103.4.144.218 Open in urlscan Pro
103.4.144.218 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://esxsk.heparienized.store/ZHZUWJPogsjM5pOJna2EiJins4yaroyRm62Ht5umjI%2Bc1bWKmqeNjZbbhIw%3D
Effective URL:
http://103.4.144.218:9803/1552416562021332/02002?click_id=200Jz8NZL1yEC4XzGhkP8ZbFBsPrzYedtYwLewn9AJiXLidxFRJsJGTY7W5mFUu7...
Submission: On May 26 via manual (May 26th 2023, 9:54:17 pm UTC) from US — Scanned from DE

Summary HTTP 36 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 12 domains to perform 36 HTTP transactions. The main IP is 103.4.144.218, located in Dhaka, Bangladesh and belongs to NEXT-BD Next Online Limited., BD. The main domain is 103.4.144.218.

This is the only time 103.4.144.218 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	198.136.58.26 198.136.58.26	33182 (DIMENOC) (DIMENOC)
1	205.251.155.223 205.251.155.223	11042 (NTHL) (NTHL)
1 5	2606:4700:303... 2606:4700:3031::ac43:92ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3030::6815:4a8d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	67.212.184.146 67.212.184.146	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
8 12	51.68.85.158 51.68.85.158	16276 (OVH) (OVH)
4 4	34.91.27.112 34.91.27.112	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 8	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	34.91.142.64 34.91.142.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	103.4.144.218 103.4.144.218	9441 (NEXT-BD N...) (NEXT-BD Next Online Limited.)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
36	9

1 198.136.58.26 (United States) 1 redirects

ASN33182 (DIMENOC, US)
PTR: supheraxillary.com

esxsk.heparienized.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.251.155.223 (United States)

ASN11042 (NTHL, US)

stellarsuperfluous.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3031::ac43:92ee (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lynku.jukminung.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3030::6815:4a8d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.addlnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 67.212.184.146 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

rezi.turetou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 51.68.85.158 (France) 8 redirects

ASN16276 (OVH, FR)

www.turbotrck.art	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.91.27.112 (Groningen, Netherlands) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 112.27.91.34.bc.googleusercontent.com

admoustache.media-412.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a06:98c1:3121::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

tonic.eygenci.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
armorads.aftrad-visit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.91.142.64 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.142.91.34.bc.googleusercontent.com

harrenmedia.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.4.144.218 (Dhaka, Bangladesh)

ASN9441 (NEXT-BD Next Online Limited., BD)

103.4.144.218	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	turbotrck.art 8 redirects www.turbotrck.art	25 KB
12	turetou.com rezi.turetou.com	28 KB
7	eygenci.com 1 redirects tonic.eygenci.com	20 KB
5	jukminung.com 1 redirects lynku.jukminung.com	17 KB
4	media-412.com 4 redirects admoustache.media-412.com	1 KB
4	addlnk.com cdn.addlnk.com — Cisco Umbrella Rank: 510777	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
2	g2afse.com 2 redirects harrenmedia.g2afse.com	612 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	46 KB
1	aftrad-visit.com 1 redirects armorads.aftrad-visit.com	564 B
1	stellarsuperfluous.com stellarsuperfluous.com	450 B
1	heparienized.store 1 redirects esxsk.heparienized.store	305 B
36	12

	Domain	Requested by
12	www.turbotrck.art	8 redirects rezi.turetou.com
12	rezi.turetou.com	lynku.jukminung.com rezi.turetou.com tonic.eygenci.com
7	tonic.eygenci.com	1 redirects www.turbotrck.art tonic.eygenci.com
5	lynku.jukminung.com	1 redirects stellarsuperfluous.com lynku.jukminung.com
4	admoustache.media-412.com	4 redirects
4	cdn.addlnk.com	lynku.jukminung.com tonic.eygenci.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	harrenmedia.g2afse.com	2 redirects
1	www.googletagmanager.com	103.4.144.218
1	armorads.aftrad-visit.com	1 redirects
1	stellarsuperfluous.com
1	esxsk.heparienized.store	1 redirects
36	12

This site contains no links.

Subject Issuer	Validity	Valid
stellarsuperfluous.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-20` - `2024-03-18`	a year	crt.sh
addlnk.com GTS CA 1P5	`2023-04-15` - `2023-07-14`	3 months	crt.sh
rezi.turetou.com R3	`2023-04-17` - `2023-07-16`	3 months	crt.sh
www.turbotrck.art R3	`2023-04-29` - `2023-07-28`	3 months	crt.sh
eygenci.com E1	`2023-05-21` - `2023-08-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh

This page contains 3 frames:

Primary Page: http://103.4.144.218:9803/1552416562021332/02002?click_id=200Jz8NZL1yEC4XzGhkP8ZbFBsPrzYedtYwLewn9AJiXLidxFRJsJGTY7W5mFUu7L1nFRq&publisher_id=1B6DbNJeZ&partner_name=Armorads
Frame ID: 4BBC5DEEFC53BAD6B3E3D8A2B62FAC67
Requests: 30 HTTP requests in this frame

Frame: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
Frame ID: 741BC662BEB615EBB679304A4460518F
Requests: 3 HTTP requests in this frame

Frame: https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
Frame ID: CED3B9F324E458013FBE1A86F0C06BBF
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Landing | ThematicRObi

Page URL History Show full URLs

http://esxsk.heparienized.store/ZHZUWJPogsjM5pOJna2EiJins4yaroyRm62Ht5umjI%2Bc1bWKmqeNjZbbhIw%3D HTTP 302
https://stellarsuperfluous.com/176173153370c694000/160/46889773-70878-a261952e04/1970041 Page URL
https://lynku.jukminung.com/rc/9e8aef8068?affclick=1346748580&pubid=690075 Page URL
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream... Page URL
https://rezi.turetou.com/?utm_term=7237612801127088186&utm_content=fdc2c69a9cafac9c949390a197959495ba... Page URL
https://rezi.turetou.com/proc.php?5254e996c2f2805f45f140185d3cdd480242059a Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612801127088186&website... Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612801127088186&website... HTTP 302
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612801127088186&website... HTTP 302
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000b2c0ee27369c84e7907b8da78f8... HTTP 302
https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a8005d789000111ad46&pubid=503 Page URL
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream... Page URL
https://rezi.turetou.com/?utm_term=7237612809717022724&utm_content=fdc2c69a9cafac9c949390a197959495ba... Page URL
https://rezi.turetou.com/proc.php?1feeb8d79f3ba85aa0b7e41e14fe10ad1532eeb2 Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website... Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website... HTTP 302
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website... HTTP 302
https://harrenmedia.g2afse.com/sl?id=5db1a4743bf47917e8f252cf&pid=228&sub2=132435&sub1=23000819d6e3edf535b4... HTTP 302
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=150&sub1=64712a81c4ccbc0001713feb&sub2=22... HTTP 302
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=150&sub1=64712a81c4ccbc0001713feb&sub2=22... HTTP 302
https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a81a3d499000111e600&pubid=150 Page URL
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream... Page URL
https://rezi.turetou.com/?utm_term=7237612809717022724&c=1&utm_content=fdc2c69a9cafac9c949390a1979594... Page URL
https://rezi.turetou.com/proc.php?4b2ba7a46bcaed97f83adceba10fb5de2cffa222 Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website... Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website... HTTP 302
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website... HTTP 302
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000aba1f9930512741fe85ad622a7d... HTTP 302
https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a82d85e1a0001383a92&pubid=503 Page URL
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream... Page URL
https://rezi.turetou.com/?utm_term=7237612809717022724&c=1&utm_content=fdc2c69a9cafac9c949390a1979594... Page URL
https://rezi.turetou.com/proc.php?7a2de32f12a1888d409b99deb2295ae097ef1023 Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website... Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website... HTTP 302
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website... HTTP 302
https://harrenmedia.g2afse.com/sl?id=5db1a4743bf47917e8f252cf&pid=228&sub2=132435&sub1=230009f15fa864e1f6d3... HTTP 302
https://armorads.aftrad-visit.com/track/click?offer_id=5943&publisher_id=106&network_id=1&click_id=64712a8300c... HTTP 302
http://103.4.144.218:9803/1552416562021332/02002?click_id=200Jz8NZL1yEC4XzGhkP8ZbFBsPrzYedtYwLewn9AJiX... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

36
Requests

89 %
HTTPS

42 %
IPv6

12
Domains

12
Subdomains

9
IPs

5
Countries

5743 kB
Transfer

5908 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://esxsk.heparienized.store/ZHZUWJPogsjM5pOJna2EiJins4yaroyRm62Ht5umjI%2Bc1bWKmqeNjZbbhIw%3D HTTP 302
https://stellarsuperfluous.com/176173153370c694000/160/46889773-70878-a261952e04/1970041 Page URL
https://lynku.jukminung.com/rc/9e8aef8068?affclick=1346748580&pubid=690075 Page URL
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=d699fd3e&cid=pub709c0a580a1a4d3b85a931b8b80a8a38&2=690075 Page URL
https://rezi.turetou.com/?utm_term=7237612801127088186&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
https://rezi.turetou.com/proc.php?5254e996c2f2805f45f140185d3cdd480242059a Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612801127088186&website=13260-bf2f31c1-b3aeeaff&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612801127088186&website=13260-bf2f31c1-b3aeeaff&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=a8ac06e77d587cf2bf73b8007d3a85e9&eyer=0.7156824584845214&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612801127088186&website=13260-bf2f31c1-b3aeeaff&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.7156824584845214&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000b2c0ee27369c84e7907b8da78f88be980526-202305-flb*5564921-b2be6*M7237612801127088186*sl_5564921-b2be6*40eaf415f8b30f413017ebcd07ea837aab2fc4d7*13260-bf2f31c1-b3aeeaff*13260 HTTP 302
https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a8005d789000111ad46&pubid=503 Page URL
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=a210515d&cid=pubb9f0ea67b1a847c694919358dafb1f4c&2=503 Page URL
https://rezi.turetou.com/?utm_term=7237612809717022724&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
https://rezi.turetou.com/proc.php?1feeb8d79f3ba85aa0b7e41e14fe10ad1532eeb2 Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=6baf51dc6f57835cc23de1300e2beb52&eyer=0.17743772196106034&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.17743772196106034&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
https://harrenmedia.g2afse.com/sl?id=5db1a4743bf47917e8f252cf&pid=228&sub2=132435&sub1=23000819d6e3edf535b4de4d08540dc66179b0526-202305-flb*5564921-b2be6*M7237612809717022724*sl_5564921-b2be6*4258f18fad07fa9b0ef8b1b9fc1622d27eca49ae*13260-58e4d543-00e7196d*13260 HTTP 302
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=150&sub1=64712a81c4ccbc0001713feb&sub2=228&sub3=&sub4=1 HTTP 302
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=150&sub1=64712a81c4ccbc0001713feb&sub2=228&sub3=&sub4=5122&sub5=150 HTTP 302
https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a81a3d499000111e600&pubid=150 Page URL
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=a210515d&cid=pubb9f0ea67b1a847c694919358dafb1f4c&2=503 Page URL
https://rezi.turetou.com/?utm_term=7237612809717022724&c=1&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
https://rezi.turetou.com/proc.php?4b2ba7a46bcaed97f83adceba10fb5de2cffa222 Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=44edbd1c75f7c43a3f564328a11d7f8f&eyer=0.03184026039640675&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.03184026039640675&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000aba1f9930512741fe85ad622a7d1ce8e0526-202305-flb*5564921-b2be6*M7237612809717022724*sl_5564921-b2be6*4258f18fad07fa9b0ef8b1b9fc1622d27eca49ae*13260-58e4d543-00e7196d*13260 HTTP 302
https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a82d85e1a0001383a92&pubid=503 Page URL
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=a210515d&cid=pubb9f0ea67b1a847c694919358dafb1f4c&2=503 Page URL
https://rezi.turetou.com/?utm_term=7237612809717022724&c=1&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e075 Page URL
https://rezi.turetou.com/proc.php?7a2de32f12a1888d409b99deb2295ae097ef1023 Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=013d6c21c73911488c17500a331273da&eyer=0.9241615142981958&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.9241615142981958&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
https://harrenmedia.g2afse.com/sl?id=5db1a4743bf47917e8f252cf&pid=228&sub2=132435&sub1=230009f15fa864e1f6d3710c73e31bfc641670526-202305-flb*5564921-b2be6*M7237612809717022724*sl_5564921-b2be6*4258f18fad07fa9b0ef8b1b9fc1622d27eca49ae*13260-58e4d543-00e7196d*13260 HTTP 302
https://armorads.aftrad-visit.com/track/click?offer_id=5943&publisher_id=106&network_id=1&click_id=64712a8300c52500013fbd1c&source=228&subsource= HTTP 302
http://103.4.144.218:9803/1552416562021332/02002?click_id=200Jz8NZL1yEC4XzGhkP8ZbFBsPrzYedtYwLewn9AJiXLidxFRJsJGTY7W5mFUu7L1nFRq&publisher_id=1B6DbNJeZ&partner_name=Armorads Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://esxsk.heparienized.store/ZHZUWJPogsjM5pOJna2EiJins4yaroyRm62Ht5umjI%2Bc1bWKmqeNjZbbhIw%3D HTTP 302
https://stellarsuperfluous.com/176173153370c694000/160/46889773-70878-a261952e04/1970041

