urlscan.io logo urlscan.io
SecurityTrails logo

trk126.zzzperform.com Open in urlscan Pro
2606:4700:e4::ac40:ab0b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ostschool.com/2420189it6276675Rp461380472eb12634Zt38JNr160252Yk
Effective URL: https://trk126.zzzperform.com/l/27000695f96a812e27e0.js?sub=pubc3e165e3aaef4f799ec4c036829f7ff1&source=b8fb511f
Submission: On October 08 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 11 domains to perform 16 HTTP transactions. The main IP is 2606:4700:e4::ac40:ab0b, located in United States and belongs to CLOUDFLARENET, US. The main domain is trk126.zzzperform.com.
TLS certificate: Issued by E1 on October 1st 2022. Valid for: 3 months.
This is the only time trk126.zzzperform.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 199.217.116.72 30083 (AS-30083-...)
1 129.227.218.218 21859 (ZEN-ECN)
5 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
3 65.60.58.179 32475 (SINGLEHOP...)
2 3 51.68.85.158 16276 (OVH)
1 1 34.141.137.168 396982 (GOOGLE-CL...)
1 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 34.91.234.242 396982 (GOOGLE-CL...)
2 2606:4700:e4:... 13335 (CLOUDFLAR...)
16 7
1    199.217.116.72 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: falcon869.dedicatedpanel.com
ostschool.com
1    129.227.218.218 (Mumbai, India)

ASN21859 (ZEN-ECN, US)
blissfullstar.com
5    2606:4700:3032::6815:1cae (United States)

ASN13335 (CLOUDFLARENET, US)
lynku.jukminung.com
kixa.jukminung.com
3    2606:4700:3033::6815:1446 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
3    65.60.58.179 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
otto.sherlowcke.com
3    51.68.85.158 (France)

ASN16276 (OVH, FR)
www.wewillserv.com
1    34.141.137.168 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.137.141.34.bc.googleusercontent.com
admoustache.go2affise.com
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
myofferplus.com
carrytraff.com
1    34.91.234.242 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 242.234.91.34.bc.googleusercontent.com
track.gositego.live
2    2606:4700:e4::ac40:ab0b (United States)

ASN13335 (CLOUDFLARENET, US)
trk126.zzzperform.com
Apex Domain
Subdomains		 Transfer
5 jukminung.com
lynku.jukminung.com
kixa.jukminung.com — Cisco Umbrella Rank: 260728
26 KB
3 wewillserv.com
www.wewillserv.com — Cisco Umbrella Rank: 646049
6 KB
3 sherlowcke.com
otto.sherlowcke.com
7 KB
3 addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 261287
3 KB
2 zzzperform.com
trk126.zzzperform.com
12 KB
1 carrytraff.com
carrytraff.com — Cisco Umbrella Rank: 324875
581 B
1 gositego.live
track.gositego.live — Cisco Umbrella Rank: 207537
222 B
1 myofferplus.com
myofferplus.com — Cisco Umbrella Rank: 359357
1 KB
1 go2affise.com
admoustache.go2affise.com — Cisco Umbrella Rank: 225144
209 B
1 blissfullstar.com
blissfullstar.com
450 B
1 ostschool.com
ostschool.com — Cisco Umbrella Rank: 969506
306 B
16 11
Domain Requested by
4 lynku.jukminung.com blissfullstar.com
lynku.jukminung.com
3 www.wewillserv.com 2 redirects otto.sherlowcke.com
3 otto.sherlowcke.com lynku.jukminung.com
otto.sherlowcke.com
3 cdn.addlnk.com lynku.jukminung.com
myofferplus.com
kixa.jukminung.com
2 trk126.zzzperform.com kixa.jukminung.com
blissfullstar.com
1 carrytraff.com 1 redirects
1 kixa.jukminung.com myofferplus.com
1 track.gositego.live 1 redirects
1 myofferplus.com www.wewillserv.com
1 admoustache.go2affise.com 1 redirects
1 blissfullstar.com
1 ostschool.com 1 redirects
16 12

This site contains no links.

