ctur5c8hubcc73cknlo0.alphaloopconnect.com Open in urlscan Pro
108.62.60.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://intranet.alkohotel.com/
Effective URL:
https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d...
Submission: On January 07 via api (January 7th 2025, 11:03:16 pm UTC) from US — Scanned from US

Summary HTTP 32 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 1 countries across 8 domains to perform 32 HTTP transactions. The main IP is 108.62.60.42, located in Seattle, United States and belongs to LEASEWEB-USA-SEA, US. The main domain is ctur5c8hubcc73cknlo0.alphaloopconnect.com.
TLS certificate: Issued by R10 on November 16th 2024. Valid for: 3 months.

This is the only time ctur5c8hubcc73cknlo0.alphaloopconnect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	69.16.230.165 69.16.230.165	32244 (LIQUIDWEB) (LIQUIDWEB)
1 2	15.197.224.234 15.197.224.234	16509 (AMAZON-02) (AMAZON-02)
1	130.211.29.114 130.211.29.114	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.241.15.240 35.241.15.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	173.239.53.32 173.239.53.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	108.62.157.10 108.62.157.10	396190 (LEASEWEB-...) (LEASEWEB-USA-SEA)
24	108.62.60.42 108.62.60.42	396190 (LEASEWEB-...) (LEASEWEB-USA-SEA)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
32	7

2 69.16.230.165 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: haproxy05.parklogic.com

intranet.alkohotel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.224.234 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ab226b763647f1870.awsglobalaccelerator.com

lndk-a4.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.29.114 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com

cdn.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.15.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.15.241.35.bc.googleusercontent.com

cas.avalon.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.239.53.32 (New York, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml-v4.lensgard-2.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.62.157.10 (Seattle, United States) 1 redirects

ASN396190 (LEASEWEB-USA-SEA, US)

activetimeflows.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 108.62.60.42 (Seattle, United States)

ASN396190 (LEASEWEB-USA-SEA, US)

ctur5c8hubcc73cknlo0.alphaloopconnect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	alphaloopconnect.com ctur5c8hubcc73cknlo0.alphaloopconnect.com	338 KB
3	perfdrive.com cdn.perfdrive.com — Cisco Umbrella Rank: 42639 cas.avalon.perfdrive.com — Cisco Umbrella Rank: 12953	90 KB
2	lndk-a4.online 1 redirects lndk-a4.online	21 KB
2	alkohotel.com intranet.alkohotel.com	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 847	82 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	activetimeflows.com 1 redirects activetimeflows.com — Cisco Umbrella Rank: 270128	436 B
1	lensgard-2.online 1 redirects xml-v4.lensgard-2.online	348 B
32	8

	Domain	Requested by
24	ctur5c8hubcc73cknlo0.alphaloopconnect.com	lndk-a4.online ctur5c8hubcc73cknlo0.alphaloopconnect.com
2	cas.avalon.perfdrive.com	cdn.perfdrive.com
2	lndk-a4.online	1 redirects intranet.alkohotel.com
2	intranet.alkohotel.com	intranet.alkohotel.com
1	code.jquery.com	ctur5c8hubcc73cknlo0.alphaloopconnect.com
1	fonts.googleapis.com	ctur5c8hubcc73cknlo0.alphaloopconnect.com
1	activetimeflows.com	1 redirects
1	xml-v4.lensgard-2.online	1 redirects
1	cdn.perfdrive.com	lndk-a4.online
32	9

This site contains links to these domains. Also see Links.

Domain
activetimeflows.com

Subject Issuer	Validity	Valid
intranet.alkohotel.com R10	`2025-01-07` - `2025-04-07`	3 months	crt.sh
lndk-a4.online Amazon RSA 2048 M03	`2024-11-22` - `2025-12-21`	a year	crt.sh
*.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2024-09-20` - `2025-09-26`	a year	crt.sh
cas.avalon.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2024-07-26` - `2025-08-05`	a year	crt.sh
*.alphaloopconnect.com R10	`2024-11-16` - `2025-02-14`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10
Frame ID: 7CF411E6D7797B980B87E091FF5AE92B
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

McAfee Mobile Security - Protection for Android & iPhone

Page URL History Show full URLs

http://intranet.alkohotel.com/ HTTP 307
https://intranet.alkohotel.com/ Page URL
https://intranet.alkohotel.com/page/bouncy.php?&bpae=GbhGdzsnokx%2FjkvWnTUTAxdgG7fspmZHqudRuXH7VRK3bxRf2L1p... Page URL
http://lndk-a4.online/api/v1/px?xmlid=c2TB50c6zVTvsU9eF4q2fMhndPGYCsKNRrHVl7qY HTTP 307
https://lndk-a4.online/api/v1/px?xmlid=c2TB50c6zVTvsU9eF4q2fMhndPGYCsKNRrHVl7qY Page URL
https://lndk-a4.online/api/v1/pxcheck?impId=c2TB50c6zVTvsU9eF4q2fMhndPGYCsKNRrHVl7qY&minfo=eyJjb29r... HTTP 302
http://xml-v4.lensgard-2.online/click?seat=3074269&i=CAZONqrV-Ho_0 HTTP 307
https://xml-v4.lensgard-2.online/click?seat=3074269&i=CAZONqrV-Ho_0 HTTP 302
https://activetimeflows.com/index?cid=26ffd4ee87dd2427241e&extclickid=&bid=0.01&t1=b5b4f19ddb7e93ef59ddc... HTTP 307
https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_ke... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

