urlscan.io logo urlscan.io
SecurityTrails logo

mtzenhigqg.com Open in urlscan Pro
198.134.112.242  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://capitalonefactss.com/
Effective URL: https://mtzenhigqg.com/mg55d04t9w?key=5e8b8280638e71e3643e70cfb1a2c49c
Submission: On February 24 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 9 HTTP transactions. The main IP is 198.134.112.242, located in Garden City, United States and belongs to WEBAIR-INTERNET, US. The main domain is mtzenhigqg.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 12th 2020. Valid for: 3 months.
This is the only time mtzenhigqg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 103.224.182.242 133618 (TRELLIAN-...)
1 4 103.224.182.206 133618 (TRELLIAN-...)
1 2 116.202.81.140 24940 (HETZNER-AS)
2 3 198.143.165.219 32475 (SINGLEHOP...)
1 205.147.93.131 393676 (ZENEDGE)
1 2 35.168.149.183 14618 (AMAZON-AES)
1 198.134.112.242 27257 (WEBAIR-IN...)
9 7
1    103.224.182.242 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-242.above.com
capitalonefactss.com
4    103.224.182.206 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
bidr.trellian.com
2    116.202.81.140 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.140.81.202.116.clients.your-server.de
secure.clicktrkservices.com
secure.click2partner.com
3    198.143.165.219 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
click.amazingtechsavings.xyz
1    205.147.93.131 (United States)

ASN393676 (ZENEDGE, US)
minently.com
2    35.168.149.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-149-183.compute-1.amazonaws.com
getad.xyz
1    198.134.112.242 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)
mtzenhigqg.com
Domain Requested by
4 bidr.trellian.com 1 redirects bidr.trellian.com
3 click.amazingtechsavings.xyz 2 redirects
2 getad.xyz minently.com
1 mtzenhigqg.com getad.xyz
1 minently.com click.amazingtechsavings.xyz
1 secure.click2partner.com bidr.trellian.com
1 secure.clicktrkservices.com 1 redirects
1 capitalonefactss.com 1 redirects
9 8

This site contains links to these domains. Also see Links.

Domain
terraclicks.com
Subject Issuer Validity Valid
secure.click2partner.com
Let's Encrypt Authority X3		 2020-02-08 -
2020-05-08		 3 months crt.sh
click.amazingtechsavings.xyz
Let's Encrypt Authority X3		 2020-01-15 -
2020-04-14		 3 months crt.sh
minently.com
Let's Encrypt Authority X3		 2019-12-11 -
2020-03-10		 3 months crt.sh
mtzenhigqg.com
Let's Encrypt Authority X3		 2020-01-12 -
2020-04-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mtzenhigqg.com/mg55d04t9w?key=5e8b8280638e71e3643e70cfb1a2c49c
Frame ID: 0AD950C0713DF33E7EEDE5110BE9849D
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://capitalonefactss.com/ HTTP 302
    http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDMWm5vGj7gEfn23Id2PHju3%2BMUrblClqWsq%2FAwPJjb... Page URL
  2. http://bidr.trellian.com/r.php?u=https%3A%2F%2Fsecure.clicktrkservices.com%2Findex.php%3Fkey%3Dz6lzic... HTTP 302
    https://secure.clicktrkservices.com/index.php?key=z6lzicrucf3l6lfp558m&cpv=0.005&subid=770716189&sid=20200224234... HTTP 302
    https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campai... Page URL
  3. https://click.amazingtechsavings.xyz/?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2... HTTP 302
    https://click.amazingtechsavings.xyz/?utm_term=6796994442692657224&clickverify=1 Page URL
  4. https://click.amazingtechsavings.xyz/proc.php?19711090f9b497cbcc3d02ac3e3d841944328bc9 HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_... Page URL
  5. http://getad.xyz/go/216668/456926 Page URL
  6. http://getad.xyz/ad/ad?p=216668&w=456926&t=cd0bd57dfd0f57b9&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5... HTTP 303
    https://mtzenhigqg.com/mg55d04t9w?key=5e8b8280638e71e3643e70cfb1a2c49c Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Debian/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

