stvkr.com Open in urlscan Pro
212.32.251.44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paramountpluse.co/
Effective URL:
https://stvkr.com/click-GQRLPMHZ-HFDQCOA9?bt=25&tl=1&sa=98715371-6fcd-4472-970f-e93601ba5c25&sa2=60910da1d915b81f2...
Submission: On April 04 via api (April 4th 2022, 5:16:52 pm UTC) from US — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 4 countries across 6 domains to perform 8 HTTP transactions. The main IP is 212.32.251.44, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is stvkr.com. The Cisco Umbrella rank of the primary domain is 130815.
TLS certificate: Issued by R3 on March 12th 2022. Valid for: 3 months.

This is the only time stvkr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	103.224.182.210 103.224.182.210	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 5	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 1	78.46.197.88 78.46.197.88	24940 (HETZNER-AS) (HETZNER-AS)
2	157.90.169.168 157.90.169.168	24940 (HETZNER-AS) (HETZNER-AS)
1 1	104.248.96.70 104.248.96.70	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 3	212.32.251.44 212.32.251.44	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
8	3

2 103.224.182.210 (Australia) 2 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-210.above.com

paramountpluse.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.224.182.206 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

1redirc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.197.88 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de

clever-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.169.168 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de

lookandfind.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.248.96.70 (Singapore, Singapore) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

ir3.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.32.251.44 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

stvkr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	1redirc.com 1 redirects 1redirc.com — Cisco Umbrella Rank: 328999	8 KB
3	stvkr.com 1 redirects stvkr.com — Cisco Umbrella Rank: 130815	3 KB
2	lookandfind.me lookandfind.me — Cisco Umbrella Rank: 973954	811 B
2	paramountpluse.co 2 redirects paramountpluse.co	1 KB
1	ir3.xyz 1 redirects ir3.xyz — Cisco Umbrella Rank: 140391	863 B
1	clever-redirect.com 1 redirects clever-redirect.com	433 B
8	6

	Domain	Requested by
5	1redirc.com	1 redirects 1redirc.com
3	stvkr.com	1 redirects lookandfind.me stvkr.com
2	lookandfind.me	1redirc.com
2	paramountpluse.co	2 redirects
1	ir3.xyz	1 redirects
1	clever-redirect.com	1 redirects
8	6

This site contains no links.

Subject Issuer	Validity	Valid
lookandfind.me R3	`2022-03-03` - `2022-06-01`	3 months	crt.sh
stvkr.com R3	`2022-03-12` - `2022-06-10`	3 months	crt.sh

This page contains 1 frames:

Frame: https://stvkr.com/blank-page?rfr=NNNNS+fhcApNO9IAl9SYmZgWF8kBm8/Wm9sFgvtcXFwYNjVNNNNNNNvYUj==
Frame ID: EDDE956315CDAEDFD23E113522C8684B
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://paramountpluse.co/ HTTP 302
https://paramountpluse.co/ HTTP 302
http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDawolKH9ZWgyP12HCd%2FeUiho0IGxgnnXRAz7bUAHVyjI... Page URL
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D62634... HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=626345476&sid=20220405031647809dc9845d4ce13a65 HTTP 302
https://lookandfind.me/s/a?t=6&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=goldenshine.watch&s1=721614... Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Fir3.xyz%2F61d6d1c37c0fb%3Fp1%3D5ca675e800f3fc91fe0c1bc50... Page URL
https://ir3.xyz/61d6d1c37c0fb?p1=5ca675e800f3fc91fe0c1bc5010ec398&p2=DE HTTP 302
https://stvkr.com/click-GQRLPMHZ-HFDQCOA9?bt=25&tl=1&sa=98715371-6fcd-4472-970f-e93601ba5c25&s... Page URL

