urlscan.io logo urlscan.io
SecurityTrails logo

sozeight.com Open in urlscan Pro
13.50.59.231  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://c5.clipwavenet.com/
Effective URL: https://sozeight.com/click.php?key=m1t3aj9kajenezm6xo2u&visitor_id=828411292678365931&cost=0.004730&zoneid=7393037&ca...
Submission: On June 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 37 HTTP transactions. The main IP is 13.50.59.231, located in Stockholm, Sweden and belongs to AMAZON-02, US. The main domain is sozeight.com.
TLS certificate: Issued by R3 on May 23rd 2024. Valid for: 3 months.
This is the only time sozeight.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 172.67.140.229 13335 (CLOUDFLAR...)
3 139.45.197.250 9002 (RETN-AS)
9 139.45.197.251 9002 (RETN-AS)
3 139.45.195.8 9002 (RETN-AS)
2 12 2.19.126.217 20940 (AKAMAI-ASN1)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
5 13.50.59.231 16509 (AMAZON-02)
37 9
3    172.67.140.229 (United States)

ASN13335 (CLOUDFLARENET, US)
c5.clipwavenet.com
3    139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)
shaumtol.com
9    139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)
jouteetu.net
3    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
12    2.19.126.217 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-217.deploy.static.akamaitechnologies.com
ak.alklinker.com
2    2a02:26f0:3500:586::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
1    2a02:26f0:3500:998::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
5    13.50.59.231 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-50-59-231.eu-north-1.compute.amazonaws.com
sozeight.com
Apex Domain
Subdomains		 Transfer
12 alklinker.com
ak.alklinker.com — Cisco Umbrella Rank: 541792
33 KB
9 jouteetu.net
jouteetu.net — Cisco Umbrella Rank: 24328
5 sozeight.com
sozeight.com
139 KB
3 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1522
c.go-mpulse.net — Cisco Umbrella Rank: 663
50 KB
3 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 8833
2 KB
3 shaumtol.com
shaumtol.com — Cisco Umbrella Rank: 201397
17 KB
3 clipwavenet.com
c5.clipwavenet.com
17 KB
0 update48451.xyz Failed
update48451.xyz Failed
37 8
Domain Requested by
12 ak.alklinker.com 2 redirects c5.clipwavenet.com
ak.alklinker.com
9 jouteetu.net shaumtol.com
5 sozeight.com sozeight.com
3 my.rtmark.net shaumtol.com
ak.alklinker.com
3 shaumtol.com c5.clipwavenet.com
shaumtol.com
3 c5.clipwavenet.com c5.clipwavenet.com
shaumtol.com
2 s.go-mpulse.net ak.alklinker.com
1 c.go-mpulse.net s.go-mpulse.net
0 update48451.xyz Failed sozeight.com
37 9

This site contains no links.

Subject Issuer Validity Valid
clipwavenet.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
shaumtol.com
R3		 2024-05-11 -
2024-08-09		 3 months crt.sh
jouteetu.net
R3		 2024-05-14 -
2024-08-12		 3 months crt.sh
rtmark.net
R3		 2024-05-11 -
2024-08-09		 3 months crt.sh
ak.hetaruwg.com
R3		 2024-05-15 -
2024-08-13		 3 months crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-06 -
2025-03-06		 a year crt.sh
sozeight.com
R3		 2024-05-23 -
2024-08-21		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://sozeight.com/click.php?key=m1t3aj9kajenezm6xo2u&visitor_id=828411292678365931&cost=0.004730&zoneid=7393037&campaignid=8226595&device=desktop&browser=chrome&os=windows&osversion=win10&country=DE&language=de&isp=3xk%20tech%20gmbh&user_activity=high&countryname=DE
Frame ID: 6EA318F6B18BBEBB73EDDDC907212F15
Requests: 34 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/9NXXQ-8TQUP-TGDYJ-Z7XGK-N2Y4B
Frame ID: 4C7C08E1202CA74E194ED41427F85BAB
Requests: 2 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/9NXXQ-8TQUP-TGDYJ-Z7XGK-N2Y4B
Frame ID: E5A1425C7153D396153EEC103D170DE3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Installieren Sie den Turbo-Werbeblocker

Page URL History Show full URLs

  1. https://c5.clipwavenet.com/ Page URL
  2. https://ak.alklinker.com/afu.php?zoneid=5708025 Page URL
  3. https://ak.alklinker.com/?z=5708025&syncedCookie=true&rhd=false HTTP 302
    https://ak.alklinker.com/4/7393037/?var=5708025 Page URL
  4. https://ak.alklinker.com/?z=7393037&syncedCookie=false&rhd=false HTTP 302
    https://sozeight.com/click.php?key=m1t3aj9kajenezm6xo2u&visitor_id=828411292678365931&cost=0.0047... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

97 %
HTTPS

25 %
IPv6

8
Domains

9
Subdomains

9
IPs

4
Countries

255 kB
Transfer

724 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://c5.clipwavenet.com/ Page URL
  2. https://ak.alklinker.com/afu.php?zoneid=5708025 Page URL
  3. https://ak.alklinker.com/?z=5708025&syncedCookie=true&rhd=false HTTP 302
    https://ak.alklinker.com/4/7393037/?var=5708025 Page URL
  4. https://ak.alklinker.com/?z=7393037&syncedCookie=false&rhd=false HTTP 302
    https://sozeight.com/click.php?key=m1t3aj9kajenezm6xo2u&visitor_id=828411292678365931&cost=0.004730&zoneid=7393037&campaignid=8226595&device=desktop&browser=chrome&os=windows&osversion=win10&country=DE&language=de&isp=3xk%20tech%20gmbh&user_activity=high&countryname=DE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://ak.alklinker.com/?z=5708025&syncedCookie=true&rhd=false HTTP 302
  • https://ak.alklinker.com/4/7393037/?var=5708025

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
c5.clipwavenet.com/ 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c5.clipwavenet.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3797650bf7dd1a1c40a208dc0195a009841024f5196642e5eedccf805bd48134

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
897d76baea0018d6-FRA
content-encoding
br
content-type
text/html
date
Sat, 22 Jun 2024 16:02:37 GMT
last-modified
Mon, 08 Apr 2024 20:58:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uk4OUfkSCdMSAHmY%2FGuedVKUHAdAvNduYhpwgaDZX29H1IVx2etRkO5T7n%2FkrEptnuRQHrgbs%2BqRam8cTD9jaZY8N8rZvZGJ6m%2B2gQAjgX0894MADuG8TGDnNXJ%2BuwCFq3mfwOQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
micro.tag.min.js
shaumtol.com/pfe/current/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=null&sw=/sw-check-permissions-1df5e.js
Requested by
Host: c5.clipwavenet.com
URL: https://c5.clipwavenet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
842b16e7812bba7f5fe9f390d63a14691ea1a9fba7625beb2ca0c12125ed5907

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://c5.clipwavenet.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 16:02:38 GMT
content-encoding
gzip
last-modified
Thu, 20 Jun 2024 08:50:53 GMT
server
nginx
etag
W/"6673ed6d-96fc"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
play.png
c5.clipwavenet.com/images/play/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c5.clipwavenet.com/images/play/play.png
Requested by
Host: c5.clipwavenet.com
URL: https://c5.clipwavenet.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63e6e57adc4e0a10eee845d513258e424b27a7985c510bb252d75eac63af861

