out.tictaktrack.com Open in urlscan Pro
212.32.250.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wal.snap4.cash/
Effective URL:
http://out.tictaktrack.com/disabled.html
Submission Tags: 6649597
Submission: On July 13 via api (July 13th 2020, 8:53:00 pm UTC) from US

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 7 domains to perform 15 HTTP transactions. The main IP is 212.32.250.1, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is out.tictaktrack.com.

This is the only time out.tictaktrack.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	2606:4700:303... 2606:4700:3030::681c:188a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::6812:3522	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	212.32.250.1 212.32.250.1	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
15	5

9 2606:4700:3030::681c:188a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

wal.snap4.cash	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6812:3522 (United States)

ASN13335 (CLOUDFLARENET, US)

smrturl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.32.250.1 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

go.secureclickers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yo.wackotracko.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
out.tictaktrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	snap4.cash 1 redirects wal.snap4.cash	58 KB
2	googletagmanager.com www.googletagmanager.com	66 KB
1	tictaktrack.com out.tictaktrack.com	343 B
1	wackotracko.com yo.wackotracko.com	232 B
1	secureclickers.com go.secureclickers.com	398 B
1	smrturl.co smrturl.co	1 KB
1	googleapis.com fonts.googleapis.com	2 KB
15	7

	Domain	Requested by
9	wal.snap4.cash	1 redirects wal.snap4.cash
2	www.googletagmanager.com	wal.snap4.cash
1	out.tictaktrack.com
1	yo.wackotracko.com
1	go.secureclickers.com	smrturl.co
1	smrturl.co	wal.snap4.cash
1	fonts.googleapis.com	wal.snap4.cash
15	7

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-22` - `2021-06-22`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
itsokto.linktolinkyourlink.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-12` - `2021-03-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://out.tictaktrack.com/disabled.html
Frame ID: 0F47042EB112594B64BE4DF765FBE54D
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://wal.snap4.cash/ HTTP 301
https://wal.snap4.cash/ Page URL
https://wal.snap4.cash/redirect.html?s1=false&s2=false Page URL
https://smrturl.co/o/44696/1196338?s1=false&s2=false Page URL
https://go.secureclickers.com/click?pid=150&offer_id=6849&sub1=502984133&sub2=150_44696&sub4=0 Page URL
https://yo.wackotracko.com/sl?id=59ce054ca1e3c53000000001&pid=2&sub1=502984133&sub2=150&sub3=150_44696&... Page URL
http://out.tictaktrack.com/disabled.html Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

15
Requests

93 %
HTTPS

80 %
IPv6

7
Domains

7
Subdomains

5
IPs

3
Countries

128 kB
Transfer

360 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wal.snap4.cash/ HTTP 301
https://wal.snap4.cash/ Page URL
https://wal.snap4.cash/redirect.html?s1=false&s2=false Page URL
https://smrturl.co/o/44696/1196338?s1=false&s2=false Page URL
https://go.secureclickers.com/click?pid=150&offer_id=6849&sub1=502984133&sub2=150_44696&sub4=0 Page URL
https://yo.wackotracko.com/sl?id=59ce054ca1e3c53000000001&pid=2&sub1=502984133&sub2=150&sub3=150_44696&sub4=6849&sub5=CZ&sub6=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36 Page URL
http://out.tictaktrack.com/disabled.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://wal.snap4.cash/ HTTP 301
https://wal.snap4.cash/

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
wal.snap4.cash/
Redirect Chain

http://wal.snap4.cash/
https://wal.snap4.cash/

3 KB
2 KB

100ms
71ms

Document
text/html

2606:4700:3030::681c:188a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wal.snap4.cash/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681c:188a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0764fdfafc5b343f6cb202c46913c4fb81d86c3af73a3a4f73b0d739c14b4de2

Request headers

:method: GET
:authority: wal.snap4.cash
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 13 Jul 2020 20:52:40 GMT
content-type: text/html
set-cookie: __cfduid=d0ff7282ad8468da4b83814776f19b32f1594673560; expires=Wed, 12-Aug-20 20:52:40 GMT; path=/; domain=.snap4.cash; HttpOnly; SameSite=Lax; Secure
last-modified: Sun, 05 Jul 2020 22:18:24 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
cf-request-id: 03eb8c9273000097f6029c5200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5b25e39718aa97f6-FRA
content-encoding: br

Redirect headers

Date: Mon, 13 Jul 2020 20:52:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 13 Jul 2020 21:52:40 GMT
Location: https://wal.snap4.cash/
cf-request-id: 03eb8c9244000097241c8ff200000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5b25e396df6a9724-FRA

GET
H2 200 common76cb.css
wal.snap4.cash/files_files/ 2 KB
773 B 63ms
62ms Stylesheet
text/css 2606:4700:3030::681c:188a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wal.snap4.cash/files_files/common76cb.css
Requested by: Host: wal.snap4.cash
URL: https://wal.snap4.cash/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681c:188a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93e6339751a6bc8510b53241e6885b89c1bf6fc6f27a24366b4b7ecf0d024ddb

Request headers

Referer: https://wal.snap4.cash/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 20:52:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 11 Apr 2020 15:48:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 5b25e397991797f6-FRA
cf-request-id: 03eb8c92bf000097f6029ca200000001
expires: Mon, 20 Jul 2020 20:52:40 GMT

GET
H2 200 voucher_main_style0cee.css
wal.snap4.cash/files_files/ 102 KB
23 KB 89ms
88ms Stylesheet
text/css 2606:4700:3030::681c:188a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wal.snap4.cash/files_files/voucher_main_style0cee.css
Requested by: Host: wal.snap4.cash
URL: https://wal.snap4.cash/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681c:188a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 123ed34dfd983566ee75f0ad6e1e464de3b14d756b6b5feb22eb1cbb98bfc86c

Request headers

Referer: https://wal.snap4.cash/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 20:52:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 19 Jun 2020 20:59:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 5b25e397991b97f6-FRA
cf-request-id: 03eb8c92bf000097f6029cb200000001
expires: Mon, 20 Jul 2020 20:52:40 GMT

GET
H2 200 voucher_layout_layout-products0cee.css
wal.snap4.cash/files_files/ 9 KB
2 KB 75ms
74ms Stylesheet
text/css 2606:4700:3030::681c:188a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wal.snap4.cash/files_files/voucher_layout_layout-products0cee.css
Requested by: Host: wal.snap4.cash
URL: https://wal.snap4.cash/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681c:188a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44ff746232ebb830fa165b9c65493f0702036724ea4a66d0b471719943bf9b6d

Request headers

Referer: https://wal.snap4.cash/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 20:52:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Jun 2020 21:04:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 5b25e397991e97f6-FRA
cf-request-id: 03eb8c92bf000097f6029cc200000001
expires: Mon, 20 Jul 2020 20:52:40 GMT

GET
H2 200 voucher_color_white7c56.css
wal.snap4.cash/files_files/ 6 KB
1 KB 61ms
60ms Stylesheet
text/css 2606:4700:3030::681c:188a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wal.snap4.cash/files_files/voucher_color_white7c56.css
Requested by: Host: wal.snap4.cash
URL: https://wal.snap4.cash/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681c:188a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71d22fb61a5b4833d71d9431936299ed376ae6bb51080b93eebd804ec6f12604

Request headers

Referer: https://wal.snap4.cash/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 20:52:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Jun 2020 21:14:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 5b25e397992097f6-FRA
cf-request-id: 03eb8c92bf000097f6029cd200000001
expires: Mon, 20 Jul 2020 20:52:40 GMT

GET
H2 200 voucher_brand_tesco90a7.css
wal.snap4.cash/files_files/ 6 KB
1 KB 84ms
83ms Stylesheet
text/css 2606:4700:3030::681c:188a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wal.snap4.cash/files_files/voucher_brand_tesco90a7.css
Requested by: Host: wal.snap4.cash
URL: https://wal.snap4.cash/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681c:188a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b057f96468abafad13032267cd84a657389d4320e4c6138c0082ce4386af733

Request headers

Referer: https://wal.snap4.cash/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 20:52:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Jun 2020 21:34:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 5b25e397992297f6-FRA
cf-request-id: 03eb8c92bf000097f6029ce200000001
expires: Mon, 20 Jul 2020 20:52:40 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 84 KB
33 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-171272151-1

Requested by

Host: wal.snap4.cash
URL: https://wal.snap4.cash/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wal.snap4.cash/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 20:52:40 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33698
x-xss-protection: 0
last-modified: Mon, 13 Jul 2020 20:05:59 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Jul 2020 20:52:40 GMT

GET
H2 200 yqwwF7B.png
wal.snap4.cash/files_files/ 28 KB
28 KB 184ms
184ms Image
image/png 2606:4700:3030::681c:188a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wal.snap4.cash/files_files/yqwwF7B.png
Requested by: Host: wal.snap4.cash
URL: https://wal.snap4.cash/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681c:188a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://wal.snap4.cash/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 20:52:40 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Jun 2020 19:57:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5b25e398299a97f6-FRA
content-length: 28819
cf-request-id: 03eb8c9319000097f6029d8200000001
expires: Mon, 20 Jul 2020 20:52:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 35 KB
2 KB 35ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

Requested by

Host: wal.snap4.cash
URL: https://wal.snap4.cash/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba6a04fe8e549687a74fe53d14f44185cf1a62b2e7da4a16a573c367d89819ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wal.snap4.cash/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Jul 2020 20:46:36 GMT
server: ESF
date: Mon, 13 Jul 2020 20:52:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Jul 2020 20:52:40 GMT

GET
H2 200 redirect.html
wal.snap4.cash/ 958 B
522 B 228ms
228ms Document
text/html 2606:4700:3030::681c:188a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wal.snap4.cash/redirect.html?s1=false&s2=false
Requested by: Host: wal.snap4.cash
URL: https://wal.snap4.cash/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681c:188a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: wal.snap4.cash
:scheme: https
:path: /redirect.html?s1=false&s2=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://wal.snap4.cash/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d0ff7282ad8468da4b83814776f19b32f1594673560
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://wal.snap4.cash/

Response headers

status: 200
date: Mon, 13 Jul 2020 20:52:40 GMT
content-type: text/html
last-modified: Sun, 05 Jul 2020 22:18:34 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
cf-request-id: 03eb8c9343000097f6029dc200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5b25e39869d897f6-FRA
content-encoding: br

GET
H2 200 1196338 Show response
smrturl.co/o/44696/ 430 B
1 KB 775ms
728ms Document
text/html 2606:4700:3034::6812:3522
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://smrturl.co/o/44696/1196338?s1=false&s2=false
Requested by: Host: wal.snap4.cash
URL: https://wal.snap4.cash/redirect.html?s1=false&s2=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:3522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.28
Resource Hash: 824f555a2de12c585b6caca475403a4fb088f7b297ba66bf7ca0b586c5377919

Request headers

:method: GET
:authority: smrturl.co
:scheme: https
:path: /o/44696/1196338?s1=false&s2=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://wal.snap4.cash/redirect.html?s1=false&s2=false
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://wal.snap4.cash/redirect.html?s1=false&s2=false

Response headers

status: 200
date: Mon, 13 Jul 2020 20:52:41 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dbdd493160f5603e4dc158d778381b27a1594673560; expires=Wed, 12-Aug-20 20:52:40 GMT; path=/; domain=.smrturl.co; HttpOnly; SameSite=Lax BUILD_VISITOR_RAND=998ed613; expires=Tue, 14-Jul-2020 20:52:40 GMT; Max-Age=86400; path=/ BUILD_VISITOR_ID=436879594; expires=Tue, 14-Jul-2020 20:52:40 GMT; Max-Age=86400; path=/ BUILD_VISITOR_ID_KEY=d63cbc5d6452567f1f9703ac914cf012; expires=Tue, 14-Jul-2020 20:52:40 GMT; Max-Age=86400; path=/ BUILD_CLICK_IDS=%5B502984133%5D; expires=Tue, 14-Jul-2020 20:52:41 GMT; Max-Age=86400; path=/
x-powered-by: PHP/7.2.28
cache-control: no-cache, no-transform
pragma: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
cf-cache-status: DYNAMIC
cf-request-id: 03eb8c945d0000176ab92dc200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5b25e39a2f45176a-FRA

GET
H2 200 js
www.googletagmanager.com/gtag/ 84 KB
33 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-171272151-1

Requested by

Host: wal.snap4.cash
URL: https://wal.snap4.cash/redirect.html?s1=false&s2=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wal.snap4.cash/redirect.html?s1=false&s2=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 13 Jul 2020 20:52:40 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33698
x-xss-protection: 0
last-modified: Mon, 13 Jul 2020 20:05:59 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Jul 2020 20:52:40 GMT

GET
H2 200 click Show response
go.secureclickers.com/ 383 B
398 B 199ms
46ms Document
text/html 212.32.250.1
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.secureclickers.com/click?pid=150&offer_id=6849&sub1=502984133&sub2=150_44696&sub4=0
Requested by: Host: smrturl.co
URL: https://smrturl.co/o/44696/1196338?s1=false&s2=false
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.32.250.1 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0fa41432ff2e228ee940ac5613570e77fbea200257e3a82f95bacebdae3271be

Request headers

:method: GET
:authority: go.secureclickers.com
:scheme: https
:path: /click?pid=150&offer_id=6849&sub1=502984133&sub2=150_44696&sub4=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx
date: Mon, 13 Jul 2020 20:52:41 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip

GET
H2 200 sl
yo.wackotracko.com/ 157 B
232 B 98ms
46ms Document
text/html 212.32.250.1
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://yo.wackotracko.com/sl?id=59ce054ca1e3c53000000001&pid=2&sub1=502984133&sub2=150&sub3=150_44696&sub4=6849&sub5=CZ&sub6=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.32.250.1 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: yo.wackotracko.com
:scheme: https
:path: /sl?id=59ce054ca1e3c53000000001&pid=2&sub1=502984133&sub2=150&sub3=150_44696&sub4=6849&sub5=CZ&sub6=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx
date: Mon, 13 Jul 2020 20:52:42 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip

GET
H/1.1 200
OK Primary Request disabled.html Show response
out.tictaktrack.com/ 111 B
343 B 103ms
69ms Document
text/html 212.32.250.1
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://out.tictaktrack.com/disabled.html
Protocol: HTTP/1.1
Server: 212.32.250.1 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: b7413baf6c8d815f06ac626010aa7c4eff83b4f3ab3fa3cfd4c50cb533b5cf08

Request headers

Host: out.tictaktrack.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Mon, 13 Jul 2020 20:52:42 GMT
Content-Type: text/html
Last-Modified: Fri, 12 Jan 2018 11:09:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5a589762-6f"
Content-Encoding: gzip

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
go.secureclickers.com
out.tictaktrack.com
smrturl.co
wal.snap4.cash
www.googletagmanager.com
yo.wackotracko.com
212.32.250.1
2606:4700:3030::681c:188a
2606:4700:3034::6812:3522
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2008
0764fdfafc5b343f6cb202c46913c4fb81d86c3af73a3a4f73b0d739c14b4de2
0fa41432ff2e228ee940ac5613570e77fbea200257e3a82f95bacebdae3271be
123ed34dfd983566ee75f0ad6e1e464de3b14d756b6b5feb22eb1cbb98bfc86c
2b057f96468abafad13032267cd84a657389d4320e4c6138c0082ce4386af733
44ff746232ebb830fa165b9c65493f0702036724ea4a66d0b471719943bf9b6d
71d22fb61a5b4833d71d9431936299ed376ae6bb51080b93eebd804ec6f12604
824f555a2de12c585b6caca475403a4fb088f7b297ba66bf7ca0b586c5377919
93e6339751a6bc8510b53241e6885b89c1bf6fc6f27a24366b4b7ecf0d024ddb
b7413baf6c8d815f06ac626010aa7c4eff83b4f3ab3fa3cfd4c50cb533b5cf08
ba6a04fe8e549687a74fe53d14f44185cf1a62b2e7da4a16a573c367d89819ea

out.tictaktrack.com Open in urlscan Pro 212.32.250.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

80 %IPv6

7 Domains

7 Subdomains

5 IPs

3 Countries

128 kBTransfer

360 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

out.tictaktrack.com Open in urlscan Pro
212.32.250.1 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

80 %
IPv6

7
Domains

7
Subdomains

5
IPs

3
Countries

128 kB
Transfer

360 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions