIybE4xdm1LM2xwQk5lekcyWXN6MWJkUm9qUjFvTVhyZFBKQ0h5c3hpTnNDa1hIUklzWEJmbHVISlYwM0UzWURUbEpuRE05Rm1VWjAyUjRQMEgxMVhCcTlVWnZFVjAvb1NsSnFTd01UaHlSaGk5NkNlS21ZWjlhaTVnYWxNbFJYVW9VZEd3MCtEWFN4SkdwRVRxeFFMZEo3Wnp0dTR2aUlhNWI3RFIyTXp1d3ZvdU9LaGhJN0l2TDM1WG1Dc3dBekJlTHpQL1p6ZTY1TW1reGpwenBlMHhYVTdYVVJNeDZ0NXVEaHRzanZzMWRpNDRlQklIT3VzM0YxTjBVa2QrdkRLQVpkSFFMV1BuQyttSzJJRXJZYWVFMDAzS29Db3dRN1F0ZVppaVlmR096YlhYWmlqeUM4U2NYaVRsbkJkTWlKN1pDaEFtc1ZSdXdFSXhCMGVnZHFKWFNGendzejhHUWpQbHlobm1ZK0xHMTF1THVETnYvcHRtRFpaSktKa1M0NUU4aXpvOXZLUG5IaUhjK1Rmbm54L0VZam10c0VqSmZqZ0oyVTRLcnNhelZEb2g3SFFEbmZpT0Vaek5yTCt5aC80dUdoaXAxSGJOWE9nVmNjc1BSa3lNQ1Z4cVAyZ2NvR1pabkIzUFlxZmZGNTRVeUtZWHRIZmFLViszeC8yVWhDdWJZNWh6Y2E4MGc9PQ%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=jYo5PhHQM9XYp3l7GCLmiH49fi96ckdUZzN5b2sxK0hoN1lNMjFMdCtUbFlRcUhQMGNCUHF3M2szS090R0w1WjVVbzNWR0U1dmF4V29VZnhlSjVacitpK0JrZUFlcVdxMU5MbUtsZ2tSR255UCtBaVdXU1RTSUxOOG9XUmRZYXVSVVVkdzVNRVVVa0hqL0FmbmZhSnlUUm43a2UxWURBZWNnNEZqYnNJUmRsa1BrVXFKLzU3cmx4LzNSN1RHeTRDSWQyNEdSR1Z2c3pIMll6bDFueFQwNTFDeTZZZFFHN2x4VVFWR1dZQ2VIS2RvMXJMSitwbnIyajFYK0xsRDFqZFhiVzdpeVc1N0NIZWRSM1kvRHY4cDhxcUlmT2tpWTIybE4xdm1LM2xwQk5lekcyWXN6MWJkUm9qUjFvTVhyZFBKQ0h5c3hpTnNDa1hIUklzWEJmbHVISlYwM0UzWURUbEpuRE05Rm1VWjAyUjRQMEgxMVhCcTlVWnZFVjAvb1NsSnFTd01UaHlSaGk5NkNlS21ZWjlhaTVnYWxNbFJYVW9VZEd3MCtEWFN4SkdwRVRxeFFMZEo3Wnp0dTR2aUlhNWI3RFIyTXp1d3ZvdU9LaGhJN0l2TDM1WG1Dc3dBekJlTHpQL1p6ZTY1TW1reGpwenBlMHhYVTdYVVJNeDZ0NXVEaHRzanZzMWRpNDRlQklIT3VzM0YxTjBVa2QrdkRLQVpkSFFMV1BuQyttSzJJRXJZYWVFMDAzS29Db3dRN1F0ZVppaVlmR096YlhYWmlqeUM4U2NYaVRsbkJkTWlKN1pDaEFtc1ZSdXdFSXhCMGVnZHFKWFNGendzejhHUWpQbHlobm1ZK0xHMTF1THVETnYvcHRtRFpaSktKa1M0NUU4aXpvOXZLUG5IaUhjK1Rmbm54L0VZam10c0VqSmZqZ0oyVTRLcnNhelZEb2g3SFFEbmZpT0Vaek5yTCt5aC80dUdoaXAxSGJOWE9nVmNjc1BSa3lNQ1Z4cVAyZ2NvR1pabkIzUFlxZmZGNTRVeUtZWHRIZmFLViszeC8yVWhDdWJZNWh6Y2E4MGc9PQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 12 Jul 2022 00:40:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Jan 2022 12:05:23 GMT
Server: Apache/2.4.38 (Debian)
ETag: "383-5d53926b806c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 405

GET
H/1.1 200
OK swfobject.js Show response
1redirc.com/javascript/ 10 KB
4 KB 310ms
156ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/javascript/swfobject.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=jYo5PhHQM9XYp3l7GCLmiH49fi96ckdUZzN5b2sxK0hoN1lNMjFMdCtUbFlRcUhQMGNCUHF3M2szS090R0w1WjVVbzNWR0U1dmF4V29VZnhlSjVacitpK0JrZUFlcVdxMU5MbUtsZ2tSR255UCtBaVdXU1RTSUxOOG9XUmRZYXVSVVVkdzVNRVVVa0hqL0FmbmZhSnlUUm43a2UxWURBZWNnNEZqYnNJUmRsa1BrVXFKLzU3cmx4LzNSN1RHeTRDSWQyNEdSR1Z2c3pIMll6bDFueFQwNTFDeTZZZFFHN2x4VVFWR1dZQ2VIS2RvMXJMSitwbnIyajFYK0xsRDFqZFhiVzdpeVc1N0NIZWRSM1kvRHY4cDhxcUlmT2tpWTIybE4xdm1LM2xwQk5lekcyWXN6MWJkUm9qUjFvTVhyZFBKQ0h5c3hpTnNDa1hIUklzWEJmbHVISlYwM0UzWURUbEpuRE05Rm1VWjAyUjRQMEgxMVhCcTlVWnZFVjAvb1NsSnFTd01UaHlSaGk5NkNlS21ZWjlhaTVnYWxNbFJYVW9VZEd3MCtEWFN4SkdwRVRxeFFMZEo3Wnp0dTR2aUlhNWI3RFIyTXp1d3ZvdU9LaGhJN0l2TDM1WG1Dc3dBekJlTHpQL1p6ZTY1TW1reGpwenBlMHhYVTdYVVJNeDZ0NXVEaHRzanZzMWRpNDRlQklIT3VzM0YxTjBVa2QrdkRLQVpkSFFMV1BuQyttSzJJRXJZYWVFMDAzS29Db3dRN1F0ZVppaVlmR096YlhYWmlqeUM4U2NYaVRsbkJkTWlKN1pDaEFtc1ZSdXdFSXhCMGVnZHFKWFNGendzejhHUWpQbHlobm1ZK0xHMTF1THVETnYvcHRtRFpaSktKa1M0NUU4aXpvOXZLUG5IaUhjK1Rmbm54L0VZam10c0VqSmZqZ0oyVTRLcnNhelZEb2g3SFFEbmZpT0Vaek5yTCt5aC80dUdoaXAxSGJOWE9nVmNjc1BSa3lNQ1Z4cVAyZ2NvR1pabkIzUFlxZmZGNTRVeUtZWHRIZmFLViszeC8yVWhDdWJZNWh6Y2E4MGc9PQ%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=jYo5PhHQM9XYp3l7GCLmiH49fi96ckdUZzN5b2sxK0hoN1lNMjFMdCtUbFlRcUhQMGNCUHF3M2szS090R0w1WjVVbzNWR0U1dmF4V29VZnhlSjVacitpK0JrZUFlcVdxMU5MbUtsZ2tSR255UCtBaVdXU1RTSUxOOG9XUmRZYXVSVVVkdzVNRVVVa0hqL0FmbmZhSnlUUm43a2UxWURBZWNnNEZqYnNJUmRsa1BrVXFKLzU3cmx4LzNSN1RHeTRDSWQyNEdSR1Z2c3pIMll6bDFueFQwNTFDeTZZZFFHN2x4VVFWR1dZQ2VIS2RvMXJMSitwbnIyajFYK0xsRDFqZFhiVzdpeVc1N0NIZWRSM1kvRHY4cDhxcUlmT2tpWTIybE4xdm1LM2xwQk5lekcyWXN6MWJkUm9qUjFvTVhyZFBKQ0h5c3hpTnNDa1hIUklzWEJmbHVISlYwM0UzWURUbEpuRE05Rm1VWjAyUjRQMEgxMVhCcTlVWnZFVjAvb1NsSnFTd01UaHlSaGk5NkNlS21ZWjlhaTVnYWxNbFJYVW9VZEd3MCtEWFN4SkdwRVRxeFFMZEo3Wnp0dTR2aUlhNWI3RFIyTXp1d3ZvdU9LaGhJN0l2TDM1WG1Dc3dBekJlTHpQL1p6ZTY1TW1reGpwenBlMHhYVTdYVVJNeDZ0NXVEaHRzanZzMWRpNDRlQklIT3VzM0YxTjBVa2QrdkRLQVpkSFFMV1BuQyttSzJJRXJZYWVFMDAzS29Db3dRN1F0ZVppaVlmR096YlhYWmlqeUM4U2NYaVRsbkJkTWlKN1pDaEFtc1ZSdXdFSXhCMGVnZHFKWFNGendzejhHUWpQbHlobm1ZK0xHMTF1THVETnYvcHRtRFpaSktKa1M0NUU4aXpvOXZLUG5IaUhjK1Rmbm54L0VZam10c0VqSmZqZ0oyVTRLcnNhelZEb2g3SFFEbmZpT0Vaek5yTCt5aC80dUdoaXAxSGJOWE9nVmNjc1BSa3lNQ1Z4cVAyZ2NvR1pabkIzUFlxZmZGNTRVeUtZWHRIZmFLViszeC8yVWhDdWJZNWh6Y2E4MGc9PQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 12 Jul 2022 00:40:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Jan 2022 12:05:23 GMT
Server: Apache/2.4.38 (Debian)
ETag: "27ef-5d53926b806c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 3949

