Submitted URL: https://magatanka.online/r?k=8a9ddbb67f26827a&click_id=M7348867812896538649&sub3=13445
Effective URL: https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e2774480...
Submission: On March 21 via api from US — Scanned from US

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 25 HTTP transactions. The main IP is 46.4.172.148, located in Bad Muenstereifel, Germany and belongs to HETZNER-AS, DE. The main domain is citpigid.site.
TLS certificate: Issued by R3 on February 6th 2024. Valid for: 3 months.
This is the only time citpigid.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 46.4.172.148 24940 (HETZNER-AS)
12 139.45.197.251 9002 (RETN-AS)
1 139.45.195.8 9002 (RETN-AS)
25 4
Apex Domain
Subdomains
Transfer
12 citpigid.site
citpigid.site
673 KB
9 jouteetu.net
jouteetu.net — Cisco Umbrella Rank: 18471
3 psothoms.com
psothoms.com — Cisco Umbrella Rank: 391478
16 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 7780
542 B
1 magatanka.online
magatanka.online — Cisco Umbrella Rank: 927616
501 B
25 5
Domain Requested by
12 citpigid.site citpigid.site
psothoms.com
9 jouteetu.net psothoms.com
3 psothoms.com citpigid.site
psothoms.com
1 my.rtmark.net psothoms.com
1 magatanka.online 1 redirects
25 5

This site contains no links.

Subject Issuer Validity Valid
citpigid.site
R3
2024-02-06 -
2024-05-06
3 months crt.sh
psothoms.com
R3
2024-01-26 -
2024-04-25
3 months crt.sh
jouteetu.net
R3
2024-03-13 -
2024-06-11
3 months crt.sh
rtmark.net
R3
2024-03-02 -
2024-05-31
3 months crt.sh

This page contains 1 frames:

Primary Page: https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
Frame ID: 666DC1EB7CB5BCD2812C625497FB250C
Requests: 26 HTTP requests in this frame

Screenshot

Page Title

Games

Page URL History Show full URLs

  1. https://magatanka.online/r?k=8a9ddbb67f26827a&click_id=M7348867812896538649&sub3=13445 HTTP 302
    https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clic... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

689 kB
Transfer

835 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://magatanka.online/r?k=8a9ddbb67f26827a&click_id=M7348867812896538649&sub3=13445 HTTP 302
    https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
citpigid.site/f/ar_update/
Redirect Chain
  • https://magatanka.online/r?k=8a9ddbb67f26827a&click_id=M7348867812896538649&sub3=13445
  • https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2...
6 KB
2 KB
Document
General
Full URL
https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.172.148 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.172.4.46.clients.your-server.de
Software
nginx/1.20.2 / PHP/8.1.27
Resource Hash
2f657202785936554a31f3048c4b2478fc1ade86ae6f046e105249f836d25b69

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 21 Mar 2024 18:47:15 GMT
expires
Thu, 21 Mar 2024 18:47:14 GMT
pragma
no-cache
server
nginx/1.20.2
x-powered-by
PHP/8.1.27

Redirect headers

cache-control
no-cache
content-type
text/html; charset=UTF-8
date
Thu, 21 Mar 2024 18:47:14 GMT
expires
Thu, 21 Mar 2024 18:47:13 GMT
location
https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
referrer-policy
no-referrer
server
nginx/1.20.2
x-powered-by
PHP/8.1.27
style.css
citpigid.site/f/ar_whatsapp/css/
540 B
442 B
Stylesheet
General
Full URL
https://citpigid.site/f/ar_whatsapp/css/style.css
Requested by
Host: citpigid.site
URL: https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.172.148 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.172.4.46.clients.your-server.de
Software
nginx/1.20.2 /
Resource Hash
2c793b7ebb2c629df0e5ebc6863b63eaf8609ba48402904fea10501f3ed1269e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 18:47:15 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 15:57:58 GMT
server
nginx/1.20.2
etag
W/"65fc5906-21c"
content-type
text/css
def.bundle.css
citpigid.site/f/ar_whatsapp/css/
59 KB
7 KB
Stylesheet
General
Full URL
https://citpigid.site/f/ar_whatsapp/css/def.bundle.css
Requested by
Host: citpigid.site
URL: https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.172.148 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.172.4.46.clients.your-server.de
Software
nginx/1.20.2 /
Resource Hash
b9e7343ee628c363c7107664ba8fe8697f7f513a68ae5edc51630cdd573ad842

