urlscan.io logo urlscan.io
SecurityTrails logo

install.convertmyvid.com Open in urlscan Pro
13.80.30.142  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rainwalker.website/i/16476?redirection_cost=0.07&clickid=15730726690211067010138206657656259&zone=2579051-180960166...
Effective URL: https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
Submission: On November 06 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 13 domains to perform 27 HTTP transactions. The main IP is 13.80.30.142, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is install.convertmyvid.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 26th 2019. Valid for: 3 months.
This is the only time install.convertmyvid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 95.211.24.232 60781 (LEASEWEB-...)
1 2 35.201.117.228 15169 (GOOGLE)
1 1 52.59.161.204 16509 (AMAZON-02)
2 2 107.23.2.7 14618 (AMAZON-AES)
2 104.18.12.100 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 35.227.196.138 15169 (GOOGLE)
1 143.204.101.54 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 212.32.250.2 60781 (LEASEWEB-...)
7 13.80.30.142 8075 (MICROSOFT...)
7 205.185.208.154 20446 (HIGHWINDS3)
2 2606:4700:300... 13335 (CLOUDFLAR...)
27 11
2    95.211.24.232 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
rainwalker.website
2    35.201.117.228 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 228.117.201.35.bc.googleusercontent.com
www.dexchangeinc.com
1    52.59.161.204 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-59-161-204.eu-central-1.compute.amazonaws.com
cening-setects.com
2    107.23.2.7 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-107-23-2-7.compute-1.amazonaws.com
francoistsjacqu.info
2    104.18.12.100 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
shireamentsp.info
2    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    35.227.196.138 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 138.196.227.35.bc.googleusercontent.com
www.performanceonclick.com
1    143.204.101.54 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-54.fra50.r.cloudfront.net
cdn.pushnami.com
2    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    212.32.250.2 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
tracking.prmtracking.com
7    13.80.30.142 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
install.convertmyvid.com
7    205.185.208.154 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip154.ssl.hwcdn.net
i3j3u3u9.ssl.hwcdn.net
2    2606:4700:300a::6813:c797 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
Domain Requested by
7 i3j3u3u9.ssl.hwcdn.net install.convertmyvid.com
i3j3u3u9.ssl.hwcdn.net
7 install.convertmyvid.com www.performanceonclick.com
install.convertmyvid.com
i3j3u3u9.ssl.hwcdn.net
2 cdnjs.cloudflare.com install.convertmyvid.com
2 fonts.gstatic.com install.convertmyvid.com
2 www.performanceonclick.com 1 redirects shireamentsp.info
2 fonts.googleapis.com shireamentsp.info
install.convertmyvid.com
2 shireamentsp.info www.dexchangeinc.com
shireamentsp.info
2 francoistsjacqu.info 2 redirects
2 www.dexchangeinc.com 1 redirects rainwalker.website
2 rainwalker.website 1 redirects
1 tracking.prmtracking.com 1 redirects
1 cdn.pushnami.com
1 cening-setects.com 1 redirects
27 13

This site contains links to these domains. Also see Links.

Domain
convertmyvid.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-10-28 -
2020-10-09		 a year crt.sh
*.googleapis.com
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
*.pushnami.com
Amazon		 2019-06-14 -
2020-07-14		 a year crt.sh
*.google.com
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
*.convertmyvid.com
Let's Encrypt Authority X3		 2019-09-26 -
2019-12-25		 3 months crt.sh
*.ssl.hwcdn.net
COMODO RSA Domain Validation Secure Server CA		 2019-01-03 -
2020-01-20		 a year crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh

This page contains 3 frames:

Primary Page: https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
Frame ID: 1C518E1C7B2D99A1320989F629FA8D39
Requests: 26 HTTP requests in this frame

Frame: https://i3j3u3u9.ssl.hwcdn.net/common/html/delay_finger_store_new.html
Frame ID: 01DCBAA0860B84F5B5385DA326BBFB1F
Requests: 2 HTTP requests in this frame

Frame: https://i3j3u3u9.ssl.hwcdn.net/common/sounds/interval.mp3
Frame ID: B8E2AD9EAB5011DB1DD1168389DEE22C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://rainwalker.website/i/16476?redirection_cost=0.07&clickid=15730726690211067010138206657656259&zo... HTTP 302
    http://rainwalker.website/h/n9lHeToBOi5v6qt6pq24rB2OkF6WvuG.OGEYpj.OskIbtZx1BcUh2Z0Cfg_VBfLVvOcbvOgD6P... Page URL
  2. http://www.dexchangeinc.com/jump/next.php?r=2145399&sub1=16476 Page URL
  3. http://www.dexchangeinc.com/jump/next.php?stamat=m%7C%2C4IiM29jEqB1dAJ0dEdHP3xP.9c0%2CneLo3DjtLmim32llap... HTTP 302
    https://cening-setects.com/55b07359-ef8c-45f1-bb0f-cdfb83fe09a2?c2=0_2145399-4093426103-0&c3={idfahere}... HTTP 302
    https://francoistsjacqu.info/redirect?tid=760128&subid=0_2145399-4093426103-0&puid=wrmvv263137e3ljq1s6mb3fo HTTP 302
    https://shireamentsp.info/TXJ?tag_id=760128&sub_id1=0_2145399-4093426103-0&sub_id2=4000381475088425821... Page URL
  4. https://francoistsjacqu.info/?tid=761531&noocp=1&subid=0_2145399-4093426103-0 HTTP 302
    http://www.performanceonclick.com/jump/next.php?r=2220643&pub_clickid=6174970224414440029&sub1=761531 Page URL
  5. http://www.performanceonclick.com/jump/next.php?stamat=m%7C%2C4YhJ2I2KqB1dwP0dEdHP3xP.8fb%2Ch1yEM128IxQMGOtYFz... HTTP 302
    https://tracking.prmtracking.com/click?pid=6&offer_id=2066425&sub1=15730741891495687358194317470833817&sub2=2... HTTP 302
    https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae Page URL
  6. https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