GET
H/1.1 200
OK jscheck.php
1redirc.com/ 0
166 B 319ms
166ms XHR
text/html 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/jscheck.php?enc=vBZ6gZOr2yAcrWqh2UAiiH49fldsdjN6RWJXOXVsWDJ4WHl2ZlBFSXQ1NmpQRUNOb0R5RytPenk2alRVdi9SajVNWWFubHNIQnpIMWNWWHhtYjNKb2ZNb05OL1BIVForUzlOSXlQUHl4TzdRUE9uemptMXVNTU1WSDM2L2xJMTZxbms3YW1scTNjR0Z0YzBGVmxzVFV5Zy9WUDBCZ0pjenk1UUdVRnN1aWNDVjdjb1ZNeEIxVDd3ajR0QXhoWkdFRlJ0Qm56VnVNa0dqL3dlbWwwT010TmlZdGNzRHRjQmUrRW4xQTJpamZ1MytVLy9GYktqVU1RQWVLVzV1TU15ZnV4dmtnNWQ2WjZ0UGxzSVVRaUNKSEhOdEppNWVjN1R4WkV0dklBQWh6bmJZZU5STFdOMTQ1NE9QdVIwNzN0KzBhY0pYMmhwS1Z2Q1M1dlNZMW03SDJzMmZDOHRLK2hDY0t4QXdueEhNTjAxRk9hTFFwWEFuQ3BNYzk2VHZVdnNhOGsxZkZ0UjFHMmF6V2tjc0ROZ2g0dnZBbm50a0pTZ1QwT1dQckpSWkRrUVFrYVFad0xMV2Z6cisrcW1BaVJPMnhGUTBwaDg2OEFkQUIyc1B3L2lBaGFmb0ZVOVRGV2J6R0NtYTNQSkdJSTg2YjRGYUZ5cG5ZR1IzMmNHNXJTVHdsd2xzbG95OFl2YmtwTFZ5cVNNaVdFcUVCNi8rTWYzcjB1c0FuY0c5NjR5VGYvaithUGtWSzcyNndJSWxPWFNtYVlPazNTTk9ZSFlkdko2NmtVWjM5ZHEzcWdkZFZOdHROaXpNS0RvOTNiY0VKVVVTSllRN1o1UHUrUXJyU2I2Y1dWUFFCdTl4OFptSjJrY3htczVjTEI1OFJLN1FENGNudGtGdUx6NTFxSHlDa1p3YXRMVlFTRnFKL2YzTkJ3c0k3cWFIbzNmcDUzcXB6WDlUcGZNOEF0UENBdnZpVnFrU3ovc0pMYTI5Y3d1TUFOdjFhUjMzMFBoNEswcW81bEhhc0U0YzQ5azkwZHkrdFd5ZTdDYnNLZkN4Q2ZXYXJFeENvejV1ZkRuWWgrOUlxcTVpcUNFUXdlVklrWTU0ekNxeVFyTEpYR0NybHk0R0ErRi9hb28rb21laFMzZW45bjBXa0I1a250Si9YdnBtblQ0dlRrdk4yUkVDVmdlT3ZzPQ%3D%3D&rand=0.9824794668091557
Requested by: Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=jYo5PhHQM9XYp3l7GCLmiH49fi96ckdUZzN5b2sxK0hoN1lNMjFMdCtUbFlRcUhQMGNCUHF3M2szS090R0w1WjVVbzNWR0U1dmF4V29VZnhlSjVacitpK0JrZUFlcVdxMU5MbUtsZ2tSR255UCtBaVdXU1RTSUxOOG9XUmRZYXVSVVVkdzVNRVVVa0hqL0FmbmZhSnlUUm43a2UxWURBZWNnNEZqYnNJUmRsa1BrVXFKLzU3cmx4LzNSN1RHeTRDSWQyNEdSR1Z2c3pIMll6bDFueFQwNTFDeTZZZFFHN2x4VVFWR1dZQ2VIS2RvMXJMSitwbnIyajFYK0xsRDFqZFhiVzdpeVc1N0NIZWRSM1kvRHY4cDhxcUlmT2tpWTIybE4xdm1LM2xwQk5lekcyWXN6MWJkUm9qUjFvTVhyZFBKQ0h5c3hpTnNDa1hIUklzWEJmbHVISlYwM0UzWURUbEpuRE05Rm1VWjAyUjRQMEgxMVhCcTlVWnZFVjAvb1NsSnFTd01UaHlSaGk5NkNlS21ZWjlhaTVnYWxNbFJYVW9VZEd3MCtEWFN4SkdwRVRxeFFMZEo3Wnp0dTR2aUlhNWI3RFIyTXp1d3ZvdU9LaGhJN0l2TDM1WG1Dc3dBekJlTHpQL1p6ZTY1TW1reGpwenBlMHhYVTdYVVJNeDZ0NXVEaHRzanZzMWRpNDRlQklIT3VzM0YxTjBVa2QrdkRLQVpkSFFMV1BuQyttSzJJRXJZYWVFMDAzS29Db3dRN1F0ZVppaVlmR096YlhYWmlqeUM4U2NYaVRsbkJkTWlKN1pDaEFtc1ZSdXdFSXhCMGVnZHFKWFNGendzejhHUWpQbHlobm1ZK0xHMTF1THVETnYvcHRtRFpaSktKa1M0NUU4aXpvOXZLUG5IaUhjK1Rmbm54L0VZam10c0VqSmZqZ0oyVTRLcnNhelZEb2g3SFFEbmZpT0Vaek5yTCt5aC80dUdoaXAxSGJOWE9nVmNjc1BSa3lNQ1Z4cVAyZ2NvR1pabkIzUFlxZmZGNTRVeUtZWHRIZmFLViszeC8yVWhDdWJZNWh6Y2E4MGc9PQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 12 Jul 2022 00:40:04 GMT
Server: Apache/2.4.38 (Debian)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

r6
clever-redirect.com/s/
Redirect Chain

http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1480204868%26sid%3D20220712104003f8bf0b688e4e76b5b3&s=j&enc=vBZ6gZOr2yAcrWqh2UAiiH49fldsdjN6RWJXOXVsWDJ4WHl...
https://clever-redirect.com/s/r6?s=721614&s3=1480204868&sid=20220712104003f8bf0b688e4e76b5b3

331 B
679 B

54ms
16ms

Document
text/html

78.46.197.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clever-redirect.com/s/r6?s=721614&s3=1480204868&sid=20220712104003f8bf0b688e4e76b5b3
Requested by: Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.197.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.197.46.78.clients.your-server.de
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 / PHP/7.4.27
Resource Hash

Request headers

Referer: http://1redirc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 331
content-type: text/html; charset=UTF-8
date: Tue, 12 Jul 2022 00:40:05 GMT
referrer-policy: no-referrer
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
x-powered-by: PHP/7.4.27

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 12 Jul 2022 00:40:05 GMT
Location: https://clever-redirect.com/s/r6?s=721614&s3=1480204868&sid=20220712104003f8bf0b688e4e76b5b3
Server: Apache/2.4.38 (Debian)