100 %
HTTPS

22 %
IPv6

8
Domains

9
Subdomains

7
IPs

1
Countries

534 kB
Transfer

1082 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://activetimeflows.com/index?lp=1
Title: Update antivirus

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://intranet.alkohotel.com/ HTTP 307
https://intranet.alkohotel.com/ Page URL
https://intranet.alkohotel.com/page/bouncy.php?&bpae=GbhGdzsnokx%2FjkvWnTUTAxdgG7fspmZHqudRuXH7VRK3bxRf2L1pzwJoEBx0tFjT4xsWbvUREiVWjiP83aXxOs0BTHsFZAIgb4h1yRBxvMntUV%2FIDyezFBNOM%2FxmQS6sNnksOkpL8sycz79Rg2gT1xobm3yWT33ryIHGoD35eC0r19ezTYv%2FxJ3P8xP6sEp3NionHHO9uKYjnpLHkQGTwSIzAJDpRYJdlCTNIj3P1dCwUUp3Ar72ZOTmTV7a2P6u2Dqwa6gxvgC5uPAQlZ9VKZd6L43Ao4TZbz%2BsWB1HMEcruqxc%2F%2BwiNhtkfysPYO1tZxvwSgHj2Wc0wSyb1Co%2BoEoDQ9jl2QkCf8d0TXoDcr%2Br7yipMKZGb%2Fc%2FxsfnKWaV8mhHnx4OZUcBGFAyWyJegVOUnF76jLoshpqpPIz6mHkhgElGE6jRAwRSJVeVlXfX2%2F4viEuqlRx9P2Pg6gkG8No6&redirectType=js&inIframe=false&inPopUp=false Page URL
http://lndk-a4.online/api/v1/px?xmlid=c2TB50c6zVTvsU9eF4q2fMhndPGYCsKNRrHVl7qY HTTP 307
https://lndk-a4.online/api/v1/px?xmlid=c2TB50c6zVTvsU9eF4q2fMhndPGYCsKNRrHVl7qY Page URL
https://lndk-a4.online/api/v1/pxcheck?impId=c2TB50c6zVTvsU9eF4q2fMhndPGYCsKNRrHVl7qY&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKExpbnV4OyBBbmRyb2lkIDEwOyBLKSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI4LjAuNjYxMy44OCBNb2JpbGUgU2FmYXJpLzUzNy4zNiIsImlmcmFtZSI6ZmFsc2UsImRldmljZVBpeGVsUmF0aW8iOjEsInduZExvY0hyZWYiOiJodHRwczovL2xuZGstYTQub25saW5lL2FwaS92MS9weD94bWxpZD1jMlRCNTBjNnpWVHZzVTllRjRxMmZNaG5kUEdZQ3NLTlJySFZsN3FZIiwiZGV2aWNlU3JlZW5TaXplIjoiMTIwMHgxNjAwIiwiZGV2aWNlV2luZG93U2l6ZSI6IjEyMDB4MTYwMCIsInduZDJzcmNSYXRpb0x3cjA2IjpmYWxzZSwiZWZmZWN0aXZlVHlwZSI6IjRnIiwidHoiOjYwMCwidHpJbnRsIjoiUGFjaWZpYy9Ib25vbHVsdSIsImlzQm90IjpmYWxzZSwiZkJvdE5hbWUiOiIiLCJmUmVhc29ucyI6IiJ9 HTTP 302
http://xml-v4.lensgard-2.online/click?seat=3074269&i=CAZONqrV-Ho_0 HTTP 307
https://xml-v4.lensgard-2.online/click?seat=3074269&i=CAZONqrV-Ho_0 HTTP 302
https://activetimeflows.com/index?cid=26ffd4ee87dd2427241e&extclickid=&bid=0.01&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&carrier=i3D.net&type=default&campaign=1535983&query=alkohotel.com&state=ca HTTP 307
https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://intranet.alkohotel.com/ HTTP 307
https://intranet.alkohotel.com/

Request Chain 2

http://lndk-a4.online/api/v1/px?xmlid=c2TB50c6zVTvsU9eF4q2fMhndPGYCsKNRrHVl7qY HTTP 307
https://lndk-a4.online/api/v1/px?xmlid=c2TB50c6zVTvsU9eF4q2fMhndPGYCsKNRrHVl7qY