27
Requests

85 %
HTTPS

23 %
IPv6

13
Domains

13
Subdomains

11
IPs

4
Countries

127 kB
Transfer

384 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rainwalker.website/i/16476?redirection_cost=0.07&clickid=15730726690211067010138206657656259&zone=2579051-1809601667-0&isp=AT&T%20Services&ip=12.148.160.130&browser=Internet%20Explorer&country=US&lang=EN&acsc=170439904 HTTP 302
    http://rainwalker.website/h/n9lHeToBOi5v6qt6pq24rB2OkF6WvuG.OGEYpj.OskIbtZx1BcUh2Z0Cfg_VBfLVvOcbvOgD6PFZBndkji6VNM3roZdDXlcjM9wOtvK7zXEpbHnJ04NKjHhCVQZ0Th53k4J1WqfvKDRNdtPh5DgExQqq.qqqq.qq Page URL
  2. http://www.dexchangeinc.com/jump/next.php?r=2145399&sub1=16476 Page URL
  3. http://www.dexchangeinc.com/jump/next.php?stamat=m%7C%2C4IiM29jEqB1dAJ0dEdHP3xP.9c0%2CneLo3DjtLmim32llapDJk6MOVU7Pc6osThgjIjlb7Jg%2C&cbrandom=0.442735910296824&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Frainwalker.website%2Fh%2Fn9lHeToBOi5v6qt6pq24rB2OkF6WvuG.OGEYpj.OskIbtZx1BcUh2Z0Cfg_VBfLVvOcbvOgD6PFZBndkji6VNM3roZdDXlcjM9wOtvK7zXEpbHnJ04NKjHhCVQZ0Th53k4J1WqfvKDRNdtPh5DgExQqq.qqqq.qq HTTP 302
    https://cening-setects.com/55b07359-ef8c-45f1-bb0f-cdfb83fe09a2?c2=0_2145399-4093426103-0&c3={idfahere}&c4={gaidhere}&c1=15730741871495687358262110617617222&acsc=151422164 HTTP 302
    https://francoistsjacqu.info/redirect?tid=760128&subid=0_2145399-4093426103-0&puid=wrmvv263137e3ljq1s6mb3fo HTTP 302
    https://shireamentsp.info/TXJ?tag_id=760128&sub_id1=0_2145399-4093426103-0&sub_id2=4000381475088425821&cookie_id=584e1fa3-84bd-4076-aa71-b9228837a378&lp=black_normal&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Ffrancoistsjacqu.info%2F%3Ftid%3D761531%26noocp%3D1%26subid%3D0_2145399-4093426103-0&hop=7&geo=NL Page URL
  4. https://francoistsjacqu.info/?tid=761531&noocp=1&subid=0_2145399-4093426103-0 HTTP 302
    http://www.performanceonclick.com/jump/next.php?r=2220643&pub_clickid=6174970224414440029&sub1=761531 Page URL
  5. http://www.performanceonclick.com/jump/next.php?stamat=m%7C%2C4YhJ2I2KqB1dwP0dEdHP3xP.8fb%2Ch1yEM128IxQMGOtYFzVKrtA_RtK5xFtso_iMM5TSY4yRaHaV_IAA8TjTmsvAtYQc&cbrandom=0.5943070001028459&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
    https://tracking.prmtracking.com/click?pid=6&offer_id=2066425&sub1=15730741891495687358194317470833817&sub2=2220643-1230898725-0&sub3=Fresh24_10&acsc=179689364 HTTP 302
    https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae Page URL
  6. https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://rainwalker.website/i/16476?redirection_cost=0.07&clickid=15730726690211067010138206657656259&zone=2579051-1809601667-0&isp=AT&T%20Services&ip=12.148.160.130&browser=Internet%20Explorer&country=US&lang=EN&acsc=170439904 HTTP 302
  • http://rainwalker.website/h/n9lHeToBOi5v6qt6pq24rB2OkF6WvuG.OGEYpj.OskIbtZx1BcUh2Z0Cfg_VBfLVvOcbvOgD6PFZBndkji6VNM3roZdDXlcjM9wOtvK7zXEpbHnJ04NKjHhCVQZ0Th53k4J1WqfvKDRNdtPh5DgExQqq.qqqq.qq
Request Chain 2
  • http://www.dexchangeinc.com/jump/next.php?stamat=m%7C%2C4IiM29jEqB1dAJ0dEdHP3xP.9c0%2CneLo3DjtLmim32llapDJk6MOVU7Pc6osThgjIjlb7Jg%2C&cbrandom=0.442735910296824&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Frainwalker.website%2Fh%2Fn9lHeToBOi5v6qt6pq24rB2OkF6WvuG.OGEYpj.OskIbtZx1BcUh2Z0Cfg_VBfLVvOcbvOgD6PFZBndkji6VNM3roZdDXlcjM9wOtvK7zXEpbHnJ04NKjHhCVQZ0Th53k4J1WqfvKDRNdtPh5DgExQqq.qqqq.qq HTTP 302
  • https://cening-setects.com/55b07359-ef8c-45f1-bb0f-cdfb83fe09a2?c2=0_2145399-4093426103-0&c3={idfahere}&c4={gaidhere}&c1=15730741871495687358262110617617222&acsc=151422164 HTTP 302
  • https://francoistsjacqu.info/redirect?tid=760128&subid=0_2145399-4093426103-0&puid=wrmvv263137e3ljq1s6mb3fo HTTP 302
  • https://shireamentsp.info/TXJ?tag_id=760128&sub_id1=0_2145399-4093426103-0&sub_id2=4000381475088425821&cookie_id=584e1fa3-84bd-4076-aa71-b9228837a378&lp=black_normal&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Ffrancoistsjacqu.info%2F%3Ftid%3D761531%26noocp%3D1%26subid%3D0_2145399-4093426103-0&hop=7&geo=NL
Request Chain 5
  • https://francoistsjacqu.info/?tid=761531&noocp=1&subid=0_2145399-4093426103-0 HTTP 302
  • http://www.performanceonclick.com/jump/next.php?r=2220643&pub_clickid=6174970224414440029&sub1=761531
Request Chain 8
  • http://www.performanceonclick.com/jump/next.php?stamat=m%7C%2C4YhJ2I2KqB1dwP0dEdHP3xP.8fb%2Ch1yEM128IxQMGOtYFzVKrtA_RtK5xFtso_iMM5TSY4yRaHaV_IAA8TjTmsvAtYQc&cbrandom=0.5943070001028459&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
  • https://tracking.prmtracking.com/click?pid=6&offer_id=2066425&sub1=15730741891495687358194317470833817&sub2=2220643-1230898725-0&sub3=Fresh24_10&acsc=179689364 HTTP 302
  • https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
n9lHeToBOi5v6qt6pq24rB2OkF6WvuG.OGEYpj.OskIbtZx1BcUh2Z0Cfg_VBfLVvOcbvOgD6PFZBndkji6VNM3roZdDXlcjM9wOtvK7zXEpbHnJ04NKjHhCVQZ0Th53k4J1WqfvKDRNdtPh5DgExQqq.qqqq.qq
rainwalker.website/h/
Redirect Chain
  • http://rainwalker.website/i/16476?redirection_cost=0.07&clickid=15730726690211067010138206657656259&zone=2579051-1809601667-0&isp=AT&T%20Services&ip=12.148.160.130&browser=Internet%20Explorer&count...
  • http://rainwalker.website/h/n9lHeToBOi5v6qt6pq24rB2OkF6WvuG.OGEYpj.OskIbtZx1BcUh2Z0Cfg_VBfLVvOcbvOgD6PFZBndkji6VNM3roZdDXlcjM9wOtvK7zXEpbHnJ04NKjHhCVQZ0Th53k4J1WqfvKDRNdtPh5DgExQqq.qqqq.qq
515 B
529 B 		Document
General
Check archive.org
Download Go to
Full URL
http://rainwalker.website/h/n9lHeToBOi5v6qt6pq24rB2OkF6WvuG.OGEYpj.OskIbtZx1BcUh2Z0Cfg_VBfLVvOcbvOgD6PFZBndkji6VNM3roZdDXlcjM9wOtvK7zXEpbHnJ04NKjHhCVQZ0Th53k4J1WqfvKDRNdtPh5DgExQqq.qqqq.qq
Protocol
HTTP/1.1
Server
95.211.24.232 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
da5f3cc9800472d3497b82176abd83e8da3cf95bac717465af8ed8796c1ad083