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://c5.clipwavenet.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 16:02:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
692708
alt-svc
h3=":443"; ma=86400
content-length
11015
last-modified
Thu, 14 Mar 2019 13:22:18 GMT
server
cloudflare
etag
"5c8a558a-2b07"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EkyxJrZ6NWdOOcLx3qdrZvbQ7djfNblsIWzsmq21trZTgzz0avsBDZPscjNJSpwXn4PGWc78u7lDWiHWKwVtVaRG3iR2YJzZW8qJnyfyPiWCnngng4DjYNoSxv%2FwL4fVU%2Bo2%2Fd0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
897d76bcbcb418d6-FRA
expires
Sun, 14 Jul 2024 15:37:30 GMT
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=null&sw=/sw-check-permissions-1df5e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://c5.clipwavenet.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
sw-check-permissions-1df5e.js
c5.clipwavenet.com/ 		0
749 B 		Other
General
Check archive.org
Download Go to
Full URL
https://c5.clipwavenet.com/sw-check-permissions-1df5e.js?ymid=null&zoneId=5708017
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=null&sw=/sw-check-permissions-1df5e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.140.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://c5.clipwavenet.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 16:02:38 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 10 Mar 2024 22:54:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65ee3a38-236"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tCPnZ5sqFM2TTcwG4jfgzVn9GM0eGU3yQNsgOntamya8Y5512MMo9wr5LBziO%2BNjZtMfv5TQtsumMXaQpIU4OMQYtHDYi5fsOY9n%2FlNWx7Tw0MdfZ7L%2BlErAVCndToYW7CAsEQc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
897d76be5eb918d6-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 23 Jun 2024 04:02:38 GMT
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=null&sw=/sw-check-permissions-1df5e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://c5.clipwavenet.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
shaumtol.com/ 		0
337 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://shaumtol.com/zone?&pub=0&zone_id=5708017&is_mobile=false&domain=c5.clipwavenet.com&var=&ymid=null&var_3=&var_4=&dsig=&tg=1&sw=3.1.525&trace_id=34d3a2e3-171b-496b-b4b4-b2939d5c63a1&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjYifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjYifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJOb3QvQSlCcmFuZCIsInZlcnNpb24iOiI4LjAuMC4wIn0seyJicmFuZCI6IkNocm9taXVtIiwidmVyc2lvbiI6IjEyNi4wLjY0NzguMTE0In0seyJicmFuZCI6Ikdvb2dsZSBDaHJvbWUiLCJ2ZXJzaW9uIjoiMTI2LjAuNjQ3OC4xMTQifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsIndvdzY0IjpmYWxzZX0=&drf=
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=null&sw=/sw-check-permissions-1df5e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://c5.clipwavenet.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 16:02:38 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server
nginx
access-control-allow-origin
https://c5.clipwavenet.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=null&sw=/sw-check-permissions-1df5e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://c5.clipwavenet.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=null&sw=/sw-check-permissions-1df5e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://c5.clipwavenet.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
gid.js
my.rtmark.net/ 		65 B
547 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5708017&checkDuplicate=true&ymid=null&var=&source=pusher
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=null&sw=/sw-check-permissions-1df5e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d6e3e0e523e95bfd5645b87ade5f213d20bbfe27421b2e304c593d403f172e34
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://c5.clipwavenet.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 16:02:38 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://c5.clipwavenet.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=null&sw=/sw-check-permissions-1df5e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://c5.clipwavenet.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=null&sw=/sw-check-permissions-1df5e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://c5.clipwavenet.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=null&sw=/sw-check-permissions-1df5e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://c5.clipwavenet.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
shaumtol.com/ 		799 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shaumtol.com/zone?&pub=0&zone_id=5708017&is_mobile=false&domain=c5.clipwavenet.com&var=&ymid=null&var_3=&var_4=&dsig=&tg=1&sw=3.1.525&trace_id=34d3a2e3-171b-496b-b4b4-b2939d5c63a1&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjYifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjYifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJOb3QvQSlCcmFuZCIsInZlcnNpb24iOiI4LjAuMC4wIn0seyJicmFuZCI6IkNocm9taXVtIiwidmVyc2lvbiI6IjEyNi4wLjY0NzguMTE0In0seyJicmFuZCI6Ikdvb2dsZSBDaHJvbWUiLCJ2ZXJzaW9uIjoiMTI2LjAuNjQ3OC4xMTQifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=null&sw=/sw-check-permissions-1df5e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
51943e0701b9f32d4a332e57d45e332aa8f85f2daeaa3f5b23bc078cc28f4d22
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://c5.clipwavenet.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 16:02:38 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type
application/json; charset=utf-8
access-control-allow-origin
https://c5.clipwavenet.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
799