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 18:47:15 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 15:57:58 GMT
server
nginx/1.20.2
etag
W/"65fc5906-eb95"
content-type
text/css
campaign.bundle.css
citpigid.site/f/ar_whatsapp/css/
2 KB
776 B
Stylesheet
General
Full URL
https://citpigid.site/f/ar_whatsapp/css/campaign.bundle.css
Requested by
Host: citpigid.site
URL: https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.172.148 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.172.4.46.clients.your-server.de
Software
nginx/1.20.2 /
Resource Hash
0faab5e506d2495b6b0496a734715ef51355a1409dbb0ee528389de901d885b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 18:47:15 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 15:57:58 GMT
server
nginx/1.20.2
etag
W/"65fc5906-6f8"
content-type
text/css
countries.bundle.css
citpigid.site/f/ar_whatsapp/css/
2 KB
709 B
Stylesheet
General
Full URL
https://citpigid.site/f/ar_whatsapp/css/countries.bundle.css
Requested by
Host: citpigid.site
URL: https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.172.148 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.172.4.46.clients.your-server.de
Software
nginx/1.20.2 /
Resource Hash
b5a148cb0d4a5521eded4e61d3d044eb840f50647c1ed445ad1092debec5f517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 18:47:15 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 15:57:58 GMT
server
nginx/1.20.2
etag
W/"65fc5906-6db"
content-type
text/css
brokers.bundle.css
citpigid.site/f/ar_whatsapp/css/
167 B
268 B
Stylesheet
General
Full URL
https://citpigid.site/f/ar_whatsapp/css/brokers.bundle.css
Requested by
Host: citpigid.site
URL: https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.172.148 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.172.4.46.clients.your-server.de
Software
nginx/1.20.2 /
Resource Hash
b4e453048b682fc43f24d9ab26b8b1a9be74d3036c81fa37b0f80780903f76ec

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 18:47:15 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 15:57:58 GMT
server
nginx/1.20.2
etag
W/"65fc5906-a7"
content-type
text/css
hero.webp
citpigid.site/f/ar_whatsapp/images/
16 KB
17 KB
Image
General
Full URL
https://citpigid.site/f/ar_whatsapp/images/hero.webp
Requested by
Host: citpigid.site
URL: https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.172.148 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.172.4.46.clients.your-server.de
Software
nginx/1.20.2 /
Resource Hash
a4eb60473a71860c5eb3823afb622541b36d5c809d58835c6f4e45e12afffd40

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 18:47:15 GMT
last-modified
Thu, 21 Mar 2024 15:57:58 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"65fc5906-41ce"
content-length
16846
content-type
image/webp
jquery.js
citpigid.site/f/ar_whatsapp/src/
87 KB
31 KB
Script
General
Full URL
https://citpigid.site/f/ar_whatsapp/src/jquery.js
Requested by
Host: citpigid.site
URL: https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.172.148 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.172.4.46.clients.your-server.de
Software
nginx/1.20.2 /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 18:47:15 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 15:57:58 GMT
server
nginx/1.20.2
etag
W/"65fc5906-15d9d"
content-type
application/javascript
custom_ae.js
citpigid.site/f/ar_whatsapp/src/
15 KB
4 KB
Script
General
Full URL
https://citpigid.site/f/ar_whatsapp/src/custom_ae.js
Requested by
Host: citpigid.site
URL: https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.172.148 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.172.4.46.clients.your-server.de
Software
nginx/1.20.2 /
Resource Hash
26443ef337e6f43a98b4a9a722ea334084530d5dfe9e9dc3346c1f2091a54f9f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 18:47:15 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 15:57:58 GMT
server
nginx/1.20.2
etag
W/"65fc5906-3aa7"
content-type
application/javascript
background_desktop.png
citpigid.site/f/ar_whatsapp/images/
608 KB
609 KB
Image
General
Full URL
https://citpigid.site/f/ar_whatsapp/images/background_desktop.png
Requested by
Host: citpigid.site
URL: https://citpigid.site/f/ar_whatsapp/css/campaign.bundle.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.172.148 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.172.4.46.clients.your-server.de
Software
nginx/1.20.2 /
Resource Hash
0c67a489b0425400f3bfd83f82797396c848ac05ebe0f329056a6b57ee3660e3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citpigid.site/f/ar_whatsapp/css/campaign.bundle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 18:47:15 GMT
last-modified
Thu, 21 Mar 2024 15:57:58 GMT
server
nginx/1.20.2
accept-ranges
bytes
etag
"65fc5906-97eea"
content-length
622314
content-type
image/png
truncated
/
294 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
888051de65abde6ec7c6a4df40c141aafb6c7b7beef9147972aa6d5465a784ad