Request headers

Host
rainwalker.website
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Cookie
TRK_TRG=eJxjYGBgEmEXZMosEOSxsNQzttCzNNMztDQQZE5PzRdk8vMR5C5KTc%2FMz4tPzk9JZRDkTM4sqYSymTOLCwQFwvOLclKCS4pSE3MVnPTC9AT58lJL4osLUlNTwOp4BTkyi%2BMLivIrKtkYAdItHnw%3D; TRK_TRU2=eJxjYGBgEuEQZC5NNBVUMLIwMU6zSDZIsjAyNzO0tDAyMTJJtjQ2MjZOTjFMTTEVZE0qSsxL4RVkzc1PSc3hFeRKKsovL04tis9MYWMU5IfxylKLijPz83gcghsYQECQNb8YpIRdkAvIgMuquK8TqXroIcidklqWmZwaX1JZkMrGCABnPigw; trk_cpa_pixel=d4aa9430-00d8-11ea-a8ac-d5482456e8aa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Server
nginx
Date
Wed, 06 Nov 2019 21:03:06 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
Content-Encoding
gzip
Vary
Accept-Encoding

Redirect headers

Server
nginx
Date
Wed, 06 Nov 2019 21:03:06 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
Set-Cookie
TRK_TRG=eJxjYGBgEmEXZMosEOSxsNQzttCzNNMztDQQZE5PzRdk8vMR5C5KTc%2FMz4tPzk9JZRDkTM4sqYSymTOLCwQFwvOLclKCS4pSE3MVnPTC9AT58lJL4osLUlNTwOp4BTkyi%2BMLivIrKtkYAdItHnw%3D; expires=Thu, 07-Nov-2019 21:03:06 GMT; Max-Age=86400; path=/ TRK_TRU2=eJxjYGBgEuEQZC5NNBVUMLIwMU6zSDZIsjAyNzO0tDAyMTJJtjQ2MjZOTjFMTTEVZE0qSsxL4RVkzc1PSc3hFeRKKsovL04tis9MYWMU5IfxylKLijPz83gcghsYQECQNb8YpIRdkAvIgMuquK8TqXroIcidklqWmZwaX1JZkMrGCABnPigw; expires=Thu, 07-Nov-2019 21:03:06 GMT; Max-Age=86400; path=/ trk_cpa_pixel=d4aa9430-00d8-11ea-a8ac-d5482456e8aa; expires=Sun, 05-Jan-2020 21:03:06 GMT; Max-Age=5184000; path=/
Location
http://rainwalker.website/h/n9lHeToBOi5v6qt6pq24rB2OkF6WvuG.OGEYpj.OskIbtZx1BcUh2Z0Cfg_VBfLVvOcbvOgD6PFZBndkji6VNM3roZdDXlcjM9wOtvK7zXEpbHnJ04NKjHhCVQZ0Th53k4J1WqfvKDRNdtPh5DgExQqq.qqqq.qq
Content-Encoding
gzip
Vary
Accept-Encoding
next.php
www.dexchangeinc.com/jump/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.dexchangeinc.com/jump/next.php?r=2145399&sub1=16476
Requested by
Host: rainwalker.website
URL: http://rainwalker.website/h/n9lHeToBOi5v6qt6pq24rB2OkF6WvuG.OGEYpj.OskIbtZx1BcUh2Z0Cfg_VBfLVvOcbvOgD6PFZBndkji6VNM3roZdDXlcjM9wOtvK7zXEpbHnJ04NKjHhCVQZ0Th53k4J1WqfvKDRNdtPh5DgExQqq.qqqq.qq
Protocol
HTTP/1.1
Server
35.201.117.228 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
228.117.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
4b9c931120ab4b0ebc4e3869c7837f08038a1a1e6aa19e70a38bc312451231b6

Request headers

Host
www.dexchangeinc.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://rainwalker.website/h/n9lHeToBOi5v6qt6pq24rB2OkF6WvuG.OGEYpj.OskIbtZx1BcUh2Z0Cfg_VBfLVvOcbvOgD6PFZBndkji6VNM3roZdDXlcjM9wOtvK7zXEpbHnJ04NKjHhCVQZ0Th53k4J1WqfvKDRNdtPh5DgExQqq.qqqq.qq
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Referer
http://rainwalker.website/h/n9lHeToBOi5v6qt6pq24rB2OkF6WvuG.OGEYpj.OskIbtZx1BcUh2Z0Cfg_VBfLVvOcbvOgD6PFZBndkji6VNM3roZdDXlcjM9wOtvK7zXEpbHnJ04NKjHhCVQZ0Th53k4J1WqfvKDRNdtPh5DgExQqq.qqqq.qq

