ads.adz2you.com Open in urlscan Pro
2606:4700:30::6818:7c7a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ads.adz2you.com/outside_publishers/sharalaka.php
Effective URL:
http://ads.adz2you.com/outside_publishers/adz2you.php
Submission: On May 08 via manual (May 8th 2019, 7:35:33 pm UTC) from US

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 21 domains to perform 40 HTTP transactions. The main IP is 2606:4700:30::6818:7c7a, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is ads.adz2you.com.

This is the only time ads.adz2you.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:30:... 2606:4700:30::6818:7c7a	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	151.101.120.193 151.101.120.193	54113 (FASTLY) (FASTLY - Fastly)
28 28	2606:4700:30:... 2606:4700:30::6812:323b	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
18 18	205.147.93.132 205.147.93.132	393676 (ZENEDGE) (ZENEDGE - Oracle Corporation)
2	2606:4700:30:... 2606:4700:30::6818:6d63	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2606:4700:20:... 2606:4700:20::6819:6b64	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2606:4700:20:... 2606:4700:20::6818:1c51	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:30:... 2606:4700:30::6818:6c63	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2606:4700:20:... 2606:4700:20::6818:1d51	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:30:... 2606:4700:30::681b:bcaf	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:20:... 2606:4700:20::6819:ba66	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:30:... 2606:4700:30::681f:4399	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:20:... 2606:4700:20::6818:1654	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:20:... 2606:4700:20::6819:6c64	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
10	34.196.13.28 34.196.13.28	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 2	142.234.204.148 142.234.204.148	396362 (LEASEWEB-...) (LEASEWEB-USA-NYC-11 - Leaseweb USA)
2 2	50.16.129.183 50.16.129.183	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	51.68.35.169 51.68.35.169	16276 (OVH) (OVH)
1	51.68.35.163 51.68.35.163	16276 (OVH) (OVH)
1	173.239.53.17 173.239.53.17	27257 (WEBAIR-IN...) (WEBAIR-INTERNET - Webair Internet Development Company Inc.)
40	19

2 2606:4700:30::6818:7c7a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ads.adz2you.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.120.193 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:30::6812:323b (United States) 28 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

a2ure.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 205.147.93.132 (North Miami Beach, United States) 18 redirects

ASN393676 (ZENEDGE - Oracle Corporation, US)

wichjoinq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::6818:6d63 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

eslitrezo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::6819:6b64 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

inpotaqi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
turiqeri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
saztirulo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::6818:1c51 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

onieruco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aritcametu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::6818:6c63 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

eslitrezo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::6818:1d51 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

aritcametu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
salinaspuretzo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:bcaf (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

inioplesi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6819:ba66 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ercoyintu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681f:4399 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ortrivare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6818:1654 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

istepuleto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6819:6c64 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

saztirulo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.196.13.28 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-196-13-28.compute-1.amazonaws.com

prickingwhore.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.234.204.148 (Dallas, United States) 1 redirects

ASN396362 (LEASEWEB-USA-NYC-11 - Leaseweb USA, Inc., US)

q.adxfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.129.183 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-50-16-129-183.compute-1.amazonaws.com

qpxrg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.35.169 (United Kingdom)

ASN16276 (OVH, FR)
PTR: ns3128608.ip-51-68-35.eu

fastredirecting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.35.163 (United Kingdom)

ASN16276 (OVH, FR)
PTR: ns3128534.ip-51-68-35.eu

fastredirecting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.239.53.17 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)

xml.adxfactory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	a2ure.work 28 redirects a2ure.work	2 KB
18	wichjoinq.com 18 redirects wichjoinq.com	7 KB
10	prickingwhore.bid prickingwhore.bid
3	adxfactory.com 1 redirects q.adxfactory.com xml.adxfactory.com	130 B
3	aritcametu.com aritcametu.com
3	eslitrezo.com eslitrezo.com
2	fastredirecting.com fastredirecting.com
2	qpxrg.com 2 redirects qpxrg.com	782 B
2	salinaspuretzo.com salinaspuretzo.com
2	saztirulo.com saztirulo.com
2	turiqeri.com turiqeri.com
2	imgur.com i.imgur.com	79 KB
2	googleapis.com ajax.googleapis.com	59 KB
2	adz2you.com ads.adz2you.com	3 KB
1	istepuleto.com istepuleto.com
1	ortrivare.com ortrivare.com
1	ercoyintu.com ercoyintu.com
1	inioplesi.com inioplesi.com
1	onieruco.com onieruco.com
1	inpotaqi.com inpotaqi.com
0	qeristalore.com Failed qeristalore.com Failed
40	21

	Domain	Requested by
28	a2ure.work	28 redirects
18	wichjoinq.com	18 redirects
10	prickingwhore.bid	ads.adz2you.com
3	aritcametu.com	ads.adz2you.com
3	eslitrezo.com	ads.adz2you.com
2	fastredirecting.com	ads.adz2you.com
2	qpxrg.com	2 redirects
2	q.adxfactory.com	1 redirects ads.adz2you.com
2	salinaspuretzo.com	ads.adz2you.com
2	saztirulo.com	ads.adz2you.com
2	turiqeri.com	ads.adz2you.com
2	i.imgur.com	ads.adz2you.com
2	ajax.googleapis.com	ads.adz2you.com
2	ads.adz2you.com
1	xml.adxfactory.com	ads.adz2you.com
1	istepuleto.com	ads.adz2you.com
1	ortrivare.com	ads.adz2you.com
1	ercoyintu.com	ads.adz2you.com
1	inioplesi.com	ads.adz2you.com
1	onieruco.com	ads.adz2you.com
1	inpotaqi.com	ads.adz2you.com
0	qeristalore.com Failed	ads.adz2you.com
40	22

This site contains no links.

Subject Issuer	Validity	Valid
*.googleapis.com Google Internet Authority G3	`2019-04-16` - `2019-07-09`	3 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2018-12-14` - `2020-02-12`	a year	crt.sh
fastredirecting.com Let's Encrypt Authority X3	`2019-04-02` - `2019-07-01`	3 months	crt.sh

This page contains 35 frames:

Primary Page: http://ads.adz2you.com/outside_publishers/adz2you.php
Frame ID: 391A7F52C426C5F6FD0FE7CD5F780BAF
Requests: 6 HTTP requests in this frame

Frame: http://eslitrezo.com/rnd/fun?zgov=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Frame ID: 32B105D39D2BB917333BB47B34058A1F
Requests: 1 HTTP requests in this frame

Frame: http://qeristalore.com/rnd/shopper?pxxz=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Frame ID: 9B67C20728DFCA3228EDD715F90292BF
Requests: 1 HTTP requests in this frame

Frame: http://eslitrezo.com/rnd/setting?acpq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Frame ID: 08737E257C342B85C8F170C38E841477
Requests: 1 HTTP requests in this frame

Frame: http://inpotaqi.com/rnd/draft?psgj=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Frame ID: 90DA28AF4C5972A5624F7724D142EFE4
Requests: 1 HTTP requests in this frame

Frame: http://onieruco.com/rnd/handler?cfrv=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Frame ID: 31A2B09ED0318F7261564BF8D898C923
Requests: 1 HTTP requests in this frame

Frame: http://turiqeri.com/rnd/designer?ifhs=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Frame ID: B7B3C12ADC99DFB5383003279DC6A2C3
Requests: 1 HTTP requests in this frame

Frame: http://eslitrezo.com/rnd/setting?psgj=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Frame ID: 081D6439EBE7F88933B10DBEAD2C58F1
Requests: 1 HTTP requests in this frame

Frame: http://aritcametu.com/rnd/pagehead?uxpq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Frame ID: 1BDF2D6BE667C4ABD361A0B5CE921AB3
Requests: 1 HTTP requests in this frame

Frame: http://inioplesi.com/rnd/warez?qqnc=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Frame ID: E8784CB0C9B785B457DA9B7FC2124EB2
Requests: 1 HTTP requests in this frame

Frame: http://aritcametu.com/rnd/handler?kbjr=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Frame ID: 6A641C3AA0CA3F79A4FE280B1F7DBDDB
Requests: 1 HTTP requests in this frame

Frame: http://saztirulo.com/rnd/servlet?pwnr=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Frame ID: DA6DFCA864D833BE2C049850D4F67DAE
Requests: 1 HTTP requests in this frame

Frame: http://salinaspuretzo.com/rnd/daemon?cuiq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Frame ID: D4869D2BE84D2DED05B962A79FB9F344
Requests: 1 HTTP requests in this frame

Frame: http://ercoyintu.com/rnd/flash?iujb=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Frame ID: C427C37192F75825772C12596173D9C2
Requests: 1 HTTP requests in this frame

Frame: http://aritcametu.com/rnd/sampler?pmdw=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Frame ID: BF6DEB52EF9D85779B0F98F56E8C4886
Requests: 1 HTTP requests in this frame

Frame: http://qeristalore.com/rnd/core?mluy=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Frame ID: C07B84F51C3EB90430B9B7B031FEEB02
Requests: 1 HTTP requests in this frame

Frame: http://turiqeri.com/rnd/small?gqub=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Frame ID: 02C088F9719F2D00351DC946FC486206
Requests: 1 HTTP requests in this frame

Frame: http://ortrivare.com/rnd/dark?acpq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Frame ID: 44808C2C1A8AC54057E2CF9D81595222
Requests: 1 HTTP requests in this frame

Frame: http://istepuleto.com/rnd/linkpfeil?edqc=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Frame ID: DD28DB6EBC9105226BBB490B681A2571
Requests: 1 HTTP requests in this frame

Frame: http://saztirulo.com/rnd/script?vqgf=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Frame ID: 82999B646B127BAEB9AC333A3186C35F
Requests: 1 HTTP requests in this frame

Frame: http://salinaspuretzo.com/rnd/shell?xssq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Frame ID: 0405B6366A1F61807FB9EB89AF56CEAE
Requests: 1 HTTP requests in this frame

Frame: http://prickingwhore.bid/?subid=19534&clickid=adult19534
Frame ID: 2176C85778B8B560050B45FA3B52E4A5
Requests: 1 HTTP requests in this frame

Frame: http://prickingwhore.bid/?subid=19534&clickid=adult19534
Frame ID: 2A9475E70D7D5B336D38F78D809A5468
Requests: 1 HTTP requests in this frame

Frame: http://prickingwhore.bid/?subid=19534&clickid=adult19534
Frame ID: E9052B5BEE80E3400A01583343656BC9
Requests: 1 HTTP requests in this frame

Frame: http://prickingwhore.bid/?subid=19534&clickid=adult19534
Frame ID: 8593FB26C7C189E670FFC1CF3844E3D9
Requests: 1 HTTP requests in this frame

Frame: http://prickingwhore.bid/?subid=19534&clickid=adult19534
Frame ID: 74439BE33194A110EEE9AFE2196C612B
Requests: 1 HTTP requests in this frame

Frame: http://prickingwhore.bid/?subid=19534&clickid=adult19534
Frame ID: 82B9D1EE65F2068C1F8CFF2EBE7E7199
Requests: 1 HTTP requests in this frame

Frame: http://prickingwhore.bid/?subid=19534&clickid=adult19534
Frame ID: F5E0F54E1A6DDDFE4FC4FB32068CF0A3
Requests: 1 HTTP requests in this frame

Frame: http://prickingwhore.bid/?subid=19534&clickid=adult19534
Frame ID: 32E40AB05F1C0CFC5D5F739FD4C522B5
Requests: 1 HTTP requests in this frame

Frame: http://prickingwhore.bid/?subid=19534&clickid=adult19534
Frame ID: BFD919D9CB7D1F2E2C83FD68797B061C
Requests: 1 HTTP requests in this frame

Frame: http://prickingwhore.bid/?subid=19534&clickid=adult19534
Frame ID: 626809A89A85BF456CB7642D0C115BFB
Requests: 1 HTTP requests in this frame

Frame: http://q.adxfactory.com/r?fid=WPCwxrCAXZ&subid=sharalaka&kw&kw=aloha
Frame ID: 4FF243875E4B04578163D1BC9EBBFC8C
Requests: 1 HTTP requests in this frame

Frame: https://fastredirecting.com/ad/8ba69a0a
Frame ID: 744AFA87027F1DBE2F0D8A75EE0688E9
Requests: 1 HTTP requests in this frame

Frame: https://fastredirecting.com/ad/8ba69a0a
Frame ID: 54053EDBD3EFAA9EFD646F3700EFD9B9
Requests: 1 HTTP requests in this frame

Frame: http://xml.adxfactory.com/redirect?feed=132619&auth=bqWbdL&query={query}
Frame ID: 5DED35A4246651B1E99FFF01B54CF7EC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ads.adz2you.com/outside_publishers/sharalaka.php Page URL
http://ads.adz2you.com/outside_publishers/adz2you.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

40
Requests

15 %
HTTPS

62 %
IPv6

21
Domains

22
Subdomains

19
IPs

3
Countries

142 kB
Transfer

262 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ads.adz2you.com/outside_publishers/sharalaka.php Page URL
http://ads.adz2you.com/outside_publishers/adz2you.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://a2ure.work/impression/f394dcb0-0f56-42d6-8b2b-61c0f15580eb?subid={SUBID} HTTP 302
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU HTTP 302
http://eslitrezo.com/rnd/fun?zgov=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

Request Chain 5

https://a2ure.work/impression/52da1bb7-4916-4c0c-b9e3-76b5f272c29a?subid={SUBID} HTTP 302
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU HTTP 302
http://qeristalore.com/rnd/shopper?pxxz=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

Request Chain 6

https://a2ure.work/impression/13447e19-9fad-4bd1-8cd1-e2041ae20bf4?subid={SUBID} HTTP 302
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU HTTP 302
http://eslitrezo.com/rnd/setting?acpq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

Request Chain 7

https://a2ure.work/impression/50ace11e-6adc-4f36-b256-5ee0ee968041?subid={SUBID} HTTP 302
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU HTTP 302
http://inpotaqi.com/rnd/draft?psgj=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

Request Chain 8

https://a2ure.work/impression/6513fdba-2ebb-41a0-919a-8d32a9100928?subid={SUBID} HTTP 302
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU HTTP 302
http://onieruco.com/rnd/handler?cfrv=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

Request Chain 9

https://a2ure.work/impression/d1f1125f-60f6-440b-83d4-dd0bca77c4a1?subid={SUBID} HTTP 302
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU HTTP 302
http://turiqeri.com/rnd/designer?ifhs=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

Request Chain 10

https://a2ure.work/impression/225f482e-3a68-43c8-b627-33057fef5e73?subid={SUBID} HTTP 302
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU HTTP 302
http://eslitrezo.com/rnd/setting?psgj=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

Request Chain 11

https://a2ure.work/impression/e23efcfb-b0e3-4a29-adf0-8b8ff9dbe936?subid={SUBID} HTTP 302
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU HTTP 302
http://aritcametu.com/rnd/pagehead?uxpq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

Request Chain 12

https://a2ure.work/impression/bc9a4453-40e8-42cc-b7b5-23f5e500f553?subid={SUBID} HTTP 302
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU HTTP 302
http://inioplesi.com/rnd/warez?qqnc=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

Request Chain 13

https://a2ure.work/impression/72c97f1b-6ca3-469c-a4dc-577691ace966?subid={SUBID} HTTP 302
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU HTTP 302
http://aritcametu.com/rnd/handler?kbjr=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

Request Chain 14

https://a2ure.work/impression/0284a806-69e6-4c8e-8e3f-190779c5b8ca?subid={SUBID} HTTP 302
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU HTTP 302
http://saztirulo.com/rnd/servlet?pwnr=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

Request Chain 15

https://a2ure.work/impression/d3b3e2aa-646f-40b4-9d62-92724d9ccf8a?subid={SUBID} HTTP 302
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU HTTP 302
http://salinaspuretzo.com/rnd/daemon?cuiq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

Request Chain 16

https://a2ure.work/impression/0da51429-c2bd-4e4d-9d14-750cef8d71ad?subid={SUBID} HTTP 302
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU HTTP 302
http://ercoyintu.com/rnd/flash?iujb=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

Request Chain 17

https://a2ure.work/impression/c818c30e-952e-4547-9130-b66f439077c1?subid={SUBID} HTTP 302
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU HTTP 302
http://aritcametu.com/rnd/sampler?pmdw=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

Request Chain 18

https://a2ure.work/impression/3e31b326-a05e-400b-acaf-f72dcb2cf814?subid={SUBID} HTTP 302
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU HTTP 302
http://qeristalore.com/rnd/core?mluy=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

Request Chain 19

https://a2ure.work/impression/b1da694c-d0d4-4f71-bd7c-e5ad650c4776?subid={SUBID} HTTP 302
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU HTTP 302
http://turiqeri.com/rnd/small?gqub=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

Request Chain 20

https://a2ure.work/impression/61cde368-9b2a-40ca-b63f-47266637b7d7?subid={SUBID} HTTP 302
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU HTTP 302
http://ortrivare.com/rnd/dark?acpq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

Request Chain 21

https://a2ure.work/impression/072c2ec0-606c-49d2-bce0-ca43daf22b89?subid={SUBID} HTTP 302
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU HTTP 302
http://istepuleto.com/rnd/linkpfeil?edqc=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

Request Chain 22

https://a2ure.work/impression/8d7a47e3-4efa-4c64-a3eb-0d3abe9a55f1?subid={SUBID} HTTP 302
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU HTTP 302
http://saztirulo.com/rnd/script?vqgf=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

Request Chain 23

https://a2ure.work/impression/cd4d140e-7a2f-486f-bac8-86452951f9ba?subid={SUBID} HTTP 302
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU HTTP 302
http://salinaspuretzo.com/rnd/shell?xssq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

Request Chain 24

https://a2ure.work/impression/3f5213c1-e403-498e-b6c8-d1c054116660?subid={SUBID} HTTP 302
http://prickingwhore.bid/?subid=19534&clickid=adult19534

Request Chain 25

https://a2ure.work/impression/dfd34b2e-3f85-435d-b923-ff226977c1f3?subid={SUBID} HTTP 302
http://prickingwhore.bid/?subid=19534&clickid=adult19534

Request Chain 26

https://a2ure.work/impression/e1abd458-ce00-4fd2-9b87-e4dd7f0727a3?subid={SUBID} HTTP 302
http://prickingwhore.bid/?subid=19534&clickid=adult19534

Request Chain 27

https://a2ure.work/impression/4cb5e2ee-70bf-43ab-b692-74a34e7c6bd6?subid={SUBID} HTTP 302
http://prickingwhore.bid/?subid=19534&clickid=adult19534

Request Chain 28

https://a2ure.work/impression/c5afd868-533a-40bf-9031-e4f83904d0f3?subid={SUBID} HTTP 302
http://prickingwhore.bid/?subid=19534&clickid=adult19534

Request Chain 29

https://a2ure.work/impression/78996589-bcd2-4bfc-b0ee-ac4c7f810313?subid={SUBID} HTTP 302
http://prickingwhore.bid/?subid=19534&clickid=adult19534

Request Chain 30

https://a2ure.work/impression/fced9402-7d12-46e3-93db-02c929df08c6?subid={SUBID} HTTP 302
http://prickingwhore.bid/?subid=19534&clickid=adult19534

Request Chain 31

https://a2ure.work/impression/fa1c8f65-6f72-4218-bb4b-ca8d8dc39f34?subid={SUBID} HTTP 302
http://prickingwhore.bid/?subid=19534&clickid=adult19534

Request Chain 32

https://a2ure.work/impression/2dd3366e-868d-4827-8a53-eb6bae2eb880?subid={SUBID} HTTP 302
http://prickingwhore.bid/?subid=19534&clickid=adult19534

Request Chain 33

https://a2ure.work/impression/e28a1326-ae70-4775-be72-4da6d3cc0480?subid={SUBID} HTTP 302
http://prickingwhore.bid/?subid=19534&clickid=adult19534

Request Chain 36

https://qpxrg.com/dep.php?pid=8288&subid=Adz2you HTTP 302
https://fastredirecting.com/ad/8ba69a0a

Request Chain 37

https://qpxrg.com/dep.php?pid=8289&subid=Adz2you HTTP 302
https://fastredirecting.com/ad/8ba69a0a

Request Chain 38

http://q.adxfactory.com/r?fid=WPCwxrCAXZ&subid=Adz2you&kw&kw=aloha HTTP 302
http://xml.adxfactory.com/redirect?feed=132619&auth=bqWbdL&query={query}

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set sharalaka.php Show response
ads.adz2you.com/outside_publishers/ 12 KB
2 KB 45ms
38ms Document
text/html 2606:4700:30::6818:7c7a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.adz2you.com/outside_publishers/sharalaka.php
Protocol: HTTP/1.1
Server: 2606:4700:30::6818:7c7a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 7bbfee1b1505b80d524dc8e9b34f2732cc34899c5a2358e2f4253c968508a9fa

Request headers

Host: ads.adz2you.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=de9ac8f1ad16ca1148ecc645b98464a881557344112; expires=Thu, 07-May-20 19:35:12 GMT; path=/; domain=.adz2you.com; HttpOnly
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4d3de022295d64c7-FRA
Content-Encoding: gzip

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Mar 2019 23:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5255707
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 30306
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Mar 2017 20:55:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Mar 2020 23:40:06 GMT

GET
H2 200 EWkKb74.gif
i.imgur.com/ 78 KB
79 KB 34ms
34ms Image
image/gif 151.101.120.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/EWkKb74.gif
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 83518eaaba6e3dd7d4767e71acbb647e4050c5e56ec5f2403a5a30c6ac1cef13

Request headers

Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 19:35:13 GMT
age: 18038601
x-cache: HIT, HIT
status: 200
content-length: 80208
x-served-by: cache-iad2141-IAD, cache-cdg20781-CDG
last-modified: Fri, 12 Oct 2018 00:51:48 GMT
server: cat factory 1.0
x-timer: S1557344113.040404,VS0,VE0
etag: "4a51f711e0a1930c50bafeafd3985d6a"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 49487

GET
H2 200 Us1dCSK.png
i.imgur.com/ 731 B
940 B 108ms
108ms Image
image/png 151.101.120.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/Us1dCSK.png
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 8e47550a38543788fb695833b90617cf91f839d47c7637351e8ec57e517b3b06

Request headers

Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 19:35:13 GMT
age: 18038347
x-cache: HIT, HIT
status: 200
content-length: 731
x-served-by: cache-iad2150-IAD, cache-cdg20781-CDG
last-modified: Fri, 12 Oct 2018 00:56:07 GMT
server: cat factory 1.0
x-timer: S1557344113.040931,VS0,VE0
etag: "b5632a80d952a6ca9571f60fb0167cf1"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 13135

GET
H/1.1

200

fun
eslitrezo.com/rnd/ Frame 32B1
Redirect Chain

https://a2ure.work/impression/f394dcb0-0f56-42d6-8b2b-61c0f15580eb?subid={SUBID}
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU
http://eslitrezo.com/rnd/fun?zgov=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

0
0

41ms
34ms

Document
text/html

2606:4700:30::6818:6d63
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://eslitrezo.com/rnd/fun?zgov=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php
Protocol: HTTP/1.1
Server: 2606:4700:30::6818:6d63 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: eslitrezo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Cookie: __cfduid=df75a34238b04263afad9d393fefbbe6c1557344113
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: origin
Cache-control: no-store, no-cache
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4d3de0259889c2d1-FRA
Content-Encoding: gzip

Redirect headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Location: http://eslitrezo.com/rnd/fun?zgov=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
X-Zen-Fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
Server: ZENEDGE
X-Cache-Status: NOTCACHED

GET

shopper
qeristalore.com/rnd/ Frame 9B67
Redirect Chain

https://a2ure.work/impression/52da1bb7-4916-4c0c-b9e3-76b5f272c29a?subid={SUBID}
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU
http://qeristalore.com/rnd/shopper?pxxz=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

0
0

GET
H/1.1

200

Cookie set setting
eslitrezo.com/rnd/ Frame 0873
Redirect Chain

https://a2ure.work/impression/13447e19-9fad-4bd1-8cd1-e2041ae20bf4?subid={SUBID}
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU
http://eslitrezo.com/rnd/setting?acpq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

0
0

74ms
42ms

Document
text/html

2606:4700:30::6818:6d63
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://eslitrezo.com/rnd/setting?acpq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php
Protocol: HTTP/1.1
Server: 2606:4700:30::6818:6d63 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: eslitrezo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=df75a34238b04263afad9d393fefbbe6c1557344113; expires=Thu, 07-May-20 19:35:13 GMT; path=/; domain=.eslitrezo.com; HttpOnly
Referrer-Policy: origin
Cache-control: no-store, no-cache
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4d3de024a90bc2ef-FRA
Content-Encoding: gzip

Redirect headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Location: http://eslitrezo.com/rnd/setting?acpq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Set-Cookie: SERVERID=sfc15; path=/
X-Zen-Fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
Server: ZENEDGE
X-Cache-Status: NOTCACHED

GET
H/1.1

200

Cookie set draft
inpotaqi.com/rnd/ Frame 90DA
Redirect Chain

https://a2ure.work/impression/50ace11e-6adc-4f36-b256-5ee0ee968041?subid={SUBID}
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU
http://inpotaqi.com/rnd/draft?psgj=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

0
0

40ms
27ms

Document
text/html

2606:4700:20::6819:6b64
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://inpotaqi.com/rnd/draft?psgj=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php
Protocol: HTTP/1.1
Server: 2606:4700:20::6819:6b64 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: inpotaqi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d880bf883fe49fcfda403d331073d63751557344113; expires=Thu, 07-May-20 19:35:13 GMT; path=/; domain=.inpotaqi.com; HttpOnly
Referrer-Policy: origin
Cache-control: no-store, no-cache
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4d3de025b8dbbea6-FRA
Content-Encoding: gzip

Redirect headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Location: http://inpotaqi.com/rnd/draft?psgj=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
X-Zen-Fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
Server: ZENEDGE
X-Cache-Status: NOTCACHED

GET
H/1.1

200

Cookie set handler
onieruco.com/rnd/ Frame 31A2
Redirect Chain

https://a2ure.work/impression/6513fdba-2ebb-41a0-919a-8d32a9100928?subid={SUBID}
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU
http://onieruco.com/rnd/handler?cfrv=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

0
0

59ms
30ms

Document
text/html

2606:4700:20::6818:1c51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://onieruco.com/rnd/handler?cfrv=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php
Protocol: HTTP/1.1
Server: 2606:4700:20::6818:1c51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: onieruco.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=df02deab77b1179dfaac2a63fb4cd42251557344113; expires=Thu, 07-May-20 19:35:13 GMT; path=/; domain=.onieruco.com; HttpOnly
Referrer-Policy: origin
Cache-control: no-store, no-cache
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4d3de024adfd97a8-FRA
Content-Encoding: gzip

Redirect headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Location: http://onieruco.com/rnd/handler?cfrv=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Set-Cookie: SERVERID=sfc11; path=/
X-Zen-Fury: f434b8dc161b27c24c5edd6aca8a03c9cff75752
Server: ZENEDGE
X-Cache-Status: NOTCACHED

GET
H/1.1

200

designer
turiqeri.com/rnd/ Frame B7B3
Redirect Chain

https://a2ure.work/impression/d1f1125f-60f6-440b-83d4-dd0bca77c4a1?subid={SUBID}
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU
http://turiqeri.com/rnd/designer?ifhs=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

0
0

20ms
19ms

Document
text/html

2606:4700:20::6819:6b64
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://turiqeri.com/rnd/designer?ifhs=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php
Protocol: HTTP/1.1
Server: 2606:4700:20::6819:6b64 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: turiqeri.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Cookie: __cfduid=d58033247d455ef074a5d5a191be6cba51557344113
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: origin
Cache-control: no-store, no-cache
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4d3de0266b07c2d6-FRA
Content-Encoding: gzip

Redirect headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Location: http://turiqeri.com/rnd/designer?ifhs=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
X-Zen-Fury: f434b8dc161b27c24c5edd6aca8a03c9cff75752
Server: ZENEDGE
X-Cache-Status: NOTCACHED

GET
H/1.1

200

setting
eslitrezo.com/rnd/ Frame 081D
Redirect Chain

https://a2ure.work/impression/225f482e-3a68-43c8-b627-33057fef5e73?subid={SUBID}
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU
http://eslitrezo.com/rnd/setting?psgj=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

0
0

33ms
18ms

Document
text/html

2606:4700:30::6818:6c63
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://eslitrezo.com/rnd/setting?psgj=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php
Protocol: HTTP/1.1
Server: 2606:4700:30::6818:6c63 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: eslitrezo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Cookie: __cfduid=df75a34238b04263afad9d393fefbbe6c1557344113
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: origin
Cache-control: no-store, no-cache
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4d3de0250e79643d-FRA
Content-Encoding: gzip

Redirect headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Location: http://eslitrezo.com/rnd/setting?psgj=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Set-Cookie: SERVERID=sfc9; path=/
X-Zen-Fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
Server: ZENEDGE
X-Cache-Status: NOTCACHED

GET
H/1.1

200

pagehead
aritcametu.com/rnd/ Frame 1BDF
Redirect Chain

https://a2ure.work/impression/e23efcfb-b0e3-4a29-adf0-8b8ff9dbe936?subid={SUBID}
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU
http://aritcametu.com/rnd/pagehead?uxpq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

0
0

33ms
24ms

Document
text/html

2606:4700:20::6818:1d51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://aritcametu.com/rnd/pagehead?uxpq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php
Protocol: HTTP/1.1
Server: 2606:4700:20::6818:1d51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: aritcametu.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Cookie: __cfduid=dac72ba1a522ff29ea0d5282266c5e7fc1557344113
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: origin
Cache-control: no-store, no-cache
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4d3de025ba0b96ce-FRA
Content-Encoding: gzip

Redirect headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Location: http://aritcametu.com/rnd/pagehead?uxpq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
X-Zen-Fury: 57edbcaaf5d179dbaec4d79e12c8a7e5d4a1a3e5
Server: ZENEDGE
X-Cache-Status: NOTCACHED

GET
H/1.1

200

Cookie set warez
inioplesi.com/rnd/ Frame E878
Redirect Chain

https://a2ure.work/impression/bc9a4453-40e8-42cc-b7b5-23f5e500f553?subid={SUBID}
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU
http://inioplesi.com/rnd/warez?qqnc=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

0
0

82ms
27ms

Document
text/html

2606:4700:30::681b:bcaf
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://inioplesi.com/rnd/warez?qqnc=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:bcaf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: inioplesi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=db0ee3d70c3509eb183f1c45895c1aecb1557344113; expires=Thu, 07-May-20 19:35:13 GMT; path=/; domain=.inioplesi.com; HttpOnly
Referrer-Policy: origin
Cache-control: no-store, no-cache
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4d3de0257f06643d-FRA
Content-Encoding: gzip

Redirect headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Location: http://inioplesi.com/rnd/warez?qqnc=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
X-Zen-Fury: 57edbcaaf5d179dbaec4d79e12c8a7e5d4a1a3e5
Server: ZENEDGE
X-Cache-Status: NOTCACHED

GET
H/1.1

200

Cookie set handler
aritcametu.com/rnd/ Frame 6A64
Redirect Chain

https://a2ure.work/impression/72c97f1b-6ca3-469c-a4dc-577691ace966?subid={SUBID}
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU
http://aritcametu.com/rnd/handler?kbjr=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

0
0

54ms
35ms

Document
text/html

2606:4700:20::6818:1c51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://aritcametu.com/rnd/handler?kbjr=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php
Protocol: HTTP/1.1
Server: 2606:4700:20::6818:1c51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: aritcametu.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dac72ba1a522ff29ea0d5282266c5e7fc1557344113; expires=Thu, 07-May-20 19:35:13 GMT; path=/; domain=.aritcametu.com; HttpOnly
Referrer-Policy: origin
Cache-control: no-store, no-cache
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4d3de025181964c1-FRA
Content-Encoding: gzip

Redirect headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Location: http://aritcametu.com/rnd/handler?kbjr=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Set-Cookie: SERVERID=sfc15; path=/
X-Zen-Fury: f434b8dc161b27c24c5edd6aca8a03c9cff75752
Server: ZENEDGE
X-Cache-Status: NOTCACHED

GET
H/1.1

200

servlet
saztirulo.com/rnd/ Frame DA6D
Redirect Chain

https://a2ure.work/impression/0284a806-69e6-4c8e-8e3f-190779c5b8ca?subid={SUBID}
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU
http://saztirulo.com/rnd/servlet?pwnr=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

0
0

47ms
37ms

Document
text/html

2606:4700:20::6819:6b64
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://saztirulo.com/rnd/servlet?pwnr=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php
Protocol: HTTP/1.1
Server: 2606:4700:20::6819:6b64 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: saztirulo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Cookie: __cfduid=d0d9e6584ab8a1ae57bd25683a8c0e3621557344113
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: origin
Cache-control: no-store, no-cache
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4d3de0253e3f97d8-FRA
Content-Encoding: gzip

Redirect headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Location: http://saztirulo.com/rnd/servlet?pwnr=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
X-Zen-Fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
Server: ZENEDGE
X-Cache-Status: NOTCACHED

GET
H/1.1

200

Cookie set daemon
salinaspuretzo.com/rnd/ Frame D486
Redirect Chain

https://a2ure.work/impression/d3b3e2aa-646f-40b4-9d62-92724d9ccf8a?subid={SUBID}
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU
http://salinaspuretzo.com/rnd/daemon?cuiq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

0
0

68ms
43ms

Document
text/html

2606:4700:20::6818:1d51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://salinaspuretzo.com/rnd/daemon?cuiq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php
Protocol: HTTP/1.1
Server: 2606:4700:20::6818:1d51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: salinaspuretzo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d1f163fb9bec00494636ccd1d658045d51557344113; expires=Thu, 07-May-20 19:35:13 GMT; path=/; domain=.salinaspuretzo.com; HttpOnly
Referrer-Policy: origin
Cache-control: no-store, no-cache
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4d3de025afcd96d4-FRA
Content-Encoding: gzip

Redirect headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Location: http://salinaspuretzo.com/rnd/daemon?cuiq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
X-Zen-Fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
Server: ZENEDGE
X-Cache-Status: NOTCACHED

GET
H/1.1

200

Cookie set flash
ercoyintu.com/rnd/ Frame C427
Redirect Chain

https://a2ure.work/impression/0da51429-c2bd-4e4d-9d14-750cef8d71ad?subid={SUBID}
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU
http://ercoyintu.com/rnd/flash?iujb=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

0
0

50ms
25ms

Document
text/html

2606:4700:20::6819:ba66
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://ercoyintu.com/rnd/flash?iujb=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php
Protocol: HTTP/1.1
Server: 2606:4700:20::6819:ba66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: ercoyintu.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dc8c4d6afe90efe207565fd6e760881841557344113; expires=Thu, 07-May-20 19:35:13 GMT; path=/; domain=.ercoyintu.com; HttpOnly
Referrer-Policy: origin
Cache-control: no-store, no-cache
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4d3de0251e8864d3-FRA
Content-Encoding: gzip

Redirect headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Location: http://ercoyintu.com/rnd/flash?iujb=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Set-Cookie: SERVERID=sfc20; path=/
X-Zen-Fury: 57edbcaaf5d179dbaec4d79e12c8a7e5d4a1a3e5
Server: ZENEDGE
X-Cache-Status: NOTCACHED

GET
H/1.1

200

sampler
aritcametu.com/rnd/ Frame BF6D
Redirect Chain

https://a2ure.work/impression/c818c30e-952e-4547-9130-b66f439077c1?subid={SUBID}
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU
http://aritcametu.com/rnd/sampler?pmdw=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

0
0

58ms
20ms

Document
text/html

2606:4700:20::6818:1d51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://aritcametu.com/rnd/sampler?pmdw=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php
Protocol: HTTP/1.1
Server: 2606:4700:20::6818:1d51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: aritcametu.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Cookie: __cfduid=dac72ba1a522ff29ea0d5282266c5e7fc1557344113
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: origin
Cache-control: no-store, no-cache
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4d3de026dbe296ce-FRA
Content-Encoding: gzip

Redirect headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Location: http://aritcametu.com/rnd/sampler?pmdw=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
X-Zen-Fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
Server: ZENEDGE
X-Cache-Status: NOTCACHED

GET

core
qeristalore.com/rnd/ Frame C07B
Redirect Chain

https://a2ure.work/impression/3e31b326-a05e-400b-acaf-f72dcb2cf814?subid={SUBID}
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU
http://qeristalore.com/rnd/core?mluy=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

0
0

GET
H/1.1

200

Cookie set small
turiqeri.com/rnd/ Frame 02C0
Redirect Chain

https://a2ure.work/impression/b1da694c-d0d4-4f71-bd7c-e5ad650c4776?subid={SUBID}
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU
http://turiqeri.com/rnd/small?gqub=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

0
0

81ms
29ms

Document
text/html

2606:4700:20::6819:6b64
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://turiqeri.com/rnd/small?gqub=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php
Protocol: HTTP/1.1
Server: 2606:4700:20::6819:6b64 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: turiqeri.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d58033247d455ef074a5d5a191be6cba51557344113; expires=Thu, 07-May-20 19:35:13 GMT; path=/; domain=.turiqeri.com; HttpOnly
Referrer-Policy: origin
Cache-control: no-store, no-cache
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4d3de025f946c2d6-FRA
Content-Encoding: gzip

Redirect headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Location: http://turiqeri.com/rnd/small?gqub=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
X-Zen-Fury: f434b8dc161b27c24c5edd6aca8a03c9cff75752
Server: ZENEDGE
X-Cache-Status: NOTCACHED

GET
H/1.1

200

Cookie set dark
ortrivare.com/rnd/ Frame 4480
Redirect Chain

https://a2ure.work/impression/61cde368-9b2a-40ca-b63f-47266637b7d7?subid={SUBID}
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU
http://ortrivare.com/rnd/dark?acpq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

0
0

91ms
51ms

Document
text/html

2606:4700:30::681f:4399
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://ortrivare.com/rnd/dark?acpq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:4399 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: ortrivare.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d77f15652ef5055203d53d523544ea4471557344113; expires=Thu, 07-May-20 19:35:13 GMT; path=/; domain=.ortrivare.com; HttpOnly
Referrer-Policy: origin
Cache-control: no-store, no-cache
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4d3de025ffb964fd-FRA
Content-Encoding: gzip

Redirect headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Location: http://ortrivare.com/rnd/dark?acpq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
X-Zen-Fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
Server: ZENEDGE
X-Cache-Status: NOTCACHED

GET
H/1.1

200

Cookie set linkpfeil
istepuleto.com/rnd/ Frame DD28
Redirect Chain

https://a2ure.work/impression/072c2ec0-606c-49d2-bce0-ca43daf22b89?subid={SUBID}
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU
http://istepuleto.com/rnd/linkpfeil?edqc=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

0
0

78ms
51ms

Document
text/html

2606:4700:20::6818:1654
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://istepuleto.com/rnd/linkpfeil?edqc=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php
Protocol: HTTP/1.1
Server: 2606:4700:20::6818:1654 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: istepuleto.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d44abe946e0d681536752c3e6b62c63281557344113; expires=Thu, 07-May-20 19:35:13 GMT; path=/; domain=.istepuleto.com; HttpOnly
Referrer-Policy: origin
Cache-control: no-store, no-cache
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4d3de0251d8ebeba-FRA
Content-Encoding: gzip

Redirect headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Location: http://istepuleto.com/rnd/linkpfeil?edqc=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Set-Cookie: SERVERID=sfc3; path=/
X-Zen-Fury: f434b8dc161b27c24c5edd6aca8a03c9cff75752
Server: ZENEDGE
X-Cache-Status: NOTCACHED

GET
H/1.1

200

Cookie set script
saztirulo.com/rnd/ Frame 8299
Redirect Chain

https://a2ure.work/impression/8d7a47e3-4efa-4c64-a3eb-0d3abe9a55f1?subid={SUBID}
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU
http://saztirulo.com/rnd/script?vqgf=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

0
0

58ms
32ms

Document
text/html

2606:4700:20::6819:6c64
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://saztirulo.com/rnd/script?vqgf=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php
Protocol: HTTP/1.1
Server: 2606:4700:20::6819:6c64 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: saztirulo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d0d9e6584ab8a1ae57bd25683a8c0e3621557344113; expires=Thu, 07-May-20 19:35:13 GMT; path=/; domain=.saztirulo.com; HttpOnly
Referrer-Policy: origin
Cache-control: no-store, no-cache
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4d3de024dfd2c27c-FRA
Content-Encoding: gzip

Redirect headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Location: http://saztirulo.com/rnd/script?vqgf=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Set-Cookie: SERVERID=sfc14; path=/
X-Zen-Fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
Server: ZENEDGE
X-Cache-Status: NOTCACHED

GET
H/1.1

200

shell
salinaspuretzo.com/rnd/ Frame 0405
Redirect Chain

https://a2ure.work/impression/cd4d140e-7a2f-486f-bac8-86452951f9ba?subid={SUBID}
http://wichjoinq.com/portent/netbios/acl/1-17514-5d1337babf4dae22d7257f821d11fdde?tvu=AD_WW_24544.MwEbUREqE0seMCESPCYU
http://salinaspuretzo.com/rnd/shell?xssq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

0
0

29ms
29ms

Document
text/html

2606:4700:20::6818:1d51
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://salinaspuretzo.com/rnd/shell?xssq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php
Protocol: HTTP/1.1
Server: 2606:4700:20::6818:1d51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: salinaspuretzo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Cookie: __cfduid=d1f163fb9bec00494636ccd1d658045d51557344113
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: origin
Cache-control: no-store, no-cache
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4d3de026695e96d4-FRA
Content-Encoding: gzip

Redirect headers

Date: Wed, 08 May 2019 19:35:13 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Location: http://salinaspuretzo.com/rnd/shell?xssq=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D
X-Zen-Fury: f434b8dc161b27c24c5edd6aca8a03c9cff75752
Server: ZENEDGE
X-Cache-Status: NOTCACHED

GET
H/1.1

200
OK

/
prickingwhore.bid/ Frame 2176
Redirect Chain

https://a2ure.work/impression/3f5213c1-e403-498e-b6c8-d1c054116660?subid={SUBID}
http://prickingwhore.bid/?subid=19534&clickid=adult19534

0
0

340ms
114ms

Document
text/html

34.196.13.28
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://prickingwhore.bid/?subid=19534&clickid=adult19534

Requested by

Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php

Protocol

HTTP/1.1

Server

34.196.13.28 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-196-13-28.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: prickingwhore.bid
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Server: nginx
Date: Wed, 08 May 2019 19:35:36 GMT
Content-Type: text/html
Content-Length: 1128
Connection: close
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
X-Content-Type-Options: nosniff

Redirect headers

status: 302
date: Wed, 08 May 2019 19:35:13 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: undefined
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials,Cookie,x-session-id
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-credentials: true
location: http://prickingwhore.bid/?subid=19534&clickid=adult19534
vary: Accept
set-cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4d3de023dffcbebf-FRA

GET
H/1.1

200
OK

/
prickingwhore.bid/ Frame 2A94
Redirect Chain

https://a2ure.work/impression/dfd34b2e-3f85-435d-b923-ff226977c1f3?subid={SUBID}
http://prickingwhore.bid/?subid=19534&clickid=adult19534

0
0

331ms
105ms

Document
text/html

34.196.13.28
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://prickingwhore.bid/?subid=19534&clickid=adult19534

Requested by

Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php

Protocol

HTTP/1.1

Server

34.196.13.28 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-196-13-28.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: prickingwhore.bid
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Server: nginx
Date: Wed, 08 May 2019 19:35:36 GMT
Content-Type: text/html
Content-Length: 1128
Connection: close
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
X-Content-Type-Options: nosniff

Redirect headers

status: 302
date: Wed, 08 May 2019 19:35:13 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: undefined
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials,Cookie,x-session-id
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-credentials: true
location: http://prickingwhore.bid/?subid=19534&clickid=adult19534
vary: Accept
set-cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4d3de023e803bebf-FRA

GET
H/1.1

200
OK

/
prickingwhore.bid/ Frame E905
Redirect Chain

https://a2ure.work/impression/e1abd458-ce00-4fd2-9b87-e4dd7f0727a3?subid={SUBID}
http://prickingwhore.bid/?subid=19534&clickid=adult19534

0
0

336ms
110ms

Document
text/html

34.196.13.28
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://prickingwhore.bid/?subid=19534&clickid=adult19534

Requested by

Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php

Protocol

HTTP/1.1

Server

34.196.13.28 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-196-13-28.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: prickingwhore.bid
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Server: nginx
Date: Wed, 08 May 2019 19:35:36 GMT
Content-Type: text/html
Content-Length: 1128
Connection: close
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
X-Content-Type-Options: nosniff

Redirect headers

status: 302
date: Wed, 08 May 2019 19:35:13 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: undefined
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials,Cookie,x-session-id
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-credentials: true
location: http://prickingwhore.bid/?subid=19534&clickid=adult19534
vary: Accept
set-cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4d3de0240852bebf-FRA

GET
H/1.1

200
OK

/
prickingwhore.bid/ Frame 8593
Redirect Chain

https://a2ure.work/impression/4cb5e2ee-70bf-43ab-b692-74a34e7c6bd6?subid={SUBID}
http://prickingwhore.bid/?subid=19534&clickid=adult19534

0
0

326ms
123ms

Document
text/html

34.196.13.28
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://prickingwhore.bid/?subid=19534&clickid=adult19534

Requested by

Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php

Protocol

HTTP/1.1

Server

34.196.13.28 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-196-13-28.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: prickingwhore.bid
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Server: nginx
Date: Wed, 08 May 2019 19:35:36 GMT
Content-Type: text/html
Content-Length: 1128
Connection: close
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
X-Content-Type-Options: nosniff

Redirect headers

status: 302
date: Wed, 08 May 2019 19:35:13 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: undefined
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials,Cookie,x-session-id
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-credentials: true
location: http://prickingwhore.bid/?subid=19534&clickid=adult19534
vary: Accept
set-cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4d3de0240854bebf-FRA

GET
H/1.1

200
OK

/
prickingwhore.bid/ Frame 7443
Redirect Chain

https://a2ure.work/impression/c5afd868-533a-40bf-9031-e4f83904d0f3?subid={SUBID}
http://prickingwhore.bid/?subid=19534&clickid=adult19534

0
0

318ms
113ms

Document
text/html

34.196.13.28
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://prickingwhore.bid/?subid=19534&clickid=adult19534

Requested by

Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php

Protocol

HTTP/1.1

Server

34.196.13.28 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-196-13-28.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: prickingwhore.bid
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Server: nginx
Date: Wed, 08 May 2019 19:35:36 GMT
Content-Type: text/html
Content-Length: 1128
Connection: close
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
X-Content-Type-Options: nosniff

Redirect headers

status: 302
date: Wed, 08 May 2019 19:35:13 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: undefined
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials,Cookie,x-session-id
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-credentials: true
location: http://prickingwhore.bid/?subid=19534&clickid=adult19534
vary: Accept
set-cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4d3de024188cbebf-FRA

GET
H/1.1

200
OK

/
prickingwhore.bid/ Frame 82B9
Redirect Chain

https://a2ure.work/impression/78996589-bcd2-4bfc-b0ee-ac4c7f810313?subid={SUBID}
http://prickingwhore.bid/?subid=19534&clickid=adult19534

0
0

613ms
103ms

Document
text/html

34.196.13.28
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://prickingwhore.bid/?subid=19534&clickid=adult19534

Requested by

Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php

Protocol

HTTP/1.1

Server

34.196.13.28 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-196-13-28.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: prickingwhore.bid
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Server: nginx
Date: Wed, 08 May 2019 19:35:36 GMT
Content-Type: text/html
Content-Length: 1128
Connection: close
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
X-Content-Type-Options: nosniff

Redirect headers

status: 302
date: Wed, 08 May 2019 19:35:13 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: undefined
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials,Cookie,x-session-id
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-credentials: true
location: http://prickingwhore.bid/?subid=19534&clickid=adult19534
vary: Accept
set-cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4d3de024289fbebf-FRA

GET
H/1.1

200
OK

/
prickingwhore.bid/ Frame F5E0
Redirect Chain

https://a2ure.work/impression/fced9402-7d12-46e3-93db-02c929df08c6?subid={SUBID}
http://prickingwhore.bid/?subid=19534&clickid=adult19534

0
0

546ms
110ms

Document
text/html

34.196.13.28
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://prickingwhore.bid/?subid=19534&clickid=adult19534

Requested by

Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php

Protocol

HTTP/1.1

Server

34.196.13.28 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-196-13-28.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: prickingwhore.bid
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Server: nginx
Date: Wed, 08 May 2019 19:35:36 GMT
Content-Type: text/html
Content-Length: 1128
Connection: close
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
X-Content-Type-Options: nosniff

Redirect headers

status: 302
date: Wed, 08 May 2019 19:35:13 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: undefined
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials,Cookie,x-session-id
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-credentials: true
location: http://prickingwhore.bid/?subid=19534&clickid=adult19534
vary: Accept
set-cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4d3de02438a4bebf-FRA

GET
H/1.1

200
OK

/
prickingwhore.bid/ Frame 32E4
Redirect Chain

https://a2ure.work/impression/fa1c8f65-6f72-4218-bb4b-ca8d8dc39f34?subid={SUBID}
http://prickingwhore.bid/?subid=19534&clickid=adult19534

0
0

546ms
108ms

Document
text/html

34.196.13.28
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://prickingwhore.bid/?subid=19534&clickid=adult19534

Requested by

Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php

Protocol

HTTP/1.1

Server

34.196.13.28 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-196-13-28.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: prickingwhore.bid
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Server: nginx
Date: Wed, 08 May 2019 19:35:36 GMT
Content-Type: text/html
Content-Length: 1128
Connection: close
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
X-Content-Type-Options: nosniff

Redirect headers

status: 302
date: Wed, 08 May 2019 19:35:13 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: undefined
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials,Cookie,x-session-id
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-credentials: true
location: http://prickingwhore.bid/?subid=19534&clickid=adult19534
vary: Accept
set-cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4d3de02438acbebf-FRA

GET
H/1.1

200
OK

/
prickingwhore.bid/ Frame BFD9
Redirect Chain

https://a2ure.work/impression/2dd3366e-868d-4827-8a53-eb6bae2eb880?subid={SUBID}
http://prickingwhore.bid/?subid=19534&clickid=adult19534

0
0

457ms
113ms

Document
text/html

34.196.13.28
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://prickingwhore.bid/?subid=19534&clickid=adult19534

Requested by

Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php

Protocol

HTTP/1.1

Server

34.196.13.28 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-196-13-28.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: prickingwhore.bid
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Server: nginx
Date: Wed, 08 May 2019 19:35:36 GMT
Content-Type: text/html
Content-Length: 1128
Connection: close
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
X-Content-Type-Options: nosniff

Redirect headers

status: 302
date: Wed, 08 May 2019 19:35:13 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: undefined
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials,Cookie,x-session-id
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-credentials: true
location: http://prickingwhore.bid/?subid=19534&clickid=adult19534
vary: Accept
set-cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4d3de02468f0bebf-FRA

GET
H/1.1

200
OK

/
prickingwhore.bid/ Frame 6268
Redirect Chain

https://a2ure.work/impression/e28a1326-ae70-4775-be72-4da6d3cc0480?subid={SUBID}
http://prickingwhore.bid/?subid=19534&clickid=adult19534

0
0

332ms
106ms

Document
text/html

34.196.13.28
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

http://prickingwhore.bid/?subid=19534&clickid=adult19534

Requested by

Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php

Protocol

HTTP/1.1

Server

34.196.13.28 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-196-13-28.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: prickingwhore.bid
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Server: nginx
Date: Wed, 08 May 2019 19:35:36 GMT
Content-Type: text/html
Content-Length: 1128
Connection: close
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
X-Content-Type-Options: nosniff

Redirect headers

status: 302
date: Wed, 08 May 2019 19:35:13 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: undefined
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials,Cookie,x-session-id
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-credentials: true
location: http://prickingwhore.bid/?subid=19534&clickid=adult19534
vary: Accept
set-cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4d3de024790dbebf-FRA

GET
H/1.1 200
OK r
q.adxfactory.com/ Frame 4FF2 0
0 271ms
105ms Document
text/xml 142.234.204.148
Leaseweb USA

General

Check archive.org

Show headers Download Go to

Full URL: http://q.adxfactory.com/r?fid=WPCwxrCAXZ&subid=sharalaka&kw&kw=aloha
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/sharalaka.php
Protocol: HTTP/1.1
Server: 142.234.204.148 Dallas, United States, ASN396362 (LEASEWEB-USA-NYC-11 - Leaseweb USA, Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

Host: q.adxfactory.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Connection: close
transfer-encoding: chunked

GET
H/1.1 200
OK Primary Request Cookie set adz2you.php Show response
ads.adz2you.com/outside_publishers/ 1 KB
1018 B 41ms
21ms Document
text/html 2606:4700:30::6818:7c7a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.adz2you.com/outside_publishers/adz2you.php
Protocol: HTTP/1.1
Server: 2606:4700:30::6818:7c7a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 18a766025c893766a24f7ce76b7aac11a29053afab87ecc302d62d71dabf99ae

Request headers

Host: ads.adz2you.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/sharalaka.php

Response headers

Date: Wed, 08 May 2019 19:35:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dca9d2315857fb62ea0fe26e3bed952c41557344125; expires=Thu, 07-May-20 19:35:25 GMT; path=/; domain=.adz2you.com; HttpOnly
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4d3de06da92e64fd-FRA
Content-Encoding: gzip

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/adz2you.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ads.adz2you.com/outside_publishers/adz2you.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Mar 2019 23:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5255719
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 30306
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Mar 2017 20:55:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Mar 2020 23:40:06 GMT

GET
H/1.1

200
OK

Cookie set 8ba69a0a
fastredirecting.com/ad/ Frame 744A
Redirect Chain

https://qpxrg.com/dep.php?pid=8288&subid=Adz2you
https://fastredirecting.com/ad/8ba69a0a

0
0

100ms
47ms

Document
text/html

51.68.35.169
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fastredirecting.com/ad/8ba69a0a
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/adz2you.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.35.169 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3128608.ip-51-68-35.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Host: fastredirecting.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/adz2you.php
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/adz2you.php

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 08 May 2019 19:35:25 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Expires: Sun, 01 Jan 2010 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: user_key=1565120125%7CODVhOGFkNzU1ZTI0N2ViMTU0YWMyZmI0Yzc1MTUwMTI%3D%7C8f5bd66882d74c9ace898a097a8eb049ab2aa5d0; path=/; expires=Tue, 06-Aug-2019 19:35:25 UTC visited.tracking.1.8ba69a0a=1557430525%7CYTowOnt9%7C04ca589b44a2e6745144f19aa24e72c53ca86295; path=/; expires=Thu, 09-May-2019 19:35:25 UTC tracking.1.8ba69a0a=1557430525%7CdHJ1ZQ%3D%3D%7Cbaa9311cd480314111d72429154510f807281432; path=/; expires=Thu, 09-May-2019 19:35:25 UTC

Redirect headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Wed, 08 May 2019 19:35:25 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://fastredirecting.com/ad/8ba69a0a
Server: nginx
Set-Cookie: uuid=15573441252616885437164455; expires=Fri, 07-Jun-2019 19:35:25 GMT; Max-Age=2592000
Content-Length: 0
Connection: keep-alive

GET
H/1.1

200
OK

Cookie set 8ba69a0a
fastredirecting.com/ad/ Frame 5405
Redirect Chain

https://qpxrg.com/dep.php?pid=8289&subid=Adz2you
https://fastredirecting.com/ad/8ba69a0a

0
0

103ms
46ms

Document
text/html

51.68.35.163
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fastredirecting.com/ad/8ba69a0a
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/adz2you.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.35.163 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3128534.ip-51-68-35.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Host: fastredirecting.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/adz2you.php
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/adz2you.php

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 08 May 2019 19:35:25 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Expires: Sun, 01 Jan 2010 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: user_key=1565120125%7CYTZkZDUyNjhiZDVmZGNkNTM5YTVhYjM5M2QwMWFhMTU%3D%7C693f0b5fe328605b47a5ecabe7b7e096adb97e07; path=/; expires=Tue, 06-Aug-2019 19:35:25 UTC visited.tracking.1.8ba69a0a=1557430525%7CYTowOnt9%7C04ca589b44a2e6745144f19aa24e72c53ca86295; path=/; expires=Thu, 09-May-2019 19:35:25 UTC tracking.1.8ba69a0a=1557430525%7CdHJ1ZQ%3D%3D%7Cbaa9311cd480314111d72429154510f807281432; path=/; expires=Thu, 09-May-2019 19:35:25 UTC

Redirect headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Wed, 08 May 2019 19:35:25 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://fastredirecting.com/ad/8ba69a0a
Server: nginx
Set-Cookie: uuid=15573441256841926767956466; expires=Fri, 07-Jun-2019 19:35:25 GMT; Max-Age=2592000
Content-Length: 0
Connection: keep-alive

GET
H/1.1

200
OK

redirect
xml.adxfactory.com/ Frame 5DED
Redirect Chain

http://q.adxfactory.com/r?fid=WPCwxrCAXZ&subid=Adz2you&kw&kw=aloha
http://xml.adxfactory.com/redirect?feed=132619&auth=bqWbdL&query={query}

0
0

288ms
169ms

Document
text/plain

173.239.53.17
Webair Internet D...

General

Check archive.org

Show headers Download Go to

Full URL: http://xml.adxfactory.com/redirect?feed=132619&auth=bqWbdL&query={query}
Requested by: Host: ads.adz2you.com
URL: http://ads.adz2you.com/outside_publishers/adz2you.php
Protocol: HTTP/1.1
Server: 173.239.53.17 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

Host: xml.adxfactory.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://ads.adz2you.com/outside_publishers/adz2you.php
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ads.adz2you.com/outside_publishers/adz2you.php

Response headers

Cache-Control: no-store
Pragma: no-cache
Age: 0
Connection: keep-alive
Content-Length: 0

Redirect headers

Connection: close
location: http://xml.adxfactory.com/redirect?feed=132619&auth=bqWbdL&query={query}

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: qeristalore.com
URL: http://qeristalore.com/rnd/shopper?pxxz=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

Domain: qeristalore.com
URL: http://qeristalore.com/rnd/core?mluy=qLCxddzVAMVSla30k4nmUXO5LMAetZTSOWpQ%2FVKyy7Q%3D

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			damneddevastator.com/	1970-01-19 18:06:56	Name: BSESSID Value: trk21566891-2814-44bf-8b54-7247e73ea5f2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a2ure.work
ads.adz2you.com
ajax.googleapis.com
aritcametu.com
ercoyintu.com
eslitrezo.com
fastredirecting.com
i.imgur.com
inioplesi.com
inpotaqi.com
istepuleto.com
onieruco.com
ortrivare.com
prickingwhore.bid
q.adxfactory.com
qeristalore.com
qpxrg.com
salinaspuretzo.com
saztirulo.com
turiqeri.com
wichjoinq.com
xml.adxfactory.com
qeristalore.com
142.234.204.148
151.101.120.193
173.239.53.17
205.147.93.132
2606:4700:20::6818:1654
2606:4700:20::6818:1c51
2606:4700:20::6818:1d51
2606:4700:20::6819:6b64
2606:4700:20::6819:6c64
2606:4700:20::6819:ba66
2606:4700:30::6812:323b
2606:4700:30::6818:6c63
2606:4700:30::6818:6d63
2606:4700:30::6818:7c7a
2606:4700:30::681b:bcaf
2606:4700:30::681f:4399
2a00:1450:4001:809::200a
34.196.13.28
50.16.129.183
51.68.35.163
51.68.35.169
18a766025c893766a24f7ce76b7aac11a29053afab87ecc302d62d71dabf99ae
7bbfee1b1505b80d524dc8e9b34f2732cc34899c5a2358e2f4253c968508a9fa
83518eaaba6e3dd7d4767e71acbb647e4050c5e56ec5f2403a5a30c6ac1cef13
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8e47550a38543788fb695833b90617cf91f839d47c7637351e8ec57e517b3b06

ads.adz2you.com Open in urlscan Pro 2606:4700:30::6818:7c7a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

15 %HTTPS

62 %IPv6

21 Domains

22 Subdomains

19 IPs

3 Countries

142 kBTransfer

262 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

ads.adz2you.com Open in urlscan Pro
2606:4700:30::6818:7c7a Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

15 %
HTTPS

62 %
IPv6

21
Domains

22
Subdomains

19
IPs

3
Countries

142 kB
Transfer

262 kB
Size

1
Cookies

40 HTTP transactions
0 data transactions