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
intranet.alkohotel.com/
Redirect Chain

http://intranet.alkohotel.com/
https://intranet.alkohotel.com/

2 KB
883 B

1135ms
678ms

Document
text/html

69.16.230.165
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://intranet.alkohotel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.230.165 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: haproxy05.parklogic.com
Software: /
Resource Hash: 28871707672d598c9c9b795c3424f2319e4f181c17708f0b1b5e4c831cf7ecd7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Tue, 07 Jan 2025 23:03:11 GMT
pragma: no-cache

Redirect headers

Location: https://intranet.alkohotel.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 bouncy.php Show response
intranet.alkohotel.com/page/ 760 B
484 B 159ms
158ms Document
text/html 69.16.230.165
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://intranet.alkohotel.com/page/bouncy.php?&bpae=GbhGdzsnokx%2FjkvWnTUTAxdgG7fspmZHqudRuXH7VRK3bxRf2L1pzwJoEBx0tFjT4xsWbvUREiVWjiP83aXxOs0BTHsFZAIgb4h1yRBxvMntUV%2FIDyezFBNOM%2FxmQS6sNnksOkpL8sycz79Rg2gT1xobm3yWT33ryIHGoD35eC0r19ezTYv%2FxJ3P8xP6sEp3NionHHO9uKYjnpLHkQGTwSIzAJDpRYJdlCTNIj3P1dCwUUp3Ar72ZOTmTV7a2P6u2Dqwa6gxvgC5uPAQlZ9VKZd6L43Ao4TZbz%2BsWB1HMEcruqxc%2F%2BwiNhtkfysPYO1tZxvwSgHj2Wc0wSyb1Co%2BoEoDQ9jl2QkCf8d0TXoDcr%2Br7yipMKZGb%2Fc%2FxsfnKWaV8mhHnx4OZUcBGFAyWyJegVOUnF76jLoshpqpPIz6mHkhgElGE6jRAwRSJVeVlXfX2%2F4viEuqlRx9P2Pg6gkG8No6&redirectType=js&inIframe=false&inPopUp=false
Requested by: Host: intranet.alkohotel.com
URL: https://intranet.alkohotel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.230.165 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: haproxy05.parklogic.com
Software: /
Resource Hash: 4c49bdafe2433e2e62a4769bd08d7761f8490951617f89258ce95f75614f4ead

Request headers

Referer: https://intranet.alkohotel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Tue, 07 Jan 2025 23:03:11 GMT
pragma: no-cache

GET
H2

200

px Show response
lndk-a4.online/api/v1/
Redirect Chain

http://lndk-a4.online/api/v1/px?xmlid=c2TB50c6zVTvsU9eF4q2fMhndPGYCsKNRrHVl7qY
https://lndk-a4.online/api/v1/px?xmlid=c2TB50c6zVTvsU9eF4q2fMhndPGYCsKNRrHVl7qY

90 KB
21 KB

382ms
153ms

Document
text/html

15.197.224.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lndk-a4.online/api/v1/px?xmlid=c2TB50c6zVTvsU9eF4q2fMhndPGYCsKNRrHVl7qY
Requested by: Host: intranet.alkohotel.com
URL: https://intranet.alkohotel.com/page/bouncy.php?&bpae=GbhGdzsnokx%2FjkvWnTUTAxdgG7fspmZHqudRuXH7VRK3bxRf2L1pzwJoEBx0tFjT4xsWbvUREiVWjiP83aXxOs0BTHsFZAIgb4h1yRBxvMntUV%2FIDyezFBNOM%2FxmQS6sNnksOkpL8sycz79Rg2gT1xobm3yWT33ryIHGoD35eC0r19ezTYv%2FxJ3P8xP6sEp3NionHHO9uKYjnpLHkQGTwSIzAJDpRYJdlCTNIj3P1dCwUUp3Ar72ZOTmTV7a2P6u2Dqwa6gxvgC5uPAQlZ9VKZd6L43Ao4TZbz%2BsWB1HMEcruqxc%2F%2BwiNhtkfysPYO1tZxvwSgHj2Wc0wSyb1Co%2BoEoDQ9jl2QkCf8d0TXoDcr%2Br7yipMKZGb%2Fc%2FxsfnKWaV8mhHnx4OZUcBGFAyWyJegVOUnF76jLoshpqpPIz6mHkhgElGE6jRAwRSJVeVlXfX2%2F4viEuqlRx9P2Pg6gkG8No6&redirectType=js&inIframe=false&inPopUp=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.224.234 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab226b763647f1870.awsglobalaccelerator.com
Software: /
Resource Hash: 91fb563b536cea55e9494b83c022bcacdc47c50bf23db297bbc26c7a5e55a973

Request headers

Referer: https://intranet.alkohotel.com/page/bouncy.php?&bpae=GbhGdzsnokx%2FjkvWnTUTAxdgG7fspmZHqudRuXH7VRK3bxRf2L1pzwJoEBx0tFjT4xsWbvUREiVWjiP83aXxOs0BTHsFZAIgb4h1yRBxvMntUV%2FIDyezFBNOM%2FxmQS6sNnksOkpL8sycz79Rg2gT1xobm3yWT33ryIHGoD35eC0r19ezTYv%2FxJ3P8xP6sEp3NionHHO9uKYjnpLHkQGTwSIzAJDpRYJdlCTNIj3P1dCwUUp3Ar72ZOTmTV7a2P6u2Dqwa6gxvgC5uPAQlZ9VKZd6L43Ao4TZbz%2BsWB1HMEcruqxc%2F%2BwiNhtkfysPYO1tZxvwSgHj2Wc0wSyb1Co%2BoEoDQ9jl2QkCf8d0TXoDcr%2Br7yipMKZGb%2Fc%2FxsfnKWaV8mhHnx4OZUcBGFAyWyJegVOUnF76jLoshpqpPIz6mHkhgElGE6jRAwRSJVeVlXfX2%2F4viEuqlRx9P2Pg6gkG8No6&redirectType=js&inIframe=false&inPopUp=false
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 07 Jan 2025 23:03:12 GMT
etag: W/"1698b-XJxLvE0EIl1ocQyzxD8ZwpkWXb4"
vary: Accept-Encoding

Redirect headers

Location: https://lndk-a4.online/api/v1/px?xmlid=c2TB50c6zVTvsU9eF4q2fMhndPGYCsKNRrHVl7qY
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 stormcaster.js Show response
cdn.perfdrive.com/advanced/ 240 KB
90 KB 221ms
64ms Script
application/javascript 130.211.29.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Requested by: Host: lndk-a4.online
URL: https://lndk-a4.online/api/v1/px?xmlid=c2TB50c6zVTvsU9eF4q2fMhndPGYCsKNRrHVl7qY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.29.211.130.bc.googleusercontent.com
Software: nginx/1.10.1 /
Resource Hash: 06355098292635455e261866d3ae12f98ce81e3dac79295425ed5863e823e79f

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://lndk-a4.online/

Response headers

cache-control: max-age=3600,public
content-encoding: gzip
etag: W/"674e9703-3bf3a"
age: 1427
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91395
date: Tue, 07 Jan 2025 22:39:25 GMT
last-modified: Tue, 03 Dec 2024 05:28:35 GMT
content-type: application/javascript
server: nginx/1.10.1
vary: Accept-Encoding

POST
H2 200 jsdata
cas.avalon.perfdrive.com/ 360 B
505 B 215ms
62ms XHR
text/plain 35.241.15.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://lndk-a4.online/

Response headers

via: 1.1 google
x-response-time: 1ms
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
date: Tue, 07 Jan 2025 23:03:12 GMT
content-type: text/plain; charset=UTF-8

POST
H2 200 jsdata
cas.avalon.perfdrive.com/ 198 B
256 B 215ms
64ms XHR
text/plain 35.241.15.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://lndk-a4.online/

Response headers

via: 1.1 google
x-response-time: 2ms
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198
date: Tue, 07 Jan 2025 23:03:12 GMT
content-type: text/plain; charset=UTF-8

GET
H/1.1

200
OK

Primary Request / Show response
ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/
Redirect Chain

https://lndk-a4.online/api/v1/pxcheck?impId=c2TB50c6zVTvsU9eF4q2fMhndPGYCsKNRrHVl7qY&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKExpbnV4OyBBbmRyb2lkIDEwOyBLKSBBcHBsZVdlYktpdC81Mz...
http://xml-v4.lensgard-2.online/click?seat=3074269&i=CAZONqrV-Ho_0
https://xml-v4.lensgard-2.online/click?seat=3074269&i=CAZONqrV-Ho_0
https://activetimeflows.com/index?cid=26ffd4ee87dd2427241e&extclickid=&bid=0.01&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&carrier=i3D.net&type=default&campaign=1535983&query=alkohotel.com&state=ca
https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com...

51 KB
10 KB

439ms
99ms

Document
text/html

108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Requested by

Host: lndk-a4.online
URL: https://lndk-a4.online/api/v1/px?xmlid=c2TB50c6zVTvsU9eF4q2fMhndPGYCsKNRrHVl7qY

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e0b0a4fa50681175022f0cb577a4aab6582b1537b0a46292954dcc0154fb7377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Jan 2025 23:03:14 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

content-length: 0
date: Tue, 07 Jan 2025 23:03:13 GMT
location: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10
server: Caddy
x-request-id: 5246a4bc-1888-43f9-b51b-59cd631cf820

GET
H/1.1 200
OK style.min.css
ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/ 19 KB
3 KB 102ms
98ms Stylesheet
text/css 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/style.min.css

Requested by

Host: ctur5c8hubcc73cknlo0.alphaloopconnect.com
URL: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

4742acbbd2d2add6fc5f1eac697dc51ec5f272259dac8ee3b698bbd83477c153

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=604800
Content-Encoding: gzip
ETag: W/"66bf1253-4c71"
Connection: keep-alive
Expires: Tue, 14 Jan 2025 23:03:14 GMT
Date: Tue, 07 Jan 2025 23:03:14 GMT
Content-Type: text/css
Last-Modified: Fri, 16 Aug 2024 08:48:19 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 33 KB
2 KB 384ms
134ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d1914c02113dc6712f9c2a44695c8fc3d217c1f71935dda4aa8ded4bec7884f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 07 Jan 2025 23:03:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 07 Jan 2025 23:03:14 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 07 Jan 2025 21:11:36 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 jquery-3.7.1.js Show response
code.jquery.com/ 279 KB
82 KB 190ms
61ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.7.1.js
Requested by: Host: ctur5c8hubcc73cknlo0.alphaloopconnect.com
URL: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 78a85aca2f0b110c29e0d2b137e09f0a1fb7a8e554b499f740d6744dc8962cfe

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-45a82"
age: 3677052
x-cache: HIT, HIT
date: Tue, 07 Jan 2025 23:03:14 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 13319, 5290
x-served-by: cache-lga21985-LGA, cache-lax-kwhp1940085-LAX
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1736290995.500194,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 83619
server: nginx

GET
H/1.1 200
OK screen.jpg
ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/ 72 KB
73 KB 197ms
95ms Image
image/jpeg 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/screen.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e24954ad40c495d4e840e07ad56c12d407db028491bff8e5ea2b6ae06e8ae98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=604800
ETag: "66bf1255-12159"
Connection: keep-alive
Expires: Tue, 14 Jan 2025 23:03:14 GMT
Accept-Ranges: bytes
Content-Length: 74073
Date: Tue, 07 Jan 2025 23:03:14 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 16 Aug 2024 08:48:21 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK mcafee.png
ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/ 11 KB
12 KB 290ms
100ms Image
image/png 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/mcafee.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e9cbb714cf9892bbd9d728318f5d0d85f8692bb1680da9f428a04185c98857cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=604800
ETag: "66bf1254-2cfc"
Connection: keep-alive
Expires: Tue, 14 Jan 2025 23:03:14 GMT
Accept-Ranges: bytes
Content-Length: 11516
Date: Tue, 07 Jan 2025 23:03:14 GMT
Content-Type: image/png
Last-Modified: Fri, 16 Aug 2024 08:48:20 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK shield.jpg
ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/ 13 KB
14 KB 97ms
96ms Image
image/jpeg 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/shield.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

3a3e05a5940d7f75b56c73e07fe2b4d2f9df34ef4496688f016b3cdcf34f0e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=604800
ETag: "66bf1256-357c"
Connection: keep-alive
Expires: Tue, 14 Jan 2025 23:03:14 GMT
Accept-Ranges: bytes
Content-Length: 13692
Date: Tue, 07 Jan 2025 23:03:14 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 16 Aug 2024 08:48:22 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK cooling.png
ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/ 25 KB
25 KB 96ms
96ms Image
image/png 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/cooling.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

431b9f856a3eeac20798c1f33e52384ac4e6f0d81746058a106ba9039be1f666

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=604800
ETag: "66bf1253-62c9"
Connection: keep-alive
Expires: Tue, 14 Jan 2025 23:03:14 GMT
Accept-Ranges: bytes
Content-Length: 25289
Date: Tue, 07 Jan 2025 23:03:14 GMT
Content-Type: image/png
Last-Modified: Fri, 16 Aug 2024 08:48:19 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK power.jpg
ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/ 9 KB
9 KB 111ms
107ms Image
image/jpeg 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/power.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

39235024b1a1be5e4a64f0956facd654296985d2dca94d1dcdb05543ae539b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=604800
ETag: "66bf1255-2295"
Connection: keep-alive
Expires: Tue, 14 Jan 2025 23:03:14 GMT
Accept-Ranges: bytes
Content-Length: 8853
Date: Tue, 07 Jan 2025 23:03:14 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 16 Aug 2024 08:48:21 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK doc.jpg
ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/ 9 KB
9 KB 285ms
97ms Image
image/jpeg 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/doc.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ec30c8212246648cd0f4ba6ded58c5236969721c95ea83d2e028f4eb5dbf71aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=604800
ETag: "66bf1253-2261"
Connection: keep-alive
Expires: Tue, 14 Jan 2025 23:03:14 GMT
Accept-Ranges: bytes
Content-Length: 8801
Date: Tue, 07 Jan 2025 23:03:14 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 16 Aug 2024 08:48:19 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK s2.jpg
ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/ 18 KB
18 KB 379ms
190ms Image
image/jpeg 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/s2.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

2d07a726df3d16b6b0477ab7498f521f84fcbb985cda278d10fe5834f16352e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=604800
ETag: "66bf1252-4641"
Connection: keep-alive
Expires: Tue, 14 Jan 2025 23:03:14 GMT
Accept-Ranges: bytes
Content-Length: 17985
Date: Tue, 07 Jan 2025 23:03:14 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 16 Aug 2024 08:48:18 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK scanning.jpg
ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/ 9 KB
9 KB 291ms
96ms Image
image/jpeg 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/scanning.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

3ce868b2117438f0da0abbcdad6453d3b71e5d5e0a8875a2cfcee0e67bf945a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=604800
ETag: "66bf1255-232d"
Connection: keep-alive
Expires: Tue, 14 Jan 2025 23:03:14 GMT
Accept-Ranges: bytes
Content-Length: 9005
Date: Tue, 07 Jan 2025 23:03:14 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 16 Aug 2024 08:48:21 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK switch.png
ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/ 935 B
1 KB 95ms
95ms Image
image/png 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/switch.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

4a6f2be6759eb0323fd7b42e584d9cc1adac115af9d366399cff2de2d53ab3db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=604800
ETag: "66bf1256-3a7"
Connection: keep-alive
Expires: Tue, 14 Jan 2025 23:03:14 GMT
Accept-Ranges: bytes
Content-Length: 935
Date: Tue, 07 Jan 2025 23:03:14 GMT
Content-Type: image/png
Last-Modified: Fri, 16 Aug 2024 08:48:22 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK cloud.jpg
ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/ 9 KB
9 KB 96ms
96ms Image
image/jpeg 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/cloud.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

0316e41e57aaf611324281a2ef6840ff58353c091c9b3a64d7226fe59c541e5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=604800
ETag: "66bf1252-22c4"
Connection: keep-alive
Expires: Tue, 14 Jan 2025 23:03:15 GMT
Accept-Ranges: bytes
Content-Length: 8900
Date: Tue, 07 Jan 2025 23:03:15 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 16 Aug 2024 08:48:18 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK wifi.jpg
ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/ 10 KB
10 KB 95ms
94ms Image
image/jpeg 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/wifi.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

4c2f30cf2d8591c4083e5913a00b3b17b42063cf094852921789041ec71b5f57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=604800
ETag: "66bf1256-2617"
Connection: keep-alive
Expires: Tue, 14 Jan 2025 23:03:15 GMT
Accept-Ranges: bytes
Content-Length: 9751
Date: Tue, 07 Jan 2025 23:03:15 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 16 Aug 2024 08:48:22 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK add.jpg
ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/ 9 KB
10 KB 96ms
96ms Image
image/jpeg 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/add.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

77ae2f79a699a4ca382d702415d67e781104f1e4189b2c5aecbe434b1c6aab06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=604800
ETag: "66bf1252-254b"
Connection: keep-alive
Expires: Tue, 14 Jan 2025 23:03:15 GMT
Accept-Ranges: bytes
Content-Length: 9547
Date: Tue, 07 Jan 2025 23:03:15 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 16 Aug 2024 08:48:18 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK protect-btn.jpg
ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/ 9 KB
9 KB 187ms
95ms Image
image/jpeg 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/protect-btn.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

4f45ccad4f2f99b1fd4500d0b34e5cdca4eceac43f9d6cd3d31c50d38291a967

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=604800
ETag: "66bf1254-22da"
Connection: keep-alive
Expires: Tue, 14 Jan 2025 23:03:14 GMT
Accept-Ranges: bytes
Content-Length: 8922
Date: Tue, 07 Jan 2025 23:03:14 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 16 Aug 2024 08:48:20 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK pass.jpg
ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/ 8 KB
8 KB 263ms
96ms Image
image/jpeg 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/pass.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

3df2ba60e306d1d5e897769b138b2ebea35c318a226f54d4891281877dd2fed8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=604800
ETag: "66bf1254-202b"
Connection: keep-alive
Expires: Tue, 14 Jan 2025 23:03:14 GMT
Accept-Ranges: bytes
Content-Length: 8235
Date: Tue, 07 Jan 2025 23:03:14 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 16 Aug 2024 08:48:20 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK life.jpg
ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/ 8 KB
8 KB 178ms
96ms Image
image/jpeg 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/life.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

230d3a51a67d1b03e4fa47e883a9ad87bce28d1bd1712314a84140caf47b7b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=604800
ETag: "66bf1253-2043"
Connection: keep-alive
Expires: Tue, 14 Jan 2025 23:03:14 GMT
Accept-Ranges: bytes
Content-Length: 8259
Date: Tue, 07 Jan 2025 23:03:14 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 16 Aug 2024 08:48:19 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK set.jpg
ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/ 8 KB
8 KB 167ms
99ms Image
image/jpeg 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/set.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a71d569b6887922fd9c72b9e5f71d5d30bbd6548ec16147bceb46a035b8058ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=604800
ETag: "66bf1255-2063"
Connection: keep-alive
Expires: Tue, 14 Jan 2025 23:03:14 GMT
Accept-Ranges: bytes
Content-Length: 8291
Date: Tue, 07 Jan 2025 23:03:14 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 16 Aug 2024 08:48:21 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK profile.jpg
ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/ 8 KB
8 KB 264ms
96ms Image
image/jpeg 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/profile.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

427872de8640905513aa91f2a5ce81333b29c06c911dab7ce5cdcd71e766b9e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=604800
ETag: "66bf1255-2028"
Connection: keep-alive
Expires: Tue, 14 Jan 2025 23:03:14 GMT
Accept-Ranges: bytes
Content-Length: 8232
Date: Tue, 07 Jan 2025 23:03:14 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 16 Aug 2024 08:48:21 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK finish.png
ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/ 47 KB
48 KB 98ms
98ms Image
image/png 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/images/finish.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

ad66c55307a4a9d06994f1de411ab52dc4434a6f6ceacfb7f2f2feddf1e69059

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=604800
ETag: "66bf1253-bdb6"
Connection: keep-alive
Expires: Tue, 14 Jan 2025 23:03:15 GMT
Accept-Ranges: bytes
Content-Length: 48566
Date: Tue, 07 Jan 2025 23:03:15 GMT
Content-Type: image/png
Last-Modified: Fri, 16 Aug 2024 08:48:19 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK main.min.js Show response
ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/ 48 KB
10 KB 100ms
98ms Script
application/javascript 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/main.min.js?1736290994

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

234e6137ac60bb7f91a51f93d22c581c0d942d32ed43b5ea821a25c0c87985d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=604800
Content-Encoding: gzip
ETag: W/"6737553c-c00d"
Connection: keep-alive
Expires: Tue, 14 Jan 2025 23:03:14 GMT
Date: Tue, 07 Jan 2025 23:03:14 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Nov 2024 14:05:48 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 206
Partial Content beep.mp3
ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/ 21 KB
22 KB 96ms
96ms Media
audio/mpeg 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/beep.mp3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

25c5e922a8b8ee52ac7bfcf5600f429e12aa04c53142d34e52cbf8753b4e0e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Range: bytes=0-

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "66bf1251-55b6"
Connection: keep-alive
Content-Range: bytes 0-21941/21942
Content-Length: 21942
Date: Tue, 07 Jan 2025 23:03:15 GMT
Content-Type: audio/mpeg
Last-Modified: Fri, 16 Aug 2024 08:48:17 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK subscription.js Show response
ctur5c8hubcc73cknlo0.alphaloopconnect.com/ 15 KB
4 KB 97ms
97ms Script
application/javascript 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to

Full URL

https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/subscription.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

37ace40f3bf2185a90bd91e50ae0e7e467f8e4e0f2df855b6c51d179bcdf2c4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=604800
Content-Encoding: gzip
ETag: W/"65c15fe5-3a2d"
Connection: keep-alive
Expires: Tue, 14 Jan 2025 23:03:15 GMT
Date: Tue, 07 Jan 2025 23:03:15 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 05 Feb 2024 22:23:33 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 404
Not Found favicon.ico
ctur5c8hubcc73cknlo0.alphaloopconnect.com/ 564 B
427 B 96ms
96ms Other
text/html 108.62.60.42
LEASEWEB-USA-SEA

General

Check archive.org

Show headers Download Go to

Full URL: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 108.62.60.42 Seattle, United States, ASN396190 (LEASEWEB-USA-SEA, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/m10/?cid=26ffd4ee87dd2427241e&extclickid=&clickid=ctur5c8hubcc73cknlo0&lp_key=173626bf8a0a07041d4575433e424408c00a291293&domain=activetimeflows.com&language=en-US&browser=Chrome%20Mobile&type=i3D.net&t1=b5b4f19ddb7e93ef59ddca073&t2=6691641&list=10

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Date: Tue, 07 Jan 2025 23:03:15 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| detect_language object| pushService