GET
H2 200 a
lookandfind.me/s/ 517 B
684 B 193ms
162ms Document
text/html 157.90.169.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lookandfind.me/s/a?t=21&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=northernhunting.com&s1=721614&s2=&s3=1480204868&s5=cf
Requested by: Host: clever-redirect.com
URL: https://clever-redirect.com/s/r6?s=721614&s3=1480204868&sid=20220712104003f8bf0b688e4e76b5b3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.169.90.157.clients.your-server.de
Software: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 517
content-type: text/html; charset=UTF-8
date: Tue, 12 Jul 2022 00:40:05 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24
x-powered-by: PHP/7.4.24

GET
H2 200 r
lookandfind.me/s/ 433 B
463 B 17ms
17ms Document
text/html 157.90.169.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lookandfind.me/s/r?u=https%3A%2F%2Fr.srvtrck.com%2Fv1%2Fredirect%3Ftype%3DlinkId%26id%3Dbeb64eb5507449f784ba643a40ef3926%26api_key%3Dd35c1f4292afde1e9fb345dc83743d87%26site_id%3Dd39d1304c4dc46fd8b97e5fd5300bb65%26dch%3Dfeed%26ad_t%3Dadvertiser%26yk_tag%3D59cb44c131f3be4ce221abcaa4965ca9&h=907463a4fbbb1e47dfefa62f7f064a9d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.169.90.157.clients.your-server.de
Software: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash

Request headers

Referer: https://lookandfind.me/s/a?t=21&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=northernhunting.com&s1=721614&s2=&s3=1480204868&s5=cf
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 433
content-type: text/html; charset=UTF-8
date: Tue, 12 Jul 2022 00:40:05 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24
x-powered-by: PHP/7.4.24

GET
H2

200

go
r.srvtrck.com/v2/
Redirect Chain

https://r.srvtrck.com/v1/redirect?type=linkId&id=beb64eb5507449f784ba643a40ef3926&api_key=d35c1f4292afde1e9fb345dc83743d87&site_id=d39d1304c4dc46fd8b97e5fd5300bb65&dch=feed&ad_t=advertiser&yk_tag=5...
https://r.srvtrck.com/v2/go?t=5t8pc%3A6%2Fbd555n9t1c5%3Fci4176517l5%3D0652170%264i32v5s7%268w9%3D50%3D0w08033311ci8%264844d%3Dfs4%2Fc%2F8e8.7t3n2%2F0satch&s=https%3A%2F%2Flookandfind.me%2F&e=1&ai=d...

1 KB
578 B

29ms
27ms

Document
text/html

2606:4700::6813:a860
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.srvtrck.com/v2/go?t=5t8pc%3A6%2Fbd555n9t1c5%3Fci4176517l5%3D0652170%264i32v5s7%268w9%3D50%3D0w08033311ci8%264844d%3Dfs4%2Fc%2F8e8.7t3n2%2F0satch&s=https%3A%2F%2Flookandfind.me%2F&e=1&ai=d540580bef7241e69491c9f97c6038e2&sct=0&ct=1657586405814&cu=c5874547d4fc45c18985753b260ca8c5&ykuid=14363642d74b4c47ad5cd06d3c16c231&sc=1&cs=60d1ea28558e5a525e1666cbbd415e88
Requested by: Host: lookandfind.me
URL: https://lookandfind.me/s/r?u=https%3A%2F%2Fr.srvtrck.com%2Fv1%2Fredirect%3Ftype%3DlinkId%26id%3Dbeb64eb5507449f784ba643a40ef3926%26api_key%3Dd35c1f4292afde1e9fb345dc83743d87%26site_id%3Dd39d1304c4dc46fd8b97e5fd5300bb65%26dch%3Dfeed%26ad_t%3Dadvertiser%26yk_tag%3D59cb44c131f3be4ce221abcaa4965ca9&h=907463a4fbbb1e47dfefa62f7f064a9d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:a860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://lookandfind.me/s/r?u=https%3A%2F%2Fr.srvtrck.com%2Fv1%2Fredirect%3Ftype%3DlinkId%26id%3Dbeb64eb5507449f784ba643a40ef3926%26api_key%3Dd35c1f4292afde1e9fb345dc83743d87%26site_id%3Dd39d1304c4dc46fd8b97e5fd5300bb65%26dch%3Dfeed%26ad_t%3Dadvertiser%26yk_tag%3D59cb44c131f3be4ce221abcaa4965ca9&h=907463a4fbbb1e47dfefa62f7f064a9d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7295b9bc7f1c9bc8-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Tue, 12 Jul 2022 00:40:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7295b9bc0ed59bc8-FRA
content-length: 0
date: Tue, 12 Jul 2022 00:40:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: /v2/go?t=5t8pc%3A6%2Fbd555n9t1c5%3Fci4176517l5%3D0652170%264i32v5s7%268w9%3D50%3D0w08033311ci8%264844d%3Dfs4%2Fc%2F8e8.7t3n2%2F0satch&s=https%3A%2F%2Flookandfind.me%2F&e=1&ai=d540580bef7241e69491c9f97c6038e2&sct=0&ct=1657586405814&cu=c5874547d4fc45c18985753b260ca8c5&ykuid=14363642d74b4c47ad5cd06d3c16c231&sc=1&cs=60d1ea28558e5a525e1666cbbd415e88
p3p: CP="CAO PSA OUR"
server: cloudflare

GET
H2

403

Primary Request / Show response
www.northernhunting.com/
Redirect Chain

https://ndt5.net/c/?si=14681&li=1632378&wi=255978&ws=v030400013510c5874547d4fc45c18985753b260ca8c5
https://ndt5.net/redirect/global.php?dai_url_domain=www.northernhunting.com&dai_url_add=utm_source%3Ddaisycon%26utm_medium%3Daffiliate%26utm_term%3DYieldKit+GmbH%26utm_campaign%3D410yieldk%26utm_co...
https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/

6 KB
2 KB

96ms
20ms

Document
text/html

162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/

Requested by

Host: r.srvtrck.com
URL: https://r.srvtrck.com/v2/go?t=5t8pc%3A6%2Fbd555n9t1c5%3Fci4176517l5%3D0652170%264i32v5s7%268w9%3D50%3D0w08033311ci8%264844d%3Dfs4%2Fc%2F8e8.7t3n2%2F0satch&s=https%3A%2F%2Flookandfind.me%2F&e=1&ai=d540580bef7241e69491c9f97c6038e2&sct=0&ct=1657586405814&cu=c5874547d4fc45c18985753b260ca8c5&ykuid=14363642d74b4c47ad5cd06d3c16c231&sc=1&cs=60d1ea28558e5a525e1666cbbd415e88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb5611838fed7b7c126110465ce605aa2356925f9bd8e4585a12b4225d0f1ce1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://r.srvtrck.com/v2/go?t=5t8pc%3A6%2Fbd555n9t1c5%3Fci4176517l5%3D0652170%264i32v5s7%268w9%3D50%3D0w08033311ci8%264844d%3Dfs4%2Fc%2F8e8.7t3n2%2F0satch&s=https%3A%2F%2Flookandfind.me%2F&e=1&ai=d540580bef7241e69491c9f97c6038e2&sct=0&ct=1657586405814&cu=c5874547d4fc45c18985753b260ca8c5&ykuid=14363642d74b4c47ad5cd06d3c16c231&sc=1&cs=60d1ea28558e5a525e1666cbbd415e88
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7295b9bf697c5bf9-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 12 Jul 2022 00:40:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RycbYE2lcekP1NtDV%2FK1FKavWtkLCpnhBmnwk%2FFW7%2FzNoo42mLn9Fcl8qz2UGdg2JDoXiJ7AJpLQ6VuidnzAhAuaK9T4GEg0FuqRfqwH2AXFutOvyNsfH6IRrXw8dIRqMC0ZUObbSL3U"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: P3p, Cache-Control, Expires, Content-Length, Content-Type
cache-control: max-age=14400
cf-cache-status: DYNAMIC
cf-ray: 7295b9bebd9f912e-FRA
content-type: text/html; charset=UTF-8
date: Tue, 12 Jul 2022 00:40:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Tue, 12 Jul 2022 04:40:06 GMT
location: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JxYBwFTSFG2WePqKvqfzn9yZWMR%2F8U1RPPoplojCGJSatqbtf7%2BPYzmlxdDbp2h7bQRtITyhgphrsqiTiL0xiZIhEecMPi1fn81H%2FDVTxBvfSB1xZBT6mwHcZwFvKEFTmDc8Nf7D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-daisycon-cluster: ApacheContainer-1e2f7ea5d107-tracking.daisycon.com

GET
H3 200 errors.new.min.css
www.northernhunting.com/cdn-cgi/styles/ 3 KB
1 KB 36ms
18ms Stylesheet
text/css 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.northernhunting.com/cdn-cgi/styles/errors.new.min.css

Requested by

Host: www.northernhunting.com
URL: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d20deea548b05c7309d748a30af571afddeaab585f33e842cb244068f57d3b21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 00:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 06 Jul 2022 12:55:04 GMT
server: cloudflare
etag: W/"62c58628-be3"
x-frame-options: DENY
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 7295b9bfaa999202-FRA
vary: Accept-Encoding
expires: Tue, 12 Jul 2022 02:40:06 GMT

GET
H2 200 beacon.js Show response
performance.radar.cloudflare.com/ 17 KB
6 KB 380ms
332ms Script
text/javascript 2606:4700:4400::6812:24f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://performance.radar.cloudflare.com/beacon.js
Requested by: Host: www.northernhunting.com
URL: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:24f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40df7b9c1c6848a01ed6ceb1645cb98960e063b741871ef76a41589cf1e2c40e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jul 2022 00:40:06 GMT
content-encoding: gzip
referrer-policy: no-referrer
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0
cf-ray: 7295b9bfdafbbba7-FRA
access-control-allow-headers: *

GET
H3 200 external.png
www.northernhunting.com/cdn-cgi/images/ 265 B
447 B 16ms
15ms Image
image/png 162.159.135.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.northernhunting.com/cdn-cgi/images/external.png

Requested by

Host: www.northernhunting.com
URL: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f03b2b292f718119a8203689d05692e054f1059112c981c1e20dec82e9f2ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 00:40:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jul 2022 12:55:04 GMT
server: cloudflare
etag: "62c58628-109"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 7295b9bfcaa89202-FRA
vary: Accept-Encoding
content-length: 265
expires: Tue, 12 Jul 2022 02:40:06 GMT

GET
H2 200 /
exactly-huge-arachnid.edgecompute.app/ 112 B
314 B 43ms
20ms Image
image/svg+xml 2a04:4e42:1b::307
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exactly-huge-arachnid.edgecompute.app/?test=99c77b3966a6b6c91bd49fb6b0f712bc80fef174b1607e36109828d5ac0df4ce&img=1&r=59151362
Requested by: Host: www.northernhunting.com
URL: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1b::307 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 454c8cdf69f295d7914a530ddfcead74f342c9b690f8148c1fc4a3f1b3c0e871

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 00:40:06 GMT
x-test-value: 15000
referrer-policy: no-referrer
access-control-allow-methods: *
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-store
timing-allow-origin: *
access-control-allow-headers: *
content-length: 112
x-served-by: cache-hhn4030-HHN

GET
H2 200 /
serverless-benchmarks-rust.compute-pipe.com/ 112 B
426 B 71ms
32ms Image
image/svg+xml 2606:4700::6812:1f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serverless-benchmarks-rust.compute-pipe.com/?test=99c77b3966a6b6c91bd49fb6b0f712bc80fef174b1607e36109828d5ac0df4ce&img=1&r=54259209
Requested by: Host: www.northernhunting.com
URL: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 454c8cdf69f295d7914a530ddfcead74f342c9b690f8148c1fc4a3f1b3c0e871

