Submitted URL: http://4811u.tistok3r4.cc/
Effective URL: https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
Submission Tags: falconsandbox
Submission: On June 22 via api from US — Scanned from DE

Summary

This website contacted 8 IPs in 4 countries across 12 domains to perform 10 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in and belongs to . The main domain is popmyads.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 3rd 2022. Valid for: a year.
This is the only time popmyads.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 67.202.114.212 32748 (STEADFAST)
1 2a02:4780:1:7... 47583 (AS-HOSTINGER)
1 1 64.227.23.114 14061 (DIGITALOC...)
3 99.198.108.194 32475 (SINGLEHOP...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 3 51.68.81.31 16276 (OVH)
1 1 34.141.137.168 396982 (GOOGLE-CL...)
1 1 51.161.115.163 16276 (OVH)
1 1 23.235.251.114 ()
1 1 142.93.240.225 ()
1 1 51.83.143.92 ()
1 2a06:98c1:312... ()
10 8
Apex Domain
Subdomains
Transfer
3 offermyvist.com
www.offermyvist.com — Cisco Umbrella Rank: 460974
6 KB
3 redirectmaster.com
monkey.redirectmaster.com
7 KB
3 amung.us
whos.amung.us — Cisco Umbrella Rank: 14886
widgets.amung.us — Cisco Umbrella Rank: 16044
2 KB
1 popmyads.com
popmyads.com
1 labtrffc.com
cola.labtrffc.com
283 B
1 goldwinds.xyz
redir.goldwinds.xyz
430 B
1 tealwinds.xyz
48.us.tealwinds.xyz
245 B
1 goldensevenseas.net
t3.goldensevenseas.net — Cisco Umbrella Rank: 123833
296 B
1 go2affise.com
admoustache.go2affise.com — Cisco Umbrella Rank: 72558
239 B
1 thegadgetguru.club
polo.thegadgetguru.club — Cisco Umbrella Rank: 710920
295 B
1 akcggi.buzz
akcggi.buzz
482 B
1 tistok3r4.cc
4811u.tistok3r4.cc
912 B
10 12
Domain Requested by
3 www.offermyvist.com 2 redirects monkey.redirectmaster.com
3 monkey.redirectmaster.com akcggi.buzz
monkey.redirectmaster.com
2 whos.amung.us 1 redirects 4811u.tistok3r4.cc
popmyads.com
1 popmyads.com www.offermyvist.com
1 cola.labtrffc.com 1 redirects
1 redir.goldwinds.xyz 1 redirects
1 48.us.tealwinds.xyz 1 redirects
1 t3.goldensevenseas.net 1 redirects
1 admoustache.go2affise.com 1 redirects
1 widgets.amung.us
1 polo.thegadgetguru.club 1 redirects
1 akcggi.buzz 4811u.tistok3r4.cc
1 4811u.tistok3r4.cc
10 13

This site contains no links.

Subject Issuer Validity Valid
akcggi.buzz
R3
2022-04-26 -
2022-07-25
3 months crt.sh
monkey.redirectmaster.com
R3
2022-06-07 -
2022-09-05
3 months crt.sh
www.offermyvist.com
R3
2022-05-04 -
2022-08-02
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-03 -
2023-06-02
a year crt.sh

This page contains 1 frames:

Primary Page: https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
Frame ID: FF0E2E5907198620568A4B3DDF067474
Requests: 10 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://4811u.tistok3r4.cc/ Page URL
  2. https://polo.thegadgetguru.club/?k=d9fc07ab86481e86cca084bdb0dbf71b&type=mainstream&subtype=global HTTP 302
    https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
  3. https://monkey.redirectmaster.com/?utm_term=7112120140275122250&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
  4. https://monkey.redirectmaster.com/proc.php?23b5c252b26dc56d59936388d220870ab29bb2e1 Page URL
  5. https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112120140275122250&website... Page URL
  6. https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112120140275122250&website... HTTP 302
    https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112120140275122250&website... HTTP 302
    https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000d14469d4c94986cfa271faec539... HTTP 302
    https://t3.goldensevenseas.net/c.php?p=c:o6450ylcdnn31butk&d=624e9ea3e8e2a8163b65d246&s=503&pid=62b3539602a... HTTP 302
    https://48.us.tealwinds.xyz/feed/?link=true&tid=48&subid=48.503&ref=&s1=62b35397a2f3447cb404ca9e HTTP 301
    https://redir.goldwinds.xyz/click/invalid/?tid=48&subid=48.503 HTTP 302
    https://cola.labtrffc.com/r.php?p=c:xecd97ullhqs49nas&d=62a055db84c90235f05e05a1&s=36 HTTP 302
    https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20= Page URL

Page Statistics

10
Requests

60 %
HTTPS

31 %
IPv6

12
Domains

13
Subdomains

8
IPs

4
Countries

15 kB
Transfer

24 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://4811u.tistok3r4.cc/ Page URL
  2. https://polo.thegadgetguru.club/?k=d9fc07ab86481e86cca084bdb0dbf71b&type=mainstream&subtype=global HTTP 302
    https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
  3. https://monkey.redirectmaster.com/?utm_term=7112120140275122250&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90 Page URL
  4. https://monkey.redirectmaster.com/proc.php?23b5c252b26dc56d59936388d220870ab29bb2e1 Page URL
  5. https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112120140275122250&website=4400-8553b05z&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea91 Page URL
  6. https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112120140275122250&website=4400-8553b05z&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea91&eyeg=bce9f69627e8dc366a0da47577a9cf02&eyer=0.7884841832324903&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
    https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112120140275122250&website=4400-8553b05z&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea91&eyeg=3&eyer=0.7884841832324903&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
    https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000d14469d4c94986cfa271faec539307f60622-202206-flb*5504646-65846*M7112120140275122250*sl_5504646-65846*a3b555a5429e88dc6b375b12c487402f608c92f5*4400-8553b05z*4400 HTTP 302
    https://t3.goldensevenseas.net/c.php?p=c:o6450ylcdnn31butk&d=624e9ea3e8e2a8163b65d246&s=503&pid=62b3539602a85a00016f9f27 HTTP 302
    https://48.us.tealwinds.xyz/feed/?link=true&tid=48&subid=48.503&ref=&s1=62b35397a2f3447cb404ca9e HTTP 301
    https://redir.goldwinds.xyz/click/invalid/?tid=48&subid=48.503 HTTP 302
    https://cola.labtrffc.com/r.php?p=c:xecd97ullhqs49nas&d=62a055db84c90235f05e05a1&s=36 HTTP 302
    https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://polo.thegadgetguru.club/?k=d9fc07ab86481e86cca084bdb0dbf71b&type=mainstream&subtype=global HTTP 302
  • https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Request Chain 4
  • http://whos.amung.us/widget/notengofyo.png HTTP 307
  • http://widgets.amung.us/classic/00/86.png

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
4811u.tistok3r4.cc/
218 B
912 B
Document
General
Full URL
http://4811u.tistok3r4.cc/
Protocol
HTTP/1.1
Server
2606:4700:3030::6815:4b43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80f5b4426bbeaf124ce5fb8406659bd7ce0813e86dc1808f4e64e8a59dfb6d17

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
CF-Cache-Status
DYNAMIC
CF-RAY
71f6c202293b915e-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Length
194
Content-Type
text/html
Date
Wed, 22 Jun 2022 17:38:29 GMT
Last-Modified
Tue, 21 Jun 2022 07:41:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfuBJ%2FZJ6mUsQKZoLFh4O3TenCwGzSTRVV8VthdNaLH91VD2BkIKjJtzefJaNKqw%2FUN5WZoNRO8vSDmqPcwnNLqVbmM2vdNYw6PUA3%2F2y%2FEqfEPO38yEcmN105yo6Fd94VEcorys3lSAjBzN3aVzZt4%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
whos.amung.us/pingjs/
27 B
27 B
Image
General
Full URL
http://whos.amung.us/pingjs/?k=equipomg&t=QUEPANCHITO&x=https://rochyrd.com/
Requested by
Host: 4811u.tistok3r4.cc
URL: http://4811u.tistok3r4.cc/
Protocol
HTTP/1.1
Server
67.202.114.212 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://4811u.tistok3r4.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 17:38:29 GMT
content-encoding
gzip
transfer-encoding
chunked
content-type
text/javascript;charset=UTF-8
black.php
akcggi.buzz/newera/
190 B
482 B
Script
General
Full URL
https://akcggi.buzz/newera/black.php
Requested by
Host: 4811u.tistok3r4.cc
URL: http://4811u.tistok3r4.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:1:750:0:20f1:3c8:3 , United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.26
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://4811u.tistok3r4.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/7.4.26
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
date
Wed, 22 Jun 2022 17:38:29 GMT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
178
/
monkey.redirectmaster.com/
Redirect Chain
  • https://polo.thegadgetguru.club/?k=d9fc07ab86481e86cca084bdb0dbf71b&type=mainstream&subtype=global
  • https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
3 KB
2 KB
Document
General
Full URL
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Requested by
Host: akcggi.buzz
URL: https://akcggi.buzz/newera/black.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.0.11
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
http://4811u.tistok3r4.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 22 Jun 2022 17:38:30 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://monkey.redirectmaster.com/?utm_term=7112120140275122250&ver=4viyaptcjo
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.0.11