Request Chain 3

https://lynku.jukminung.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js

Request Chain 10

https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612801127088186&website=13260-bf2f31c1-b3aeeaff&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=a8ac06e77d587cf2bf73b8007d3a85e9&eyer=0.7156824584845214&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612801127088186&website=13260-bf2f31c1-b3aeeaff&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.7156824584845214&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000b2c0ee27369c84e7907b8da78f88be980526-202305-flb*5564921-b2be6*M7237612801127088186*sl_5564921-b2be6*40eaf415f8b30f413017ebcd07ea837aab2fc4d7*13260-bf2f31c1-b3aeeaff*13260 HTTP 302
https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a8005d789000111ad46&pubid=503

Request Chain 12

https://tonic.eygenci.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js

Request Chain 19

https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=6baf51dc6f57835cc23de1300e2beb52&eyer=0.17743772196106034&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.17743772196106034&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
https://harrenmedia.g2afse.com/sl?id=5db1a4743bf47917e8f252cf&pid=228&sub2=132435&sub1=23000819d6e3edf535b4de4d08540dc66179b0526-202305-flb*5564921-b2be6*M7237612809717022724*sl_5564921-b2be6*4258f18fad07fa9b0ef8b1b9fc1622d27eca49ae*13260-58e4d543-00e7196d*13260 HTTP 302
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=150&sub1=64712a81c4ccbc0001713feb&sub2=228&sub3=&sub4=1 HTTP 302
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=150&sub1=64712a81c4ccbc0001713feb&sub2=228&sub3=&sub4=5122&sub5=150 HTTP 302
https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a81a3d499000111e600&pubid=150

Request Chain 25

https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=44edbd1c75f7c43a3f564328a11d7f8f&eyer=0.03184026039640675&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.03184026039640675&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000aba1f9930512741fe85ad622a7d1ce8e0526-202305-flb*5564921-b2be6*M7237612809717022724*sl_5564921-b2be6*4258f18fad07fa9b0ef8b1b9fc1622d27eca49ae*13260-58e4d543-00e7196d*13260 HTTP 302
https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a82d85e1a0001383a92&pubid=503

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

1970041
stellarsuperfluous.com/176173153370c694000/160/46889773-70878-a261952e04/
Redirect Chain

http://esxsk.heparienized.store/ZHZUWJPogsjM5pOJna2EiJins4yaroyRm62Ht5umjI%2Bc1bWKmqeNjZbbhIw%3D
https://stellarsuperfluous.com/176173153370c694000/160/46889773-70878-a261952e04/1970041

137 B
450 B

958ms
364ms

Document
text/html

205.251.155.223
NTHL

General

Check archive.org

Show headers Download Go to

Full URL: https://stellarsuperfluous.com/176173153370c694000/160/46889773-70878-a261952e04/1970041
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 205.251.155.223 , United States, ASN11042 (NTHL, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Length: 137
Content-Type: text/html; charset=UTF-8
Date: Fri, 26 May 2023 21:54:06 GMT
Server: Apache

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Fri, 26 May 2023 21:51:06 GMT
Keep-Alive: timeout=5, max=100
Location: https://stellarsuperfluous.com/176173153370c694000/160/46889773-70878-a261952e04/1970041
Server: Apache/2.4.6 (CentOS)

GET
H2 200 9e8aef8068 Show response
lynku.jukminung.com/rc/ 2 KB
2 KB 123ms
97ms Document
text/html 2606:4700:3031::ac43:92ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1346748580&pubid=690075
Requested by: Host: stellarsuperfluous.com
URL: https://stellarsuperfluous.com/176173153370c694000/160/46889773-70878-a261952e04/1970041
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 072c4714addcb93de0d1eacf38fd245e5129858b14735c61cd0bbe5f86448b34

Request headers

Referer: https://stellarsuperfluous.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7cd94139d9af1e6e-FRA
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 21:54:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVRZuMhuTQ3lVx%2FbWkDN2CpN941dN48QIptgT5TVDAUXDBGlgD59UQ8iRwSbf%2F9PorLuLwUDvXvcJhuha%2BtPAroUjbbxLxszyDxViIHzd5aJ4p9cB71qn9WCPMO7K4hNpko3DACeK6qEmKLT7Xg7xabP"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Language, Cookie

GET
H2 200 redirect.css
cdn.addlnk.com/ 1 KB
1 KB 41ms
13ms Stylesheet
text/css 2606:4700:3030::6815:4a8d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addlnk.com/redirect.css
Requested by: Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1346748580&pubid=690075
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4a8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:54:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1CDV1M9BTXYFXXX6
age: 2547
cf-polished: origSize=1680
alt-svc: h3=":443"; ma=86400
x-amz-id-2: PMqJM36lmduKnrjw0ab5/EeSo7UVLnFZbYvMRXRbbtLCXXjAbytlHc1uVHWuQ6A1qKwwnT/4gKuxNla4w4fDGg==
cf-bgj: minify
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
server: cloudflare
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2wBDUIgbjFmOcXdfIPlr%2BQJ2rrFVEWp%2FaN1Hj5e4d4ZI2q6jFgmZR23ThYibACKQhefk0YHK7dmXT0prLuvfIdKNCyMKWykjzWnHjkPFMhvNqNHYNtGjsVY0JyVS%2FMwroNrdyyEh%2FiCTkV4GA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 7cd9413a98b01bdb-FRA

GET
H3

200

invisible.js Show response
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/ Frame 741B
Redirect Chain

https://lynku.jukminung.com/cdn-cgi/challenge-platform/scripts/invisible.js
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js

