lobby.ultimatepirates.gameforge.com Open in urlscan Pro
79.110.82.228 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://link.spinningintobutter.com/oc/08f964866d6a44fda8a283877b7b7846.asp
Effective URL:
https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903
Submission: On January 05 via api (January 5th 2020, 8:39:46 pm UTC) from BE

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 17 domains to perform 35 HTTP transactions. The main IP is 79.110.82.228, located in Germany and belongs to GAMEFORGE-AS, DE. The main domain is lobby.ultimatepirates.gameforge.com.
TLS certificate: Issued by Thawte TLS RSA CA G1 on September 18th 2019. Valid for: 2 years.

This is the only time lobby.ultimatepirates.gameforge.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	5.135.36.139 5.135.36.139	16276 (OVH) (OVH)
1 3	198.143.165.221 198.143.165.221	32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop LLC)
3	205.147.93.131 205.147.93.131	393676 (ZENEDGE) (ZENEDGE - Oracle Corporation)
2	31.170.100.126 31.170.100.126	201942 (SOLTIA) (SOLTIA)
1	188.40.16.23 188.40.16.23	24940 (HETZNER-AS) (HETZNER-AS)
3 6	99.198.108.196 99.198.108.196	32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop LLC)
1 1	94.23.206.47 94.23.206.47	16276 (OVH) (OVH)
1 1	137.74.217.110 137.74.217.110	16276 (OVH) (OVH)
4	205.147.93.132 205.147.93.132	393676 (ZENEDGE) (ZENEDGE - Oracle Corporation)
1 2	18.214.175.230 18.214.175.230	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	79.110.82.228 79.110.82.228	47195 (GAMEFORGE-AS) (GAMEFORGE-AS)
5	79.110.86.107 79.110.86.107	47195 (GAMEFORGE-AS) (GAMEFORGE-AS)
1	79.110.82.166 79.110.82.166	47195 (GAMEFORGE-AS) (GAMEFORGE-AS)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
35	14

2 5.135.36.139 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: mails1.spinningintobutter.com

link.spinningintobutter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.143.165.221 (Chicago, United States) 1 redirects

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: server04.com-2.mobi

links.securedark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.147.93.131 (United States)

ASN393676 (ZENEDGE - Oracle Corporation, US)

minently.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
legisted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.170.100.126 (Spain)

ASN201942 (SOLTIA, ES)

track.fungiers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.maguld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.40.16.23 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.23.16.40.188.clients.your-server.de

1d5e031adf1.traffic-c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.198.108.196 (Chicago, United States) 3 redirects

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: server04.com-2.mobi

mon.insertcoinage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
by.clickkmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.206.47 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3099792.ip-94-23-206.eu

go-rillatrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 137.74.217.110 (Spain) 1 redirects

ASN16276 (OVH, FR)
PTR: ip110.ip-137-74-217.eu

goobtain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 205.147.93.132 (United States)

ASN393676 (ZENEDGE - Oracle Corporation, US)

trafficsel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.214.175.230 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-214-175-230.compute-1.amazonaws.com

getad.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.110.82.228 (Germany)

ASN47195 (GAMEFORGE-AS, DE)

lobby.ultimatepirates.gameforge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 79.110.86.107 (Germany)

ASN47195 (GAMEFORGE-AS, DE)
PTR: s172.gfsrv.net

s3-static.geo.gfsrv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.110.82.166 (Germany)

ASN47195 (GAMEFORGE-AS, DE)

pixelzirkus.gameforge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	gfsrv.net s3-static.geo.gfsrv.net	827 KB
4	trafficsel.com trafficsel.com	11 KB
4	insertcoinage.com 1 redirects mon.insertcoinage.com	18 KB
3	facebook.com staticxx.facebook.com www.facebook.com	259 B
3	gameforge.com lobby.ultimatepirates.gameforge.com pixelzirkus.gameforge.com	4 KB
3	securedark.com 1 redirects links.securedark.com	4 KB
2	facebook.net connect.facebook.net	61 KB
2	getad.xyz getad.xyz Failed	780 B
2	clickkmobi.com by.clickkmobi.com Failed	652 B
2	minently.com minently.com	6 KB
2	spinningintobutter.com 1 redirects link.spinningintobutter.com	1 KB
1	legisted.com legisted.com	4 KB
1	go-rillatrack.com 1 redirects go-rillatrack.com	335 B
1	goobtain.com goobtain.com Failed	367 B
1	maguld.com track.maguld.com	453 B
1	traffic-c.com 1d5e031adf1.traffic-c.com	1 KB
1	fungiers.com track.fungiers.com Failed	432 B
35	17

	Domain	Requested by
5	s3-static.geo.gfsrv.net	lobby.ultimatepirates.gameforge.com pixelzirkus.gameforge.com
4	trafficsel.com	legisted.com trafficsel.com
4	mon.insertcoinage.com	1 redirects mon.insertcoinage.com
3	links.securedark.com	1 redirects link.spinningintobutter.com links.securedark.com
2	www.facebook.com	connect.facebook.net lobby.ultimatepirates.gameforge.com
2	connect.facebook.net	s3-static.geo.gfsrv.net connect.facebook.net
2	lobby.ultimatepirates.gameforge.com	getad.xyz lobby.ultimatepirates.gameforge.com
2	getad.xyz	trafficsel.com
2	by.clickkmobi.com	legisted.com trafficsel.com
2	minently.com	links.securedark.com mon.insertcoinage.com
2	link.spinningintobutter.com	1 redirects
1	staticxx.facebook.com	connect.facebook.net
1	pixelzirkus.gameforge.com	s3-static.geo.gfsrv.net
1	legisted.com	minently.com
1	go-rillatrack.com	1 redirects
1	goobtain.com	minently.com
1	track.maguld.com
1	1d5e031adf1.traffic-c.com
1	track.fungiers.com	minently.com
35	19

This site contains no links.

Subject Issuer	Validity	Valid
minently.com Let's Encrypt Authority X3	`2019-12-11` - `2020-03-10`	3 months	crt.sh
track.ethinner.com Let's Encrypt Authority X3	`2019-11-24` - `2020-02-22`	3 months	crt.sh
traffic-c.com Let's Encrypt Authority X3	`2020-01-03` - `2020-04-02`	3 months	crt.sh
mon.insertcoinage.com Let's Encrypt Authority X3	`2019-11-15` - `2020-02-13`	3 months	crt.sh
legisted.com Let's Encrypt Authority X3	`2019-12-11` - `2020-03-10`	3 months	crt.sh
*.ultimatepirates.gameforge.com Thawte TLS RSA CA G1	`2019-09-18` - `2021-09-17`	2 years	crt.sh
s3-static.geo.gfsrv.net Thawte TLS RSA CA G1	`2018-07-03` - `2020-07-02`	2 years	crt.sh
*.gameforge.com Thawte TLS RSA CA G1	`2019-10-15` - `2021-11-13`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-12-06` - `2020-03-05`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903
Frame ID: 17137F31A4793854633E32EA565F6B95
Requests: 34 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=45
Frame ID: 3C4977223473AFD032A5E3D3E2230443
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://link.spinningintobutter.com/oc/08f964866d6a44fda8a283877b7b7846.asp HTTP 302
http://link.spinningintobutter.com/c/unsubscribe?email=jacobs.dhondt%40gmail.com&list=spinningintobutter.com&lo... Page URL
http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72 Page URL
http://links.securedark.com/?utm_term=6778561216152339176&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
http://links.securedark.com/proc.php?399e3ad0ed7c500b1fd86f7f18a338498cd3a92b HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_... Page URL
https://track.fungiers.com/157851/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b... Page URL
https://1d5e031adf1.traffic-c.com/?p=5721&media_type=mainstream&click_id=M2020010520-cbfb2628ea8f600fff665b446... Page URL
https://track.maguld.com/desk/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/9ea06... Page URL
https://mon.insertcoinage.com/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M... Page URL
https://mon.insertcoinage.com/?utm_term=6778561224775827480&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
https://mon.insertcoinage.com/proc.php?72a837c4d660af23a95a7a3e5e8bd112c300ebb7 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_... Page URL
http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20BF030908... HTTP 302
https://goobtain.com/l.php?trf=m&p=custom_gorilla&d=5cb578f177d7d31f48112d9e&pid=5e12498598142934... HTTP 302
https://legisted.com/L3zqf/0nte/3H9O/hDMbZzgkxz_QSh_0_i4U5m3GUCPXPCAWGJTp_SKLj19rrjRMMTJYjw?1nI=M... Page URL
https://by.clickkmobi.com/?cid=lBE20BF03090c380000RS00DTS0YNHO04I4X3I07F504I4X00000000&utm_medium=6856... HTTP 302
http://trafficsel.com/recollect/lBE20BF03090c380000RS00DTS0YNHO04I4X3I07F504I4X00000000 Page URL
http://trafficsel.com/space/optical-carrier/5e12498688b185.84678215?cp=lBE20BF03090c380000RS00DTS0... Page URL
https://by.clickkmobi.com/?cid=lBE20BF030906b30000RS0037O0YNHO00UKCTD04EV00UKC00000000&utm_medium=6856... HTTP 302
http://trafficsel.com/recollect/lBE20BF030906b30000RS0037O0YNHO00UKCTD04EV00UKC00000000 Page URL
http://trafficsel.com/space/optical-carrier/5e1249878ce4c0.69677593?cp=lBE20BF030906b30000RS0037O0... Page URL
http://getad.xyz/go/216668/498903?nc=1 Page URL
http://getad.xyz/ad/ad?p=216668&w=498903&t=48da4c492448da28&r=aHR0cCUzQSUyRiUyRnRyYWZmaWNzZWw... HTTP 303
https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903 Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Page Statistics