Detected technologies

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Page Statistics

8
Requests

50 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

3
IPs

4
Countries

10 kB
Transfer

18 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paramountpluse.co/ HTTP 302
https://paramountpluse.co/ HTTP 302
http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDawolKH9ZWgyP12HCd%2FeUiho0IGxgnnXRAz7bUAHVyjIivOyGeK9P9A1rlF6vM1IPdARsopNMoUjtzMxQdbxmQ%2F388cjSfJ6pw7GUhDfigZyPwgHh0LMDKLGTnyqRFvObxztqN511HPnlEnHpzxzDJ3%2FRYICNJz46VWK8%2FtOL1%2BpH8W7goD%2Bargci6Ipqy%2FjyhA2gBe4%2FM758soqmI%2FV%2BewckWWbVCCnM546%2BXOmAvnvIJwJwIEW1ea2Zy%2FFI3%2BY%2BH%2B%2FgXNZ2XWOop9vmf64SOyNAxnNLQ05koFqVZl%2BYmCxW7EQBNx7pfVYjnrLgNsc9bTt5iIa8%2Bn2jynZsZ85H%2BM0AOp7dRvpk5I8F2l%2BdvUL29ZtjjxudGK7ZI5cKVFJ9VmAgrlRTZg8ZVdeeDeFZouYy2ZB5O2Uikc%2FIFaEGzVd5bXaI87onkckdLHmqWnxczBoM2M3b7yw2cTwa3PmRqwldE1OC%2FSBiyWrxXo3%2BkV8esNkHMaG8%2BAZB%2BsrIJX0GGTkXXyI%2F%2Fn2M%2BIKyL1wNpdtbUyaiPaQEb725L0QU8vmy1DC8zDKWxjN8ZXqEBZ1lfzm7O8IuJJc3pwyzzHRaVw2Uvt%2FZLBKhSX5UYUqS01w6oITmZ3tIIJ0i%2F28oi09ghR1FtqChm3k5Kuwr%2BTA7%2FlfJr5S65xYs3co9Gy%2F5634%2FHKrWk9TkNg5yUaVwzjNv2uN4Zu0kfTjTMhHOLdTp%2B3ckoJmUEdPE4Oz6m0PfEi Page URL
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D626345476%26sid%3D20220405031647809dc9845d4ce13a65&s=j&enc=R1NPZU1KV0ZuWWsxVWx1ek53amk5SDQ5ZmxaR1ZrbHpNSFJyS3pNMllYTTJaSGRrVGpkQlJUVk1SRVJFYlRjMEt6TlpiamQxUTFaMGFHbFRSMGhhVjI1NFoyMHJLMWNyYVM5TWRqWXdXbEpXT0dRdlNEQnZUMUpRYldOWGNIQTNaV1V6VW1oSFZVeDFiVmQ0Y3k5UldFUlplSFpHU0RKclltNUhNRzVyWjFacGMxQnVlRmgzUWxWMFdHb3ZObUkyU2xWV2NXWndibWgxUkRsS2IzaFpTbWRhUlhJek4wcFFRbkJFUm1aRFQwUldZM1YxTDNORVFsbGpNekJNUzAwMGRDOURZMDR5YjBOeFkwZFJNMjVZZW04ek5DOTFSekIyWVdsaWRWTlNkalpGU0hrcmFrRXlVV0ZFVjNWVFFURTFhRVJvUTFGWVRUTjVObEZDZUU1YVRsbzNieXMzYkU0NVNscHRRa0V5TjNBMWN6TmFjMjh6ZUVwb1ZVeGxkblZ2U1dKa1IxVlhhbUpLWkVFelZEUkVSMGxVVGpCdlIxVk1PVU5sVG5vNFFVVlpSVkkyUlcwMmF6ZDNWWFprY1ZGVmVGWjVPRWx5ZGtRMWIzZHBiRVZrVVhocWNscEZVbXRpVFVabGRFNTJNbUZYUjBaRk1EZGxkRnBwV0hkR1ZrVlhWbmQwZFU5UFZuZFZjVVZVWVVkSlJHc3pkbFJ4VlRFcldWcHRjVnB4UVdGSmRFcFFaa3hPZEV4NldUVm5jRlo2S3pOdlpWZHBTU3MxUlZoTlVXUnFaaXMxWWxKSVZ6WlBlbGhZVTFCRmRYQlZXbWhVYVVWa1drWmFSMWhMVlM5TldVZ3pNblZrSzJwRlJrczBSVU5tTWpKUlNXRkViVFJTTmxaYWVHOTNRblZ4VTFFNU1sUmFkbk5DY0daSGNWZEVhblZsVDBrNFJrOVNXbVZtYlROb2QyeFZkRGhOT0hwTlpFUkdOMUJCZFhjME16azNTMVJpUVM5TVpXRkdhMDlLVFRCQ01GQTJlbWdyVWtsWWNXTTNWMXByY3pGbVJtZDROblJKTHpoa1JFNTJWR05EVlZoU1lVSTFOSGRFTmpneFdHdFljbXBNV0dZcmNERmtkR3BVVGxZMmFEaFFTblZvVURGeFUybDRXVFZRWVVGaFJWa3ZjbGxKVkVSWlprMUxaMU5wWjFoaVNtRktRbTF3YzJJeU1rSkljVTF0ZUZNeFVrVXhTQ3RYUVc0NGJFbDJURXhMVFZndk16aDRUR1JJWldaTFVqUXJhWEJGWlhKS1duRnNhMk5aZUhwS2FsRnZUVU0zUnpSWE5sVmFOSFZ3TDB4NlpHNXVaMmQ0Ym1zdmJVNUJhV1JKVkhKMlZ6QkRlbWxMYm01cWVXVnVhRTFITURaamMyVktWMnh5WVdKdUwyZGtNR1JqZWtaS1IyeE5hRGhIV0VaM1JtRlBaemhQUW1aMGIza3ZabTFzYVhKT2FVMXphVUZvT1d4bU9HdGtVV3cyVDBGbVdtcFRVMUZvVmxWdE16Um9jMmxLUWpRM1EydFBhVE5PVDFONFl5czNSbUpWUzI1M1BRPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=626345476&sid=20220405031647809dc9845d4ce13a65 HTTP 302
https://lookandfind.me/s/a?t=6&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=goldenshine.watch&s1=721614&s2=&s3=626345476&s5=wc Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Fir3.xyz%2F61d6d1c37c0fb%3Fp1%3D5ca675e800f3fc91fe0c1bc5010ec398%26p2%3DDE&h=4d602a637599d06e0f50a5481dc3df67 Page URL
https://ir3.xyz/61d6d1c37c0fb?p1=5ca675e800f3fc91fe0c1bc5010ec398&p2=DE HTTP 302
https://stvkr.com/click-GQRLPMHZ-HFDQCOA9?bt=25&tl=1&sa=98715371-6fcd-4472-970f-e93601ba5c25&sa2=60910da1d915b81f2932b7a1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://paramountpluse.co/ HTTP 302
https://paramountpluse.co/ HTTP 302
http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDawolKH9ZWgyP12HCd%2FeUiho0IGxgnnXRAz7bUAHVyjIivOyGeK9P9A1rlF6vM1IPdARsopNMoUjtzMxQdbxmQ%2F388cjSfJ6pw7GUhDfigZyPwgHh0LMDKLGTnyqRFvObxztqN511HPnlEnHpzxzDJ3%2FRYICNJz46VWK8%2FtOL1%2BpH8W7goD%2Bargci6Ipqy%2FjyhA2gBe4%2FM758soqmI%2FV%2BewckWWbVCCnM546%2BXOmAvnvIJwJwIEW1ea2Zy%2FFI3%2BY%2BH%2B%2FgXNZ2XWOop9vmf64SOyNAxnNLQ05koFqVZl%2BYmCxW7EQBNx7pfVYjnrLgNsc9bTt5iIa8%2Bn2jynZsZ85H%2BM0AOp7dRvpk5I8F2l%2BdvUL29ZtjjxudGK7ZI5cKVFJ9VmAgrlRTZg8ZVdeeDeFZouYy2ZB5O2Uikc%2FIFaEGzVd5bXaI87onkckdLHmqWnxczBoM2M3b7yw2cTwa3PmRqwldE1OC%2FSBiyWrxXo3%2BkV8esNkHMaG8%2BAZB%2BsrIJX0GGTkXXyI%2F%2Fn2M%2BIKyL1wNpdtbUyaiPaQEb725L0QU8vmy1DC8zDKWxjN8ZXqEBZ1lfzm7O8IuJJc3pwyzzHRaVw2Uvt%2FZLBKhSX5UYUqS01w6oITmZ3tIIJ0i%2F28oi09ghR1FtqChm3k5Kuwr%2BTA7%2FlfJr5S65xYs3co9Gy%2F5634%2FHKrWk9TkNg5yUaVwzjNv2uN4Zu0kfTjTMhHOLdTp%2B3ckoJmUEdPE4Oz6m0PfEi

Request Chain 4

http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D626345476%26sid%3D20220405031647809dc9845d4ce13a65&s=j&enc=R1NPZU1KV0ZuWWsxVWx1ek53amk5SDQ5ZmxaR1ZrbHpNSFJyS3pNMllYTTJaSGRrVGpkQlJUVk1SRVJFYlRjMEt6TlpiamQxUTFaMGFHbFRSMGhhVjI1NFoyMHJLMWNyYVM5TWRqWXdXbEpXT0dRdlNEQnZUMUpRYldOWGNIQTNaV1V6VW1oSFZVeDFiVmQ0Y3k5UldFUlplSFpHU0RKclltNUhNRzVyWjFacGMxQnVlRmgzUWxWMFdHb3ZObUkyU2xWV2NXWndibWgxUkRsS2IzaFpTbWRhUlhJek4wcFFRbkJFUm1aRFQwUldZM1YxTDNORVFsbGpNekJNUzAwMGRDOURZMDR5YjBOeFkwZFJNMjVZZW04ek5DOTFSekIyWVdsaWRWTlNkalpGU0hrcmFrRXlVV0ZFVjNWVFFURTFhRVJvUTFGWVRUTjVObEZDZUU1YVRsbzNieXMzYkU0NVNscHRRa0V5TjNBMWN6TmFjMjh6ZUVwb1ZVeGxkblZ2U1dKa1IxVlhhbUpLWkVFelZEUkVSMGxVVGpCdlIxVk1PVU5sVG5vNFFVVlpSVkkyUlcwMmF6ZDNWWFprY1ZGVmVGWjVPRWx5ZGtRMWIzZHBiRVZrVVhocWNscEZVbXRpVFVabGRFNTJNbUZYUjBaRk1EZGxkRnBwV0hkR1ZrVlhWbmQwZFU5UFZuZFZjVVZVWVVkSlJHc3pkbFJ4VlRFcldWcHRjVnB4UVdGSmRFcFFaa3hPZEV4NldUVm5jRlo2S3pOdlpWZHBTU3MxUlZoTlVXUnFaaXMxWWxKSVZ6WlBlbGhZVTFCRmRYQlZXbWhVYVVWa1drWmFSMWhMVlM5TldVZ3pNblZrSzJwRlJrczBSVU5tTWpKUlNXRkViVFJTTmxaYWVHOTNRblZ4VTFFNU1sUmFkbk5DY0daSGNWZEVhblZsVDBrNFJrOVNXbVZtYlROb2QyeFZkRGhOT0hwTlpFUkdOMUJCZFhjME16azNTMVJpUVM5TVpXRkdhMDlLVFRCQ01GQTJlbWdyVWtsWWNXTTNWMXByY3pGbVJtZDROblJKTHpoa1JFNTJWR05EVlZoU1lVSTFOSGRFTmpneFdHdFljbXBNV0dZcmNERmtkR3BVVGxZMmFEaFFTblZvVURGeFUybDRXVFZRWVVGaFJWa3ZjbGxKVkVSWlprMUxaMU5wWjFoaVNtRktRbTF3YzJJeU1rSkljVTF0ZUZNeFVrVXhTQ3RYUVc0NGJFbDJURXhMVFZndk16aDRUR1JJWldaTFVqUXJhWEJGWlhKS1duRnNhMk5aZUhwS2FsRnZUVU0zUnpSWE5sVmFOSFZ3TDB4NlpHNXVaMmQ0Ym1zdmJVNUJhV1JKVkhKMlZ6QkRlbWxMYm01cWVXVnVhRTFITURaamMyVktWMnh5WVdKdUwyZGtNR1JqZWtaS1IyeE5hRGhIV0VaM1JtRlBaemhQUW1aMGIza3ZabTFzYVhKT2FVMXphVUZvT1d4bU9HdGtVV3cyVDBGbVdtcFRVMUZvVmxWdE16Um9jMmxLUWpRM1EydFBhVE5PVDFONFl5czNSbUpWUzI1M1BRPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=626345476&sid=20220405031647809dc9845d4ce13a65 HTTP 302
https://lookandfind.me/s/a?t=6&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=goldenshine.watch&s1=721614&s2=&s3=626345476&s5=wc

Request Chain 6

https://stvkr.com/click-GQRLPMHZ-HFDQCOA9?bt=25&tl=1&sa=98715371-6fcd-4472-970f-e93601ba5c25&sa2=60910da1d915b81f2932b7a1&no_cookie=1&rfr=NNNNS%2BfhcApNO9IAl9SYmZgWF8kBm8%2FWm9sFgvtcXFwYNjVNNNNNNNvYUj%3D%3D&widht=1600&height=1200 HTTP 303
https://stvkr.com/blank-page?rfr=NNNNS+fhcApNO9IAl9SYmZgWF8kBm8/Wm9sFgvtcXFwYNjVNNNNNNNvYUj==

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	r2.php Show response 1redirc.com/ Redirect Chain http://paramountpluse.co/ https://paramountpluse.co/ http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDawolKH9ZWgyP12HCd%2FeUiho0IGxgnnXRAz7bUAHVyjIivOyGeK9P9A1rlF6vM1IPdARsopNMoUjtzMxQdbxmQ%2F388cjSfJ6pw7GUhDfigZyPwgHh0LMDKLGTnyqRFvObxztqN511HPnlEnH...	4 KB 3 KB	376ms 190ms	Document text/html	103.224.182.206 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDawolKH9ZWgyP12HCd%2FeUiho0IGxgnnXRAz7bUAHVyjIivOyGeK9P9A1rlF6vM1IPdARsopNMoUjtzMxQdbxmQ%2F388cjSfJ6pw7GUhDfigZyPwgHh0LMDKLGTnyqRFvObxztqN511HPnlEnHpzxzDJ3%2FRYICNJz46VWK8%2FtOL1%2BpH8W7goD%2Bargci6Ipqy%2FjyhA2gBe4%2FM758soqmI%2FV%2BewckWWbVCCnM546%2BXOmAvnvIJwJwIEW1ea2Zy%2FFI3%2BY%2BH%2B%2FgXNZ2XWOop9vmf64SOyNAxnNLQ05koFqVZl%2BYmCxW7EQBNx7pfVYjnrLgNsc9bTt5iIa8%2Bn2jynZsZ85H%2BM0AOp7dRvpk5I8F2l%2BdvUL29ZtjjxudGK7ZI5cKVFJ9VmAgrlRTZg8ZVdeeDeFZouYy2ZB5O2Uikc%2FIFaEGzVd5bXaI87onkckdLHmqWnxczBoM2M3b7yw2cTwa3PmRqwldE1OC%2FSBiyWrxXo3%2BkV8esNkHMaG8%2BAZB%2BsrIJX0GGTkXXyI%2F%2Fn2M%2BIKyL1wNpdtbUyaiPaQEb725L0QU8vmy1DC8zDKWxjN8ZXqEBZ1lfzm7O8IuJJc3pwyzzHRaVw2Uvt%2FZLBKhSX5UYUqS01w6oITmZ3tIIJ0i%2F28oi09ghR1FtqChm3k5Kuwr%2BTA7%2FlfJr5S65xYs3co9Gy%2F5634%2FHKrWk9TkNg5yUaVwzjNv2uN4Zu0kfTjTMhHOLdTp%2B3ckoJmUEdPE4Oz6m0PfEi Protocol HTTP/1.1 Server 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS bidr.trellian.com Software Apache/2.4.25 (Debian) / Resource Hash `5721a753240841b27c7ca2afdbaf9385dedb5ae3cd189867a2eb69c4b97a5b80` Request headers Accept-Language de-DE,de;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Connection close Content-Encoding gzip Content-Length 2318 Content-Type text/html; charset=UTF-8 Date Mon, 04 Apr 2022 17:16:48 GMT Server Apache/2.4.25 (Debian) Vary Accept-Encoding Redirect headers Connection close Content-Length 0 Content-Type text/html; charset=UTF-8 Date Mon, 04 Apr 2022 17:16:47 GMT Location http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDawolKH9ZWgyP12HCd%2FeUiho0IGxgnnXRAz7bUAHVyjIivOyGeK9P9A1rlF6vM1IPdARsopNMoUjtzMxQdbxmQ%2F388cjSfJ6pw7GUhDfigZyPwgHh0LMDKLGTnyqRFvObxztqN511HPnlEnHpzxzDJ3%2FRYICNJz46VWK8%2FtOL1%2BpH8W7goD%2Bargci6Ipqy%2FjyhA2gBe4%2FM758soqmI%2FV%2BewckWWbVCCnM546%2BXOmAvnvIJwJwIEW1ea2Zy%2FFI3%2BY%2BH%2B%2FgXNZ2XWOop9vmf64SOyNAxnNLQ05koFqVZl%2BYmCxW7EQBNx7pfVYjnrLgNsc9bTt5iIa8%2Bn2jynZsZ85H%2BM0AOp7dRvpk5I8F2l%2BdvUL29ZtjjxudGK7ZI5cKVFJ9VmAgrlRTZg8ZVdeeDeFZouYy2ZB5O2Uikc%2FIFaEGzVd5bXaI87onkckdLHmqWnxczBoM2M3b7yw2cTwa3PmRqwldE1OC%2FSBiyWrxXo3%2BkV8esNkHMaG8%2BAZB%2BsrIJX0GGTkXXyI%2F%2Fn2M%2BIKyL1wNpdtbUyaiPaQEb725L0QU8vmy1DC8zDKWxjN8ZXqEBZ1lfzm7O8IuJJc3pwyzzHRaVw2Uvt%2FZLBKhSX5UYUqS01w6oITmZ3tIIJ0i%2F28oi09ghR1FtqChm3k5Kuwr%2BTA7%2FlfJr5S65xYs3co9Gy%2F5634%2FHKrWk9TkNg5yUaVwzjNv2uN4Zu0kfTjTMhHOLdTp%2B3ckoJmUEdPE4Oz6m0PfEi Server Apache/2.4.25 (Debian)
GET H/1.1	200 OK	jscheck.js Show response 1redirc.com/javascript/	899 B 718 B	346ms 173ms	Script application/javascript	103.224.182.206 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL http://1redirc.com/javascript/jscheck.js Requested by Host: 1redirc.com URL: http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDawolKH9ZWgyP12HCd%2FeUiho0IGxgnnXRAz7bUAHVyjIivOyGeK9P9A1rlF6vM1IPdARsopNMoUjtzMxQdbxmQ%2F388cjSfJ6pw7GUhDfigZyPwgHh0LMDKLGTnyqRFvObxztqN511HPnlEnHpzxzDJ3%2FRYICNJz46VWK8%2FtOL1%2BpH8W7goD%2Bargci6Ipqy%2FjyhA2gBe4%2FM758soqmI%2FV%2BewckWWbVCCnM546%2BXOmAvnvIJwJwIEW1ea2Zy%2FFI3%2BY%2BH%2B%2FgXNZ2XWOop9vmf64SOyNAxnNLQ05koFqVZl%2BYmCxW7EQBNx7pfVYjnrLgNsc9bTt5iIa8%2Bn2jynZsZ85H%2BM0AOp7dRvpk5I8F2l%2BdvUL29ZtjjxudGK7ZI5cKVFJ9VmAgrlRTZg8ZVdeeDeFZouYy2ZB5O2Uikc%2FIFaEGzVd5bXaI87onkckdLHmqWnxczBoM2M3b7yw2cTwa3PmRqwldE1OC%2FSBiyWrxXo3%2BkV8esNkHMaG8%2BAZB%2BsrIJX0GGTkXXyI%2F%2Fn2M%2BIKyL1wNpdtbUyaiPaQEb725L0QU8vmy1DC8zDKWxjN8ZXqEBZ1lfzm7O8IuJJc3pwyzzHRaVw2Uvt%2FZLBKhSX5UYUqS01w6oITmZ3tIIJ0i%2F28oi09ghR1FtqChm3k5Kuwr%2BTA7%2FlfJr5S65xYs3co9Gy%2F5634%2FHKrWk9TkNg5yUaVwzjNv2uN4Zu0kfTjTMhHOLdTp%2B3ckoJmUEdPE4Oz6m0PfEi Protocol HTTP/1.1 Server 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS bidr.trellian.com Software Apache/2.4.25 (Debian) / Resource Hash `40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDawolKH9ZWgyP12HCd%2FeUiho0IGxgnnXRAz7bUAHVyjIivOyGeK9P9A1rlF6vM1IPdARsopNMoUjtzMxQdbxmQ%2F388cjSfJ6pw7GUhDfigZyPwgHh0LMDKLGTnyqRFvObxztqN511HPnlEnHpzxzDJ3%2FRYICNJz46VWK8%2FtOL1%2BpH8W7goD%2Bargci6Ipqy%2FjyhA2gBe4%2FM758soqmI%2FV%2BewckWWbVCCnM546%2BXOmAvnvIJwJwIEW1ea2Zy%2FFI3%2BY%2BH%2B%2FgXNZ2XWOop9vmf64SOyNAxnNLQ05koFqVZl%2BYmCxW7EQBNx7pfVYjnrLgNsc9bTt5iIa8%2Bn2jynZsZ85H%2BM0AOp7dRvpk5I8F2l%2BdvUL29ZtjjxudGK7ZI5cKVFJ9VmAgrlRTZg8ZVdeeDeFZouYy2ZB5O2Uikc%2FIFaEGzVd5bXaI87onkckdLHmqWnxczBoM2M3b7yw2cTwa3PmRqwldE1OC%2FSBiyWrxXo3%2BkV8esNkHMaG8%2BAZB%2BsrIJX0GGTkXXyI%2F%2Fn2M%2BIKyL1wNpdtbUyaiPaQEb725L0QU8vmy1DC8zDKWxjN8ZXqEBZ1lfzm7O8IuJJc3pwyzzHRaVw2Uvt%2FZLBKhSX5UYUqS01w6oITmZ3tIIJ0i%2F28oi09ghR1FtqChm3k5Kuwr%2BTA7%2FlfJr5S65xYs3co9Gy%2F5634%2FHKrWk9TkNg5yUaVwzjNv2uN4Zu0kfTjTMhHOLdTp%2B3ckoJmUEdPE4Oz6m0PfEi User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Mon, 04 Apr 2022 17:16:48 GMT Content-Encoding gzip Last-Modified Mon, 10 Jan 2022 12:05:23 GMT Server Apache/2.4.25 (Debian) ETag "383-5d53926b806c0-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 405
GET H/1.1	200 OK	swfobject.js Show response 1redirc.com/javascript/	10 KB 4 KB	348ms 175ms	Script application/javascript	103.224.182.206 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL http://1redirc.com/javascript/swfobject.js Requested by Host: 1redirc.com URL: http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDawolKH9ZWgyP12HCd%2FeUiho0IGxgnnXRAz7bUAHVyjIivOyGeK9P9A1rlF6vM1IPdARsopNMoUjtzMxQdbxmQ%2F388cjSfJ6pw7GUhDfigZyPwgHh0LMDKLGTnyqRFvObxztqN511HPnlEnHpzxzDJ3%2FRYICNJz46VWK8%2FtOL1%2BpH8W7goD%2Bargci6Ipqy%2FjyhA2gBe4%2FM758soqmI%2FV%2BewckWWbVCCnM546%2BXOmAvnvIJwJwIEW1ea2Zy%2FFI3%2BY%2BH%2B%2FgXNZ2XWOop9vmf64SOyNAxnNLQ05koFqVZl%2BYmCxW7EQBNx7pfVYjnrLgNsc9bTt5iIa8%2Bn2jynZsZ85H%2BM0AOp7dRvpk5I8F2l%2BdvUL29ZtjjxudGK7ZI5cKVFJ9VmAgrlRTZg8ZVdeeDeFZouYy2ZB5O2Uikc%2FIFaEGzVd5bXaI87onkckdLHmqWnxczBoM2M3b7yw2cTwa3PmRqwldE1OC%2FSBiyWrxXo3%2BkV8esNkHMaG8%2BAZB%2BsrIJX0GGTkXXyI%2F%2Fn2M%2BIKyL1wNpdtbUyaiPaQEb725L0QU8vmy1DC8zDKWxjN8ZXqEBZ1lfzm7O8IuJJc3pwyzzHRaVw2Uvt%2FZLBKhSX5UYUqS01w6oITmZ3tIIJ0i%2F28oi09ghR1FtqChm3k5Kuwr%2BTA7%2FlfJr5S65xYs3co9Gy%2F5634%2FHKrWk9TkNg5yUaVwzjNv2uN4Zu0kfTjTMhHOLdTp%2B3ckoJmUEdPE4Oz6m0PfEi Protocol HTTP/1.1 Server 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS bidr.trellian.com Software Apache/2.4.25 (Debian) / Resource Hash `a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed` Request headers Accept-Language de-DE,de;q=0.9 Referer http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDawolKH9ZWgyP12HCd%2FeUiho0IGxgnnXRAz7bUAHVyjIivOyGeK9P9A1rlF6vM1IPdARsopNMoUjtzMxQdbxmQ%2F388cjSfJ6pw7GUhDfigZyPwgHh0LMDKLGTnyqRFvObxztqN511HPnlEnHpzxzDJ3%2FRYICNJz46VWK8%2FtOL1%2BpH8W7goD%2Bargci6Ipqy%2FjyhA2gBe4%2FM758soqmI%2FV%2BewckWWbVCCnM546%2BXOmAvnvIJwJwIEW1ea2Zy%2FFI3%2BY%2BH%2B%2FgXNZ2XWOop9vmf64SOyNAxnNLQ05koFqVZl%2BYmCxW7EQBNx7pfVYjnrLgNsc9bTt5iIa8%2Bn2jynZsZ85H%2BM0AOp7dRvpk5I8F2l%2BdvUL29ZtjjxudGK7ZI5cKVFJ9VmAgrlRTZg8ZVdeeDeFZouYy2ZB5O2Uikc%2FIFaEGzVd5bXaI87onkckdLHmqWnxczBoM2M3b7yw2cTwa3PmRqwldE1OC%2FSBiyWrxXo3%2BkV8esNkHMaG8%2BAZB%2BsrIJX0GGTkXXyI%2F%2Fn2M%2BIKyL1wNpdtbUyaiPaQEb725L0QU8vmy1DC8zDKWxjN8ZXqEBZ1lfzm7O8IuJJc3pwyzzHRaVw2Uvt%2FZLBKhSX5UYUqS01w6oITmZ3tIIJ0i%2F28oi09ghR1FtqChm3k5Kuwr%2BTA7%2FlfJr5S65xYs3co9Gy%2F5634%2FHKrWk9TkNg5yUaVwzjNv2uN4Zu0kfTjTMhHOLdTp%2B3ckoJmUEdPE4Oz6m0PfEi User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Mon, 04 Apr 2022 17:16:48 GMT Content-Encoding gzip Last-Modified Mon, 10 Jan 2022 12:05:23 GMT Server Apache/2.4.25 (Debian) ETag "27ef-5d53926b806c0-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 3949
GET H/1.1	200 OK	jscheck.php 1redirc.com/	0 166 B	384ms 208ms	XHR text/html	103.224.182.206 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL http://1redirc.com/jscheck.php?enc=R1NPZU1KV0ZuWWsxVWx1ek53amk5SDQ5ZmxaR1ZrbHpNSFJyS3pNMllYTTJaSGRrVGpkQlJUVk1SRVJFYlRjMEt6TlpiamQxUTFaMGFHbFRSMGhhVjI1NFoyMHJLMWNyYVM5TWRqWXdXbEpXT0dRdlNEQnZUMUpRYldOWGNIQTNaV1V6VW1oSFZVeDFiVmQ0Y3k5UldFUlplSFpHU0RKclltNUhNRzVyWjFacGMxQnVlRmgzUWxWMFdHb3ZObUkyU2xWV2NXWndibWgxUkRsS2IzaFpTbWRhUlhJek4wcFFRbkJFUm1aRFQwUldZM1YxTDNORVFsbGpNekJNUzAwMGRDOURZMDR5YjBOeFkwZFJNMjVZZW04ek5DOTFSekIyWVdsaWRWTlNkalpGU0hrcmFrRXlVV0ZFVjNWVFFURTFhRVJvUTFGWVRUTjVObEZDZUU1YVRsbzNieXMzYkU0NVNscHRRa0V5TjNBMWN6TmFjMjh6ZUVwb1ZVeGxkblZ2U1dKa1IxVlhhbUpLWkVFelZEUkVSMGxVVGpCdlIxVk1PVU5sVG5vNFFVVlpSVkkyUlcwMmF6ZDNWWFprY1ZGVmVGWjVPRWx5ZGtRMWIzZHBiRVZrVVhocWNscEZVbXRpVFVabGRFNTJNbUZYUjBaRk1EZGxkRnBwV0hkR1ZrVlhWbmQwZFU5UFZuZFZjVVZVWVVkSlJHc3pkbFJ4VlRFcldWcHRjVnB4UVdGSmRFcFFaa3hPZEV4NldUVm5jRlo2S3pOdlpWZHBTU3MxUlZoTlVXUnFaaXMxWWxKSVZ6WlBlbGhZVTFCRmRYQlZXbWhVYVVWa1drWmFSMWhMVlM5TldVZ3pNblZrSzJwRlJrczBSVU5tTWpKUlNXRkViVFJTTmxaYWVHOTNRblZ4VTFFNU1sUmFkbk5DY0daSGNWZEVhblZsVDBrNFJrOVNXbVZtYlROb2QyeFZkRGhOT0hwTlpFUkdOMUJCZFhjME16azNTMVJpUVM5TVpXRkdhMDlLVFRCQ01GQTJlbWdyVWtsWWNXTTNWMXByY3pGbVJtZDROblJKTHpoa1JFNTJWR05EVlZoU1lVSTFOSGRFTmpneFdHdFljbXBNV0dZcmNERmtkR3BVVGxZMmFEaFFTblZvVURGeFUybDRXVFZRWVVGaFJWa3ZjbGxKVkVSWlprMUxaMU5wWjFoaVNtRktRbTF3YzJJeU1rSkljVTF0ZUZNeFVrVXhTQ3RYUVc0NGJFbDJURXhMVFZndk16aDRUR1JJWldaTFVqUXJhWEJGWlhKS1duRnNhMk5aZUhwS2FsRnZUVU0zUnpSWE5sVmFOSFZ3TDB4NlpHNXVaMmQ0Ym1zdmJVNUJhV1JKVkhKMlZ6QkRlbWxMYm01cWVXVnVhRTFITURaamMyVktWMnh5WVdKdUwyZGtNR1JqZWtaS1IyeE5hRGhIV0VaM1JtRlBaemhQUW1aMGIza3ZabTFzYVhKT2FVMXphVUZvT1d4bU9HdGtVV3cyVDBGbVdtcFRVMUZvVmxWdE16Um9jMmxLUWpRM1EydFBhVE5PVDFONFl5czNSbUpWUzI1M1BRPT0%3D&rand=0.6462948975050988 Requested by Host: 1redirc.com URL: http://1redirc.com/javascript/jscheck.js Protocol HTTP/1.1 Server 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS bidr.trellian.com Software Apache/2.4.25 (Debian) / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDawolKH9ZWgyP12HCd%2FeUiho0IGxgnnXRAz7bUAHVyjIivOyGeK9P9A1rlF6vM1IPdARsopNMoUjtzMxQdbxmQ%2F388cjSfJ6pw7GUhDfigZyPwgHh0LMDKLGTnyqRFvObxztqN511HPnlEnHpzxzDJ3%2FRYICNJz46VWK8%2FtOL1%2BpH8W7goD%2Bargci6Ipqy%2FjyhA2gBe4%2FM758soqmI%2FV%2BewckWWbVCCnM546%2BXOmAvnvIJwJwIEW1ea2Zy%2FFI3%2BY%2BH%2B%2FgXNZ2XWOop9vmf64SOyNAxnNLQ05koFqVZl%2BYmCxW7EQBNx7pfVYjnrLgNsc9bTt5iIa8%2Bn2jynZsZ85H%2BM0AOp7dRvpk5I8F2l%2BdvUL29ZtjjxudGK7ZI5cKVFJ9VmAgrlRTZg8ZVdeeDeFZouYy2ZB5O2Uikc%2FIFaEGzVd5bXaI87onkckdLHmqWnxczBoM2M3b7yw2cTwa3PmRqwldE1OC%2FSBiyWrxXo3%2BkV8esNkHMaG8%2BAZB%2BsrIJX0GGTkXXyI%2F%2Fn2M%2BIKyL1wNpdtbUyaiPaQEb725L0QU8vmy1DC8zDKWxjN8ZXqEBZ1lfzm7O8IuJJc3pwyzzHRaVw2Uvt%2FZLBKhSX5UYUqS01w6oITmZ3tIIJ0i%2F28oi09ghR1FtqChm3k5Kuwr%2BTA7%2FlfJr5S65xYs3co9Gy%2F5634%2FHKrWk9TkNg5yUaVwzjNv2uN4Zu0kfTjTMhHOLdTp%2B3ckoJmUEdPE4Oz6m0PfEi User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Mon, 04 Apr 2022 17:16:48 GMT Server Apache/2.4.25 (Debian) Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET H2	200	a lookandfind.me/s/ Redirect Chain http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D626345476%26sid%3D20220405031647809dc9845d4ce13a65&s=j&enc=R1NPZU1KV0ZuWWsxVWx1ek53amk5SDQ5ZmxaR1ZrbHpNSFJy... https://clever-redirect.com/s/r6?s=721614&s3=626345476&sid=20220405031647809dc9845d4ce13a65 https://lookandfind.me/s/a?t=6&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=goldenshine.watch&s1=721614&s2=&s3=626345476&s5=wc	338 B 505 B	92ms 36ms	Document text/html	157.90.169.168 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://lookandfind.me/s/a?t=6&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=goldenshine.watch&s1=721614&s2=&s3=626345476&s5=wc Requested by Host: 1redirc.com URL: http://1redirc.com/javascript/jscheck.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.168.169.90.157.clients.your-server.de Software Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24 Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers content-length 338 content-type text/html; charset=UTF-8 date Mon, 04 Apr 2022 17:16:49 GMT referrer-policy strict-origin-when-cross-origin server Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 x-powered-by PHP/7.4.24 Redirect headers content-length 0 content-type text/html; charset=UTF-8 date Mon, 04 Apr 2022 17:16:49 GMT location https://lookandfind.me/s/a?t=6&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=goldenshine.watch&s1=721614&s2=&s3=626345476&s5=wc referrer-policy no-referrer server Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 x-powered-by PHP/7.4.27
GET H2	200	r lookandfind.me/s/	276 B 306 B	28ms 28ms	Document text/html	157.90.169.168 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://lookandfind.me/s/r?u=https%3A%2F%2Fir3.xyz%2F61d6d1c37c0fb%3Fp1%3D5ca675e800f3fc91fe0c1bc5010ec398%26p2%3DDE&h=4d602a637599d06e0f50a5481dc3df67 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.168.169.90.157.clients.your-server.de Software Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24 Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://lookandfind.me/s/a?t=6&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=goldenshine.watch&s1=721614&s2=&s3=626345476&s5=wc Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers content-length 276 content-type text/html; charset=UTF-8 date Mon, 04 Apr 2022 17:16:49 GMT referrer-policy strict-origin-when-cross-origin server Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 x-powered-by PHP/7.4.24
GET H/1.1	200 OK	Primary Request click-GQRLPMHZ-HFDQCOA9 stvkr.com/ Redirect Chain https://ir3.xyz/61d6d1c37c0fb?p1=5ca675e800f3fc91fe0c1bc5010ec398&p2=DE https://stvkr.com/click-GQRLPMHZ-HFDQCOA9?bt=25&tl=1&sa=98715371-6fcd-4472-970f-e93601ba5c25&sa2=60910da1d915b81f2932b7a1	2 KB 2 KB	92ms 33ms	Document text/html	212.32.251.44 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://stvkr.com/click-GQRLPMHZ-HFDQCOA9?bt=25&tl=1&sa=98715371-6fcd-4472-970f-e93601ba5c25&sa2=60910da1d915b81f2932b7a1 Requested by Host: lookandfind.me URL: https://lookandfind.me/s/r?u=https%3A%2F%2Fir3.xyz%2F61d6d1c37c0fb%3Fp1%3D5ca675e800f3fc91fe0c1bc5010ec398%26p2%3DDE&h=4d602a637599d06e0f50a5481dc3df67 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.32.251.44 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://lookandfind.me/s/r?u=https%3A%2F%2Fir3.xyz%2F61d6d1c37c0fb%3Fp1%3D5ca675e800f3fc91fe0c1bc5010ec398%26p2%3DDE&h=4d602a637599d06e0f50a5481dc3df67 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Mon, 04 Apr 2022 17:16:51 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Pragma no-cache Server nginx Transfer-Encoding chunked Redirect headers Connection keep-alive Content-Type text/html; charset=UTF-8 Date Mon, 04 Apr 2022 17:16:51 GMT Location https://stvkr.com/click-GQRLPMHZ-HFDQCOA9?bt=25&tl=1&sa=98715371-6fcd-4472-970f-e93601ba5c25&sa2=60910da1d915b81f2932b7a1 Server nginx/1.10.3 (Ubuntu) Transfer-Encoding chunked X-DATA-COUPONUTS OTQ2NDo5ODcxNTM3MS02ZmNkLTQ0NzItOTcwZi1lOTM2MDFiYTVjMjU=
GET H/1.1	200 OK	blank-page Show response stvkr.com/ Redirect Chain https://stvkr.com/click-GQRLPMHZ-HFDQCOA9?bt=25&tl=1&sa=98715371-6fcd-4472-970f-e93601ba5c25&sa2=60910da1d915b81f2932b7a1&no_cookie=1&rfr=NNNNS%2BfhcApNO9IAl9SYmZgWF8kBm8%2FWm9sFgvtcXFwYNjVNNNNNNNv... https://stvkr.com/blank-page?rfr=NNNNS+fhcApNO9IAl9SYmZgWF8kBm8/Wm9sFgvtcXFwYNjVNNNNNNNvYUj==	0 140 B	24ms 24ms	Document text/plain	212.32.251.44 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://stvkr.com/blank-page?rfr=NNNNS+fhcApNO9IAl9SYmZgWF8kBm8/Wm9sFgvtcXFwYNjVNNNNNNNvYUj== Requested by Host: stvkr.com URL: https://stvkr.com/click-GQRLPMHZ-HFDQCOA9?bt=25&tl=1&sa=98715371-6fcd-4472-970f-e93601ba5c25&sa2=60910da1d915b81f2932b7a1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.32.251.44 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer https://stvkr.com/click-GQRLPMHZ-HFDQCOA9?bt=25&tl=1&sa=98715371-6fcd-4472-970f-e93601ba5c25&sa2=60910da1d915b81f2932b7a1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Connection keep-alive Content-Length 0 Content-Type text/plain Date Mon, 04 Apr 2022 17:16:51 GMT Server nginx Redirect headers Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Mon, 04 Apr 2022 17:16:51 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Location https://stvkr.com/blank-page?rfr=NNNNS+fhcApNO9IAl9SYmZgWF8kBm8/Wm9sFgvtcXFwYNjVNNNNNNNvYUj== P3P policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" Pragma no-cache Server nginx

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
paramountpluse.co/	1970-01-23 17:40:52	Name: __tad Value: 1649092606.3271320
.1redirc.com/	1970-01-20 10:50:28	Name: __dsnsid Value: 20220405031647809dc9845d4ce13a65
clever-redirect.com/	1970-01-20 02:06:19	Name: dd9af63a813c0a17076035ebaf9d42ae Value: 9db6e30b382afda020bb5670f8aa326b935de74a98d7a6fe3c000f219de5c7b0a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22dd9af63a813c0a17076035ebaf9d42ae%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
.ir3.xyz/	1970-01-20 03:09:40	Name: 9464 Value: 98715371-6fcd-4472-970f-e93601ba5c25
stvkr.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8ko1ig3obp1h4278eob57i5vo0
.stvkr.com/	1970-01-20 10:50:28	Name: cnt Value: 4edf15ff77930b2ba72ea579264718b2
stvkr.com/	1970-01-20 02:04:52	Name: init_referer Value: NNNNS%2BfhcApNO9IAl9SYmZgWF8kBm8%2FWm9sFgvtcXFwYNjVNNNNNNNvYUj%3D%3D
stvkr.com/	1970-01-20 02:48:04	Name: skip_js_r Value: 1
stvkr.com/	1970-01-24 06:04:52	Name: widht Value: 1600
stvkr.com/	1970-01-24 06:04:52	Name: height Value: 1200
.stvkr.com/	1970-01-20 10:50:28	Name: pc Value: %DBX%D3%A2%88A%9Da%1A%8E%1A%9Co%DF%BDd%B2%F1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1redirc.com
clever-redirect.com
ir3.xyz
lookandfind.me
paramountpluse.co
stvkr.com
103.224.182.206
103.224.182.210
104.248.96.70
157.90.169.168
212.32.251.44
78.46.197.88
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
5721a753240841b27c7ca2afdbaf9385dedb5ae3cd189867a2eb69c4b97a5b80
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

stvkr.com Open in urlscan Pro 212.32.251.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

50 %HTTPS

0 %IPv6

6 Domains

6 Subdomains

3 IPs

4 Countries

10 kBTransfer

18 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

11 Cookies

Indicators

stvkr.com Open in urlscan Pro
212.32.251.44 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

50 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

3
IPs

4
Countries

10 kB
Transfer

18 kB
Size

11
Cookies

8 HTTP transactions
0 data transactions