urlscan.io logo urlscan.io
SecurityTrails logo

www.google.com Open in urlscan Pro
2a00:1450:4001:831::2004  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/bjhgy/nuptialsaisle.html#tgThT5MIDM.MPLPKFPTVfzoNZQlitSBTPtl?dRsb06cc4fgHcy12RcdcfPdpc53ktdCQNcb...
Effective URL: https://www.google.com/
Submission: On March 30 via api from DK — Scanned from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 23 domains to perform 49 HTTP transactions. The main IP is 2a00:1450:4001:831::2004, located in and belongs to . The main domain is www.google.com.
TLS certificate: Issued by GTS CA 1C3 on March 13th 2023. Valid for: 3 months.
This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 1 23.94.86.122 36352 (AS-COLOCR...)
1 81.128.197.187 2856 (BT-UK-AS ...)
1 38.102.245.195 174 (COGENT-174)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 13.32.99.22 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 54.145.195.26 14618 (AMAZON-AES)
2 34.206.49.43 14618 (AMAZON-AES)
4 2606:4700:303... ()
4 2606:4700:303... ()
3 67.212.184.149 ()
2 3 51.68.82.147 ()
1 1 34.147.1.177 ()
5 2a06:98c1:312... ()
1 1 174.138.122.163 ()
1 1 34.141.179.97 ()
4 2a06:98c1:312... ()
1 1 51.161.115.163 ()
1 1 51.83.143.92 ()
1 1 2606:4700:303... ()
1 2 52.44.122.204 ()
1 1 168.119.142.248 ()
1 1 2a00:1450:400... ()
7 2a00:1450:400... ()
3 2a00:1450:400... ()
1 2a00:1450:400... ()
49 21
1    2a00:1450:4001:829::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    23.94.86.122 (United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: transbluebtwob.mobi
nuptialsaisle.com
1    81.128.197.187 (London, United Kingdom)

ASN2856 (BT-UK-AS BTnet UK Regional network, GB)
valleyutilityplay.com
1    38.102.245.195 (Redondo Beach, United States)

ASN174 (COGENT-174, US)
offer-connect.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    13.32.99.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-22.fra60.r.cloudfront.net
api.pushnami.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    54.145.195.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-195-26.compute-1.amazonaws.com
trc.pushnami.com
2    34.206.49.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-49-43.compute-1.amazonaws.com
psp.pushnami.com
4    2606:4700:3032::6815:1cae (None, )

ASN- ()
lynku.jukminung.com
4    2606:4700:3035::ac43:9efb (None, )

ASN- ()
cdn.addlnk.com
3    67.212.184.149 (None, )

ASN- ()
ozil.glumiville.com
3    51.68.82.147 (None, )

ASN- ()
www.turbotrck.art
1    34.147.1.177 (None, )

ASN- ()
admoustache.media-412.com
5    2a06:98c1:3121::3 (None, )

ASN- ()
yeah.achelous.mobi
792a9db8.linkbooster.click
1    174.138.122.163 (None, )

ASN- ()
c.adups.app
1    34.141.179.97 (None, )

ASN- ()
track.gositego.live
4    2a06:98c1:3120::3 (None, )

ASN- ()
irugu.cogliatu.com
1    51.161.115.163 (None, )

ASN- ()
t3.hightid.com
1    51.83.143.92 (None, )

ASN- ()
ron.trffclb.com
1    2606:4700:3035::6815:3426 (None, )

ASN- ()
popcash.net
2    52.44.122.204 (None, )

ASN- ()
ps.popcash.net
1    168.119.142.248 (None, )

ASN- ()
floweryduck.cc
1    2a00:1450:4001:806::200e (None, )

ASN- ()
google.com
7    2a00:1450:4001:831::2004 (None, )

ASN- ()
www.google.com
3    2a00:1450:4001:80b::2003 (None, )

ASN- ()
www.gstatic.com
1    2a00:1450:4001:80b::200e (None, )

ASN- ()
apis.google.com
Domain Requested by
7 www.google.com ps.popcash.net
www.google.com
4 irugu.cogliatu.com 792a9db8.linkbooster.click
storage.googleapis.com
irugu.cogliatu.com
4 792a9db8.linkbooster.click yeah.achelous.mobi
storage.googleapis.com
792a9db8.linkbooster.click
4 cdn.addlnk.com lynku.jukminung.com
yeah.achelous.mobi
792a9db8.linkbooster.click
irugu.cogliatu.com
4 lynku.jukminung.com offer-connect.com
storage.googleapis.com
lynku.jukminung.com
3 www.gstatic.com www.google.com
3 www.turbotrck.art 2 redirects ozil.glumiville.com
3 ozil.glumiville.com lynku.jukminung.com
ozil.glumiville.com
2 ps.popcash.net 1 redirects irugu.cogliatu.com
2 psp.pushnami.com api.pushnami.com
2 trc.pushnami.com api.pushnami.com
2 fonts.gstatic.com fonts.googleapis.com
www.google.com
2 api.pushnami.com offer-connect.com
api.pushnami.com
2 maxcdn.bootstrapcdn.com offer-connect.com
maxcdn.bootstrapcdn.com
1 apis.google.com www.gstatic.com
1 google.com 1 redirects
1 floweryduck.cc 1 redirects
1 popcash.net 1 redirects
1 ron.trffclb.com 1 redirects
1 t3.hightid.com 1 redirects
1 track.gositego.live 1 redirects
1 c.adups.app 1 redirects
1 yeah.achelous.mobi www.turbotrck.art
1 admoustache.media-412.com 1 redirects
1 fonts.googleapis.com offer-connect.com
1 ajax.googleapis.com offer-connect.com
1 offer-connect.com valleyutilityplay.com
1 valleyutilityplay.com storage.googleapis.com
1 nuptialsaisle.com 1 redirects
1 storage.googleapis.com
0 static.cloudflareinsights.com Failed yeah.achelous.mobi
49 31

This site contains no links.

Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
valleyutilityplay.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-15 -
2024-04-14		 a year crt.sh
offer-connect.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.pushnami.com
Amazon RSA 2048 M01		 2023-03-04 -
2024-04-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
ozil.glumiville.com
R3		 2023-03-27 -
2023-06-25		 3 months crt.sh
www.turbotrck.art
R3		 2023-02-28 -
2023-05-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.google.com/
Frame ID: 4906409D4787E10E55BA812C9D21F19B
Requests: 44 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: C560D1784472AE2041DADA9914387A41
Requests: 1 HTTP requests in this frame

Frame: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680177600
Frame ID: 2220D4138D5D67847D242AEB403C1007
Requests: 3 HTTP requests in this frame

Frame: https://792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680177600
Frame ID: E3CAE5B9BCDA2EEC89EC3C702CA38A9F
Requests: 3 HTTP requests in this frame

Frame: https://irugu.cogliatu.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680177600
Frame ID: EB677189DFF78E4FB11266D4EA4F2BD4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

offer-connect

Page URL History Show full URLs

  1. https://storage.googleapis.com/bjhgy/nuptialsaisle.html Page URL
  2. http://nuptialsaisle.com/tgThT5MIDM.MPLPKFPTVfzoNZQlitSBTPtl?dRsb06cc4fgHcy12RcdcfPdpc53ktdCQNcbbb4v HTTP 302
    https://valleyutilityplay.com/1764a66a347332c3800/2_229413_2732280/198_3523556_3721083_63/703884767_185-23... Page URL
  3. https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21... Page URL
  4. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334798885&pshnm_scr=690444&pubid=690444 Page URL
  5. https://ozil.glumiville.com/?utm_medium=4e9993c7e42157a307110d2807ad71b202109695&utm_campaign=mainstream... Page URL
  6. https://ozil.glumiville.com/?utm_term=7216335391408783454&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
  7. https://ozil.glumiville.com/proc.php?38939034dcb433d8dc9a8812332fc3455764a972 Page URL
  8. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216335391408783454&website... Page URL
  9. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216335391408783454&website... HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216335391408783454&website... HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330008e7b0556325f3514cd1b2a1e846... HTTP 302
    https://yeah.achelous.mobi/rc/a91581ead4?affclick=642592cf36d2470001cee97a&pubid=503 Page URL
  10. https://c.adups.app/36399?click=pub14700ecb18cc4f098f24f6ec08024fd6&pubid=8063a697 HTTP 302
    https://792a9db8.linkbooster.click/rc/736006a179?affclick=23C30191656A036399028631c43fr&pubid=5c9ab Page URL
  11. https://track.gositego.live/sl?id=6372315a14cb732daa6b203e&pid=930&sub1=pub283cf435db8a4319b1e8d254db251... HTTP 302
    https://irugu.cogliatu.com/rc/19aff8b744?affclick=642592d10bbfd10001e8b3ed&pubid=930_5ff05558_5c9ab Page URL
  12. https://t3.hightid.com/s.php?p=c%3As_8942pggbfij953c&d=631f396258fd6b044f727c62&pid=pub74ceeff4e98f... HTTP 302
    https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_039ae99a HTTP 302
    https://popcash.net/world/go/134600/317194 HTTP 301
    http://ps.popcash.net/go/134600/317194 Page URL
  13. http://ps.popcash.net/ad/ad?p=134600&w=317194&t=6ceec89aec06e29b&r=&vw=1600&vh=1200 HTTP 303
    https://floweryduck.cc/smart?p=6S36gzrUCrHarZZkgCcPWQ2bbFaKnmmtLc3aRqmN4H&s=317194 HTTP 302
    https://google.com/ HTTP 301
    https://www.google.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • api\.pushnami\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

96 %
HTTPS

48 %
IPv6

23
Domains

31
Subdomains

21
IPs

3
Countries

444 kB
Transfer

993 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/bjhgy/nuptialsaisle.html Page URL
  2. http://nuptialsaisle.com/tgThT5MIDM.MPLPKFPTVfzoNZQlitSBTPtl?dRsb06cc4fgHcy12RcdcfPdpc53ktdCQNcbbb4v HTTP 302
    https://valleyutilityplay.com/1764a66a347332c3800/2_229413_2732280/198_3523556_3721083_63/703884767_185-236-203-124 Page URL
  3. https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&pshnm_scr=690444&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334798885&pubid=690444 Page URL
  4. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334798885&pshnm_scr=690444&pubid=690444 Page URL
  5. https://ozil.glumiville.com/?utm_medium=4e9993c7e42157a307110d2807ad71b202109695&utm_campaign=mainstream_redirect&1=f82429a8&cid=pub9fa01b4f6d17438991d01959b978f2f9&2=690444 Page URL
  6. https://ozil.glumiville.com/?utm_term=7216335391408783454&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
  7. https://ozil.glumiville.com/proc.php?38939034dcb433d8dc9a8812332fc3455764a972 Page URL
  8. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216335391408783454&website=13260-a70cb436-4c4ca68e&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
  9. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216335391408783454&website=13260-a70cb436-4c4ca68e&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=acd5f454eaff1c6e0a0a9bf37a394222&eyer=0.46862736008105643&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=ozil.glumiville.com HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216335391408783454&website=13260-a70cb436-4c4ca68e&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.46862736008105643&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=ozil.glumiville.com HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330008e7b0556325f3514cd1b2a1e84693a9e0330-202303-flb*5564921-b2be6*M7216335391408783454*sl_5564921-b2be6*e04b8f63a0bac94eb9625ff575efada7a7b8a93c*13260-a70cb436-4c4ca68e*13260 HTTP 302
    https://yeah.achelous.mobi/rc/a91581ead4?affclick=642592cf36d2470001cee97a&pubid=503 Page URL
  10. https://c.adups.app/36399?click=pub14700ecb18cc4f098f24f6ec08024fd6&pubid=8063a697 HTTP 302
    https://792a9db8.linkbooster.click/rc/736006a179?affclick=23C30191656A036399028631c43fr&pubid=5c9ab Page URL
  11. https://track.gositego.live/sl?id=6372315a14cb732daa6b203e&pid=930&sub1=pub283cf435db8a4319b1e8d254db251306&sub2=5ff05558_5c9ab HTTP 302
    https://irugu.cogliatu.com/rc/19aff8b744?affclick=642592d10bbfd10001e8b3ed&pubid=930_5ff05558_5c9ab Page URL
  12. https://t3.hightid.com/s.php?p=c%3As_8942pggbfij953c&d=631f396258fd6b044f727c62&pid=pub74ceeff4e98f443eaaf7a124b33b9138&s=039ae99a HTTP 302
    https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_039ae99a HTTP 302
    https://popcash.net/world/go/134600/317194 HTTP 301
    http://ps.popcash.net/go/134600/317194 Page URL
  13. http://ps.popcash.net/ad/ad?p=134600&w=317194&t=6ceec89aec06e29b&r=&vw=1600&vh=1200 HTTP 303
    https://floweryduck.cc/smart?p=6S36gzrUCrHarZZkgCcPWQ2bbFaKnmmtLc3aRqmN4H&s=317194 HTTP 302
    https://google.com/ HTTP 301
    https://www.google.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://nuptialsaisle.com/tgThT5MIDM.MPLPKFPTVfzoNZQlitSBTPtl?dRsb06cc4fgHcy12RcdcfPdpc53ktdCQNcbbb4v HTTP 302
  • https://valleyutilityplay.com/1764a66a347332c3800/2_229413_2732280/198_3523556_3721083_63/703884767_185-236-203-124
Request Chain 23
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216335391408783454&website=13260-a70cb436-4c4ca68e&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=acd5f454eaff1c6e0a0a9bf37a394222&eyer=0.46862736008105643&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=ozil.glumiville.com HTTP 302
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216335391408783454&website=13260-a70cb436-4c4ca68e&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.46862736008105643&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=ozil.glumiville.com HTTP 302
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330008e7b0556325f3514cd1b2a1e84693a9e0330-202303-flb*5564921-b2be6*M7216335391408783454*sl_5564921-b2be6*e04b8f63a0bac94eb9625ff575efada7a7b8a93c*13260-a70cb436-4c4ca68e*13260 HTTP 302
  • https://yeah.achelous.mobi/rc/a91581ead4?affclick=642592cf36d2470001cee97a&pubid=503
Request Chain 26
  • https://c.adups.app/36399?click=pub14700ecb18cc4f098f24f6ec08024fd6&pubid=8063a697 HTTP 302
  • https://792a9db8.linkbooster.click/rc/736006a179?affclick=23C30191656A036399028631c43fr&pubid=5c9ab
Request Chain 30
  • https://track.gositego.live/sl?id=6372315a14cb732daa6b203e&pid=930&sub1=pub283cf435db8a4319b1e8d254db251306&sub2=5ff05558_5c9ab HTTP 302
  • https://irugu.cogliatu.com/rc/19aff8b744?affclick=642592d10bbfd10001e8b3ed&pubid=930_5ff05558_5c9ab
Request Chain 35
  • https://t3.hightid.com/s.php?p=c%3As_8942pggbfij953c&d=631f396258fd6b044f727c62&pid=pub74ceeff4e98f443eaaf7a124b33b9138&s=039ae99a HTTP 302
  • https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_039ae99a HTTP 302
  • https://popcash.net/world/go/134600/317194 HTTP 301
  • http://ps.popcash.net/go/134600/317194

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
nuptialsaisle.html
storage.googleapis.com/bjhgy/ 		631 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/bjhgy/nuptialsaisle.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-length
631
content-type
text/html
date
Thu, 30 Mar 2023 13:46:45 GMT
etag
"fc8629bfe960c2dbdd7d6e222dff39d3"
expires
Thu, 30 Mar 2023 14:46:45 GMT
last-modified
Thu, 16 Dec 2021 10:33:08 GMT
server
UploadServer
x-goog-generation
1639650788226966
x-goog-hash
crc32c=vopJtA== md5=/IYpv+lgwtvdfW4iLf850w==
x-goog-metageneration
2
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
631
x-guploader-uploadid
ADPycdsstdhasVyBGutNge8duxEsm_8brs4bj2WCmefQbXztPFOU18M5K8didmPV0M3kyhn-O2R0xwdFPk_b80Q6_xvaGJGXziK2
703884767_185-236-203-124
valleyutilityplay.com/1764a66a347332c3800/2_229413_2732280/198_3523556_3721083_63/
Redirect Chain
  • http://nuptialsaisle.com/tgThT5MIDM.MPLPKFPTVfzoNZQlitSBTPtl?dRsb06cc4fgHcy12RcdcfPdpc53ktdCQNcbbb4v
  • https://valleyutilityplay.com/1764a66a347332c3800/2_229413_2732280/198_3523556_3721083_63/703884767_185-236-203-124
269 B
582 B 		Document
General
Check archive.org
Download Go to
Full URL
https://valleyutilityplay.com/1764a66a347332c3800/2_229413_2732280/198_3523556_3721083_63/703884767_185-236-203-124
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/bjhgy/nuptialsaisle.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.128.197.187 London, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://storage.googleapis.com/bjhgy/nuptialsaisle.html#tgThT5MIDM.MPLPKFPTVfzoNZQlitSBTPtl?dRsb06cc4fgHcy12RcdcfPdpc53ktdCQNcbbb4v
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

Connection
close
Content-Length
269
Content-Type
text/html; charset=UTF-8
Date
Thu, 30 Mar 2023 13:46:46 GMT
Server
Apache

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 30 Mar 2023 13:46:45 GMT
Location
https://valleyutilityplay.com/1764a66a347332c3800/2_229413_2732280/198_3523556_3721083_63/703884767_185-236-203-124
Server
Apache
/
offer-connect.com/ 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&pshnm_scr=690444&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334798885&pubid=690444
Requested by
Host: valleyutilityplay.com
URL: https://valleyutilityplay.com/1764a66a347332c3800/2_229413_2732280/198_3523556_3721083_63/703884767_185-236-203-124
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.102.245.195 Redondo Beach, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
42fa66b97e0ca198bfa261e2398544d9b3dbe31a60ebb010f1afd102d851df5d

Request headers

Referer
https://valleyutilityplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
10008
Content-Type
text/html
Date
Thu, 30 Mar 2023 17:11:13 GMT
ETag
"63efd888-2718"
Last-Modified
Fri, 17 Feb 2023 19:42:00 GMT
Server
nginx/1.10.2
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&pshnm_scr=690444&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334798885&pubid=690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 09:43:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101027
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Mar 2024 09:43:01 GMT
css
fonts.googleapis.com/ 		6 KB
923 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,300,500,700,600,800
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&pshnm_scr=690444&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334798885&pubid=690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
41932365d84f651e0b60d43e451e494530d6c85455b04df9416577e584c382f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Mar 2023 13:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 13:46:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Mar 2023 13:46:48 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&pshnm_scr=690444&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334798885&pubid=690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 13:46:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
722
age
4747005
cdn-cachedat
11/18/2022 06:18:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
be050c61329891fb4ef880afd785a1b0
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7b00cd028aa09a0c-FRA
cdn-requestpullsuccess
True
63ed63298591f2001320edcc
api.pushnami.com/scripts/v1/pushnami-adv/ 		88 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&pshnm_scr=690444&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334798885&pubid=690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-22.fra60.r.cloudfront.net
Software
/
Resource Hash
ee607772e922f816ff318576900b4a7ca92449cd3f15881481a11fe30d934cdc

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 13:45:13 GMT
content-encoding
gzip
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
95
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
no-cache
x-amz-cf-id
OYUvbhZyyialsCr76E9ldoe79QpkebRwDkPPbQdTqzsGFwcfkrAnZQ==
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://offer-connect.com
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 13:46:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752
age
2061127
cdn-cachedat
08/17/2022 18:20:14
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
746933e61529be8366407880fd47077a
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7b00cd03cf176915-FRA
cdn-requestpullsuccess
True
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,300,500,700,600,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offer-connect.com
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 08:37:44 GMT
x-content-type-options
nosniff
age
18544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47728
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 17:55:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:37:44 GMT
track
trc.pushnami.com/api/push/ 		2 B
169 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.195.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-195-26.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://offer-connect.com/
accept-language
da-DK,da;q=0.9
key
63ed63298591f2001320edcc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Thu, 30 Mar 2023 13:46:48 GMT
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
content-length
2
content-type
text/html; charset=utf-8
track
trc.pushnami.com/api/push/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.195.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-195-26.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://offer-connect.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
date
Thu, 30 Mar 2023 13:46:48 GMT
hub
api.pushnami.com/scripts/v1/ Frame C560 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/hub
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-22.fra60.r.cloudfront.net
Software
/
Resource Hash
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' *
X-Content-Security-Policy default-src 'unsafe-inline' *

Request headers

Referer
https://offer-connect.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-origin
*
age
2449
cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src 'unsafe-inline' *
content-type
text/html; charset=utf-8
date
Thu, 30 Mar 2023 13:05:59 GMT
vary
accept-encoding
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-id
TbP-24b46RFc1s9yOnUvEyS0oMPVyYXrTsQQUWjz9tRrwBGl5YGFLA==
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
x-content-security-policy
default-src 'unsafe-inline' *
x-webkit-csp
default-src 'unsafe-inline' *
psp
psp.pushnami.com/api/ 		2 B
225 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.49.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-49-43.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://offer-connect.com/
accept-language
da-DK,da;q=0.9
key
63ed63298591f2001320edcc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://offer-connect.com
date
Thu, 30 Mar 2023 13:46:49 GMT
cache-control
no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
accept-encoding
content-type
text/html; charset=utf-8
psp
psp.pushnami.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.49.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-49-43.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://offer-connect.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
key
access-control-allow-methods
POST
access-control-allow-origin
https://offer-connect.com
access-control-expose-headers
content-type, content-length, etag
access-control-max-age
600
cache-control
no-cache
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 30 Mar 2023 13:46:48 GMT
vary
accept-encoding
9e8aef8068
lynku.jukminung.com/rc/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334798885&pshnm_scr=690444&pubid=690444
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&pshnm_scr=690444&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334798885&pubid=690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1cae -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ad7684c63dc4f386e30e02630a05c8e3727d20114fedbfd2527ce789fc3500dd

Request headers

Referer
https://offer-connect.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b00cd268d133a4f-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Thu, 30 Mar 2023 13:46:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVb%2BoVBunrpzf0Tma%2FiebcAoWfuPRnRJJuAh7vt%2B%2BxJZz1w%2FxH%2FCpKkm0B1AKQoZVTni3sr%2BiTtbFese9n%2FruUWrHHCPvY2oC7bryG7TVVJdWaxQEalEw%2BC0G7kfRqq30p6BZy%2BjcRvC7pa2dJRyNk5J"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334798885&pshnm_scr=690444&pubid=690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9efb -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 13:46:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SK3KBGMKJ4YWWVBV
age
5036
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
eBDdEZo2g3ixnFPTboxVSgjMRQX3dQ63xWWEjrbl2vu0jkNe5fS7HtGt8F3jGl6QdU4QACxpR9I=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=varFfAgDFELM0Xg%2FBQTkYcnR1CytrvunAquZgrchzx%2BM7QhF64wG4apBdLVkm%2Bj9FNa%2FRolBFgcn2kTuyjIg6tsQdLHBMH3FH%2FKg0g3ccPPqf4ednIEwOihiJZOAW0977XvGdIcTv%2BZUiikgyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7b00cd27fc08038e-FRA
invisible.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 2220 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680177600
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/bjhgy/nuptialsaisle.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1cae -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
0e696bfc1771d658a2840219f3c9caad71578bb0d491051b7ee40e6ac3317cdc

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 13:46:54 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XyZ2%2BWhuHI%2F%2F4WIwYdDCdMa6mf1vdLMfQDXWV6naKpxRPJNDSPb2%2FCmuDQF0Bg7pOKGJHSHR4u8WeyLSSmTmEK1p5Wh08EJBbFG2862TgnJJlXvdVVkM7YiEnbvCgNeZK36Qly%2FklnMM5X5QMqtLabQN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7b00cd285fcb3a4f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 2220 		7 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1cae -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 13:46:54 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRzYkbldD2tQzcG%2BI79P7YN3xM1PY80E1m%2FR0fEmRefoHC%2F7RS28igXNRc8Ztd6B9Z%2FQOg6webzbZTSNq%2BxauL9MFMu%2FvDqu4EA8jjgaCljXGoNyTpLRUjbe%2FcrhsfJ60rL0J9LOA663oL2xwSSxdu7a"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7b00cd28bc4e91d8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
ozil.glumiville.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ozil.glumiville.com/?utm_medium=4e9993c7e42157a307110d2807ad71b202109695&utm_campaign=mainstream_redirect&1=f82429a8&cid=pub9fa01b4f6d17438991d01959b978f2f9&2=690444
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334798885&pshnm_scr=690444&pubid=690444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.212.184.149 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.2.0
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 30 Mar 2023 13:46:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://ozil.glumiville.com/?utm_term=7216335391408783454&ver=4viyaptcjo
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
7b00cd268d133a4f
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 2220 		2 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/7b00cd268d133a4f
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680177600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1cae -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 30 Mar 2023 13:46:54 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kp3oyXaXd%2BeDIAlfJY0wiyQnCH9tZMS4bTUdnu77JK%2F4zqN1lamwH90evJP929aBVnA3VlRK1Am%2FHCdTQkTPt04K22xjnx5P5F4Wff5yw3PbAV1c80j86kkAZsts8BY1qmxtj3chP%2FS6RUL25uh%2FgZn9"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7b00cd2acf7291d8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
ozil.glumiville.com/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ozil.glumiville.com/?utm_term=7216335391408783454&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by
Host: ozil.glumiville.com
URL: https://ozil.glumiville.com/?utm_medium=4e9993c7e42157a307110d2807ad71b202109695&utm_campaign=mainstream_redirect&1=f82429a8&cid=pub9fa01b4f6d17438991d01959b978f2f9&2=690444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.212.184.149 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.2.0
Resource Hash
ee2f191db813a2aabc6126f25d85661eb1feba53cf52b9cfb9f8cf6c6d591b1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Referer
https://ozil.glumiville.com/?utm_medium=4e9993c7e42157a307110d2807ad71b202109695&utm_campaign=mainstream_redirect&1=f82429a8&cid=pub9fa01b4f6d17438991d01959b978f2f9&2=690444
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 30 Mar 2023 13:46:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
proc.php
ozil.glumiville.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ozil.glumiville.com/proc.php?38939034dcb433d8dc9a8812332fc3455764a972
Requested by
Host: ozil.glumiville.com
URL: https://ozil.glumiville.com/?utm_term=7216335391408783454&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.212.184.149 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.2.0
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Referer
https://ozil.glumiville.com/?utm_term=7216335391408783454&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 30 Mar 2023 13:46:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216335391408783454&website=13260-a70cb436-4c4ca68e&placement=13260
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
www.turbotrck.art/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216335391408783454&website=13260-a70cb436-4c4ca68e&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by
Host: ozil.glumiville.com
URL: https://ozil.glumiville.com/proc.php?38939034dcb433d8dc9a8812332fc3455764a972
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.82.147 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ozil.glumiville.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Thu, 30 Mar 2023 13:46:55 GMT
Transfer-Encoding
chunked
a91581ead4
yeah.achelous.mobi/rc/
Redirect Chain
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216335391408783454&website=13260-a70cb436-4c4ca68e&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbe...
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216335391408783454&website=13260-a70cb436-4c4ca68e&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbe...
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330008e7b0556325f3514cd1b2a1e84693a9e0330-202303-flb*5564921-b2be6*M7216335391408783454*sl_5564921-b2be6*e04b8f63a0bac9...
  • https://yeah.achelous.mobi/rc/a91581ead4?affclick=642592cf36d2470001cee97a&pubid=503
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yeah.achelous.mobi/rc/a91581ead4?affclick=642592cf36d2470001cee97a&pubid=503
Requested by
Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216335391408783454&website=13260-a70cb436-4c4ca68e&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
30993fe74846058b7e37bfd2f3329f47ebf1f31fbab202de5de12f56addca925

Request headers

Referer
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216335391408783454&website=13260-a70cb436-4c4ca68e&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b00cd316c709b82-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Thu, 30 Mar 2023 13:46:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqlGVv22DXFIt62VErhc0J0k%2BIUtHBL8PRxwjp0oCpJmXDPDm98%2FADFylWCBGSlPYTsY%2FvztOGltT3XtlYL7XiUNvj%2FmRdHgdRTm2b2GOgLU5gPOX1AS8eyFibU4PZZXAMw0TogGE%2FUaLVUhmsgJ4zU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Thu, 30 Mar 2023 13:46:55 GMT
location
https://yeah.achelous.mobi/rc/a91581ead4?affclick=642592cf36d2470001cee97a&pubid=503
referer
referrer-policy
no-referrer
server
nginx
x-adjust-use-original-forwarded-for
1
redirect.css
cdn.addlnk.com/ 		1 KB
719 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: yeah.achelous.mobi
URL: https://yeah.achelous.mobi/rc/a91581ead4?affclick=642592cf36d2470001cee97a&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9efb -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 13:46:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SK3KBGMKJ4YWWVBV
age
5037
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
eBDdEZo2g3ixnFPTboxVSgjMRQX3dQ63xWWEjrbl2vu0jkNe5fS7HtGt8F3jGl6QdU4QACxpR9I=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7qv699kX1YL%2BbZUbeVoRdN%2FcjgpeHOZ8MSho%2BWym%2FUKyFS0qEoCEZPgIb%2FRq%2BjahvGLZQkk4Gq6qZeNjz69q9kw%2BJzC8VhnCUGrKDk2ha70aoSmfLZureM%2B66GthkQ1Ctxcktker9DHCDxuPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7b00cd325e02038e-FRA
vb26e4fa9e5134444860be286fd8771851679335129114
static.cloudflareinsights.com/beacon.min.js/ 		0
0
736006a179
792a9db8.linkbooster.click/rc/
Redirect Chain
  • https://c.adups.app/36399?click=pub14700ecb18cc4f098f24f6ec08024fd6&pubid=8063a697
  • https://792a9db8.linkbooster.click/rc/736006a179?affclick=23C30191656A036399028631c43fr&pubid=5c9ab
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://792a9db8.linkbooster.click/rc/736006a179?affclick=23C30191656A036399028631c43fr&pubid=5c9ab
Requested by
Host: yeah.achelous.mobi
URL: https://yeah.achelous.mobi/rc/a91581ead4?affclick=642592cf36d2470001cee97a&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
200f7cd71d9b42ca80b368a639a4ffaf21d1c4ec3a8a0284899cae9a95293b97

Request headers

Referer
https://yeah.achelous.mobi/rc/a91581ead4?affclick=642592cf36d2470001cee97a&pubid=503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b00cd37d9ce039a-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Thu, 30 Mar 2023 13:46:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8e1AKGgpqKnU6IbtV3zZzvoQaXTvkH1yHAhVNOWj5vNZKoDNA7G04t%2FVhUwjG4UNX6zjM7APHJ%2BHkBdFv39Q6BE7GCPEYsZqoxDQN3hxPUhuRyevVFj8R0c7po0t1KAXwGg6nQSJTowc0WfsKIgz81SNE%2BDcKhjCA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-length
250
content-type
text/html; charset=utf-8
date
Thu, 30 Mar 2023 13:46:56 GMT
expires
0
location
https://792a9db8.linkbooster.click/rc/736006a179?affclick=23C30191656A036399028631c43fr&pubid=5c9ab
pragma
no-cache
surrogate-control
no-store
vary
Accept, Accept-Encoding
x-powered-by
Express
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: 792a9db8.linkbooster.click
URL: https://792a9db8.linkbooster.click/rc/736006a179?affclick=23C30191656A036399028631c43fr&pubid=5c9ab
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9efb -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 13:46:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1CDV1M9BTXYFXXX6
age
634
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
PMqJM36lmduKnrjw0ab5/EeSo7UVLnFZbYvMRXRbbtLCXXjAbytlHc1uVHWuQ6A1qKwwnT/4gKuxNla4w4fDGg==
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bY1uL7Qx%2Fq1HUjYf%2FIQYr%2Fuqr1Kf1i1jM5G1Bg1f0dDx1XkampaHq9yhOdZKyRqnGWE1sBoiP1bkyYjA7YcV5j5nQY9lNF2kv8BCd1qjBan76%2BVGLM0gFM0i8nLF6HOc3Ir9s6V9yWWkWsS5Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7b00cd38b8403838-FRA
invisible.js
792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame E3CA 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680177600
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/bjhgy/nuptialsaisle.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
9d6f1805d8208120bc3f7553031ff4aacba2a601250e9c6a6846123f83b54c2b

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 13:46:56 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZea5yZf7ZACa%2BqC1dg4vYP5EEHHm1hRJwEHn9GJiigqU5rmRTezTKApI6N95jP1%2B%2Btx1SnhuC%2BG6ev1ziCz%2B8sOLjDOWzNQT%2FWmMHs73BPNseqSdbGm9ql3QGOY7JIUgYdD%2FTswxEr6Enyvl%2B%2Bi9My59sZE7ZRTyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7b00cd391c13039a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/scripts/ Frame E3CA 		7 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 13:46:56 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGHp37roUno6mZHY46AQ7RP7pEUlwd2mDP2Y1a%2FHQUqaGU%2BHyNX3Zy%2FvklYLU5FwuO3hJS2ylovHQtEoAyUatKV1bYCqUY8fcwMPapvijfSPqO9jFr3jDHiAhbNUdq292I9hpwcKbmvxsmAIQeMI15%2FDK7kxUsm8tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7b00cd3978028fdd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
19aff8b744
irugu.cogliatu.com/rc/
Redirect Chain
  • https://track.gositego.live/sl?id=6372315a14cb732daa6b203e&pid=930&sub1=pub283cf435db8a4319b1e8d254db251306&sub2=5ff05558_5c9ab
  • https://irugu.cogliatu.com/rc/19aff8b744?affclick=642592d10bbfd10001e8b3ed&pubid=930_5ff05558_5c9ab
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://irugu.cogliatu.com/rc/19aff8b744?affclick=642592d10bbfd10001e8b3ed&pubid=930_5ff05558_5c9ab
Requested by
Host: 792a9db8.linkbooster.click
URL: https://792a9db8.linkbooster.click/rc/736006a179?affclick=23C30191656A036399028631c43fr&pubid=5c9ab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f3fdb40aa867d1dfbec34c5911245f49a03e35d8279c3df14b294391bc50c8ae

Request headers

Referer
https://792a9db8.linkbooster.click/rc/736006a179?affclick=23C30191656A036399028631c43fr&pubid=5c9ab
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b00cd3b1c909b94-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Thu, 30 Mar 2023 13:46:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsHgoxR5OrnYtZXgl65j0fHHQmpqcPNHpnBy5NjQ6aYQAu%2FqMyFrLYS0hg%2FgbNg4%2FjVlwsoiNdPpnAAOMij0JZNoxiGqcXp2rBFM8qB6Qc15RjT6wUKOxehJVZh4Sm677a1fKaPpD8C1LjAhqL6DrCk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Thu, 30 Mar 2023 13:46:57 GMT
location
https://irugu.cogliatu.com/rc/19aff8b744?affclick=642592d10bbfd10001e8b3ed&pubid=930_5ff05558_5c9ab
server
nginx
x-adjust-use-original-forwarded-for
1
7b00cd37d9ce039a
792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/cv/result/ Frame E3CA 		2 B
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/cv/result/7b00cd37d9ce039a
Requested by
Host: 792a9db8.linkbooster.click
URL: https://792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680177600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 30 Mar 2023 13:46:57 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRxIfYp9Y5Sn57H3rm0C1IahQM3w23GMA5bAv9Z0qfiZ%2FfIChruC5SzpL2a461FR%2BfzR4dyQ5sve95wWPVSug2J8RRtDsp8dZmyNRPHO6rZX1vQoaY7KAMhBJtpmJwO5PpDlNGTkOx6M2%2B%2FSG8KhgRrZ8Ek%2B1pVwYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7b00cd3b6a698fdd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: irugu.cogliatu.com
URL: https://irugu.cogliatu.com/rc/19aff8b744?affclick=642592d10bbfd10001e8b3ed&pubid=930_5ff05558_5c9ab
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9efb -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 13:46:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1CDV1M9BTXYFXXX6
age
635
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
PMqJM36lmduKnrjw0ab5/EeSo7UVLnFZbYvMRXRbbtLCXXjAbytlHc1uVHWuQ6A1qKwwnT/4gKuxNla4w4fDGg==
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQx7TAxwnuAFzJyGsf3PtDMya6RyjCFC32uqwrQ80OVHOOXPFgrjEYY8Xx1PZwEZRmg9NoTAIFW9gw%2FwceHpMLuFgAKaX5qfnqXrstWT8v4TS8gjkFcyVWPA6YMFOa53XsR5Z6SHWB%2BcdmnFIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7b00cd3bdd253838-FRA
invisible.js
irugu.cogliatu.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame EB67 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://irugu.cogliatu.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680177600
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/bjhgy/nuptialsaisle.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
eeda9db10c17a3f8f76d881cab180880d1c115e1e38226deb33cc3e361418821

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 13:46:57 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7I4gDPk4OJr5Sdx4OZ6saeRK%2BHOsBCFIegEvVH2RoZPXtTFmWTfdVUtlZ3pCWAAbMaaUJmT2XDP9XR1q3rPPhGrhpB1RcB53j0fIqjT9WiFV6098VcezhGK3vCdHZ4oca7jLnBFBQCZqn5m%2BRYGfTk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7b00cd3c2e429b94-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
irugu.cogliatu.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame EB67 		7 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://irugu.cogliatu.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 13:46:57 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwWtmBMmK6OQMWGMa6SVm2oDokWGsicoQ3i8SoGy7xNcbdeTecyUhdO47KuOpDWneY%2Bj5gnbrkdnL2414ZJ4sVtzxV4%2FPswxX4es3ZBO%2BcopSbCBIJJbVQ3zMlhwSqcWAcklMRP8tf5EYPHdFlP%2FNdQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7b00cd3c7bbd9055-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
317194
ps.popcash.net/go/134600/
Redirect Chain
  • https://t3.hightid.com/s.php?p=c%3As_8942pggbfij953c&d=631f396258fd6b044f727c62&pid=pub74ceeff4e98f443eaaf7a124b33b9138&s=039ae99a
  • https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_039ae99a
  • https://popcash.net/world/go/134600/317194
  • http://ps.popcash.net/go/134600/317194
426 B
459 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ps.popcash.net/go/134600/317194
Requested by
Host: irugu.cogliatu.com
URL: https://irugu.cogliatu.com/rc/19aff8b744?affclick=642592d10bbfd10001e8b3ed&pubid=930_5ff05558_5c9ab
Protocol
HTTP/1.1
Server
52.44.122.204 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://irugu.cogliatu.com/rc/19aff8b744?affclick=642592d10bbfd10001e8b3ed&pubid=930_5ff05558_5c9ab
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
271
Content-Type
text/html
Date
Thu, 30 Mar 2023 13:46:58 GMT
Server
nginx
Vary
Accept-Encoding

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
7b00cd40cac33a98-FRA
content-length
162
content-type
text/html
date
Thu, 30 Mar 2023 13:46:58 GMT
location
http://ps.popcash.net/go/134600/317194
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtXgxvckjZtMhG5hGB%2Fm6jbuKE7iGWiCp8KXU%2FMeuRV%2FjAYPvzItiAbPJVhMR%2B3TxU72NjwV%2Ffqml8pBFUAwhdj3dmogNLO2nFBIZxn5YMBVA37Yh%2FhAFF2h0a%2F0bzIISdwwq2k%2FmsWL"}],"group":"cf-nel","max_age":604800}
server
cloudflare
7b00cd3b1c909b94
irugu.cogliatu.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame EB67 		2 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://irugu.cogliatu.com/cdn-cgi/challenge-platform/h/b/cv/result/7b00cd3b1c909b94
Requested by
Host: irugu.cogliatu.com
URL: https://irugu.cogliatu.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680177600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 30 Mar 2023 13:46:57 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vc%2BNYuaV6x9A8Obs9icPT1irFAPbvicPjnJm%2F9RC9kkYDRY2cZ%2FODwOWJsv28%2Fs97IWGemAihotn094oEDfCMhw2SNAAVI6%2FCgeeoGK1ZwbShPRLhOJperxZtbdOS2cvJnxtkA%2B3EjoJKStsMIgo%2BF4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7b00cd3e2e079055-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request /
www.google.com/
Redirect Chain
  • http://ps.popcash.net/ad/ad?p=134600&w=317194&t=6ceec89aec06e29b&r=&vw=1600&vh=1200
  • https://floweryduck.cc/smart?p=6S36gzrUCrHarZZkgCcPWQ2bbFaKnmmtLc3aRqmN4H&s=317194
  • https://google.com/
  • https://www.google.com/
196 KB
61 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/
Requested by
Host: ps.popcash.net
URL: http://ps.popcash.net/go/134600/317194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 -, , ASN (),
Reverse DNS
Software
gws /
Resource Hash
7000d1e04b4c3e037b6dc13c085331eaac563cc49701a4b3fb2b0a50358c8d93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://ps.popcash.net/go/134600/317194
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
61106
content-security-policy-report-only
object-src 'none';base-uri 'self';script-src 'nonce-_p_Zq1uYs02m5SpOUaxVDw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Thu, 30 Mar 2023 13:46:59 GMT
expires
-1
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=2592000
content-length
220
content-security-policy-report-only
object-src 'none';base-uri 'self';script-src 'nonce-uJywsHuauy24YK1iB-uLzA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Thu, 30 Mar 2023 13:46:59 GMT
expires
Thu, 30 Mar 2023 13:46:59 GMT
location
https://www.google.com/
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-frame-options
SAMEORIGIN
x-xss-protection
0
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: www.google.com
URL: https://www.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 13:46:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5969
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 30 Mar 2023 13:46:59 GMT
tia.png
www.google.com/tia/ 		258 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/tia/tia.png
Requested by
Host: www.google.com
URL: https://www.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
c532312eea8020a0370685b222a02b11becd58cd394b509029dff5956127dd81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 Sep 2019 01:00:00 GMT
server
sffe
age
70908
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
258
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 28 Mar 2024 18:05:11 GMT
truncated
/ 		315 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfc968774223d526b5bd576d65d52926560be675eb4d289e4b50b6b2d1c4c34c

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
tia.png
www.gstatic.com/inputtools/images/ 		151 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/inputtools/images/tia.png
Requested by
Host: www.google.com
URL: https://www.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4ebecfbb2c9cff1741b805876370db38d862a037f652d6f647ce51995e03df2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
age
70908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/inputtools
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="inputtools"
vary
Origin
report-to
{"group":"inputtools","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/inputtools"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Mar 2024 18:05:11 GMT
desktop_searchbox_sprites318_hr.webp
www.google.com/images/searchbox/ 		660 B
763 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp
Requested by
Host: www.google.com
URL: https://www.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 13:46:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 22 Apr 2020 22:00:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/webp
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
660
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 30 Mar 2023 13:46:59 GMT
24px.svg
fonts.gstatic.com/s/i/productlogos/googleg/v6/ 		742 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.gstatic.com/s/i/productlogos/googleg/v6/24px.svg
Requested by
Host: www.google.com
URL: https://www.google.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed9087d76cdc6d1c53698f6068f79872e77e87c8d012c0cfdad13b05b6ccb37c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 00:44:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219751
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
438
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 17:17:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Mar 2024 00:44:28 GMT
gen_204
www.google.com/ 		0
217 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/gen_204?ei=05IlZMHJDMGM8gLu8oPIAw&vet=10ahUKEwiB__yc5YP-AhVBhlwKHW75ADkQhJAHCBs..s&gl=DK&pc=SEARCH_HOMEPAGE&isMobile=false
Requested by
Host: www.google.com
URL: https://www.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 -, , ASN (),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 30 Mar 2023 13:46:59 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
content-security-policy-report-only
object-src 'none';base-uri 'self';script-src 'nonce-3rC4O5yPcX4uEGywcbW6Jw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ 		775 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
592fa7f72e229674612ddb6f5578f05cdcd1e8aa470d3fa257415e2c7499e435

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		236 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e641d94ac2d51089bf1282148963c8b2253dcfe089861537544b44b346672f0

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		197 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5d67eaa85688500479563e35f5f52c860a32d66234bc5326b4acae00e20bf63

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		686 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
228a729bd6316ceac03ebdf00ccfa5dab5429a38f0598ec0c9f228b16b26261f

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		338 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b01d1155941a02829ae5eaecfd86c83f7e7a5a6e34edd94a0b7780f4ae1ae78

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
948fe62ca3b291d8bccb2f4799f97bd46f1d670f85d8f275d0347f7398e50e99

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
gen_204
www.google.com/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=05IlZMHJDMGM8gLu8oPIAw&zx=1680184019379
Requested by
Host: www.google.com
URL: https://www.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 -, , ASN (),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 13:46:59 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
content-security-policy-report-only
object-src 'none';base-uri 'self';script-src 'nonce-yEFy4iqs-oCSxzfeCLzgqQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rs=AA2YrTs2RYk6Tie4zNbMQDAQQ16wGo-kVg
www.gstatic.com/og/_/js/k=og.qtm.en_US.CkSM1Vlbt_Q.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/ 		184 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/og/_/js/k=og.qtm.en_US.CkSM1Vlbt_Q.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/rs=AA2YrTs2RYk6Tie4zNbMQDAQQ16wGo-kVg
Requested by
Host: www.google.com
URL: https://www.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
3cdc7154c31b0c6176ab9057ee4d13987d14bd00a38dcdbd440ee53e4ab69f03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 08:39:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104828
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67119
x-xss-protection
0
last-modified
Sun, 26 Mar 2023 01:38:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="one-google-eng"
vary
Accept-Encoding, Origin
report-to
{"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Mar 2024 08:39:51 GMT
rs=AA2YrTtTHkGmV8RdF-FsrYVvt-yGxBBi6Q
www.gstatic.com/og/_/ss/k=og.qtm.pSyBBNJ6DkA.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/ct=zgms/ 		390 B
825 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/og/_/ss/k=og.qtm.pSyBBNJ6DkA.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/ct=zgms/rs=AA2YrTtTHkGmV8RdF-FsrYVvt-yGxBBi6Q
Requested by
Host: www.google.com
URL: https://www.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
7af141288ae7584338d7314dc784ac5740b5017adbb3d8f1512d0c76b391b39f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 12:44:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3762
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
274
x-xss-protection
0
last-modified
Fri, 24 Mar 2023 01:46:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="one-google-eng"
vary
Accept-Encoding, Origin
report-to
{"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Mar 2024 12:44:17 GMT
gen_204
www.google.com/ 		0
19 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=05IlZMHJDMGM8gLu8oPIAw&rt=wsrt.868,aft.237,afti.237,prt.87&wh=1200&imn=7&ima=3&imad=0&imac=0&imf=0&aft=1&aftp=1200&bl=JMDr
Requested by
Host: www.google.com
URL: https://www.google.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 -, , ASN (),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 30 Mar 2023 13:46:59 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
content-security-policy-report-only
object-src 'none';base-uri 'self';script-src 'nonce-FHtdPCtno4uQKaPjwGcwrg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.fpEXMBCWMKc.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9SQGHwxhl93I-W5KEIEdf87vGuqQ/ 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.fpEXMBCWMKc.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9SQGHwxhl93I-W5KEIEdf87vGuqQ/cb=gapi.loaded_0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.CkSM1Vlbt_Q.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/rs=AA2YrTs2RYk6Tie4zNbMQDAQQ16wGo-kVg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
3441646e0ff7ad87a85f05ac6fd907e8845a7e715aa23ca33937bc3269440172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 10:52:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38398
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 15:42:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Mar 2024 10:52:42 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.cloudflareinsights.com
URL
https://static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| $ function| jQuery function| showSecondStep boolean| isRollbar object| pushWrap function| showFbChkOptIn object| mailnamiPromptModule undefined| o object| mailnami object| Pushnami function| CrossStorageClient object| pushnamiStorage function| uuid

1 Cookies

Domain/Path Name / Value
valleyutilityplay.com/ Name: uid15295
Value: 1334798885-20230330094646-0ecbe18cc764c84426ae0484675fc259-

1 Console Messages

Source Level URL
Text
other error URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&pshnm_scr=690444&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334798885&pubid=690444
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

792a9db8.linkbooster.click
admoustache.media-412.com
ajax.googleapis.com
api.pushnami.com
apis.google.com
c.adups.app
cdn.addlnk.com
floweryduck.cc
fonts.googleapis.com
fonts.gstatic.com
google.com
irugu.cogliatu.com
lynku.jukminung.com
maxcdn.bootstrapcdn.com
nuptialsaisle.com
offer-connect.com
ozil.glumiville.com
popcash.net
ps.popcash.net
psp.pushnami.com
ron.trffclb.com
static.cloudflareinsights.com
storage.googleapis.com
t3.hightid.com
track.gositego.live
trc.pushnami.com
valleyutilityplay.com
www.google.com
www.gstatic.com
www.turbotrck.art
yeah.achelous.mobi
static.cloudflareinsights.com
13.32.99.22
168.119.142.248
174.138.122.163
23.94.86.122
2606:4700:3032::6815:1cae
2606:4700:3035::6815:3426
2606:4700:3035::ac43:9efb
2606:4700::6812:bcf
2a00:1450:4001:800::200a
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:812::2003
2a00:1450:4001:829::2010
2a00:1450:4001:830::200a
2a00:1450:4001:831::2004
2a06:98c1:3120::3
2a06:98c1:3121::3
34.141.179.97
34.147.1.177
34.206.49.43
38.102.245.195
51.161.115.163
51.68.82.147
51.83.143.92
52.44.122.204
54.145.195.26
67.212.184.149
81.128.197.187
0e696bfc1771d658a2840219f3c9caad71578bb0d491051b7ee40e6ac3317cdc
1e641d94ac2d51089bf1282148963c8b2253dcfe089861537544b44b346672f0
200f7cd71d9b42ca80b368a639a4ffaf21d1c4ec3a8a0284899cae9a95293b97
228a729bd6316ceac03ebdf00ccfa5dab5429a38f0598ec0c9f228b16b26261f
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30993fe74846058b7e37bfd2f3329f47ebf1f31fbab202de5de12f56addca925
3441646e0ff7ad87a85f05ac6fd907e8845a7e715aa23ca33937bc3269440172
3cdc7154c31b0c6176ab9057ee4d13987d14bd00a38dcdbd440ee53e4ab69f03
41932365d84f651e0b60d43e451e494530d6c85455b04df9416577e584c382f7
42fa66b97e0ca198bfa261e2398544d9b3dbe31a60ebb010f1afd102d851df5d
4ebecfbb2c9cff1741b805876370db38d862a037f652d6f647ce51995e03df2c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
592fa7f72e229674612ddb6f5578f05cdcd1e8aa470d3fa257415e2c7499e435
7000d1e04b4c3e037b6dc13c085331eaac563cc49701a4b3fb2b0a50358c8d93
73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7af141288ae7584338d7314dc784ac5740b5017adbb3d8f1512d0c76b391b39f
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8b01d1155941a02829ae5eaecfd86c83f7e7a5a6e34edd94a0b7780f4ae1ae78
948fe62ca3b291d8bccb2f4799f97bd46f1d670f85d8f275d0347f7398e50e99
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
9d6f1805d8208120bc3f7553031ff4aacba2a601250e9c6a6846123f83b54c2b
ad7684c63dc4f386e30e02630a05c8e3727d20114fedbfd2527ce789fc3500dd
b5d67eaa85688500479563e35f5f52c860a32d66234bc5326b4acae00e20bf63
c532312eea8020a0370685b222a02b11becd58cd394b509029dff5956127dd81
dfc968774223d526b5bd576d65d52926560be675eb4d289e4b50b6b2d1c4c34c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed9087d76cdc6d1c53698f6068f79872e77e87c8d012c0cfdad13b05b6ccb37c
ee2f191db813a2aabc6126f25d85661eb1feba53cf52b9cfb9f8cf6c6d591b1d
ee607772e922f816ff318576900b4a7ca92449cd3f15881481a11fe30d934cdc
eeda9db10c17a3f8f76d881cab180880d1c115e1e38226deb33cc3e361418821
f3fdb40aa867d1dfbec34c5911245f49a03e35d8279c3df14b294391bc50c8ae