urlscan.io logo urlscan.io
SecurityTrails logo

www.shareasale-analytics.com Open in urlscan Pro
104.18.67.79  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://showtume.co/
Effective URL: https://www.shareasale-analytics.com/r.cfm?b=1733948&u=2939522&m=108011&afftrack=a6f370c628e02ef186665c5b704cd2c3_de&shrsl_analytics_...
Submission: On May 26 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 7 domains to perform 9 HTTP transactions. The main IP is 104.18.67.79, located in and belongs to . The main domain is www.shareasale-analytics.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 2nd 2021. Valid for: a year.
This is the only time www.shareasale-analytics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 103.224.182.210 133618 (TRELLIAN-...)
1 5 103.224.182.206 133618 (TRELLIAN-...)
1 78.46.197.88 24940 (HETZNER-AS)
2 157.90.169.168 24940 (HETZNER-AS)
1 1 104.16.226.72 13335 (CLOUDFLAR...)
1 104.18.67.79 ()
9 5
2    103.224.182.210 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-210.above.com
showtume.co
5    103.224.182.206 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
1redirc.com
1    78.46.197.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de
clever-redirect.com
2    157.90.169.168 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de
lookandfind.me
1    104.16.226.72 (None, )

ASN13335 (CLOUDFLARENET, US)
www.shareasale.com
1    104.18.67.79 (None, )

ASN- ()
www.shareasale-analytics.com
Apex Domain
Subdomains		 Transfer
5 1redirc.com
1redirc.com — Cisco Umbrella Rank: 212450
8 KB
2 lookandfind.me
lookandfind.me — Cisco Umbrella Rank: 830515
888 B
2 showtume.co
showtume.co
2 KB
1 shareasale-analytics.com
www.shareasale-analytics.com
2 KB
1 shareasale.com
www.shareasale.com — Cisco Umbrella Rank: 62066
2 KB
1 clever-redirect.com
clever-redirect.com
676 B
0 oberhealth.com Failed
www.oberhealth.com Failed
9 7
Domain Requested by
5 1redirc.com 1 redirects 1redirc.com
2 lookandfind.me clever-redirect.com
2 showtume.co 2 redirects
1 www.shareasale-analytics.com lookandfind.me
1 www.shareasale.com 1 redirects
1 clever-redirect.com 1redirc.com
0 www.oberhealth.com Failed www.shareasale-analytics.com
9 7

This site contains no links.

Subject Issuer Validity Valid
tracker.clever-redirect.com
R3		 2022-04-07 -
2022-07-06		 3 months crt.sh
lookandfind.me
R3		 2022-05-03 -
2022-08-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-02 -
2022-07-01		 a year crt.sh

This page contains 1 frames:

Frame: https://www.oberhealth.com/?sscid=51k6_to5yx&
Frame ID: F6156CDE75A96D0072B6A0CAD92A155F
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://showtume.co/ HTTP 302
    https://showtume.co/ HTTP 302
    http://1redirc.com/r2.php?e=quwT8oaKMq4Tow3y23ct4H49flIzd1A4ZTZVaExDV1pBSzhPMk55VjUxanMrS2ZqeWZ... Page URL
  2. http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D11154... HTTP 302
    https://clever-redirect.com/s/r6?s=721614&s3=1115428394&sid=2022052704123287b1f4ccaaa5c10912 Page URL
  3. https://lookandfind.me/s/a?t=8&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=oberhealth.com&s1=721614&s2... Page URL
  4. https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.shareasale.com%2Fr.cfm%3Fb%3D1733948%26u%3D2939522%2... Page URL
  5. https://www.shareasale.com/r.cfm?b=1733948&u=2939522&m=108011&afftrack=a6f370c628e02ef186665c5b704cd2c3_de HTTP 302
    https://www.shareasale-analytics.com/r.cfm?b=1733948&u=2939522&m=108011&afftrack=a6f370c628e02ef186665c5b704cd2c3... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.cfm(?:$|\?)
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js

