urlscan.io logo urlscan.io
SecurityTrails logo

lowtyruntor.com Open in urlscan Pro
139.45.197.237  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://youtube.sj7.one/hEWIDVOb
Effective URL: https://lowtyruntor.com/4/REVERSE/?var=5660982-3271992274-0&var3=$16553130521607688184152063365175060
Submission: On June 15 via api from CZ — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 12 domains to perform 28 HTTP transactions. The main IP is 139.45.197.237, located in United Kingdom and belongs to RETN-AS, GB. The main domain is lowtyruntor.com. The Cisco Umbrella rank of the primary domain is 46801.
TLS certificate: Issued by R3 on June 11th 2022. Valid for: 3 months.
This is the only time lowtyruntor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 64.227.23.114 14061 (DIGITALOC...)
2 3 35.186.243.67 15169 (GOOGLE)
4 139.45.197.155 9002 (RETN-AS)
6 139.45.197.251 9002 (RETN-AS)
2 139.45.195.8 9002 (RETN-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 37.48.68.71 60781 (LEASEWEB-...)
3 2a00:1450:400... 15169 (GOOGLE)
1 139.45.197.237 9002 (RETN-AS)
28 11
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
youtube.sj7.one
cdntechone.com
1    64.227.23.114 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
polo.thegadgetguru.club
3    35.186.243.67 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 67.243.186.35.bc.googleusercontent.com
buzzonclick.com
4    139.45.197.155 (United Kingdom)

ASN9002 (RETN-AS, GB)
oataltaul.com
6    139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)
yonhelioliskor.com
2    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    37.48.68.71 (Arnhem, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
datatechone.com
3    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)
lowtyruntor.com
Apex Domain
Subdomains		 Transfer
6 yonhelioliskor.com
yonhelioliskor.com — Cisco Umbrella Rank: 38817
76 KB
5 datatechone.com
datatechone.com — Cisco Umbrella Rank: 46464
2 KB
4 oataltaul.com
oataltaul.com — Cisco Umbrella Rank: 208474
24 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 9
23 KB
3 buzzonclick.com
buzzonclick.com — Cisco Umbrella Rank: 282351
3 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 9968
1 KB
1 lowtyruntor.com
lowtyruntor.com — Cisco Umbrella Rank: 46801
1 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
1 cdntechone.com
cdntechone.com — Cisco Umbrella Rank: 40933
18 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 96 Failed
33 KB
1 thegadgetguru.club
polo.thegadgetguru.club — Cisco Umbrella Rank: 676238
287 B
1 sj7.one
youtube.sj7.one
630 B
28 12
Domain Requested by
6 yonhelioliskor.com oataltaul.com
yonhelioliskor.com
5 datatechone.com cdntechone.com
4 oataltaul.com buzzonclick.com
oataltaul.com
3 www.google.com
3 buzzonclick.com 2 redirects
2 my.rtmark.net yonhelioliskor.com
1 lowtyruntor.com oataltaul.com
1 pagead2.googlesyndication.com cdntechone.com
1 cdntechone.com buzzonclick.com
1 www.googletagmanager.com oataltaul.com
1 polo.thegadgetguru.club 1 redirects
1 youtube.sj7.one 1 redirects
28 12

This site contains no links.