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lndk-a4.online/	1970-01-21 06:37:22	Name: __ssds Value: 2
.lndk-a4.online/	1970-01-21 06:37:22	Name: __ssuzjsr2 Value: a9be0cd8e
.lndk-a4.online/	1970-01-21 06:37:22	Name: __uzmaj2 Value: ae0fd864-b76f-4345-b128-d663b384c97b
.lndk-a4.online/	1970-01-21 06:37:22	Name: __uzmbj2 Value: 1736290992
.lndk-a4.online/	1970-01-21 06:37:22	Name: __uzmcj2 Value: 580571013243
.lndk-a4.online/	1970-01-21 06:37:22	Name: __uzmdj2 Value: 1736290992
.lndk-a4.online/	1970-01-21 06:37:22	Name: __uzmlj2 Value: NvKMkBxDgiDwVlUGtpLyBysYOrMoWMfdMTMGejvf31U=
.lndk-a4.online/	1970-01-21 06:37:22	Name: __uzmfj2 Value: 7f60009e7d378b-cb5a-443b-8326-1fd87228d59e17362909928160-3e3d33ee4c602b6b10
activetimeflows.com/	1970-01-21 11:03:46	Name: uclick Value: zOmCwQ9bb9o11OH1P2CY43VoHXeJLszF+a4ITHRGU/sG3whtygmE15rOUbj3GPqQsi3l+teu
activetimeflows.com/	1970-01-21 11:03:46	Name: bcid Value: ctur5c8hubcc73cknlo0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://lndk-a4.online/api/v1/px?xmlid=c2TB50c6zVTvsU9eF4q2fMhndPGYCsKNRrHVl7qY Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B021136C0B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://ctur5c8hubcc73cknlo0.alphaloopconnect.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activetimeflows.com
cas.avalon.perfdrive.com
cdn.perfdrive.com
code.jquery.com
ctur5c8hubcc73cknlo0.alphaloopconnect.com
fonts.googleapis.com
intranet.alkohotel.com
lndk-a4.online
xml-v4.lensgard-2.online
108.62.157.10
108.62.60.42
130.211.29.114
15.197.224.234
173.239.53.32
2607:f8b0:4004:c09::5f
2a04:4e42:600::649
35.241.15.240
69.16.230.165
0316e41e57aaf611324281a2ef6840ff58353c091c9b3a64d7226fe59c541e5e
06355098292635455e261866d3ae12f98ce81e3dac79295425ed5863e823e79f
230d3a51a67d1b03e4fa47e883a9ad87bce28d1bd1712314a84140caf47b7b1a
234e6137ac60bb7f91a51f93d22c581c0d942d32ed43b5ea821a25c0c87985d7
25c5e922a8b8ee52ac7bfcf5600f429e12aa04c53142d34e52cbf8753b4e0e57
28871707672d598c9c9b795c3424f2319e4f181c17708f0b1b5e4c831cf7ecd7
2d07a726df3d16b6b0477ab7498f521f84fcbb985cda278d10fe5834f16352e9
37ace40f3bf2185a90bd91e50ae0e7e467f8e4e0f2df855b6c51d179bcdf2c4b
39235024b1a1be5e4a64f0956facd654296985d2dca94d1dcdb05543ae539b06
3a3e05a5940d7f75b56c73e07fe2b4d2f9df34ef4496688f016b3cdcf34f0e2a
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f
3ce868b2117438f0da0abbcdad6453d3b71e5d5e0a8875a2cfcee0e67bf945a6
3df2ba60e306d1d5e897769b138b2ebea35c318a226f54d4891281877dd2fed8
427872de8640905513aa91f2a5ce81333b29c06c911dab7ce5cdcd71e766b9e1
431b9f856a3eeac20798c1f33e52384ac4e6f0d81746058a106ba9039be1f666
4742acbbd2d2add6fc5f1eac697dc51ec5f272259dac8ee3b698bbd83477c153
4a6f2be6759eb0323fd7b42e584d9cc1adac115af9d366399cff2de2d53ab3db
4c2f30cf2d8591c4083e5913a00b3b17b42063cf094852921789041ec71b5f57
4c49bdafe2433e2e62a4769bd08d7761f8490951617f89258ce95f75614f4ead
4f45ccad4f2f99b1fd4500d0b34e5cdca4eceac43f9d6cd3d31c50d38291a967
77ae2f79a699a4ca382d702415d67e781104f1e4189b2c5aecbe434b1c6aab06
78a85aca2f0b110c29e0d2b137e09f0a1fb7a8e554b499f740d6744dc8962cfe
8d1914c02113dc6712f9c2a44695c8fc3d217c1f71935dda4aa8ded4bec7884f
91fb563b536cea55e9494b83c022bcacdc47c50bf23db297bbc26c7a5e55a973
a71d569b6887922fd9c72b9e5f71d5d30bbd6548ec16147bceb46a035b8058ca
ad66c55307a4a9d06994f1de411ab52dc4434a6f6ceacfb7f2f2feddf1e69059
e0b0a4fa50681175022f0cb577a4aab6582b1537b0a46292954dcc0154fb7377
e24954ad40c495d4e840e07ad56c12d407db028491bff8e5ea2b6ae06e8ae98a
e9cbb714cf9892bbd9d728318f5d0d85f8692bb1680da9f428a04185c98857cd
ec30c8212246648cd0f4ba6ded58c5236969721c95ea83d2e028f4eb5dbf71aa

ctur5c8hubcc73cknlo0.alphaloopconnect.com Open in urlscan Pro 108.62.60.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

100 %HTTPS

22 %IPv6

8 Domains

9 Subdomains

7 IPs

1 Countries

534 kBTransfer

1082 kBSize

10 Cookies

1 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ctur5c8hubcc73cknlo0.alphaloopconnect.com Open in urlscan Pro
108.62.60.42 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

100 %
HTTPS

22 %
IPv6

8
Domains

9
Subdomains

7
IPs

1
Countries

534 kB
Transfer

1082 kB
Size

10
Cookies

32 HTTP transactions
0 data transactions