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jul 2022 00:40:06 GMT
content-encoding: gzip
referrer-policy: no-referrer
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-store
cf-ray: 7295b9c28a9f9162-FRA
access-control-allow-headers: *
x-test-value: 15000

GET
H2 200 /
serverless-benchmarks-js.compute-pipe.com/ 112 B
179 B 35ms
27ms Image
image/svg+xml 2606:4700::6812:1f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serverless-benchmarks-js.compute-pipe.com/?test=99c77b3966a6b6c91bd49fb6b0f712bc80fef174b1607e36109828d5ac0df4ce&img=1&r=96004450
Requested by: Host: www.northernhunting.com
URL: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 454c8cdf69f295d7914a530ddfcead74f342c9b690f8148c1fc4a3f1b3c0e871

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jul 2022 00:40:06 GMT
content-encoding: gzip
referrer-policy: no-referrer
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-store
cf-ray: 7295b9c2cad59162-FRA
access-control-allow-headers: *
x-test-value: 15000

GET
H2 200 /
uniquely-peaceful-hagfish.edgecompute.app/ 112 B
147 B 30ms
7ms Image
image/svg+xml 2a04:4e42:1b::307
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uniquely-peaceful-hagfish.edgecompute.app/?test=99c77b3966a6b6c91bd49fb6b0f712bc80fef174b1607e36109828d5ac0df4ce&img=1&r=72608493
Requested by: Host: www.northernhunting.com
URL: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1b::307 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 454c8cdf69f295d7914a530ddfcead74f342c9b690f8148c1fc4a3f1b3c0e871

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 00:40:06 GMT
x-test-value: 15000
referrer-policy: no-referrer
access-control-allow-methods: *
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-store
timing-allow-origin: *
access-control-allow-headers: *
content-length: 112
x-served-by: cache-hhn4030-HHN

GET
H/1.1 200
OK r20-100KB.png
stackpath-map3.cedexis-test.com/img/ 100 KB
100 KB 58ms
17ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stackpath-map3.cedexis-test.com/img/r20-100KB.png?r=80413145
Requested by: Host: www.northernhunting.com
URL: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 12 Jul 2022 00:40:06 GMT
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
ETag: "1534887029"
X-HW: 1657586406.cds016.am5.hn,1657586406.cds214.am5.c
Content-Type: image/png
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 102400

GET
H2 200 r20-100KB.png
vdms-ssl.cedexis-test.com/img/16999/ 100 KB
100 KB 46ms
9ms Image
image/png 152.195.34.116
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vdms-ssl.cedexis-test.com/img/16999/r20-100KB.png?r=84538802
Requested by: Host: www.northernhunting.com
URL: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.34.116 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E311) /
Resource Hash: 27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 00:40:07 GMT
last-modified: Tue, 21 Aug 2018 21:30:28 GMT
server: ECAcc (frd/E311)
age: 50577
etag: "5b7c8474-19000"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Server
cache-control: max-age=2629743, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 102400

GET
H2 200 r20-100KB.png
jsdelivr.b-cdn.net/gh/jimaek/testobjects@0.0.1/ 100 KB
101 KB 79ms
26ms Image
image/png 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jsdelivr.b-cdn.net/gh/jimaek/testobjects@0.0.1/r20-100KB.png?r=19755402

Requested by

Host: www.northernhunting.com
URL: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-84-17-46-53.cdn77.com

Software

BunnyCDN-AMS-879 /

Resource Hash

27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 00:40:07 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 879
age: 347664
x-jsd-version: 0.0.1
x-cache: MISS, HIT
cdn-cachedat: 07/09/2022 18:59:42
cdn-pullzone: 251155
cross-origin-resource-policy: cross-origin
access-control-expose-headers: *
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
content-length: 102400
server: BunnyCDN-AMS-879
x-served-by: cache-fra19130-FRA, cache-cdg20769-CDG
access-control-allow-origin: *
x-jsd-version-type: version
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"19000-qSJ5YZCh9buzxBDG7FkVAgUN8E4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cdn-requestid: 556ba692928862f41461a87cc4e13da6
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 r20-100KB.png
p17003.cedexis-test.com/img/17003/ 100 KB
100 KB 56ms
15ms Image
image/png 68.142.70.14
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p17003.cedexis-test.com/img/17003/r20-100KB.png?r=90733588
Requested by: Host: www.northernhunting.com
URL: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.142.70.14 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-68-142-70-14.any.llnw.net
Software: EdgePrism/5.0.1.0 /
Resource Hash: 27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-llnw-info: na
date: Tue, 12 Jul 2022 00:40:07 GMT
server: EdgePrism/5.0.1.0
mime-version: 1.0
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2629743, public
timing-allow-origin: *
content-length: 102400
x-llid: 970aac00d94d19c20dc6b57c6ddad59b

GET
H/1.1 200
OK r20-100KB.png
cdnetworks.cedexis-test.com/img/17653/ 100 KB
100 KB 63ms
8ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnetworks.cedexis-test.com/img/17653/r20-100KB.png?r=76651527
Requested by: Host: www.northernhunting.com
URL: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 12 Jul 2022 00:40:07 GMT
Via: 1.1 kf230:14 (W), 1.1 PS-FRA-01lai110:3 (W)
Age: 63690
X-Px: ht PS-FRA-01lai110FRA
Connection: keep-alive
Content-Length: 102400
Ws-S2h-Acc-Level: 5
Last-Modified: Tue, 21 Aug 2018 21:30:28 GMT
Server: PWS/8.3.1.0.8
ETag: "5b7c8474-19000"
X-Ws-Request-Id: 62ccc2e7_PS-FRA-01lai110_44741-32812
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 /
serverless-benchmarks-rust.compute-pipe.com/ 112 B
197 B 34ms
34ms Image
image/svg+xml 2606:4700::6812:1f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serverless-benchmarks-rust.compute-pipe.com/?test=bcc6a5c1b80a776e3e00f674e09136aa8b585ed950a086405e56bdf65d02a967&img=1&r=95715307
Requested by: Host: www.northernhunting.com
URL: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 454c8cdf69f295d7914a530ddfcead74f342c9b690f8148c1fc4a3f1b3c0e871