Subject Issuer Validity Valid
blissfullstar.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-29 -
2023-01-13		 a year crt.sh
*.jukminung.com
E1		 2022-09-19 -
2022-12-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-15 -
2023-05-15		 a year crt.sh
otto.sherlowcke.com
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
www.wewillserv.com
R3		 2022-08-10 -
2022-11-08		 3 months crt.sh
*.zzzperform.com
E1		 2022-10-01 -
2022-12-30		 3 months crt.sh

This page contains 2 frames:

Frame: https://trk126.zzzperform.com/l/27000695f96a812e27e0.js?sub=pubc3e165e3aaef4f799ec4c036829f7ff1&source=b8fb511f&code=3eY3VvBDU7PDw6QDtBPz5EQ0QRhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdK4KVm2FhMKWVmzU1n645anBrbD1paQM0NjU2B2mACzxCPT4PcXkTREZFRheMkxtLHH.TiIQiIoaPiidYKIyVji1dLp6in6Y0NKukmzmAqaqjqWUhS3FnMwZve29tDIB-g3QQd4SAFXt3g4t.GpB9HmuOmoqOj4VUW1VYSVKClZuSnqekUoGIVWdnZml1W5Ombjc2PiR9PDsxKUt7fHlzZnVzXXyIREtKT0dNUTxFaWd0bm5PRJGPko1JcZCPmJ1YUHSapaOim2ZpaXBpbGs1MzY8Mj43J1tqcGx.dj1EQ0hARkoVd40ZURp-iR5WH4FVVSRUVVdXWFkqjGBhL19gMaWZNWVmZ2g5oKE9bjExAmZsaQc4CG92gQ1zb3uDdhJ2fIIXSElKGoeKhB9QUFFSI5eZmI4pWltcXV5fXzCgpZakqjc3qKuerrGfATMyMzc1Nzc-CW.BeHsPQkMRhHh6FhaJenx9HE1NUFRRUldWJIiUm5gqKqKami8vp5ieqTV.pKudpVqEqqAuAWVnawY3ODk6Ozw9Pj4-QEJDQ0RGR0hJSktMTU5PUFFSU1RVVlZYWVpbXF1eX2BhYmJkZWZnaGlqa2xtbjEyMzQ1NjY4CGxzgA0.P0BAQkNERUZHSElKS0xNTU9PUVJTVFUlnZycKqFZXGilXYlniIlvrGSpbKeoqap4dy9uN3JzdHVDgDh-QoJJhj5WXYBMaxaChIeBHIGLS3RzXIeRJJeamylZKpeNnC8vmJ2lNGQ1pKs5amtrbG4wMTM0BHxqCDk6Om0.DXGBiBJVe4aEg3w4aV5hPG2KlIeKkJ.Nk5qMmpeLl1mdkpVdp5uYq5qocnuhrKqpoiBRRkkkW29sf258h3l1eHVyfnZ6d3uAeXqJe4CLh42Fj4mRiIqMj4yQk4uUZ3uPo5mnl1N3oZ.cpq22pKqxZXNwZHAydGhrdTd7eIJ1eH4RhXZ4FkhLGIyKfx1PUh.EkZQkVSWUiowqW1ssmqKfMWJn&_tdf=18
Frame ID: 702C850A6280AD423A61A4274E7FD54E
Requests: 13 HTTP requests in this frame

Frame: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665259200
Frame ID: 8920CB0CE509A35017B90DF58E8E0F40
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading...