Subject Issuer Validity Valid
buzzonclick.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-16 -
2022-07-04		 2 years crt.sh
oataltaul.com
R3		 2022-04-20 -
2022-07-19		 3 months crt.sh
yonhelioliskor.com
R3		 2022-05-11 -
2022-08-09		 3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-20 -
2022-11-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-12-24 -
2022-12-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-24 -
2022-12-24		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
lowtyruntor.com
R3		 2022-06-11 -
2022-09-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://lowtyruntor.com/4/REVERSE/?var=5660982-3271992274-0&var3=$16553130521607688184152063365175060
Frame ID: 5A1F607224D93681A64CFC3B3B0E5F8A
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://youtube.sj7.one/hEWIDVOb HTTP 302
    https://polo.thegadgetguru.club/?k=c232135f2a117a7c4e88f41ae8c0c6cb&type=mainstream&subtype=global HTTP 302
    https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=9adf3308c7e26fd8e7fd124a752258c0&sub1=1658 Page URL
  2. https://buzzonclick.com/jump/next.php?stamat=m%257CEi43Nq4jaQdH8AH0dEdHP3xP.013%252C7H0PozvLiGV-YkDx... HTTP 302
    https://buzzonclick.com/script/i.php?stamat=m%257C%252C%252Cgif_tiKioGU3B0-GH0dEdHP3xP.01a%252CqdMm1... HTTP 302
    https://oataltaul.com/?l=02GYUEFO3sEAauR&s=$16553130521607688184152063365175060&z=5660982-32719922... Page URL
  3. https://oataltaul.com/?l=02GYUEFO3sEAauR&s=$16553130521607688184152063365175060&z=5660982-32719922... Page URL
  4. https://lowtyruntor.com/4/REVERSE/?var=5660982-3271992274-0&var3=$16553130521607688184152063365175060 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