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 22 Jun 2022 17:38:29 GMT
Location
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Server
nginx/1.16.1 (Ubuntu)
86.png
widgets.amung.us/classic/00/
Redirect Chain
  • http://whos.amung.us/widget/notengofyo.png
  • http://widgets.amung.us/classic/00/86.png
1 KB
2 KB
Image
General
Full URL
http://widgets.amung.us/classic/00/86.png
Protocol
HTTP/1.1
Server
2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://4811u.tistok3r4.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 22 Jun 2022 17:38:29 GMT
CF-Cache-Status
HIT
last-modified
Sun, 13 Jun 2010 09:03:09 GMT
Server
cloudflare
Age
6532
etag
"4c149ecd-5fe"
Vary
Accept-Encoding
Content-Type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
71f6c206f86a6901-FRA
Content-Length
1534
expires
Thu, 23 Jun 2022 15:49:37 GMT

Redirect headers

location
http://widgets.amung.us/classic/00/86.png
date
Wed, 22 Jun 2022 17:38:29 GMT
cache-control
no-cache, no-store, must-revalidate
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
/
monkey.redirectmaster.com/
8 KB
3 KB
Document
General
Full URL
https://monkey.redirectmaster.com/?utm_term=7112120140275122250&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90
Requested by
Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.0.11
Resource Hash
ce0e75175d8c3d5a45457ac1cba16677c5501aac1a5fc5ad8e6cd22efce3d36b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 22 Jun 2022 17:38:30 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.0.11
proc.php
monkey.redirectmaster.com/
4 KB
2 KB
Document
General
Full URL
https://monkey.redirectmaster.com/proc.php?23b5c252b26dc56d59936388d220870ab29bb2e1
Requested by
Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_term=7112120140275122250&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.0.11
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://monkey.redirectmaster.com/?utm_term=7112120140275122250&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 22 Jun 2022 17:38:30 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112120140275122250&website=4400-8553b05z&placement=4400
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.0.11
/
www.offermyvist.com/
5 KB
5 KB
Document
General
Full URL
https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112120140275122250&website=4400-8553b05z&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea91
Requested by
Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/proc.php?23b5c252b26dc56d59936388d220870ab29bb2e1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://monkey.redirectmaster.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Wed, 22 Jun 2022 17:38:30 GMT
Transfer-Encoding
chunked
Primary Request aHR0cDovL3RyYWZmaXgxMy5jb20=
popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/
Redirect Chain
  • https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112120140275122250&website=4400-8553b05z&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd838...
  • https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112120140275122250&website=4400-8553b05z&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd838...
  • https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=33000d14469d4c94986cfa271faec539307f60622-202206-flb*5504646-65846*M7112120140275122250*sl_5504646-65846*a3b555a5429e88...
  • https://t3.goldensevenseas.net/c.php?p=c:o6450ylcdnn31butk&d=624e9ea3e8e2a8163b65d246&s=503&pid=62b3539602a85a00016f9f27
  • https://48.us.tealwinds.xyz/feed/?link=true&tid=48&subid=48.503&ref=&s1=62b35397a2f3447cb404ca9e
  • https://redir.goldwinds.xyz/click/invalid/?tid=48&subid=48.503
  • https://cola.labtrffc.com/r.php?p=c:xecd97ullhqs49nas&d=62a055db84c90235f05e05a1&s=36
  • https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
2 KB
0
Document
General
Full URL
https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
Requested by
Host: www.offermyvist.com
URL: https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112120140275122250&website=4400-8553b05z&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea91
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

Referer
https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7112120140275122250&website=4400-8553b05z&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea91
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
71f6c21d085e9214-FRA
content-encoding
br
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=UTF-8
date
Wed, 22 Jun 2022 17:38:33 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEl%2B0PiJunhvINlBJAUP7jOzK0MysQMAMc2dRO03%2B77%2F5vBa0s3b2wUw92KK3pIh%2B2Oq1HqYtRHEpAJXfW9Jrwp90FCQ1M7osXn7PVrHLLYjGdaD3ZM2Tv54dfbYafDJckZWnwuxVNviW3U%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
DENY
x-powered-by
PHP/7.1.33

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 22 Jun 2022 17:38:33 GMT
Location
https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
Raund
2fo
Round
11kgq037yu
Server
nginx
popmyads.png
whos.amung.us/swidget/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
whos.amung.us
URL
https://whos.amung.us/swidget/popmyads.png

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

2 Cookies

Domain/Path Name / Value
monkey.redirectmaster.com/ Name: u
Value: cdc552ccf7017204a320a65a20275042
admoustache.go2affise.com/ Name: afclick
Value: 62b3539602a85a00016f9f27