24 KB
11 KB

14ms
14ms

Script
application/javascript

2606:4700:3031::ac43:92ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js

Protocol

Server

2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e38e2ab278bd02c2ed179e3e8121c50b6afe6bb4f3c90bbaf7acdbd82cc8fd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FFR1V9Sh6UlbWh0%2BFsFogdig9rfMgVRkyPyQY5ouQas1Rc716F5nlPN245uqUV%2B70SEAOJd7rJirIV%2BKSj9reLmijB3IXbZ5yKQOCbd1svCyP7qDigy0LGbo%2FzdNJaDQiG3q%2BbN7p%2BGuuRXLf1KArBs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7cd9413ad9113648-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 26 May 2023 21:54:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrSwoUtKElBuelbsCiI2gGrbW0xbN%2Bq34s0OTu59UoI7y%2FKSFx3yigJY5As2TzgM160Ds%2BUwELWIH2fVN34Phz0ZKgvFD8xMwdORlqSRQUdHUe592w%2B9Hkw4nbdj0pZI6IhRSx2pnqQvZar0Q0EsBYZ1"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
cache-control: max-age=300, public
cf-ray: 7cd9413acadf1e6e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 pica.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 741B 6 KB
3 KB 12ms
12ms Other
application/javascript 2606:4700:3031::ac43:92ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

926dd90cf7fd24eac6e9e3e7e005078f88cfd15523ebf17b8ba89db3475b9201

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RL%2BaIMKNu83zqVG8q6tFqPR8ahjgwYZPNPySnKsQv3XObT9EwvkzXoQ2pf4AoJt2JKcjvgmq2HTrHbUo8SkkUa4kT5k8z31Woi942u%2FB6%2F36Xgz7MlpDkh0RaYP9OBJ7L5Lz4nn%2B57%2FnMW8tqXfhNz%2Fk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7cd9413af9343648-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 7cd94139d9af1e6e
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 741B 2 B
619 B 39ms
38ms XHR
text/plain 2606:4700:3031::ac43:92ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/7cd94139d9af1e6e
Requested by: Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 26 May 2023 21:54:07 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qcRt%2ButKlWduYnxJDqiqiQNA%2BzrAmUjbybCmRHIqBvjATMctEJAZIFxLMMJpN39ZIQzgaADLPqWB9QtPzJX6zt9EdZ01hIbBrFgScxVYVaB7juLNglqg6nmJlQuPg0aGh3H202VYNkH7LA3f4khUUaop"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7cd9413c4a603648-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 /
rezi.turetou.com/ 3 KB
2 KB 335ms
110ms Document
text/html 67.212.184.146
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=d699fd3e&cid=pub709c0a580a1a4d3b85a931b8b80a8a38&2=690075
Requested by: Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1346748580&pubid=690075
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.2.0
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 26 May 2023 21:54:07 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://rezi.turetou.com/?utm_term=7237612801127088186
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

GET
H2 200 / Show response
rezi.turetou.com/ 8 KB
3 KB 118ms
117ms Document
text/html 67.212.184.146
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://rezi.turetou.com/?utm_term=7237612801127088186&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by: Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=d699fd3e&cid=pub709c0a580a1a4d3b85a931b8b80a8a38&2=690075
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.2.0
Resource Hash: 5a98075a2f90feefbe5eeb202407f6bc4ebb77f35de43ae7d9ecfc58af9a7211

Request headers

Referer: https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=d699fd3e&cid=pub709c0a580a1a4d3b85a931b8b80a8a38&2=690075
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 21:54:07 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

GET
H2 200 proc.php
rezi.turetou.com/ 4 KB
2 KB 112ms
112ms Document
text/html 67.212.184.146
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://rezi.turetou.com/proc.php?5254e996c2f2805f45f140185d3cdd480242059a
Requested by: Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_term=7237612801127088186&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.2.0
Resource Hash

Request headers

Referer: https://rezi.turetou.com/?utm_term=7237612801127088186&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 26 May 2023 21:54:08 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612801127088186&website=13260-bf2f31c1-b3aeeaff&placement=13260
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

GET
H/1.1 200
OK /
www.turbotrck.art/ 5 KB
5 KB 97ms
18ms Document
text/html 51.68.85.158
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612801127088186&website=13260-bf2f31c1-b3aeeaff&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by: Host: rezi.turetou.com
URL: https://rezi.turetou.com/proc.php?5254e996c2f2805f45f140185d3cdd480242059a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.85.158 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://rezi.turetou.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-CH: Sec-CH-UA-Platform-Version
Cache-Control: no-transform
Connection: keep-alive
Content-Type: text/html
Date: Fri, 26 May 2023 21:54:08 GMT
Transfer-Encoding: chunked

GET
H2

200

a91581ead4 Show response
tonic.eygenci.com/rc/
Redirect Chain

https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612801127088186&website=13260-bf2f31c1-b3aeeaff&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbe...
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612801127088186&website=13260-bf2f31c1-b3aeeaff&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbe...
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000b2c0ee27369c84e7907b8da78f88be980526-202305-flb*5564921-b2be6*M7237612801127088186*sl_5564921-b2be6*40eaf415f8b30f...
https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a8005d789000111ad46&pubid=503

2 KB
2 KB

145ms
115ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a8005d789000111ad46&pubid=503
Requested by: Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612801127088186&website=13260-bf2f31c1-b3aeeaff&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0391e538c6e0fe556ca7cc1c9f977dd5f7f2af528aa9f2e726c04390179bbeb9

Request headers

Referer: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612801127088186&website=13260-bf2f31c1-b3aeeaff&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7cd94143cefdbb50-FRA
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 21:54:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YfYDkNSGfNj3AMHBxwdu%2BIfOSYMVcD9Tea5dUuEFUhbU1UOtJLGfVwtkAgdvOf3JMf3K5egBALCuVUhcHlbYyuxFBTF72LUjgpqPVgDFsbC5dyMPh6y9Mzf7HlOcuHCB3cUL8QoS0eDnQAxNxSI7LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin: *
content-length: 0
date: Fri, 26 May 2023 21:54:08 GMT
location: https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a8005d789000111ad46&pubid=503
referer
referrer-policy: no-referrer
server: nginx
x-adjust-use-original-forwarded-for: 1

GET
H2 200 redirect.css
cdn.addlnk.com/ 1 KB
714 B 13ms
13ms Stylesheet
text/css 2606:4700:3030::6815:4a8d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addlnk.com/redirect.css
Requested by: Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a8005d789000111ad46&pubid=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4a8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:54:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1CDV1M9BTXYFXXX6
age: 2548
cf-polished: origSize=1680
alt-svc: h3=":443"; ma=86400
x-amz-id-2: PMqJM36lmduKnrjw0ab5/EeSo7UVLnFZbYvMRXRbbtLCXXjAbytlHc1uVHWuQ6A1qKwwnT/4gKuxNla4w4fDGg==
cf-bgj: minify
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
server: cloudflare
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YEgomeBGE0v7B1a3N0rlyHXoGzBfqDroZQLNlrQqAuiAw0PXb3FmJhVAuuI6%2Bpce8gp%2BxThP7A%2FCJ3SaFGUI%2FpTO1eXlQZi7DVFHApUVzJDt%2BM8R34XvdD%2F7rlH2FXYAvbdHk338YSt67gN9VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 7cd94144cb1b1bdb-FRA

GET
H2

200

invisible.js Show response
tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/ Frame CED3
Redirect Chain

https://tonic.eygenci.com/cdn-cgi/challenge-platform/scripts/invisible.js
https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js

24 KB
11 KB

11ms
11ms

Script
application/javascript

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08a7fba4edacd5a7de076a7955d8cc59210b3424b97dd99e62351a33955d5f92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:54:08 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEPiG%2B5s3PUJOHfjminOkvYj9xsdjqiLIuvEFWgRuJvg8PtgNGMMa891ssU17dC3HewrcLzFgQfWPLGZBxAO1Uxw%2F98v8T7X5lywgYQFiAdJMwBX8A2TvFRD1q2foRLLiNm8lnSM8gwb3%2B8j6MjKwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7cd94144f83abb50-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 26 May 2023 21:54:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kw%2FKb3eXdqfGG4HUnsUtgO0Y%2FsoD1aZl8%2Ff%2ByQoOHsADaPFbtKky4kh8fk1lLYRjK0Ex2wyxZMSHy5L%2BrtkN83qz%2FINpB0m%2BR5hTeQaDOEbQUKVeJLYLaLlmtyeZnoDhpZlSgqcZqELsxlITlG2vqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
cache-control: max-age=300, public
cf-ray: 7cd94144e825bb50-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 pica.js
tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame CED3 6 KB
4 KB 11ms
11ms Other
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bd9c50fa714690b5de3fa46477b03304b561523ae245bdc1d572959420aa12d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:54:08 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERhF92dd0sUEmWEuYuwWvGhAq2Inw06CAXVb0papUmgzp41yTey7i5dmXWCKtxV7TlkV1GMz4FmxLAWSvor%2FmkK%2B9mS%2FVTnzpHlmFFsy1RnWn2jvDu0%2BNy%2FjoO8El3KLakxW%2FaNKxXvupKZIazLiGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7cd9414519532bf0-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 7cd94143cefdbb50
tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame CED3 2 B
623 B 31ms
31ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/cv/result/7cd94143cefdbb50
Requested by: Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 26 May 2023 21:54:08 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPSbqiS3rwygBKH2B4%2B78LlgkHgiVmYq9GoPotuMVXwkQqobFXVN1HeC0BMGJBngP0xCE6V6kFkFK6Btu8QbANCk7ng9WoVPpuG4VRo3eKUsFRWzVR745s3YB6p4RYD8G2hhBCC%2BcaOX%2FWISOr%2FImA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7cd941461a592bf0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 /
rezi.turetou.com/ 3 KB
2 KB 110ms
110ms Document
text/html 67.212.184.146
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=a210515d&cid=pubb9f0ea67b1a847c694919358dafb1f4c&2=503
Requested by: Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a8005d789000111ad46&pubid=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.2.0
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 26 May 2023 21:54:09 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://rezi.turetou.com/?utm_term=7237612809717022724
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

GET
H2 200 / Show response
rezi.turetou.com/ 8 KB
3 KB 119ms
118ms Document
text/html 67.212.184.146
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://rezi.turetou.com/?utm_term=7237612809717022724&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by: Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=a210515d&cid=pubb9f0ea67b1a847c694919358dafb1f4c&2=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.2.0
Resource Hash: a04176e3cf2867b819af24e435250b5fcc05001bd1f8d9d2ae2415840168bcef

Request headers

Referer: https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=a210515d&cid=pubb9f0ea67b1a847c694919358dafb1f4c&2=503
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 21:54:09 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

GET
H2 200 proc.php
rezi.turetou.com/ 4 KB
2 KB 114ms
112ms Document
text/html 67.212.184.146
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://rezi.turetou.com/proc.php?1feeb8d79f3ba85aa0b7e41e14fe10ad1532eeb2
Requested by: Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_term=7237612809717022724&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.2.0
Resource Hash

Request headers

Referer: https://rezi.turetou.com/?utm_term=7237612809717022724&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 26 May 2023 21:54:09 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

GET
H/1.1 200
OK /
www.turbotrck.art/ 5 KB
5 KB 19ms
19ms Document
text/html 51.68.85.158
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by: Host: rezi.turetou.com
URL: https://rezi.turetou.com/proc.php?1feeb8d79f3ba85aa0b7e41e14fe10ad1532eeb2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.85.158 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://rezi.turetou.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-CH: Sec-CH-UA-Platform-Version
Cache-Control: no-transform
Connection: keep-alive
Content-Type: text/html
Date: Fri, 26 May 2023 21:54:09 GMT
Transfer-Encoding: chunked

GET
H3

200

a91581ead4 Show response
tonic.eygenci.com/rc/
Redirect Chain

https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbe...
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbe...
https://harrenmedia.g2afse.com/sl?id=5db1a4743bf47917e8f252cf&pid=228&sub2=132435&sub1=23000819d6e3edf535b4de4d08540dc66179b0526-202305-flb*5564921-b2be6*M7237612809717022724*sl_5564921-b2be6*4258f...
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=150&sub1=64712a81c4ccbc0001713feb&sub2=228&sub3=&sub4=1
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=150&sub1=64712a81c4ccbc0001713feb&sub2=228&sub3=&sub4=5122&sub5=150
https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a81a3d499000111e600&pubid=150

1 KB
1 KB

72ms
72ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a81a3d499000111e600&pubid=150
Requested by: Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fcc382f7b1860644602db0eec1e6936af8ab265991f38558bdd73c6e4836d05

Request headers

Referer: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7cd9414acff62bf0-FRA
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 21:54:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XmxR7eo49onEkZ8F7ZGHFa1f4giiUC7QNsQ3Mm5jIJC92ZzBJ5ZKxWgpvzJ5HzHcYE310A7bFITQwhheC4lKah8%2BZ3v12IaCmhbUg2UwCltX78yf3nkaetplxaB8vEodrSsJxWuoWrMqIJrktJkDkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin: *
content-length: 0
date: Fri, 26 May 2023 21:54:09 GMT
location: https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a81a3d499000111e600&pubid=150
referer
referrer-policy: no-referrer
server: nginx
x-adjust-use-original-forwarded-for: 1

GET
H3 200 redirect.css
cdn.addlnk.com/ 1 KB
1 KB 16ms
16ms Stylesheet
text/css 2606:4700:3030::6815:4a8d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addlnk.com/redirect.css
Requested by: Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a81a3d499000111e600&pubid=150
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4a8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:54:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KPYPMKR87WVDDR5G
age: 4412
cf-polished: origSize=1680
alt-svc: h3=":443"; ma=86400
x-amz-id-2: sdyeyOjO4qADE8twISrwU7928cky8WpEvqOoYxcGfmLM5QiMKH15++pL4Vm7UxnFSSwxMSTIZIo=
cf-bgj: minify
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
server: cloudflare
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YR3ikBZzZG4wGWGcnbOVwi6AzXERcmbFlJP6woe3KpYSkd843M%2BS8lzkYF6gdZ0HJxpVt48oLu7P1gE1GbNndKQvaw2oYdcgx8JrMkANuEzIZFnAYJN%2FuMjizf2HRhuTvcoSMu8FFm0Z45upuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 7cd9414b4cc56946-FRA

GET
H2 200 /
rezi.turetou.com/ 3 KB
2 KB 111ms
110ms Document
text/html 67.212.184.146
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=a210515d&cid=pubb9f0ea67b1a847c694919358dafb1f4c&2=503
Requested by: Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a81a3d499000111e600&pubid=150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.2.0
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 26 May 2023 21:54:09 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://rezi.turetou.com/?utm_term=7237612809717022724&c=1
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

GET
H2 200 / Show response
rezi.turetou.com/ 8 KB
3 KB 110ms
110ms Document
text/html 67.212.184.146
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://rezi.turetou.com/?utm_term=7237612809717022724&c=1&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by: Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=a210515d&cid=pubb9f0ea67b1a847c694919358dafb1f4c&2=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.2.0
Resource Hash: 8ee16df12d4340434b15fcb00ac5da2898784c9cca2f5b86f80e9ff4b7d80be9

Request headers

Referer: https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=a210515d&cid=pubb9f0ea67b1a847c694919358dafb1f4c&2=503
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 21:54:10 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

GET
H2 200 proc.php
rezi.turetou.com/ 4 KB
2 KB 110ms
109ms Document
text/html 67.212.184.146
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://rezi.turetou.com/proc.php?4b2ba7a46bcaed97f83adceba10fb5de2cffa222
Requested by: Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_term=7237612809717022724&c=1&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.2.0
Resource Hash

Request headers

Referer: https://rezi.turetou.com/?utm_term=7237612809717022724&c=1&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 26 May 2023 21:54:10 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

GET
H/1.1 200
OK /
www.turbotrck.art/ 5 KB
5 KB 19ms
19ms Document
text/html 51.68.85.158
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by: Host: rezi.turetou.com
URL: https://rezi.turetou.com/proc.php?4b2ba7a46bcaed97f83adceba10fb5de2cffa222
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.85.158 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://rezi.turetou.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-CH: Sec-CH-UA-Platform-Version
Cache-Control: no-transform
Connection: keep-alive
Content-Type: text/html
Date: Fri, 26 May 2023 21:54:10 GMT
Transfer-Encoding: chunked

GET
H3

200

a91581ead4 Show response
tonic.eygenci.com/rc/
Redirect Chain

https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbe...
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbe...
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000aba1f9930512741fe85ad622a7d1ce8e0526-202305-flb*5564921-b2be6*M7237612809717022724*sl_5564921-b2be6*4258f18fad07fa...
https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a82d85e1a0001383a92&pubid=503

1 KB
1 KB

48ms
48ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a82d85e1a0001383a92&pubid=503
Requested by: Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fcc382f7b1860644602db0eec1e6936af8ab265991f38558bdd73c6e4836d05

Request headers

Referer: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7cd94152b8c92bf0-FRA
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 21:54:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEcvGo%2FyZeE23NHu%2BjvRB6weYvv%2Foziq9STLnHxajdd4WNN6T1sed4vAb9iaX24Cqua3Ft7cteGIWD24bxTPVBmt1DhO%2FLE70U2XTsGKLmgMrqlSGXkK5DjYJFGDiLg4g%2BAEjPipLWPiad%2F%2B8dkr7g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin: *
content-length: 0
date: Fri, 26 May 2023 21:54:10 GMT
location: https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a82d85e1a0001383a92&pubid=503
referer
referrer-policy: no-referrer
server: nginx
x-adjust-use-original-forwarded-for: 1

GET
H3 200 redirect.css
cdn.addlnk.com/ 1 KB
1000 B 16ms
15ms Stylesheet
text/css 2606:4700:3030::6815:4a8d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addlnk.com/redirect.css
Requested by: Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a82d85e1a0001383a92&pubid=503
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:4a8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:54:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KPYPMKR87WVDDR5G
age: 4414
cf-polished: origSize=1680
alt-svc: h3=":443"; ma=86400
x-amz-id-2: sdyeyOjO4qADE8twISrwU7928cky8WpEvqOoYxcGfmLM5QiMKH15++pL4Vm7UxnFSSwxMSTIZIo=
cf-bgj: minify
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
server: cloudflare
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVvYHAYEcKqh%2F3MScsfUYEx8GmZeQ6ZXx%2Bk2DZSagUY7iCERb98so1xdDJOPs%2Bp5KUeKhHhd1%2FC7gfCD2CXtE0v5Ew1nFX2Lnz4KhtXMCCDlN65h65qTXMqBNXVPNcYsoZb7EX7arXWhZY%2BLXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 7cd941530bdf6946-FRA

GET
H2 200 /
rezi.turetou.com/ 3 KB
2 KB 110ms
110ms Document
text/html 67.212.184.146
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=a210515d&cid=pubb9f0ea67b1a847c694919358dafb1f4c&2=503
Requested by: Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=64712a82d85e1a0001383a92&pubid=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.2.0
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 26 May 2023 21:54:11 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://rezi.turetou.com/?utm_term=7237612809717022724&c=1
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