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=null&sw=/sw-check-permissions-1df5e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://c5.clipwavenet.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
afu.php
ak.alklinker.com/ 		33 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ak.alklinker.com/afu.php?zoneid=5708025
Requested by
Host: c5.clipwavenet.com
URL: https://c5.clipwavenet.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
56cd1a309861c3fef2b7a3824e12b8b2bee001dd777120503b28649b25503e02
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://c5.clipwavenet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
13227
content-type
text/html; charset=utf8
date
Sat, 22 Jun 2024 16:02:40 GMT
expires
Sat, 22 Jun 2024 16:02:40 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server-timing
cdn-cache; desc=MISS edge; dur=48 origin; dur=8 ak_p; desc="1719072160301_34831769_1002583678_5631_934_23_190_255";dur=1
strict-transport-security
max-age=1
timing-allow-origin
* *
vary
Accept-Encoding
x-akamai-transformed
9 12597 0 pmb=mRUM,1
x-content-type-options
nosniff
x-trace-id
f980902ba1263b75b9a216b34048c29e
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: shaumtol.com
URL: https://shaumtol.com/pfe/current/micro.tag.min.js?z=5708017&ymid=null&sw=/sw-check-permissions-1df5e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://c5.clipwavenet.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
9NXXQ-8TQUP-TGDYJ-Z7XGK-N2Y4B
s.go-mpulse.net/boomerang/ Frame 4C7C 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/9NXXQ-8TQUP-TGDYJ-Z7XGK-N2Y4B
Requested by
Host: ak.alklinker.com
URL: https://ak.alklinker.com/afu.php?zoneid=5708025
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:586::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ak.alklinker.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 16:02:40 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified
Mon, 10 Jun 2024 17:26:09 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
sftouch
ak.alklinker.com/ 		2 B
672 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ak.alklinker.com/sftouch?userId=008083bd173f4acfe23bfbf149d28f28&z=5708025&p_rid=784cd575-bbae-4c24-8051-21ae0b9d9dbb&p_src=sf&branchId=0&rb=nwmijn0UDGuhrsugqebx4ricQAYztzLVN4_X0zT8_APPRXrqe39CAN7yv7wYrp-sY0e6SaluOejpIHdLpohyrhqYd259YomwgtH4S8wYjMpp4mZqRjlhn8uH8tzP1wZ9yAii29_ofdvJKA4GkZv51OQlwVRCOhSoGyzgOSg-fb5gYoC_rW2fE-d1ZhWLqT4AWryjfn7J-z2jpds2BZB_fNblupR0wgqKsvtvrx26sT5m8df_pOWAu0DzXt0fO9rakUS2mGW0bdYQGsaAtJ5uU93Zd23nXg3Yv2D8WaNXUsHktbQJB3yuM4V_tfVj8Nh3MKjyXry2ike9okbi
Requested by
Host: ak.alklinker.com
URL: https://ak.alklinker.com/afu.php?zoneid=5708025
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.114"
Referer
https://ak.alklinker.com/afu.php?zoneid=5708025
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=1
date
Sat, 22 Jun 2024 16:02:40 GMT
x-content-type-options
nosniff
server-timing
cdn-cache; desc=MISS, edge; dur=12, origin; dur=6, ak_p; desc="1719072160771_34831769_1002585330_1853_1043_24_0_109";dur=1
content-length
2
x-trace-id
7dac175f95ba19d125c224bcfdab7c43
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://ak.alklinker.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Sat, 22 Jun 2024 16:02:40 GMT
add
ak.alklinker.com/log/ 		12 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ak.alklinker.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=784cd575-bbae-4c24-8051-21ae0b9d9dbb
Requested by
Host: ak.alklinker.com
URL: https://ak.alklinker.com/afu.php?zoneid=5708025
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.114"
Content-Type
text/plain;charset=UTF-8
Referer
https://ak.alklinker.com/afu.php?zoneid=5708025
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=1
date
Sat, 22 Jun 2024 16:02:40 GMT
x-content-type-options
nosniff
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ak.alklinker.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server-timing
edge; dur=1, origin; dur=11, cdn-cache; desc=MISS, ak_p; desc="1719072160892_34831769_1002586114_1170_738_24_0_219";dur=1
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length
12
expires
Sat, 22 Jun 2024 16:02:40 GMT
img.gif
my.rtmark.net/ 		43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=008083bd173f4acfe23bfbf149d28f28&z=5708025&p_rid=784cd575-bbae-4c24-8051-21ae0b9d9dbb&p_src=sf
Requested by
Host: ak.alklinker.com
URL: https://ak.alklinker.com/afu.php?zoneid=5708025
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ak.alklinker.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 16:02:41 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
/
ak.alklinker.com/4/7393037/
Redirect Chain
  • https://ak.alklinker.com/?z=5708025&syncedCookie=true&rhd=false
  • https://ak.alklinker.com/4/7393037/?var=5708025
33 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ak.alklinker.com/4/7393037/?var=5708025
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
34e6b259050ce306037cbd913b4924342ab2bc341e321ba90b3788d9c8cb1388
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://ak.alklinker.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-arch
"x86"
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version
"126.0.6478.114"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-mobile
?0
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
13203
content-type
text/html; charset=utf8
date
Sat, 22 Jun 2024 16:02:41 GMT
expires
Sat, 22 Jun 2024 16:02:41 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server-timing
cdn-cache; desc=MISS edge; dur=11 origin; dur=6 ak_p; desc="1719072161804_34831769_1002592047_1753_740_60_0_255";dur=1
strict-transport-security
max-age=1
timing-allow-origin
* *
vary
Accept-Encoding
x-akamai-transformed
9 12573 0 pmb=mRUM,1
x-content-type-options
nosniff
x-trace-id
d4d515441b1e00cff52fbe849cb89ccf

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ak.alklinker.com
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Sat, 22 Jun 2024 16:02:41 GMT
expires
Sat, 22 Jun 2024 16:02:41 GMT
link
<https://ak.alklinker.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://ak.alklinker.com/4/7393037/?var=5708025
pragma
no-cache
referrer-policy
no-referrer
server-timing
edge; dur=1 origin; dur=10 cdn-cache; desc=MISS ak_p; desc="1719072161697_34831769_1002591250_1257_1108_86_0_255";dur=1
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
e42cc4b9088da83a995ed44ce8b9e795
favicon.ico
ak.alklinker.com/ 		0
249 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ak.alklinker.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.114"
Referer
https://ak.alklinker.com/afu.php?zoneid=5708025&var=5708025&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=126.0.6478.114
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 16:02:41 GMT
cache-control
max-age=0, no-cache, no-store
server-timing
cdn-cache; desc=MISS, edge; dur=24, origin; dur=21, ak_p; desc="1719072161099_34831769_1002587318_4434_584_28_0_219";dur=1
expires
Sat, 22 Jun 2024 16:02:41 GMT
config.json
c.go-mpulse.net/api/ Frame 4C7C 		51 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=9NXXQ-8TQUP-TGDYJ-Z7XGK-N2Y4B&d=ak.alklinker.com&t=5730241&v=1.720.0&if=&sl=0&si=49909532-b22d-421d-b250-654c82e0e274-sfhokg&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=764622
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/9NXXQ-8TQUP-TGDYJ-Z7XGK-N2Y4B
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:998::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ak.alklinker.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sat, 22 Jun 2024 16:02:41 GMT
cache-control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
51
content-type
application/json
favicon.ico
ak.alklinker.com/ 		0
248 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ak.alklinker.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.114"
Referer
https://ak.alklinker.com/afu.php?zoneid=5708025&var=5708025&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=126.0.6478.114
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 16:02:41 GMT
cache-control
max-age=0, no-cache, no-store
server-timing
cdn-cache; desc=MISS, edge; dur=7, origin; dur=2, ak_p; desc="1719072161695_34831769_1002591251_931_1449_86_0_219";dur=1
expires
Sat, 22 Jun 2024 16:02:41 GMT
9NXXQ-8TQUP-TGDYJ-Z7XGK-N2Y4B
s.go-mpulse.net/boomerang/ Frame E5A1 		205 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/9NXXQ-8TQUP-TGDYJ-Z7XGK-N2Y4B
Requested by
Host: ak.alklinker.com
URL: https://ak.alklinker.com/4/7393037/?var=5708025
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:586::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ak.alklinker.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 16:02:40 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified
Mon, 10 Jun 2024 17:26:09 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
sftouch
ak.alklinker.com/ 		2 B
672 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ak.alklinker.com/sftouch?userId=018083af8cb24e98fa45d8a66bb330cf&z=7393037&p_rid=f079767e-8913-4eb6-b473-583ae937472b&p_src=sf&branchId=0&rb=g8xDzkib-rdnEAZUfVmbmdWRLL0ng_k8C4wGyAhPLuTth2Rewqe8t9-iRuFf7DTDxW4rWNLyxKBr_eRtLdOajmyXjeHjvcBw3WX38t7gVTrbfCmoDIV3yULk1_Z5aVz8B_t_2rihZtwSsLq_SgULkO7hFf0be0DqSudYz7kcGj4BxSes9mL52A71G2BYnI6NYGtMGmUlqnbz2y5aUWYqaqVPQ01Ii9pPAfbeZCj-lXSoT3ad17rGNFVu9zWf4M46TMMqAFvo8Y4_RUYBWVjHzBbz2GdtFj8mSEgn7GRcgDGl6Eet
Requested by
Host: ak.alklinker.com
URL: https://ak.alklinker.com/4/7393037/?var=5708025
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.114"
Referer
https://ak.alklinker.com/4/7393037/?var=5708025
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=1
date
Sat, 22 Jun 2024 16:02:41 GMT
x-content-type-options
nosniff
server-timing
edge; dur=1, origin; dur=9, cdn-cache; desc=MISS, ak_p; desc="1719072161969_34831769_1002593148_1202_698_36_0_109";dur=1
content-length
2
x-trace-id
47b01abc5ab7377b533678c232ff90d9
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://ak.alklinker.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Sat, 22 Jun 2024 16:02:41 GMT
img.gif
my.rtmark.net/ 		43 B
507 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=018083af8cb24e98fa45d8a66bb330cf&z=7393037&p_rid=f079767e-8913-4eb6-b473-583ae937472b&p_src=sf
Requested by
Host: ak.alklinker.com
URL: https://ak.alklinker.com/4/7393037/?var=5708025
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ak.alklinker.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 22 Jun 2024 16:02:41 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://ak.alklinker.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
ak.alklinker.com/log/ 		12 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ak.alklinker.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=f079767e-8913-4eb6-b473-583ae937472b
Requested by
Host: ak.alklinker.com
URL: https://ak.alklinker.com/4/7393037/?var=5708025
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.114"
Content-Type
text/plain;charset=UTF-8
Referer
https://ak.alklinker.com/4/7393037/?var=5708025
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=1
date
Sat, 22 Jun 2024 16:02:42 GMT
x-content-type-options
nosniff
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ak.alklinker.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server-timing
cdn-cache; desc=MISS, edge; dur=24, origin; dur=136, ak_p; desc="1719072162059_34831769_1002593693_16266_849_31_0_219";dur=1
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length
12
expires
Sat, 22 Jun 2024 16:02:42 GMT
favicon.ico
ak.alklinker.com/ 		0
248 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ak.alklinker.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.114"
Referer
https://ak.alklinker.com/4/7393037/?var=5708025
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 16:02:42 GMT
cache-control
max-age=0, no-cache, no-store
server-timing
cdn-cache; desc=MISS, edge; dur=8, origin; dur=1, ak_p; desc="1719072162059_34831769_1002593695_1249_698_35_0_219";dur=1
expires
Sat, 22 Jun 2024 16:02:42 GMT
Primary Request click.php
sozeight.com/
Redirect Chain
  • https://ak.alklinker.com/?z=7393037&syncedCookie=false&rhd=false
  • https://sozeight.com/click.php?key=m1t3aj9kajenezm6xo2u&visitor_id=828411292678365931&cost=0.004730&zoneid=7393037&campaignid=8226595&device=desktop&browser=chrome&os=windows&osversion=win10&countr...
64 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sozeight.com/click.php?key=m1t3aj9kajenezm6xo2u&visitor_id=828411292678365931&cost=0.004730&zoneid=7393037&campaignid=8226595&device=desktop&browser=chrome&os=windows&osversion=win10&country=DE&language=de&isp=3xk%20tech%20gmbh&user_activity=high&countryname=DE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.50.59.231 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-50-59-231.eu-north-1.compute.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
f541c438967591c46900f7e47d77a9d1ee986f608a3f42937a3e44cb7f0c17ea

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://ak.alklinker.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-arch
"x86"
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version
"126.0.6478.114"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-mobile
?0
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 22 Jun 2024 16:02:42 GMT
Server
nginx/1.20.2
Transfer-Encoding
chunked

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ak.alklinker.com
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-length
0
date
Sat, 22 Jun 2024 16:02:42 GMT
expires
Sat, 22 Jun 2024 16:02:42 GMT
link
<https://sozeight.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://sozeight.com/click.php?key=m1t3aj9kajenezm6xo2u&visitor_id=828411292678365931&cost=0.004730&zoneid=7393037&campaignid=8226595&device=desktop&browser=chrome&os=windows&osversion=win10&country=DE&language=de&isp=3xk tech gmbh&user_activity=high&countryname=DE
pragma
no-cache
referrer-policy
no-referrer
server-timing
edge; dur=1 origin; dur=15 cdn-cache; desc=MISS ak_p; desc="1719072162129_34831769_1002594160_1548_761_33_0_255";dur=1
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
c893fa11b3ba64972b284b3329a61f31
favicon.ico
ak.alklinker.com/ 		0
249 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ak.alklinker.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.126.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.114"
Referer
https://ak.alklinker.com/afu.php?zoneid=7393037&var=7393037&rid=UOc2oKHlKAQMxeQ00KE1Mg%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=126.0.6478.114
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.114", "Google Chrome";v="126.0.6478.114"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 22 Jun 2024 16:02:42 GMT
cache-control
max-age=0, no-cache, no-store
server-timing
cdn-cache; desc=MISS, edge; dur=8, origin; dur=19, ak_p; desc="1719072162163_34831769_1002594376_2715_541_32_0_219";dur=1
expires
Sat, 22 Jun 2024 16:02:42 GMT
arrow__up.png
sozeight.com/landers/block_land_dm_de/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sozeight.com/landers/block_land_dm_de/arrow__up.png
Requested by
Host: sozeight.com
URL: https://sozeight.com/click.php?key=m1t3aj9kajenezm6xo2u&visitor_id=828411292678365931&cost=0.004730&zoneid=7393037&campaignid=8226595&device=desktop&browser=chrome&os=windows&osversion=win10&country=DE&language=de&isp=3xk%20tech%20gmbh&user_activity=high&countryname=DE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.50.59.231 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-50-59-231.eu-north-1.compute.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
4399fd13a2b71e3f70846fd5de33d293ecbba9d870115a1fdef53b3a142b62fb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sozeight.com/click.php?key=m1t3aj9kajenezm6xo2u&visitor_id=828411292678365931&cost=0.004730&zoneid=7393037&campaignid=8226595&device=desktop&browser=chrome&os=windows&osversion=win10&country=DE&language=de&isp=3xk%20tech%20gmbh&user_activity=high&countryname=DE
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 22 Jun 2024 16:02:42 GMT
Last-Modified
Mon, 07 Aug 2023 12:31:45 GMT
Server
nginx/1.20.2
ETag
"64d0e431-81c7"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33223
jquery-3.3.1.min.js
sozeight.com/landers/block_land_dm_de/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sozeight.com/landers/block_land_dm_de/jquery-3.3.1.min.js
Requested by
Host: sozeight.com
URL: https://sozeight.com/click.php?key=m1t3aj9kajenezm6xo2u&visitor_id=828411292678365931&cost=0.004730&zoneid=7393037&campaignid=8226595&device=desktop&browser=chrome&os=windows&osversion=win10&country=DE&language=de&isp=3xk%20tech%20gmbh&user_activity=high&countryname=DE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.50.59.231 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-50-59-231.eu-north-1.compute.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sozeight.com/click.php?key=m1t3aj9kajenezm6xo2u&visitor_id=828411292678365931&cost=0.004730&zoneid=7393037&campaignid=8226595&device=desktop&browser=chrome&os=windows&osversion=win10&country=DE&language=de&isp=3xk%20tech%20gmbh&user_activity=high&countryname=DE
Origin
https://sozeight.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 22 Jun 2024 16:02:42 GMT
Last-Modified
Mon, 07 Aug 2023 12:31:45 GMT
Server
nginx/1.20.2
ETag
"64d0e431-1538f"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
86927
background.jpg
update48451.xyz/5005acpl00110/ 		0
0
top__icon.png
sozeight.com/landers/block_land_dm_de/ 		981 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sozeight.com/landers/block_land_dm_de/top__icon.png
Requested by
Host: sozeight.com
URL: https://sozeight.com/click.php?key=m1t3aj9kajenezm6xo2u&visitor_id=828411292678365931&cost=0.004730&zoneid=7393037&campaignid=8226595&device=desktop&browser=chrome&os=windows&osversion=win10&country=DE&language=de&isp=3xk%20tech%20gmbh&user_activity=high&countryname=DE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.50.59.231 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-50-59-231.eu-north-1.compute.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
247447fc2ac2e2779d5303604f23610264f15bacbdcbf0dce6532e75b6ad4512