Page URL History Show full URLs

  1. http://ostschool.com/2420189it6276675Rp461380472eb12634Zt38JNr160252Yk HTTP 302
    https://blissfullstar.com/176209e318befd1c800/12b-2420189-6276675-160252-12634-/461380472 Page URL
  2. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1292344665&pubid=690143 Page URL
  3. https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream... Page URL
  4. https://otto.sherlowcke.com/?utm_term=7152287189823389717&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
  5. https://otto.sherlowcke.com/proc.php?48c20581d79ca1def1ac1539242ce123648bab30 Page URL
  6. https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7152287189823389717&website... Page URL
  7. https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7152287189823389717&website... HTTP 302
    https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7152287189823389717&website... HTTP 302
    https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=330000ecfffcc90e2b8c9b47437caf43... HTTP 302
    https://myofferplus.com/rc/a91581ead4?affclick=6342074ed1baf80001282b5a&pubid=503 Page URL
  8. https://track.gositego.live/sl?id=62dfc1354b8cd38db57f7466&pid=930&sub1=pub11290275548342399da5ac0898526... HTTP 302
    https://kixa.jukminung.com/rc/19aff8b744?affclick=6342074fc6e8f80001e6a715&pubid=930_81b90edf_503 Page URL
  9. https://carrytraff.com/l/27000695f96a812e27e0?sub=pubc3e165e3aaef4f799ec4c036829f7ff1&source=b8fb511f HTTP 302
    https://trk126.zzzperform.com/l/27000695f96a812e27e0.js?sub=pubc3e165e3aaef4f799ec4c036829f7ff1&source=b8f... Page URL

Page Statistics

16
Requests

100 %
HTTPS

40 %
IPv6

11
Domains

12
Subdomains

7
IPs

4
Countries

55 kB
Transfer

127 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ostschool.com/2420189it6276675Rp461380472eb12634Zt38JNr160252Yk HTTP 302
    https://blissfullstar.com/176209e318befd1c800/12b-2420189-6276675-160252-12634-/461380472 Page URL
  2. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1292344665&pubid=690143 Page URL
  3. https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=fbbb5665&cid=pub4774804978ea464c93eebb37887fe0a5&2=690143 Page URL
  4. https://otto.sherlowcke.com/?utm_term=7152287189823389717&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d Page URL
  5. https://otto.sherlowcke.com/proc.php?48c20581d79ca1def1ac1539242ce123648bab30 Page URL
  6. https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7152287189823389717&website=13260-0b0f7687-44cf01f6&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d Page URL
  7. https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7152287189823389717&website=13260-0b0f7687-44cf01f6&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=3f668a591d7e19463ff1d4e14876520d&eyer=0.05222216568631999&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
    https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7152287189823389717&website=13260-0b0f7687-44cf01f6&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=3&eyer=0.05222216568631999&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
    https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=330000ecfffcc90e2b8c9b47437caf437687f1008-202210-flb*5467509-4538f*M7152287189823389717*sl_5467509-4538f*822b7ccd178187e53517da28aba0850337e791c1*13260-0b0f7687-44cf01f6*13260 HTTP 302
    https://myofferplus.com/rc/a91581ead4?affclick=6342074ed1baf80001282b5a&pubid=503 Page URL
  8. https://track.gositego.live/sl?id=62dfc1354b8cd38db57f7466&pid=930&sub1=pub11290275548342399da5ac0898526c76&sub2=81b90edf_503 HTTP 302
    https://kixa.jukminung.com/rc/19aff8b744?affclick=6342074fc6e8f80001e6a715&pubid=930_81b90edf_503 Page URL
  9. https://carrytraff.com/l/27000695f96a812e27e0?sub=pubc3e165e3aaef4f799ec4c036829f7ff1&source=b8fb511f HTTP 302
    https://trk126.zzzperform.com/l/27000695f96a812e27e0.js?sub=pubc3e165e3aaef4f799ec4c036829f7ff1&source=b8fb511f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ostschool.com/2420189it6276675Rp461380472eb12634Zt38JNr160252Yk HTTP 302
  • https://blissfullstar.com/176209e318befd1c800/12b-2420189-6276675-160252-12634-/461380472
Request Chain 10
  • https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7152287189823389717&website=13260-0b0f7687-44cf01f6&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=3f668a591d7e19463ff1d4e14876520d&eyer=0.05222216568631999&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
  • https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7152287189823389717&website=13260-0b0f7687-44cf01f6&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=3&eyer=0.05222216568631999&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
  • https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=330000ecfffcc90e2b8c9b47437caf437687f1008-202210-flb*5467509-4538f*M7152287189823389717*sl_5467509-4538f*822b7ccd178187e53517da28aba0850337e791c1*13260-0b0f7687-44cf01f6*13260 HTTP 302
  • https://myofferplus.com/rc/a91581ead4?affclick=6342074ed1baf80001282b5a&pubid=503
Request Chain 12
  • https://track.gositego.live/sl?id=62dfc1354b8cd38db57f7466&pid=930&sub1=pub11290275548342399da5ac0898526c76&sub2=81b90edf_503 HTTP 302
  • https://kixa.jukminung.com/rc/19aff8b744?affclick=6342074fc6e8f80001e6a715&pubid=930_81b90edf_503

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
461380472
blissfullstar.com/176209e318befd1c800/12b-2420189-6276675-160252-12634-/
Redirect Chain
  • http://ostschool.com/2420189it6276675Rp461380472eb12634Zt38JNr160252Yk
  • https://blissfullstar.com/176209e318befd1c800/12b-2420189-6276675-160252-12634-/461380472
137 B
450 B 		Document
General
Check archive.org
Download Go to
Full URL
https://blissfullstar.com/176209e318befd1c800/12b-2420189-6276675-160252-12634-/461380472
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
129.227.218.218 Mumbai, India, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
137
Content-Type
text/html; charset=UTF-8
Date
Sat, 08 Oct 2022 23:27:09 GMT
Server
Apache

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sat, 08 Oct 2022 23:27:07 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.6 (CentOS)
location
https://blissfullstar.com/176209e318befd1c800/12b-2420189-6276675-160252-12634-/461380472
9e8aef8068
lynku.jukminung.com/rc/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/rc/9e8aef8068?affclick=1292344665&pubid=690143
Requested by
Host: blissfullstar.com
URL: https://blissfullstar.com/176209e318befd1c800/12b-2420189-6276675-160252-12634-/461380472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b29ce8e73eda6d934323e1849b7b3346d567f4221a3e933f07c40b00f62a4ee3

Request headers

Referer
https://blissfullstar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7572a5450caa90dd-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Sat, 08 Oct 2022 23:27:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJxK7ijIaX%2F%2Fwm5GoKPHuBJf%2BniXLRrX0NrKUH%2BN4Ra7gy8OhivjEhUZ4XuMjX1fo%2FAOGudLLeNET3oY%2Fqk69i%2F9AGgIOs3GewBiVu2EibCkIWbxkVXzcyysGVM2hw8MA8ii8UlDPM5fgGtfMaT7Qhhe"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1292344665&pubid=690143
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 23:27:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NG3WEQ5NJ4PQVZ4F
age
5050
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
QxX22n6jD9gBrjBZ6ohlWbPu+une0ezSYrlZ/gpY7cQk926tnR/U/t0VdL75pShx4aODRqNqN5k=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oyz1UssXZIVcDTMZ%2BSW5N37moPWLmNuG3MzRThY6Z3YO1h13LXVJrJSe94m82LJQGeMOfpJRJPjDwbpAWqaBLdkfefkqPvR1EIezPAODcvDXP0bQ5P%2FlSIIlajluQtzZGkAXlinQ6%2BSthlGLyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7572a545c9bf91e9-FRA
invisible.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 8920 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665259200
Requested by
Host: blissfullstar.com
URL: https://blissfullstar.com/176209e318befd1c800/12b-2420189-6276675-160252-12634-/461380472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd66582de7adcf9ca1926e781f00ce96aea0b97b633f97f7dc572c5ffe41bd3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 23:27:09 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMu5oodTbtDWTWWqS0Dp91N1%2BOj6r505J%2FA%2FoX%2F3NxmIcW4c0OgcxtXXaxeVOAptWhn%2FIEtqvGFaMFksbhwrDkGN%2Fj6vVGDX9gA4yQkTELIMJA6cqFtHhInF1ASvdpFsViO6%2BSLDH0P54YQEFeNkcdWq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7572a5460dc790dd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 8920 		24 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18c2029f532262e004b4921d9ffd9919fea51ffb9b43d676eda05bc465ff0971

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 23:27:09 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2Bjj9H7%2BT3XzWAGlk8IPCL1IZEZOMdx40fwEK6acliJl3NjzAin2L1%2BnQKcNQ4EQY8tSlOZkJylZYSBRlkCgHb2YJiwip3eVeTHyHCBqNJFP21KfKK1bGY9jMomhudopnuAgM%2FPQGFmDPVVVydcrCNgU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7572a5462d839243-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
otto.sherlowcke.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=fbbb5665&cid=pub4774804978ea464c93eebb37887fe0a5&2=690143
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1292344665&pubid=690143
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.1.9
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 08 Oct 2022 23:27:10 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://otto.sherlowcke.com/?utm_term=7152287189823389717&ver=4viyaptcjo
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.1.9
7572a5450caa90dd
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 8920 		2 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/7572a5450caa90dd
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1665259200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 08 Oct 2022 23:27:10 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JUCfI2sY2Hds%2B%2BCRZrisWMUZKisruEpGBHqfOsX%2FkchqYPTv8iLQFIjiDK3UaVzFZo0S%2FEkCRQ%2FHQ8phsKwL0PrxD1ciO2rrnAWYerehw%2B0wN7wwSgm4JEG9L3jpEEiisjtalP81DoV%2BEJYE90ZXVPZu"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7572a5481f239243-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
otto.sherlowcke.com/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://otto.sherlowcke.com/?utm_term=7152287189823389717&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Requested by
Host: otto.sherlowcke.com
URL: https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=fbbb5665&cid=pub4774804978ea464c93eebb37887fe0a5&2=690143
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.1.9
Resource Hash
464794369c31a1b89e88b65396a3ca496f7f586288a4d280c3ddbe751af35da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=fbbb5665&cid=pub4774804978ea464c93eebb37887fe0a5&2=690143
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 08 Oct 2022 23:27:10 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.1.9
proc.php
otto.sherlowcke.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://otto.sherlowcke.com/proc.php?48c20581d79ca1def1ac1539242ce123648bab30
Requested by
Host: otto.sherlowcke.com
URL: https://otto.sherlowcke.com/?utm_term=7152287189823389717&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.60.58.179 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.1.9
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://otto.sherlowcke.com/?utm_term=7152287189823389717&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 08 Oct 2022 23:27:10 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7152287189823389717&website=13260-0b0f7687-44cf01f6&placement=13260
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.1.9
/
www.wewillserv.com/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7152287189823389717&website=13260-0b0f7687-44cf01f6&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Requested by
Host: otto.sherlowcke.com
URL: https://otto.sherlowcke.com/proc.php?48c20581d79ca1def1ac1539242ce123648bab30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.85.158 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://otto.sherlowcke.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Sat, 08 Oct 2022 23:27:10 GMT
Transfer-Encoding
chunked
a91581ead4
myofferplus.com/rc/
Redirect Chain
  • https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7152287189823389717&website=13260-0b0f7687-44cf01f6&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccb...
  • https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7152287189823389717&website=13260-0b0f7687-44cf01f6&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccb...
  • https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=330000ecfffcc90e2b8c9b47437caf437687f1008-202210-flb*5467509-4538f*M7152287189823389717*sl_5467509-4538f*822b7ccd178187...
  • https://myofferplus.com/rc/a91581ead4?affclick=6342074ed1baf80001282b5a&pubid=503
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myofferplus.com/rc/a91581ead4?affclick=6342074ed1baf80001282b5a&pubid=503
Requested by
Host: www.wewillserv.com
URL: https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7152287189823389717&website=13260-0b0f7687-44cf01f6&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
561b183c12b824d641da22c6ea02544c655275b35a2d0adf9a60cc9866627b66

Request headers

Referer
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7152287189823389717&website=13260-0b0f7687-44cf01f6&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7572a54cab419a0f-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Sat, 08 Oct 2022 23:27:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVXmRXPHTMJn%2FfMwvd%2B132yeMKSqDPdyEw4zCzc6bncWLsLBsxxtbtTxoZBGGqIQwp6qB50ENIP%2BEVnrCce4Dy0RJldjgjRimp%2FGu1WsluAxUqJ9xc2pSs%2BAAXQkQENv%2B%2FsEyn7iGn6sKOyufc0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Sat, 08 Oct 2022 23:27:10 GMT
location
https://myofferplus.com/rc/a91581ead4?affclick=6342074ed1baf80001282b5a&pubid=503
server
nginx
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: myofferplus.com
URL: https://myofferplus.com/rc/a91581ead4?affclick=6342074ed1baf80001282b5a&pubid=503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:1446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 23:27:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KPYPMKR87WVDDR5G
age
7038
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
sdyeyOjO4qADE8twISrwU7928cky8WpEvqOoYxcGfmLM5QiMKH15++pL4Vm7UxnFSSwxMSTIZIo=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjeuWMfV4hnVEgBWHHKjo5C4NaGo%2BCZBnlcBMK6i3FBa76AW94%2B2o0y7nxoeAb4f75eyZytLvNOJzevqVEhY9uucSuXy9byv0sNyr1orN%2BUKZjAg%2FXbC00qL4OUBbMuEFXyiZcqTPKEHvjbC1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7572a54d7ce19a17-FRA
19aff8b744
kixa.jukminung.com/rc/
Redirect Chain
  • https://track.gositego.live/sl?id=62dfc1354b8cd38db57f7466&pid=930&sub1=pub11290275548342399da5ac0898526c76&sub2=81b90edf_503
  • https://kixa.jukminung.com/rc/19aff8b744?affclick=6342074fc6e8f80001e6a715&pubid=930_81b90edf_503
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kixa.jukminung.com/rc/19aff8b744?affclick=6342074fc6e8f80001e6a715&pubid=930_81b90edf_503
Requested by
Host: myofferplus.com
URL: https://myofferplus.com/rc/a91581ead4?affclick=6342074ed1baf80001282b5a&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9bef913bc2b4749189c56a1d58cacc697abd8c432a4906fcd39be3772c6e944

Request headers

Referer
https://myofferplus.com/rc/a91581ead4?affclick=6342074ed1baf80001282b5a&pubid=503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7572a54f9ffb90dd-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Sat, 08 Oct 2022 23:27:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cmigD4OinilIxWgsopAtuZAsue%2B3NanbXsnYHPFmUKUheVC7a8ptHc1aQwz38eD6BZP2auyl1xOTloteXaFKU3QuAuknDmQnOMX6%2FHUGHItHMEMACGSoEtSRTUD6GoTRujEYRkHdDIQ3Os%2FfvcFo9Y%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Sat, 08 Oct 2022 23:27:11 GMT
location
https://kixa.jukminung.com/rc/19aff8b744?affclick=6342074fc6e8f80001e6a715&pubid=930_81b90edf_503
server
nginx
redirect.css
cdn.addlnk.com/ 		1 KB
1018 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: kixa.jukminung.com
URL: https://kixa.jukminung.com/rc/19aff8b744?affclick=6342074fc6e8f80001e6a715&pubid=930_81b90edf_503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:1446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 23:27:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KPYPMKR87WVDDR5G
age
7039
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
sdyeyOjO4qADE8twISrwU7928cky8WpEvqOoYxcGfmLM5QiMKH15++pL4Vm7UxnFSSwxMSTIZIo=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FoWYWUVfWojW3HHA91c2PstedlguBEjvvFSI3yxF0vngEyU%2BI171DwrUgXOzVCtUVZcSUjAvwH8jT5Y8FcfAyzvYd3gmheKVpxbOde%2BOM%2Bx9P95O9Rz%2Bh06Qs%2BidNS48if6A7SXk%2BiOw0V20QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7572a55018699a17-FRA
Primary Request 27000695f96a812e27e0.js
trk126.zzzperform.com/l/
Redirect Chain
  • https://carrytraff.com/l/27000695f96a812e27e0?sub=pubc3e165e3aaef4f799ec4c036829f7ff1&source=b8fb511f
  • https://trk126.zzzperform.com/l/27000695f96a812e27e0.js?sub=pubc3e165e3aaef4f799ec4c036829f7ff1&source=b8fb511f
36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trk126.zzzperform.com/l/27000695f96a812e27e0.js?sub=pubc3e165e3aaef4f799ec4c036829f7ff1&source=b8fb511f
Requested by
Host: kixa.jukminung.com
URL: https://kixa.jukminung.com/rc/19aff8b744?affclick=6342074fc6e8f80001e6a715&pubid=930_81b90edf_503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:ab0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a

Request headers

Referer
https://kixa.jukminung.com/rc/19aff8b744?affclick=6342074fc6e8f80001e6a715&pubid=930_81b90edf_503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1579
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000
cf-cache-status
HIT
cf-ray
7572a5518e289b1b-FRA
content-encoding
br
content-type
text/html
date
Sat, 08 Oct 2022 23:27:11 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Tue, 20 Aug 2019 14:25:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLgBTe7Pc4xX5ifJg51da%2BBDTgWis5nYvKBSRZH4IGGw7qLWTK75sNjJR%2FACGNV0WZ3HtDiPRSyyGR%2BGnP4Y3yGchPaWNOcLmo8L22Xo0589o8SeDHj9NlCqG9htkYdkUgt6rxsz0h%2BfHYL1s9N4V4KllSk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7572a5511e8190b2-FRA
date
Sat, 08 Oct 2022 23:27:11 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://trk126.zzzperform.com/l/27000695f96a812e27e0.js?sub=pubc3e165e3aaef4f799ec4c036829f7ff1&source=b8fb511f
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZ3mv7XXbEVDWH7BEZMNIYXLjM3wmxrA3Gu0X2HguK4i5XYBgTMxcttljJp%2BClhpMLFieTLARy0ReIQItIponAbYRHoHfTRV7Pb46ks4bKgiYnrr3Kyz9oYCyeUo7ksVqncLcEmaDkUXjaxQOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
27000695f96a812e27e0.js
trk126.zzzperform.com/l/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://trk126.zzzperform.com/l/27000695f96a812e27e0.js?sub=pubc3e165e3aaef4f799ec4c036829f7ff1&source=b8fb511f&code=3eY3VvBDU7PDw6QDtBPz5EQ0QRhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdK4KVm2FhMKWVmzU1n645anBrbD1paQM0NjU2B2mACzxCPT4PcXkTREZFRheMkxtLHH.TiIQiIoaPiidYKIyVji1dLp6in6Y0NKukmzmAqaqjqWUhS3FnMwZve29tDIB-g3QQd4SAFXt3g4t.GpB9HmuOmoqOj4VUW1VYSVKClZuSnqekUoGIVWdnZml1W5Ombjc2PiR9PDsxKUt7fHlzZnVzXXyIREtKT0dNUTxFaWd0bm5PRJGPko1JcZCPmJ1YUHSapaOim2ZpaXBpbGs1MzY8Mj43J1tqcGx.dj1EQ0hARkoVd40ZURp-iR5WH4FVVSRUVVdXWFkqjGBhL19gMaWZNWVmZ2g5oKE9bjExAmZsaQc4CG92gQ1zb3uDdhJ2fIIXSElKGoeKhB9QUFFSI5eZmI4pWltcXV5fXzCgpZakqjc3qKuerrGfATMyMzc1Nzc-CW.BeHsPQkMRhHh6FhaJenx9HE1NUFRRUldWJIiUm5gqKqKami8vp5ieqTV.pKudpVqEqqAuAWVnawY3ODk6Ozw9Pj4-QEJDQ0RGR0hJSktMTU5PUFFSU1RVVlZYWVpbXF1eX2BhYmJkZWZnaGlqa2xtbjEyMzQ1NjY4CGxzgA0.P0BAQkNERUZHSElKS0xNTU9PUVJTVFUlnZycKqFZXGilXYlniIlvrGSpbKeoqap4dy9uN3JzdHVDgDh-QoJJhj5WXYBMaxaChIeBHIGLS3RzXIeRJJeamylZKpeNnC8vmJ2lNGQ1pKs5amtrbG4wMTM0BHxqCDk6Om0.DXGBiBJVe4aEg3w4aV5hPG2KlIeKkJ.Nk5qMmpeLl1mdkpVdp5uYq5qocnuhrKqpoiBRRkkkW29sf258h3l1eHVyfnZ6d3uAeXqJe4CLh42Fj4mRiIqMj4yQk4uUZ3uPo5mnl1N3oZ.cpq22pKqxZXNwZHAydGhrdTd7eIJ1eH4RhXZ4FkhLGIyKfx1PUh.EkZQkVSWUiowqW1ssmqKfMWJn&_tdf=18
Requested by
Host: blissfullstar.com
URL: https://blissfullstar.com/176209e318befd1c800/12b-2420189-6276675-160252-12634-/461380472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:ab0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://trk126.zzzperform.com/l/27000695f96a812e27e0.js?sub=pubc3e165e3aaef4f799ec4c036829f7ff1&source=b8fb511f
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7572a551ff209a09-FRA
date
Sat, 08 Oct 2022 23:27:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nd0pJy2MeC7DTpTzq3kYiB3NuG8Z7kpYDlGHpSpgbU9n%2BnwQlMUOjG2J6EZVeSxTGmthU5ffdNe0MjbiAX4wccGVFhQx31xSIERBLu0KhDu6alVdOw2qHD%2BxeAdT48woDWwFFaUyUxaxPTOSC7TGU%2BgVROI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| Y6VV number| r4nnnn number| l4nnnn number| t6u function| EKm8V

9 Cookies

Domain/Path Name / Value
blissfullstar.com/ Name: uid15295
Value: 1292344665-20221008192709-43e3a7e1b5236bf67e1434662ac9bf29-
lynku.jukminung.com/ Name: AWSALB
Value: 4BJ5y7trEMg44vx3tiAcuVYvWFXtyVpZvDfAWf9SGa7jTkhSHWI8CcjiTmdqezbWPTsWg2Nuribq5f6U+iRDLNx3ouK8aOUtM1D4cQsdqFDhryQOSDMA8Eck/RIT
.jukminung.com/ Name: __cf_bm
Value: zO0OaHtDByuorVH6FU2.V_n.QJ7sHQoRNx7s0EZTiB0-1665271630-0-Af2crHZipv448QM+1c4IciDv7Ly/pFdXJKVYMkEC28n9X0iFH52NptsfCXqavhves0Y6u8mjq6iJ3rIfHO8EkXxQBlZ8j6cnNSVS+uRpgI49eJ4ACqZnaoXzJWYSFBQuEw==
otto.sherlowcke.com/ Name: u
Value: 266598ab1826e339d0fbde64c87fa364
admoustache.go2affise.com/ Name: afclick
Value: 6342074ed1baf80001282b5a
myofferplus.com/ Name: AWSALB
Value: NSsHK0oSFoJv97cxeYllDWHHXkZjY2+EA+knM2XGMwCpoR+TgGuX8XJL33PT2+L3GN/AFEGWxZmM5e9aj75iFoYCNLKH15h8NsdR0OHn4/hq2aIoLdiZJyxgZld5
track.gositego.live/ Name: afclick
Value: 6342074fc6e8f80001e6a715
kixa.jukminung.com/ Name: AWSALB
Value: xAY1wf+4eBRDsPcZbuFStrWimsxNfggZD5vbj+w0hVn84+RUXOgh1fXzJrZeQc7NHDiKEzHaBVEEYkaI2bigx7J1ZnE6Dg1mhcWxthmlKV4ZnNwGUgvAzTivCieK
trk126.zzzperform.com/ Name: BSESSID
Value: trk628e4846-51e5-4a44-9394-e3250a4b5e47