GET
H2 200 / Show response
rezi.turetou.com/ 8 KB
3 KB 110ms
110ms Document
text/html 67.212.184.146
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://rezi.turetou.com/?utm_term=7237612809717022724&c=1&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e075
Requested by: Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=a210515d&cid=pubb9f0ea67b1a847c694919358dafb1f4c&2=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.2.0
Resource Hash: 69fae3a78bbd5315916245db7b083aa9133a097acfa9e10a697d4263f210c5ad

Request headers

Referer: https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=a210515d&cid=pubb9f0ea67b1a847c694919358dafb1f4c&2=503
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 21:54:11 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

GET
H2 200 proc.php
rezi.turetou.com/ 4 KB
2 KB 110ms
110ms Document
text/html 67.212.184.146
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://rezi.turetou.com/proc.php?7a2de32f12a1888d409b99deb2295ae097ef1023
Requested by: Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_term=7237612809717022724&c=1&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e075
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.2.0
Resource Hash

Request headers

Referer: https://rezi.turetou.com/?utm_term=7237612809717022724&c=1&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e075
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 26 May 2023 21:54:11 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

GET
H/1.1 200
OK /
www.turbotrck.art/ 5 KB
5 KB 19ms
19ms Document
text/html 51.68.85.158
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by: Host: rezi.turetou.com
URL: https://rezi.turetou.com/proc.php?7a2de32f12a1888d409b99deb2295ae097ef1023
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.85.158 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://rezi.turetou.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-CH: Sec-CH-UA-Platform-Version
Cache-Control: no-transform
Connection: keep-alive
Content-Type: text/html
Date: Fri, 26 May 2023 21:54:11 GMT
Transfer-Encoding: chunked

GET
H/1.1

200
OK

Primary Request 02002 Show response
103.4.144.218/1552416562021332/
Redirect Chain

https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbe...
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbe...
https://harrenmedia.g2afse.com/sl?id=5db1a4743bf47917e8f252cf&pid=228&sub2=132435&sub1=230009f15fa864e1f6d3710c73e31bfc641670526-202305-flb*5564921-b2be6*M7237612809717022724*sl_5564921-b2be6*4258f...
https://armorads.aftrad-visit.com/track/click?offer_id=5943&publisher_id=106&network_id=1&click_id=64712a8300c52500013fbd1c&source=228&subsource=
http://103.4.144.218:9803/1552416562021332/02002?click_id=200Jz8NZL1yEC4XzGhkP8ZbFBsPrzYedtYwLewn9AJiXLidxFRJsJGTY7W5mFUu7L1nFRq&publisher_id=1B6DbNJeZ&partner_name=Armorads

1 KB
910 B

575ms
290ms

Document
text/html

103.4.144.218
NEXT-BD Next Onli...

General

Check archive.org

Show headers Download Go to

Full URL: http://103.4.144.218:9803/1552416562021332/02002?click_id=200Jz8NZL1yEC4XzGhkP8ZbFBsPrzYedtYwLewn9AJiXLidxFRJsJGTY7W5mFUu7L1nFRq&publisher_id=1B6DbNJeZ&partner_name=Armorads
Requested by: Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol: HTTP/1.1
Server: 103.4.144.218 Dhaka, Bangladesh, ASN9441 (NEXT-BD Next Online Limited., BD),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 7dc5ab24c1cbb23eeb406f04e317342fe92df1cbc839d1e08beba1c0016975b4

Request headers

Referer: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7237612809717022724&website=13260-58e4d543-00e7196d&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 26 May 2023 21:54:12 GMT
ETag: W/"406-Nm9aOxQbegF+Gggt2X+zuCbGrao"
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7cd941578b57366d-FRA
content-type: text/html; charset=utf-8
date: Fri, 26 May 2023 21:54:11 GMT
location: http://103.4.144.218:9803/1552416562021332/02002?click_id=200Jz8NZL1yEC4XzGhkP8ZbFBsPrzYedtYwLewn9AJiXLidxFRJsJGTY7W5mFUu7L1nFRq&publisher_id=1B6DbNJeZ&partner_name=Armorads
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXOlzdWAjdiDsmar%2FuKwDDm%2BD3QeyfNFEHBSCdqjybruFnTCyVsIvLzVfiAqpMmHkMcuTVHRQ9HisAf7foIEevZLOuKEvYPriRSgp5Wn0DMzb7bbhMe7uVY%2BusyswLJcdPScFqdBQ2gt10cJWBasUHRSJnezCRrS"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK thematic-banner-with-play.png
103.4.144.218/1552416562021332/ 5 MB
5 MB 287ms
286ms Image
image/png 103.4.144.218
NEXT-BD Next Onli...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://103.4.144.218:9803/1552416562021332/thematic-banner-with-play.png
Requested by: Host: 103.4.144.218
URL: http://103.4.144.218:9803/1552416562021332/02002?click_id=200Jz8NZL1yEC4XzGhkP8ZbFBsPrzYedtYwLewn9AJiXLidxFRJsJGTY7W5mFUu7L1nFRq&publisher_id=1B6DbNJeZ&partner_name=Armorads
Protocol: HTTP/1.1
Server: 103.4.144.218 Dhaka, Bangladesh, ASN9441 (NEXT-BD Next Online Limited., BD),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 92309a1cf00885c6b663a57dfb04fa130c90a512343b0762613d4c2d10a3462e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://103.4.144.218:9803/1552416562021332/02002?click_id=200Jz8NZL1yEC4XzGhkP8ZbFBsPrzYedtYwLewn9AJiXLidxFRJsJGTY7W5mFUu7L1nFRq&publisher_id=1B6DbNJeZ&partner_name=Armorads
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 26 May 2023 21:54:12 GMT
Last-Modified: Tue, 18 Apr 2023 10:54:21 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"574845-18794004f5b"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5720133

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 118 KB
46 KB 60ms
26ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-127081483-1

Requested by

Host: 103.4.144.218
URL: http://103.4.144.218:9803/1552416562021332/02002?click_id=200Jz8NZL1yEC4XzGhkP8ZbFBsPrzYedtYwLewn9AJiXLidxFRJsJGTY7W5mFUu7L1nFRq&publisher_id=1B6DbNJeZ&partner_name=Armorads

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b5ffea1f4d9a35e2c28d18dea7b5754f38f3f2ba4d8b167704a81dd1e28cf51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://103.4.144.218:9803/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 21:54:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46894
x-xss-protection: 0
last-modified: Fri, 26 May 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 May 2023 21:54:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 49ms
13ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-127081483-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://103.4.144.218:9803/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 May 2023 21:04:54 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2958
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 26 May 2023 23:04:54 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
207 B 21ms
20ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=669628077&t=pageview&_s=1&dl=http%3A%2F%2F103.4.144.218%2F1552416562021332%2F02002%3Fclick_id%3D200Jz8NZL1yEC4XzGhkP8ZbFBsPrzYedtYwLewn9AJiXLidxFRJsJGTY7W5mFUu7L1nFRq%26publisher_id%3D1B6DbNJeZ%26partner_name%3DArmorads&ul=en-us&de=UTF-8&dt=Landing%20%7C%20ThematicRObi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1362361150&gjid=621887399&cid=382204170.1685138053&tid=UA-127081483-1&_gid=1738461321.1685138053&_r=1&gtm=457e35o0&jsscut=1&z=1277634799

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://103.4.144.218:9803/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 May 2023 21:54:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://103.4.144.218:9803
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
stellarsuperfluous.com/	1970-01-20 12:48:50	Name: uid15295 Value: 1346748580-20230526175406-770e7e6770f37e5eafdb5dc81ecc5f6c-
lynku.jukminung.com/	1970-01-20 12:15:42	Name: AWSALB Value: M7d7TBUbGuDSvXvLaNyMeOpogRSgC0AacNwxw0JwmpUfOBujr9/ZOmiZhD/96+7eMAZfQrD4sw1F6UTZXoyQ/vmOo6cOTcvjsrqkiiZtWOLq3bwrR17nMk5H5F/F
.jukminung.com/	1970-01-20 12:05:39	Name: __cf_bm Value: KEqLxiGHB5qH15V2vMU.cjAjO2WaAu4Ay8schY9_EP8-1685138047-0-AQqhT67DoBaYUnwBszd4guJtvoJszcI+gRxvwnM2u279fMpLNBZF8HfgYG0SGln+mG/Ok9P2wGZCGxFLxDbOaZ4qmmsz7msu9YQ+Cea/1wEt
rezi.turetou.com/	1970-01-20 20:51:14	Name: u Value: 4d882d2277e5c27830d37debbe5f8d79
rezi.turetou.com/	1969-12-31 23:59:59	Name: split Value: a
.eygenci.com/	1970-01-20 12:05:39	Name: __cf_bm Value: zJOMY9HOW5t1JbwMrIntu1rmqEtDMWDEVQIZk90BI5o-1685138048-0-AadvnOE6UyjPCuG8rNgTSq5e3+qy04MIns7ttVXLQPUIT1oRJdCZtd/W7cfE4wnsYeDJCUAeqnTplZxghUvKo0dXPGROaKzftyIHw9C8HW7n
admoustache.media-412.com/	1970-01-20 20:51:14	Name: afclick Value: 64712a82d85e1a0001383a92
tonic.eygenci.com/	1970-01-20 12:15:42	Name: AWSALB Value: cb0FErYaRwVN7dZvi+TinYVtIoEMT9X7xlA+GFLLbH6j25wh7HfFYBmss+jmVym+I1q5u/19wnwjqH0nznsnYJ+/LdniXqWSWmfbH45XpQhetuNn0tvDZM4U7p2R
harrenmedia.g2afse.com/	1970-01-20 20:51:14	Name: afclick Value: 64712a8300c52500013fbd1c
103.4.144.218/	1970-01-20 21:41:38	Name: _ga Value: GA1.1.382204170.1685138053
103.4.144.218/	1970-01-20 12:07:04	Name: _gid Value: GA1.1.1738461321.1685138053
103.4.144.218/	1970-01-20 12:05:38	Name: _gat_gtag_UA_127081483_1 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admoustache.media-412.com
armorads.aftrad-visit.com
cdn.addlnk.com
esxsk.heparienized.store
harrenmedia.g2afse.com
lynku.jukminung.com
rezi.turetou.com
stellarsuperfluous.com
tonic.eygenci.com
www.google-analytics.com
www.googletagmanager.com
www.turbotrck.art
103.4.144.218
198.136.58.26
205.251.155.223
2606:4700:3030::6815:4a8d
2606:4700:3031::ac43:92ee
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2008
2a06:98c1:3121::3
34.91.142.64
34.91.27.112
51.68.85.158
67.212.184.146
0391e538c6e0fe556ca7cc1c9f977dd5f7f2af528aa9f2e726c04390179bbeb9
072c4714addcb93de0d1eacf38fd245e5129858b14735c61cd0bbe5f86448b34
08a7fba4edacd5a7de076a7955d8cc59210b3424b97dd99e62351a33955d5f92
4bd9c50fa714690b5de3fa46477b03304b561523ae245bdc1d572959420aa12d
4e38e2ab278bd02c2ed179e3e8121c50b6afe6bb4f3c90bbaf7acdbd82cc8fd7
5a98075a2f90feefbe5eeb202407f6bc4ebb77f35de43ae7d9ecfc58af9a7211
69fae3a78bbd5315916245db7b083aa9133a097acfa9e10a697d4263f210c5ad
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
7b5ffea1f4d9a35e2c28d18dea7b5754f38f3f2ba4d8b167704a81dd1e28cf51
7dc5ab24c1cbb23eeb406f04e317342fe92df1cbc839d1e08beba1c0016975b4
8ee16df12d4340434b15fcb00ac5da2898784c9cca2f5b86f80e9ff4b7d80be9
8fcc382f7b1860644602db0eec1e6936af8ab265991f38558bdd73c6e4836d05
92309a1cf00885c6b663a57dfb04fa130c90a512343b0762613d4c2d10a3462e
926dd90cf7fd24eac6e9e3e7e005078f88cfd15523ebf17b8ba89db3475b9201
a04176e3cf2867b819af24e435250b5fcc05001bd1f8d9d2ae2415840168bcef
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

103.4.144.218 Open in urlscan Pro 103.4.144.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

36 Requests

89 %HTTPS

42 %IPv6

12 Domains

12 Subdomains

9 IPs

5 Countries

5743 kBTransfer

5908 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

103.4.144.218 Open in urlscan Pro
103.4.144.218 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

89 %
HTTPS

42 %
IPv6

12
Domains

12
Subdomains

9
IPs

5
Countries

5743 kB
Transfer

5908 kB
Size

12
Cookies

36 HTTP transactions
0 data transactions