Page Statistics

9
Requests

44 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

5
IPs

3
Countries

11 kB
Transfer

17 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://showtume.co/ HTTP 302
    https://showtume.co/ HTTP 302
    http://1redirc.com/r2.php?e=quwT8oaKMq4Tow3y23ct4H49flIzd1A4ZTZVaExDV1pBSzhPMk55VjUxanMrS2ZqeWZvOVRkQU55WU9pRkhGb2dJeDlINHBqSUFERERhU2Q5S1g3V0RHQUJKakgwdUVwb3c4SXlxNTFLOU95eGtXZEtjSTNVWFUyQ1JzdTFhbkJtbGZuQ1JJYnBIMUhPOEUxTHZuMGk4eVBrVk4vLzBhdjdKQTRmRDloZHNEWUpsaTZFclN6V2UveTBOSlpEUThJSllsSnpYM1Znc2FTTFJ1R01EZEVoS3pxS204NFlESVhybkZPRFllbHhMdHIxRGY5WFNNNFJFSDFuMEZHQjBET3c0OUJoS09RYjg5dFAzVUhTakF0c3FhVXAwV1NTck0zcTMwQysybElDLy9KSFhOSnVWYXBKZ08xTHVTbXNiTmQxMUVXUHRJTThkYmd5cVNxdmpnWWMvWEs0cWpJaHM4OEpxUUZnYjRaajFsM3AxUU9ZRlViQS9kdzd0UWsyUkdLUVpRV0xjbTJJdFBmSEY2YTBNQXltWCtlWk5tQjQzWkxHTEU5WTJQbDB3SHZpOVMycnhpa1RkSUdmaENNclF1N0JKekRpZ1Rha1lqQ0dVSUNlOS90bXVPNlRlaUtuOGR2Q0duZWY0cWlhOHErU0I3SUNYZXY0bDluUFl1bVZWT0dFdzZiRVNBdS8wTFJ3d0tINm5ORnFJYW1ZOTlGbGdVRWZsb1BUUFE5T1ZjRjYwWW4yMkRFeE5RMU9wbW1IMmRWQXN4a1Rwa2NVU096cWEwakRDSWtMTDRCVnRUc20va0gxSnRRRng2cDhDaXVaeHBobFpnbncyZGl0TXZsaTRKb2JEb2d3QXRlQWQzRUJjUDExSjJkT1lvK09ONDRHYkxHaXdqcGYrdVB0d3ZKQ3AyaVlxQ3MzMk1tL21ldjluajMzMm0xYnZNR1EzTjBEUUROZ2RJSTJRYzlNRkpoT2c4R1R4MTUxNVhGSHBWcWRxaFU5Mjl3YXplczNRSkw0ZFJLb1ptTFVsSE4xb2plODFycWRKNQ%3D%3D Page URL
  2. http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1115428394%26sid%3D2022052704123287b1f4ccaaa5c10912&s=j&enc=qj4M7xLL7NOMiS7HG1SEOH49fmp2bHJPbDhyZDRRdU9aeHVYa0NjcUdhSlFQZzZadTRDL29ZOU5rRU5WQzNqSWJ1NVYxWWx0OERpaFZMSHdvRzFMdmVkR2RnR0xBZjRydHhTc3FqUS9LOWdubDY4UXJnZHZRT0xHTCszdkJQWGlhQlJ3RzlLUDFTOEZaYlVJK3laMHh4M28zSnl2QnFVTS9NZExKZG54NXc2TlJRQllxeEsrMTd2VTVZRlRIS2xSMkhucFVNUVp2dlhtN3pFK1FNQ1Q4VHVYTk00MGZEcHhpaXl3QlNZaDE1N0lNV0hValUydzIwbUREWE9jdnlkOTlVMVBYRnhyc21ZZGJMM0NqWjJtak5KeFRDeFlMZ1REYzk2U2s4UVF6NkczaVphdlBGSUdIdGh0RGh0VzFiczIvVmhhSm9qSGRLbzdLYUlHQTUxVFp3MVFIK2Fua09ocU1mV3hsOGxZZmFYek5lYk5sVmJjYmlCejI3REhmMGFxaE9HcUJLNmMyRmE4WDU5RThKYzdhTVhzRzZoUWVBZE1OMlhxUlB3SE95WGt6bkd1Q0UxRzVCYm43K3lQcXJQZmsyU1U4T2R0L0F2eGhvL0RNbEdZMlFiUFcyZWxFUlRUQWFJK0lMQzg1QjVhSHJyRlhiL2xyV3ZJSit0bnI1ZlBtZHJ6SUZRNlZ4MEY2YnprSnFJUk1lOFdXMno1TkRGWm9zNGJMdXJmWVA2Y01ZeW1kRTBhT1gwVG5vemFSU2U0ckRIR2tkU1FVQjhtN0NZYjBaUFNFSVZoOTE5RWk4MlZZNHFEMU93bW1iRlJ4U2pZdThvd1oyYS80MG83SjVSbFgxYXVsU3N6cUpWZjJGM2x1aWVxWElFS2o2TFRMS1VtQ2djd2JIRmpSMlFPcG1ObHNUeC83cjd2dmhhSndYOGNXVlFjT0VGWUNRNUh2NklrbnRTdWNVSHlhZDdvRWxyYmJqZWVJWmtSVVRuOCtETTZhMnBFdm9Id2pnZW1ybDc4MEpxMUcyMjhydWZuaWZCTUY2ZFJpN2doSmFPR2JUMys4MGtmV1lJVDBFUHMxb0ZsTkk4ZmxvTzRqVTY2M2ZqSzRoWTZVWVJNa3V1N1dUY3FSbkUzSVNsSnlkNFhHbGJxa2Z4UmwybUpnPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
    https://clever-redirect.com/s/r6?s=721614&s3=1115428394&sid=2022052704123287b1f4ccaaa5c10912 Page URL
  3. https://lookandfind.me/s/a?t=8&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=oberhealth.com&s1=721614&s2=&s3=1115428394&s5=woc Page URL
  4. https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.shareasale.com%2Fr.cfm%3Fb%3D1733948%26u%3D2939522%26m%3D108011%26afftrack%3Da6f370c628e02ef186665c5b704cd2c3_de&h=0e5a2ff4180e814662328b2bb97b55b4 Page URL
  5. https://www.shareasale.com/r.cfm?b=1733948&u=2939522&m=108011&afftrack=a6f370c628e02ef186665c5b704cd2c3_de HTTP 302
    https://www.shareasale-analytics.com/r.cfm?b=1733948&u=2939522&m=108011&afftrack=a6f370c628e02ef186665c5b704cd2c3_de&shrsl_analytics_sscid=51k6%5Fto5yx&shrsl_analytics_sstid=51k6%5Fto5yx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://showtume.co/ HTTP 302
  • https://showtume.co/ HTTP 302
  • http://1redirc.com/r2.php?e=quwT8oaKMq4Tow3y23ct4H49flIzd1A4ZTZVaExDV1pBSzhPMk55VjUxanMrS2ZqeWZvOVRkQU55WU9pRkhGb2dJeDlINHBqSUFERERhU2Q5S1g3V0RHQUJKakgwdUVwb3c4SXlxNTFLOU95eGtXZEtjSTNVWFUyQ1JzdTFhbkJtbGZuQ1JJYnBIMUhPOEUxTHZuMGk4eVBrVk4vLzBhdjdKQTRmRDloZHNEWUpsaTZFclN6V2UveTBOSlpEUThJSllsSnpYM1Znc2FTTFJ1R01EZEVoS3pxS204NFlESVhybkZPRFllbHhMdHIxRGY5WFNNNFJFSDFuMEZHQjBET3c0OUJoS09RYjg5dFAzVUhTakF0c3FhVXAwV1NTck0zcTMwQysybElDLy9KSFhOSnVWYXBKZ08xTHVTbXNiTmQxMUVXUHRJTThkYmd5cVNxdmpnWWMvWEs0cWpJaHM4OEpxUUZnYjRaajFsM3AxUU9ZRlViQS9kdzd0UWsyUkdLUVpRV0xjbTJJdFBmSEY2YTBNQXltWCtlWk5tQjQzWkxHTEU5WTJQbDB3SHZpOVMycnhpa1RkSUdmaENNclF1N0JKekRpZ1Rha1lqQ0dVSUNlOS90bXVPNlRlaUtuOGR2Q0duZWY0cWlhOHErU0I3SUNYZXY0bDluUFl1bVZWT0dFdzZiRVNBdS8wTFJ3d0tINm5ORnFJYW1ZOTlGbGdVRWZsb1BUUFE5T1ZjRjYwWW4yMkRFeE5RMU9wbW1IMmRWQXN4a1Rwa2NVU096cWEwakRDSWtMTDRCVnRUc20va0gxSnRRRng2cDhDaXVaeHBobFpnbncyZGl0TXZsaTRKb2JEb2d3QXRlQWQzRUJjUDExSjJkT1lvK09ONDRHYkxHaXdqcGYrdVB0d3ZKQ3AyaVlxQ3MzMk1tL21ldjluajMzMm0xYnZNR1EzTjBEUUROZ2RJSTJRYzlNRkpoT2c4R1R4MTUxNVhGSHBWcWRxaFU5Mjl3YXplczNRSkw0ZFJLb1ptTFVsSE4xb2plODFycWRKNQ%3D%3D
Request Chain 4
  • http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1115428394%26sid%3D2022052704123287b1f4ccaaa5c10912&s=j&enc=qj4M7xLL7NOMiS7HG1SEOH49fmp2bHJPbDhyZDRRdU9aeHVYa0NjcUdhSlFQZzZadTRDL29ZOU5rRU5WQzNqSWJ1NVYxWWx0OERpaFZMSHdvRzFMdmVkR2RnR0xBZjRydHhTc3FqUS9LOWdubDY4UXJnZHZRT0xHTCszdkJQWGlhQlJ3RzlLUDFTOEZaYlVJK3laMHh4M28zSnl2QnFVTS9NZExKZG54NXc2TlJRQllxeEsrMTd2VTVZRlRIS2xSMkhucFVNUVp2dlhtN3pFK1FNQ1Q4VHVYTk00MGZEcHhpaXl3QlNZaDE1N0lNV0hValUydzIwbUREWE9jdnlkOTlVMVBYRnhyc21ZZGJMM0NqWjJtak5KeFRDeFlMZ1REYzk2U2s4UVF6NkczaVphdlBGSUdIdGh0RGh0VzFiczIvVmhhSm9qSGRLbzdLYUlHQTUxVFp3MVFIK2Fua09ocU1mV3hsOGxZZmFYek5lYk5sVmJjYmlCejI3REhmMGFxaE9HcUJLNmMyRmE4WDU5RThKYzdhTVhzRzZoUWVBZE1OMlhxUlB3SE95WGt6bkd1Q0UxRzVCYm43K3lQcXJQZmsyU1U4T2R0L0F2eGhvL0RNbEdZMlFiUFcyZWxFUlRUQWFJK0lMQzg1QjVhSHJyRlhiL2xyV3ZJSit0bnI1ZlBtZHJ6SUZRNlZ4MEY2YnprSnFJUk1lOFdXMno1TkRGWm9zNGJMdXJmWVA2Y01ZeW1kRTBhT1gwVG5vemFSU2U0ckRIR2tkU1FVQjhtN0NZYjBaUFNFSVZoOTE5RWk4MlZZNHFEMU93bW1iRlJ4U2pZdThvd1oyYS80MG83SjVSbFgxYXVsU3N6cUpWZjJGM2x1aWVxWElFS2o2TFRMS1VtQ2djd2JIRmpSMlFPcG1ObHNUeC83cjd2dmhhSndYOGNXVlFjT0VGWUNRNUh2NklrbnRTdWNVSHlhZDdvRWxyYmJqZWVJWmtSVVRuOCtETTZhMnBFdm9Id2pnZW1ybDc4MEpxMUcyMjhydWZuaWZCTUY2ZFJpN2doSmFPR2JUMys4MGtmV1lJVDBFUHMxb0ZsTkk4ZmxvTzRqVTY2M2ZqSzRoWTZVWVJNa3V1N1dUY3FSbkUzSVNsSnlkNFhHbGJxa2Z4UmwybUpnPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
  • https://clever-redirect.com/s/r6?s=721614&s3=1115428394&sid=2022052704123287b1f4ccaaa5c10912

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
r2.php
1redirc.com/
Redirect Chain
  • http://showtume.co/
  • https://showtume.co/
  • http://1redirc.com/r2.php?e=quwT8oaKMq4Tow3y23ct4H49flIzd1A4ZTZVaExDV1pBSzhPMk55VjUxanMrS2ZqeWZvOVRkQU55WU9pRkhGb2dJeDlINHBqSUFERERhU2Q5S1g3V0RHQUJKakgwdUVwb3c4SXlxNTFLOU95eGtXZEtjSTNVWFUyQ1JzdTFhb...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://1redirc.com/r2.php?e=quwT8oaKMq4Tow3y23ct4H49flIzd1A4ZTZVaExDV1pBSzhPMk55VjUxanMrS2ZqeWZvOVRkQU55WU9pRkhGb2dJeDlINHBqSUFERERhU2Q5S1g3V0RHQUJKakgwdUVwb3c4SXlxNTFLOU95eGtXZEtjSTNVWFUyQ1JzdTFhbkJtbGZuQ1JJYnBIMUhPOEUxTHZuMGk4eVBrVk4vLzBhdjdKQTRmRDloZHNEWUpsaTZFclN6V2UveTBOSlpEUThJSllsSnpYM1Znc2FTTFJ1R01EZEVoS3pxS204NFlESVhybkZPRFllbHhMdHIxRGY5WFNNNFJFSDFuMEZHQjBET3c0OUJoS09RYjg5dFAzVUhTakF0c3FhVXAwV1NTck0zcTMwQysybElDLy9KSFhOSnVWYXBKZ08xTHVTbXNiTmQxMUVXUHRJTThkYmd5cVNxdmpnWWMvWEs0cWpJaHM4OEpxUUZnYjRaajFsM3AxUU9ZRlViQS9kdzd0UWsyUkdLUVpRV0xjbTJJdFBmSEY2YTBNQXltWCtlWk5tQjQzWkxHTEU5WTJQbDB3SHZpOVMycnhpa1RkSUdmaENNclF1N0JKekRpZ1Rha1lqQ0dVSUNlOS90bXVPNlRlaUtuOGR2Q0duZWY0cWlhOHErU0I3SUNYZXY0bDluUFl1bVZWT0dFdzZiRVNBdS8wTFJ3d0tINm5ORnFJYW1ZOTlGbGdVRWZsb1BUUFE5T1ZjRjYwWW4yMkRFeE5RMU9wbW1IMmRWQXN4a1Rwa2NVU096cWEwakRDSWtMTDRCVnRUc20va0gxSnRRRng2cDhDaXVaeHBobFpnbncyZGl0TXZsaTRKb2JEb2d3QXRlQWQzRUJjUDExSjJkT1lvK09ONDRHYkxHaXdqcGYrdVB0d3ZKQ3AyaVlxQ3MzMk1tL21ldjluajMzMm0xYnZNR1EzTjBEUUROZ2RJSTJRYzlNRkpoT2c4R1R4MTUxNVhGSHBWcWRxaFU5Mjl3YXplczNRSkw0ZFJLb1ptTFVsSE4xb2plODFycWRKNQ%3D%3D
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
6bce6429232054714ee0e8d6e59a87ce3c22ef539f795caeda181ee8c37817eb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Length
2036
Content-Type
text/html; charset=UTF-8
Date
Thu, 26 May 2022 18:12:34 GMT
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 26 May 2022 18:12:32 GMT
Location
http://1redirc.com/r2.php?e=quwT8oaKMq4Tow3y23ct4H49flIzd1A4ZTZVaExDV1pBSzhPMk55VjUxanMrS2ZqeWZvOVRkQU55WU9pRkhGb2dJeDlINHBqSUFERERhU2Q5S1g3V0RHQUJKakgwdUVwb3c4SXlxNTFLOU95eGtXZEtjSTNVWFUyQ1JzdTFhbkJtbGZuQ1JJYnBIMUhPOEUxTHZuMGk4eVBrVk4vLzBhdjdKQTRmRDloZHNEWUpsaTZFclN6V2UveTBOSlpEUThJSllsSnpYM1Znc2FTTFJ1R01EZEVoS3pxS204NFlESVhybkZPRFllbHhMdHIxRGY5WFNNNFJFSDFuMEZHQjBET3c0OUJoS09RYjg5dFAzVUhTakF0c3FhVXAwV1NTck0zcTMwQysybElDLy9KSFhOSnVWYXBKZ08xTHVTbXNiTmQxMUVXUHRJTThkYmd5cVNxdmpnWWMvWEs0cWpJaHM4OEpxUUZnYjRaajFsM3AxUU9ZRlViQS9kdzd0UWsyUkdLUVpRV0xjbTJJdFBmSEY2YTBNQXltWCtlWk5tQjQzWkxHTEU5WTJQbDB3SHZpOVMycnhpa1RkSUdmaENNclF1N0JKekRpZ1Rha1lqQ0dVSUNlOS90bXVPNlRlaUtuOGR2Q0duZWY0cWlhOHErU0I3SUNYZXY0bDluUFl1bVZWT0dFdzZiRVNBdS8wTFJ3d0tINm5ORnFJYW1ZOTlGbGdVRWZsb1BUUFE5T1ZjRjYwWW4yMkRFeE5RMU9wbW1IMmRWQXN4a1Rwa2NVU096cWEwakRDSWtMTDRCVnRUc20va0gxSnRRRng2cDhDaXVaeHBobFpnbncyZGl0TXZsaTRKb2JEb2d3QXRlQWQzRUJjUDExSjJkT1lvK09ONDRHYkxHaXdqcGYrdVB0d3ZKQ3AyaVlxQ3MzMk1tL21ldjluajMzMm0xYnZNR1EzTjBEUUROZ2RJSTJRYzlNRkpoT2c4R1R4MTUxNVhGSHBWcWRxaFU5Mjl3YXplczNRSkw0ZFJLb1ptTFVsSE4xb2plODFycWRKNQ%3D%3D
Server
Apache/2.4.38 (Debian)
jscheck.js
1redirc.com/javascript/ 		899 B
718 B 		Script
General
Check archive.org
Download Go to
Full URL
http://1redirc.com/javascript/jscheck.js
Requested by
Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=quwT8oaKMq4Tow3y23ct4H49flIzd1A4ZTZVaExDV1pBSzhPMk55VjUxanMrS2ZqeWZvOVRkQU55WU9pRkhGb2dJeDlINHBqSUFERERhU2Q5S1g3V0RHQUJKakgwdUVwb3c4SXlxNTFLOU95eGtXZEtjSTNVWFUyQ1JzdTFhbkJtbGZuQ1JJYnBIMUhPOEUxTHZuMGk4eVBrVk4vLzBhdjdKQTRmRDloZHNEWUpsaTZFclN6V2UveTBOSlpEUThJSllsSnpYM1Znc2FTTFJ1R01EZEVoS3pxS204NFlESVhybkZPRFllbHhMdHIxRGY5WFNNNFJFSDFuMEZHQjBET3c0OUJoS09RYjg5dFAzVUhTakF0c3FhVXAwV1NTck0zcTMwQysybElDLy9KSFhOSnVWYXBKZ08xTHVTbXNiTmQxMUVXUHRJTThkYmd5cVNxdmpnWWMvWEs0cWpJaHM4OEpxUUZnYjRaajFsM3AxUU9ZRlViQS9kdzd0UWsyUkdLUVpRV0xjbTJJdFBmSEY2YTBNQXltWCtlWk5tQjQzWkxHTEU5WTJQbDB3SHZpOVMycnhpa1RkSUdmaENNclF1N0JKekRpZ1Rha1lqQ0dVSUNlOS90bXVPNlRlaUtuOGR2Q0duZWY0cWlhOHErU0I3SUNYZXY0bDluUFl1bVZWT0dFdzZiRVNBdS8wTFJ3d0tINm5ORnFJYW1ZOTlGbGdVRWZsb1BUUFE5T1ZjRjYwWW4yMkRFeE5RMU9wbW1IMmRWQXN4a1Rwa2NVU096cWEwakRDSWtMTDRCVnRUc20va0gxSnRRRng2cDhDaXVaeHBobFpnbncyZGl0TXZsaTRKb2JEb2d3QXRlQWQzRUJjUDExSjJkT1lvK09ONDRHYkxHaXdqcGYrdVB0d3ZKQ3AyaVlxQ3MzMk1tL21ldjluajMzMm0xYnZNR1EzTjBEUUROZ2RJSTJRYzlNRkpoT2c4R1R4MTUxNVhGSHBWcWRxaFU5Mjl3YXplczNRSkw0ZFJLb1ptTFVsSE4xb2plODFycWRKNQ%3D%3D
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1redirc.com/r2.php?e=quwT8oaKMq4Tow3y23ct4H49flIzd1A4ZTZVaExDV1pBSzhPMk55VjUxanMrS2ZqeWZvOVRkQU55WU9pRkhGb2dJeDlINHBqSUFERERhU2Q5S1g3V0RHQUJKakgwdUVwb3c4SXlxNTFLOU95eGtXZEtjSTNVWFUyQ1JzdTFhbkJtbGZuQ1JJYnBIMUhPOEUxTHZuMGk4eVBrVk4vLzBhdjdKQTRmRDloZHNEWUpsaTZFclN6V2UveTBOSlpEUThJSllsSnpYM1Znc2FTTFJ1R01EZEVoS3pxS204NFlESVhybkZPRFllbHhMdHIxRGY5WFNNNFJFSDFuMEZHQjBET3c0OUJoS09RYjg5dFAzVUhTakF0c3FhVXAwV1NTck0zcTMwQysybElDLy9KSFhOSnVWYXBKZ08xTHVTbXNiTmQxMUVXUHRJTThkYmd5cVNxdmpnWWMvWEs0cWpJaHM4OEpxUUZnYjRaajFsM3AxUU9ZRlViQS9kdzd0UWsyUkdLUVpRV0xjbTJJdFBmSEY2YTBNQXltWCtlWk5tQjQzWkxHTEU5WTJQbDB3SHZpOVMycnhpa1RkSUdmaENNclF1N0JKekRpZ1Rha1lqQ0dVSUNlOS90bXVPNlRlaUtuOGR2Q0duZWY0cWlhOHErU0I3SUNYZXY0bDluUFl1bVZWT0dFdzZiRVNBdS8wTFJ3d0tINm5ORnFJYW1ZOTlGbGdVRWZsb1BUUFE5T1ZjRjYwWW4yMkRFeE5RMU9wbW1IMmRWQXN4a1Rwa2NVU096cWEwakRDSWtMTDRCVnRUc20va0gxSnRRRng2cDhDaXVaeHBobFpnbncyZGl0TXZsaTRKb2JEb2d3QXRlQWQzRUJjUDExSjJkT1lvK09ONDRHYkxHaXdqcGYrdVB0d3ZKQ3AyaVlxQ3MzMk1tL21ldjluajMzMm0xYnZNR1EzTjBEUUROZ2RJSTJRYzlNRkpoT2c4R1R4MTUxNVhGSHBWcWRxaFU5Mjl3YXplczNRSkw0ZFJLb1ptTFVsSE4xb2plODFycWRKNQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 26 May 2022 18:12:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Jan 2022 12:05:23 GMT
Server
Apache/2.4.38 (Debian)
ETag
"383-5d53926b806c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
405
swfobject.js
1redirc.com/javascript/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://1redirc.com/javascript/swfobject.js
Requested by
Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=quwT8oaKMq4Tow3y23ct4H49flIzd1A4ZTZVaExDV1pBSzhPMk55VjUxanMrS2ZqeWZvOVRkQU55WU9pRkhGb2dJeDlINHBqSUFERERhU2Q5S1g3V0RHQUJKakgwdUVwb3c4SXlxNTFLOU95eGtXZEtjSTNVWFUyQ1JzdTFhbkJtbGZuQ1JJYnBIMUhPOEUxTHZuMGk4eVBrVk4vLzBhdjdKQTRmRDloZHNEWUpsaTZFclN6V2UveTBOSlpEUThJSllsSnpYM1Znc2FTTFJ1R01EZEVoS3pxS204NFlESVhybkZPRFllbHhMdHIxRGY5WFNNNFJFSDFuMEZHQjBET3c0OUJoS09RYjg5dFAzVUhTakF0c3FhVXAwV1NTck0zcTMwQysybElDLy9KSFhOSnVWYXBKZ08xTHVTbXNiTmQxMUVXUHRJTThkYmd5cVNxdmpnWWMvWEs0cWpJaHM4OEpxUUZnYjRaajFsM3AxUU9ZRlViQS9kdzd0UWsyUkdLUVpRV0xjbTJJdFBmSEY2YTBNQXltWCtlWk5tQjQzWkxHTEU5WTJQbDB3SHZpOVMycnhpa1RkSUdmaENNclF1N0JKekRpZ1Rha1lqQ0dVSUNlOS90bXVPNlRlaUtuOGR2Q0duZWY0cWlhOHErU0I3SUNYZXY0bDluUFl1bVZWT0dFdzZiRVNBdS8wTFJ3d0tINm5ORnFJYW1ZOTlGbGdVRWZsb1BUUFE5T1ZjRjYwWW4yMkRFeE5RMU9wbW1IMmRWQXN4a1Rwa2NVU096cWEwakRDSWtMTDRCVnRUc20va0gxSnRRRng2cDhDaXVaeHBobFpnbncyZGl0TXZsaTRKb2JEb2d3QXRlQWQzRUJjUDExSjJkT1lvK09ONDRHYkxHaXdqcGYrdVB0d3ZKQ3AyaVlxQ3MzMk1tL21ldjluajMzMm0xYnZNR1EzTjBEUUROZ2RJSTJRYzlNRkpoT2c4R1R4MTUxNVhGSHBWcWRxaFU5Mjl3YXplczNRSkw0ZFJLb1ptTFVsSE4xb2plODFycWRKNQ%3D%3D
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1redirc.com/r2.php?e=quwT8oaKMq4Tow3y23ct4H49flIzd1A4ZTZVaExDV1pBSzhPMk55VjUxanMrS2ZqeWZvOVRkQU55WU9pRkhGb2dJeDlINHBqSUFERERhU2Q5S1g3V0RHQUJKakgwdUVwb3c4SXlxNTFLOU95eGtXZEtjSTNVWFUyQ1JzdTFhbkJtbGZuQ1JJYnBIMUhPOEUxTHZuMGk4eVBrVk4vLzBhdjdKQTRmRDloZHNEWUpsaTZFclN6V2UveTBOSlpEUThJSllsSnpYM1Znc2FTTFJ1R01EZEVoS3pxS204NFlESVhybkZPRFllbHhMdHIxRGY5WFNNNFJFSDFuMEZHQjBET3c0OUJoS09RYjg5dFAzVUhTakF0c3FhVXAwV1NTck0zcTMwQysybElDLy9KSFhOSnVWYXBKZ08xTHVTbXNiTmQxMUVXUHRJTThkYmd5cVNxdmpnWWMvWEs0cWpJaHM4OEpxUUZnYjRaajFsM3AxUU9ZRlViQS9kdzd0UWsyUkdLUVpRV0xjbTJJdFBmSEY2YTBNQXltWCtlWk5tQjQzWkxHTEU5WTJQbDB3SHZpOVMycnhpa1RkSUdmaENNclF1N0JKekRpZ1Rha1lqQ0dVSUNlOS90bXVPNlRlaUtuOGR2Q0duZWY0cWlhOHErU0I3SUNYZXY0bDluUFl1bVZWT0dFdzZiRVNBdS8wTFJ3d0tINm5ORnFJYW1ZOTlGbGdVRWZsb1BUUFE5T1ZjRjYwWW4yMkRFeE5RMU9wbW1IMmRWQXN4a1Rwa2NVU096cWEwakRDSWtMTDRCVnRUc20va0gxSnRRRng2cDhDaXVaeHBobFpnbncyZGl0TXZsaTRKb2JEb2d3QXRlQWQzRUJjUDExSjJkT1lvK09ONDRHYkxHaXdqcGYrdVB0d3ZKQ3AyaVlxQ3MzMk1tL21ldjluajMzMm0xYnZNR1EzTjBEUUROZ2RJSTJRYzlNRkpoT2c4R1R4MTUxNVhGSHBWcWRxaFU5Mjl3YXplczNRSkw0ZFJLb1ptTFVsSE4xb2plODFycWRKNQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 26 May 2022 18:12:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Jan 2022 12:05:23 GMT
Server
Apache/2.4.38 (Debian)
ETag
"27ef-5d53926b806c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
3949
jscheck.php
1redirc.com/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://1redirc.com/jscheck.php?enc=qj4M7xLL7NOMiS7HG1SEOH49fmp2bHJPbDhyZDRRdU9aeHVYa0NjcUdhSlFQZzZadTRDL29ZOU5rRU5WQzNqSWJ1NVYxWWx0OERpaFZMSHdvRzFMdmVkR2RnR0xBZjRydHhTc3FqUS9LOWdubDY4UXJnZHZRT0xHTCszdkJQWGlhQlJ3RzlLUDFTOEZaYlVJK3laMHh4M28zSnl2QnFVTS9NZExKZG54NXc2TlJRQllxeEsrMTd2VTVZRlRIS2xSMkhucFVNUVp2dlhtN3pFK1FNQ1Q4VHVYTk00MGZEcHhpaXl3QlNZaDE1N0lNV0hValUydzIwbUREWE9jdnlkOTlVMVBYRnhyc21ZZGJMM0NqWjJtak5KeFRDeFlMZ1REYzk2U2s4UVF6NkczaVphdlBGSUdIdGh0RGh0VzFiczIvVmhhSm9qSGRLbzdLYUlHQTUxVFp3MVFIK2Fua09ocU1mV3hsOGxZZmFYek5lYk5sVmJjYmlCejI3REhmMGFxaE9HcUJLNmMyRmE4WDU5RThKYzdhTVhzRzZoUWVBZE1OMlhxUlB3SE95WGt6bkd1Q0UxRzVCYm43K3lQcXJQZmsyU1U4T2R0L0F2eGhvL0RNbEdZMlFiUFcyZWxFUlRUQWFJK0lMQzg1QjVhSHJyRlhiL2xyV3ZJSit0bnI1ZlBtZHJ6SUZRNlZ4MEY2YnprSnFJUk1lOFdXMno1TkRGWm9zNGJMdXJmWVA2Y01ZeW1kRTBhT1gwVG5vemFSU2U0ckRIR2tkU1FVQjhtN0NZYjBaUFNFSVZoOTE5RWk4MlZZNHFEMU93bW1iRlJ4U2pZdThvd1oyYS80MG83SjVSbFgxYXVsU3N6cUpWZjJGM2x1aWVxWElFS2o2TFRMS1VtQ2djd2JIRmpSMlFPcG1ObHNUeC83cjd2dmhhSndYOGNXVlFjT0VGWUNRNUh2NklrbnRTdWNVSHlhZDdvRWxyYmJqZWVJWmtSVVRuOCtETTZhMnBFdm9Id2pnZW1ybDc4MEpxMUcyMjhydWZuaWZCTUY2ZFJpN2doSmFPR2JUMys4MGtmV1lJVDBFUHMxb0ZsTkk4ZmxvTzRqVTY2M2ZqSzRoWTZVWVJNa3V1N1dUY3FSbkUzSVNsSnlkNFhHbGJxa2Z4UmwybUpnPT0%3D&rand=0.16668820062282075
Requested by
Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.38 (Debian) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1redirc.com/r2.php?e=quwT8oaKMq4Tow3y23ct4H49flIzd1A4ZTZVaExDV1pBSzhPMk55VjUxanMrS2ZqeWZvOVRkQU55WU9pRkhGb2dJeDlINHBqSUFERERhU2Q5S1g3V0RHQUJKakgwdUVwb3c4SXlxNTFLOU95eGtXZEtjSTNVWFUyQ1JzdTFhbkJtbGZuQ1JJYnBIMUhPOEUxTHZuMGk4eVBrVk4vLzBhdjdKQTRmRDloZHNEWUpsaTZFclN6V2UveTBOSlpEUThJSllsSnpYM1Znc2FTTFJ1R01EZEVoS3pxS204NFlESVhybkZPRFllbHhMdHIxRGY5WFNNNFJFSDFuMEZHQjBET3c0OUJoS09RYjg5dFAzVUhTakF0c3FhVXAwV1NTck0zcTMwQysybElDLy9KSFhOSnVWYXBKZ08xTHVTbXNiTmQxMUVXUHRJTThkYmd5cVNxdmpnWWMvWEs0cWpJaHM4OEpxUUZnYjRaajFsM3AxUU9ZRlViQS9kdzd0UWsyUkdLUVpRV0xjbTJJdFBmSEY2YTBNQXltWCtlWk5tQjQzWkxHTEU5WTJQbDB3SHZpOVMycnhpa1RkSUdmaENNclF1N0JKekRpZ1Rha1lqQ0dVSUNlOS90bXVPNlRlaUtuOGR2Q0duZWY0cWlhOHErU0I3SUNYZXY0bDluUFl1bVZWT0dFdzZiRVNBdS8wTFJ3d0tINm5ORnFJYW1ZOTlGbGdVRWZsb1BUUFE5T1ZjRjYwWW4yMkRFeE5RMU9wbW1IMmRWQXN4a1Rwa2NVU096cWEwakRDSWtMTDRCVnRUc20va0gxSnRRRng2cDhDaXVaeHBobFpnbncyZGl0TXZsaTRKb2JEb2d3QXRlQWQzRUJjUDExSjJkT1lvK09ONDRHYkxHaXdqcGYrdVB0d3ZKQ3AyaVlxQ3MzMk1tL21ldjluajMzMm0xYnZNR1EzTjBEUUROZ2RJSTJRYzlNRkpoT2c4R1R4MTUxNVhGSHBWcWRxaFU5Mjl3YXplczNRSkw0ZFJLb1ptTFVsSE4xb2plODFycWRKNQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 26 May 2022 18:12:34 GMT
Server
Apache/2.4.38 (Debian)
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
r6
clever-redirect.com/s/
Redirect Chain
  • http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1115428394%26sid%3D2022052704123287b1f4ccaaa5c10912&s=j&enc=qj4M7xLL7NOMiS7HG1SEOH49fmp2bHJPbDhyZDRRdU9aeHV...
  • https://clever-redirect.com/s/r6?s=721614&s3=1115428394&sid=2022052704123287b1f4ccaaa5c10912
326 B
676 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clever-redirect.com/s/r6?s=721614&s3=1115428394&sid=2022052704123287b1f4ccaaa5c10912
Requested by
Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
78.46.197.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.197.46.78.clients.your-server.de
Software
Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 / PHP/7.4.27
Resource Hash

Request headers

Referer
http://1redirc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
326
content-type
text/html; charset=UTF-8
date
Thu, 26 May 2022 18:12:35 GMT
referrer-policy
no-referrer
server
Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
x-powered-by
PHP/7.4.27

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 26 May 2022 18:12:35 GMT
Location
https://clever-redirect.com/s/r6?s=721614&s3=1115428394&sid=2022052704123287b1f4ccaaa5c10912
Server
Apache/2.4.38 (Debian)
a
lookandfind.me/s/ 		381 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lookandfind.me/s/a?t=8&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=oberhealth.com&s1=721614&s2=&s3=1115428394&s5=woc
Requested by
Host: clever-redirect.com
URL: https://clever-redirect.com/s/r6?s=721614&s3=1115428394&sid=2022052704123287b1f4ccaaa5c10912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.169.90.157.clients.your-server.de
Software
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
381
content-type
text/html; charset=UTF-8
date
Thu, 26 May 2022 18:12:35 GMT
referrer-policy
strict-origin-when-cross-origin
server
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24
x-powered-by
PHP/7.4.24
r
lookandfind.me/s/ 		311 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.shareasale.com%2Fr.cfm%3Fb%3D1733948%26u%3D2939522%26m%3D108011%26afftrack%3Da6f370c628e02ef186665c5b704cd2c3_de&h=0e5a2ff4180e814662328b2bb97b55b4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.169.90.157.clients.your-server.de
Software
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash

Request headers

Referer
https://lookandfind.me/s/a?t=8&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=oberhealth.com&s1=721614&s2=&s3=1115428394&s5=woc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
311
content-type
text/html; charset=UTF-8
date
Thu, 26 May 2022 18:12:35 GMT
referrer-policy
strict-origin-when-cross-origin
server
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24
x-powered-by
PHP/7.4.24
Primary Request r.cfm
www.shareasale-analytics.com/
Redirect Chain
  • https://www.shareasale.com/r.cfm?b=1733948&u=2939522&m=108011&afftrack=a6f370c628e02ef186665c5b704cd2c3_de
  • https://www.shareasale-analytics.com/r.cfm?b=1733948&u=2939522&m=108011&afftrack=a6f370c628e02ef186665c5b704cd2c3_de&shrsl_analytics_sscid=51k6%5Fto5yx&shrsl_analytics_sstid=51k6%5Fto5yx
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.shareasale-analytics.com/r.cfm?b=1733948&u=2939522&m=108011&afftrack=a6f370c628e02ef186665c5b704cd2c3_de&shrsl_analytics_sscid=51k6%5Fto5yx&shrsl_analytics_sstid=51k6%5Fto5yx
Requested by
Host: lookandfind.me
URL: https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.shareasale.com%2Fr.cfm%3Fb%3D1733948%26u%3D2939522%26m%3D108011%26afftrack%3Da6f370c628e02ef186665c5b704cd2c3_de&h=0e5a2ff4180e814662328b2bb97b55b4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.67.79 -, , ASN (),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://lookandfind.me/s/r?u=https%3A%2F%2Fwww.shareasale.com%2Fr.cfm%3Fb%3D1733948%26u%3D2939522%26m%3D108011%26afftrack%3Da6f370c628e02ef186665c5b704cd2c3_de&h=0e5a2ff4180e814662328b2bb97b55b4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
71187ae99b299b2d-FRA
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 26 May 2022 18:12:38 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADMi TAIi PSAi IVAi OUR STP NAV"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
ASP.NET

Redirect headers

access-control-allow-origin
*
cache-control
no-cache
cf-apo-via
origin,page-rules
cf-cache-status
BYPASS
cf-ray
71187ada9f819a00-FRA
content-type
text/html;charset=UTF-8
date
Thu, 26 May 2022 18:12:37 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://www.shareasale-analytics.com/r.cfm?b=1733948&u=2939522&m=108011&afftrack=a6f370c628e02ef186665c5b704cd2c3_de&shrsl_analytics_sscid=51k6%5Fto5yx&shrsl_analytics_sstid=51k6%5Fto5yx
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADMi TAIi PSAi IVAi OUR STP NAV"
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAME-ORIGIN
x-powered-by
ASP.NET
/
www.oberhealth.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.oberhealth.com
URL
https://www.oberhealth.com/?sscid=51k6_to5yx&

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation

5 Cookies

Domain/Path Name / Value
showtume.co/ Name: __tad
Value: 1653588752.6780260
.1redirc.com/ Name: __dsnsid
Value: 2022052704123287b1f4ccaaa5c10912
clever-redirect.com/ Name: a6f71ff97b8e123782e35598ef1cd3d9
Value: 20936b5f36e8a63f8ffe1605a069f9c9a9d0936a7079b6dc097e0d96cfb5a7e5a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22a6f71ff97b8e123782e35598ef1cd3d9%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
.shareasale.com/ Name: XD0
Value: 108011%7Bu2939522%5Dere1p90%5Ds51k6%5Fto5yx%5Dt51k6%5Fto5yx
.shareasale.com/ Name: XSJ
Value: