t.pdfama.com Open in urlscan Pro
167.114.158.100 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://t.pdfama.com/campaigns/mh503psow7ac8/web-version/cc671n1ln06cd
Submission: On July 20 via api (July 20th 2021, 4:34:31 am UTC) from BE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 4 countries across 5 domains to perform 12 HTTP transactions. The main IP is 167.114.158.100, located in Montreal, Canada and belongs to OVH, FR. The main domain is t.pdfama.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 26th 2021. Valid for: 3 months.

This is the only time t.pdfama.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	167.114.158.100 167.114.158.100	16276 (OVH) (OVH)
1	185.15.20.111 185.15.20.111	24768 (ALMOUROLTEC) (ALMOUROLTEC)
9 9	87.98.137.227 87.98.137.227	16276 (OVH) (OVH)
8	192.229.220.129 192.229.220.129	15133 (EDGECAST) (EDGECAST)
1	95.131.136.1 95.131.136.1	47841 (OXALIDE) (OXALIDE)
12	4

2 167.114.158.100 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns513757.ip-167-114-158.net

t.pdfama.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.magsend.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.15.20.111 (Braga, Portugal)

ASN24768 (ALMOUROLTEC, PT)
PTR: fernando.oxy.agency

www.portaldafama.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 87.98.137.227 (France) 9 redirects

ASN16276 (OVH, FR)
PTR: reverse.hfvseixc.net

i.hfvseixc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.hfvseixc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.229.220.129 (United States)

ASN15133 (EDGECAST, US)

img.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.131.136.1 (France)

ASN47841 (OXALIDE, FR)
PTR: front.netaffiliation.net

action.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	metaffiliation.com img.metaffiliation.com action.metaffiliation.com	239 KB
9	hfvseixc.net 9 redirects i.hfvseixc.net t.hfvseixc.net	2 KB
1	magsend.net www.magsend.net	526 B
1	portaldafama.pt www.portaldafama.pt	6 KB
1	pdfama.com t.pdfama.com	23 KB
12	5

	Domain	Requested by
8	img.metaffiliation.com	t.pdfama.com
8	i.hfvseixc.net	8 redirects
1	www.magsend.net	t.pdfama.com
1	action.metaffiliation.com	t.pdfama.com
1	t.hfvseixc.net	1 redirects
1	www.portaldafama.pt	t.pdfama.com
1	t.pdfama.com
12	7

This site contains no links.

Subject Issuer	Validity	Valid
t.pdfama.com cPanel, Inc. Certification Authority	`2021-05-26` - `2021-08-24`	3 months	crt.sh
portaldafama.pt R3	`2021-06-30` - `2021-09-28`	3 months	crt.sh
img.metaffiliation.com Gandi Standard SSL CA 2	`2020-12-09` - `2022-01-02`	a year	crt.sh
*.metaffiliation.com Gandi Standard SSL CA 2	`2021-03-08` - `2022-03-20`	a year	crt.sh
magsend.net cPanel, Inc. Certification Authority	`2021-05-26` - `2021-08-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://t.pdfama.com/campaigns/mh503psow7ac8/web-version/cc671n1ln06cd
Frame ID: F894B4550EA3D607E2F8791CBD79DB6C
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

4
IPs

4
Countries

268 kB
Transfer

277 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://i.hfvseixc.net/2/65639/mail_87_21_1_1.png HTTP 302
https://img.metaffiliation.com/2/65639/mail_87_21_1_1.png

Request Chain 2

https://i.hfvseixc.net/2/65639/mail_87_21_1_2.jpg HTTP 302
https://img.metaffiliation.com/2/65639/mail_87_21_1_2.jpg

Request Chain 3

https://i.hfvseixc.net/2/65639/mail_87_21_1_3.png HTTP 302
https://img.metaffiliation.com/2/65639/mail_87_21_1_3.png

Request Chain 4

https://i.hfvseixc.net/2/65639/mail_87_21_1_4.png HTTP 302
https://img.metaffiliation.com/2/65639/mail_87_21_1_4.png

Request Chain 5

https://i.hfvseixc.net/2/65639/mail_87_21_1_5.png HTTP 302
https://img.metaffiliation.com/2/65639/mail_87_21_1_5.png

Request Chain 6

https://i.hfvseixc.net/2/65639/mail_87_21_1_6.png HTTP 302
https://img.metaffiliation.com/2/65639/mail_87_21_1_6.png

Request Chain 7

https://i.hfvseixc.net/2/65639/mail_87_21_1_7.png HTTP 302
https://img.metaffiliation.com/2/65639/mail_87_21_1_7.png

Request Chain 8

https://i.hfvseixc.net/2/65639/mail_87_21_1_8.png HTTP 302
https://img.metaffiliation.com/2/65639/mail_87_21_1_8.png

Request Chain 9

https://t.hfvseixc.net/trk.php?taff=P510067573BDB25721&r=3291893&r={CACHEBUSTER}&altid={EMAIL} HTTP 302
https://action.metaffiliation.com/trk.php?taff=P510067573BDB25721&r=3291893&r={CACHEBUSTER}&altid={EMAIL}&__nadom=t.hfvseixc.net

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set cc671n1ln06cd Show response
t.pdfama.com/campaigns/mh503psow7ac8/web-version/ 22 KB
23 KB 624ms
219ms Document
text/html 167.114.158.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://t.pdfama.com/campaigns/mh503psow7ac8/web-version/cc671n1ln06cd

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

167.114.158.100 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns513757.ip-167-114-158.net

Software

Apache /

Resource Hash

a1987a27b238335aa41b1d7a08f18021faecd6f1522dc1bc03ac428a64d13b1f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Host: t.pdfama.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 04:34:15 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-XSS-Protection: 1; mode=block
Set-Cookie: mwsid=2e4e491ee09f564e617ccbc3db36692b; path=/; HttpOnly
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK portaldafama1.png
www.portaldafama.pt/wp-content/uploads/2020/02/ 6 KB
6 KB 296ms
92ms Image
image/png 185.15.20.111
ALMOUROLTEC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.portaldafama.pt/wp-content/uploads/2020/02/portaldafama1.png
Requested by: Host: t.pdfama.com
URL: https://t.pdfama.com/campaigns/mh503psow7ac8/web-version/cc671n1ln06cd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.20.111 Braga, Portugal, ASN24768 (ALMOUROLTEC, PT),
Reverse DNS: fernando.oxy.agency
Software: nginx /
Resource Hash: 5ce92bf00d7bf05e3094b228cbde086f11e73a5870e8bf70f3dfbe3e7f3523e3

Request headers

Referer: https://t.pdfama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 20 Jul 2021 04:34:16 GMT
Last-Modified: Wed, 26 Feb 2020 15:04:42 GMT
Server: nginx
ETag: "5e56890a-16a5"
Content-Type: image/png
Cache-Control: max-age=2592000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5797
Expires: Thu, 19 Aug 2021 04:34:16 GMT

GET
H2

200

mail_87_21_1_1.png
img.metaffiliation.com/2/65639/
Redirect Chain

https://i.hfvseixc.net/2/65639/mail_87_21_1_1.png
https://img.metaffiliation.com/2/65639/mail_87_21_1_1.png

5 KB
5 KB

171ms
96ms

Image
image/png

192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/2/65639/mail_87_21_1_1.png
Requested by: Host: t.pdfama.com
URL: https://t.pdfama.com/campaigns/mh503psow7ac8/web-version/cc671n1ln06cd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: f721c090e4f868effb3d6236f78ff209e8b9ad93a9fc8f3e3441beb122f13834

Request headers

Referer: https://t.pdfama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 04:34:16 GMT
content-encoding: gzip
last-modified: Tue, 06 Jul 2021 10:15:47 GMT
server: nginx
etag: W/"60e42d53-15f3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600

Redirect headers

Location: https://img.metaffiliation.com/2/65639/mail_87_21_1_1.png
Date: Tue, 20 Jul 2021 04:34:16 GMT
Server: nginx
Connection: keep-alive, close
Content-Length: 154
Content-Type: text/html

GET
H2

200

mail_87_21_1_2.jpg
img.metaffiliation.com/2/65639/
Redirect Chain

https://i.hfvseixc.net/2/65639/mail_87_21_1_2.jpg
https://img.metaffiliation.com/2/65639/mail_87_21_1_2.jpg

232 KB
221 KB

173ms
100ms

Image
image/jpeg

192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/2/65639/mail_87_21_1_2.jpg
Requested by: Host: t.pdfama.com
URL: https://t.pdfama.com/campaigns/mh503psow7ac8/web-version/cc671n1ln06cd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: ddc8f71285d48296f587eb35df289825d4a21cda64e6c186e6b9c250deb2ac58

Request headers

Referer: https://t.pdfama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 04:34:16 GMT
content-encoding: gzip
last-modified: Tue, 06 Jul 2021 10:15:47 GMT
server: nginx
etag: W/"60e42d53-3a026"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600

Redirect headers

Location: https://img.metaffiliation.com/2/65639/mail_87_21_1_2.jpg
Date: Tue, 20 Jul 2021 04:34:16 GMT
Server: nginx
Connection: keep-alive, close
Content-Length: 154
Content-Type: text/html

GET
H2

200

mail_87_21_1_3.png
img.metaffiliation.com/2/65639/
Redirect Chain

https://i.hfvseixc.net/2/65639/mail_87_21_1_3.png
https://img.metaffiliation.com/2/65639/mail_87_21_1_3.png

3 KB
3 KB

127ms
124ms

Image
image/png

192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/2/65639/mail_87_21_1_3.png
Requested by: Host: t.pdfama.com
URL: https://t.pdfama.com/campaigns/mh503psow7ac8/web-version/cc671n1ln06cd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: 186e89ffdbaace0c8fae1b0d76c457c9ebe00703af76dd36630f1e0663006321

Request headers

Referer: https://t.pdfama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 04:34:16 GMT
content-encoding: gzip
last-modified: Tue, 06 Jul 2021 10:15:47 GMT
server: nginx
etag: W/"60e42d53-c69"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600

Redirect headers

Location: https://img.metaffiliation.com/2/65639/mail_87_21_1_3.png
Date: Tue, 20 Jul 2021 04:34:16 GMT
Server: nginx
Connection: keep-alive, close
Content-Length: 154
Content-Type: text/html

GET
H2

200

mail_87_21_1_4.png
img.metaffiliation.com/2/65639/
Redirect Chain

https://i.hfvseixc.net/2/65639/mail_87_21_1_4.png
https://img.metaffiliation.com/2/65639/mail_87_21_1_4.png

3 KB
4 KB

95ms
95ms

Image
image/png

192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/2/65639/mail_87_21_1_4.png
Requested by: Host: t.pdfama.com
URL: https://t.pdfama.com/campaigns/mh503psow7ac8/web-version/cc671n1ln06cd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: 562388943a822e7c3801db59a782bee28a074799765fd8e902fca2d7b6b4f5b4

Request headers

Referer: https://t.pdfama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 04:34:16 GMT
content-encoding: gzip
last-modified: Tue, 06 Jul 2021 10:15:47 GMT
server: nginx
etag: W/"60e42d53-dd0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600

Redirect headers

Location: https://img.metaffiliation.com/2/65639/mail_87_21_1_4.png
Date: Tue, 20 Jul 2021 04:34:16 GMT
Server: nginx
Connection: keep-alive, close
Content-Length: 154
Content-Type: text/html

GET
H2

200

mail_87_21_1_5.png
img.metaffiliation.com/2/65639/
Redirect Chain

https://i.hfvseixc.net/2/65639/mail_87_21_1_5.png
https://img.metaffiliation.com/2/65639/mail_87_21_1_5.png

1 KB
962 B

114ms
114ms

Image
image/png

192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/2/65639/mail_87_21_1_5.png
Requested by: Host: t.pdfama.com
URL: https://t.pdfama.com/campaigns/mh503psow7ac8/web-version/cc671n1ln06cd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: ab557b5a3e7e578ee5f97723a7d2384c398dfd502f3cadd4301c454fcaada8d9

Request headers

Referer: https://t.pdfama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 04:34:16 GMT
content-encoding: gzip
last-modified: Tue, 06 Jul 2021 10:15:47 GMT
server: nginx
etag: W/"60e42d53-4c5"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600

Redirect headers

Location: https://img.metaffiliation.com/2/65639/mail_87_21_1_5.png
Date: Tue, 20 Jul 2021 04:34:16 GMT
Server: nginx
Connection: keep-alive, close
Content-Length: 154
Content-Type: text/html

GET
H2

200

mail_87_21_1_6.png
img.metaffiliation.com/2/65639/
Redirect Chain

https://i.hfvseixc.net/2/65639/mail_87_21_1_6.png
https://img.metaffiliation.com/2/65639/mail_87_21_1_6.png

1 KB
1 KB

94ms
94ms

Image
image/png

192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/2/65639/mail_87_21_1_6.png
Requested by: Host: t.pdfama.com
URL: https://t.pdfama.com/campaigns/mh503psow7ac8/web-version/cc671n1ln06cd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: 181157fdf257925506947cbb3f7d5b44943ce4ba94dbc0499e5550f1a52d11d5

Request headers

Referer: https://t.pdfama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 04:34:16 GMT
content-encoding: gzip
last-modified: Tue, 06 Jul 2021 10:15:47 GMT
server: nginx
etag: W/"60e42d53-596"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600

Redirect headers

Location: https://img.metaffiliation.com/2/65639/mail_87_21_1_6.png
Date: Tue, 20 Jul 2021 04:34:16 GMT
Server: nginx
Connection: keep-alive, close
Content-Length: 154
Content-Type: text/html

GET
H2

200

mail_87_21_1_7.png
img.metaffiliation.com/2/65639/
Redirect Chain

https://i.hfvseixc.net/2/65639/mail_87_21_1_7.png
https://img.metaffiliation.com/2/65639/mail_87_21_1_7.png

1 KB
1014 B

193ms
94ms

Image
image/png

192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/2/65639/mail_87_21_1_7.png
Requested by: Host: t.pdfama.com
URL: https://t.pdfama.com/campaigns/mh503psow7ac8/web-version/cc671n1ln06cd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: 4d467708076c67a9e4925ca608ae6e04531821de5e15c8c9c704a9348d0210fa

Request headers

Referer: https://t.pdfama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 04:34:16 GMT
content-encoding: gzip
last-modified: Tue, 06 Jul 2021 10:15:47 GMT
server: nginx
etag: W/"60e42d53-491"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600

Redirect headers

Location: https://img.metaffiliation.com/2/65639/mail_87_21_1_7.png
Date: Tue, 20 Jul 2021 04:34:16 GMT
Server: nginx
Connection: keep-alive, close
Content-Length: 154
Content-Type: text/html

GET
H2

200

mail_87_21_1_8.png
img.metaffiliation.com/2/65639/
Redirect Chain

https://i.hfvseixc.net/2/65639/mail_87_21_1_8.png
https://img.metaffiliation.com/2/65639/mail_87_21_1_8.png

1 KB
1 KB

175ms
100ms

Image
image/png

192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/2/65639/mail_87_21_1_8.png
Requested by: Host: t.pdfama.com
URL: https://t.pdfama.com/campaigns/mh503psow7ac8/web-version/cc671n1ln06cd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: 2e3b152972f6b0e27ef26fa44ff17a32b8f6260c9bb92288b990d6f5713bb35e

Request headers

Referer: https://t.pdfama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 04:34:16 GMT
content-encoding: gzip
last-modified: Tue, 06 Jul 2021 10:15:47 GMT
server: nginx
etag: W/"60e42d53-54a"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600

Redirect headers

Location: https://img.metaffiliation.com/2/65639/mail_87_21_1_8.png
Date: Tue, 20 Jul 2021 04:34:16 GMT
Server: nginx
Connection: keep-alive, close
Content-Length: 154
Content-Type: text/html

GET
H/1.1

200
OK

trk.php
action.metaffiliation.com/
Redirect Chain

https://t.hfvseixc.net/trk.php?taff=P510067573BDB25721&r=3291893&r={CACHEBUSTER}&altid={EMAIL}
https://action.metaffiliation.com/trk.php?taff=P510067573BDB25721&r=3291893&r={CACHEBUSTER}&altid={EMAIL}&__nadom=t.hfvseixc.net

43 B
2 KB

302ms
78ms

Image
image/gif

95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://action.metaffiliation.com/trk.php?taff=P510067573BDB25721&r=3291893&r={CACHEBUSTER}&altid={EMAIL}&__nadom=t.hfvseixc.net
Requested by: Host: t.pdfama.com
URL: https://t.pdfama.com/campaigns/mh503psow7ac8/web-version/cc671n1ln06cd
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.131.136.1 , France, ASN47841 (OXALIDE, FR),
Reverse DNS: front.netaffiliation.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://t.pdfama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 04:34:16 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.0089700222015381
Connection: close
Pragma: no-cache
X-TRK-PROC: 65639
Last-Modified: Tue, 20 Jul 2021 04:34:16 GMT
Server: nginx
X-TRK-DECISION: 7
Content-Type: image/gif
Access-Control-Allow-Origin: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
X-TRK-SRV: 9

Redirect headers

Location: https://action.metaffiliation.com/trk.php?taff=P510067573BDB25721&r=3291893&r={CACHEBUSTER}&altid={EMAIL}&__nadom=t.hfvseixc.net
Date: Tue, 20 Jul 2021 04:34:16 GMT
Server: nginx
Connection: keep-alive, close
Content-Length: 154
Content-Type: text/html

GET
H/1.1 200
OK cc671n1ln06cd
www.magsend.net/campaigns/mh503psow7ac8/track-opening/ 0
526 B 473ms
202ms Image
application/json 167.114.158.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.magsend.net/campaigns/mh503psow7ac8/track-opening/cc671n1ln06cd

Requested by

Host: t.pdfama.com
URL: https://t.pdfama.com/campaigns/mh503psow7ac8/web-version/cc671n1ln06cd

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

167.114.158.100 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns513757.ip-167-114-158.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.pdfama.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 04:34:16 GMT
Last-Modified: Tue, 20 Jul 2021 04:34:16 GMT
Server: Apache
P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=100
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			t.pdfama.com/	1969-12-31 23:59:59	Name: mwsid Value: 2e4e491ee09f564e617ccbc3db36692b

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

action.metaffiliation.com
i.hfvseixc.net
img.metaffiliation.com
t.hfvseixc.net
t.pdfama.com
www.magsend.net
www.portaldafama.pt
167.114.158.100
185.15.20.111
192.229.220.129
87.98.137.227
95.131.136.1
181157fdf257925506947cbb3f7d5b44943ce4ba94dbc0499e5550f1a52d11d5
186e89ffdbaace0c8fae1b0d76c457c9ebe00703af76dd36630f1e0663006321
2e3b152972f6b0e27ef26fa44ff17a32b8f6260c9bb92288b990d6f5713bb35e
4d467708076c67a9e4925ca608ae6e04531821de5e15c8c9c704a9348d0210fa
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
562388943a822e7c3801db59a782bee28a074799765fd8e902fca2d7b6b4f5b4
5ce92bf00d7bf05e3094b228cbde086f11e73a5870e8bf70f3dfbe3e7f3523e3
a1987a27b238335aa41b1d7a08f18021faecd6f1522dc1bc03ac428a64d13b1f
ab557b5a3e7e578ee5f97723a7d2384c398dfd502f3cadd4301c454fcaada8d9
ddc8f71285d48296f587eb35df289825d4a21cda64e6c186e6b9c250deb2ac58
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f721c090e4f868effb3d6236f78ff209e8b9ad93a9fc8f3e3441beb122f13834

t.pdfama.com Open in urlscan Pro 167.114.158.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

5 Domains

7 Subdomains

4 IPs

4 Countries

268 kBTransfer

277 kBSize

1 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

t.pdfama.com Open in urlscan Pro
167.114.158.100 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

4
IPs

4
Countries

268 kB
Transfer

277 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions