urlscan.io logo urlscan.io
SecurityTrails logo

clcktrck.com Open in urlscan Pro
3.73.249.248  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://28876989-31069-ex.clibuceant.com/iSxEB4w1OwzmZtczvVjHJiBBl9kRvoHRdqtSPJzNT84RZJ_AodkC9JnbVIVmeNDJktsHcvgj0fTleuuzHOKnYBWKmKCluLiK...
Effective URL: https://clcktrck.com/us/s/red_u_plain.php?uid=274567055&t=direct&s=22235&pub=10440&d=opticsplanet.com
Submission: On November 28 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 9 domains to perform 20 HTTP transactions. The main IP is 3.73.249.248, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is clcktrck.com. The Cisco Umbrella rank of the primary domain is 159985.
TLS certificate: Issued by E6 on November 26th 2024. Valid for: 3 months.
This is the only time clcktrck.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 88.208.22.2 39572 (ADVANCEDH...)
1 2607:f8b0:400... 15169 (GOOGLE)
5 139.45.196.64 9002 (RETN-AS R...)
2 172.67.169.157 13335 (CLOUDFLAR...)
1 104.18.23.222 13335 (CLOUDFLAR...)
2 8 104.18.22.222 13335 (CLOUDFLAR...)
1 1 2606:4700:310... 13335 (CLOUDFLAR...)
1 52.53.88.18 16509 (AMAZON-02)
2 3.73.249.248 16509 (AMAZON-02)
20 9
2    88.208.22.2 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
28876989-31069-ex.clibuceant.com
1    2607:f8b0:4004:c1b::64 (Washington, United States)

ASN15169 (GOOGLE, US)
ads.google.com
5    139.45.196.64 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)
leikovoleikamarada.com
2    172.67.169.157 (United States)

ASN13335 (CLOUDFLARENET, US)
my.rtmark.net
1    104.18.23.222 (None, )

ASN13335 (CLOUDFLARENET, US)
taiwoudoastuph.net
8    104.18.22.222 (None, )

ASN13335 (CLOUDFLARENET, US)
taiwoudoastuph.net
1    2606:4700:3108::ac42:28f5 (United States)

ASN13335 (CLOUDFLARENET, US)
www.share365.net
1    52.53.88.18 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-53-88-18.us-west-1.compute.amazonaws.com
www.shoptastic.io
2    3.73.249.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-249-248.eu-central-1.compute.amazonaws.com
clcktrck.com
Apex Domain
Subdomains		 Transfer
9 taiwoudoastuph.net
taiwoudoastuph.net — Cisco Umbrella Rank: 326918
18 KB
5 leikovoleikamarada.com
leikovoleikamarada.com — Cisco Umbrella Rank: 908885
16 KB
2 clcktrck.com
clcktrck.com — Cisco Umbrella Rank: 159985
932 B
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10565
2 KB
2 clibuceant.com
28876989-31069-ex.clibuceant.com
4 KB
1 shoptastic.io
www.shoptastic.io — Cisco Umbrella Rank: 279931
342 B
1 share365.net
www.share365.net — Cisco Umbrella Rank: 481928
2 KB
1 google.com
ads.google.com — Cisco Umbrella Rank: 23719
0 sylikes.com Failed
link.sylikes.com Failed
20 9
Domain Requested by
9 taiwoudoastuph.net 2 redirects leikovoleikamarada.com
taiwoudoastuph.net
5 leikovoleikamarada.com 28876989-31069-ex.clibuceant.com
leikovoleikamarada.com
2 clcktrck.com www.shoptastic.io
2 my.rtmark.net leikovoleikamarada.com
taiwoudoastuph.net
2 28876989-31069-ex.clibuceant.com 1 redirects
1 www.shoptastic.io
1 www.share365.net 1 redirects
1 ads.google.com 28876989-31069-ex.clibuceant.com
0 link.sylikes.com Failed
20 9

This site contains no links.

Subject Issuer Validity Valid
*.clibuceant.com
R10		 2024-11-25 -
2025-02-23		 3 months crt.sh
adwords.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
leikovoleikamarada.com
R11		 2024-10-01 -
2024-12-30		 3 months crt.sh
my.rtmark.net
WE1		 2024-11-06 -
2025-02-04		 3 months crt.sh
taiwoudoastuph.net
WE1		 2024-11-12 -
2025-02-10		 3 months crt.sh
shoptastic.io
Amazon RSA 2048 M03		 2024-10-06 -
2025-11-05		 a year crt.sh
clcktrck.com
E6		 2024-11-26 -
2025-02-24		 3 months crt.sh

This page contains 1 frames:

Frame: https://link.sylikes.com/?publisherId=723606&url=https%3A%2F%2Fopticsplanet.com&af_placement_id=147470150&af_campaign_id=6614abaec6645b7f98bee34414716dad&afRid=6614abaec6645b7f98bee34414716dad
Frame ID: F1A9EB2F9281304F90BF7E4E992D9545
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

clcktrck.com

Page URL History Show full URLs

  1. https://28876989-31069-ex.clibuceant.com/iSxEB4w1OwzmZtczvVjHJiBBl9kRvoHRdqtSPJzNT84RZJ_AodkC9JnbVIVmeNDJktsHcvgj0fTl... Page URL
  2. https://28876989-31069-ex.clibuceant.com/iSxEB4w1OwzmZtczvVjHJiBBl9kRvoHRdqtSPJzNT84RZJ_AodkC9JnbVIVmeNDJktsHcvgj0fTl... HTTP 307
    https://leikovoleikamarada.com/link?z=7205185&var={hostid} Page URL
  3. https://taiwoudoastuph.net/?z=7205186&syncedCookie=true&rhd=false HTTP 302
    https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x Page URL
  4. https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
    https://www.share365.net/vip/rda/us?subId=885946238145663087&country=US&campaignid=8543957 HTTP 302
    https://www.shoptastic.io/store/opticsplanet-com-us-cpc?pubId=10440&subId=885946238145663087&country=U... Page URL
  5. https://clcktrck.com/us/s/red_u_plain.php?uid=274567055&t=direct&s=22235&pub=10440&d=opticsplanet... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns

Page Statistics

20
Requests

95 %
HTTPS

22 %
IPv6

9
Domains

9
Subdomains

9
IPs

5
Countries

39 kB
Transfer

71 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://28876989-31069-ex.clibuceant.com/iSxEB4w1OwzmZtczvVjHJiBBl9kRvoHRdqtSPJzNT84RZJ_AodkC9JnbVIVmeNDJktsHcvgj0fTleuuzHOKnYBWKmKCluLiKcAgfSr1OMYUNrEqov4XEHGksNVCy4g?kws=ummmbrella%2Chot%2Clivestream%2Cporn%2Cvideo%2Cleaked&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.porn4fans.com%...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=0 Page URL
  2. https://28876989-31069-ex.clibuceant.com/iSxEB4w1OwzmZtczvVjHJiBBl9kRvoHRdqtSPJzNT84RZJ_AodkC9JnbVIVmeNDJktsHcvgj0fTleuuzHOKnYBWKmKCluLiKcAgfSr1OMYUNrEqov4XEHGksNVCy4g?kws=ummmbrella%2Chot%2Clivestream%2Cporn%2Cvideo%2Cleaked&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.porn4fans.com%...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=0&pageUri=&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2216%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Thu%20Nov%2028%202024%2000%3A26%3A00%20GMT-1000%20(Hawaii-Aleutian%20Standard%20Time)%22%2C%22600%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
    https://leikovoleikamarada.com/link?z=7205185&var={hostid} Page URL
  3. https://taiwoudoastuph.net/?z=7205186&syncedCookie=true&rhd=false HTTP 302
    https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x Page URL
  4. https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
    https://www.share365.net/vip/rda/us?subId=885946238145663087&country=US&campaignid=8543957 HTTP 302
    https://www.shoptastic.io/store/opticsplanet-com-us-cpc?pubId=10440&subId=885946238145663087&country=US&campaignid=8543957 Page URL
  5. https://clcktrck.com/us/s/red_u_plain.php?uid=274567055&t=direct&s=22235&pub=10440&d=opticsplanet.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://28876989-31069-ex.clibuceant.com/iSxEB4w1OwzmZtczvVjHJiBBl9kRvoHRdqtSPJzNT84RZJ_AodkC9JnbVIVmeNDJktsHcvgj0fTleuuzHOKnYBWKmKCluLiKcAgfSr1OMYUNrEqov4XEHGksNVCy4g?kws=ummmbrella%2Chot%2Clivestream%2Cporn%2Cvideo%2Cleaked&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.porn4fans.com%...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=0&pageUri=&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2216%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Thu%20Nov%2028%202024%2000%3A26%3A00%20GMT-1000%20(Hawaii-Aleutian%20Standard%20Time)%22%2C%22600%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
  • https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Request Chain 8
  • https://taiwoudoastuph.net/?z=7205186&syncedCookie=true&rhd=false HTTP 302
  • https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x
Request Chain 15
  • https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
  • https://www.share365.net/vip/rda/us?subId=885946238145663087&country=US&campaignid=8543957 HTTP 302
  • https://www.shoptastic.io/store/opticsplanet-com-us-cpc?pubId=10440&subId=885946238145663087&country=US&campaignid=8543957
Request Chain 17
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/22c01bf0427f1de78adb9175102766ef57af5e82dc9475f3c3d81a1fc27b5d046b88fab9d3d750db38eb1b7e63bac437884f22528e2922f7111d2ed94bcb745f1b51552a999f5b804e77c2720bff4504a11e07a4f6056438dbdb83bc61da1b1ab9999fe6960b44c77304f4bbee31e09b HTTP 302
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/22c01bf0427f1de78adb9175102766ef57af5e82dc9475f3c3d81a1fc27b5d046b88fab9d3d750db38eb1b7e63bac437884f22528e2922f7111d2ed94bcb745f1b51552a999f5b804e77c2720bff4504a11e07a4f6056438dbdb83bc61da1b1a79f4ff19a98e9a49d31144dadd51bf9f4a8b5002a4bad681edc9f78f5947f886 HTTP 302
  • https://link.sylikes.com/?publisherId=723606&url=https%3A%2F%2Fopticsplanet.com&af_placement_id=147470150&af_campaign_id=6614abaec6645b7f98bee34414716dad&afRid=6614abaec6645b7f98bee34414716dad

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
iSxEB4w1OwzmZtczvVjHJiBBl9kRvoHRdqtSPJzNT84RZJ_AodkC9JnbVIVmeNDJktsHcvgj0fTleuuzHOKnYBWKmKCluLiKcAgfSr1OMYUNrEqov4XEHGksNVCy4g
28876989-31069-ex.clibuceant.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28876989-31069-ex.clibuceant.com/iSxEB4w1OwzmZtczvVjHJiBBl9kRvoHRdqtSPJzNT84RZJ_AodkC9JnbVIVmeNDJktsHcvgj0fTleuuzHOKnYBWKmKCluLiKcAgfSr1OMYUNrEqov4XEHGksNVCy4g?kws=ummmbrella%2Chot%2Clivestream%2Cporn%2Cvideo%2Cleaked&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.porn4fans.com%...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.208.22.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
92b688137ae479ac4829f87cad1dfb384e27bef7d4eaed0027619acbd8a8eb97

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime
31536000
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html
date
Thu, 28 Nov 2024 10:25:59 GMT
expires
Thu, 28 Nov 2024 10:25:59 UTC
last-modified
Thu, 28 Nov 2024 10:25:59 UTC
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma
no-cache
referrer-policy
unsafe-url
server
nginx
vary
Accept-Encoding
/
ads.google.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.google.com/
Requested by
Host: 28876989-31069-ex.clibuceant.com
URL: https://28876989-31069-ex.clibuceant.com/iSxEB4w1OwzmZtczvVjHJiBBl9kRvoHRdqtSPJzNT84RZJ_AodkC9JnbVIVmeNDJktsHcvgj0fTleuuzHOKnYBWKmKCluLiKcAgfSr1OMYUNrEqov4XEHGksNVCy4g?kws=ummmbrella%2Chot%2Clivestream%2Cporn%2Cvideo%2Cleaked&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.porn4fans.com%...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://28876989-31069-ex.clibuceant.com/iSxEB4w1OwzmZtczvVjHJiBBl9kRvoHRdqtSPJzNT84RZJ_AodkC9JnbVIVmeNDJktsHcvgj0fTleuuzHOKnYBWKmKCluLiKcAgfSr1OMYUNrEqov4XEHGksNVCy4g?kws=ummmbrella%2Chot%2Clivestream%2Cporn%2Cvideo%2Cleaked&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.porn4fans.com%...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=0

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1103
date
Thu, 28 Nov 2024 10:26:01 GMT
content-type
text/html; charset=UTF-8
link
leikovoleikamarada.com/
Redirect Chain
  • https://28876989-31069-ex.clibuceant.com/iSxEB4w1OwzmZtczvVjHJiBBl9kRvoHRdqtSPJzNT84RZJ_AodkC9JnbVIVmeNDJktsHcvgj0fTleuuzHOKnYBWKmKCluLiKcAgfSr1OMYUNrEqov4XEHGksNVCy4g?kws=ummmbrella%2Chot%2Clivest...
  • https://leikovoleikamarada.com/link?z=7205185&var={hostid}
31 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Requested by
Host: 28876989-31069-ex.clibuceant.com
URL: https://28876989-31069-ex.clibuceant.com/iSxEB4w1OwzmZtczvVjHJiBBl9kRvoHRdqtSPJzNT84RZJ_AodkC9JnbVIVmeNDJktsHcvgj0fTleuuzHOKnYBWKmKCluLiKcAgfSr1OMYUNrEqov4XEHGksNVCy4g?kws=ummmbrella%2Chot%2Clivestream%2Cporn%2Cvideo%2Cleaked&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.porn4fans.com%...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
bfff8e72989b53514e480bedd6ec9c6e008e2c93052e1c4e933b37207b8c3993
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://28876989-31069-ex.clibuceant.com/iSxEB4w1OwzmZtczvVjHJiBBl9kRvoHRdqtSPJzNT84RZJ_AodkC9JnbVIVmeNDJktsHcvgj0fTleuuzHOKnYBWKmKCluLiKcAgfSr1OMYUNrEqov4XEHGksNVCy4g?kws=ummmbrella%2Chot%2Clivestream%2Cporn%2Cvideo%2Cleaked&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.porn4fans.com%...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
device-memory
8

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Thu, 28 Nov 2024 10:26:01 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
a661ebfd57522fe2fc2bd9bca912c7ba

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime
31536000
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 28 Nov 2024 10:26:00 GMT
expires
Thu, 28 Nov 2024 10:26:00 UTC
last-modified
Thu, 28 Nov 2024 10:26:00 UTC
location
https://leikovoleikamarada.com/link?z=7205185&var={hostid}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma
no-cache
referrer-policy
unsafe-url
server
nginx
img.gif
my.rtmark.net/ 		43 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=008122eedfd14e15e166a3ce4ac52d8b&z=7205186&p_rid=9b26d420-f586-4c03-b04c-088928326b75&p_src=sf
Requested by
Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://leikovoleikamarada.com/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TUW%2BL%2FVQJP22jvnC3XvxmlllWH7OOjnNn8rrHseT3bCrgW5LUgRtSp4GOAXlfym5EMgybPR7iM8veaeeMT5AsZIkDaC3XVBpUMTY5qjdsZpZDOVcGCyslIQdpeSVVXkk"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=77814&min_rtt=72977&rtt_var=19294&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4119&recv_bytes=4482&delivery_rate=7975&cwnd=12000&unsent_bytes=0&cid=e84ccd0096211673&ts=244&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 28 Nov 2024 10:26:01 GMT
content-type
image/gif
priority
u=1,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8e99a848d86c7c4a-LAX
access-control-allow-origin
*
content-length
43
server
cloudflare
sftouch
taiwoudoastuph.net/ 		43 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taiwoudoastuph.net/sftouch?userId=008122eedfd14e15e166a3ce4ac52d8b&z=7205186&p_rid=9b26d420-f586-4c03-b04c-088928326b75&p_src=sf&branchId=0&rb=xJl6NJfJA2S4_NM7KFUumzt5_fgW7Afnmul5bakwpt5bt9upsIipyX0WGAbJsl8LmnJO8UnH14bd423Eia6FLHOOu1dIPWa74xNdg0nMk04BOn7rxPrx1GNEqySMAYiWdbv3AcidSiwcWIHermpa8266foCNjaqgDqYJTAMlcj1Y-K3_VrW9lry30t0qEaULaSUpmKn4z5spQ2hV1dyz96s4mswleYvJCv_mIe7trGUOFHSjKTf3J82fAB-tGIXMup8KJq6AOJVlhxg-rytu_JpghWbBEI4mmStJDH5Q97Brv5n4CPZIUhUZiOx-t_mkAl_8ptdymnjcnfwL9JoBZWwJrYGXkHwQDBRCZHwZWy5M6eOrrhAaR7i-NfJ1yaCQ04y093Aq0kwajyvPisCjQ1P2lD6BIh_MEcNk5KmRUPBYCDQoAIhL2GqaMhrY0YLH_6DqeZnsBMaKAHQbKgezJ8J67l7FW5rbMf4bpkr_O4AlIFooVmkBw74QEnfi7oUiMI2pP414YK677qQHRZpxjJI_t9-KAfOhidA_ZLOdvMNb70iNQbvEw7rrijJw7-lks0XGsDnPOQlelyvhdd7EsEoDyd74jhOmZ9riFAobJc11jb1yEvuMA5DRI6zCbpBtyMxbO_Lf7AtHMAyiEaXiD9T4JtZSy8_hBwE0SSGFvRkNv3MuSsiMwhiK3PRrhEMfsG_9gyQPcf5h1wsquZhN0C3I20Wv7r8cFMLdAaKn2cU-1o308m3zdnLkSKrgECpk37eaPsUMgKY=&w_img=1
Requested by
Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://leikovoleikamarada.com/

Response headers

access-control-max-age
86400
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 10:26:02 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
93634cccf38f5199e3d0605e63fe8921
cf-ray
8e99a849cb95f7dd-LAX
access-control-allow-origin
*
content-length
43
server
cloudflare
add
leikovoleikamarada.com/log/ 		12 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leikovoleikamarada.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=9b26d420-f586-4c03-b04c-088928326b75
Requested by
Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
access-control-allow-origin
https://leikovoleikamarada.com
content-length
12
date
Thu, 28 Nov 2024 10:26:01 GMT
content-type
application/json; charset=utf-8
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
add
leikovoleikamarada.com/async_log/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leikovoleikamarada.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=9b26d420-f586-4c03-b04c-088928326b75
Requested by
Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
access-control-allow-origin
https://leikovoleikamarada.com
content-length
0
date
Thu, 28 Nov 2024 10:26:01 GMT
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
favicon.ico
leikovoleikamarada.com/ 		0
150 B 		Other
General
Check archive.org
Download Go to
Full URL
https://leikovoleikamarada.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
date
Thu, 28 Nov 2024 10:26:02 GMT
pragma
public
server
nginx
6118780
taiwoudoastuph.net/4/
Redirect Chain
  • https://taiwoudoastuph.net/?z=7205186&syncedCookie=true&rhd=false
  • https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x
31 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5ab77fc8d68f214bec9e74632f93c0cf60aea1f9d9f938dd7e77083e2d8f0d7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://leikovoleikamarada.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8e99a84d98e60fe8-LAX
content-encoding
gzip
content-type
text/html; charset=utf8
date
Thu, 28 Nov 2024 10:26:02 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
a9198af65f33b9b3cf31395a0fdbbed5

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://leikovoleikamarada.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8e99a84b8ead0fe8-LAX
content-length
0
date
Thu, 28 Nov 2024 10:26:02 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://taiwoudoastuph.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x
pragma
no-cache
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
5656444aa474d1331da8923ac9e73121
favicon.ico
leikovoleikamarada.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://leikovoleikamarada.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://leikovoleikamarada.com/afu.php?zoneid=7205186&var=7205186&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
date
Thu, 28 Nov 2024 10:26:02 GMT
pragma
public
server
nginx
img.gif
my.rtmark.net/ 		43 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=008122c447554989f1ac91ba9f1dea78&z=6118780&p_rid=9c06b1f6-cdc4-4c86-9ba7-8c2c7732cb40&p_src=sf
Requested by
Host: taiwoudoastuph.net
URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://taiwoudoastuph.net/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hxuW5PHG2nPVC9%2B3cowBXNexdUQQwF%2FCK%2F3xs1QZpkI6wj2EfvWxhgvD7Ls4Ap%2BuAvKCeL7djG9E%2B44Lnnts6DTc7R1SXu%2FpaX3UFvYNerwpsPyFmqaupjjpHLEo74dv"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=80613&min_rtt=80533&rtt_var=17120&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4117&recv_bytes=4506&delivery_rate=7213&cwnd=12000&unsent_bytes=0&cid=4acaf894115a65b1&ts=232&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 28 Nov 2024 10:26:03 GMT
content-type
image/gif
priority
u=1,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8e99a84fee6a2f76-LAX
access-control-allow-origin
*
content-length
43
server
cloudflare
sftouch
taiwoudoastuph.net/ 		43 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taiwoudoastuph.net/sftouch?userId=008122c447554989f1ac91ba9f1dea78&z=6118780&p_rid=9c06b1f6-cdc4-4c86-9ba7-8c2c7732cb40&p_src=sf&branchId=0&rb=yWZeoJizCrCfLI0YMA2SRSzkG2dVLNmxFmh37ZAlu9bF-r9ICVvHvWGseoZnljWBAo9pQfIoJe9zUTtu0zdM_yNTjGEVmWSuBx3bGxMWhWyosu7iF7CE_qBhE97cZZXrnMce593nXOe9U-JAPNovVObjSZu5DRwjckXi6crIYLPAJoPn-synZFGmmxcvKv1wk3Wof2ljlXw0-e8YHl9zATpxtJxLbxWPMjkQjYUgKHkbVf8H7hrrSaSkTnceMA5PbaUGBn8GLybt67MCcZk_sniFzLUMLxnLoilmvYvCP5tZQiYYdHGOrlWrv40=&w_img=1
Requested by
Host: taiwoudoastuph.net
URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x

Response headers

access-control-max-age
86400
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 10:26:02 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
e4a9069a5c3a1f0aee3fc400fbaad884
cf-ray
8e99a84f68e50916-LAX
access-control-allow-origin
*
content-length
43
server
cloudflare
add
taiwoudoastuph.net/log/ 		12 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://taiwoudoastuph.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=9c06b1f6-cdc4-4c86-9ba7-8c2c7732cb40
Requested by
Host: taiwoudoastuph.net
URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
cf-ray
8e99a84fe96c0916-LAX
access-control-allow-origin
https://taiwoudoastuph.net
alt-svc
h3=":443"; ma=86400
content-length
12
date
Thu, 28 Nov 2024 10:26:03 GMT
content-type
application/json; charset=utf-8
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
add
taiwoudoastuph.net/async_log/ 		0
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://taiwoudoastuph.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=9c06b1f6-cdc4-4c86-9ba7-8c2c7732cb40
Requested by
Host: taiwoudoastuph.net
URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
cf-ray
8e99a84ff97c0916-LAX
access-control-allow-origin
https://taiwoudoastuph.net
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 28 Nov 2024 10:26:03 GMT
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
favicon.ico
taiwoudoastuph.net/ 		0
181 B 		Other
General
Check archive.org
Download Go to
Full URL
https://taiwoudoastuph.net/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x

Response headers

cache-control
public, max-age=315360000
cf-cache-status
HIT
pragma
public
age
1361546
cf-ray
8e99a8517b270916-LAX
expires
Sun, 26 Nov 2034 10:26:03 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 10:26:03 GMT
vary
Accept-Encoding
server
cloudflare
opticsplanet-com-us-cpc
www.shoptastic.io/store/
Redirect Chain
  • https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false
  • https://www.share365.net/vip/rda/us?subId=885946238145663087&country=US&campaignid=8543957
  • https://www.shoptastic.io/store/opticsplanet-com-us-cpc?pubId=10440&subId=885946238145663087&country=US&campaignid=8543957
142 B
342 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.shoptastic.io/store/opticsplanet-com-us-cpc?pubId=10440&subId=885946238145663087&country=US&campaignid=8543957
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.53.88.18 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-53-88-18.us-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://taiwoudoastuph.net
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-language
en-US
content-type
text/html;charset=UTF-8
date
Thu, 28 Nov 2024 10:26:03 GMT
server
nginx/1.18.0 (Ubuntu)
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding

Redirect headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8e99a854bbb4cbae-LAX
content-type
text/html; charset=UTF-8
date
Thu, 28 Nov 2024 10:26:03 GMT
location
https://www.shoptastic.io/store/opticsplanet-com-us-cpc?pubId=10440&subId=885946238145663087&country=US&campaignid=8543957
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2FeADqw%2FCHn3hhrGNwAP6OdCjnGyX7qCS2h7moluiRLU9C0QddJtAaZt392YbBV4KFfQELeaR8iuBL0V0K9sPxD8POP3XA7cLGKQaUZDYaT88NTjSY2eyZFMDXSsyqzXWiwB%2FeEU7RADWNyLbz0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=TCP&rtt=73053&min_rtt=71700&rtt_var=17176&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4042&recv_bytes=2401&delivery_rate=51255&cwnd=252&unsent_bytes=0&cid=2ac233dccbab6c81&ts=132&x=0"
strict-transport-security
max-age=31536000
favicon.ico
taiwoudoastuph.net/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://taiwoudoastuph.net/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://taiwoudoastuph.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control
public, max-age=315360000
cf-cache-status
HIT
pragma
public
age
1361546
cf-ray
8e99a8517b270916-LAX
expires
Sun, 26 Nov 2034 10:26:03 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 10:26:03 GMT
vary
Accept-Encoding
server
cloudflare
Primary Request red_u_plain.php
clcktrck.com/us/s/ 		641 B
686 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clcktrck.com/us/s/red_u_plain.php?uid=274567055&t=direct&s=22235&pub=10440&d=opticsplanet.com
Requested by
Host: www.shoptastic.io
URL: https://www.shoptastic.io/store/opticsplanet-com-us-cpc?pubId=10440&subId=885946238145663087&country=US&campaignid=8543957
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.73.249.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-249-248.eu-central-1.compute.amazonaws.com
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
8d1ebf13380152586f1566cf4a3a48692af9b8edae7151a3d7cdc1b97524b070

Request headers

Referer
https://www.shoptastic.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 28 Nov 2024 10:26:05 GMT
Server
nginx/1.24.0 (Ubuntu)
Transfer-Encoding
chunked
/
link.sylikes.com/
Redirect Chain
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/22c01bf0427f1de78adb9175102766ef57af5e82dc9475f3c3d81a1fc27b5d046b88fab9d3d750db38eb1b7e63bac437884f22528e2922f7111d2ed94bcb745f1b51552a999f5b8...
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/22c01bf0427f1de78adb9175102766ef57af5e82dc9475f3c3d81a1fc27b5d046b88fab9d3d750db38eb1b7e63bac437884f22528e2922f7111d2ed94bcb745f1b51552a999f5b8...
  • https://link.sylikes.com/?publisherId=723606&url=https%3A%2F%2Fopticsplanet.com&af_placement_id=147470150&af_campaign_id=6614abaec6645b7f98bee34414716dad&afRid=6614abaec6645b7f98bee34414716dad
0
0
favicon.ico
clcktrck.com/ 		0
246 B 		Other
General
Check archive.org
Download Go to
Full URL
https://clcktrck.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.73.249.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-249-248.eu-central-1.compute.amazonaws.com
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://clcktrck.com/

Response headers

ETag
"645a16d2-0"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Date
Thu, 28 Nov 2024 10:26:06 GMT
Content-Type
image/x-icon
Last-Modified
Tue, 09 May 2023 09:48:02 GMT
Server
nginx/1.24.0 (Ubuntu)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
link.sylikes.com
URL
https://link.sylikes.com/?publisherId=723606&url=https%3A%2F%2Fopticsplanet.com&af_placement_id=147470150&af_campaign_id=6614abaec6645b7f98bee34414716dad&afRid=6614abaec6645b7f98bee34414716dad

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Domain/Path Name / Value
leikovoleikamarada.com/ Name: OAID
Value: 008122eedfd14e15e166a3ce4ac52d8b
leikovoleikamarada.com/ Name: oaidts
Value: 1732789561
leikovoleikamarada.com/ Name: allcnt
Value: 1
my.rtmark.net/ Name: ID
Value: 008122eedfd14e15e166a3ce4ac52d8b
taiwoudoastuph.net/ Name: oaidts
Value: 1732789562
taiwoudoastuph.net/ Name: OAID
Value: 008122eedfd14e15e166a3ce4ac52d8b
taiwoudoastuph.net/ Name: syncedCookie
Value: true
www.share365.net/ Name: XSRF-TOKEN
Value: eyJpdiI6ImZRejhUMURvQ1BFUm16S1JwSFJLWHc9PSIsInZhbHVlIjoiM243UUZxVVNpQklsbG1MQUh0UkZhWkZ1Skt5dFh4bml4UHE0WWVvMWJFeWRuUkV1bzhoWmtjQVlPdkhUbU9DYyIsIm1hYyI6ImYzOWNjNGQ4YmY0MGM3NjZiYWI3MDMyMGY4MzgzZTAyMjZkYWYzYzVmM2NkOTlkMWIyYWRiNGFiOTI4ZjdlYWIifQ%3D%3D
www.share365.net/ Name: laravel_session
Value: eyJpdiI6IklBR1huQkhuckhWQjNKR1Z4ZHBTZ2c9PSIsInZhbHVlIjoiRWxITmJwUXVsOFI4OFJ1XC8wT2NLQ2tLbW1nMlJYd2l6dmJwYUpQd1phWHVjZDU2SjBIc0hweWk5ejFwK2RDTlMiLCJtYWMiOiJkZjhiZDQwMzk2MTQzMjcwZGUyNzkxZjU2NmY3NTk2MmZmNGViMWU5YzM0YmM3YjE0NjQ5ODNiMWNlYWJmMTVjIn0%3D

6 Console Messages

Source Level URL
Text
rendering warning URL: https://28876989-31069-ex.clibuceant.com/iSxEB4w1OwzmZtczvVjHJiBBl9kRvoHRdqtSPJzNT84RZJ_AodkC9JnbVIVmeNDJktsHcvgj0fTleuuzHOKnYBWKmKCluLiKcAgfSr1OMYUNrEqov4XEHGksNVCy4g?kws=ummmbrella%2Chot%2Clivestream%2Cporn%2Cvideo%2Cleaked&abl=0&fsb=0&pageUri=https%3A%2F%2Fwww.porn4fans.com%...%20312%20...2C%22%5B%5D%22%5D&si=1&focus=0
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0700A03E4150000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://ads.google.com/
Message:
Failed to load resource: the server responded with a status of 429 ()
rendering warning URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0A00A03E4150000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://leikovoleikamarada.com/afu.php?zoneid=7205186&var=7205186&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0700A03E4150000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0700A03E4150000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://taiwoudoastuph.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0A0FA0CE4150000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.