28
Requests

89 %
HTTPS

36 %
IPv6

12
Domains

12
Subdomains

11
IPs

4
Countries

181 kB
Transfer

425 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://youtube.sj7.one/hEWIDVOb HTTP 302
    https://polo.thegadgetguru.club/?k=c232135f2a117a7c4e88f41ae8c0c6cb&type=mainstream&subtype=global HTTP 302
    https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=9adf3308c7e26fd8e7fd124a752258c0&sub1=1658 Page URL
  2. https://buzzonclick.com/jump/next.php?stamat=m%257CEi43Nq4jaQdH8AH0dEdHP3xP.013%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRpKKjAMyq7T9m9Y71KHk6FaUtk6lJu81m5rVce1Omcm2fc6s1gBx5jqmHrPGJ1MFrn9Om9kyfwwBghHe-jhaIyw&cbpage=https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=9adf3308c7e26fd8e7fd124a752258c0&sub1=1658&cbur=0.7951435064188774&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
    https://buzzonclick.com/script/i.php?stamat=m%257C%252C%252Cgif_tiKioGU3B0-GH0dEdHP3xP.01a%252CqdMm1tQedSFDLPVqZGdGak4T1L4m93xN9g4HJfTOZPxR415Qv2_hKk6f_eKPhKHDD71Djc1_FLsFsX9O-scZNG8zGEa8w7YYuT9WRa6Tab4tJGiM6gbQ0HhodhHszG6vuXGfdr-z1lQqt-b8P8VM01BtkiQ5wZ3nvUhYhGsYQG5Zzi5AgA11H6lh0rwt3V_X8X535OWWDU_BzUICLhXJtRf7rLzXiHfCvheTdhNzTMNrEnD-ScheABB1Ty69Kh3_tiSAY_MZxzAdKW5mw3UVz0EWTC2GmFsktSY8sOwvCOpREt6X1g1aKPvOwsZvSgQVSuPFexh9De1ggvDpwlUeBjztU54GWgPJ9HBgCItrMvGESvDzkSQzU68AxMTUF0q74zz_RGvSQfKI-rkW2N89xziJjBWsq7yxq9gHXwDX3OrFDqNCBV5Tt7xCimGRPOdqW5P9BK-oIJinNnvjcmQ3p17O-9IsBJ81LQ3OSpFhhiGHAvr1t7IbvPmBZctMiCUabE7micE60dRzo9X7vkgb0CHLkOOPjDZRMZFS6WgoKLXsG5wbZcOrCvYVE4G8vCn6G1KFsAkiaG4M7Lq8RFmtOAyZk-KijwrZ8qeOmQV09e4%252C HTTP 302
    https://oataltaul.com/?l=02GYUEFO3sEAauR&s=$16553130521607688184152063365175060&z=5660982-3271992274-0 Page URL
  3. https://oataltaul.com/?l=02GYUEFO3sEAauR&s=$16553130521607688184152063365175060&z=5660982-3271992274-0&rdc=1 Page URL
  4. https://lowtyruntor.com/4/REVERSE/?var=5660982-3271992274-0&var3=$16553130521607688184152063365175060 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://youtube.sj7.one/hEWIDVOb HTTP 302
  • https://polo.thegadgetguru.club/?k=c232135f2a117a7c4e88f41ae8c0c6cb&type=mainstream&subtype=global HTTP 302
  • https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=9adf3308c7e26fd8e7fd124a752258c0&sub1=1658
Request Chain 1
  • https://buzzonclick.com/jump/next.php?stamat=m%257CEi43Nq4jaQdH8AH0dEdHP3xP.013%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRpKKjAMyq7T9m9Y71KHk6FaUtk6lJu81m5rVce1Omcm2fc6s1gBx5jqmHrPGJ1MFrn9Om9kyfwwBghHe-jhaIyw&cbpage=https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=9adf3308c7e26fd8e7fd124a752258c0&sub1=1658&cbur=0.7951435064188774&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
  • https://buzzonclick.com/script/i.php?stamat=m%257C%252C%252Cgif_tiKioGU3B0-GH0dEdHP3xP.01a%252CqdMm1tQedSFDLPVqZGdGak4T1L4m93xN9g4HJfTOZPxR415Qv2_hKk6f_eKPhKHDD71Djc1_FLsFsX9O-scZNG8zGEa8w7YYuT9WRa6Tab4tJGiM6gbQ0HhodhHszG6vuXGfdr-z1lQqt-b8P8VM01BtkiQ5wZ3nvUhYhGsYQG5Zzi5AgA11H6lh0rwt3V_X8X535OWWDU_BzUICLhXJtRf7rLzXiHfCvheTdhNzTMNrEnD-ScheABB1Ty69Kh3_tiSAY_MZxzAdKW5mw3UVz0EWTC2GmFsktSY8sOwvCOpREt6X1g1aKPvOwsZvSgQVSuPFexh9De1ggvDpwlUeBjztU54GWgPJ9HBgCItrMvGESvDzkSQzU68AxMTUF0q74zz_RGvSQfKI-rkW2N89xziJjBWsq7yxq9gHXwDX3OrFDqNCBV5Tt7xCimGRPOdqW5P9BK-oIJinNnvjcmQ3p17O-9IsBJ81LQ3OSpFhhiGHAvr1t7IbvPmBZctMiCUabE7micE60dRzo9X7vkgb0CHLkOOPjDZRMZFS6WgoKLXsG5wbZcOrCvYVE4G8vCn6G1KFsAkiaG4M7Lq8RFmtOAyZk-KijwrZ8qeOmQV09e4%252C HTTP 302
  • https://oataltaul.com/?l=02GYUEFO3sEAauR&s=$16553130521607688184152063365175060&z=5660982-3271992274-0

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
next.php
buzzonclick.com/jump/
Redirect Chain
  • https://youtube.sj7.one/hEWIDVOb
  • https://polo.thegadgetguru.club/?k=c232135f2a117a7c4e88f41ae8c0c6cb&type=mainstream&subtype=global
  • https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=9adf3308c7e26fd8e7fd124a752258c0&sub1=1658
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=9adf3308c7e26fd8e7fd124a752258c0&sub1=1658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.243.67 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
67.243.186.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 15 Jun 2022 17:10:52 GMT
server
openresty
via
1.1 google

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 15 Jun 2022 17:10:52 GMT
Location
https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=9adf3308c7e26fd8e7fd124a752258c0&sub1=1658
Server
nginx/1.16.1 (Ubuntu)
/
oataltaul.com/
Redirect Chain
  • https://buzzonclick.com/jump/next.php?stamat=m%257CEi43Nq4jaQdH8AH0dEdHP3xP.013%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRpKKjAMyq7T9m9Y71KHk6FaUtk6lJu81m5rVce1Omcm2fc6s1gBx5jqmHrPGJ1MFrn9Om9ky...
  • https://buzzonclick.com/script/i.php?stamat=m%257C%252C%252Cgif_tiKioGU3B0-GH0dEdHP3xP.01a%252CqdMm1tQedSFDLPVqZGdGak4T1L4m93xN9g4HJfTOZPxR415Qv2_hKk6f_eKPhKHDD71Djc1_FLsFsX9O-scZNG8zGEa8w7YYuT9WRa...
  • https://oataltaul.com/?l=02GYUEFO3sEAauR&s=$16553130521607688184152063365175060&z=5660982-3271992274-0
19 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oataltaul.com/?l=02GYUEFO3sEAauR&s=$16553130521607688184152063365175060&z=5660982-3271992274-0
Requested by
Host: buzzonclick.com
URL: https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=9adf3308c7e26fd8e7fd124a752258c0&sub1=1658
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.25
Resource Hash
55b6c36f60b45033590e49c1f80c15811e8eb35526add37677bafaf1b56a0b4d

Request headers

Referer
https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=9adf3308c7e26fd8e7fd124a752258c0&sub1=1658
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 15 Jun 2022 17:10:53 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.25

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
date
Wed, 15 Jun 2022 17:10:52 GMT
location
https://oataltaul.com/?l=02GYUEFO3sEAauR&s=$16553130521607688184152063365175060&z=5660982-3271992274-0
referrer-policy
no-referrer
server
openresty
via
1.1 google
micro.tag.min.js
yonhelioliskor.com/pfe/current/ 		104 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/pfe/current/micro.tag.min.js?z=4470214&ymid=$16553130521607688184152063365175060&var=5660982-3271992274-0&sw=/sw-check-permissions/4470214
Requested by
Host: oataltaul.com
URL: https://oataltaul.com/?l=02GYUEFO3sEAauR&s=$16553130521607688184152063365175060&z=5660982-3271992274-0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
3935fa05719f757141672586342a046e36b4430f31f54523b588029f3693f05f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oataltaul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jun 2022 17:10:53 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:07:21 GMT
server
nginx
etag
W/"62aa03b9-19e8b"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/gif
/
oataltaul.com/ 		2 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oataltaul.com/?l=02GYUEFO3sEAauR&s=$16553130521607688184152063365175060&z=5660982-3271992274-0&mprtr=1
Requested by
Host: oataltaul.com
URL: https://oataltaul.com/?l=02GYUEFO3sEAauR&s=$16553130521607688184152063365175060&z=5660982-3271992274-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.27
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oataltaul.com/?l=02GYUEFO3sEAauR&s=$16553130521607688184152063365175060&z=5660982-3271992274-0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 17:10:53 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.4.27
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
zone
yonhelioliskor.com/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/zone?&pub=0&zone_id=4470214&is_mobile=false&domain=oataltaul.com&var=5660982-3271992274-0&ymid=%2416553130521607688184152063365175060&var_3=&dsig=&action=prerequest
Requested by
Host: yonhelioliskor.com
URL: https://yonhelioliskor.com/pfe/current/micro.tag.min.js?z=4470214&ymid=$16553130521607688184152063365175060&var=5660982-3271992274-0&sw=/sw-check-permissions/4470214
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oataltaul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-trace-id
ec8b7a5b4701da769489c5a896963aff
date
Wed, 15 Jun 2022 17:10:53 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-origin
https://oataltaul.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
0
gtm.js
www.googletagmanager.com/ 		0
0
gid.js
my.rtmark.net/ 		65 B
542 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4470214&checkDuplicate=true&ymid=$16553130521607688184152063365175060&var=5660982-3271992274-0
Requested by
Host: yonhelioliskor.com
URL: https://yonhelioliskor.com/pfe/current/micro.tag.min.js?z=4470214&ymid=$16553130521607688184152063365175060&var=5660982-3271992274-0&sw=/sw-check-permissions/4470214
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b64f3bf8889f5b5c747046c45ce484c3307d99532d9b6e84d57c5c2c830d08c1
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oataltaul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 17:10:53 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oataltaul.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
yonhelioliskor.com/ 		729 B
1015 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/zone?&pub=0&zone_id=4470214&is_mobile=false&domain=oataltaul.com&var=5660982-3271992274-0&ymid=%2416553130521607688184152063365175060&var_3=&dsig=&action=settings
Requested by
Host: yonhelioliskor.com
URL: https://yonhelioliskor.com/pfe/current/micro.tag.min.js?z=4470214&ymid=$16553130521607688184152063365175060&var=5660982-3271992274-0&sw=/sw-check-permissions/4470214
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
df749e3c10fa3a1257f3e06c7b76ca16f536256c3d34e1101ce463edc600802d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oataltaul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-trace-id
d498e56d376d56b6b3c4e2be92c168cc
date
Wed, 15 Jun 2022 17:10:53 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oataltaul.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
729
/
oataltaul.com/ 		19 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oataltaul.com/?l=02GYUEFO3sEAauR&s=$16553130521607688184152063365175060&z=5660982-3271992274-0&rdc=1
Requested by
Host: oataltaul.com
URL: https://oataltaul.com/?l=02GYUEFO3sEAauR&s=$16553130521607688184152063365175060&z=5660982-3271992274-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.24
Resource Hash
87e6ea9151ed6e5049b4d168421af04b61efdea74a5509f84e69266f2e42fb08

Request headers

Referer
https://oataltaul.com/?l=02GYUEFO3sEAauR&s=$16553130521607688184152063365175060&z=5660982-3271992274-0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 15 Jun 2022 17:10:53 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.24
micro.tag.min.js
yonhelioliskor.com/pfe/current/ 		104 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/pfe/current/micro.tag.min.js?z=4470214&ymid=$16553130521607688184152063365175060&var=5660982-3271992274-0&sw=/sw-check-permissions/4470214
Requested by
Host: oataltaul.com
URL: https://oataltaul.com/?l=02GYUEFO3sEAauR&s=$16553130521607688184152063365175060&z=5660982-3271992274-0&rdc=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
3935fa05719f757141672586342a046e36b4430f31f54523b588029f3693f05f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oataltaul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jun 2022 17:10:53 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:07:21 GMT
server
nginx
etag
W/"62aa03b9-19e8b"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/gif
/
oataltaul.com/ 		2 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oataltaul.com/?l=02GYUEFO3sEAauR&s=$16553130521607688184152063365175060&z=5660982-3271992274-0&rdc=1&mprtr=1
Requested by
Host: oataltaul.com
URL: https://oataltaul.com/?l=02GYUEFO3sEAauR&s=$16553130521607688184152063365175060&z=5660982-3271992274-0&rdc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.155 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.27
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oataltaul.com/?l=02GYUEFO3sEAauR&s=$16553130521607688184152063365175060&z=5660982-3271992274-0&rdc=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 17:10:53 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.4.27
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
zone
yonhelioliskor.com/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/zone?&pub=0&zone_id=4470214&is_mobile=false&domain=oataltaul.com&var=5660982-3271992274-0&ymid=%2416553130521607688184152063365175060&var_3=&dsig=&action=prerequest
Requested by
Host: yonhelioliskor.com
URL: https://yonhelioliskor.com/pfe/current/micro.tag.min.js?z=4470214&ymid=$16553130521607688184152063365175060&var=5660982-3271992274-0&sw=/sw-check-permissions/4470214
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oataltaul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-trace-id
3743382812ca21f8158848fd003588fd
date
Wed, 15 Jun 2022 17:10:53 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-origin
https://oataltaul.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
0
gtm.js
www.googletagmanager.com/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T2MCGLV
Requested by
Host: oataltaul.com
URL: https://oataltaul.com/?l=02GYUEFO3sEAauR&s=$16553130521607688184152063365175060&z=5660982-3271992274-0&rdc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0e0619c2a8bcd155119fc2a8ba3b5abe9f9386563594f91081e2723764b533bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oataltaul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 17:10:53 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33504
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 16:10:30 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 15 Jun 2022 17:10:53 GMT
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4470214&checkDuplicate=true&ymid=$16553130521607688184152063365175060&var=5660982-3271992274-0
Requested by
Host: yonhelioliskor.com
URL: https://yonhelioliskor.com/pfe/current/micro.tag.min.js?z=4470214&ymid=$16553130521607688184152063365175060&var=5660982-3271992274-0&sw=/sw-check-permissions/4470214
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b64f3bf8889f5b5c747046c45ce484c3307d99532d9b6e84d57c5c2c830d08c1
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oataltaul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 17:10:53 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oataltaul.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
yonhelioliskor.com/ 		729 B
1014 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/zone?&pub=0&zone_id=4470214&is_mobile=false&domain=oataltaul.com&var=5660982-3271992274-0&ymid=%2416553130521607688184152063365175060&var_3=&dsig=&action=settings
Requested by
Host: yonhelioliskor.com
URL: https://yonhelioliskor.com/pfe/current/micro.tag.min.js?z=4470214&ymid=$16553130521607688184152063365175060&var=5660982-3271992274-0&sw=/sw-check-permissions/4470214
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
df749e3c10fa3a1257f3e06c7b76ca16f536256c3d34e1101ce463edc600802d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oataltaul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-trace-id
36cd3880e338b79732a0d2ea59348662
date
Wed, 15 Jun 2022 17:10:53 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oataltaul.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
729
gstattag.js
cdntechone.com/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdntechone.com/gstattag.js
Requested by
Host: buzzonclick.com
URL: https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=9adf3308c7e26fd8e7fd124a752258c0&sub1=1658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0339166125e61052770ecda0ae09da20ec3da228a808eb4cbfbd8c9c86f7125e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oataltaul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 17:10:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6239
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 09 Jun 2022 09:25:01 GMT
server
cloudflare
etag
W/"62a1bc6d-c594"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCjqUOt1SmH0M5J5MRQYQ7TG8P2f21Ngwn29abGt1AIkfSZHSWmsVVlFOMnmmM%2Bf8zzUdeEDrCtuBnS7ylE3bBhTVGHRwPf9PQyp%2B6gArd7oOxCmioBiSUL%2F42rJ4c8mwGCm7sl%2BfZ6NS%2BYLEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
71bcebf82eaf9113-FRA
link
<https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdntechone.com
URL: https://cdntechone.com/gstattag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oataltaul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Jun 2022 17:10:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
9201708783524506288
vary
Accept-Encoding, Origin
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private, max-age=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Wed, 15 Jun 2022 17:10:53 GMT
pix.jpg
datatechone.com/ 		28 B
618 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/pix.jpg?cid=a3f99554-9d52-4f9c-a567-a3bfbc65840c
Requested by
Host: cdntechone.com
URL: https://cdntechone.com/gstattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Arnhem, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oataltaul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Wed, 15 Jun 2022 17:10:53 GMT
Server
nginx/1.19.10
Etag
9eb4a9e8-d6e5-42fa-a422-abe18c876b47
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://oataltaul.com
Access-Control-Expose-Headers
ETag
Cache-Control
private, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
28
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oataltaul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 17:10:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 15 Jun 2022 17:10:53 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		0
0
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oataltaul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 17:10:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 15 Jun 2022 17:10:53 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		0
0
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oataltaul.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 17:10:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 15 Jun 2022 17:10:53 GMT
add
datatechone.com/ir/ 		2 B
466 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/ir/add?cid=a3f99554-9d52-4f9c-a567-a3bfbc65840c
Requested by
Host: cdntechone.com
URL: https://cdntechone.com/gstattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Arnhem, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://oataltaul.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 15 Jun 2022 17:10:53 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://oataltaul.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
etag
datatechone.com/ 		2 B
466 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/etag?cid=a3f99554-9d52-4f9c-a567-a3bfbc65840c
Requested by
Host: cdntechone.com
URL: https://cdntechone.com/gstattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Arnhem, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://oataltaul.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 15 Jun 2022 17:10:53 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://oataltaul.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
add
datatechone.com/log/ 		2 B
466 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=a3f99554-9d52-4f9c-a567-a3bfbc65840c
Requested by
Host: cdntechone.com
URL: https://cdntechone.com/gstattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Arnhem, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://oataltaul.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 15 Jun 2022 17:10:53 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://oataltaul.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
add
datatechone.com/time_visit/ 		2 B
466 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/time_visit/add?cid=a3f99554-9d52-4f9c-a567-a3bfbc65840c
Requested by
Host: cdntechone.com
URL: https://cdntechone.com/gstattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.68.71 Arnhem, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://oataltaul.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 15 Jun 2022 17:10:53 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://oataltaul.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
Primary Request /
lowtyruntor.com/4/REVERSE/ 		966 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lowtyruntor.com/4/REVERSE/?var=5660982-3271992274-0&var3=$16553130521607688184152063365175060
Requested by
Host: oataltaul.com
URL: https://oataltaul.com/?l=02GYUEFO3sEAauR&s=$16553130521607688184152063365175060&z=5660982-3271992274-0&rdc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
5c5e4c0db3adb763042dacaeb91023288cb76f7ac79281303d86e21ddafcecf4

Request headers

Referer
https://oataltaul.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length
966
content-type
application/javascript
date
Wed, 15 Jun 2022 17:10:53 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
pragma
no-cache
server
nginx
timing-allow-origin
*
x-trace-id
89451e78341d7416e8d19e4d3c393856

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtm.js?id=GTM-MW8Z3NG
Domain
www.google.com
URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Domain
www.google.com
URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation

2 Cookies

Domain/Path Name / Value
my.rtmark.net/ Name: ID
Value: e4812858dc11433a9b185f8a7fc2cb6a
oataltaul.com/ Name: reverse
Value: iC65rbBK0pWea4AJgaI9IeGH-wynf724AqM5h-JguVY

1 Console Messages

Source Level URL
Text
network error URL: https://lowtyruntor.com/4/REVERSE/?var=5660982-3271992274-0&var3=$16553130521607688184152063365175060
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buzzonclick.com
cdntechone.com
datatechone.com
lowtyruntor.com
my.rtmark.net
oataltaul.com
pagead2.googlesyndication.com
polo.thegadgetguru.club
www.google.com
www.googletagmanager.com
yonhelioliskor.com
youtube.sj7.one
www.google.com
www.googletagmanager.com
139.45.195.8
139.45.197.155
139.45.197.237
139.45.197.251
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2008
2a06:98c1:3120::3
35.186.243.67
37.48.68.71
64.227.23.114
0339166125e61052770ecda0ae09da20ec3da228a808eb4cbfbd8c9c86f7125e
0e0619c2a8bcd155119fc2a8ba3b5abe9f9386563594f91081e2723764b533bf
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
3935fa05719f757141672586342a046e36b4430f31f54523b588029f3693f05f
3c72e06c040c15327faa313315f1d6f4b2c9159267051c3e173336efa4cd7a18
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
55b6c36f60b45033590e49c1f80c15811e8eb35526add37677bafaf1b56a0b4d
5c5e4c0db3adb763042dacaeb91023288cb76f7ac79281303d86e21ddafcecf4
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7
87e6ea9151ed6e5049b4d168421af04b61efdea74a5509f84e69266f2e42fb08
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
b64f3bf8889f5b5c747046c45ce484c3307d99532d9b6e84d57c5c2c830d08c1
df749e3c10fa3a1257f3e06c7b76ca16f536256c3d34e1101ce463edc600802d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855