Request headers

Referer
Origin
https://citpigid.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
micro.tag.min.js
psothoms.com/pfe/current/
35 KB
14 KB
Script
General
Full URL
https://psothoms.com/pfe/current/micro.tag.min.js?z=6601781&sw=/sw-check-permissions-e4f04.js
Requested by
Host: citpigid.site
URL: https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
955a7f7e7a9158b178d2ca39513763b297bbec13f6083c534c099af7876c1c8c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citpigid.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Mar 2024 18:47:15 GMT
content-encoding
gzip
last-modified
Wed, 20 Mar 2024 09:50:24 GMT
server
nginx
etag
W/"65fab160-8def"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
footer.php
citpigid.site/functions_pinapi/
4 KB
1 KB
XHR
General
Full URL
https://citpigid.site/functions_pinapi/footer.php?api_name=chicagoae3&offer_id=15023&pid=11
Requested by
Host: citpigid.site
URL: https://citpigid.site/f/ar_whatsapp/src/custom_ae.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.172.148 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.172.4.46.clients.your-server.de
Software
nginx/1.20.2 / PHP/8.1.27
Resource Hash
8be7b6b636bd47fd6e85eb8feb858fcd55a163cc7f2ecfd0e0f7a1531e330111

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type
application/json
date
Thu, 21 Mar 2024 18:47:15 GMT
cache-control
no-cache
content-encoding
gzip
server
nginx/1.20.2
x-powered-by
PHP/8.1.27
expires
Thu, 21 Mar 2024 18:47:14 GMT
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: psothoms.com
URL: https://psothoms.com/pfe/current/micro.tag.min.js?z=6601781&sw=/sw-check-permissions-e4f04.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://citpigid.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

sw-check-permissions-e4f04.js
citpigid.site/
0
425 B
Other
General
Full URL
https://citpigid.site/sw-check-permissions-e4f04.js?zoneId=6601781
Requested by
Host: psothoms.com
URL: https://psothoms.com/pfe/current/micro.tag.min.js?z=6601781&sw=/sw-check-permissions-e4f04.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.172.148 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.148.172.4.46.clients.your-server.de
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 18:47:16 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 15:57:58 GMT
server
nginx/1.20.2
etag
W/"65fc5906-236"
content-type
application/javascript
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: psothoms.com
URL: https://psothoms.com/pfe/current/micro.tag.min.js?z=6601781&sw=/sw-check-permissions-e4f04.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://citpigid.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

zone
psothoms.com/
0
366 B
Ping
General
Full URL
https://psothoms.com/zone?&pub=0&zone_id=6601781&is_mobile=false&domain=citpigid.site&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.497&trace_id=26ce2201-bbba-4b7a-9fef-ab369a187885&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: psothoms.com
URL: https://psothoms.com/pfe/current/micro.tag.min.js?z=6601781&sw=/sw-check-permissions-e4f04.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citpigid.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-trace-id
4be1355d4d8a9009ffb446c6c07ebdcb
date
Thu, 21 Mar 2024 18:47:16 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin
https://citpigid.site
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: psothoms.com
URL: https://psothoms.com/pfe/current/micro.tag.min.js?z=6601781&sw=/sw-check-permissions-e4f04.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://citpigid.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: psothoms.com
URL: https://psothoms.com/pfe/current/micro.tag.min.js?z=6601781&sw=/sw-check-permissions-e4f04.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://citpigid.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

gid.js
my.rtmark.net/
65 B
542 B
Fetch
General
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=6601781&checkDuplicate=true&ymid=&var=
Requested by
Host: psothoms.com
URL: https://psothoms.com/pfe/current/micro.tag.min.js?z=6601781&sw=/sw-check-permissions-e4f04.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a27d3868e014f5f9962a437b4ffa075f95189645529364d7754c53a17949e875
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citpigid.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 18:47:16 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://citpigid.site
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: psothoms.com
URL: https://psothoms.com/pfe/current/micro.tag.min.js?z=6601781&sw=/sw-check-permissions-e4f04.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://citpigid.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: psothoms.com
URL: https://psothoms.com/pfe/current/micro.tag.min.js?z=6601781&sw=/sw-check-permissions-e4f04.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://citpigid.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: psothoms.com
URL: https://psothoms.com/pfe/current/micro.tag.min.js?z=6601781&sw=/sw-check-permissions-e4f04.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://citpigid.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

zone
psothoms.com/
827 B
1 KB
Fetch
General
Full URL
https://psothoms.com/zone?&pub=0&zone_id=6601781&is_mobile=false&domain=citpigid.site&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.497&trace_id=26ce2201-bbba-4b7a-9fef-ab369a187885&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: psothoms.com
URL: https://psothoms.com/pfe/current/micro.tag.min.js?z=6601781&sw=/sw-check-permissions-e4f04.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
c9bbaac0e8e126de6e59c79fc2103cb9054e7ef668bfa64c9b45498465c4bb9d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://citpigid.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-trace-id
1725c86082cd9dfc6885804618e0fbf9
date
Thu, 21 Mar 2024 18:47:16 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type
application/json; charset=utf-8
access-control-allow-origin
https://citpigid.site
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
827
custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: psothoms.com
URL: https://psothoms.com/pfe/current/micro.tag.min.js?z=6601781&sw=/sw-check-permissions-e4f04.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://citpigid.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

custom
jouteetu.net/
0
0
Ping
General
Full URL
https://jouteetu.net/custom
Requested by
Host: psothoms.com
URL: https://psothoms.com/pfe/current/micro.tag.min.js?z=6601781&sw=/sw-check-permissions-e4f04.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://citpigid.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| hook1 string| api_pub string| our_clickid function| $ function| jQuery object| data_en object| data_ar function| updateFooterLanguage function| get_url_parameter function| updateLanguage object| s string| msg_code_expired string| msg_sent_code_validity string| msg_wrong_number string| msg_number_error string| msg_wrong_pin_valide string| msg_wrong_pin string| msg_success_link object| zfgformats

3 Cookies

Domain/Path Name / Value
magatanka.online/ Name: aff_tds_id
Value: c5a532c73b88632db48fa6306ba6f48c4306e592f341bba206721272cddb2b7ba%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22aff_tds_id%22%3Bi%3A1%3Bs%3A16%3A%22d542c39daf78c362%22%3B%7D
citpigid.site/ Name: PHPSESSID
Value: ad8896d4df7551dd7dfdf105de1f502e
my.rtmark.net/ Name: ID
Value: 7f298a9de2c94a45bdad8d59e4ca711e

1 Console Messages

Source Level URL
Text
other warning URL: https://citpigid.site/f/ar_update/?pid=11&offer_id=15023&clickid=9010a0e0e277448009050100&our_clickid=9010a0e0e277448009050100&geo=ae&trans_id=b8ace5572fcaa8f9d30988d1be2ed646&t=4b2c8a2fcf482c294e2c280000
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.