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jul 2022 00:40:07 GMT
content-encoding: gzip
referrer-policy: no-referrer
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-store
cf-ray: 7295b9c5ace19162-FRA
access-control-allow-headers: *
x-test-value: 43

GET
H2 200 /
serverless-benchmarks-js.compute-pipe.com/ 112 B
179 B 28ms
27ms Image
image/svg+xml 2606:4700::6812:1f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serverless-benchmarks-js.compute-pipe.com/?test=bcc6a5c1b80a776e3e00f674e09136aa8b585ed950a086405e56bdf65d02a967&img=1&r=85735189
Requested by: Host: www.northernhunting.com
URL: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 454c8cdf69f295d7914a530ddfcead74f342c9b690f8148c1fc4a3f1b3c0e871

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jul 2022 00:40:07 GMT
content-encoding: gzip
referrer-policy: no-referrer
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-store
cf-ray: 7295b9c5dd249162-FRA
access-control-allow-headers: *
x-test-value: 43

GET
H2 200 /
uniquely-peaceful-hagfish.edgecompute.app/ 112 B
151 B 9ms
8ms Image
image/svg+xml 2a04:4e42:1b::307
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uniquely-peaceful-hagfish.edgecompute.app/?test=bcc6a5c1b80a776e3e00f674e09136aa8b585ed950a086405e56bdf65d02a967&img=1&r=39918129
Requested by: Host: www.northernhunting.com
URL: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1b::307 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 454c8cdf69f295d7914a530ddfcead74f342c9b690f8148c1fc4a3f1b3c0e871

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 00:40:06 GMT
x-test-value: 43
referrer-policy: no-referrer
access-control-allow-methods: *
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-store
timing-allow-origin: *
access-control-allow-headers: *
content-length: 112
x-served-by: cache-hhn4030-HHN

GET
H2 200 /
exactly-huge-arachnid.edgecompute.app/ 112 B
170 B 17ms
17ms Image
image/svg+xml 2a04:4e42:1b::307
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exactly-huge-arachnid.edgecompute.app/?test=bcc6a5c1b80a776e3e00f674e09136aa8b585ed950a086405e56bdf65d02a967&img=1&r=12865122
Requested by: Host: www.northernhunting.com
URL: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1b::307 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 454c8cdf69f295d7914a530ddfcead74f342c9b690f8148c1fc4a3f1b3c0e871

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 00:40:07 GMT
x-test-value: 43
referrer-policy: no-referrer
access-control-allow-methods: *
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-store
timing-allow-origin: *
access-control-allow-headers: *
content-length: 112
x-served-by: cache-hhn4030-HHN

GET
H/1.1 200
OK r20-100KB.png
p29.cedexis-test.com/img/ 100 KB
101 KB 47ms
8ms Image
image/png 2600:9000:2250:a200:1b:9b5:7e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p29.cedexis-test.com/img/r20-100KB.png?r=67906510
Requested by: Host: www.northernhunting.com
URL: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:a200:1b:9b5:7e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 05 Jul 2022 11:57:00 GMT
Via: 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
Age: 564188
X-Cache: Hit from cloudfront
Connection: keep-alive
Alt-Svc: h3=":443"; ma=86400
Content-Length: 102400
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Server: nginx
ETag: "5b7c8475-19000"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
X-Amz-Cf-Pop: FRA60-P2
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 7JlVldlSgzEosYJxA2AkbfqOh3FK_WHDdkIyi_z9pBzqa4qtfP0-Dg==

GET
H/1.1 200
OK r20-100KB.png
fastly.cedexis-test.com/img/20367/ 100 KB
101 KB 35ms
12ms Image
image/png 151.101.192.65
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastly.cedexis-test.com/img/20367/r20-100KB.png?r=34313463
Requested by: Host: www.northernhunting.com
URL: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.65 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 12 Jul 2022 00:40:07 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 178165
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 102400
X-Served-By: cache-dfw18630-DFW, cache-hhn4080-HHN
Last-Modified: Tue, 21 Aug 2018 21:30:29 GMT
Server: nginx
X-Timer: S1657586407.490484,VS0,VE0
ETag: "5b7c8475-19000"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
X-Cedexis-UNI: HHN|{"pop":"HHN","sip":"151.101.192.65","ip_ver":"v4","info_state":"HIT","server_name":"cache-hhn4080"}
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Cache-Hits: 4, 8563

GET
H2 200 r20-100KB.png
ptcfc.com/img/284/ 100 KB
100 KB 57ms
17ms Image
image/png 104.16.53.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ptcfc.com/img/284/r20-100KB.png?r=28835270
Requested by: Host: www.northernhunting.com
URL: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.53.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jul 2022 00:40:07 GMT
server: cloudflare
etag: "5668b8ac-19000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
cf-ray: 7295b9c72e379bb2-FRA
content-length: 102400

GET
H2 200 r20-100KB.png
cedexis-test.akamaized.net/img/ 100 KB
100 KB 50ms
7ms Image
image/png 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cedexis-test.akamaized.net/img/r20-100KB.png?r=85244045
Requested by: Host: www.northernhunting.com
URL: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 00:40:07 GMT
last-modified: Tue, 21 Aug 2018 21:30:28 GMT
server: nginx
etag: "5b7c8474-19000"
x-cache: RequestInfo=1981449457,2a02:26f0:6c00::210:ba2a,8b5b3,1657586407,31712,6
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2629743
accept-ranges: bytes
timing-allow-origin: *
content-length: 102400
expires: Thu, 11 Aug 2022 11:09:10 GMT

POST
H2 200 beacon Show response
api.radar.cloudflare.com/api/ 15 B
298 B 644ms
643ms Fetch
application/json 2606:4700:4400::6812:24f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.radar.cloudflare.com/api/beacon
Requested by: Host: performance.radar.cloudflare.com
URL: https://performance.radar.cloudflare.com/beacon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:24f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Access-Control-Allow-Origin: *
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer
accept-language: de-DE,de;q=0.9
Authorization: Bearer 1657586406-3e6070c29bdf88cec6e15e5adfe23e8549f0e115eab46efe7de2c714677d9867
content-type: application/json;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 12 Jul 2022 00:40:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cf-ray: 7295b9c86c759c0a-FRA
access-control-allow-headers: *
content-length: 15

OPTIONS
H2 200 beacon
api.radar.cloudflare.com/api/ 0
0 95ms
47ms Preflight
application/json 2606:4700:4400::6812:24f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.radar.cloudflare.com/api/beacon
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:24f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.northernhunting.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
cf-ray: 7295b9c80c369c0a-FRA
content-length: 15
content-type: application/json;charset=UTF-8
date: Tue, 12 Jul 2022 00:40:07 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
timing-allow-origin: *
vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
register-hypesquad.com/	1970-01-23 20:02:26	Name: __tad Value: 1657586402.5695577
.1redirc.com/	1970-01-20 13:12:02	Name: __dsnsid Value: 20220712104003f8bf0b688e4e76b5b3
clever-redirect.com/	1970-01-20 04:27:52	Name: e6a7d00111cdd1f29c08f5267f2e6b43 Value: b36d4e2e5ccff4413f37542ed7f58074c4da500c607ee642a4711e65608b00dba%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22e6a7d00111cdd1f29c08f5267f2e6b43%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
.srvtrck.com/	1970-01-20 13:12:02	Name: ykuid Value: 14363642d74b4c47ad5cd06d3c16c231
.ndt5.net/	1970-01-20 13:13:28	Name: dci Value: oKsb0y1HUymMoGj
.ndt5.net/	1970-01-20 13:13:28	Name: pdc Value: oKsb0y1HUymMoGj
.ndt5.net/	1970-01-20 13:13:28	Name: PHPSESSID Value: 789ccbf72e4e32a834f408adccf5cd77cf02002a9f055a
.ndt5.net/	1970-01-20 13:13:28	Name: ci_14681 Value: ZF4xNjU3NTg2NDA2LGRjaV5vS3NiMHkxSFV5bU1vR2o%3D
.radar.cloudflare.com/	1970-01-20 04:26:28	Name: __cf_bm Value: Nk6VbCZjSA64MGW.ekGF9WmrxklW06zpjBgMcCbuOE0-1657586406-0-Aa9oos1asBGeKQNqaFRmlQOJwtiHiybfUGSQVh2xvNlGUnwEGareKDk3Ue4E+yfjtSfsssy5TdTT648aZaK3zDc=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.northernhunting.com/?utm_source=daisycon&utm_medium=affiliate&utm_term=YieldKit%20GmbH&utm_campaign=410yieldk&utm_content=https://r.srvtrck.com/ Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1redirc.com
api.radar.cloudflare.com
cdnetworks.cedexis-test.com
cedexis-test.akamaized.net
clever-redirect.com
exactly-huge-arachnid.edgecompute.app
fastly.cedexis-test.com
jsdelivr.b-cdn.net
lookandfind.me
ndt5.net
p17003.cedexis-test.com
p29.cedexis-test.com
performance.radar.cloudflare.com
ptcfc.com
r.srvtrck.com
register-hypesquad.com
serverless-benchmarks-js.compute-pipe.com
serverless-benchmarks-rust.compute-pipe.com
stackpath-map3.cedexis-test.com
uniquely-peaceful-hagfish.edgecompute.app
vdms-ssl.cedexis-test.com
www.northernhunting.com
103.224.182.206
103.224.212.220
104.16.53.99
151.101.192.65
151.139.128.10
152.195.34.116
157.90.169.168
162.159.135.42
163.171.128.148
2600:9000:2250:a200:1b:9b5:7e00:93a1
2606:4700:20::6819:9455
2606:4700:4400::6812:24f6
2606:4700::6812:1f8
2606:4700::6813:a860
2a02:26f0:6c00::210:ba2a
2a04:4e42:1b::307
68.142.70.14
78.46.197.88
84.17.46.53
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
40df7b9c1c6848a01ed6ceb1645cb98960e063b741871ef76a41589cf1e2c40e
454c8cdf69f295d7914a530ddfcead74f342c9b690f8148c1fc4a3f1b3c0e871
5560dc927bc7a9cf62c9a3c2d796f1f838182a8d950d76fe3b0ac90f256c5569
9f03b2b292f718119a8203689d05692e054f1059112c981c1e20dec82e9f2ddb
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
d20deea548b05c7309d748a30af571afddeaab585f33e842cb244068f57d3b21
fb5611838fed7b7c126110465ce605aa2356925f9bd8e4585a12b4225d0f1ce1

www.northernhunting.com Open in urlscan Pro 162.159.135.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

87 %HTTPS

37 %IPv6

14 Domains

22 Subdomains

17 IPs

5 Countries

926 kBTransfer

945 kBSize

9 Cookies

3 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.northernhunting.com Open in urlscan Pro
162.159.135.42 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

87 %
HTTPS

37 %
IPv6

14
Domains

22
Subdomains

17
IPs

5
Countries

926 kB
Transfer

945 kB
Size

9
Cookies

31 HTTP transactions
0 data transactions