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sozeight.com/click.php?key=m1t3aj9kajenezm6xo2u&visitor_id=828411292678365931&cost=0.004730&zoneid=7393037&campaignid=8226595&device=desktop&browser=chrome&os=windows&osversion=win10&country=DE&language=de&isp=3xk%20tech%20gmbh&user_activity=high&countryname=DE
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 22 Jun 2024 16:02:43 GMT
Last-Modified
Mon, 07 Aug 2023 12:31:45 GMT
Server
nginx/1.20.2
ETag
"64d0e431-3d5"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
981
firefox__icon.png
sozeight.com/landers/block_land_dm_de/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sozeight.com/landers/block_land_dm_de/firefox__icon.png
Requested by
Host: sozeight.com
URL: https://sozeight.com/click.php?key=m1t3aj9kajenezm6xo2u&visitor_id=828411292678365931&cost=0.004730&zoneid=7393037&campaignid=8226595&device=desktop&browser=chrome&os=windows&osversion=win10&country=DE&language=de&isp=3xk%20tech%20gmbh&user_activity=high&countryname=DE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
13.50.59.231 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-50-59-231.eu-north-1.compute.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
610d547defd7fd85dc8909abe252fe3da2baa75b77a0ac9b6ee359308180dc06

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sozeight.com/click.php?key=m1t3aj9kajenezm6xo2u&visitor_id=828411292678365931&cost=0.004730&zoneid=7393037&campaignid=8226595&device=desktop&browser=chrome&os=windows&osversion=win10&country=DE&language=de&isp=3xk%20tech%20gmbh&user_activity=high&countryname=DE
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 22 Jun 2024 16:02:43 GMT
Last-Modified
Mon, 07 Aug 2023 12:31:45 GMT
Server
nginx/1.20.2
ETag
"64d0e431-15ce"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5582

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
update48451.xyz
URL
https://update48451.xyz/5005acpl00110/background.jpg

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

7 Cookies

Domain/Path Name / Value
my.rtmark.net/ Name: ID
Value: 018083af8cb24e98fa45d8a66bb330cf
ak.alklinker.com/ Name: oaidts
Value: 1719072160
ak.alklinker.com/ Name: OAID
Value: 018083af8cb24e98fa45d8a66bb330cf
ak.alklinker.com/ Name: syncedCookie
Value: true
sozeight.com/ Name: uclick
Value: gxpmqdgx1z
sozeight.com/ Name: uclickhash
Value: gxpmqdgx1z-gxpmqdgx1z-g6vr-4pb4-2ta36o-ci1nvr-ci1ni4-23b448
.ak.alklinker.com/ Name: RT
Value: "z=1&dm=ak.alklinker.com&si=49909532-b22d-421d-b250-654c82e0e274&ss=lxqb6g2f&sl=2&tt=mn&rl=1&obo=1&ld=1ev&r=19phpy7kw&ul=1ez&hd=20o"

1 Console Messages

Source Level URL
Text
network error URL: https://update48451.xyz/5005acpl00110/background.jpg
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak.alklinker.com
c.go-mpulse.net
c5.clipwavenet.com
jouteetu.net
my.rtmark.net
s.go-mpulse.net
shaumtol.com
sozeight.com
update48451.xyz
update48451.xyz
13.50.59.231
139.45.195.8
139.45.197.250
139.45.197.251
172.67.140.229
2.19.126.217
2a02:26f0:3500:586::11a6
2a02:26f0:3500:998::11a6
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
247447fc2ac2e2779d5303604f23610264f15bacbdcbf0dce6532e75b6ad4512
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
34e6b259050ce306037cbd913b4924342ab2bc341e321ba90b3788d9c8cb1388
3797650bf7dd1a1c40a208dc0195a009841024f5196642e5eedccf805bd48134
4399fd13a2b71e3f70846fd5de33d293ecbba9d870115a1fdef53b3a142b62fb
51943e0701b9f32d4a332e57d45e332aa8f85f2daeaa3f5b23bc078cc28f4d22
56cd1a309861c3fef2b7a3824e12b8b2bee001dd777120503b28649b25503e02
610d547defd7fd85dc8909abe252fe3da2baa75b77a0ac9b6ee359308180dc06
842b16e7812bba7f5fe9f390d63a14691ea1a9fba7625beb2ca0c12125ed5907
b63e6e57adc4e0a10eee845d513258e424b27a7985c510bb252d75eac63af861
d6e3e0e523e95bfd5645b87ade5f213d20bbfe27421b2e304c593d403f172e34
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f541c438967591c46900f7e47d77a9d1ee986f608a3f42937a3e44cb7f0c17ea
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7