Response headers

Server
openresty
Date
Wed, 06 Nov 2019 21:03:07 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Referrer-Policy
no-referrer
Link
<//www.dexchangeinc.com>; rel=dns-prefetch,<//www.dexchangeinc.com>; rel=preconnect
Content-Encoding
gzip
Via
1.1 google
TXJ
shireamentsp.info/
Redirect Chain
  • http://www.dexchangeinc.com/jump/next.php?stamat=m%7C%2C4IiM29jEqB1dAJ0dEdHP3xP.9c0%2CneLo3DjtLmim32llapDJk6MOVU7Pc6osThgjIjlb7Jg%2C&cbrandom=0.442735910296824&cbtitle=&cbiframe=0&cbWidth=1600&cbHe...
  • https://cening-setects.com/55b07359-ef8c-45f1-bb0f-cdfb83fe09a2?c2=0_2145399-4093426103-0&c3={idfahere}&c4={gaidhere}&c1=15730741871495687358262110617617222&acsc=151422164
  • https://francoistsjacqu.info/redirect?tid=760128&subid=0_2145399-4093426103-0&puid=wrmvv263137e3ljq1s6mb3fo
  • https://shireamentsp.info/TXJ?tag_id=760128&sub_id1=0_2145399-4093426103-0&sub_id2=4000381475088425821&cookie_id=584e1fa3-84bd-4076-aa71-b9228837a378&lp=black_normal&tb=redirect&allb=redirect&ob=re...
12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shireamentsp.info/TXJ?tag_id=760128&sub_id1=0_2145399-4093426103-0&sub_id2=4000381475088425821&cookie_id=584e1fa3-84bd-4076-aa71-b9228837a378&lp=black_normal&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Ffrancoistsjacqu.info%2F%3Ftid%3D761531%26noocp%3D1%26subid%3D0_2145399-4093426103-0&hop=7&geo=NL
Requested by
Host: www.dexchangeinc.com
URL: http://www.dexchangeinc.com/jump/next.php?r=2145399&sub1=16476
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.100 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6fc0d146a5d580273afdcac49836308eedc61ce9775d92b272ed7469ff01313d

Request headers

:method
GET
:authority
shireamentsp.info
:scheme
https
:path
/TXJ?tag_id=760128&sub_id1=0_2145399-4093426103-0&sub_id2=4000381475088425821&cookie_id=584e1fa3-84bd-4076-aa71-b9228837a378&lp=black_normal&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Ffrancoistsjacqu.info%2F%3Ftid%3D761531%26noocp%3D1%26subid%3D0_2145399-4093426103-0&hop=7&geo=NL
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status
200
date
Wed, 06 Nov 2019 21:03:08 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d6c145d3542648fb478eb9859c34944cc1573074188; expires=Thu, 05-Nov-20 21:03:08 GMT; path=/; domain=.shireamentsp.info; HttpOnly; Secure
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET, POST
access-control-allow-headers
X-Requested-With,content-type
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
531a032b2ab5d8fd-AMS
content-encoding
br

Redirect headers

status
302
date
Wed, 06 Nov 2019 21:03:07 GMT
content-type
text/plain
content-length
0
location
https://shireamentsp.info/TXJ?tag_id=760128&sub_id1=0_2145399-4093426103-0&sub_id2=4000381475088425821&cookie_id=584e1fa3-84bd-4076-aa71-b9228837a378&lp=black_normal&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Ffrancoistsjacqu.info%2F%3Ftid%3D761531%26noocp%3D1%26subid%3D0_2145399-4093426103-0&hop=7&geo=NL
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
csu=584e1fa3-84bd-4076-aa71-b9228837a378 fv=rjk6rHa6qdw5qGEFqjCHrdC9rjY6vdw=; Expires=Thu, 05 Nov 2020 21:03:07 GMT; Max-Age=31536000; Domain=.francoistsjacqu.info; Path=/; Version=1
dlp
shireamentsp.info/ 		60 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://shireamentsp.info/dlp?st=1&lp=black_normal&geo=NL
Requested by
Host: shireamentsp.info
URL: https://shireamentsp.info/TXJ?tag_id=760128&sub_id1=0_2145399-4093426103-0&sub_id2=4000381475088425821&cookie_id=584e1fa3-84bd-4076-aa71-b9228837a378&lp=black_normal&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Ffrancoistsjacqu.info%2F%3Ftid%3D761531%26noocp%3D1%26subid%3D0_2145399-4093426103-0&hop=7&geo=NL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.100 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ceb35a6160a53846dadb22f0d6f6f2cda7c5836433969493aba334a041407074

Request headers

Sec-Fetch-Mode
cors
Referer
https://shireamentsp.info/TXJ?tag_id=760128&sub_id1=0_2145399-4093426103-0&sub_id2=4000381475088425821&cookie_id=584e1fa3-84bd-4076-aa71-b9228837a378&lp=black_normal&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Ffrancoistsjacqu.info%2F%3Ftid%3D761531%26noocp%3D1%26subid%3D0_2145399-4093426103-0&hop=7&geo=NL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Wed, 06 Nov 2019 21:03:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
status
200
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cf-ray
531a032cd89bd8fd-AMS
access-control-allow-headers
X-Requested-With,content-type
css
fonts.googleapis.com/ 		12 KB
1006 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Exo:400,700|Open+Sans|Roboto|Roboto+Condensed:400,700
Requested by
Host: shireamentsp.info
URL: https://shireamentsp.info/TXJ?tag_id=760128&sub_id1=0_2145399-4093426103-0&sub_id2=4000381475088425821&cookie_id=584e1fa3-84bd-4076-aa71-b9228837a378&lp=black_normal&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Ffrancoistsjacqu.info%2F%3Ftid%3D761531%26noocp%3D1%26subid%3D0_2145399-4093426103-0&hop=7&geo=NL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://shireamentsp.info/TXJ?tag_id=760128&sub_id1=0_2145399-4093426103-0&sub_id2=4000381475088425821&cookie_id=584e1fa3-84bd-4076-aa71-b9228837a378&lp=black_normal&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Ffrancoistsjacqu.info%2F%3Ftid%3D761531%26noocp%3D1%26subid%3D0_2145399-4093426103-0&hop=7&geo=NL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 06 Nov 2019 21:03:08 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 06 Nov 2019 21:03:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Wed, 06 Nov 2019 21:03:08 GMT
next.php
www.performanceonclick.com/jump/
Redirect Chain
  • https://francoistsjacqu.info/?tid=761531&noocp=1&subid=0_2145399-4093426103-0
  • http://www.performanceonclick.com/jump/next.php?r=2220643&pub_clickid=6174970224414440029&sub1=761531
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.performanceonclick.com/jump/next.php?r=2220643&pub_clickid=6174970224414440029&sub1=761531
Requested by
Host: shireamentsp.info
URL: https://shireamentsp.info/TXJ?tag_id=760128&sub_id1=0_2145399-4093426103-0&sub_id2=4000381475088425821&cookie_id=584e1fa3-84bd-4076-aa71-b9228837a378&lp=black_normal&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Ffrancoistsjacqu.info%2F%3Ftid%3D761531%26noocp%3D1%26subid%3D0_2145399-4093426103-0&hop=7&geo=NL
Protocol
HTTP/1.1
Server
35.227.196.138 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
138.196.227.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
7e0a23399c60a64ef155afb53eacb5470836a94d6d782851fe29f317c3c4de94

Request headers

Host
www.performanceonclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
navigate

Response headers

Server
openresty
Date
Wed, 06 Nov 2019 21:03:09 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Referrer-Policy
no-referrer
Link
<//www.performanceonclick.com>; rel=dns-prefetch,<//www.performanceonclick.com>; rel=preconnect
Content-Encoding
gzip
Via
1.1 google

Redirect headers

status
302
date
Wed, 06 Nov 2019 21:03:09 GMT
content-type
text/plain
content-length
0
location
http://www.performanceonclick.com/jump/next.php?r=2220643&pub_clickid=6174970224414440029&sub1=761531
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
set-cookie
fv=rjk6rHa6qdw5qGEFqjCHrdC9rjY5vds=; Expires=Thu, 05 Nov 2020 21:03:09 GMT; Max-Age=31536000; Domain=.francoistsjacqu.info; Path=/; Version=1
green-up-arrow.png
cdn.pushnami.com/img/pushnami/opt-in/ 		691 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pushnami.com/img/pushnami/opt-in/green-up-arrow.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.54 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-54.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://shireamentsp.info/TXJ?tag_id=760128&sub_id1=0_2145399-4093426103-0&sub_id2=4000381475088425821&cookie_id=584e1fa3-84bd-4076-aa71-b9228837a378&lp=black_normal&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Ffrancoistsjacqu.info%2F%3Ftid%3D761531%26noocp%3D1%26subid%3D0_2145399-4093426103-0&hop=7&geo=NL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Wed, 06 Nov 2019 20:59:20 GMT
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
last-modified
Thu, 07 Sep 2017 12:49:01 GMT
server
AmazonS3
age
229
etag
"45f25dcc8ba07aa36ee530e9b2fedcb3"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
no-cache
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
691
x-amz-cf-id
FZajPDa58Qw-un-GNzwHLAnGTJOmShNUQCMIJbqq7S9uyZiuNMpmSg==
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Exo:400,700|Open+Sans|Roboto|Roboto+Condensed:400,700
Origin
https://shireamentsp.info
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 10:18:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
557105
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9132
x-xss-protection
0
expires
Fri, 30 Oct 2020 10:18:03 GMT
Cookie set /
install.convertmyvid.com/
Redirect Chain
  • http://www.performanceonclick.com/jump/next.php?stamat=m%7C%2C4YhJ2I2KqB1dwP0dEdHP3xP.8fb%2Ch1yEM128IxQMGOtYFzVKrtA_RtK5xFtso_iMM5TSY4yRaHaV_IAA8TjTmsvAtYQc&cbrandom=0.5943070001028459&cbtitle=&cbi...
  • https://tracking.prmtracking.com/click?pid=6&offer_id=2066425&sub1=15730741891495687358194317470833817&sub2=2220643-1230898725-0&sub3=Fresh24_10&acsc=179689364
  • https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae
Requested by
Host: www.performanceonclick.com
URL: http://www.performanceonclick.com/jump/next.php?r=2220643&pub_clickid=6174970224414440029&sub1=761531
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.80.30.142 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b0aada0c619ee2851c2b574038b0037aa1d0ff22bd40d18996474cda2c69e006
Security Headers
Name Value
Content-Security-Policy default-src 'self' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com maps.googleapis.com; img-src * data:; media-src 'self' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com maps.googleapis.com data:; connect-src 'self' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com *.fontawesome.com sqs.us-west-2.amazonaws.com *.notify-service.com; script-src 'self' 'nonce-pgican2qzz' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com *.google-analytics.com maps.googleapis.com code.jquery.com cdnjs.cloudflare.com script.crazyegg.com *.fontawesome.com d3owq2fdwtdp2j.cloudfront.net *.googlesyndication.com *.googletagmanager.com; style-src i3j3u3u9.ssl.hwcdn.net fonts.gstatic.com fonts.googleapis.com code.jquery.com *.fontawesome.com 'unsafe-inline'; font-src fonts.gstatic.com fonts.googleapis.com i3j3u3u9.ssl.hwcdn.net *.fontawesome.com; frame-src i3j3u3u9.ssl.hwcdn.net *.convertmyvid.com

Request headers

Host
install.convertmyvid.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Cache-Control
private
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
0
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
Request-Context
appId=cid-v1:c0cefd76-e557-4b17-af62-0702bbb01277
Access-Control-Expose-Headers
Request-Context
X-AspNetMvc-Version
5.2
Content-Security-Policy
default-src 'self' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com maps.googleapis.com; img-src * data:; media-src 'self' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com maps.googleapis.com data:; connect-src 'self' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com *.fontawesome.com sqs.us-west-2.amazonaws.com *.notify-service.com; script-src 'self' 'nonce-pgican2qzz' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com *.google-analytics.com maps.googleapis.com code.jquery.com cdnjs.cloudflare.com script.crazyegg.com *.fontawesome.com d3owq2fdwtdp2j.cloudfront.net *.googlesyndication.com *.googletagmanager.com; style-src i3j3u3u9.ssl.hwcdn.net fonts.gstatic.com fonts.googleapis.com code.jquery.com *.fontawesome.com 'unsafe-inline'; font-src fonts.gstatic.com fonts.googleapis.com i3j3u3u9.ssl.hwcdn.net *.fontawesome.com; frame-src i3j3u3u9.ssl.hwcdn.net *.convertmyvid.com
X-AspNet-Version
4.0.30319
Set-Cookie
uid=ea4e4830-dd2e-4d26-af61-c0c67ce3e45e; domain=.convertmyvid.com; expires=Sun, 06-Nov-2039 21:03:09 GMT; path=/
X-Powered-By
ASP.NET
Date
Wed, 06 Nov 2019 21:03:09 GMT
Content-Length
1544

Redirect headers

Server
nginx
Date
Wed, 06 Nov 2019 21:03:09 GMT
Content-Type
text/html; charset=utf-8
Content-Length
136
Connection
keep-alive
Location
https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae
Set-Cookie
afclick=5dc3350dc5fbfb00018bbfae; Expires=Thu, 05 Nov 2020 21:03:09 GMT
Primary Request /
install.convertmyvid.com/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
Requested by
Host: install.convertmyvid.com
URL: https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.80.30.142 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d2f692e2b41998973a0c20327eaf3ea6735bbc7d9e5442713e5b6673a1670f78
Security Headers
Name Value
Content-Security-Policy default-src 'self' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com maps.googleapis.com; img-src * data:; media-src 'self' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com maps.googleapis.com data:; connect-src 'self' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com *.fontawesome.com sqs.us-west-2.amazonaws.com *.notify-service.com; script-src 'self' 'nonce-pgican2qzz' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com *.google-analytics.com maps.googleapis.com code.jquery.com cdnjs.cloudflare.com script.crazyegg.com *.fontawesome.com d3owq2fdwtdp2j.cloudfront.net *.googlesyndication.com *.googletagmanager.com; style-src i3j3u3u9.ssl.hwcdn.net fonts.gstatic.com fonts.googleapis.com code.jquery.com *.fontawesome.com 'unsafe-inline'; font-src fonts.gstatic.com fonts.googleapis.com i3j3u3u9.ssl.hwcdn.net *.fontawesome.com; frame-src i3j3u3u9.ssl.hwcdn.net *.convertmyvid.com

Request headers

Host
install.convertmyvid.com
Connection
keep-alive
Content-Length
82
Pragma
no-cache
Cache-Control
no-cache
Origin
https://install.convertmyvid.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
same-origin
Referer
https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae
Accept-Encoding
gzip, deflate, br
Cookie
uid=ea4e4830-dd2e-4d26-af61-c0c67ce3e45e
Origin
https://install.convertmyvid.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae

Response headers

Cache-Control
private
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
0
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
Request-Context
appId=cid-v1:c0cefd76-e557-4b17-af62-0702bbb01277
Access-Control-Expose-Headers
Request-Context
X-AspNetMvc-Version
5.2
Content-Security-Policy
default-src 'self' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com maps.googleapis.com; img-src * data:; media-src 'self' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com maps.googleapis.com data:; connect-src 'self' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com *.fontawesome.com sqs.us-west-2.amazonaws.com *.notify-service.com; script-src 'self' 'nonce-pgican2qzz' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com *.google-analytics.com maps.googleapis.com code.jquery.com cdnjs.cloudflare.com script.crazyegg.com *.fontawesome.com d3owq2fdwtdp2j.cloudfront.net *.googlesyndication.com *.googletagmanager.com; style-src i3j3u3u9.ssl.hwcdn.net fonts.gstatic.com fonts.googleapis.com code.jquery.com *.fontawesome.com 'unsafe-inline'; font-src fonts.gstatic.com fonts.googleapis.com i3j3u3u9.ssl.hwcdn.net *.fontawesome.com; frame-src i3j3u3u9.ssl.hwcdn.net *.convertmyvid.com
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Wed, 06 Nov 2019 21:03:09 GMT
Content-Length
2566
css
fonts.googleapis.com/ 		2 KB
599 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: install.convertmyvid.com
URL: https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
3af0ae27f1791aea9da60e94e1cf03291881d516c6b62575a8b7a402b96d299c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 06 Nov 2019 21:03:09 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 06 Nov 2019 21:03:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Wed, 06 Nov 2019 21:03:09 GMT
user-action-elements.css
i3j3u3u9.ssl.hwcdn.net/common/styles/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i3j3u3u9.ssl.hwcdn.net/common/styles/user-action-elements.css?v=4.76
Requested by
Host: install.convertmyvid.com
URL: https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.154 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip154.ssl.hwcdn.net
Software
/
Resource Hash
3ba6ef6d8271e9d8e8f8f45ac8a39ce969f3115b7524ebed1d9b7407e6028ac2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Wed, 06 Nov 2019 21:03:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 Oct 2019 08:36:53 GMT
ETag
"1572511013"
X-HW
1573074190.dop102.fr8.t,1573074190.cds146.fr8.shn,1573074190.cds146.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3793
style.css
i3j3u3u9.ssl.hwcdn.net/pages/ConvertMyVid/resources/styles/m/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i3j3u3u9.ssl.hwcdn.net/pages/ConvertMyVid/resources/styles/m/style.css?v=5.33
Requested by
Host: install.convertmyvid.com
URL: https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.154 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip154.ssl.hwcdn.net
Software
/
Resource Hash
ba4a0910ef33f5d2c8ca10d39da47c68e6e165ad5d0b6a0440b78e29b2e5b043

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Wed, 06 Nov 2019 21:03:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Oct 2019 11:08:30 GMT
ETag
"1572433710"
X-HW
1573074190.dop102.fr8.t,1573074190.cds142.fr8.shn,1573074190.dop102.fr8.t,1573074190.cds133.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1417
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: install.convertmyvid.com
URL: https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300a::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Wed, 06 Nov 2019 21:03:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
2510366
status
200
alt-svc
h3-23=":443"; ma=86400
served-in-seconds
0.003
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:21:00 GMT
server
cloudflare
etag
W/"5afd497c-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
531a03377caae694-LHR
expires
Mon, 26 Oct 2020 21:03:09 GMT
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.1.3/ 		2 KB
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.1.3/js.cookie.min.js
Requested by
Host: install.convertmyvid.com
URL: https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300a::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Wed, 06 Nov 2019 21:03:09 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
2989983
status
200
alt-svc
h3-23=":443"; ma=86400
served-in-seconds
0.000
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:20:16 GMT
server
cloudflare
etag
W/"5afd4950-6d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
531a03377cace694-LHR
expires
Mon, 26 Oct 2020 21:03:09 GMT
main.0B731D2EBD143DAED5111A68CFFEF1B3.js
i3j3u3u9.ssl.hwcdn.net/pages/ConvertMyVid/resources/scripts/minified/ 		80 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i3j3u3u9.ssl.hwcdn.net/pages/ConvertMyVid/resources/scripts/minified/main.0B731D2EBD143DAED5111A68CFFEF1B3.js?v=1572433356
Requested by
Host: install.convertmyvid.com
URL: https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.154 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip154.ssl.hwcdn.net
Software
/
Resource Hash
547fc56338b75e86846a19c5c7e71a0eea19313d194f38e1073461ac80a4c849

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Wed, 06 Nov 2019 21:03:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Oct 2019 11:08:22 GMT
ETag
"1572433702"
X-HW
1573074190.dop056.fr8.t,1573074190.cds015.fr8.shn,1573074190.dop056.fr8.t,1573074190.cds143.fr8.c
Content-Type
application/unknown
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
18572
truncated
/ 		544 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5edc99996d04888432ff40494a8dd8c2b13f710f321d73ede1c8d29212a8503f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		173 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e32d99e816a42958b9473f470a2600963602981007576d85220044e6137965b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type
image/png
chrome-store-logo.png
i3j3u3u9.ssl.hwcdn.net/common/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3j3u3u9.ssl.hwcdn.net/common/images/chrome-store-logo.png
Requested by
Host: install.convertmyvid.com
URL: https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.154 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip154.ssl.hwcdn.net
Software
/
Resource Hash
e155a56cf73ff11bbbab7400f263c3dc311f81de1e42ac2e7240259d414733d2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://i3j3u3u9.ssl.hwcdn.net/pages/ConvertMyVid/resources/styles/m/style.css?v=5.33
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Wed, 06 Nov 2019 21:03:10 GMT
Last-Modified
Thu, 31 Oct 2019 08:36:51 GMT
ETag
"1572511011"
X-HW
1573074190.dop056.fr8.t,1573074190.cds015.fr8.shn,1573074190.dop056.fr8.t,1573074190.cds143.fr8.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
9171
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: install.convertmyvid.com
URL: https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans
Origin
https://install.convertmyvid.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 10:18:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
557107
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9132
x-xss-protection
0
expires
Fri, 30 Oct 2020 10:18:03 GMT
delay_page_explainer.html
i3j3u3u9.ssl.hwcdn.net/common/html/ Frame 01DC 		0
0
delay_finger_store_new.html
i3j3u3u9.ssl.hwcdn.net/common/html/ Frame 01DC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://i3j3u3u9.ssl.hwcdn.net/common/html/delay_finger_store_new.html
Requested by
Host: i3j3u3u9.ssl.hwcdn.net
URL: https://i3j3u3u9.ssl.hwcdn.net/pages/ConvertMyVid/resources/scripts/minified/main.0B731D2EBD143DAED5111A68CFFEF1B3.js?v=1572433356
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.154 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip154.ssl.hwcdn.net
Software
/
Resource Hash

Request headers

Host
i3j3u3u9.ssl.hwcdn.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1

Response headers

Date
Wed, 06 Nov 2019 21:03:10 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
ETag
"1569504333"
Cache-Control
max-age=31536000
Content-Length
4394
Content-Type
text/html
Last-Modified
Thu, 26 Sep 2019 13:25:33 GMT
X-HW
1573074190.dop102.fr8.t,1573074190.cds142.fr8.shn,1573074190.dop102.fr8.t,1573074190.cds148.fr8.c
Access-Control-Allow-Origin
*
log
install.convertmyvid.com/ 		6 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://install.convertmyvid.com/log
Requested by
Host: i3j3u3u9.ssl.hwcdn.net
URL: https://i3j3u3u9.ssl.hwcdn.net/pages/ConvertMyVid/resources/scripts/minified/main.0B731D2EBD143DAED5111A68CFFEF1B3.js?v=1572433356
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.80.30.142 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
18d10c7d2b4b04aaf04254d1ae5d655a5dc0407cbcdd5a8c3986e985370f36ee

Request headers

Sec-Fetch-Mode
cors
Referer
https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

Date
Wed, 06 Nov 2019 21:03:09 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://install.convertmyvid.com
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
6
Request-Context
appId=cid-v1:c0cefd76-e557-4b17-af62-0702bbb01277
log
install.convertmyvid.com/ 		6 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://install.convertmyvid.com/log
Requested by
Host: i3j3u3u9.ssl.hwcdn.net
URL: https://i3j3u3u9.ssl.hwcdn.net/pages/ConvertMyVid/resources/scripts/minified/main.0B731D2EBD143DAED5111A68CFFEF1B3.js?v=1572433356
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.80.30.142 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
18d10c7d2b4b04aaf04254d1ae5d655a5dc0407cbcdd5a8c3986e985370f36ee

Request headers

Sec-Fetch-Mode
cors
Referer
https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

Date
Wed, 06 Nov 2019 21:03:09 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://install.convertmyvid.com
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
6
Request-Context
appId=cid-v1:c0cefd76-e557-4b17-af62-0702bbb01277
log
install.convertmyvid.com/ 		6 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://install.convertmyvid.com/log
Requested by
Host: i3j3u3u9.ssl.hwcdn.net
URL: https://i3j3u3u9.ssl.hwcdn.net/pages/ConvertMyVid/resources/scripts/minified/main.0B731D2EBD143DAED5111A68CFFEF1B3.js?v=1572433356
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.80.30.142 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
18d10c7d2b4b04aaf04254d1ae5d655a5dc0407cbcdd5a8c3986e985370f36ee

Request headers

Sec-Fetch-Mode
cors
Referer
https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

Date
Wed, 06 Nov 2019 21:03:09 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://install.convertmyvid.com
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
6
Request-Context
appId=cid-v1:c0cefd76-e557-4b17-af62-0702bbb01277
interval.mp3
i3j3u3u9.ssl.hwcdn.net/common/sounds/ Frame B8E2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://i3j3u3u9.ssl.hwcdn.net/common/sounds/interval.mp3
Requested by
Host: i3j3u3u9.ssl.hwcdn.net
URL: https://i3j3u3u9.ssl.hwcdn.net/pages/ConvertMyVid/resources/scripts/minified/main.0B731D2EBD143DAED5111A68CFFEF1B3.js?v=1572433356
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.154 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip154.ssl.hwcdn.net
Software
/
Resource Hash

Request headers

Host
i3j3u3u9.ssl.hwcdn.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1

Response headers

Date
Wed, 06 Nov 2019 21:03:10 GMT
Connection
Keep-Alive
Accept-Ranges
bytes
ETag
"1569504333"
Cache-Control
max-age=31536000
Content-Length
3063
Content-Type
audio/mpeg
Last-Modified
Thu, 26 Sep 2019 13:25:33 GMT
X-HW
1573074190.dop102.fr8.t,1573074190.cds146.fr8.shn,1573074190.cds146.fr8.c
Access-Control-Allow-Origin
*
log
install.convertmyvid.com/ 		6 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://install.convertmyvid.com/log
Requested by
Host: i3j3u3u9.ssl.hwcdn.net
URL: https://i3j3u3u9.ssl.hwcdn.net/pages/ConvertMyVid/resources/scripts/minified/main.0B731D2EBD143DAED5111A68CFFEF1B3.js?v=1572433356
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.80.30.142 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
18d10c7d2b4b04aaf04254d1ae5d655a5dc0407cbcdd5a8c3986e985370f36ee

Request headers

Sec-Fetch-Mode
cors
Referer
https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

Date
Wed, 06 Nov 2019 21:03:09 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://install.convertmyvid.com
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
6
Request-Context
appId=cid-v1:c0cefd76-e557-4b17-af62-0702bbb01277
load-sound.mp3
i3j3u3u9.ssl.hwcdn.net/common/sounds/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://i3j3u3u9.ssl.hwcdn.net/common/sounds/load-sound.mp3
Requested by
Host: install.convertmyvid.com
URL: https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.154 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip154.ssl.hwcdn.net
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 06 Nov 2019 21:03:10 GMT
Last-Modified
Wed, 15 May 2019 15:13:50 GMT
Access-Control-Allow-Origin
*
ETag
"1557933230"
X-HW
1573074190.dop056.fr8.t,1573074190.cds015.fr8.shn,1573074190.dop056.fr8.t,1573074190.cds069.fr8.c
Content-Type
audio/mpeg
Content-Range
bytes 0-67845/67846
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
67846
log
install.convertmyvid.com/ 		6 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://install.convertmyvid.com/log
Requested by
Host: i3j3u3u9.ssl.hwcdn.net
URL: https://i3j3u3u9.ssl.hwcdn.net/pages/ConvertMyVid/resources/scripts/minified/main.0B731D2EBD143DAED5111A68CFFEF1B3.js?v=1572433356
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.80.30.142 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
18d10c7d2b4b04aaf04254d1ae5d655a5dc0407cbcdd5a8c3986e985370f36ee

Request headers

Sec-Fetch-Mode
cors
Referer
https://install.convertmyvid.com/?pid=56536&subid=6_2220643-1230898725-0&clickid=5dc3350dc5fbfb00018bbfae&pgs=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

Date
Wed, 06 Nov 2019 21:03:10 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://install.convertmyvid.com
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
6
Request-Context
appId=cid-v1:c0cefd76-e557-4b17-af62-0702bbb01277

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
i3j3u3u9.ssl.hwcdn.net
URL
https://i3j3u3u9.ssl.hwcdn.net/common/html/delay_page_explainer.html

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| Cookies string| creativenumber string| extensionid string| xpiUrl string| safariUrl string| co string| ip string| currentBrowser string| pgSegment string| pgSTO string| pgSTT string| soDomain string| pgData boolean| opn string| psu string| fai string| _pfl object| conf boolean| initSound function| _typeof function| _possibleConstructorReturn function| _assertThisInitialized function| _getPrototypeOf function| _inherits function| _setPrototypeOf function| _classCallCheck function| _defineProperties function| _createClass function| Utils function| MouseDetector function| TestRunner function| Test function| UserAgentTest function| EnvironmentTest function| PluginsTest function| BindMethodTest function| StackTraceTest function| ViewPortTest function| RatioTest function| WebGLTest function| WebAudioTest function| WebSocketTest function| FileTest function| GB object| Base boolean| backPanelPage boolean| redirectFlow boolean| redirectIntermediary boolean| intermediaryPopup boolean| popTop boolean| hideNoInlineElements number| instructionWindowCloseDelay

1 Cookies

Domain/Path Name / Value
.convertmyvid.com/ Name: uid
Value: ea4e4830-dd2e-4d26-af61-c0c67ce3e45e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.pushnami.com
cdnjs.cloudflare.com
cening-setects.com
fonts.googleapis.com
fonts.gstatic.com
francoistsjacqu.info
i3j3u3u9.ssl.hwcdn.net
install.convertmyvid.com
rainwalker.website
shireamentsp.info
tracking.prmtracking.com
www.dexchangeinc.com
www.performanceonclick.com
i3j3u3u9.ssl.hwcdn.net
104.18.12.100
107.23.2.7
13.80.30.142
143.204.101.54
205.185.208.154
212.32.250.2
2606:4700:300a::6813:c797
2a00:1450:4001:818::2003
2a00:1450:4001:825::200a
35.201.117.228
35.227.196.138
52.59.161.204
95.211.24.232
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18d10c7d2b4b04aaf04254d1ae5d655a5dc0407cbcdd5a8c3986e985370f36ee
3af0ae27f1791aea9da60e94e1cf03291881d516c6b62575a8b7a402b96d299c
3ba6ef6d8271e9d8e8f8f45ac8a39ce969f3115b7524ebed1d9b7407e6028ac2
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
4b9c931120ab4b0ebc4e3869c7837f08038a1a1e6aa19e70a38bc312451231b6
547fc56338b75e86846a19c5c7e71a0eea19313d194f38e1073461ac80a4c849
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5edc99996d04888432ff40494a8dd8c2b13f710f321d73ede1c8d29212a8503f
6fc0d146a5d580273afdcac49836308eedc61ce9775d92b272ed7469ff01313d
7e0a23399c60a64ef155afb53eacb5470836a94d6d782851fe29f317c3c4de94
8e32d99e816a42958b9473f470a2600963602981007576d85220044e6137965b
b0aada0c619ee2851c2b574038b0037aa1d0ff22bd40d18996474cda2c69e006
ba4a0910ef33f5d2c8ca10d39da47c68e6e165ad5d0b6a0440b78e29b2e5b043
ceb35a6160a53846dadb22f0d6f6f2cda7c5836433969493aba334a041407074
d2f692e2b41998973a0c20327eaf3ea6735bbc7d9e5442713e5b6673a1670f78
da5f3cc9800472d3497b82176abd83e8da3cf95bac717465af8ed8796c1ad083
e155a56cf73ff11bbbab7400f263c3dc311f81de1e42ac2e7240259d414733d2