35
Requests

63 %
HTTPS

13 %
IPv6

17
Domains

19
Subdomains

14
IPs

5
Countries

939 kB
Transfer

2655 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://link.spinningintobutter.com/oc/08f964866d6a44fda8a283877b7b7846.asp HTTP 302
http://link.spinningintobutter.com/c/unsubscribe?email=jacobs.dhondt%40gmail.com&list=spinningintobutter.com&locale=nl_BE&e=e:7eeiBlI2NrLTDkEkxhLQ-2Tf8di7XcI9hyHGB5v8x1E Page URL
http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72 Page URL
http://links.securedark.com/?utm_term=6778561216152339176&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e Page URL
http://links.securedark.com/proc.php?399e3ad0ed7c500b1fd86f7f18a338498cd3a92b HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6778561216152339176&ext1=2704 Page URL
https://track.fungiers.com/157851/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/lBE20BF030905ae0000RS002MZ0TPJ803DSR0606X403DSR00000000/ Page URL
https://1d5e031adf1.traffic-c.com/?p=5721&media_type=mainstream&click_id=M2020010520-cbfb2628ea8f600fff665b4469973515&pi=157851 Page URL
https://track.maguld.com/desk/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/9ea06be3-e75550ba-793a0195-5356-f1e8/?Subid=5721&externalid=5leetbwnl1grvvw9nv8is4ko8,14462133,5,5721 Page URL
https://mon.insertcoinage.com/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M2020010520-b528aa395c7dbcaa339d0283afd7fa81&kw1=5721 Page URL
https://mon.insertcoinage.com/?utm_term=6778561224775827480&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e Page URL
https://mon.insertcoinage.com/proc.php?72a837c4d660af23a95a7a3e5e8bd112c300ebb7 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6778561224775827480&ext1=976 Page URL
http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20BF030908ec0007PS002MZ0XHIX03DSR06077N03DSR00000000&source=157851&data1=NaCLa6dlJ3f43d3569du HTTP 302
https://goobtain.com/l.php?trf=m&p=custom_gorilla&d=5cb578f177d7d31f48112d9e&pid=5e12498598142934b57b1d9c&s=157851 HTTP 302
https://legisted.com/L3zqf/0nte/3H9O/hDMbZzgkxz_QSh_0_i4U5m3GUCPXPCAWGJTp_SKLj19rrjRMMTJYjw?1nI=Mainstream_New_WW&clickid=5e12498511b07a522e685e24 Page URL
https://by.clickkmobi.com/?cid=lBE20BF03090c380000RS00DTS0YNHO04I4X3I07F504I4X00000000&utm_medium=6856411e09f0fc6f4a0e21fab76b877f7226acc1&utm_campaign=main-agg&1=210129&2=a0sNMlW_75VgGJCv2AcJ HTTP 302
http://trafficsel.com/recollect/lBE20BF03090c380000RS00DTS0YNHO04I4X3I07F504I4X00000000 Page URL
http://trafficsel.com/space/optical-carrier/5e12498688b185.84678215?cp=lBE20BF03090c380000RS00DTS0YNHO04I4X3I07F504I4X00000000&ori=41x&ex=1&pbi=5e1249868df8f6.498468070 Page URL
https://by.clickkmobi.com/?cid=lBE20BF030906b30000RS0037O0YNHO00UKCTD04EV00UKC00000000&utm_medium=6856411e09f0fc6f4a0e21fab76b877f7226acc1&utm_campaign=main-agg&1=210129&2=a0sNMlW_75VgGJCv2AcJ&nc=1 HTTP 302
http://trafficsel.com/recollect/lBE20BF030906b30000RS0037O0YNHO00UKCTD04EV00UKC00000000 Page URL
http://trafficsel.com/space/optical-carrier/5e1249878ce4c0.69677593?cp=lBE20BF030906b30000RS0037O0YNHO00UKCTD04EV00UKC00000000&ori=41x&ex=1&pbi=5e1249878e4c51.312154480 Page URL
http://getad.xyz/go/216668/498903?nc=1 Page URL
http://getad.xyz/ad/ad?p=216668&w=498903&t=48da4c492448da28&r=aHR0cCUzQSUyRiUyRnRyYWZmaWNzZWwuY29tJTJG&vw=1600&vh=1200 HTTP 303
https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://link.spinningintobutter.com/oc/08f964866d6a44fda8a283877b7b7846.asp HTTP 302
http://link.spinningintobutter.com/c/unsubscribe?email=jacobs.dhondt%40gmail.com&list=spinningintobutter.com&locale=nl_BE&e=e:7eeiBlI2NrLTDkEkxhLQ-2Tf8di7XcI9hyHGB5v8x1E

Request Chain 3

http://links.securedark.com/proc.php?399e3ad0ed7c500b1fd86f7f18a338498cd3a92b HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6778561216152339176&ext1=2704

Request Chain 10

https://mon.insertcoinage.com/proc.php?72a837c4d660af23a95a7a3e5e8bd112c300ebb7 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6778561224775827480&ext1=976

Request Chain 12

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20BF030908ec0007PS002MZ0XHIX03DSR06077N03DSR00000000&source=157851&data1=NaCLa6dlJ3f43d3569du& HTTP 302
https://goobtain.com/l.php?trf=m&p=custom_gorilla&d=5cb578f177d7d31f48112d9e&pid=5e12498598142945b3310bfc&s=157851

Request Chain 13

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20BF030908ec0007PS002MZ0XHIX03DSR06077N03DSR00000000&source=157851&data1=NaCLa6dlJ3f43d3569du HTTP 302
https://goobtain.com/l.php?trf=m&p=custom_gorilla&d=5cb578f177d7d31f48112d9e&pid=5e12498598142934b57b1d9c&s=157851 HTTP 302
https://legisted.com/L3zqf/0nte/3H9O/hDMbZzgkxz_QSh_0_i4U5m3GUCPXPCAWGJTp_SKLj19rrjRMMTJYjw?1nI=Mainstream_New_WW&clickid=5e12498511b07a522e685e24

Request Chain 15

https://by.clickkmobi.com/?cid=lBE20BF03090c380000RS00DTS0YNHO04I4X3I07F504I4X00000000&utm_medium=6856411e09f0fc6f4a0e21fab76b877f7226acc1&utm_campaign=main-agg&1=210129&2=a0sNMlW_75VgGJCv2AcJ HTTP 302
http://trafficsel.com/recollect/lBE20BF03090c380000RS00DTS0YNHO04I4X3I07F504I4X00000000

Request Chain 18

https://by.clickkmobi.com/?cid=lBE20BF030906b30000RS0037O0YNHO00UKCTD04EV00UKC00000000&utm_medium=6856411e09f0fc6f4a0e21fab76b877f7226acc1&utm_campaign=main-agg&1=210129&2=a0sNMlW_75VgGJCv2AcJ&nc=1 HTTP 302
http://trafficsel.com/recollect/lBE20BF030906b30000RS0037O0YNHO00UKCTD04EV00UKC00000000

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

unsubscribe Show response
link.spinningintobutter.com/c/
Redirect Chain

http://link.spinningintobutter.com/oc/08f964866d6a44fda8a283877b7b7846.asp
http://link.spinningintobutter.com/c/unsubscribe?email=jacobs.dhondt%40gmail.com&list=spinningintobutter.com&locale=nl_BE&e=e:7eeiBlI2NrLTDkEkxhLQ-2Tf8di7XcI9hyHGB5v8x1E

830 B
823 B

179ms
178ms

Document
text/html

5.135.36.139
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://link.spinningintobutter.com/c/unsubscribe?email=jacobs.dhondt%40gmail.com&list=spinningintobutter.com&locale=nl_BE&e=e:7eeiBlI2NrLTDkEkxhLQ-2Tf8di7XcI9hyHGB5v8x1E

Protocol

HTTP/1.1

Server

5.135.36.139 , France, ASN16276 (OVH, FR),

Reverse DNS

mails1.spinningintobutter.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

7b0d8e70305e51c53ae6d21f58e399d48a5beaf40133545ddc714caddb92f571

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: link.spinningintobutter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Sun, 05 Jan 2020 20:39:29 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

Redirect headers

Server: nginx/1.10.3 (Ubuntu)
Date: Sun, 05 Jan 2020 20:39:29 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Location: http://link.spinningintobutter.com/c/unsubscribe?email=jacobs.dhondt%40gmail.com&list=spinningintobutter.com&locale=nl_BE&e=e:7eeiBlI2NrLTDkEkxhLQ-2Tf8di7XcI9hyHGB5v8x1E

GET
H/1.1 200
OK Cookie set / Show response
links.securedark.com/ 3 KB
2 KB 249ms
210ms Document
text/html 198.143.165.221
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72
Requested by: Host: link.spinningintobutter.com
URL: http://link.spinningintobutter.com/c/unsubscribe?email=jacobs.dhondt%40gmail.com&list=spinningintobutter.com&locale=nl_BE&e=e:7eeiBlI2NrLTDkEkxhLQ-2Tf8di7XcI9hyHGB5v8x1E
Protocol: HTTP/1.1
Server: 198.143.165.221 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/7.3.4
Resource Hash: 0564eac44731e58a8d91d949bc57f604756dd280f1b86d9d1c88e5e0d88693fc

Request headers

Host: links.securedark.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://link.spinningintobutter.com/c/unsubscribe?email=jacobs.dhondt%40gmail.com&list=spinningintobutter.com&locale=nl_BE&e=e:7eeiBlI2NrLTDkEkxhLQ-2Tf8di7XcI9hyHGB5v8x1E
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://link.spinningintobutter.com/c/unsubscribe?email=jacobs.dhondt%40gmail.com&list=spinningintobutter.com&locale=nl_BE&e=e:7eeiBlI2NrLTDkEkxhLQ-2Tf8di7XcI9hyHGB5v8x1E

Response headers

Server: nginx
Date: Sun, 05 Jan 2020 20:39:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.4
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: u=ae9f4b6310d8e8997a8ebf89b46cea1f; expires=Mon, 04-Jan-2021 20:39:31 GMT; Max-Age=31536000; path=/
Content-Encoding: gzip

GET
H/1.1 200
OK / Show response
links.securedark.com/ 5 KB
2 KB 127ms
126ms Document
text/html 198.143.165.221
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://links.securedark.com/?utm_term=6778561216152339176&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
Requested by: Host: links.securedark.com
URL: http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72
Protocol: HTTP/1.1
Server: 198.143.165.221 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/7.3.4
Resource Hash: c5d3f5a75a3971b9a097e00ddc56ff0b3128e368ae96c5f884b46474c7bcd0f8

Request headers

Host: links.securedark.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72
Accept-Encoding: gzip, deflate
Cookie: u=ae9f4b6310d8e8997a8ebf89b46cea1f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72

Response headers

Server: nginx
Date: Sun, 05 Jan 2020 20:39:32 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.4
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip

GET
H2

200

-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e Show response
minently.com/RnSda/rDN3/ojdn/
Redirect Chain

http://links.securedark.com/proc.php?399e3ad0ed7c500b1fd86f7f18a338498cd3a92b
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6778561216152339176&ext1=2704

6 KB
4 KB

94ms
54ms

Document
text/html

205.147.93.131
Oracle Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6778561216152339176&ext1=2704

Requested by

Host: links.securedark.com
URL: http://links.securedark.com/?utm_term=6778561216152339176&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.147.93.131 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),

Reverse DNS

Software

ZENEDGE /

Resource Hash

f9063e47663911254876970015c83d15270acd13b3bae137b9009d3d60dc6b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

:method: GET
:authority: minently.com
:scheme: https
:path: /RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6778561216152339176&ext1=2704
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://links.securedark.com/?utm_term=6778561216152339176&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://links.securedark.com/?utm_term=6778561216152339176&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e

Response headers

status: 200
content-type: text/html;charset=utf-8
expires: Sat, 26 Jul 1997 05:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
date: Sun, 05 Jan 2020 20:39:32 GMT
content-encoding: gzip
vary: Accept-Encoding Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
x-cache-status: NOTCACHED
x-zen-fury: 8b68720504d6e5cfa41c41f99e5444c428727b0d
set-cookie: MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=33b2d176d55255380ef8ff68a8107791_1578256772.2671; domain=minently.com; path=/; expires=Wed, 02-Jan-2030 20:39:32 UTC; Secure x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1578256772.2706; domain=minently.com; path=/; expires=Wed, 02-Jan-2030 20:39:32 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3UTBHeEo4RG5oV3JmMGdncm12Um4xWWlUWTR5RWVUV3VkSjI1NEN0T040WQ%3D%3D; domain=minently.com; path=/; expires=Wed, 02-Jan-2030 20:39:32 UTC; Secure 33b2d176d55255380ef8ff68a8107791_1578256772.2671_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bDFxSmdQaVRNRkJMVEpDZ01Cclk0UElIdkt6dGhLZjhqdjJ3bjFPUWl5VUVqaGJEVVZTNnhGb0owem54OTFpRklzbjBsN0J6eU52a3NUL21tVTV3NXcwR0NjV3ptY1dwZHVxdXpKaVhtZ0lhV0t5L0JrUEtoOHkzYmV2cmhmaytDcmhDenNwaUljTDg5Zlkvc1g1SVlaOUNIVjJOY1E2ZzRKblhYUS9XM3lDZlhvTmJOQVNOZE5Id2Q0SUJudVE4S0pHZEFJSmZQRUhmL2UrcEY4MmlKVnFJQzYzbHMrMFQ3d1Z6b3VwdHlMMEJ4YnBCUHdiV2Z0cnh1TFZTK3hYcWdqTVhpNjhGTjliODErUlhYbjJzbXBWVUZ6NUZIZkJQSWxuMXhrcFBGZEhiK0I1QnoxNVpQeCs1Z2o3eXNjYW1KNlMxa2NHNWxMaG12THNWaUJNWjZYaFJvWDl1QzNKdWtQQVFHZC95T2RSQ2ZaOU95RnJ5RnFGUTdNRVcwbkJRVm9NcDRSL1hrdEZ2UTYrb1g0WmU5R205Z0xRSkhVeXVwdy9sSFh6cUJPcTVuN3hudk96SkNUcFgrNGZhSnZLQlJMME91dU5MeS96VnVENE9mQVovNjBtd3RMT0RRY1pDL3J0WGZKWGVNdXFVWmcxVHhBenp6WnlKMjNuTUJIV3F1ZkxzWjhwb3RNMXJoQ0VKcGd3cjZtOEtidHlRRVd6Uis4ZGdjOU9VNkRSOVhleWpNdnE3Ymg0aHNWclY0N0ZINFBEQ0ZTNXBXWlNFN1djU2V6MjlzWVgwdk9renFsRGgrcE01dUszQ0xFQlNZMUxZVmU4cCtYTFp5TDJOYmt5WHFvNnBrcXpRODFhVW5IWTBIQ01GWTdNUDVxNFBpWFFNRC8xZkV4cWpkM09wbFZKbUlCQ2Y1UDdIc1lyeEl5RFRLOUI2ZFBLWFZ3My8yWms5d2pYdUc3V0ZGTDdWV2ZNSWMxb1lLSWpVOUZHS2VtVFIveDRoSmFCcHdDMVdKV0g0V3kxZVVFRjZicUFZVCswTkZwOVVXem4yTjR3MjE3USs1bkNSMmR3UUJtbDNYblVsYVBqQlF5bklSMmorMVk4T3J6QW1HZHh4QnV6Vk9hYWI3RE0xT1Z0VFhqVFhBb0t5YjE5ZXErbEJMZUgyMUhxSGhBd2IySEpqYkEvS3NmRVhxcFhtZTFnL2JScW9zNmtmcU1UaW4zcWRsL3NEd0R4TmtMUE94RVgzajB3; domain=minently.com; path=/; expires=Wed, 02-Jan-2030 20:39:32 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=ZUJYdG5FMEJla3RvUGM3U0F5ZWorTzlTQ3lxdnVpWHNqaSt2OUI0YnpkZ1VKVUxRWlJjNkx0ZG02VG05LzZUREtHSW1WeTRZbmNiZVFZRllPUmhwalFnSm9OV0ZEVnpLSGdNbHhVTWw0aXc9; domain=minently.com; path=/; expires=Sun, 05-Jan-2020 21:44:32 UTC; Secure SERVERID=sfc23; path=/
server: ZENEDGE
x-cdn: Served-By-Zenedge

Redirect headers

Server: nginx
Date: Sun, 05 Jan 2020 20:39:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6778561216152339176&ext1=2704

GET /
track.fungiers.com/157851/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/lBE20BF030905ae0000RS002MZ0TPJ803DSR0606X403DSR00000000/ 0
0

GET
H2 200 / Show response
track.fungiers.com/157851/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/lBE20BF030905ae0000RS002MZ0TPJ803DSR0606X403DSR00000000/ 216 B
432 B 163ms
124ms Document
text/html 31.170.100.126
SOLTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://track.fungiers.com/157851/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/lBE20BF030905ae0000RS002MZ0TPJ803DSR0606X403DSR00000000/
Requested by: Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6778561216152339176&ext1=2704
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.170.100.126 , Spain, ASN201942 (SOLTIA, ES),
Reverse DNS
Software: nginx /
Resource Hash: e8881a177a271312b86577931d47919c311b69e0ae378a8d561f5aa13d1803ee

Request headers

:method: GET
:authority: track.fungiers.com
:scheme: https
:path: /157851/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/lBE20BF030905ae0000RS002MZ0TPJ803DSR0606X403DSR00000000/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://minently.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://minently.com/

Response headers

status: 200
server: nginx
date: Sun, 05 Jan 2020 20:39:32 GMT
content-type: text/html; charset=UTF-8
content-length: 185
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: no-cache, private
content-encoding: gzip
x-device: desktop
accept-ranges: bytes
age: 0
tp-cache: MISS
vary: Accept-Encoding

GET
H2 200 / Show response
1d5e031adf1.traffic-c.com/ 1 KB
1 KB 117ms
52ms Document
text/html 188.40.16.23
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1d5e031adf1.traffic-c.com/?p=5721&media_type=mainstream&click_id=M2020010520-cbfb2628ea8f600fff665b4469973515&pi=157851
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.40.16.23 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.23.16.40.188.clients.your-server.de
Software: /
Resource Hash: 67877815b97b5f76212748e899d3bbc5e3e48d4c85d0de61874c81d471b4414f

Request headers

:method: GET
:authority: 1d5e031adf1.traffic-c.com
:scheme: https
:path: /?p=5721&media_type=mainstream&click_id=M2020010520-cbfb2628ea8f600fff665b4469973515&pi=157851
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Sun, 05 Jan 2020 20:39:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: traffic-back=ok; expires=Sun, 05-Jan-2020 20:40:02 GMT; Max-Age=30; path=/; domain=.traffic-c.com t-uuid=5leetbwnv1u4nrot21u00gcos; expires=Sat, 05-Jan-2030 20:39:32 GMT; Max-Age=315619200; path=/; domain=.traffic-c.com traffic-visited-offers=146950%7C1578256772%7C146950%7Cunspecified; expires=Mon, 06-Jan-2020 20:39:32 GMT; Max-Age=86400; path=/; domain=.traffic-c.com rts-trck=1; expires=Sun, 05-Jan-2020 20:49:32 GMT; Max-Age=600; path=/; domain=1d5e031adf1.traffic-c.com
last-modified: Sun, 5 Jan 2020 20:39:32 GMT
expires: Sun, 5 Jan 2020 20:39:32 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow
content-encoding: gzip

GET
H2 200 / Show response
track.maguld.com/desk/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/9ea06be3-e75550ba-793a0195-5356-f1e8/ 247 B
453 B 132ms
119ms Document
text/html 31.170.100.126
SOLTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://track.maguld.com/desk/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/9ea06be3-e75550ba-793a0195-5356-f1e8/?Subid=5721&externalid=5leetbwnl1grvvw9nv8is4ko8,14462133,5,5721
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.170.100.126 , Spain, ASN201942 (SOLTIA, ES),
Reverse DNS
Software: nginx /
Resource Hash: add0610f7e85f2086924a159aa74ca9c448cb94e8a950164448d901a49c31680

Request headers

:method: GET
:authority: track.maguld.com
:scheme: https
:path: /desk/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/9ea06be3-e75550ba-793a0195-5356-f1e8/?Subid=5721&externalid=5leetbwnl1grvvw9nv8is4ko8,14462133,5,5721
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://1d5e031adf1.traffic-c.com/?p=5721&media_type=mainstream&click_id=M2020010520-cbfb2628ea8f600fff665b4469973515&pi=157851
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://1d5e031adf1.traffic-c.com/?p=5721&media_type=mainstream&click_id=M2020010520-cbfb2628ea8f600fff665b4469973515&pi=157851

Response headers

status: 200
server: nginx
date: Sun, 05 Jan 2020 20:39:32 GMT
content-type: text/html; charset=UTF-8
content-length: 207
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: no-cache, private
content-encoding: gzip
x-device: desktop
accept-ranges: bytes
age: 0
tp-cache: MISS
vary: Accept-Encoding

GET
H2 200 / Show response
mon.insertcoinage.com/ 3 KB
2 KB 356ms
108ms Document
text/html 99.198.108.196
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mon.insertcoinage.com/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M2020010520-b528aa395c7dbcaa339d0283afd7fa81&kw1=5721

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.198.108.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

260c26ee36a373a0477bca2deaf7287b7ad45b21b341f2e60326fcad1a0f9639

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: mon.insertcoinage.com
:scheme: https
:path: /?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M2020010520-b528aa395c7dbcaa339d0283afd7fa81&kw1=5721
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
server: nginx
date: Sun, 05 Jan 2020 20:39:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: u=aa9702b988b6d6811294514e75afb9a1; expires=Mon, 04-Jan-2021 20:39:33 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H2 200 / Show response
mon.insertcoinage.com/ 14 KB
4 KB 125ms
125ms Document
text/html 99.198.108.196
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mon.insertcoinage.com/?utm_term=6778561224775827480&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e

Requested by

Host: mon.insertcoinage.com
URL: https://mon.insertcoinage.com/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M2020010520-b528aa395c7dbcaa339d0283afd7fa81&kw1=5721

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.198.108.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

8ddf7eed8d84d10c4145776ed8a3bd644dc01f0dc6d0cdbb17aac8d88b9a3eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: mon.insertcoinage.com
:scheme: https
:path: /?utm_term=6778561224775827480&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://mon.insertcoinage.com/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M2020010520-b528aa395c7dbcaa339d0283afd7fa81&kw1=5721
accept-encoding: gzip, deflate, br
cookie: u=aa9702b988b6d6811294514e75afb9a1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://mon.insertcoinage.com/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M2020010520-b528aa395c7dbcaa339d0283afd7fa81&kw1=5721

Response headers

status: 200
server: nginx
date: Sun, 05 Jan 2020 20:39:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H2

200

-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e Show response
minently.com/RnSda/rDN3/ojdn/
Redirect Chain

https://mon.insertcoinage.com/proc.php?72a837c4d660af23a95a7a3e5e8bd112c300ebb7
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6778561224775827480&ext1=976

6 KB
2 KB

77ms
77ms

Document
text/html

205.147.93.131
Oracle Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6778561224775827480&ext1=976

Requested by

Host: mon.insertcoinage.com
URL: https://mon.insertcoinage.com/?utm_term=6778561224775827480&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.147.93.131 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),

Reverse DNS

Software

ZENEDGE /

Resource Hash

41212ee2b68c18d4cb8aca698085811ba475ff69ba88def725794dff71d0fe35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

:method: GET
:authority: minently.com
:scheme: https
:path: /RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6778561224775827480&ext1=976
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://mon.insertcoinage.com/?utm_term=6778561224775827480&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
accept-encoding: gzip, deflate, br
cookie: MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=33b2d176d55255380ef8ff68a8107791_1578256772.2671; x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1578256772.2706; FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3UTBHeEo4RG5oV3JmMGdncm12Um4xWWlUWTR5RWVUV3VkSjI1NEN0T040WQ%3D%3D; 33b2d176d55255380ef8ff68a8107791_1578256772.2671_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bDFxSmdQaVRNRkJMVEpDZ01Cclk0UElIdkt6dGhLZjhqdjJ3bjFPUWl5VUVqaGJEVVZTNnhGb0owem54OTFpRklzbjBsN0J6eU52a3NUL21tVTV3NXcwR0NjV3ptY1dwZHVxdXpKaVhtZ0lhV0t5L0JrUEtoOHkzYmV2cmhmaytDcmhDenNwaUljTDg5Zlkvc1g1SVlaOUNIVjJOY1E2ZzRKblhYUS9XM3lDZlhvTmJOQVNOZE5Id2Q0SUJudVE4S0pHZEFJSmZQRUhmL2UrcEY4MmlKVnFJQzYzbHMrMFQ3d1Z6b3VwdHlMMEJ4YnBCUHdiV2Z0cnh1TFZTK3hYcWdqTVhpNjhGTjliODErUlhYbjJzbXBWVUZ6NUZIZkJQSWxuMXhrcFBGZEhiK0I1QnoxNVpQeCs1Z2o3eXNjYW1KNlMxa2NHNWxMaG12THNWaUJNWjZYaFJvWDl1QzNKdWtQQVFHZC95T2RSQ2ZaOU95RnJ5RnFGUTdNRVcwbkJRVm9NcDRSL1hrdEZ2UTYrb1g0WmU5R205Z0xRSkhVeXVwdy9sSFh6cUJPcTVuN3hudk96SkNUcFgrNGZhSnZLQlJMME91dU5MeS96VnVENE9mQVovNjBtd3RMT0RRY1pDL3J0WGZKWGVNdXFVWmcxVHhBenp6WnlKMjNuTUJIV3F1ZkxzWjhwb3RNMXJoQ0VKcGd3cjZtOEtidHlRRVd6Uis4ZGdjOU9VNkRSOVhleWpNdnE3Ymg0aHNWclY0N0ZINFBEQ0ZTNXBXWlNFN1djU2V6MjlzWVgwdk9renFsRGgrcE01dUszQ0xFQlNZMUxZVmU4cCtYTFp5TDJOYmt5WHFvNnBrcXpRODFhVW5IWTBIQ01GWTdNUDVxNFBpWFFNRC8xZkV4cWpkM09wbFZKbUlCQ2Y1UDdIc1lyeEl5RFRLOUI2ZFBLWFZ3My8yWms5d2pYdUc3V0ZGTDdWV2ZNSWMxb1lLSWpVOUZHS2VtVFIveDRoSmFCcHdDMVdKV0g0V3kxZVVFRjZicUFZVCswTkZwOVVXem4yTjR3MjE3USs1bkNSMmR3UUJtbDNYblVsYVBqQlF5bklSMmorMVk4T3J6QW1HZHh4QnV6Vk9hYWI3RE0xT1Z0VFhqVFhBb0t5YjE5ZXErbEJMZUgyMUhxSGhBd2IySEpqYkEvS3NmRVhxcFhtZTFnL2JScW9zNmtmcU1UaW4zcWRsL3NEd0R4TmtMUE94RVgzajB3; 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=ZUJYdG5FMEJla3RvUGM3U0F5ZWorTzlTQ3lxdnVpWHNqaSt2OUI0YnpkZ1VKVUxRWlJjNkx0ZG02VG05LzZUREtHSW1WeTRZbmNiZVFZRllPUmhwalFnSm9OV0ZEVnpLSGdNbHhVTWw0aXc9; SERVERID=sfc23
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://mon.insertcoinage.com/?utm_term=6778561224775827480&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e

Response headers

status: 200
content-type: text/html;charset=utf-8
expires: Sat, 26 Jul 1997 05:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
date: Sun, 05 Jan 2020 20:39:33 GMT
content-encoding: gzip
vary: Accept-Encoding Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
x-cache-status: NOTCACHED
x-zen-fury: 8b68720504d6e5cfa41c41f99e5444c428727b0d
set-cookie: x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1578256773.5231; domain=minently.com; path=/; expires=Wed, 02-Jan-2030 20:39:33 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3UTBHeEo4RG5oV3JmMGdncm12Um4xWVhWTUlpNkF2WWhIelFVQkMyL2tFNw%3D%3D; domain=minently.com; path=/; expires=Wed, 02-Jan-2030 20:39:33 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=ZUJYdG5FMEJla3RvUGM3U0F5ZWorTzlTQ3lxdnVpWHNqaSt2OUI0YnpkZ1VKVUxRWlJjNkx0ZG02VG05LzZUREtHSW1WeTRZbmNiZVFZRllPUmhwamNQRnI2SVRWNk9VNGZPYkZiUXhSaVVwcVRhb3dpM3p4Qkh5MU04QU04N0c1NXpkalhrbGFRQWFPTGtSR2ErSER3d1VhTWdJcDlqc01WWXdwQUtRZXo0PQ%3D%3D; domain=minently.com; path=/; expires=Sun, 05-Jan-2020 21:44:33 UTC; Secure
server: ZENEDGE
x-cdn: Served-By-Zenedge

Redirect headers

status: 302
server: nginx
date: Sun, 05 Jan 2020 20:39:33 GMT
content-type: text/html; charset=UTF-8
location: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6778561224775827480&ext1=976
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;

GET
H2 200 skip-button.jpg
mon.insertcoinage.com/20190821/ 12 KB
12 KB 107ms
106ms Image
image/jpeg 99.198.108.196
SingleHop LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mon.insertcoinage.com/20190821/skip-button.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.198.108.196 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://mon.insertcoinage.com/?utm_term=6778561224775827480&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 05 Jan 2020 20:39:33 GMT
last-modified: Wed, 21 Aug 2019 12:57:11 GMT
server: nginx
etag: "5d5d3fa7-2e32"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/jpeg
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 11826
expires: Mon, 06 Jan 2020 20:39:33 GMT

GET

l.php
goobtain.com/
Redirect Chain

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20BF030908ec0007PS002MZ0XHIX03DSR06077N03DSR00000000&source=157851&data1=NaCLa6dlJ3f43d3569du&
https://goobtain.com/l.php?trf=m&p=custom_gorilla&d=5cb578f177d7d31f48112d9e&pid=5e12498598142945b3310bfc&s=157851

0
0

GET
H2

200

hDMbZzgkxz_QSh_0_i4U5m3GUCPXPCAWGJTp_SKLj19rrjRMMTJYjw Show response
legisted.com/L3zqf/0nte/3H9O/
Redirect Chain

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20BF030908ec0007PS002MZ0XHIX03DSR06077N03DSR00000000&source=157851&data1=NaCLa6dlJ3f43d3569du
https://goobtain.com/l.php?trf=m&p=custom_gorilla&d=5cb578f177d7d31f48112d9e&pid=5e12498598142934b57b1d9c&s=157851
https://legisted.com/L3zqf/0nte/3H9O/hDMbZzgkxz_QSh_0_i4U5m3GUCPXPCAWGJTp_SKLj19rrjRMMTJYjw?1nI=Mainstream_New_WW&clickid=5e12498511b07a522e685e24

6 KB
4 KB

401ms
363ms

Document
text/html

205.147.93.131
Oracle Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://legisted.com/L3zqf/0nte/3H9O/hDMbZzgkxz_QSh_0_i4U5m3GUCPXPCAWGJTp_SKLj19rrjRMMTJYjw?1nI=Mainstream_New_WW&clickid=5e12498511b07a522e685e24

Requested by

Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6778561224775827480&ext1=976

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.147.93.131 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),

Reverse DNS

Software

ZENEDGE /

Resource Hash

e00d582b0853da7c258800618130f38634e2425b6770b2cdda3d5c1796484709

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

:method: GET
:authority: legisted.com
:scheme: https
:path: /L3zqf/0nte/3H9O/hDMbZzgkxz_QSh_0_i4U5m3GUCPXPCAWGJTp_SKLj19rrjRMMTJYjw?1nI=Mainstream_New_WW&clickid=5e12498511b07a522e685e24
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://minently.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://minently.com/

Response headers

status: 200
content-type: text/html;charset=utf-8
expires: Sat, 26 Jul 1997 05:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
date: Sun, 05 Jan 2020 20:39:34 GMT
content-encoding: gzip
vary: Accept-Encoding Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
x-cache-status: NOTCACHED
x-zen-fury: 8b68720504d6e5cfa41c41f99e5444c428727b0d
set-cookie: OIQ0Ri1dP9NO5f%2BS5IQFPcV70%2BmS4PP2ZW2BnpTt8Ag%3D=4a9c0111a212fad79ee0b7f4f835309e_1578256773.8299; domain=legisted.com; path=/; expires=Wed, 02-Jan-2030 20:39:33 UTC; Secure 1r3GkxqBm2VFeWdpd77Fb%2B9WV51s1GrdY9XVoqQ8xMU%3D=1578256773.8331; domain=legisted.com; path=/; expires=Wed, 02-Jan-2030 20:39:33 UTC; Secure JoLR23i4tz9BGnp53xpE%2F%2B01z7TFHV9rfLoXvHFAqbo%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3VzBqZ2FTelY1WUZRbHI2dS9xM0k3OVJMcUNLOTlnRlFOWGdBcFNqU0M0TQ%3D%3D; domain=legisted.com; path=/; expires=Wed, 02-Jan-2030 20:39:33 UTC; Secure 4a9c0111a212fad79ee0b7f4f835309e_1578256773.8299_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bDFxSmdQaVRNRkJMVEpDZ01Cclk0UElIdkt6dGhLZjhqdjJ3bjFPUWl5VUVqaGJEVVZTNnhGb0owem54OTFpRklzbjBsN0J6eU52a3NUL21tVTV3NXlNUnk4MG9vZGZkSUtOMGRkaVo2ZWhVTHloVkc3RWlyRHlxVkpFdUhXNjVRZkNUL2I2bzkxc0UrRjdpWTg4VEVBb3VneUR6ZnZxTGtxSHZCVzBra3A1WkVPNzdiMUM3dmNjbzFSVTBRN3pZenFZN0dwbWphdElOL29MQXZwKzRDd1pCeFJjV1NBTGFjaUNzVm5kTXYybDByT2NHcitqSTdkMzRqb3NHVGNlaXJYMHZaRmc3YmNFNmE3eFR5SFFQWGh5Wk9oMVdMdHJGVmd4YTRyMkZkZUQ0NVg4aGpKLzNyZ0hsT2dQRDZSOHpNODk2cE5pR1MrcXZ2cTAyRmFDN3VUaEJzOWdtUkdwc1B2TXVUczhocTM0K2NiMkhFZDBGOE1NYjQzWHV3QStjcGtsWWdJeVV0ZG83MWdhQlZEWlRhSUU4YlRNNWZwUEs4emd1Z2lCSE0zTXdOME1mV1R3VkIrT0hVbzBHQnNFdGp0NzNoak1oR1cvaDgxWnlsajJ3aVZISU5mNGkwcHVTeEMxaGhrMzFGNGFFOWh1ZXM5czgreFY1Q2RCWG1MdWJrN20xakozY1ZNNXczWTliaE1TeldRK24rRXNMcDZZL1kxS3k2dWpDOGdKZm84K1dwMEYxWmhDblF1dE9zYmNlUmZWTHdrcHlndkIwNTBTRHhaVG53d01IWFpVMzdaMisxVHNmTG1ubXpOVkJpanVPSExMUUZ5YXBBNVFjTzF2cFlQd3BadDlHNlJlTVVhRWhWQlNKcDFvTXZOMHNhM09iVzFxT0NrZEtlSjJoUktxM2hnOEcrWFE1ZjZ6c0NvUVRGdENEbWhUUFFDOW1PcGNRZ2E2OE9CK1FZcGZHWU5DeTJRSnYrankwQ0l3QnpweEV0OXNQdk8wSVJoNUxCamVIZ1o5QmNybkR6eXR1WFRNZVB2YWhCNldpV1dGeW1Ec3gyTG9XV0ZKSHJRbGVUT1cvQVFyTkxQb0JYNnBrc0xLR2lJcGFZVU9WRllyUlFMUU0wa2Qyc2tBS2Z1Z3pjK2Q3MlF3WTRkRmdNQXZ3cjhvWE4yNFFLaW5ZbkNGblRxSk14NTdtaGhDU3BrOTNLQnBkZlZOYTFvTUYxSHdQSnVvdVN6R1h1WFJjbnNx; domain=legisted.com; path=/; expires=Wed, 02-Jan-2030 20:39:33 UTC; Secure m9h5kaUE0zilTnL3rFYmMboVaT1yPnbHCHI9%2Ba8YJMo%3D=VlVYbUdWK2NUQ3dLQ000MGxxR0ltUS9nM2hOdGYzTkRtalpVanJ5ZEZJVzZVNVlDVVBtYzQ0cEhJYlU3UDl1YnFQaEF6TnF1UjZsNnU0Q29OMjVrV2xSVWdwS0FlcHR2QXdMYVJGVDB1cGM9; domain=legisted.com; path=/; expires=Sun, 05-Jan-2020 21:44:34 UTC; Secure SERVERID=sfc7; path=/
server: ZENEDGE
x-cdn: Served-By-Zenedge

Redirect headers

Server: nginx
Date: Sun, 05 Jan 2020 20:39:33 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 5cc1c55277d7d361903b64d4
Raund: 107whu0slz
Location: https://legisted.com/L3zqf/0nte/3H9O/hDMbZzgkxz_QSh_0_i4U5m3GUCPXPCAWGJTp_SKLj19rrjRMMTJYjw?1nI=Mainstream_New_WW&clickid=5e12498511b07a522e685e24

GET /
by.clickkmobi.com/ 0
0

GET
H/1.1

200
OK

lBE20BF03090c380000RS00DTS0YNHO04I4X3I07F504I4X00000000
trafficsel.com/recollect/
Redirect Chain

https://by.clickkmobi.com/?cid=lBE20BF03090c380000RS00DTS0YNHO04I4X3I07F504I4X00000000&utm_medium=6856411e09f0fc6f4a0e21fab76b877f7226acc1&utm_campaign=main-agg&1=210129&2=a0sNMlW_75VgGJCv2AcJ
http://trafficsel.com/recollect/lBE20BF03090c380000RS00DTS0YNHO04I4X3I07F504I4X00000000

9 KB
3 KB

73ms
59ms

Document
text/html

205.147.93.132
Oracle Corporation

General

Check archive.org

Show headers Download Go to

Full URL: http://trafficsel.com/recollect/lBE20BF03090c380000RS00DTS0YNHO04I4X3I07F504I4X00000000
Requested by: Host: legisted.com
URL: https://legisted.com/L3zqf/0nte/3H9O/hDMbZzgkxz_QSh_0_i4U5m3GUCPXPCAWGJTp_SKLj19rrjRMMTJYjw?1nI=Mainstream_New_WW&clickid=5e12498511b07a522e685e24
Protocol: HTTP/1.1
Server: 205.147.93.132 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),
Reverse DNS
Software: ZENEDGE /
Resource Hash

Request headers

Host: trafficsel.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://legisted.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://legisted.com/

Response headers

Date: Sun, 05 Jan 2020 20:39:34 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
set-cookie: 5O%2ByexcV9rWuvtrB3%2BGU%2F0qICj9NbX%2BzT9%2FA0gNyduc%3D=9311324b87b6f393901589ba46a015a7_1578256774.5596; domain=trafficsel.com; path=/; expires=Wed, 02-Jan-2030 20:39:34 UTC OC0ExUTGUFq1h1VDi70UXz%2BrO7wg6%2FCu96lof1x27lE%3D=1578256774.5598; domain=trafficsel.com; path=/; expires=Wed, 02-Jan-2030 20:39:34 UTC 9311324b87b6f393901589ba46a015a7_1578256774.5596_cc=enable; domain=trafficsel.com; path=/; expires=Wed, 02-Jan-2030 20:39:34 UTC SERVERID=sfc41; path=/
X-Zen-Fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
Server: ZENEDGE
X-Cache-Status: NOTCACHED
Content-Encoding: gzip

Redirect headers

status: 302
server: nginx
date: Sun, 05 Jan 2020 20:39:34 GMT
content-type: text/html; charset=UTF-8
location: http://trafficsel.com/recollect/lBE20BF03090c380000RS00DTS0YNHO04I4X3I07F504I4X00000000
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: u=f5c26dc729210d303b5ef54694687ca2; expires=Mon, 04-Jan-2021 20:39:34 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=31536000; includeSubdomains;

GET
H/1.1 200
OK 5e12498688b185.84678215 Show response
trafficsel.com/space/optical-carrier/ 6 KB
2 KB 259ms
258ms Document
text/html 205.147.93.132
Oracle Corporation

General

Check archive.org

Show headers Download Go to

Full URL: http://trafficsel.com/space/optical-carrier/5e12498688b185.84678215?cp=lBE20BF03090c380000RS00DTS0YNHO04I4X3I07F504I4X00000000&ori=41x&ex=1&pbi=5e1249868df8f6.498468070
Requested by: Host: trafficsel.com
URL: http://trafficsel.com/recollect/lBE20BF03090c380000RS00DTS0YNHO04I4X3I07F504I4X00000000
Protocol: HTTP/1.1
Server: 205.147.93.132 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),
Reverse DNS
Software: ZENEDGE /
Resource Hash: 54a40056553e69d95f156bdcd1fe06c03fd14a15a6660a673e1494c936e110f4

Request headers

Host: trafficsel.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://trafficsel.com/
Accept-Encoding: gzip, deflate
Cookie: 5O%2ByexcV9rWuvtrB3%2BGU%2F0qICj9NbX%2BzT9%2FA0gNyduc%3D=9311324b87b6f393901589ba46a015a7_1578256774.5596; OC0ExUTGUFq1h1VDi70UXz%2BrO7wg6%2FCu96lof1x27lE%3D=1578256774.5598; 9311324b87b6f393901589ba46a015a7_1578256774.5596_cc=enable; SERVERID=sfc41
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://trafficsel.com/

Response headers

Date: Sun, 05 Jan 2020 20:39:35 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
set-cookie: OC0ExUTGUFq1h1VDi70UXz%2BrO7wg6%2FCu96lof1x27lE%3D=1578256774.8684; domain=trafficsel.com; path=/; expires=Wed, 02-Jan-2030 20:39:34 UTC h0Ruyij13GSFdk%2FlmuTzOaHThf3lIWkuVCsM4ckKGVA%3D=eUF2amE5MTY5NjZ2REFFc045eFNVZk1oMVlKeC9EYVBuWWZkZGZkd0hyQ3RzSXU5OXNFSlN6eVFrbDN5eVZGemhiWFJyWHJYdTQ5VjdFc3NBbFpOTW9xcnJQOGQwVHp0dWFaZ0FKazMvMTg9; domain=trafficsel.com; path=/; expires=Sun, 05-Jan-2020 21:44:35 UTC
X-Zen-Fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
Server: ZENEDGE
X-Cache-Status: NOTCACHED
Content-Encoding: gzip

GET /
by.clickkmobi.com/ 0
0

GET
H/1.1

200
OK

lBE20BF030906b30000RS0037O0YNHO00UKCTD04EV00UKC00000000 Show response
trafficsel.com/recollect/
Redirect Chain

https://by.clickkmobi.com/?cid=lBE20BF030906b30000RS0037O0YNHO00UKCTD04EV00UKC00000000&utm_medium=6856411e09f0fc6f4a0e21fab76b877f7226acc1&utm_campaign=main-agg&1=210129&2=a0sNMlW_75VgGJCv2AcJ&nc=1
http://trafficsel.com/recollect/lBE20BF030906b30000RS0037O0YNHO00UKCTD04EV00UKC00000000

9 KB
3 KB

41ms
41ms

Document
text/html

205.147.93.132
Oracle Corporation

General

Check archive.org

Show headers Download Go to

Full URL: http://trafficsel.com/recollect/lBE20BF030906b30000RS0037O0YNHO00UKCTD04EV00UKC00000000
Requested by: Host: trafficsel.com
URL: http://trafficsel.com/space/optical-carrier/5e12498688b185.84678215?cp=lBE20BF03090c380000RS00DTS0YNHO04I4X3I07F504I4X00000000&ori=41x&ex=1&pbi=5e1249868df8f6.498468070
Protocol: HTTP/1.1
Server: 205.147.93.132 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),
Reverse DNS
Software: ZENEDGE /
Resource Hash: c85f5a005ec47318c575e6d1fedae6ab89661801eb58e851645554e36a14c359

Request headers

Host: trafficsel.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://trafficsel.com/
Accept-Encoding: gzip, deflate
Cookie: 5O%2ByexcV9rWuvtrB3%2BGU%2F0qICj9NbX%2BzT9%2FA0gNyduc%3D=9311324b87b6f393901589ba46a015a7_1578256774.5596; 9311324b87b6f393901589ba46a015a7_1578256774.5596_cc=enable; SERVERID=sfc41; OC0ExUTGUFq1h1VDi70UXz%2BrO7wg6%2FCu96lof1x27lE%3D=1578256774.8684; h0Ruyij13GSFdk%2FlmuTzOaHThf3lIWkuVCsM4ckKGVA%3D=eUF2amE5MTY5NjZ2REFFc045eFNVZk1oMVlKeC9EYVBuWWZkZGZkd0hyQ3RzSXU5OXNFSlN6eVFrbDN5eVZGemhiWFJyWHJYdTQ5VjdFc3NBbFpOTW9xcnJQOGQwVHp0dWFaZ0FKazMvMTg9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://trafficsel.com/

Response headers

Date: Sun, 05 Jan 2020 20:39:35 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
set-cookie: OC0ExUTGUFq1h1VDi70UXz%2BrO7wg6%2FCu96lof1x27lE%3D=1578256775.5769; domain=trafficsel.com; path=/; expires=Wed, 02-Jan-2030 20:39:35 UTC 9311324b87b6f393901589ba46a015a7_1578256774.5596_cc=enable; domain=trafficsel.com; path=/; expires=Wed, 02-Jan-2030 20:39:35 UTC
X-Zen-Fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
Server: ZENEDGE
X-Cache-Status: NOTCACHED
Content-Encoding: gzip

Redirect headers

status: 302
server: nginx
date: Sun, 05 Jan 2020 20:39:35 GMT
content-type: text/html; charset=UTF-8
location: http://trafficsel.com/recollect/lBE20BF030906b30000RS0037O0YNHO00UKCTD04EV00UKC00000000
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;

GET
H/1.1 200
OK 5e1249878ce4c0.69677593 Show response
trafficsel.com/space/optical-carrier/ 4 KB
2 KB 319ms
319ms Document
text/html 205.147.93.132
Oracle Corporation

General

Check archive.org

Show headers Download Go to

Full URL: http://trafficsel.com/space/optical-carrier/5e1249878ce4c0.69677593?cp=lBE20BF030906b30000RS0037O0YNHO00UKCTD04EV00UKC00000000&ori=41x&ex=1&pbi=5e1249878e4c51.312154480
Requested by: Host: trafficsel.com
URL: http://trafficsel.com/recollect/lBE20BF030906b30000RS0037O0YNHO00UKCTD04EV00UKC00000000
Protocol: HTTP/1.1
Server: 205.147.93.132 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),
Reverse DNS
Software: ZENEDGE /
Resource Hash: 4731eb5b5ac83ab8d00eea240a49a63f51bc6ae84306a868a193dba878ebb106

Request headers

Host: trafficsel.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://trafficsel.com/
Accept-Encoding: gzip, deflate
Cookie: 5O%2ByexcV9rWuvtrB3%2BGU%2F0qICj9NbX%2BzT9%2FA0gNyduc%3D=9311324b87b6f393901589ba46a015a7_1578256774.5596; 9311324b87b6f393901589ba46a015a7_1578256774.5596_cc=enable; SERVERID=sfc41; h0Ruyij13GSFdk%2FlmuTzOaHThf3lIWkuVCsM4ckKGVA%3D=eUF2amE5MTY5NjZ2REFFc045eFNVZk1oMVlKeC9EYVBuWWZkZGZkd0hyQ3RzSXU5OXNFSlN6eVFrbDN5eVZGemhiWFJyWHJYdTQ5VjdFc3NBbFpOTW9xcnJQOGQwVHp0dWFaZ0FKazMvMTg9; OC0ExUTGUFq1h1VDi70UXz%2BrO7wg6%2FCu96lof1x27lE%3D=1578256775.5769
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://trafficsel.com/

Response headers

Date: Sun, 05 Jan 2020 20:39:35 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
set-cookie: OC0ExUTGUFq1h1VDi70UXz%2BrO7wg6%2FCu96lof1x27lE%3D=1578256775.6251; domain=trafficsel.com; path=/; expires=Wed, 02-Jan-2030 20:39:35 UTC h0Ruyij13GSFdk%2FlmuTzOaHThf3lIWkuVCsM4ckKGVA%3D=eUF2amE5MTY5NjZ2REFFc045eFNVZk1oMVlKeC9EYVBuWWZkZGZkd0hyQ3RzSXU5OXNFSlN6eVFrbDN5eVZGemhiWFJyWHJYdTQ5VjdFc3NBbFpOTWpwb00yN3paQ0ZqSUFOTURHN3VDL21rZ0VlR21EVWJ5ajhaUmlVWjkyTjdSOUIzemdhazY0dTIrSFZGNXR2YTc2UjNmOUNYRWgrL3d0NVhka2JGaUNRPQ%3D%3D; domain=trafficsel.com; path=/; expires=Sun, 05-Jan-2020 21:44:35 UTC
X-Zen-Fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
Server: ZENEDGE
X-Cache-Status: NOTCACHED
Content-Encoding: gzip

GET 498903
getad.xyz/go/216668/ 0
0

GET
H/1.1 200
OK 498903 Show response
getad.xyz/go/216668/ 466 B
516 B 219ms
206ms Document
text/html 18.214.175.230
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://getad.xyz/go/216668/498903?nc=1
Requested by: Host: trafficsel.com
URL: http://trafficsel.com/space/optical-carrier/5e1249878ce4c0.69677593?cp=lBE20BF030906b30000RS0037O0YNHO00UKCTD04EV00UKC00000000&ori=41x&ex=1&pbi=5e1249878e4c51.312154480
Protocol: HTTP/1.1
Server: 18.214.175.230 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-18-214-175-230.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 96d5e8853c1920626cd3a714d38ac704d1010b58d8bd9bc7704029fe241fcba8

Request headers

Host: getad.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://trafficsel.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://trafficsel.com/

Response headers

Date: Sun, 05 Jan 2020 20:39:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H2

200

Primary Request / Show response
lobby.ultimatepirates.gameforge.com/
Redirect Chain

http://getad.xyz/ad/ad?p=216668&w=498903&t=48da4c492448da28&r=aHR0cCUzQSUyRiUyRnRyYWZmaWNzZWwuY29tJTJG&vw=1600&vh=1200
https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903

710 B
591 B

104ms
31ms

Document
text/html

79.110.82.228
GAMEFORGE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903

Requested by

Host: getad.xyz
URL: http://getad.xyz/go/216668/498903?nc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.110.82.228 , Germany, ASN47195 (GAMEFORGE-AS, DE),

Reverse DNS

Software

Resource Hash

9f86c23dab5aa070a682653f94ed8b08f4d2a8518684e3e55c04f959b2352fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

:method: GET
:authority: lobby.ultimatepirates.gameforge.com
:scheme: https
:path: /?kid=a-a9l00-a0v00-1912-00000178&subid=498903
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://getad.xyz/go/216668/498903?nc=1
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://getad.xyz/go/216668/498903?nc=1

Response headers

status: 200
date: Sun, 05 Jan 2020 20:39:36 GMT
content-type: text/html
last-modified: Mon, 16 Dec 2019 17:38:44 GMT
etag: W/"5df7c124-2c6"
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
strict-transport-security: max-age=15724800

Redirect headers

Date: Sun, 05 Jan 2020 20:39:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 120
Connection: keep-alive
Server: nginx
Location: https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903

GET
H2 200 configuration.js Show response
lobby.ultimatepirates.gameforge.com/config/ 6 KB
2 KB 31ms
31ms Script
application/javascript 79.110.82.228
GAMEFORGE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lobby.ultimatepirates.gameforge.com/config/configuration.js

Requested by

Host: lobby.ultimatepirates.gameforge.com
URL: https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

79.110.82.228 , Germany, ASN47195 (GAMEFORGE-AS, DE),

Reverse DNS

Software

Resource Hash

1d1bb3353c78283be1970257989c4394c08e3971e2851d8f5775a3b37f82cd12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 05 Jan 2020 20:39:36 GMT
content-encoding: gzip
last-modified: Tue, 17 Dec 2019 14:34:34 GMT
etag: W/"5df8e77a-187f"
strict-transport-security: max-age=15724800
content-type: application/javascript
status: 200
cache-control: no-store, no-cache, must-revalidate

GET
H/1.1 200
OK main.392a97d4.css
s3-static.geo.gfsrv.net/browsergamelobby/ultimatepirates/2.7.0/css/ 557 KB
110 KB 137ms
57ms Stylesheet
text/css 79.110.86.107
GAMEFORGE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-static.geo.gfsrv.net/browsergamelobby/ultimatepirates/2.7.0/css/main.392a97d4.css
Requested by: Host: lobby.ultimatepirates.gameforge.com
URL: https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.110.86.107 , Germany, ASN47195 (GAMEFORGE-AS, DE),
Reverse DNS: s172.gfsrv.net
Software: nginx /
Resource Hash: fcc519b8d6d4694e7fabdba8b7f3d40c94cd1d799f0685be2ac15a210462028c

Request headers

Referer: https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 05 Jan 2020 20:39:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Dec 2019 17:38:42 GMT
Server: nginx
ETag: W/"355ef135bae21e88e3ea1e861a228614"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 04 Feb 2020 20:39:36 GMT

GET
H/1.1 200
OK main.68cc7800.js Show response
s3-static.geo.gfsrv.net/browsergamelobby/ultimatepirates/2.7.0/js/ 1 MB
289 KB 132ms
49ms Script
text/javascript 79.110.86.107
GAMEFORGE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-static.geo.gfsrv.net/browsergamelobby/ultimatepirates/2.7.0/js/main.68cc7800.js
Requested by: Host: lobby.ultimatepirates.gameforge.com
URL: https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.110.86.107 , Germany, ASN47195 (GAMEFORGE-AS, DE),
Reverse DNS: s172.gfsrv.net
Software: nginx /
Resource Hash: a9ccddde190598e629670c6e0ca25733177611266e7cb37f27f17ca9bbdca9dd

Request headers

Referer: https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 05 Jan 2020 20:39:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Dec 2019 17:38:42 GMT
Server: nginx
ETag: W/"193638a62c2487fb2199793be4d0b77d"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 04 Feb 2020 20:39:36 GMT

GET
H/1.1 200
OK main_bg.b4e47ee4.jpg
s3-static.geo.gfsrv.net/browsergamelobby/ultimatepirates/2.7.0/media/ 422 KB
423 KB 30ms
30ms Image
image/jpeg 79.110.86.107
GAMEFORGE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-static.geo.gfsrv.net/browsergamelobby/ultimatepirates/2.7.0/media/main_bg.b4e47ee4.jpg
Requested by: Host: lobby.ultimatepirates.gameforge.com
URL: https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.110.86.107 , Germany, ASN47195 (GAMEFORGE-AS, DE),
Reverse DNS: s172.gfsrv.net
Software: nginx /
Resource Hash: fa10ce55d49c361cbda781a6029ee8a7a13a4f742e274e6a6d8b4b8ea2ccb297

Request headers

Referer: https://s3-static.geo.gfsrv.net/browsergamelobby/ultimatepirates/2.7.0/css/main.392a97d4.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 05 Jan 2020 20:39:36 GMT
Last-Modified: Mon, 16 Dec 2019 17:38:43 GMT
Server: nginx
ETag: "b4e47ee48bb2643c7bb05c8788292086"
X-Cache-Status: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 432270
Expires: Tue, 04 Feb 2020 20:39:36 GMT

GET
H/1.1 200
OK pz.js.min Show response
pixelzirkus.gameforge.com/djs/ 6 KB
2 KB 252ms
34ms Script
application/javascript 79.110.82.166
GAMEFORGE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixelzirkus.gameforge.com/djs/pz.js.min
Requested by: Host: s3-static.geo.gfsrv.net
URL: https://s3-static.geo.gfsrv.net/browsergamelobby/ultimatepirates/2.7.0/js/main.68cc7800.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.110.82.166 , Germany, ASN47195 (GAMEFORGE-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: f16b2a82318f91a95b3cbfb5101c8f5086743fe305f9341fffb303dc8013601f

Request headers

Referer: https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 05 Jan 2020 20:39:37 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 05 Jan 2020 20:39:36 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: s3-static.geo.gfsrv.net
URL: https://s3-static.geo.gfsrv.net/browsergamelobby/ultimatepirates/2.7.0/js/main.68cc7800.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

9364fc06fcf219c3ba271a815653997ad8d6adf39857d54487d5f806415e00ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: rxM/79BjVZfIDzU7ekemgQ==
status: 200
date: Sun, 05 Jan 2020 20:39:36 GMT
expires: Sun, 05 Jan 2020 20:57:16 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 1778
x-fb-debug: 8uU7juILWK8iyrCP3JXFGn3mExltb0U9c95ruVNnd4LCjWtIFEc7BsSq29JlbKSced1weIIWykGtB4uXipDC9g==
x-fb-trip-id: 1850256238
x-fb-content-md5: 58c77a9c98c729bff1e8ad8e234a6872
etag: "d6b9935420166c6645733d74143c5321"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 197 KB
59 KB 16ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=f0c982284d494df3e1553d272aaa1842&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

3e3f3452cfece772e090b99315cc9307e118b3682b9a8e56d24fc7189ee0f437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903
Origin: https://lobby.ultimatepirates.gameforge.com

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: jji/FDxMGxlseoC+elWFdQ==
status: 200
date: Sun, 05 Jan 2020 20:39:36 GMT
expires: Mon, 04 Jan 2021 19:14:19 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 60149
x-fb-debug: 1hRBBFQ36nwJPcN2a72cBnUnXiwcMM09OXOMrPvYUoCE6tQylipo4WdibIAGQq2OxpMkC+7odB69tEJDy9ZEzA==
x-fb-trip-id: 2125152713
x-fb-content-md5: 6884429c404404b5d74dbf189614e8ac
etag: "3f0804749087d1c80f6bb181e45dca76"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 3C49 0
0 6ms
6ms Document
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=45

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=f0c982284d494df3e1553d272aaa1842&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=45
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Tue, 29 Dec 2020 22:49:33 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: iuhCde1N7j4s89LCdpLkbKiypRAxXwf5se5+lrHyZL4VC9In1M9+X4jJRu7GrnhTq/SIMOyN2CxD0fvR6FHX3w==
content-length: 12401
x-fb-trip-id: 1850256238
date: Sun, 05 Jan 2020 20:39:36 GMT
alt-svc: h3-24=":443"; ma=3600

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 31ms
31ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1224840394326213&input_token&origin=1&redirect_uri=https%3A%2F%2Flobby.ultimatepirates.gameforge.com%2F%3Fkid%3Da-a9l00-a0v00-1912-00000178%26subid%3D498903&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=f0c982284d494df3e1553d272aaa1842&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://lobby.ultimatepirates.gameforge.com/
Origin: https://lobby.ultimatepirates.gameforge.com

Response headers

pragma: no-cache
x-fb-debug: tmmH/Pk2PgkKtlAXpse26zzdI0GlGj1tifxZXL605t5E1xUQbwa+1qMvyzQXpWMEo6x0w8EajbtbhWf6qlzbyA==
fb-s: unknown
status: 200
date: Sun, 05 Jan 2020 20:39:36 GMT
strict-transport-security: max-age=15552000; preload
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lobby.ultimatepirates.gameforge.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-24=":443"; ma=3600
content-length: 0
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1224840394326213&ev=fb_page_view&dl=https%3A%2F%2Flobby.ultimatepirates.gameforge.com%2F%3Fkid%3Da-a9l00-a0v00-1912-00000178%26subid%3D498903&rl=http%3A%2F%2Fgetad.xyz%2Fgo%2F216668%2F498903%3Fnc%3D1&if=false&ts=1578256776972&sw=1600&sh=1200

Requested by

Host: lobby.ultimatepirates.gameforge.com
URL: https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 05 Jan 2020 20:39:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Sun, 05 Jan 2020 20:39:36 GMT

GET
H/1.1 200
OK version.json Show response
s3-static.geo.gfsrv.net/cookiebanner/ 20 B
400 B 94ms
28ms XHR
application/json 79.110.86.107
GAMEFORGE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-static.geo.gfsrv.net/cookiebanner/version.json
Requested by: Host: pixelzirkus.gameforge.com
URL: https://pixelzirkus.gameforge.com/djs/pz.js.min
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.110.86.107 , Germany, ASN47195 (GAMEFORGE-AS, DE),
Reverse DNS: s172.gfsrv.net
Software: nginx /
Resource Hash: 3e9fc8dab25257bc07516c573398e42a60d3c4fec2b6a30defb43b7629696520

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903
Origin: https://lobby.ultimatepirates.gameforge.com

Response headers

Date: Sun, 05 Jan 2020 20:39:37 GMT
Last-Modified: Tue, 13 Aug 2019 07:04:56 GMT
Server: nginx
ETag: "616eae7783d8fa8833ea40bc52255e9f"
X-Cache-Status: HIT
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20
Expires: Sun, 05 Jan 2020 23:39:37 GMT

GET
H/1.1 200
OK cookie.min.js Show response
s3-static.geo.gfsrv.net/cookiebanner/1.0.9/ 19 KB
6 KB 31ms
31ms Script
text/javascript 79.110.86.107
GAMEFORGE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-static.geo.gfsrv.net/cookiebanner/1.0.9/cookie.min.js
Requested by: Host: pixelzirkus.gameforge.com
URL: https://pixelzirkus.gameforge.com/djs/pz.js.min
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.110.86.107 , Germany, ASN47195 (GAMEFORGE-AS, DE),
Reverse DNS: s172.gfsrv.net
Software: nginx /
Resource Hash: 54b587786a374fe7474efe04bfd538f8997fe20c0f46b18e9250d5107b627458

Request headers

Referer: https://lobby.ultimatepirates.gameforge.com/?kid=a-a9l00-a0v00-1912-00000178&subid=498903
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 05 Jan 2020 20:39:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Aug 2019 07:04:55 GMT
Server: nginx
ETag: W/"ced44e3131668d88f229b26d0ff93569"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 05 Jan 2020 23:39:37 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: track.fungiers.com
URL: https://track.fungiers.com/157851/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/lBE20BF030905ae0000RS002MZ0TPJ803DSR0606X403DSR00000000/?

Domain: goobtain.com
URL: https://goobtain.com/l.php?trf=m&p=custom_gorilla&d=5cb578f177d7d31f48112d9e&pid=5e12498598142945b3310bfc&s=157851

Domain: by.clickkmobi.com
URL: https://by.clickkmobi.com/?cid=lBE20BF03090c380000RS00DTS0YNHO04I4X3I07F504I4X00000000&utm_medium=6856411e09f0fc6f4a0e21fab76b877f7226acc1&utm_campaign=main-agg&1=210129&2=a0sNMlW_75VgGJCv2AcJ&

Domain: by.clickkmobi.com
URL: https://by.clickkmobi.com/?cid=lBE20BF030906b30000RS0037O0YNHO00UKCTD04EV00UKC00000000&utm_medium=6856411e09f0fc6f4a0e21fab76b877f7226acc1&utm_campaign=main-agg&1=210129&2=a0sNMlW_75VgGJCv2AcJ&nc=1&

Domain: getad.xyz
URL: http://getad.xyz/go/216668/498903?nc=1&

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.facebook.com/	1970-01-19 08:33:52	Name: fr Value: 059cLETE1ZJXXigtK..BeEkmI...1.0.BeEkmI.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d5e031adf1.traffic-c.com
by.clickkmobi.com
connect.facebook.net
getad.xyz
go-rillatrack.com
goobtain.com
legisted.com
link.spinningintobutter.com
links.securedark.com
lobby.ultimatepirates.gameforge.com
minently.com
mon.insertcoinage.com
pixelzirkus.gameforge.com
s3-static.geo.gfsrv.net
staticxx.facebook.com
track.fungiers.com
track.maguld.com
trafficsel.com
www.facebook.com
by.clickkmobi.com
getad.xyz
goobtain.com
track.fungiers.com
137.74.217.110
18.214.175.230
188.40.16.23
198.143.165.221
205.147.93.131
205.147.93.132
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
31.170.100.126
5.135.36.139
79.110.82.166
79.110.82.228
79.110.86.107
94.23.206.47
99.198.108.196
0564eac44731e58a8d91d949bc57f604756dd280f1b86d9d1c88e5e0d88693fc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1d1bb3353c78283be1970257989c4394c08e3971e2851d8f5775a3b37f82cd12
260c26ee36a373a0477bca2deaf7287b7ad45b21b341f2e60326fcad1a0f9639
3e3f3452cfece772e090b99315cc9307e118b3682b9a8e56d24fc7189ee0f437
3e9fc8dab25257bc07516c573398e42a60d3c4fec2b6a30defb43b7629696520
41212ee2b68c18d4cb8aca698085811ba475ff69ba88def725794dff71d0fe35
4731eb5b5ac83ab8d00eea240a49a63f51bc6ae84306a868a193dba878ebb106
54a40056553e69d95f156bdcd1fe06c03fd14a15a6660a673e1494c936e110f4
54b587786a374fe7474efe04bfd538f8997fe20c0f46b18e9250d5107b627458
67877815b97b5f76212748e899d3bbc5e3e48d4c85d0de61874c81d471b4414f
7b0d8e70305e51c53ae6d21f58e399d48a5beaf40133545ddc714caddb92f571
8ddf7eed8d84d10c4145776ed8a3bd644dc01f0dc6d0cdbb17aac8d88b9a3eb3
9364fc06fcf219c3ba271a815653997ad8d6adf39857d54487d5f806415e00ad
96d5e8853c1920626cd3a714d38ac704d1010b58d8bd9bc7704029fe241fcba8
9f86c23dab5aa070a682653f94ed8b08f4d2a8518684e3e55c04f959b2352fb8
a9ccddde190598e629670c6e0ca25733177611266e7cb37f27f17ca9bbdca9dd
add0610f7e85f2086924a159aa74ca9c448cb94e8a950164448d901a49c31680
c5d3f5a75a3971b9a097e00ddc56ff0b3128e368ae96c5f884b46474c7bcd0f8
c85f5a005ec47318c575e6d1fedae6ab89661801eb58e851645554e36a14c359
e00d582b0853da7c258800618130f38634e2425b6770b2cdda3d5c1796484709
e8881a177a271312b86577931d47919c311b69e0ae378a8d561f5aa13d1803ee
f16b2a82318f91a95b3cbfb5101c8f5086743fe305f9341fffb303dc8013601f
f9063e47663911254876970015c83d15270acd13b3bae137b9009d3d60dc6b9e
fa10ce55d49c361cbda781a6029ee8a7a13a4f742e274e6a6d8b4b8ea2ccb297
fcc519b8d6d4694e7fabdba8b7f3d40c94cd1d799f0685be2ac15a210462028c

lobby.ultimatepirates.gameforge.com Open in urlscan Pro 79.110.82.228 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

63 %HTTPS

13 %IPv6

17 Domains

19 Subdomains

14 IPs

5 Countries

939 kBTransfer

2655 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lobby.ultimatepirates.gameforge.com Open in urlscan Pro
79.110.82.228 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

63 %
HTTPS

13 %
IPv6

17
Domains

19
Subdomains

14
IPs

5
Countries

939 kB
Transfer

2655 kB
Size

1
Cookies

35 HTTP transactions
0 data transactions