urlscan.io logo urlscan.io
SecurityTrails logo

792a9db8.linkbooster.click Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://photo.jo6p.guru/q795nl85t
Effective URL: https://792a9db8.linkbooster.click/rc/736006a179?affclick=23D06213751A036399028631vXNh3&pubid=4515c
Submission: On April 06 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 15 domains to perform 15 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is 792a9db8.linkbooster.click.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 15th 2022. Valid for: a year.
This is the only time 792a9db8.linkbooster.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete Your_Full_Setup_Downloaded.zip 47 MB
Size: 47 MB (49360784 bytes, 0% done)
Downloaded from: https://cdn.discordapp.com/attachments/1092355605378904174/1093232121797152911/Your_Full_Setup_Downloaded.zip

Domain & IP information

IP Address AS Autonomous System
1 1 170.10.160.83 32748 (STEADFAST)
1 1 64.227.23.114 14061 (DIGITALOC...)
3 99.198.108.194 32475 (SINGLEHOP...)
2 3 51.68.85.158 16276 (OVH)
1 1 34.147.1.177 396982 (GOOGLE-CL...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 174.138.122.163 14061 (DIGITALOC...)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 34.91.234.242 396982 (GOOGLE-CL...)
1 1 51.161.115.163 16276 (OVH)
1 1 2604:9e00:1:1... 27257 (WEBAIR-IN...)
2 2 198.54.114.176 ()
1 162.159.129.233 ()
15 8
1    170.10.160.83 (United States)

ASN32748 (STEADFAST, US)
PTR: serverchat24.com
photo.jo6p.guru
1    64.227.23.114 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
polo.thegadgetguru.club
3    99.198.108.194 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
monkey.redirectmaster.com
3    51.68.85.158 (France)

ASN16276 (OVH, FR)
www.turbotrck.art
1    34.147.1.177 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 177.1.147.34.bc.googleusercontent.com
admoustache.media-412.com
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
yeah.achelous.mobi
2    2606:4700:3035::ac43:9efb (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    174.138.122.163 (Bengaluru, India)

ASN14061 (DIGITALOCEAN-ASN, US)
c.adups.app
4    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
792a9db8.linkbooster.click
1    34.91.234.242 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 242.234.91.34.bc.googleusercontent.com
track.gositego.live
1    51.161.115.163 (Canada)

ASN16276 (OVH, FR)
PTR: ns572483.ip-51-161-115.net
t3.blowingwnd.com
1    2604:9e00:1:129::2:b2a (United States)

ASN27257 (WEBAIR-INTERNET, US)
go.c4ptainn3lson.xyz
2    198.54.114.176 (None, )

ASN- ()
shadowgarden.info
1    162.159.129.233 (None, )

ASN- ()
cdn.discordapp.com
Apex Domain
Subdomains		 Transfer
4 linkbooster.click
792a9db8.linkbooster.click
18 KB
3 turbotrck.art
www.turbotrck.art
6 KB
3 redirectmaster.com
monkey.redirectmaster.com
7 KB
2 shadowgarden.info
shadowgarden.info
450 B
2 addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 767498
2 KB
2 achelous.mobi
yeah.achelous.mobi
2 KB
1 discordapp.com
cdn.discordapp.com
1 c4ptainn3lson.xyz
go.c4ptainn3lson.xyz — Cisco Umbrella Rank: 81210
205 B
1 blowingwnd.com
t3.blowingwnd.com — Cisco Umbrella Rank: 98500
375 B
1 gositego.live
track.gositego.live — Cisco Umbrella Rank: 90460
292 B
1 adups.app
c.adups.app
414 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1030
6 KB
1 media-412.com
admoustache.media-412.com
270 B
1 thegadgetguru.club
polo.thegadgetguru.club
295 B
1 jo6p.guru
photo.jo6p.guru
338 B
15 15
Domain Requested by
4 792a9db8.linkbooster.click yeah.achelous.mobi
monkey.redirectmaster.com
792a9db8.linkbooster.click
3 www.turbotrck.art 2 redirects monkey.redirectmaster.com
3 monkey.redirectmaster.com monkey.redirectmaster.com
2 shadowgarden.info 2 redirects
2 cdn.addlnk.com yeah.achelous.mobi
792a9db8.linkbooster.click
2 yeah.achelous.mobi www.turbotrck.art
static.cloudflareinsights.com
1 cdn.discordapp.com 792a9db8.linkbooster.click
1 go.c4ptainn3lson.xyz 1 redirects
1 t3.blowingwnd.com 1 redirects
1 track.gositego.live 1 redirects
1 c.adups.app 1 redirects
1 static.cloudflareinsights.com yeah.achelous.mobi
1 admoustache.media-412.com 1 redirects
1 polo.thegadgetguru.club 1 redirects
1 photo.jo6p.guru 1 redirects
15 15

This site contains links to these domains. Also see Links.

Domain
track.gositego.live
Subject Issuer Validity Valid
monkey.redirectmaster.com
R3		 2023-03-25 -
2023-06-23		 3 months crt.sh
www.turbotrck.art
R3		 2023-02-28 -
2023-05-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-16 -
2023-05-16		 a year crt.sh

This page contains 2 frames:

Frame: https://cdn.discordapp.com/attachments/1092355605378904174/1093232121797152911/Your_Full_Setup_Downloaded.zip
Frame ID: E9A9AE4476A6119EA0324B8FF7E65D69
Requests: 12 HTTP requests in this frame

Frame: https://792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=7b3b494489c8372e
Frame ID: 0363F4F27AFCE75FD9C9312C2AE8BC06
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading....

Page URL History Show full URLs

  1. https://photo.jo6p.guru/q795nl85t HTTP 302
    https://polo.thegadgetguru.club/?k=01184a255431147aae983f34f3ab16b4&type=mainstream&subtype=global HTTP 302
    https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
  2. https://monkey.redirectmaster.com/?utm_term=7218969301577891919&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
  3. https://monkey.redirectmaster.com/proc.php?6039770a99a42a0f6790da09d6a1d06bacffe1eb Page URL
  4. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7218969301577891919&website... Page URL
  5. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7218969301577891919&website... HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7218969301577891919&website... HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000f28b1f704013929803afeaa5793... HTTP 302
    https://yeah.achelous.mobi/rc/a91581ead4?affclick=642eee562aba9c0001cfe44d&pubid=503 Page URL
  6. https://c.adups.app/36399?click=pubb916359e39b04b5f8e6ab6c8513a1078&pubid=898005da HTTP 302
    https://792a9db8.linkbooster.click/rc/736006a179?affclick=23D06213751A036399028631vXNh3&pubid=4515c Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

15
Requests

93 %
HTTPS

33 %
IPv6

15
Domains

15
Subdomains

8
IPs

5
Countries

40 kB
Transfer

76 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://photo.jo6p.guru/q795nl85t HTTP 302
    https://polo.thegadgetguru.club/?k=01184a255431147aae983f34f3ab16b4&type=mainstream&subtype=global HTTP 302
    https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
  2. https://monkey.redirectmaster.com/?utm_term=7218969301577891919&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
  3. https://monkey.redirectmaster.com/proc.php?6039770a99a42a0f6790da09d6a1d06bacffe1eb Page URL
  4. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7218969301577891919&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
  5. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7218969301577891919&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=0a55a90377a728b90307bc05047c9bf5&eyer=0.20543740275966527&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7218969301577891919&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.20543740275966527&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000f28b1f704013929803afeaa5793e11d70406-202304-flb*5564921-b2be6*M7218969301577891919*sl_5564921-b2be6*2dc26caa8d18421867698a941975c5bf029b0b3b*4400-bd34abaz*4400 HTTP 302
    https://yeah.achelous.mobi/rc/a91581ead4?affclick=642eee562aba9c0001cfe44d&pubid=503 Page URL
  6. https://c.adups.app/36399?click=pubb916359e39b04b5f8e6ab6c8513a1078&pubid=898005da HTTP 302
    https://792a9db8.linkbooster.click/rc/736006a179?affclick=23D06213751A036399028631vXNh3&pubid=4515c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://photo.jo6p.guru/q795nl85t HTTP 302
  • https://polo.thegadgetguru.club/?k=01184a255431147aae983f34f3ab16b4&type=mainstream&subtype=global HTTP 302
  • https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Request Chain 4
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7218969301577891919&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=0a55a90377a728b90307bc05047c9bf5&eyer=0.20543740275966527&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7218969301577891919&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.20543740275966527&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=monkey.redirectmaster.com HTTP 302
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000f28b1f704013929803afeaa5793e11d70406-202304-flb*5564921-b2be6*M7218969301577891919*sl_5564921-b2be6*2dc26caa8d18421867698a941975c5bf029b0b3b*4400-bd34abaz*4400 HTTP 302
  • https://yeah.achelous.mobi/rc/a91581ead4?affclick=642eee562aba9c0001cfe44d&pubid=503
Request Chain 12
  • https://track.gositego.live/sl?id=6372315a14cb732daa6b203e&pid=930&sub1=pubd9c9f30f2add40009fb4ac7bed3d2283&sub2=fe5cca98_4515c HTTP 302
  • https://t3.blowingwnd.com/p.php?p=c:8pnojh5wwryg9ycmq&d=61b86bb2caff0c3520644fec&pid=CLICKID&s=SUBID&pid=642eee585ad2dd0001e392eb&s=930_fe5cca98_4515c HTTP 302
  • https://go.c4ptainn3lson.xyz/redirect?feed=488122&url=t3.blowingwnd.com&subid=custom_11w3ld3hrv.de.windows.chrome&query=930_fe5cca98_4515c&pub_clickid=642eee580819ce24ae3ef3c3 HTTP 302
  • http://shadowgarden.info/ HTTP 301
  • https://shadowgarden.info/ HTTP 301
  • https://cdn.discordapp.com/attachments/1092355605378904174/1093232121797152911/Your_Full_Setup_Downloaded.zip

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
monkey.redirectmaster.com/
Redirect Chain
  • https://photo.jo6p.guru/q795nl85t
  • https://polo.thegadgetguru.club/?k=01184a255431147aae983f34f3ab16b4&type=mainstream&subtype=global
  • https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 06 Apr 2023 16:07:49 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://monkey.redirectmaster.com/?utm_term=7218969301577891919&ver=4viyaptcjo
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 06 Apr 2023 16:07:49 GMT
Location
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Server
nginx/1.16.1 (Ubuntu)
/
monkey.redirectmaster.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://monkey.redirectmaster.com/?utm_term=7218969301577891919&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by
Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
5a2e13c3552dd04736704081594944a5df69fd7177e55ec39927512c7b88f244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Referer
https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 06 Apr 2023 16:07:49 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
proc.php
monkey.redirectmaster.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://monkey.redirectmaster.com/proc.php?6039770a99a42a0f6790da09d6a1d06bacffe1eb
Requested by
Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_term=7218969301577891919&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
99.198.108.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Referer
https://monkey.redirectmaster.com/?utm_term=7218969301577891919&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 06 Apr 2023 16:07:50 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7218969301577891919&website=4400-bd34abaz&placement=4400
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
www.turbotrck.art/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7218969301577891919&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by
Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/proc.php?6039770a99a42a0f6790da09d6a1d06bacffe1eb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.85.158 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://monkey.redirectmaster.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Thu, 06 Apr 2023 16:07:50 GMT
Transfer-Encoding
chunked
a91581ead4
yeah.achelous.mobi/rc/
Redirect Chain
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7218969301577891919&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858...
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7218969301577891919&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858...
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000f28b1f704013929803afeaa5793e11d70406-202304-flb*5564921-b2be6*M7218969301577891919*sl_5564921-b2be6*2dc26caa8d1842...
  • https://yeah.achelous.mobi/rc/a91581ead4?affclick=642eee562aba9c0001cfe44d&pubid=503
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yeah.achelous.mobi/rc/a91581ead4?affclick=642eee562aba9c0001cfe44d&pubid=503
Requested by
Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7218969301577891919&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e5fdac0e3fb115de07c4acbe988176054ca7ca7270e9ecbff9b914e1a777a97

Request headers

Referer
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7218969301577891919&website=4400-bd34abaz&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b3b493c89699223-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Thu, 06 Apr 2023 16:07:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xdm32G0GO0z%2FUC1SbQI6CC4XtKhARzFrmDajFGh%2BWO9LHoyTwjWK0fcvA7PKOvjX%2BS3w4aJTM%2BERTDWX5M%2FChGzBC%2B8HLiGBMWqW3hplG7ohKuBElU0uZGqW5d1uzqQt0E6ZH9p6QbUjGlJVr20shk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Thu, 06 Apr 2023 16:07:50 GMT
location
https://yeah.achelous.mobi/rc/a91581ead4?affclick=642eee562aba9c0001cfe44d&pubid=503
referer
referrer-policy
no-referrer
server
nginx
x-adjust-use-original-forwarded-for
1
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: yeah.achelous.mobi
URL: https://yeah.achelous.mobi/rc/a91581ead4?affclick=642eee562aba9c0001cfe44d&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 16:07:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KPYPMKR87WVDDR5G
age
3043
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
sdyeyOjO4qADE8twISrwU7928cky8WpEvqOoYxcGfmLM5QiMKH15++pL4Vm7UxnFSSwxMSTIZIo=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVYQuDce2vZHVoObvC2%2FHhoADE7SL1pXrGLERwM2lfE%2BTwfeRVJd8hYt1FbXGVAbQVYFyourihKSIheWppwXFpfPQ3WnU3BE33OdAX4i00uD4w49hKKAgm8M%2BOCUZORxUNX53Fba0QDWnTdAHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7b3b493dce5c9a09-FRA
vb26e4fa9e5134444860be286fd8771851679335129114
static.cloudflareinsights.com/beacon.min.js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114
Requested by
Host: yeah.achelous.mobi
URL: https://yeah.achelous.mobi/rc/a91581ead4?affclick=642eee562aba9c0001cfe44d&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4ef73601a6552d55503bcbd9b6cd23fc0c33fa075f8efe724cddd4e3ee55542

Request headers

Referer
Origin
https://yeah.achelous.mobi
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 16:07:50 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2023 17:58:49 GMT
server
cloudflare
etag
W/2023.3.0
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7b3b493dac143668-FRA
rum
yeah.achelous.mobi/cdn-cgi/ 		0
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yeah.achelous.mobi/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type
application/json

Response headers

date
Thu, 06 Apr 2023 16:07:50 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://yeah.achelous.mobi
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7b3b493e1b2b9223-FRA
Primary Request 736006a179
792a9db8.linkbooster.click/rc/
Redirect Chain
  • https://c.adups.app/36399?click=pubb916359e39b04b5f8e6ab6c8513a1078&pubid=898005da
  • https://792a9db8.linkbooster.click/rc/736006a179?affclick=23D06213751A036399028631vXNh3&pubid=4515c
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://792a9db8.linkbooster.click/rc/736006a179?affclick=23D06213751A036399028631vXNh3&pubid=4515c
Requested by
Host: yeah.achelous.mobi
URL: https://yeah.achelous.mobi/rc/a91581ead4?affclick=642eee562aba9c0001cfe44d&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e1b8c5840686d7656286934c751ff6b116df59c41dbac74a4d6d0fb47581d0f

Request headers

Referer
https://yeah.achelous.mobi/rc/a91581ead4?affclick=642eee562aba9c0001cfe44d&pubid=503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b3b494489c8372e-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Thu, 06 Apr 2023 16:07:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRjfGxn%2FmMJcR0Qp8pft%2BmVEqbKqbmTjHTUDj%2BBy5i8WHTDaU2%2F7VsDQzXORk5wAflrWTfGdfQj7YDs3cg9%2F1P01PXSJyOdLkd97Hj459fl61fJWLryCdNfAjZYWeaiilgPHdryiEgJVm44cxZaKOrLs4%2BT0ibxZyA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-length
250
content-type
text/html; charset=utf-8
date
Thu, 06 Apr 2023 16:07:51 GMT
expires
0
location
https://792a9db8.linkbooster.click/rc/736006a179?affclick=23D06213751A036399028631vXNh3&pubid=4515c
pragma
no-cache
surrogate-control
no-store
vary
Accept, Accept-Encoding
x-powered-by
Express
rum
yeah.achelous.mobi/cdn-cgi/ 		0
0
redirect.css
cdn.addlnk.com/ 		1 KB
705 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: 792a9db8.linkbooster.click
URL: https://792a9db8.linkbooster.click/rc/736006a179?affclick=23D06213751A036399028631vXNh3&pubid=4515c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 16:07:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KPYPMKR87WVDDR5G
age
3044
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
sdyeyOjO4qADE8twISrwU7928cky8WpEvqOoYxcGfmLM5QiMKH15++pL4Vm7UxnFSSwxMSTIZIo=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMKmW9RAZV009A39zut8LcQtmcuikD75FY61d6MDtgbqfHbSkZs5qPFUeNBLXE9XdA5Y8w4k6s9DrgCw2kyQRLDcUFuDz9gNAwAMV1vs2MZ8jKvRJaRMZ5MNYxu1KoexlcF3lyaL3omh67jBYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7b3b494578319a09-FRA
invisible.js
792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/scripts/cb/ Frame 0363 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=7b3b494489c8372e
Requested by
Host: monkey.redirectmaster.com
URL: https://monkey.redirectmaster.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
899b8e5a5573fd5480d853c15cdd54486614fe89d0d7fcbf346fe50ea5cabdb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 16:07:51 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESqUN8L%2FfUyE%2BCxS5vdYwVq40kzLhR5s5TGbODYDvulgegOITP6GnVqFe2dl1gaUrkzQeIT99reqFCBpDZyXUKW0WiFKQvPfnzddtqWUJMCpiwzTb%2FUD%2BMob2iuqwNt2Uga8hmpRGyqvF0hvcSFuoX4u7d50vuqlnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7b3b4945fc51372e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/scripts/ Frame 0363 		7 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06e720c964222f64ef9d06ebe7b31c4f92406741aa9b7d7ace63b8aae533c721

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 16:07:52 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjYQ0byrT%2FD3w3fX%2BSurXv9429ccH0FfMzw4tAu%2BaqUSJjS2cmwbe%2BFrpHTxMlFW2%2FFnrJ2cBWN0fS9uoqjjalh%2F87jQlAIUyCXbSDCT32JStIu8x2ZqYgVEF17pRw%2BWis4PdjHlA5kv7Zvt5xh1mjdyyTSUJV7Y3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7b3b494648815b5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Your_Full_Setup_Downloaded.zip
cdn.discordapp.com/attachments/1092355605378904174/1093232121797152911/
Redirect Chain
  • https://track.gositego.live/sl?id=6372315a14cb732daa6b203e&pid=930&sub1=pubd9c9f30f2add40009fb4ac7bed3d2283&sub2=fe5cca98_4515c
  • https://t3.blowingwnd.com/p.php?p=c:8pnojh5wwryg9ycmq&d=61b86bb2caff0c3520644fec&pid=CLICKID&s=SUBID&pid=642eee585ad2dd0001e392eb&s=930_fe5cca98_4515c
  • https://go.c4ptainn3lson.xyz/redirect?feed=488122&url=t3.blowingwnd.com&subid=custom_11w3ld3hrv.de.windows.chrome&query=930_fe5cca98_4515c&pub_clickid=642eee580819ce24ae3ef3c3
  • http://shadowgarden.info/
  • https://shadowgarden.info/
  • https://cdn.discordapp.com/attachments/1092355605378904174/1093232121797152911/Your_Full_Setup_Downloaded.zip
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.discordapp.com/attachments/1092355605378904174/1093232121797152911/Your_Full_Setup_Downloaded.zip
Requested by
Host: 792a9db8.linkbooster.click
URL: https://792a9db8.linkbooster.click/rc/736006a179?affclick=23D06213751A036399028631vXNh3&pubid=4515c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.129.233 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://792a9db8.linkbooster.click/rc/736006a179?affclick=23D06213751A036399028631vXNh3&pubid=4515c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
78269
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=31536000
cf-cache-status
HIT
cf-ray
7b3b4959ed6f30d0-FRA
content-disposition
attachment; filename="Your_Full_Setup_Downloaded.zip"
content-length
49360784
content-type
application/zip
date
Thu, 06 Apr 2023 16:07:55 GMT
etag
"43ef5c097b8245edcfa10446205cb4a7"
expires
Fri, 05 Apr 2024 16:07:55 GMT
last-modified
Wed, 05 Apr 2023 17:54:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLx9B2%2B86mghM9H%2FyGrkx%2F%2FODFh1NPUNkR2ly%2B8PmGkKmBy3oTOPD8thEiyE%2FW02FUZlSAEV8sHAiFJCFf%2FZZkdPI9%2FOKDXnqAEsQZgwUcZ%2BZzZUNRRWXcxvMXR9ZKgJ2jA%2BFw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1680717249193681
x-goog-hash
crc32c=3PdHkA== md5=Q+9cCXuCRe3PoQRGIFy0pw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
49360784
x-guploader-uploadid
ADPycdvwqK9Kd-5i3foKMaUY1WcSazu4bZL6s1HX2zNEnwG3C_8KnPj8kPR3QWCjPKqXkNWkaeFiuQh_epoRwvF1qK-wOg
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp

Redirect headers

content-length
707
content-type
text/html
date
Thu, 06 Apr 2023 16:07:55 GMT
location
https://cdn.discordapp.com/attachments/1092355605378904174/1093232121797152911/Your_Full_Setup_Downloaded.zip
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
7b3b494489c8372e
792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 0363 		2 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/cv/result/7b3b494489c8372e
Requested by
Host: 792a9db8.linkbooster.click
URL: https://792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=7b3b494489c8372e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 06 Apr 2023 16:07:52 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UefTDRkglFiACuXbDK2kFN58qmix1QV120NRuR9R8dKsnkr%2BCI0g2TkDsC3DgJHA9e%2Ff%2BTaC47I5OO9GGRwoNvKuCa1F46FjVwRMqNLJYGVDXBmOaPROzTlfHb19gE%2FCbafvE4H6tFSQbHioEu4sR8NeFWJ22RylXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7b3b49499b985b5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
yeah.achelous.mobi
URL
https://yeah.achelous.mobi/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

6 Cookies

Domain/Path Name / Value
monkey.redirectmaster.com/ Name: u
Value: 55f4512708bb8f40b3258da2d1a96849
admoustache.media-412.com/ Name: afclick
Value: 642eee562aba9c0001cfe44d
yeah.achelous.mobi/ Name: AWSALB
Value: rcQkGL+unaTGVOY2FxfM3dKWfgqtFd34VUX5SnDbwu9GdTHCYy0xvQVMjv8hrvK4ixyGXp/+LE+b2Ipz/2/0UJlToHoUseWTs0PFmoIY05isTQK+D2XpaJFZu5Gm
792a9db8.linkbooster.click/ Name: AWSALB
Value: d7QR2K7ebZLs45wJRi6NfXk2SuSDD1HN9u/pOucCCVAlArCQQQ45aacz0ZK0pEzZW3wOyrSsuUULvZbAJFl5s+Ph5Av9mfRpoMIn7p9zM7dmMSVw6R19541oT+vp
track.gositego.live/ Name: afclick
Value: 642eee585ad2dd0001e392eb
.linkbooster.click/ Name: __cf_bm
Value: dzr47kVIed2a4PmjQH_CQhc0Ctgjj3H.w5mLxK2prgQ-1680797272-0-ATlWdTPy0Vm9mkbCo0n0IgB9iq0n7i1uPkazo9KXd3BDlw80Z8ld0P+QLzPQpNoQRj/85wZQYIMynMk1IAJdg/W/M1gu/1RcU8PTeKeSXyGKXe2nbw/8qY5ZwwIiHsvKiw==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains