urlscan.io logo urlscan.io
SecurityTrails logo

www.primarkingfun.giving Open in urlscan Pro
51.68.81.31  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://go.daffuq.com/fts/2jkczmc2jcaj-2jl7xzs2nolq?campaign=402865620&external=172338246309990tuktv62001rac8r31r4020r...
Effective URL: https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7402182350043348995&site=11574-e153c0d3&pub_sub_id=11574
Submission: On August 12 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 14 HTTP transactions. The main IP is 51.68.81.31, located in United Kingdom and belongs to OVH, FR. The main domain is www.primarkingfun.giving.
TLS certificate: Issued by R10 on July 29th 2024. Valid for: 3 months.
This is the only time www.primarkingfun.giving was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 7 188.114.97.3 13335 (CLOUDFLAR...)
3 178.63.248.57 24940 (HETZNER-AS)
2 157.90.33.121 24940 (HETZNER-AS)
3 67.212.173.76 32475 (SINGLEHOP...)
1 51.68.81.31 16276 (OVH)
14 6
7    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
go.daffuq.com
daffuq.com
3    178.63.248.57 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sub6.1push.io
sdk4push.com
2    157.90.33.121 (Ismaning, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sub4.1push.io
uidsync.net
3    67.212.173.76 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
redirect.24x7report.com
1    51.68.81.31 (United Kingdom)

ASN16276 (OVH, FR)
www.primarkingfun.giving
Apex Domain
Subdomains		 Transfer
7 daffuq.com
go.daffuq.com
daffuq.com — Cisco Umbrella Rank: 402060
7 KB
3 24x7report.com
redirect.24x7report.com
4 KB
3 sdk4push.com
sdk4push.com — Cisco Umbrella Rank: 109537
16 KB
2 uidsync.net
uidsync.net — Cisco Umbrella Rank: 36672
704 B
1 primarkingfun.giving
www.primarkingfun.giving
4 KB
0 temu.com Failed
www.temu.com Failed
14 6
Domain Requested by
5 daffuq.com 1 redirects daffuq.com
3 redirect.24x7report.com daffuq.com
3 sdk4push.com daffuq.com
sdk4push.com
2 uidsync.net sdk4push.com
2 go.daffuq.com 2 redirects
1 www.primarkingfun.giving redirect.24x7report.com
0 www.temu.com Failed www.primarkingfun.giving
14 7

This site contains no links.

Subject Issuer Validity Valid
daffuq.com
WE1		 2024-07-12 -
2024-10-10		 3 months crt.sh
sdk4push.com
R11		 2024-08-09 -
2024-11-07		 3 months crt.sh
uidsync.net
Sectigo RSA Domain Validation Secure Server CA		 2023-12-30 -
2025-01-29		 a year crt.sh
redirect.24x7report.com
E6		 2024-06-23 -
2024-09-21		 3 months crt.sh
www.primarkingfun.giving
R10		 2024-07-29 -
2024-10-27		 3 months crt.sh

This page contains 1 frames:

Frame: https://www.temu.com/kuiper/uk1.html?subj=bundle-un&_bg_fs=1&_p_mat2_type=a1001&_p_jump_id=875&_x_vst_scene=adg&_p_rfs=1&_x_ads_channel=kol_affiliate&_x_campaign=affiliate&_x_cid=2038718441kol_affiliate&_x_ads_csite=mai&g_site=111&g_lg=en&g_region=163&g_ccy=EUR
Frame ID: 19306FE3DDBFFE87D816AA1112F88DDC
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://go.daffuq.com/fts/2jkczmc2jcaj-2jl7xzs2nolq?campaign=402865620&external=172338246309990tuk... HTTP 307
    https://go.daffuq.com/fts/2jkczmc2jcaj-2jl7xzs2nolq?campaign=402865620&external=172338246309990tuk... HTTP 301
    https://daffuq.com/f/push/index.html/?clickid=41apvv4b5d9bx26fwc006h&source_id=2jkCZMc2JCAj-2jl... HTTP 301
    https://daffuq.com/f/push/?clickid=41apvv4b5d9bx26fwc006h&source_id=2jkCZMc2JCAj-2jl7xzs2nolq&v... Page URL
  2. https://go.daffuq.com/action/1 HTTP 301
    https://redirect.24x7report.com/?1=2jkCZMc2JCAj&cid=41apvv4b5d9bx26fwc008h&np=1&utm_campaign=FF_UK_Smartlink... Page URL
  3. https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7402182350043348995&site=11574-e153c0d3&pub_... Page URL

Page Statistics

14
Requests

93 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

6
IPs

4
Countries

29 kB
Transfer

71 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://go.daffuq.com/fts/2jkczmc2jcaj-2jl7xzs2nolq?campaign=402865620&external=172338246309990tuktv62001rac8r31r4020rcff9rde9dr4bcdrc6vad491&c=0.000049908&zone=6871936-156038340 HTTP 307
    https://go.daffuq.com/fts/2jkczmc2jcaj-2jl7xzs2nolq?campaign=402865620&external=172338246309990tuktv62001rac8r31r4020rcff9rde9dr4bcdrc6vad491&c=0.000049908&zone=6871936-156038340 HTTP 301
    https://daffuq.com/f/push/index.html/?clickid=41apvv4b5d9bx26fwc006h&source_id=2jkCZMc2JCAj-2jl7xzs2nolq&vid=fed7S8ofSz6pRkY2nV2f3WFHgx HTTP 301
    https://daffuq.com/f/push/?clickid=41apvv4b5d9bx26fwc006h&source_id=2jkCZMc2JCAj-2jl7xzs2nolq&vid=fed7S8ofSz6pRkY2nV2f3WFHgx Page URL
  2. https://go.daffuq.com/action/1 HTTP 301
    https://redirect.24x7report.com/?1=2jkCZMc2JCAj&cid=41apvv4b5d9bx26fwc008h&np=1&utm_campaign=FF_UK_Smartlink&utm_medium=e2d341ca2ab15ef7201bcf0797950ce6940fc60e&vid=fed7S8ofSz6pRkY2nV2f3WFHgx Page URL
  3. https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7402182350043348995&site=11574-e153c0d3&pub_sub_id=11574 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://go.daffuq.com/fts/2jkczmc2jcaj-2jl7xzs2nolq?campaign=402865620&external=172338246309990tuktv62001rac8r31r4020rcff9rde9dr4bcdrc6vad491&c=0.000049908&zone=6871936-156038340 HTTP 307
  • https://go.daffuq.com/fts/2jkczmc2jcaj-2jl7xzs2nolq?campaign=402865620&external=172338246309990tuktv62001rac8r31r4020rcff9rde9dr4bcdrc6vad491&c=0.000049908&zone=6871936-156038340 HTTP 301
  • https://daffuq.com/f/push/index.html/?clickid=41apvv4b5d9bx26fwc006h&source_id=2jkCZMc2JCAj-2jl7xzs2nolq&vid=fed7S8ofSz6pRkY2nV2f3WFHgx HTTP 301
  • https://daffuq.com/f/push/?clickid=41apvv4b5d9bx26fwc006h&source_id=2jkCZMc2JCAj-2jl7xzs2nolq&vid=fed7S8ofSz6pRkY2nV2f3WFHgx
Request Chain 9
  • https://go.daffuq.com/action/1 HTTP 301
  • https://redirect.24x7report.com/?1=2jkCZMc2JCAj&cid=41apvv4b5d9bx26fwc008h&np=1&utm_campaign=FF_UK_Smartlink&utm_medium=e2d341ca2ab15ef7201bcf0797950ce6940fc60e&vid=fed7S8ofSz6pRkY2nV2f3WFHgx
Request Chain 12
  • https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7402182350043348995&site=11574-e153c0d3&pub_sub_id=11574&eyeg=84e099f601c88a6219c7f41255751b30&eyer=0.4748134889847633&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=redirect.24x7report.com HTTP 302
  • https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7402182350043348995&site=11574-e153c0d3&pub_sub_id=11574&eyeg=3&eyer=0.4748134889847633&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=redirect.24x7report.com HTTP 302
  • https://temu.to/m/uv25z90juei HTTP 301
  • https://www.temu.com/kuiper/uk1.html?subj=bundle-un&_bg_fs=1&_p_mat2_type=a1001&_p_jump_id=875&_x_vst_scene=adg&_p_rfs=1&_x_ads_channel=kol_affiliate&_x_campaign=affiliate&_x_cid=2038718441kol_affiliate&_x_ads_csite=mai&g_site=111&g_lg=en&g_region=163&g_ccy=EUR

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
daffuq.com/f/push/
Redirect Chain
  • http://go.daffuq.com/fts/2jkczmc2jcaj-2jl7xzs2nolq?campaign=402865620&external=172338246309990tuktv62001rac8r31r4020rcff9rde9dr4bcdrc6vad491&c=0.000049908&zone=6871936-156038340
  • https://go.daffuq.com/fts/2jkczmc2jcaj-2jl7xzs2nolq?campaign=402865620&external=172338246309990tuktv62001rac8r31r4020rcff9rde9dr4bcdrc6vad491&c=0.000049908&zone=6871936-156038340
  • https://daffuq.com/f/push/index.html/?clickid=41apvv4b5d9bx26fwc006h&source_id=2jkCZMc2JCAj-2jl7xzs2nolq&vid=fed7S8ofSz6pRkY2nV2f3WFHgx
  • https://daffuq.com/f/push/?clickid=41apvv4b5d9bx26fwc006h&source_id=2jkCZMc2JCAj-2jl7xzs2nolq&vid=fed7S8ofSz6pRkY2nV2f3WFHgx
1 KB
973 B 		Document
General
Check archive.org
Download Go to
Full URL
https://daffuq.com/f/push/?clickid=41apvv4b5d9bx26fwc006h&source_id=2jkCZMc2JCAj-2jl7xzs2nolq&vid=fed7S8ofSz6pRkY2nV2f3WFHgx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
735d236accc444b6f85923a2e916b0972739453c8ee0c88cadeaac0ef491f967

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
60487
alt-svc
h3=":443"; ma=86400
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
cf-cache-status
DYNAMIC
cf-ray
8b1f6ebceca2bbd1-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 12 Aug 2024 09:27:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zLIuLKVAOAc%2BWaKVu6xRbhE7AdWQq4gnyGxBj44eKMt6OvgJx4M3MSh8vlQFwMUQXXVh50tjNZeJHSuoS%2BjqRgOcuEUnPmnCLjLNxWZAUzXO9GMODWA1xKbSOQ%2By"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-nf-request-id
01J52YMWH0FCYZZG7W31SHEXPQ

Redirect headers

accept-ranges
bytes
age
49065
alt-svc
h3=":443"; ma=86400
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
cf-cache-status
DYNAMIC
cf-ray
8b1f6ebc2bd1bbd1-FRA
content-type
text/html; charset=UTF-8
date
Mon, 12 Aug 2024 09:27:58 GMT
location
/f/push/?clickid=41apvv4b5d9bx26fwc006h&source_id=2jkCZMc2JCAj-2jl7xzs2nolq&vid=fed7S8ofSz6pRkY2nV2f3WFHgx
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HahKH82aa%2F0L5rLAecmgFbOpqBYiKsbXhDHQxJMwYnEwzH87dYP4rDeHrCS3nxmoxzcHoEt3P8BdAY%2F7xZP%2B9KzuwreM1QjbidC8dxI%2BdPVKvyLjK3U4I1eEkTyI"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-nf-request-id
01J52YMWDZVW3D21CK3N78HPS2
ff-main-roll-track.js
daffuq.com/ 		759 B
866 B 		Script
General
Check archive.org
Download Go to
Full URL
https://daffuq.com/ff-main-roll-track.js
Requested by
Host: daffuq.com
URL: https://daffuq.com/f/push/?clickid=41apvv4b5d9bx26fwc006h&source_id=2jkCZMc2JCAj-2jl7xzs2nolq&vid=fed7S8ofSz6pRkY2nV2f3WFHgx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a86848b4f0603a7b85a9e126998e0faec653f3413fc46bc52a9404a6e60eb0b2

Request headers

Referer
https://daffuq.com/f/push/?clickid=41apvv4b5d9bx26fwc006h&source_id=2jkCZMc2JCAj-2jl7xzs2nolq&vid=fed7S8ofSz6pRkY2nV2f3WFHgx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J43AD40SQDFRRA20MPQ281JY
date
Mon, 12 Aug 2024 09:27:58 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=934
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"e59c6f4cb81ccbb112421a13c9e7f8b2-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=okEeJIyjvThERm3cPQKV%2BKgiAtLNx13DxSDfjNnF4NesUNJCJKjcEj0OsXyD4qxxPKizOOPgU8fcN%2Bxb7J0diLbsQPeB6wvKjM37yWq1PuqxiRAxwKqKHPktT7re"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
8b1f6ebd6d54bbd1-FRA
main-track.js
daffuq.com/ 		702 B
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://daffuq.com/main-track.js
Requested by
Host: daffuq.com
URL: https://daffuq.com/f/push/?clickid=41apvv4b5d9bx26fwc006h&source_id=2jkCZMc2JCAj-2jl7xzs2nolq&vid=fed7S8ofSz6pRkY2nV2f3WFHgx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
335cf26a41db75d14d6fc3f558237ca9275b39b5185ad62706d0acddbf29c628

Request headers

Referer
https://daffuq.com/f/push/?clickid=41apvv4b5d9bx26fwc006h&source_id=2jkCZMc2JCAj-2jl7xzs2nolq&vid=fed7S8ofSz6pRkY2nV2f3WFHgx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J4T64CPAKPF0BQAJF6F3E796
date
Mon, 12 Aug 2024 09:27:58 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=929
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"504ee57eb60b78a6b7c7fa571a1c8e45-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cE9lqxRlqDm0xSX%2BzMdTupgEqBB6V%2FFHE6S30I%2FJRe0AMSOEqTypF4Jao1pLGdYjXt3VQrcGp3KwBNKxZXRAKOluILDe%2BBXAYjwBraX8%2BuuEybZKP69wWK3sMoiO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
8b1f6ebd6d57bbd1-FRA
sdk.js
sdk4push.com/f/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk4push.com/f/sdk.js?z=1224668
Requested by
Host: daffuq.com
URL: https://daffuq.com/ff-main-roll-track.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.63.248.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub6.1push.io
Software
Angie /
Resource Hash
e262ef50087ba989210c7530f073b5288c7738b92314d706f5d6a7989449d413

Request headers

Referer
https://daffuq.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 09:27:58 GMT
content-encoding
gzip
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate
server
Angie
content-length
15349
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
event
sdk4push.com/ 		0
523 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sdk4push.com/event?z=1224668
Requested by
Host: sdk4push.com
URL: https://sdk4push.com/f/sdk.js?z=1224668
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.63.248.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub6.1push.io
Software
Angie /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://daffuq.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 12 Aug 2024 09:27:58 GMT
server
Angie
accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://daffuq.com
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
content-length
0
expires
Tue, 11 Jan 1994 00:00:00 GMT
favicon.ico
daffuq.com/ 		3 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://daffuq.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
776e7455e3b0cbb09fdbb5bf269a6b3e0404430f882e215985ecaaca7b805221

Request headers

Referer
https://daffuq.com/f/push/?clickid=41apvv4b5d9bx26fwc006h&source_id=2jkCZMc2JCAj-2jl7xzs2nolq&vid=fed7S8ofSz6pRkY2nV2f3WFHgx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J52YMWVH3ZSV3WKB2ZJYPTQG
date
Mon, 12 Aug 2024 09:27:58 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; hit
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OUUzaKtj%2F9HGvroeiT9d5cxpXn6YS2%2BTLA4uwIe68D9kUbglq10wX1RaxXiecOWyo9XH5%2BdOvn53QwNlVmABpsHKlj5WpqafGBChhk2ImybVyuuBY%2FuQuhAGDt59"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
8b1f6ebeef70bbd1-FRA
alt-svc
h3=":443"; ma=86400
sync
uidsync.net/ 		62 B
704 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://uidsync.net/sync?user_id=ORF5ILD8iQ9Zec3zVtD8X4
Requested by
Host: sdk4push.com
URL: https://sdk4push.com/f/sdk.js?z=1224668
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.121 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub4.1push.io
Software
Angie /
Resource Hash
fed10cc7b4a80084efd4bba48edb3d650a541bb8972b4a13e4f744ba340f58bf

Request headers

Referer
https://daffuq.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 12 Aug 2024 09:27:58 GMT
server
Angie
accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://daffuq.com
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
content-length
62
expires
Tue, 11 Jan 1994 00:00:00 GMT
sync
uidsync.net/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://uidsync.net/sync?user_id=ORF5ILD8iQ9Zec3zVtD8X4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.121 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub4.1push.io
Software
Angie /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://daffuq.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://daffuq.com
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
date
Mon, 12 Aug 2024 09:27:58 GMT
expires
Tue, 11 Jan 1994 00:00:00 GMT
pragma
no-cache
server
Angie
event
sdk4push.com/ 		0
524 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sdk4push.com/event?z=1224668
Requested by
Host: sdk4push.com
URL: https://sdk4push.com/f/sdk.js?z=1224668
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.63.248.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub6.1push.io
Software
Angie /
Resource Hash

Request headers

Referer
https://daffuq.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 12 Aug 2024 09:28:00 GMT
server
Angie
accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://daffuq.com
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
content-length
0
expires
Tue, 11 Jan 1994 00:00:00 GMT
/
redirect.24x7report.com/
Redirect Chain
  • https://go.daffuq.com/action/1
  • https://redirect.24x7report.com/?1=2jkCZMc2JCAj&cid=41apvv4b5d9bx26fwc008h&np=1&utm_campaign=FF_UK_Smartlink&utm_medium=e2d341ca2ab15ef7201bcf0797950ce6940fc60e&vid=fed7S8ofSz6pRkY2nV2f3WFHgx
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://redirect.24x7report.com/?1=2jkCZMc2JCAj&cid=41apvv4b5d9bx26fwc008h&np=1&utm_campaign=FF_UK_Smartlink&utm_medium=e2d341ca2ab15ef7201bcf0797950ce6940fc60e&vid=fed7S8ofSz6pRkY2nV2f3WFHgx
Requested by
Host: daffuq.com
URL: https://daffuq.com/ff-main-roll-track.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.173.76 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
d300e12d55d85f787bbf94843d49881e797667c7a96786610830b4571c553489
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://daffuq.com/f/push/?clickid=41apvv4b5d9bx26fwc006h&source_id=2jkCZMc2JCAj-2jl7xzs2nolq&vid=fed7S8ofSz6pRkY2nV2f3WFHgx#
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc
h3=":443"; ma=604800; persist=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 12 Aug 2024 09:28:01 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, must-revalidate, private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8b1f6ecad90e03a6-FRA
content-length
0
date
Mon, 12 Aug 2024 09:28:00 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://redirect.24x7report.com/?1=2jkCZMc2JCAj&cid=41apvv4b5d9bx26fwc008h&np=1&utm_campaign=FF_UK_Smartlink&utm_medium=e2d341ca2ab15ef7201bcf0797950ce6940fc60e&vid=fed7S8ofSz6pRkY2nV2f3WFHgx
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XUJ69JKQ8J5zWi0LIB%2FoT6uxOq7gKvQ5olb%2BtpuSFRHsMHOzENJwpiSuFA0sBqbDTMsh2yfzGRBYY%2BO0rzVyz2Xxd1W%2FHw%2F3ARC46RruBY1ZYoVk9GEPm41OtdujZ6A%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-lum-execution-time
8.49475ms
x-lum-instance
edge-55f5bd468b-rpwpj
Primary Request /
www.primarkingfun.giving/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7402182350043348995&site=11574-e153c0d3&pub_sub_id=11574
Requested by
Host: redirect.24x7report.com
URL: https://redirect.24x7report.com/?1=2jkCZMc2JCAj&cid=41apvv4b5d9bx26fwc008h&np=1&utm_campaign=FF_UK_Smartlink&utm_medium=e2d341ca2ab15ef7201bcf0797950ce6940fc60e&vid=fed7S8ofSz6pRkY2nV2f3WFHgx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
5aa5a641f8a7c7b273047948609ec403382a8f5e57e3777b8ba539e9b536cb2a

Request headers

Referer
https://redirect.24x7report.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Mon, 12 Aug 2024 09:28:01 GMT
Transfer-Encoding
chunked
favicon.ico
redirect.24x7report.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://redirect.24x7report.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.173.76 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://redirect.24x7report.com/?1=2jkCZMc2JCAj&cid=41apvv4b5d9bx26fwc008h&np=1&utm_campaign=FF_UK_Smartlink&utm_medium=e2d341ca2ab15ef7201bcf0797950ce6940fc60e&vid=fed7S8ofSz6pRkY2nV2f3WFHgx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 09:28:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Fri, 11 Aug 2023 10:37:02 GMT
server
nginx
etag
"64d60f4e-47e"
content-type
image/x-icon
cache-control
max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=604800; persist=1
content-length
1150
expires
Tue, 13 Aug 2024 09:28:01 GMT
favicon.ico
redirect.24x7report.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://redirect.24x7report.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.173.76 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash

Request headers

Referer
https://redirect.24x7report.com/?1=2jkCZMc2JCAj&cid=41apvv4b5d9bx26fwc008h&np=1&utm_campaign=FF_UK_Smartlink&utm_medium=e2d341ca2ab15ef7201bcf0797950ce6940fc60e&vid=fed7S8ofSz6pRkY2nV2f3WFHgx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 09:28:01 GMT
last-modified
Fri, 11 Aug 2023 10:37:02 GMT
server
nginx
etag
"64d60f4e-47e"
content-type
image/x-icon
cache-control
max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=604800; persist=1
content-length
1150
expires
Tue, 13 Aug 2024 09:28:01 GMT
uk1.html
www.temu.com/kuiper/
Redirect Chain
  • https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7402182350043348995&site=11574-e153c0d3&pub_sub_id=11574&eyeg=84e099f601c88a6219c7f41255751b30&eyer=0.4748134889847633&eyei=0&eyew=1...
  • https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7402182350043348995&site=11574-e153c0d3&pub_sub_id=11574&eyeg=3&eyer=0.4748134889847633&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=re...
  • https://temu.to/m/uv25z90juei
  • https://www.temu.com/kuiper/uk1.html?subj=bundle-un&_bg_fs=1&_p_mat2_type=a1001&_p_jump_id=875&_x_vst_scene=adg&_p_rfs=1&_x_ads_channel=kol_affiliate&_x_campaign=affiliate&_x_cid=2038718441kol_affi...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.temu.com
URL
https://www.temu.com/kuiper/uk1.html?subj=bundle-un&_bg_fs=1&_p_mat2_type=a1001&_p_jump_id=875&_x_vst_scene=adg&_p_rfs=1&_x_ads_channel=kol_affiliate&_x_campaign=affiliate&_x_cid=2038718441kol_affiliate&_x_ads_csite=mai&g_site=111&g_lg=en&g_region=163&g_ccy=EUR

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _0x46a0 function| _0x25cf string| baseUrl string| baseId string| baseReferer string| url function| inIframe function| getWidth function| getHeight function| detectMobile function| detectBrowserProductSub function| detectConnectionType function| deviceDetection function| extractHostname function| build

3 Cookies

Domain/Path Name / Value
go.daffuq.com/ Name: vid
Value: fed7S8ofSz6pRkY2nV2f3WFHgx
uidsync.net/ Name: rauid
Value: ORF5ILD8iQ9Zec3zVtD8X4
temu.to/ Name: api_uid
Value: CnQ0JGa51aGM1wBGsADmAg==

1 Console Messages

Source Level URL
Text
network error URL: https://daffuq.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()