9
Requests

44 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

7
IPs

3
Countries

10 kB
Transfer

17 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://capitalonefactss.com/ HTTP 302
    http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDMWm5vGj7gEfn23Id2PHju3%2BMUrblClqWsq%2FAwPJjbU3x9krWPzRkXCzGQs0DaFVzCNb8wO2tAhMwjZbO%2BzE78hvX7xmi1H4z1ZJHUUwRWMkRPlPKbtK7FMOYo7pNYNtqdKh0KG2SJTMjKc8qadrp2bytuTEoQEYMbJccrYiC%2FLTu9LdUfH5X9kdJ7oAiruzJ%2Bq819feV9tLLGI%2BsoTa%2Flv0dTDD3gftk1GtMFpi4%2Bj7ue3XajvJ8tLn928jBQSPZMXPXG2e3BYyNrnldUrS6jQwYs7VyLVDfWSwLDgk%2FLeWZCo%2B7UYweFXReobI5CzDRSyHWe%2FbyGMoxHTLh5PcvrnW0sFUm7TeHFH%2BzfofdBqpRRUUHxT6E4WCZc3pg0U1E2UPUk%2F19Qsp%2BqiYXml6Tzeo6cgySxZ%2BTrU31G7lPV3qYj%2FT354PpY3FC%2B5RIc%2FBxXuB8g536Z9dYRXr0jgYipwpj%2FZ2x83peSpJNrQRjtQgIMbRxeqib8pDSqnrguZclE7xH6lXjbkxaDhutr9IjeQY8gHVq6hcTFSHyWnDUurjKY9BRlh90FLb7f9ZYCuZVDDo8sil%2BqvecbpedZe6jxc1x0sB%2BasY4w7%2BoBOCyqhBZi4CpVZJR8LSFocHOCbhwVGGQen7MOLnI3M%2BCYKfE79JA7VArhGpZSatP%2FJdkm7csXQza5rI0VeGgD33y8RqLH1FCP4yX5yuzjOOoBMRGzFgbD%2FMMa%2BvOGGk%2ByqMPtJUjzaqWPKragvxqbcgkzZkBfCrEb8lm4RyWVKVCxB5Mr0I38MEVkWl%2BUEPQSlmfzwb2YsrFpuNngfjMKYUGXFRUtrK3EW0hOebZrYDo%2BgEaE%3D Page URL
  2. http://bidr.trellian.com/r.php?u=https%3A%2F%2Fsecure.clicktrkservices.com%2Findex.php%3Fkey%3Dz6lzicrucf3l6lfp558m%26cpv%3D0.005%26subid%3D770716189%26sid%3D20200224234948c0854f6e959de4614f&s=j HTTP 302
    https://secure.clicktrkservices.com/index.php?key=z6lzicrucf3l6lfp558m&cpv=0.005&subid=770716189&sid=20200224234948c0854f6e959de4614f HTTP 302
    https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=4a200irwfq515549&url_bnm_redirect=https://click.amazingtechsavings.xyz/ Page URL
  3. https://click.amazingtechsavings.xyz/?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=4a200irwfq515549 HTTP 302
    https://click.amazingtechsavings.xyz/?utm_term=6796994442692657224&clickverify=1 Page URL
  4. https://click.amazingtechsavings.xyz/proc.php?19711090f9b497cbcc3d02ac3e3d841944328bc9 HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6796994442692657224&ext1=240 Page URL
  5. http://getad.xyz/go/216668/456926 Page URL
  6. http://getad.xyz/ad/ad?p=216668&w=456926&t=cd0bd57dfd0f57b9&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5jb20lMkY=&vw=1600&vh=1200 HTTP 303
    https://mtzenhigqg.com/mg55d04t9w?key=5e8b8280638e71e3643e70cfb1a2c49c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://capitalonefactss.com/ HTTP 302
  • http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDMWm5vGj7gEfn23Id2PHju3%2BMUrblClqWsq%2FAwPJjbU3x9krWPzRkXCzGQs0DaFVzCNb8wO2tAhMwjZbO%2BzE78hvX7xmi1H4z1ZJHUUwRWMkRPlPKbtK7FMOYo7pNYNtqdKh0KG2SJTMjKc8qadrp2bytuTEoQEYMbJccrYiC%2FLTu9LdUfH5X9kdJ7oAiruzJ%2Bq819feV9tLLGI%2BsoTa%2Flv0dTDD3gftk1GtMFpi4%2Bj7ue3XajvJ8tLn928jBQSPZMXPXG2e3BYyNrnldUrS6jQwYs7VyLVDfWSwLDgk%2FLeWZCo%2B7UYweFXReobI5CzDRSyHWe%2FbyGMoxHTLh5PcvrnW0sFUm7TeHFH%2BzfofdBqpRRUUHxT6E4WCZc3pg0U1E2UPUk%2F19Qsp%2BqiYXml6Tzeo6cgySxZ%2BTrU31G7lPV3qYj%2FT354PpY3FC%2B5RIc%2FBxXuB8g536Z9dYRXr0jgYipwpj%2FZ2x83peSpJNrQRjtQgIMbRxeqib8pDSqnrguZclE7xH6lXjbkxaDhutr9IjeQY8gHVq6hcTFSHyWnDUurjKY9BRlh90FLb7f9ZYCuZVDDo8sil%2BqvecbpedZe6jxc1x0sB%2BasY4w7%2BoBOCyqhBZi4CpVZJR8LSFocHOCbhwVGGQen7MOLnI3M%2BCYKfE79JA7VArhGpZSatP%2FJdkm7csXQza5rI0VeGgD33y8RqLH1FCP4yX5yuzjOOoBMRGzFgbD%2FMMa%2BvOGGk%2ByqMPtJUjzaqWPKragvxqbcgkzZkBfCrEb8lm4RyWVKVCxB5Mr0I38MEVkWl%2BUEPQSlmfzwb2YsrFpuNngfjMKYUGXFRUtrK3EW0hOebZrYDo%2BgEaE%3D
Request Chain 3
  • http://bidr.trellian.com/r.php?u=https%3A%2F%2Fsecure.clicktrkservices.com%2Findex.php%3Fkey%3Dz6lzicrucf3l6lfp558m%26cpv%3D0.005%26subid%3D770716189%26sid%3D20200224234948c0854f6e959de4614f&s=j HTTP 302
  • https://secure.clicktrkservices.com/index.php?key=z6lzicrucf3l6lfp558m&cpv=0.005&subid=770716189&sid=20200224234948c0854f6e959de4614f HTTP 302
  • https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=4a200irwfq515549&url_bnm_redirect=https://click.amazingtechsavings.xyz/
Request Chain 4
  • https://click.amazingtechsavings.xyz/?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=4a200irwfq515549 HTTP 302
  • https://click.amazingtechsavings.xyz/?utm_term=6796994442692657224&clickverify=1
Request Chain 5
  • https://click.amazingtechsavings.xyz/proc.php?19711090f9b497cbcc3d02ac3e3d841944328bc9 HTTP 302
  • https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6796994442692657224&ext1=240

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set r2.php
bidr.trellian.com/
Redirect Chain
  • http://capitalonefactss.com/
  • http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDMWm5vGj7gEfn23Id2PHju3%2BMUrblClqWsq%2FAwPJjbU3x9krWPzRkXCzGQs0DaFVzCNb8wO2tAhMwjZbO%2BzE78hvX7xmi1H4z1ZJHUUwRWMkRPlPKbtK7FMOYo7pNYNtqdKh0KG2...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDMWm5vGj7gEfn23Id2PHju3%2BMUrblClqWsq%2FAwPJjbU3x9krWPzRkXCzGQs0DaFVzCNb8wO2tAhMwjZbO%2BzE78hvX7xmi1H4z1ZJHUUwRWMkRPlPKbtK7FMOYo7pNYNtqdKh0KG2SJTMjKc8qadrp2bytuTEoQEYMbJccrYiC%2FLTu9LdUfH5X9kdJ7oAiruzJ%2Bq819feV9tLLGI%2BsoTa%2Flv0dTDD3gftk1GtMFpi4%2Bj7ue3XajvJ8tLn928jBQSPZMXPXG2e3BYyNrnldUrS6jQwYs7VyLVDfWSwLDgk%2FLeWZCo%2B7UYweFXReobI5CzDRSyHWe%2FbyGMoxHTLh5PcvrnW0sFUm7TeHFH%2BzfofdBqpRRUUHxT6E4WCZc3pg0U1E2UPUk%2F19Qsp%2BqiYXml6Tzeo6cgySxZ%2BTrU31G7lPV3qYj%2FT354PpY3FC%2B5RIc%2FBxXuB8g536Z9dYRXr0jgYipwpj%2FZ2x83peSpJNrQRjtQgIMbRxeqib8pDSqnrguZclE7xH6lXjbkxaDhutr9IjeQY8gHVq6hcTFSHyWnDUurjKY9BRlh90FLb7f9ZYCuZVDDo8sil%2BqvecbpedZe6jxc1x0sB%2BasY4w7%2BoBOCyqhBZi4CpVZJR8LSFocHOCbhwVGGQen7MOLnI3M%2BCYKfE79JA7VArhGpZSatP%2FJdkm7csXQza5rI0VeGgD33y8RqLH1FCP4yX5yuzjOOoBMRGzFgbD%2FMMa%2BvOGGk%2ByqMPtJUjzaqWPKragvxqbcgkzZkBfCrEb8lm4RyWVKVCxB5Mr0I38MEVkWl%2BUEPQSlmfzwb2YsrFpuNngfjMKYUGXFRUtrK3EW0hOebZrYDo%2BgEaE%3D
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
676e2d707086b8a085eb1cfed8bfe4e8aa494b5c30694a90be396f13ae40907e

Request headers

Host
bidr.trellian.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Feb 2020 12:49:49 GMT
Server
Apache/2.4.25 (Debian)
Set-Cookie
__dsnsid=20200224234948c0854f6e959de4614f; expires=Tue, 23-Feb-2021 12:49:49 GMT; Max-Age=31536000; path=/; domain=bidr.trellian.com
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1247
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 24 Feb 2020 12:49:48 GMT
Server
Apache/2.4.25 (Debian)
Set-Cookie
__tad=1582548588.3503373; expires=Thu, 21-Feb-2030 12:49:48 GMT; Max-Age=315360000
Location
http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDMWm5vGj7gEfn23Id2PHju3%2BMUrblClqWsq%2FAwPJjbU3x9krWPzRkXCzGQs0DaFVzCNb8wO2tAhMwjZbO%2BzE78hvX7xmi1H4z1ZJHUUwRWMkRPlPKbtK7FMOYo7pNYNtqdKh0KG2SJTMjKc8qadrp2bytuTEoQEYMbJccrYiC%2FLTu9LdUfH5X9kdJ7oAiruzJ%2Bq819feV9tLLGI%2BsoTa%2Flv0dTDD3gftk1GtMFpi4%2Bj7ue3XajvJ8tLn928jBQSPZMXPXG2e3BYyNrnldUrS6jQwYs7VyLVDfWSwLDgk%2FLeWZCo%2B7UYweFXReobI5CzDRSyHWe%2FbyGMoxHTLh5PcvrnW0sFUm7TeHFH%2BzfofdBqpRRUUHxT6E4WCZc3pg0U1E2UPUk%2F19Qsp%2BqiYXml6Tzeo6cgySxZ%2BTrU31G7lPV3qYj%2FT354PpY3FC%2B5RIc%2FBxXuB8g536Z9dYRXr0jgYipwpj%2FZ2x83peSpJNrQRjtQgIMbRxeqib8pDSqnrguZclE7xH6lXjbkxaDhutr9IjeQY8gHVq6hcTFSHyWnDUurjKY9BRlh90FLb7f9ZYCuZVDDo8sil%2BqvecbpedZe6jxc1x0sB%2BasY4w7%2BoBOCyqhBZi4CpVZJR8LSFocHOCbhwVGGQen7MOLnI3M%2BCYKfE79JA7VArhGpZSatP%2FJdkm7csXQza5rI0VeGgD33y8RqLH1FCP4yX5yuzjOOoBMRGzFgbD%2FMMa%2BvOGGk%2ByqMPtJUjzaqWPKragvxqbcgkzZkBfCrEb8lm4RyWVKVCxB5Mr0I38MEVkWl%2BUEPQSlmfzwb2YsrFpuNngfjMKYUGXFRUtrK3EW0hOebZrYDo%2BgEaE%3D
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
jscheck.js
bidr.trellian.com/javascript/ 		858 B
701 B 		Script
General
Check archive.org
Download Go to
Full URL
http://bidr.trellian.com/javascript/jscheck.js
Requested by
Host: bidr.trellian.com
URL: http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDMWm5vGj7gEfn23Id2PHju3%2BMUrblClqWsq%2FAwPJjbU3x9krWPzRkXCzGQs0DaFVzCNb8wO2tAhMwjZbO%2BzE78hvX7xmi1H4z1ZJHUUwRWMkRPlPKbtK7FMOYo7pNYNtqdKh0KG2SJTMjKc8qadrp2bytuTEoQEYMbJccrYiC%2FLTu9LdUfH5X9kdJ7oAiruzJ%2Bq819feV9tLLGI%2BsoTa%2Flv0dTDD3gftk1GtMFpi4%2Bj7ue3XajvJ8tLn928jBQSPZMXPXG2e3BYyNrnldUrS6jQwYs7VyLVDfWSwLDgk%2FLeWZCo%2B7UYweFXReobI5CzDRSyHWe%2FbyGMoxHTLh5PcvrnW0sFUm7TeHFH%2BzfofdBqpRRUUHxT6E4WCZc3pg0U1E2UPUk%2F19Qsp%2BqiYXml6Tzeo6cgySxZ%2BTrU31G7lPV3qYj%2FT354PpY3FC%2B5RIc%2FBxXuB8g536Z9dYRXr0jgYipwpj%2FZ2x83peSpJNrQRjtQgIMbRxeqib8pDSqnrguZclE7xH6lXjbkxaDhutr9IjeQY8gHVq6hcTFSHyWnDUurjKY9BRlh90FLb7f9ZYCuZVDDo8sil%2BqvecbpedZe6jxc1x0sB%2BasY4w7%2BoBOCyqhBZi4CpVZJR8LSFocHOCbhwVGGQen7MOLnI3M%2BCYKfE79JA7VArhGpZSatP%2FJdkm7csXQza5rI0VeGgD33y8RqLH1FCP4yX5yuzjOOoBMRGzFgbD%2FMMa%2BvOGGk%2ByqMPtJUjzaqWPKragvxqbcgkzZkBfCrEb8lm4RyWVKVCxB5Mr0I38MEVkWl%2BUEPQSlmfzwb2YsrFpuNngfjMKYUGXFRUtrK3EW0hOebZrYDo%2BgEaE%3D
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
0766f527fcf931c99f93825401ea5d39f6cfe63b56bfd1050f9d1689a8266ab4

Request headers

Referer
http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDMWm5vGj7gEfn23Id2PHju3%2BMUrblClqWsq%2FAwPJjbU3x9krWPzRkXCzGQs0DaFVzCNb8wO2tAhMwjZbO%2BzE78hvX7xmi1H4z1ZJHUUwRWMkRPlPKbtK7FMOYo7pNYNtqdKh0KG2SJTMjKc8qadrp2bytuTEoQEYMbJccrYiC%2FLTu9LdUfH5X9kdJ7oAiruzJ%2Bq819feV9tLLGI%2BsoTa%2Flv0dTDD3gftk1GtMFpi4%2Bj7ue3XajvJ8tLn928jBQSPZMXPXG2e3BYyNrnldUrS6jQwYs7VyLVDfWSwLDgk%2FLeWZCo%2B7UYweFXReobI5CzDRSyHWe%2FbyGMoxHTLh5PcvrnW0sFUm7TeHFH%2BzfofdBqpRRUUHxT6E4WCZc3pg0U1E2UPUk%2F19Qsp%2BqiYXml6Tzeo6cgySxZ%2BTrU31G7lPV3qYj%2FT354PpY3FC%2B5RIc%2FBxXuB8g536Z9dYRXr0jgYipwpj%2FZ2x83peSpJNrQRjtQgIMbRxeqib8pDSqnrguZclE7xH6lXjbkxaDhutr9IjeQY8gHVq6hcTFSHyWnDUurjKY9BRlh90FLb7f9ZYCuZVDDo8sil%2BqvecbpedZe6jxc1x0sB%2BasY4w7%2BoBOCyqhBZi4CpVZJR8LSFocHOCbhwVGGQen7MOLnI3M%2BCYKfE79JA7VArhGpZSatP%2FJdkm7csXQza5rI0VeGgD33y8RqLH1FCP4yX5yuzjOOoBMRGzFgbD%2FMMa%2BvOGGk%2ByqMPtJUjzaqWPKragvxqbcgkzZkBfCrEb8lm4RyWVKVCxB5Mr0I38MEVkWl%2BUEPQSlmfzwb2YsrFpuNngfjMKYUGXFRUtrK3EW0hOebZrYDo%2BgEaE%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Feb 2020 12:49:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Dec 2018 05:53:30 GMT
Server
Apache/2.4.25 (Debian)
ETag
"35a-57cccd155b974-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
388
jscheck.php
bidr.trellian.com/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://bidr.trellian.com/jscheck.php?enc=cF8L0S4UvzZFbF2sJTBoT1VTMmg6BOmANld2hrOrv2tg8dAkOZQ8YOmQvKCZ3wKeP1MoEw6VdTLFgYXrqJHGCU%2FhTbjb2FPGl2nCOF9kxDqG9JWCcnTBsbM%2BU64mUY9p3%2BucHGR3tM9gnuQtxWIOdgFBdjpHpFQiPqH44tBzdktfYAb5F9jUHNiuy4iLGgB4WAuavnXHXNLRhkgQGCGPXEo6zyd8p8vZoEk1oMB%2BlQT%2FKJPg4kFTJp5nx7JAcEkIBoMFXaXBSYBvHLpgsGdJ%2BFylHtftaDUrnyTyPhSb71vbfLCASxUvnk6DmfWbBgEt4wLvlC7nCHxj02cFOPQrPllmdugaMLy73TjHM6GMTZ9BVX8NJ7nIkHEDIYriABu6VJpjQQ4hboAqtvTYFGFnFPx8pCubL7I5j4uJjU8OEQT0wpolOnem99PdnZI5euqpn6asKIMeM3V3RRaqtY4lLDVVkmqeRDG4NGVuE3nrQK76pKmOHOcboivvLqANpLn4IW0ZDaFLgW2LMkhxcl46x1GV%2FmAx4coNRGVWjM6tasEwCAllGOeZbtUsGZ%2FYkx3N3M8r7sRB4GodLyQQFzJBmsl7YXvhiGvR3oF1g4uPyUDIifo6c8sBu5E0f9ZlEOybLL4EFbIqNdISg63w6tAEnavh0oc%2FXhHeFJHJ%2FHCiVIyqRYrkErIvuLgdM96q0xIEsnMg93fPOE73D3Hnv9yfM%2FqaaJq%2FBxHB0fyjyBvFn8WhTspMj5o%2BarGNW1SKZn873NSf0JbNFrc09dwIhpvu1Au6MPxwcFwG3Vv%2BYnTl45SjOk52Gh27%2FDHViSZKS3nNaoNOPspOUHiouqOeFhORvehbREFbHViY6n3FTCncH6R77YnqwRKYgWXpqe8x%2Bo2gem7FyyIGBBU0s%2BeEryTgejYcFC1MeZeDY3f%2FeS8RqhRXSRofugmH1OxNcqVpa2D44g6oRuowc3lFaNPt%2FkKSnA%3D%3D&rand=0.7467032916318481
Requested by
Host: bidr.trellian.com
URL: http://bidr.trellian.com/javascript/jscheck.js
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Referer
http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDMWm5vGj7gEfn23Id2PHju3%2BMUrblClqWsq%2FAwPJjbU3x9krWPzRkXCzGQs0DaFVzCNb8wO2tAhMwjZbO%2BzE78hvX7xmi1H4z1ZJHUUwRWMkRPlPKbtK7FMOYo7pNYNtqdKh0KG2SJTMjKc8qadrp2bytuTEoQEYMbJccrYiC%2FLTu9LdUfH5X9kdJ7oAiruzJ%2Bq819feV9tLLGI%2BsoTa%2Flv0dTDD3gftk1GtMFpi4%2Bj7ue3XajvJ8tLn928jBQSPZMXPXG2e3BYyNrnldUrS6jQwYs7VyLVDfWSwLDgk%2FLeWZCo%2B7UYweFXReobI5CzDRSyHWe%2FbyGMoxHTLh5PcvrnW0sFUm7TeHFH%2BzfofdBqpRRUUHxT6E4WCZc3pg0U1E2UPUk%2F19Qsp%2BqiYXml6Tzeo6cgySxZ%2BTrU31G7lPV3qYj%2FT354PpY3FC%2B5RIc%2FBxXuB8g536Z9dYRXr0jgYipwpj%2FZ2x83peSpJNrQRjtQgIMbRxeqib8pDSqnrguZclE7xH6lXjbkxaDhutr9IjeQY8gHVq6hcTFSHyWnDUurjKY9BRlh90FLb7f9ZYCuZVDDo8sil%2BqvecbpedZe6jxc1x0sB%2BasY4w7%2BoBOCyqhBZi4CpVZJR8LSFocHOCbhwVGGQen7MOLnI3M%2BCYKfE79JA7VArhGpZSatP%2FJdkm7csXQza5rI0VeGgD33y8RqLH1FCP4yX5yuzjOOoBMRGzFgbD%2FMMa%2BvOGGk%2ByqMPtJUjzaqWPKragvxqbcgkzZkBfCrEb8lm4RyWVKVCxB5Mr0I38MEVkWl%2BUEPQSlmfzwb2YsrFpuNngfjMKYUGXFRUtrK3EW0hOebZrYDo%2BgEaE%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Feb 2020 12:49:49 GMT
Server
Apache/2.4.25 (Debian)
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
index.php
secure.click2partner.com/nlp/
Redirect Chain
  • http://bidr.trellian.com/r.php?u=https%3A%2F%2Fsecure.clicktrkservices.com%2Findex.php%3Fkey%3Dz6lzicrucf3l6lfp558m%26cpv%3D0.005%26subid%3D770716189%26sid%3D20200224234948c0854f6e959de4614f&s=j
  • https://secure.clicktrkservices.com/index.php?key=z6lzicrucf3l6lfp558m&cpv=0.005&subid=770716189&sid=20200224234948c0854f6e959de4614f
  • https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=4a200irwfq515549&url_bnm_redirect=https://click.amazingtechsavings.xyz/
179 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=4a200irwfq515549&url_bnm_redirect=https://click.amazingtechsavings.xyz/
Requested by
Host: bidr.trellian.com
URL: http://bidr.trellian.com/javascript/jscheck.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
116.202.81.140 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.140.81.202.116.clients.your-server.de
Software
nginx/1.16.1 /
Resource Hash
0ec57b164ad806e36f611ab4902993337db8afa4d393bcc12bbfac02e9484101
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
secure.click2partner.com
:scheme
https
:path
/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=4a200irwfq515549&url_bnm_redirect=https://click.amazingtechsavings.xyz/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDMWm5vGj7gEfn23Id2PHju3%2BMUrblClqWsq%2FAwPJjbU3x9krWPzRkXCzGQs0DaFVzCNb8wO2tAhMwjZbO%2BzE78hvX7xmi1H4z1ZJHUUwRWMkRPlPKbtK7FMOYo7pNYNtqdKh0KG2SJTMjKc8qadrp2bytuTEoQEYMbJccrYiC%2FLTu9LdUfH5X9kdJ7oAiruzJ%2Bq819feV9tLLGI%2BsoTa%2Flv0dTDD3gftk1GtMFpi4%2Bj7ue3XajvJ8tLn928jBQSPZMXPXG2e3BYyNrnldUrS6jQwYs7VyLVDfWSwLDgk%2FLeWZCo%2B7UYweFXReobI5CzDRSyHWe%2FbyGMoxHTLh5PcvrnW0sFUm7TeHFH%2BzfofdBqpRRUUHxT6E4WCZc3pg0U1E2UPUk%2F19Qsp%2BqiYXml6Tzeo6cgySxZ%2BTrU31G7lPV3qYj%2FT354PpY3FC%2B5RIc%2FBxXuB8g536Z9dYRXr0jgYipwpj%2FZ2x83peSpJNrQRjtQgIMbRxeqib8pDSqnrguZclE7xH6lXjbkxaDhutr9IjeQY8gHVq6hcTFSHyWnDUurjKY9BRlh90FLb7f9ZYCuZVDDo8sil%2BqvecbpedZe6jxc1x0sB%2BasY4w7%2BoBOCyqhBZi4CpVZJR8LSFocHOCbhwVGGQen7MOLnI3M%2BCYKfE79JA7VArhGpZSatP%2FJdkm7csXQza5rI0VeGgD33y8RqLH1FCP4yX5yuzjOOoBMRGzFgbD%2FMMa%2BvOGGk%2ByqMPtJUjzaqWPKragvxqbcgkzZkBfCrEb8lm4RyWVKVCxB5Mr0I38MEVkWl%2BUEPQSlmfzwb2YsrFpuNngfjMKYUGXFRUtrK3EW0hOebZrYDo%2BgEaE%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yDMWm5vGj7gEfn23Id2PHju3%2BMUrblClqWsq%2FAwPJjbU3x9krWPzRkXCzGQs0DaFVzCNb8wO2tAhMwjZbO%2BzE78hvX7xmi1H4z1ZJHUUwRWMkRPlPKbtK7FMOYo7pNYNtqdKh0KG2SJTMjKc8qadrp2bytuTEoQEYMbJccrYiC%2FLTu9LdUfH5X9kdJ7oAiruzJ%2Bq819feV9tLLGI%2BsoTa%2Flv0dTDD3gftk1GtMFpi4%2Bj7ue3XajvJ8tLn928jBQSPZMXPXG2e3BYyNrnldUrS6jQwYs7VyLVDfWSwLDgk%2FLeWZCo%2B7UYweFXReobI5CzDRSyHWe%2FbyGMoxHTLh5PcvrnW0sFUm7TeHFH%2BzfofdBqpRRUUHxT6E4WCZc3pg0U1E2UPUk%2F19Qsp%2BqiYXml6Tzeo6cgySxZ%2BTrU31G7lPV3qYj%2FT354PpY3FC%2B5RIc%2FBxXuB8g536Z9dYRXr0jgYipwpj%2FZ2x83peSpJNrQRjtQgIMbRxeqib8pDSqnrguZclE7xH6lXjbkxaDhutr9IjeQY8gHVq6hcTFSHyWnDUurjKY9BRlh90FLb7f9ZYCuZVDDo8sil%2BqvecbpedZe6jxc1x0sB%2BasY4w7%2BoBOCyqhBZi4CpVZJR8LSFocHOCbhwVGGQen7MOLnI3M%2BCYKfE79JA7VArhGpZSatP%2FJdkm7csXQza5rI0VeGgD33y8RqLH1FCP4yX5yuzjOOoBMRGzFgbD%2FMMa%2BvOGGk%2ByqMPtJUjzaqWPKragvxqbcgkzZkBfCrEb8lm4RyWVKVCxB5Mr0I38MEVkWl%2BUEPQSlmfzwb2YsrFpuNngfjMKYUGXFRUtrK3EW0hOebZrYDo%2BgEaE%3D

Response headers

status
200
server
nginx/1.16.1
date
Mon, 24 Feb 2020 12:49:50 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000
content-encoding
gzip

Redirect headers

status
302
server
nginx/1.16.1
date
Mon, 24 Feb 2020 12:49:50 GMT
content-type
text/html; charset=UTF-8
location
https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=4a200irwfq515549&url_bnm_redirect=https://click.amazingtechsavings.xyz/
set-cookie
uclick=irwfq515; expires=Tue, 25-Feb-2020 12:49:50 GMT; Max-Age=86400; path=/
strict-transport-security
max-age=31536000
/
click.amazingtechsavings.xyz/
Redirect Chain
  • https://click.amazingtechsavings.xyz/?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=4a200irwfq515549
  • https://click.amazingtechsavings.xyz/?utm_term=6796994442692657224&clickverify=1
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://click.amazingtechsavings.xyz/?utm_term=6796994442692657224&clickverify=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
8bfa8dc3fd411eb15f5a20beed2d7db35b391eff47def8c0370892fb6f07929c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
click.amazingtechsavings.xyz
:scheme
https
:path
/?utm_term=6796994442692657224&clickverify=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=4a200irwfq515549&url_bnm_redirect=https://click.amazingtechsavings.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
u=761f77dabcadbaa5403f4f65501d9f14
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=4a200irwfq515549&url_bnm_redirect=https://click.amazingtechsavings.xyz/

Response headers

status
200
server
nginx
date
Mon, 24 Feb 2020 12:49:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip

Redirect headers

status
302
server
nginx
date
Mon, 24 Feb 2020 12:49:51 GMT
content-type
text/html; charset=UTF-8
location
https://click.amazingtechsavings.xyz/?utm_term=6796994442692657224&clickverify=1
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=761f77dabcadbaa5403f4f65501d9f14; expires=Tue, 23-Feb-2021 12:49:51 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP
minently.com/RnSda/rDN3/ojdn/
Redirect Chain
  • https://click.amazingtechsavings.xyz/proc.php?19711090f9b497cbcc3d02ac3e3d841944328bc9
  • https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6796994442692657224&ext1=240
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6796994442692657224&ext1=240
Requested by
Host: click.amazingtechsavings.xyz
URL: https://click.amazingtechsavings.xyz/?utm_term=6796994442692657224&clickverify=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.147.93.131 , United States, ASN393676 (ZENEDGE, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
4e5685903f380eb9fe4414d035fa4732d0c958dcf438af974fd8d65f62770753
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

:method
GET
:authority
minently.com
:scheme
https
:path
/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6796994442692657224&ext1=240
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://click.amazingtechsavings.xyz/?utm_term=6796994442692657224&clickverify=1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://click.amazingtechsavings.xyz/?utm_term=6796994442692657224&clickverify=1#

Response headers

status
200
content-type
text/html;charset=utf-8
expires
Sat, 26 Jul 1997 05:00:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
date
Mon, 24 Feb 2020 12:49:51 GMT
content-encoding
gzip
vary
Accept-Encoding Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
x-cache-status
NOTCACHED
x-zen-fury
3715ec5f13c22e155506edf69c9dc4e10b722757
set-cookie
MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=60483c6d191edc693043965590d30831_1582548591.5561; domain=minently.com; path=/; expires=Thu, 21-Feb-2030 12:49:51 UTC; Secure x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1582548591.5589; domain=minently.com; path=/; expires=Thu, 21-Feb-2030 12:49:51 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3VEE0R2RMTlZIdnpEdmR6V0F3RjVZY2hpZW5zb3kvVGRQekZFODlHdzltSA%3D%3D; domain=minently.com; path=/; expires=Thu, 21-Feb-2030 12:49:51 UTC; Secure 60483c6d191edc693043965590d30831_1582548591.5561_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bDFxSmdQaVRNRkJMVEpDZ01Cclk0UElIdkt6dGhLZjhqdjJ3bjFPUWl5VUVqaGJEVVZTNnhGb0owem54OTFpRkJsWFpkTmJiSmdFeWlGbjhwYk9QSFVuM3o2U2xJT0hSalhFNmVxWHYvMDBrVmZudS9YNkxSdHJmVm5hQ3JJRUY4R2xqd0F4N05WYmppRms5SCtMVlM4cjZDZGJ2ZGZIS1VSVHZteFc1NVhDam5NS2JNR1Q0NEl3TjgzSTV2U2IrY1pRdXZ4MXhna0RybGtxclhTaFVGdXhSZUU5RVpGWkNUdFQxZjMwQzdjZkhVd1U0MnVJVXk0eTNVVU5DeFBrczF3UkRXU3djTGxvaXpHb0FOOExFeStKaXJUZVAwRmVrWDBlbk1QNUw0UUdGbzV3cGdVS2RyNFVzaU94NUkza2lpbXYrTWlySE85YVFBSjFQc21YaGhpektOeHBuVmxCWkNjV09KK2pMd2E4TDBtVHZSZGlvUWljaXFKN2J4ZWRZZ0pFb0ZzcW1oSUZSZkZhdXJXL1gwVEd5ZG5xVFJTU2hZMm9GV21QbUhLUllSZ2dLVjdqWnhaN1V1YWxCaExVQkNzTWpXOG40QjFPUUwweVdraU9iZnBialVWNHJ4c2JtSjlOc2dERWs3bS9oSjNNNVROY0ZlajMraUlpYmtVdW05N2FRZFFYbHljV2RhWW5GYmQ1Y3Q5YTlXbmJMcmE3a0Y0S09KcmV0MzhVU2VtQlR4aUxGVHYzMkNyMzdFL2tXa05tSjBZUE1IaDNsdGswR09iUXVkSHJoejc4REVFUTV6NzJpVjZrOXBVbmRKeFNGYTNrUFJzZG1LSFJ1V2R2dWhxOGJ0OWZUdWE5dnpCTGdPYmhUUWlPS1BRb3lsOHdSQUozMHRVYXArVllYWDdITGRTRmk5Rk82L2UwU2pVYkpOLzM3aWJnVGpJWUF0U3N0dy81MVRFUnR4T0o0TzNWNUNpb0MzdG1pT3VDWU1tQmxzWUtxSlJabTlvSFJ3S0E5aklSSTROTHhVOFEzRitEVEI1UmptdmQ3Y0E5S1psMzBwNmduc2NQTEN2eVhTNkViNW8wN2JtT2o0S3pyWFlEaXhFSnhFL21tdCtUaDNtWm1iaWowVGdOcm5XSTZWdHVPdXJteXpsbWZyNmFmbVhoSGhjM2o5QmxBZlpJeGpueS81OW8xeWk5UTJCV0V4UldZaG54Y0FCZ2xqQ1F4ZGhDZDV6NnlaTFNRMzNqUnZwV3Bsek8rTVM5L2tZVFJ2UWNUdkhUMDhzYlhYZ1lDdG9NcGQrbmplY0NjekJncjJ1YmtSeWsyalFNcDBsaw%3D%3D; domain=minently.com; path=/; expires=Thu, 21-Feb-2030 12:49:51 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=dFlGaXBYbHczQm44NjJ6bHJ0VS9pOTJid0UreXZ4OEVhcHZxdlpmbEVidy9UWGNOUEluRnpsVlBiSURZSVpCVGZiWHU0LzROOGJLdXRoSVpVdTd1RlpiMEhTbVp1Q0NoVzRwVW9oeElMZ289; domain=minently.com; path=/; expires=Mon, 24-Feb-2020 13:54:51 UTC; Secure SERVERID=sfc10; path=/
server
ZENEDGE
x-cdn
Served-By-Zenedge

Redirect headers

status
302
server
nginx
date
Mon, 24 Feb 2020 12:49:51 GMT
content-type
text/html; charset=UTF-8
location
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6796994442692657224&ext1=240
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
456926
getad.xyz/go/216668/ 		0
0
456926
getad.xyz/go/216668/ 		466 B
512 B 		Document
General
Check archive.org
Download Go to
Full URL
http://getad.xyz/go/216668/456926
Requested by
Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6796994442692657224&ext1=240
Protocol
HTTP/1.1
Server
35.168.149.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-149-183.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Host
getad.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
https://minently.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://minently.com/

Response headers

Date
Mon, 24 Feb 2020 12:49:52 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Vary
Accept-Encoding
Content-Encoding
gzip
Primary Request Cookie set mg55d04t9w
mtzenhigqg.com/
Redirect Chain
  • http://getad.xyz/ad/ad?p=216668&w=456926&t=cd0bd57dfd0f57b9&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5jb20lMkY=&vw=1600&vh=1200
  • https://mtzenhigqg.com/mg55d04t9w?key=5e8b8280638e71e3643e70cfb1a2c49c
103 B
515 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mtzenhigqg.com/mg55d04t9w?key=5e8b8280638e71e3643e70cfb1a2c49c
Requested by
Host: getad.xyz
URL: http://getad.xyz/go/216668/456926
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.112.242 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
ab030a8588ef9530d38a74d9e14b36ccdd792323af6352d4d5da9d19b9b95341
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Host
mtzenhigqg.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
http://getad.xyz/go/216668/456926
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://getad.xyz/go/216668/456926

Response headers

Server
nginx/1.17.6
Date
Mon, 24 Feb 2020 12:49:54 GMT
Content-Type
text/html
Content-Length
103
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
u_pl=14393656; expires=Tue, 25 Feb 2020 12:49:54 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=0; includeSubdomains

Redirect headers

Date
Mon, 24 Feb 2020 12:49:52 GMT
Content-Type
text/html; charset=utf-8
Content-Length
97
Connection
keep-alive
Server
nginx
Location
https://mtzenhigqg.com/mg55d04t9w?key=5e8b8280638e71e3643e70cfb1a2c49c

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
getad.xyz
URL
http://getad.xyz/go/216668/456926?

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

1 Cookies

Domain/Path Name / Value
mtzenhigqg.com/ Name: u_pl
Value: 14393656