cullgame.com Open in urlscan Pro
104.17.20.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://go.selfcenteredteammates.net/opt_out?o=134830331978100525144496985522753364749-656f609bc495449a80e1c9b8d099e30d
Effective URL:
https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&click...
Submission: On December 14 via api (December 14th 2019, 7:40:53 pm UTC) from BE

Summary HTTP 87 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 7 countries across 18 domains to perform 87 HTTP transactions. The main IP is 104.17.20.75, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is cullgame.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on November 25th 2019. Valid for: 6 months.

This is the only time cullgame.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	45.95.82.112 45.95.82.112	59732 (VERUS) (VERUS)
1 3	198.143.165.221 198.143.165.221	32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop LLC)
1 11	205.147.93.131 205.147.93.131	393676 (ZENEDGE) (ZENEDGE - Oracle Corporation)
9 9	94.23.206.47 94.23.206.47	16276 (OVH) (OVH)
9 27	198.143.165.219 198.143.165.219	32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop LLC)
4 4	52.76.175.101 52.76.175.101	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 6	62.212.87.141 62.212.87.141	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 4	104.248.255.79 104.248.255.79	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
2	31.170.100.126 31.170.100.126	201942 (SOLTIA) (SOLTIA)
1	104.26.15.246 104.26.15.246	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2 2	104.18.222.81 104.18.222.81	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
23	104.17.20.75 104.17.20.75	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
10	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
87	16

2 45.95.82.112 (Lithuania) 1 redirects

ASN59732 (VERUS, LT)
PTR: mxptr1131-112.selfcenteredteammates.net

go.selfcenteredteammates.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.143.165.221 (Chicago, United States) 1 redirects

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: server04.com-2.mobi

links.securedark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 205.147.93.131 (United States) 1 redirects

ASN393676 (ZENEDGE - Oracle Corporation, US)

minently.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 94.23.206.47 (France) 9 redirects

ASN16276 (OVH, FR)
PTR: ns3099792.ip-94-23-206.eu

go-rillatrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 198.143.165.219 (Chicago, United States) 9 redirects

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: server04.com-2.mobi

now.loading-wsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.76.175.101 (Singapore, Singapore) 4 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-76-175-101.ap-southeast-1.compute.amazonaws.com

tracking.adacts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 62.212.87.141 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

kongtraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.248.255.79 (Frankfurt am Main, Germany) 2 redirects

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)

makedirect.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.170.100.126 (Spain)

ASN201942 (SOLTIA, ES)

ads.conscier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.15.246 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

reorget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.222.81 (United States) 2 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

routeserve.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 104.17.20.75 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cullgame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	loading-wsite.com now.loading-wsite.com Failed	41 KB
23	cullgame.com cullgame.com	249 KB
11	minently.com 1 redirects minently.com	27 KB
10	googleapis.com fonts.googleapis.com	5 KB
9	go-rillatrack.com 9 redirects go-rillatrack.com	3 KB
6	kongtraff.com 2 redirects kongtraff.com	27 KB
4	makedirect.xyz 2 redirects makedirect.xyz	8 KB
4	adacts.com tracking.adacts.com Failed	932 B
3	securedark.com 1 redirects links.securedark.com	5 KB
2	routeserve.info 2 redirects routeserve.info	1015 B
2	conscier.com ads.conscier.com	844 B
2	selfcenteredteammates.net 1 redirects go.selfcenteredteammates.net	1 KB
1	gstatic.com fonts.gstatic.com	11 KB
1	googletagmanager.com www.googletagmanager.com	19 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	fontawesome.com use.fontawesome.com	10 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	20 KB
1	reorget.com reorget.com	4 KB
87	18

	Domain	Requested by
27	now.loading-wsite.com	minently.com now.loading-wsite.com reorget.com
23	cullgame.com	cullgame.com
11	minently.com	1 redirects links.securedark.com now.loading-wsite.com minently.com
10	fonts.googleapis.com	cullgame.com
9	go-rillatrack.com	9 redirects
6	kongtraff.com	2 redirects minently.com go.selfcenteredteammates.net
4	makedirect.xyz	2 redirects kongtraff.com
4	tracking.adacts.com	minently.com
3	links.securedark.com	1 redirects go.selfcenteredteammates.net links.securedark.com
2	routeserve.info	2 redirects
2	ads.conscier.com	makedirect.xyz
2	go.selfcenteredteammates.net	1 redirects
1	fonts.gstatic.com	cullgame.com
1	www.googletagmanager.com	cullgame.com
1	cdnjs.cloudflare.com	cullgame.com
1	use.fontawesome.com	cullgame.com
1	maxcdn.bootstrapcdn.com	cullgame.com
1	reorget.com
87	18

This site contains no links.

Subject Issuer	Validity	Valid
minently.com Let's Encrypt Authority X3	`2019-12-11` - `2020-03-10`	3 months	crt.sh
now.loading-wsite.com Let's Encrypt Authority X3	`2019-10-21` - `2020-01-19`	3 months	crt.sh
trk.billysrv.com Let's Encrypt Authority X3	`2019-12-07` - `2020-03-06`	3 months	crt.sh
makedirect.xyz Let's Encrypt Authority X3	`2019-11-18` - `2020-02-16`	3 months	crt.sh
ads.conscier.com Let's Encrypt Authority X3	`2019-10-15` - `2020-01-13`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-15` - `2020-10-09`	a year	crt.sh
ssl918633.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-25` - `2020-06-02`	6 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
Frame ID: B0315BEC630DFACB4DCECC3956AE6406
Requests: 87 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://go.selfcenteredteammates.net/opt_out?o=134830331978100525144496985522753364749-656f609bc495449a80e1c9b8d0... HTTP 302
http://go.selfcenteredteammates.net/c/unsubscribe?email=staf.pynnaert%40myonline.be&list=selfcenteredteammates.n... Page URL
http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72 Page URL
http://links.securedark.com/?utm_term=6770382142426841710&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
http://links.securedark.com/proc.php?2a08ed0e539b0523c165272864ae8dae552e81e9 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_... Page URL
http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0908... HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=15785... Page URL
https://now.loading-wsite.com/?utm_term=6770382146721808895&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
https://now.loading-wsite.com/proc.php?2eca266cf415596918fdd8eaacfa1a30a72882bd HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_... Page URL
http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG090c... HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=15785... Page URL
https://now.loading-wsite.com/?utm_term=6770382151016775808&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
https://now.loading-wsite.com/proc.php?5cc8710b9d7f71309dfa1c520e1e54571cb737ca HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_... Page URL
http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0901... HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=15785... Page URL
https://now.loading-wsite.com/?utm_term=6770382151016776355&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
https://now.loading-wsite.com/proc.php?3cd68dd2a6121d7f36bf0cfcc455a84b99cc81a6 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_... Page URL
http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0909... HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=15785... Page URL
https://now.loading-wsite.com/?utm_term=6770382155311743658&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
https://now.loading-wsite.com/proc.php?093862f3b3c3065df2f60643286c13c2030c7d89 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_... Page URL
http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0909... HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=15785... Page URL
https://now.loading-wsite.com/?utm_term=6770382159623487519&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
https://now.loading-wsite.com/proc.php?478ef5ed5579d85848a4a328a4020d8e0648ea4e HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_... Page URL
http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0904... HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=15785... Page URL
https://now.loading-wsite.com/?utm_term=6770382159606711136&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
https://now.loading-wsite.com/proc.php?758bcf3859b3f7fd36ecb1a7d38cc75e8de7feac HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_... Page URL
http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG090a... HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=15785... Page URL
https://now.loading-wsite.com/?utm_term=6770382163901677819&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
https://now.loading-wsite.com/proc.php?3364ecc98a3786b8d91a536c72c0c22d0a942212 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_... Page URL
http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG090b... HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=15785... Page URL
https://now.loading-wsite.com/?utm_term=6770382163901678267&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
https://now.loading-wsite.com/proc.php?62f957eec5047097553b88a2ab7783cea508d029 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_... Page URL
https://tracking.adacts.com/click?aff_sub1=lBE20AQIG0901640007PS002MZ0ZG0H03DSRMY06CH03DSR00000000&aff_i... HTTP 302
https://tracking.adacts.com/click?aff_sub1=lBE20AQIG0901640007PS002MZ0ZG0H03DSRMY06CH03DSR00000000&aff_i... HTTP 302
https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId} Page URL
https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId}&code=37... HTTP 302
https://kongtraff.com/gw?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fm... Page URL
https://makedirect.xyz/d?zid=16&uid=13&psubid=bmconv_20191214204039_57ba11f2_815c_4a4b_a686_a1b727e... Page URL
https://makedirect.xyz/r?zid=16&uid=13&c_from=https://kongtraff.com&pubid=&psubid=bmconv_2019121420... HTTP 302
https://ads.conscier.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/58a324f4-9... Page URL
https://reorget.com/c/4446df96-990a-11e5-b565-02f6361de079?cid=M2019121419-cd66255b0e3a465575db0... Page URL
http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG090d... HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=19608... Page URL
https://now.loading-wsite.com/?utm_term=6770382189671482030&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
https://now.loading-wsite.com/proc.php?25829ee2b0c9d358da349fc86988971269474635 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_... Page URL
https://minently.com/RnSda/rDN3/qD5mv_k/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e/_jJl... HTTP 302
https://tracking.adacts.com/click?aff_sub1=lBE20AQIG09088a0007PS002MZ0ZG0H03DSRMY07AU03DSR00000000&aff_i... HTTP 302
https://tracking.adacts.com/click?aff_sub1=lBE20AQIG09088a0007PS002MZ0ZG0H03DSRMY07AU03DSR00000000&aff_i... HTTP 302
https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId} Page URL
https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId}&code=1a... HTTP 302
https://kongtraff.com/gw?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fm... Page URL
https://makedirect.xyz/d?zid=16&uid=13&psubid=bmconv_20191214204044_73b88a43_a18d_471b_bf93_3ac03e1... Page URL
https://makedirect.xyz/r?zid=16&uid=13&c_from=https://kongtraff.com&pubid=&psubid=bmconv_2019121420... HTTP 302
https://ads.conscier.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/58a324f4-9... Page URL
http://routeserve.info/?affid=762hgrfkij23&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a... HTTP 301
https://routeserve.info/?affid=762hgrfkij23&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a... HTTP 302
https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&pa... Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

87
Requests

86 %
HTTPS

28 %
IPv6

18
Domains

18
Subdomains

16
IPs

7
Countries

427 kB
Transfer

1042 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://go.selfcenteredteammates.net/opt_out?o=134830331978100525144496985522753364749-656f609bc495449a80e1c9b8d099e30d HTTP 302
http://go.selfcenteredteammates.net/c/unsubscribe?email=staf.pynnaert%40myonline.be&list=selfcenteredteammates.net&locale=sv_SE&e=e:BnHSKkq4jQSvFDkzeMB8mEPZtw8ke_cDcalaF0SJ9rg Page URL
http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72 Page URL
http://links.securedark.com/?utm_term=6770382142426841710&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e Page URL
http://links.securedark.com/proc.php?2a08ed0e539b0523c165272864ae8dae552e81e9 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382142426841710&ext1=2704 Page URL
http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0908330007PS002MZ0XHIX03DSR7505FB03DSR00000000&source=157851&data1=LzXlcZ_fZ9vuy.DFb4Xi HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab19814293fdf5eed40 Page URL
https://now.loading-wsite.com/?utm_term=6770382146721808895&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f Page URL
https://now.loading-wsite.com/proc.php?2eca266cf415596918fdd8eaacfa1a30a72882bd HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382146721808895&ext1=6437 Page URL
http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG090cdf0007PS002MZ0XHIX03DSR7505J903DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab29814293af60efd79 Page URL
https://now.loading-wsite.com/?utm_term=6770382151016775808&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f097979b8790cacbf9c9fff9fcfdc2f2f2f1f6c7c4c5f9 Page URL
https://now.loading-wsite.com/proc.php?5cc8710b9d7f71309dfa1c520e1e54571cb737ca HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382151016775808&ext1=6437 Page URL
http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0901c50007PS002MZ0XHIX03DSR7505MK03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab298142946e857b595 Page URL
https://now.loading-wsite.com/?utm_term=6770382151016776355&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f Page URL
https://now.loading-wsite.com/proc.php?3cd68dd2a6121d7f36bf0cfcc455a84b99cc81a6 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382151016776355&ext1=6437 Page URL
http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0909300007PS002MZ0XHIX03DSRMY05VK03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab398142945b925406f Page URL
https://now.loading-wsite.com/?utm_term=6770382155311743658&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f Page URL
https://now.loading-wsite.com/proc.php?093862f3b3c3065df2f60643286c13c2030c7d89 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382155311743658&ext1=6437 Page URL
http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG09093e0007PS002MZ0XHIX03DSRMY05YX03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab498142944ae2fb6d5 Page URL
https://now.loading-wsite.com/?utm_term=6770382159623487519&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f Page URL
https://now.loading-wsite.com/proc.php?478ef5ed5579d85848a4a328a4020d8e0648ea4e HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382159623487519&ext1=6437 Page URL
http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0904a90007PS002MZ0XHIX03DSRMY062C03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab498142945495dd0b3 Page URL
https://now.loading-wsite.com/?utm_term=6770382159606711136&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f Page URL
https://now.loading-wsite.com/proc.php?758bcf3859b3f7fd36ecb1a7d38cc75e8de7feac HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382159606711136&ext1=6437 Page URL
http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG090a410007PS002MZ0XHIX03DSRMY065I03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab59814294ef90da40f Page URL
https://now.loading-wsite.com/?utm_term=6770382163901677819&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f Page URL
https://now.loading-wsite.com/proc.php?3364ecc98a3786b8d91a536c72c0c22d0a942212 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382163901677819&ext1=6437 Page URL
http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG090b560007PS002MZ0XHIX03DSRMY067X03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab59814293af60efd83 Page URL
https://now.loading-wsite.com/?utm_term=6770382163901678267&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f097979b8790cacbf9c9fff9fcfdc2f2f2f1f6c7c4c5f9 Page URL
https://now.loading-wsite.com/proc.php?62f957eec5047097553b88a2ab7783cea508d029 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382163901678267&ext1=6437 Page URL
https://tracking.adacts.com/click?aff_sub1=lBE20AQIG0901640007PS002MZ0ZG0H03DSRMY06CH03DSR00000000&aff_id=212&offer_id=8855 HTTP 302
https://tracking.adacts.com/click?aff_sub1=lBE20AQIG0901640007PS002MZ0ZG0H03DSRMY06CH03DSR00000000&aff_id=212&offer_id=8505 HTTP 302
https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId} Page URL
https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId}&code=37Y3VvBDU6PT07Pjw-P0ZCQ0ERhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdK3eVm6OnUKlqaZNragB1ZWsFBW9.CTpAOzwNd3cRQkRDRBV3jhlKUEtMHX.HIVJUU1QlmqEpVmBbLI.jmJQyMpafmjcxAWVuZwY2B3d7eH8NDYR9dBJZgoN8gnw4Yoh.Sh2GkoaEI5eWmosnjpuXLJKOmqKVMaeUNYKlempub2U0OzU4KTJYbXB3fYSAhXtPNV.FjH6GO2l.gT9vdEJ7RFZWhlldiWBVTW.foJ2XipmXgWl1MTg3PDQ6PikyVlRhW1s8MX58f3o2Xn18hYpFPWGHkpCPiFNcWlVYV11iXmZcYGZqUoaVm5dyajE4Nzw0Oj4Ja4ENRQ5zfRJKE3VJSRhISUtLTE0egFRVI1NUJZmNKVlaW1wtlJUxYmNjNJieZAIyA2pxfAhuanZ.cQ1xd30SQ0RFFYKFfxpLS0xNHpKUk4kkVVVXWFlaWiuboJGfpTIyo6aZqXVjAzU0NTk3OTlBC3GDen0RREUThnp8GICNjouPV01OjYqQiJKZkqBWjJmYWy2gkZOUM2RkZ2sxMjc2BGh0e3gKCoJ6eg8Ph3h.iRVFFnp8gBtMTU5PUFFSU1NUVVdYWFlaXF1eX2BhYmNkZWZnMTIzNDQ2Nzg5Ojs8PT4-QEBCQ0RFRkdISUpLTE1OT1BQUlJUJIiPnClaW1xdXl9gYWJjZGVmZjEyMjQ0Njc4ODoKgoGBD4Y.akhpalCNRYpNiImKi1mWTo1WkZKTlGKfV55hoWilXXV8n2uKNaFsb2kEaXMzXFsJfH.ADj4PfHKBFBR9gooZSRqJkB5PUFBSU1RUVlYnn40rXF1ekGEwlKSrNTWpY2UDNTgFeXdsCjw-DHF.gRFCEoF3eRdQRkoaiJCNH1BV&_tdf=16 HTTP 302
https://kongtraff.com/gw?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fmakedirect.xyz%2Fd%3Fzid%3D16%26uid%3D13%26psubid%3Dbmconv_20191214204039_57ba11f2_815c_4a4b_a686_a1b727e06e67%26sub1%3D40533_%7ByourSubPublisherId%7D&vId=bmconv_20191214204039_57ba11f2_815c_4a4b_a686_a1b727e06e67&hash=23866140943888e169de&ete=true Page URL
https://makedirect.xyz/d?zid=16&uid=13&psubid=bmconv_20191214204039_57ba11f2_815c_4a4b_a686_a1b727e06e67&sub1=40533_{yourSubPublisherId} Page URL
https://makedirect.xyz/r?zid=16&uid=13&c_from=https://kongtraff.com&pubid=&psubid=bmconv_20191214204039_57ba11f2_815c_4a4b_a686_a1b727e06e67&c_inif=n&c_key=16%7C8%7C24%7C24%7C1%7C0%7C1600%7C1200%7C20%7C40%7C1%7C2%7CEurope%2FBerlin%7Cen-US%7CLinux%20x86_64%7CN%2FA%7CN%2FA%7CN%2FA%7C-1%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&c_r=location HTTP 302
https://ads.conscier.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/58a324f4-9758ab18-e98416a3-003b-cb22/?Subid=&externalid=16-37-100-199943-8037-1576352442&c_click_id=16-37-100-199943-8037-1576352442 Page URL
https://reorget.com/c/4446df96-990a-11e5-b565-02f6361de079?cid=M2019121419-cd66255b0e3a465575db0c32855dd76f&pubid= Page URL
http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG090d9e0007PS00E6X0XHIX047ASIA070X047AS00000000&source=196084&data1=a0sNMlW_75VgGJCv2AcJ HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=196084&cid=5df53abb98142944b92bbda4 Page URL
https://now.loading-wsite.com/?utm_term=6770382189671482030&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e Page URL
https://now.loading-wsite.com/proc.php?25829ee2b0c9d358da349fc86988971269474635 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382189671482030&ext1=6437 Page URL
https://minently.com/RnSda/rDN3/qD5mv_k/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e/_jJl6aEmlhfDJUUkL_ryHW-tNYI9m58?ori=13x&timer=true&jch=0||1600||1200||0||112221000011001010110&hh=50 HTTP 302
https://tracking.adacts.com/click?aff_sub1=lBE20AQIG09088a0007PS002MZ0ZG0H03DSRMY07AU03DSR00000000&aff_id=212&offer_id=8855 HTTP 302
https://tracking.adacts.com/click?aff_sub1=lBE20AQIG09088a0007PS002MZ0ZG0H03DSRMY07AU03DSR00000000&aff_id=212&offer_id=8505 HTTP 302
https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId} Page URL
https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId}&code=1aY3VvBDU6PT07Pjw-QEFGP0IRhYV3Fn.GGI9lcwM1OgVva2kKOzwMfXqDEV17gYmNNo9QT183NgN4aG4ICHKBDD1DPj8QenoURUdGRxh6dwIzOTQ1BmhwCjs9PD0Og4oSP0lEFXiMgX0BAWVuaQY3B2t0bQxARA5.gn.GFBSLhHsZYG9waW9pJU91azcKc39zcRCEg4d4FHuIhBl-YW11aAR6ZwhVeIR0eHlvPkU-QjM8Ynd6gYd0cHVrPyVPdXxuditZbnEvX2QyazRGRnZJTV82KyNFdXZzbWBvbVd2gj5FRElBR0s2P2NhVE5OLyRxb3JtKVFwb3h9ODBUeoWDgntGT00uMTA2Ozc-NTk-QytfbnRwgnpBSEdMREpOGWF3AzsEaXMIQAlrPz8OPj9BQUJDFHZKSxlJMAF1aQU1Njc4CXBxDT4-PxB0encVRRZ9hI8BZ2Nvd2oGanB2Czw9Pg57fngTRERFRheLjXJoAzQ0Njc4OTkKen9wfoQREYKFeIiLeRlLMDE1MzU1PQdtf3Z5DUBBD4J2eBR8iYqHi1MvMG9scmp0e3SCOG57ej0PgnN1dhVGRklNSjE2NQNnc3p3CQmBeXkODoZ3fYgURBV5e38aMTIzNDU2Nzg4OTo8PT0.P0FCQ0RFRkdISUoxMjM0NTY2ODk6Ozw9Pj9AQUJCREVGR0hJSjEyMzQ1Njc4ODo6PAxwd4QRQkNERUZHSElKMTIzNDQ2Nzc5OTs8PT0-D4eGhhSLQ3eJilR3L24.ezNvQn83Y0FiY0mGPoNGgYKDhFKPR2w1cHFyc0F.Nn1AgEeEPFRbfkppFICChX8aZW8vWFcFeHt8CjoLeG59EBB5foYVRRaFjBoxMjI0NTY2ODgJgW8NPj9AckMSdoaNFxeLfGQCNDcEeHZrCTs.C3B9gBBBEYB2eBZHRxiGdHEDNDk_&_tdf=27 HTTP 302
https://kongtraff.com/gw?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fmakedirect.xyz%2Fd%3Fzid%3D16%26uid%3D13%26psubid%3Dbmconv_20191214204044_73b88a43_a18d_471b_bf93_3ac03e1edb68%26sub1%3D40533_%7ByourSubPublisherId%7D&vId=bmconv_20191214204044_73b88a43_a18d_471b_bf93_3ac03e1edb68&hash=23866140943888e169de&ete=true Page URL
https://makedirect.xyz/d?zid=16&uid=13&psubid=bmconv_20191214204044_73b88a43_a18d_471b_bf93_3ac03e1edb68&sub1=40533_{yourSubPublisherId} Page URL
https://makedirect.xyz/r?zid=16&uid=13&c_from=https://kongtraff.com&pubid=&psubid=bmconv_20191214204044_73b88a43_a18d_471b_bf93_3ac03e1edb68&c_inif=n&c_key=16%7C8%7C24%7C24%7C1%7C0%7C1600%7C1200%7C20%7C40%7C1%7C2%7CEurope%2FBerlin%7Cen-US%7CLinux%20x86_64%7CN%2FA%7CN%2FA%7CN%2FA%7C-1%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&c_r=location HTTP 302
https://ads.conscier.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/58a324f4-9758ab18-e98416a3-003b-cb22/?Subid=&externalid=16-37-100-850204-2007-1576352446&c_click_id=16-37-100-850204-2007-1576352446 Page URL
http://routeserve.info/?affid=762hgrfkij23&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid= HTTP 301
https://routeserve.info/?affid=762hgrfkij23&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid= HTTP 302
https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://go.selfcenteredteammates.net/opt_out?o=134830331978100525144496985522753364749-656f609bc495449a80e1c9b8d099e30d HTTP 302
http://go.selfcenteredteammates.net/c/unsubscribe?email=staf.pynnaert%40myonline.be&list=selfcenteredteammates.net&locale=sv_SE&e=e:BnHSKkq4jQSvFDkzeMB8mEPZtw8ke_cDcalaF0SJ9rg

Request Chain 3

http://links.securedark.com/proc.php?2a08ed0e539b0523c165272864ae8dae552e81e9 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382142426841710&ext1=2704

Request Chain 4

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0908330007PS002MZ0XHIX03DSR7505FB03DSR00000000&source=157851&data1=LzXlcZ_fZ9vuy.DFb4Xi& HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab19814294479021551

Request Chain 5

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0908330007PS002MZ0XHIX03DSR7505FB03DSR00000000&source=157851&data1=LzXlcZ_fZ9vuy.DFb4Xi HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab19814293fdf5eed40

Request Chain 7

https://now.loading-wsite.com/proc.php?2eca266cf415596918fdd8eaacfa1a30a72882bd HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382146721808895&ext1=6437

Request Chain 8

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG090cdf0007PS002MZ0XHIX03DSR7505J903DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh& HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab19814294cf759653f

Request Chain 9

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG090cdf0007PS002MZ0XHIX03DSR7505J903DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab29814293af60efd79

Request Chain 11

https://now.loading-wsite.com/proc.php?5cc8710b9d7f71309dfa1c520e1e54571cb737ca HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382151016775808&ext1=6437

Request Chain 12

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0901c50007PS002MZ0XHIX03DSR7505MK03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh& HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab29814293e4c7b8d15

Request Chain 13

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0901c50007PS002MZ0XHIX03DSR7505MK03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab298142946e857b595

Request Chain 15

https://now.loading-wsite.com/proc.php?3cd68dd2a6121d7f36bf0cfcc455a84b99cc81a6 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382151016776355&ext1=6437

Request Chain 16

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0909300007PS002MZ0XHIX03DSRMY05VK03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh& HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab39814293fe4747f03

Request Chain 17

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0909300007PS002MZ0XHIX03DSRMY05VK03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab398142945b925406f

Request Chain 19

https://now.loading-wsite.com/proc.php?093862f3b3c3065df2f60643286c13c2030c7d89 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382155311743658&ext1=6437

Request Chain 20

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG09093e0007PS002MZ0XHIX03DSRMY05YX03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh& HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab49814293e9f7d4d30

Request Chain 21

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG09093e0007PS002MZ0XHIX03DSRMY05YX03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab498142944ae2fb6d5

Request Chain 23

https://now.loading-wsite.com/proc.php?478ef5ed5579d85848a4a328a4020d8e0648ea4e HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382159623487519&ext1=6437

Request Chain 24

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0904a90007PS002MZ0XHIX03DSRMY062C03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab498142945495dd0b3

Request Chain 26

https://now.loading-wsite.com/proc.php?758bcf3859b3f7fd36ecb1a7d38cc75e8de7feac HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382159606711136&ext1=6437

Request Chain 27

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG090a410007PS002MZ0XHIX03DSRMY065I03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab59814294ef90da40f

Request Chain 29

https://now.loading-wsite.com/proc.php?3364ecc98a3786b8d91a536c72c0c22d0a942212 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382163901677819&ext1=6437

Request Chain 30

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG090b560007PS002MZ0XHIX03DSRMY067X03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh& HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab59814293be524a851

Request Chain 31

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG090b560007PS002MZ0XHIX03DSRMY067X03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab59814293af60efd83

Request Chain 33

https://now.loading-wsite.com/proc.php?62f957eec5047097553b88a2ab7783cea508d029 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382163901678267&ext1=6437

Request Chain 35

https://tracking.adacts.com/click?aff_sub1=lBE20AQIG0901640007PS002MZ0ZG0H03DSRMY06CH03DSR00000000&aff_id=212&offer_id=8855 HTTP 302
https://tracking.adacts.com/click?aff_sub1=lBE20AQIG0901640007PS002MZ0ZG0H03DSRMY06CH03DSR00000000&aff_id=212&offer_id=8505 HTTP 302
https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId}

Request Chain 36

https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId}&code=37Y3VvBDU6PT07Pjw-P0ZCQ0ERhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdK3eVm6OnUKlqaZNragB1ZWsFBW9.CTpAOzwNd3cRQkRDRBV3jhlKUEtMHX.HIVJUU1QlmqEpVmBbLI.jmJQyMpafmjcxAWVuZwY2B3d7eH8NDYR9dBJZgoN8gnw4Yoh.Sh2GkoaEI5eWmosnjpuXLJKOmqKVMaeUNYKlempub2U0OzU4KTJYbXB3fYSAhXtPNV.FjH6GO2l.gT9vdEJ7RFZWhlldiWBVTW.foJ2XipmXgWl1MTg3PDQ6PikyVlRhW1s8MX58f3o2Xn18hYpFPWGHkpCPiFNcWlVYV11iXmZcYGZqUoaVm5dyajE4Nzw0Oj4Ja4ENRQ5zfRJKE3VJSRhISUtLTE0egFRVI1NUJZmNKVlaW1wtlJUxYmNjNJieZAIyA2pxfAhuanZ.cQ1xd30SQ0RFFYKFfxpLS0xNHpKUk4kkVVVXWFlaWiuboJGfpTIyo6aZqXVjAzU0NTk3OTlBC3GDen0RREUThnp8GICNjouPV01OjYqQiJKZkqBWjJmYWy2gkZOUM2RkZ2sxMjc2BGh0e3gKCoJ6eg8Ph3h.iRVFFnp8gBtMTU5PUFFSU1NUVVdYWFlaXF1eX2BhYmNkZWZnMTIzNDQ2Nzg5Ojs8PT4-QEBCQ0RFRkdISUpLTE1OT1BQUlJUJIiPnClaW1xdXl9gYWJjZGVmZjEyMjQ0Njc4ODoKgoGBD4Y.akhpalCNRYpNiImKi1mWTo1WkZKTlGKfV55hoWilXXV8n2uKNaFsb2kEaXMzXFsJfH.ADj4PfHKBFBR9gooZSRqJkB5PUFBSU1RUVlYnn40rXF1ekGEwlKSrNTWpY2UDNTgFeXdsCjw-DHF.gRFCEoF3eRdQRkoaiJCNH1BV&_tdf=16 HTTP 302
https://kongtraff.com/gw?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fmakedirect.xyz%2Fd%3Fzid%3D16%26uid%3D13%26psubid%3Dbmconv_20191214204039_57ba11f2_815c_4a4b_a686_a1b727e06e67%26sub1%3D40533_%7ByourSubPublisherId%7D&vId=bmconv_20191214204039_57ba11f2_815c_4a4b_a686_a1b727e06e67&hash=23866140943888e169de&ete=true

Request Chain 38

https://makedirect.xyz/r?zid=16&uid=13&c_from=https://kongtraff.com&pubid=&psubid=bmconv_20191214204039_57ba11f2_815c_4a4b_a686_a1b727e06e67&c_inif=n&c_key=16%7C8%7C24%7C24%7C1%7C0%7C1600%7C1200%7C20%7C40%7C1%7C2%7CEurope%2FBerlin%7Cen-US%7CLinux%20x86_64%7CN%2FA%7CN%2FA%7CN%2FA%7C-1%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&c_r=location HTTP 302
https://ads.conscier.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/58a324f4-9758ab18-e98416a3-003b-cb22/?Subid=&externalid=16-37-100-199943-8037-1576352442&c_click_id=16-37-100-199943-8037-1576352442

Request Chain 40

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG090d9e0007PS00E6X0XHIX047ASIA070X047AS00000000&source=196084&data1=a0sNMlW_75VgGJCv2AcJ& HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=196084&cid=5df53abb981429400b21dc41

Request Chain 41

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG090d9e0007PS00E6X0XHIX047ASIA070X047AS00000000&source=196084&data1=a0sNMlW_75VgGJCv2AcJ HTTP 302
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=196084&cid=5df53abb98142944b92bbda4

Request Chain 43

https://now.loading-wsite.com/proc.php?25829ee2b0c9d358da349fc86988971269474635 HTTP 302
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382189671482030&ext1=6437

Request Chain 45

https://minently.com/RnSda/rDN3/qD5mv_k/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e/_jJl6aEmlhfDJUUkL_ryHW-tNYI9m58?ori=13x&timer=true&jch=0||1600||1200||0||112221000011001010110&hh=50 HTTP 302
https://tracking.adacts.com/click?aff_sub1=lBE20AQIG09088a0007PS002MZ0ZG0H03DSRMY07AU03DSR00000000&aff_id=212&offer_id=8855 HTTP 302
https://tracking.adacts.com/click?aff_sub1=lBE20AQIG09088a0007PS002MZ0ZG0H03DSRMY07AU03DSR00000000&aff_id=212&offer_id=8505 HTTP 302
https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId}

Request Chain 46

https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId}&code=1aY3VvBDU6PT07Pjw-QEFGP0IRhYV3Fn.GGI9lcwM1OgVva2kKOzwMfXqDEV17gYmNNo9QT183NgN4aG4ICHKBDD1DPj8QenoURUdGRxh6dwIzOTQ1BmhwCjs9PD0Og4oSP0lEFXiMgX0BAWVuaQY3B2t0bQxARA5.gn.GFBSLhHsZYG9waW9pJU91azcKc39zcRCEg4d4FHuIhBl-YW11aAR6ZwhVeIR0eHlvPkU-QjM8Ynd6gYd0cHVrPyVPdXxuditZbnEvX2QyazRGRnZJTV82KyNFdXZzbWBvbVd2gj5FRElBR0s2P2NhVE5OLyRxb3JtKVFwb3h9ODBUeoWDgntGT00uMTA2Ozc-NTk-QytfbnRwgnpBSEdMREpOGWF3AzsEaXMIQAlrPz8OPj9BQUJDFHZKSxlJMAF1aQU1Njc4CXBxDT4-PxB0encVRRZ9hI8BZ2Nvd2oGanB2Czw9Pg57fngTRERFRheLjXJoAzQ0Njc4OTkKen9wfoQREYKFeIiLeRlLMDE1MzU1PQdtf3Z5DUBBD4J2eBR8iYqHi1MvMG9scmp0e3SCOG57ej0PgnN1dhVGRklNSjE2NQNnc3p3CQmBeXkODoZ3fYgURBV5e38aMTIzNDU2Nzg4OTo8PT0.P0FCQ0RFRkdISUoxMjM0NTY2ODk6Ozw9Pj9AQUJCREVGR0hJSjEyMzQ1Njc4ODo6PAxwd4QRQkNERUZHSElKMTIzNDQ2Nzc5OTs8PT0-D4eGhhSLQ3eJilR3L24.ezNvQn83Y0FiY0mGPoNGgYKDhFKPR2w1cHFyc0F.Nn1AgEeEPFRbfkppFICChX8aZW8vWFcFeHt8CjoLeG59EBB5foYVRRaFjBoxMjI0NTY2ODgJgW8NPj9AckMSdoaNFxeLfGQCNDcEeHZrCTs.C3B9gBBBEYB2eBZHRxiGdHEDNDk_&_tdf=27 HTTP 302
https://kongtraff.com/gw?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fmakedirect.xyz%2Fd%3Fzid%3D16%26uid%3D13%26psubid%3Dbmconv_20191214204044_73b88a43_a18d_471b_bf93_3ac03e1edb68%26sub1%3D40533_%7ByourSubPublisherId%7D&vId=bmconv_20191214204044_73b88a43_a18d_471b_bf93_3ac03e1edb68&hash=23866140943888e169de&ete=true

Request Chain 48

https://makedirect.xyz/r?zid=16&uid=13&c_from=https://kongtraff.com&pubid=&psubid=bmconv_20191214204044_73b88a43_a18d_471b_bf93_3ac03e1edb68&c_inif=n&c_key=16%7C8%7C24%7C24%7C1%7C0%7C1600%7C1200%7C20%7C40%7C1%7C2%7CEurope%2FBerlin%7Cen-US%7CLinux%20x86_64%7CN%2FA%7CN%2FA%7CN%2FA%7C-1%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&c_r=location HTTP 302
https://ads.conscier.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/58a324f4-9758ab18-e98416a3-003b-cb22/?Subid=&externalid=16-37-100-850204-2007-1576352446&c_click_id=16-37-100-850204-2007-1576352446

87 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

unsubscribe Show response
go.selfcenteredteammates.net/c/
Redirect Chain

http://go.selfcenteredteammates.net/opt_out?o=134830331978100525144496985522753364749-656f609bc495449a80e1c9b8d099e30d
http://go.selfcenteredteammates.net/c/unsubscribe?email=staf.pynnaert%40myonline.be&list=selfcenteredteammates.net&locale=sv_SE&e=e:BnHSKkq4jQSvFDkzeMB8mEPZtw8ke_cDcalaF0SJ9rg

835 B
826 B

244ms
244ms

Document
text/html

45.95.82.112
VERUS

General

Check archive.org

Show headers Download Go to

Full URL

http://go.selfcenteredteammates.net/c/unsubscribe?email=staf.pynnaert%40myonline.be&list=selfcenteredteammates.net&locale=sv_SE&e=e:BnHSKkq4jQSvFDkzeMB8mEPZtw8ke_cDcalaF0SJ9rg

Protocol

HTTP/1.1

Server

45.95.82.112 , Lithuania, ASN59732 (VERUS, LT),

Reverse DNS

mxptr1131-112.selfcenteredteammates.net

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

4a2b5a616d7d1f888678d08ff94dce79b1e79f7879a3457545d2d070a9fe9505

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: go.selfcenteredteammates.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Sat, 14 Dec 2019 19:40:30 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

Redirect headers

Server: nginx/1.14.0 (Ubuntu)
Date: Sat, 14 Dec 2019 19:40:30 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Location: http://go.selfcenteredteammates.net/c/unsubscribe?email=staf.pynnaert%40myonline.be&list=selfcenteredteammates.net&locale=sv_SE&e=e:BnHSKkq4jQSvFDkzeMB8mEPZtw8ke_cDcalaF0SJ9rg

GET
H/1.1 200
OK Cookie set / Show response
links.securedark.com/ 3 KB
2 KB 345ms
208ms Document
text/html 198.143.165.221
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72
Requested by: Host: go.selfcenteredteammates.net
URL: http://go.selfcenteredteammates.net/c/unsubscribe?email=staf.pynnaert%40myonline.be&list=selfcenteredteammates.net&locale=sv_SE&e=e:BnHSKkq4jQSvFDkzeMB8mEPZtw8ke_cDcalaF0SJ9rg
Protocol: HTTP/1.1
Server: 198.143.165.221 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/7.3.4
Resource Hash: 82274f441b5afb40978455be2c403bd351dee7295ed779ab444aef25100650da

Request headers

Host: links.securedark.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://go.selfcenteredteammates.net/c/unsubscribe?email=staf.pynnaert%40myonline.be&list=selfcenteredteammates.net&locale=sv_SE&e=e:BnHSKkq4jQSvFDkzeMB8mEPZtw8ke_cDcalaF0SJ9rg
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://go.selfcenteredteammates.net/c/unsubscribe?email=staf.pynnaert%40myonline.be&list=selfcenteredteammates.net&locale=sv_SE&e=e:BnHSKkq4jQSvFDkzeMB8mEPZtw8ke_cDcalaF0SJ9rg

Response headers

Server: nginx
Date: Sat, 14 Dec 2019 19:40:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.4
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: u=da06264b9a8f0b9add9e7095ab160443; expires=Sun, 13-Dec-2020 19:40:32 GMT; Max-Age=31536000; path=/
Content-Encoding: gzip

GET
H/1.1 200
OK / Show response
links.securedark.com/ 7 KB
3 KB 123ms
123ms Document
text/html 198.143.165.221
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://links.securedark.com/?utm_term=6770382142426841710&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
Requested by: Host: links.securedark.com
URL: http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72
Protocol: HTTP/1.1
Server: 198.143.165.221 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx /
Resource Hash: 619bd868bad465e227e357658b2ce29096d6f54b8230941638aba4195c456e82

Request headers

Host: links.securedark.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72
Accept-Encoding: gzip, deflate
Cookie: u=da06264b9a8f0b9add9e7095ab160443
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72

Response headers

Server: nginx
Date: Sat, 14 Dec 2019 19:40:32 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip

GET
H2

200

-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e Show response
minently.com/RnSda/rDN3/ojdn/
Redirect Chain

http://links.securedark.com/proc.php?2a08ed0e539b0523c165272864ae8dae552e81e9
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382142426841710&ext1=2704

6 KB
4 KB

189ms
76ms

Document
text/html

205.147.93.131
Oracle Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382142426841710&ext1=2704

Requested by

Host: links.securedark.com
URL: http://links.securedark.com/?utm_term=6770382142426841710&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.147.93.131 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),

Reverse DNS

Software

ZENEDGE /

Resource Hash

90f6fc54298e48562cab8e9c3f6e60504044ce937b5ef0334465e9adf28fd0a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

:method: GET
:authority: minently.com
:scheme: https
:path: /RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382142426841710&ext1=2704
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://links.securedark.com/?utm_term=6770382142426841710&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://links.securedark.com/?utm_term=6770382142426841710&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e

Response headers

status: 200
content-type: text/html;charset=utf-8
expires: Sat, 26 Jul 1997 05:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
date: Sat, 14 Dec 2019 19:40:33 GMT
content-encoding: gzip
vary: Accept-Encoding Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
x-cache-status: NOTCACHED
x-zen-fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
set-cookie: MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=144df63ac1833bad7f873c71f01896a3_1576352433.1197; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:33 UTC; Secure x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1576352433.1261; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:33 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3Yko3c2xOZ0hPUVJDUzRUczJPUHAwZEVBZ25KYnRBOXMwQUEvSUtYRGQxMQ%3D%3D; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:33 UTC; Secure 144df63ac1833bad7f873c71f01896a3_1576352433.1197_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bDFxSmdQaVRNRkJMVEpDZ01Cclk0UElIdkt6dGhLZjhqdjJ3bjFPUWl5VUVqaGJEVVZTNnhGb0owem54OTFpRkhPc29yeEhsbmtGcXdPbkRQYU54TWpwRnJ3c1BpZkdteG1DMFp1cW9VRTNGZjUrS2Q5SUxCTUIyb09xMCthUmE2QjltRHB2VjNaNkxFb3MyVjNkVFlIRDdTWFFyZHkzRm5FWExSaWJlR3FyUzVpSmxxR1VnRFhkZVhFNmxiM0xGRk0zc24yYXRjeDRQN09uWFJlY2I5YUdtMUQwRDBNdXJWTVRYczc1Ujd6dnFOREJwSmpzRWM5Wk54c21lSkhqejBoM2x3anVuODBWWmxlR0tEK3RWZnYweml3d1RZYU9jWGNyOU45VFJDaU91a25ieHNHcElCdUtaQklrYjNJK1RJNmFmbjFEM3NMUFhOQmlQei9aK3NHUGo3aU1tRThkblN3UFBDQ2tpd01NSTRNTWx3bWhRTjZOUDhjUTdQa04xeTFBN2RPb3Jza0NNRjdGZ0J2K2xjTmJlRWVISUNnbllkQzNRQm5tMHN6Y1lPQS9ieUpTRCtpZXVFME9hcENTNEk5ZndHRFAwelZCNlA4Rk05ZUl3QUtYdVE5VW1VWUFaWDJGL0lwY2gwTlBDY04wUkswQ3lFK3Faa2xTSThPUkROZTg4dy9aemNEMWRYTzdhN3p5KzdEcmVMeit3S0d6TWduSmtSWXl4QXdWSmk1cGpwOTV0YWdEcUpsb3k1SEgrUzdnTjJYQitWN0c5SGV0TCtua3Rad1p6a2pzOHVTTGM0MUlmTDJhSU94ano4Q1BIVENQSllXQkJmL1VMMjNTYTkyR1lTYjdicE9vSWZVLzJMKzJ6Z0s1OWIreVRwSDR2YXRPSFRJaFJhZWZGZS8rbDdzUFkrREVBZzhyb3BGdnRObDQycjV1TFZEb0c4MGFaTzVMZ09tTkNFeDI4cVdLNDhtU05xa0JnUlRxVUpnTWo0Nmt2N3ZiKzJxN2JQSUM1Si9jbG1PVTB0Y1NBdWJqaTZidlBCVHI3Y1FMSlE4OVBsZXMycU1Vb3JVS3Q2V3RxNjdTMnMwb0JzWCtEWGhWc3BKVW83M1hOYjVTZyswM1JOOGZLM2tYc0ROV2VYWHFyVDVuRExId2hKRDlnRDhIellBdHVEbDN5QTJyalVuTXFVTkgvUE1XT29JdFNPTi9JZklEbHF5UllMYm5xNTg0N2IwckIyKzlpQ1ZT; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:33 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=R2l2VmdaajRJSDlFakV1N3hmaTFWcjlOZGhuTDV1WGg5S0MwVVBrNUsvWEZMTEh2NlRQZ29IQkxrWDlhMEhyWVBUd0xHWHRZeDVGZGpZdkpkanZZVUtHQTMvTlVoTFVOVHJYWW9ISGZoT2M9; domain=minently.com; path=/; expires=Sat, 14-Dec-2019 20:45:33 UTC; Secure SERVERID=sfc37; path=/
server: ZENEDGE
x-cdn: Served-By-Zenedge

Redirect headers

Server: nginx
Date: Sat, 14 Dec 2019 19:40:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382142426841710&ext1=2704

GET

/
now.loading-wsite.com/
Redirect Chain

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0908330007PS002MZ0XHIX03DSR7505FB03DSR00000000&source=157851&data1=LzXlcZ_fZ9vuy.DFb4Xi&
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab19814294479021551

0
0

GET
H2

200

/ Show response
now.loading-wsite.com/
Redirect Chain

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0908330007PS002MZ0XHIX03DSR7505FB03DSR00000000&source=157851&data1=LzXlcZ_fZ9vuy.DFb4Xi
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab19814293fdf5eed40

3 KB
2 KB

158ms
111ms

Document
text/html

198.143.165.219
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab19814293fdf5eed40

Requested by

Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382142426841710&ext1=2704

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

f886b77a342c845764c46e0609320d41eb0942bb4c7f8a29668e7c7b45571e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: now.loading-wsite.com
:scheme: https
:path: /?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab19814293fdf5eed40
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://minently.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://minently.com/

Response headers

status: 200
server: nginx
date: Sat, 14 Dec 2019 19:40:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: u=2092678c512e16d2d84aa2b03943d78e; expires=Sun, 13-Dec-2020 19:40:33 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

Redirect headers

Server: nginx
Date: Sat, 14 Dec 2019 19:40:33 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 5c6b12d41e26dc53cb2c4efe
Raund: 106zbkrzxi
Location: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab19814293fdf5eed40

GET
H2 200 /
now.loading-wsite.com/ 7 KB
3 KB 122ms
121ms Document
text/html 198.143.165.219
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://now.loading-wsite.com/?utm_term=6770382146721808895&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f

Requested by

Host: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab19814293fdf5eed40

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: now.loading-wsite.com
:scheme: https
:path: /?utm_term=6770382146721808895&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab19814293fdf5eed40
accept-encoding: gzip, deflate, br
cookie: u=2092678c512e16d2d84aa2b03943d78e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab19814293fdf5eed40

Response headers

status: 200
server: nginx
date: Sat, 14 Dec 2019 19:40:33 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H2

200

-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e Show response
minently.com/RnSda/rDN3/ojdn/
Redirect Chain

https://now.loading-wsite.com/proc.php?2eca266cf415596918fdd8eaacfa1a30a72882bd
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382146721808895&ext1=6437

6 KB
2 KB

60ms
60ms

Document
text/html

205.147.93.131
Oracle Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382146721808895&ext1=6437

Requested by

Host: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_term=6770382146721808895&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.147.93.131 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),

Reverse DNS

Software

ZENEDGE /

Resource Hash

65165879dcaa296d5422a97aee1dfead71cab7343bb456e9a6b4229966dc11fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

:method: GET
:authority: minently.com
:scheme: https
:path: /RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382146721808895&ext1=6437
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://now.loading-wsite.com/?utm_term=6770382146721808895&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
accept-encoding: gzip, deflate, br
cookie: MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=144df63ac1833bad7f873c71f01896a3_1576352433.1197; x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1576352433.1261; FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3Yko3c2xOZ0hPUVJDUzRUczJPUHAwZEVBZ25KYnRBOXMwQUEvSUtYRGQxMQ%3D%3D; 144df63ac1833bad7f873c71f01896a3_1576352433.1197_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bDFxSmdQaVRNRkJMVEpDZ01Cclk0UElIdkt6dGhLZjhqdjJ3bjFPUWl5VUVqaGJEVVZTNnhGb0owem54OTFpRkhPc29yeEhsbmtGcXdPbkRQYU54TWpwRnJ3c1BpZkdteG1DMFp1cW9VRTNGZjUrS2Q5SUxCTUIyb09xMCthUmE2QjltRHB2VjNaNkxFb3MyVjNkVFlIRDdTWFFyZHkzRm5FWExSaWJlR3FyUzVpSmxxR1VnRFhkZVhFNmxiM0xGRk0zc24yYXRjeDRQN09uWFJlY2I5YUdtMUQwRDBNdXJWTVRYczc1Ujd6dnFOREJwSmpzRWM5Wk54c21lSkhqejBoM2x3anVuODBWWmxlR0tEK3RWZnYweml3d1RZYU9jWGNyOU45VFJDaU91a25ieHNHcElCdUtaQklrYjNJK1RJNmFmbjFEM3NMUFhOQmlQei9aK3NHUGo3aU1tRThkblN3UFBDQ2tpd01NSTRNTWx3bWhRTjZOUDhjUTdQa04xeTFBN2RPb3Jza0NNRjdGZ0J2K2xjTmJlRWVISUNnbllkQzNRQm5tMHN6Y1lPQS9ieUpTRCtpZXVFME9hcENTNEk5ZndHRFAwelZCNlA4Rk05ZUl3QUtYdVE5VW1VWUFaWDJGL0lwY2gwTlBDY04wUkswQ3lFK3Faa2xTSThPUkROZTg4dy9aemNEMWRYTzdhN3p5KzdEcmVMeit3S0d6TWduSmtSWXl4QXdWSmk1cGpwOTV0YWdEcUpsb3k1SEgrUzdnTjJYQitWN0c5SGV0TCtua3Rad1p6a2pzOHVTTGM0MUlmTDJhSU94ano4Q1BIVENQSllXQkJmL1VMMjNTYTkyR1lTYjdicE9vSWZVLzJMKzJ6Z0s1OWIreVRwSDR2YXRPSFRJaFJhZWZGZS8rbDdzUFkrREVBZzhyb3BGdnRObDQycjV1TFZEb0c4MGFaTzVMZ09tTkNFeDI4cVdLNDhtU05xa0JnUlRxVUpnTWo0Nmt2N3ZiKzJxN2JQSUM1Si9jbG1PVTB0Y1NBdWJqaTZidlBCVHI3Y1FMSlE4OVBsZXMycU1Vb3JVS3Q2V3RxNjdTMnMwb0JzWCtEWGhWc3BKVW83M1hOYjVTZyswM1JOOGZLM2tYc0ROV2VYWHFyVDVuRExId2hKRDlnRDhIellBdHVEbDN5QTJyalVuTXFVTkgvUE1XT29JdFNPTi9JZklEbHF5UllMYm5xNTg0N2IwckIyKzlpQ1ZT; 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=R2l2VmdaajRJSDlFakV1N3hmaTFWcjlOZGhuTDV1WGg5S0MwVVBrNUsvWEZMTEh2NlRQZ29IQkxrWDlhMEhyWVBUd0xHWHRZeDVGZGpZdkpkanZZVUtHQTMvTlVoTFVOVHJYWW9ISGZoT2M9; SERVERID=sfc37
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://now.loading-wsite.com/?utm_term=6770382146721808895&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f

Response headers

status: 200
content-type: text/html;charset=utf-8
expires: Sat, 26 Jul 1997 05:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
date: Sat, 14 Dec 2019 19:40:33 GMT
content-encoding: gzip
vary: Accept-Encoding Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
x-cache-status: NOTCACHED
x-zen-fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
set-cookie: x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1576352433.8953; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:33 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3Yko3c2xOZ0hPUVJDUzRUczJPUHAwZHNtM1Y0T29WSlAvYWlOd0I0MFVDcg%3D%3D; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:33 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=R2l2VmdaajRJSDlFakV1N3hmaTFWcjlOZGhuTDV1WGg5S0MwVVBrNUsvWFYvTnF6TTFoUTFBS3EvWU03QXI3OWZPYjd3TTdXOHdZby92aVZaUVlzYlpWK29WUXhmTlFpejR6dkhlaXU5SEU9; domain=minently.com; path=/; expires=Sat, 14-Dec-2019 20:45:33 UTC; Secure
server: ZENEDGE
x-cdn: Served-By-Zenedge

Redirect headers

status: 302
server: nginx
date: Sat, 14 Dec 2019 19:40:33 GMT
content-type: text/html; charset=UTF-8
location: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382146721808895&ext1=6437
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;

GET

/
now.loading-wsite.com/
Redirect Chain

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG090cdf0007PS002MZ0XHIX03DSR7505J903DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh&
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab19814294cf759653f

0
0

GET
H2

200

/ Show response
now.loading-wsite.com/
Redirect Chain

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG090cdf0007PS002MZ0XHIX03DSR7505J903DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab29814293af60efd79

3 KB
2 KB

109ms
109ms

Document
text/html

198.143.165.219
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab29814293af60efd79

Requested by

Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382146721808895&ext1=6437

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

775eca78a841270fa9b1535350637a63f75d58a3698b83ca4967dba34f7e2c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: now.loading-wsite.com
:scheme: https
:path: /?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab29814293af60efd79
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://minently.com/
accept-encoding: gzip, deflate, br
cookie: u=2092678c512e16d2d84aa2b03943d78e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://minently.com/

Response headers

status: 200
server: nginx
date: Sat, 14 Dec 2019 19:40:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

Redirect headers

Server: nginx
Date: Sat, 14 Dec 2019 19:40:34 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 5c6b12d41e26dc53cb2c4efe
Raund: 106zbkrzxi
Location: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab29814293af60efd79

GET
H2 200 / Show response
now.loading-wsite.com/ 7 KB
3 KB 134ms
134ms Document
text/html 198.143.165.219
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://now.loading-wsite.com/?utm_term=6770382151016775808&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f097979b8790cacbf9c9fff9fcfdc2f2f2f1f6c7c4c5f9

Requested by

Host: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab29814293af60efd79

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx /

Resource Hash

f9cc951381fa7bfbdbc01fa483734e097de058dfe20e9338628f836d90919b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: now.loading-wsite.com
:scheme: https
:path: /?utm_term=6770382151016775808&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f097979b8790cacbf9c9fff9fcfdc2f2f2f1f6c7c4c5f9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab29814293af60efd79
accept-encoding: gzip, deflate, br
cookie: u=2092678c512e16d2d84aa2b03943d78e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab29814293af60efd79

Response headers

status: 200
server: nginx
date: Sat, 14 Dec 2019 19:40:34 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H2

200

-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e Show response
minently.com/RnSda/rDN3/ojdn/
Redirect Chain

https://now.loading-wsite.com/proc.php?5cc8710b9d7f71309dfa1c520e1e54571cb737ca
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382151016775808&ext1=6437

6 KB
2 KB

70ms
70ms

Document
text/html

205.147.93.131
Oracle Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382151016775808&ext1=6437

Requested by

Host: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_term=6770382151016775808&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f097979b8790cacbf9c9fff9fcfdc2f2f2f1f6c7c4c5f9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.147.93.131 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),

Reverse DNS

Software

ZENEDGE /

Resource Hash

5573ef6a0c74e4270b580f565dda7208a4f643f9c6b7454bf562f1b4a2d5fe30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

:method: GET
:authority: minently.com
:scheme: https
:path: /RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382151016775808&ext1=6437
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://now.loading-wsite.com/?utm_term=6770382151016775808&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f097979b8790cacbf9c9fff9fcfdc2f2f2f1f6c7c4c5f9
accept-encoding: gzip, deflate, br
cookie: MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=144df63ac1833bad7f873c71f01896a3_1576352433.1197; 144df63ac1833bad7f873c71f01896a3_1576352433.1197_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bDFxSmdQaVRNRkJMVEpDZ01Cclk0UElIdkt6dGhLZjhqdjJ3bjFPUWl5VUVqaGJEVVZTNnhGb0owem54OTFpRkhPc29yeEhsbmtGcXdPbkRQYU54TWpwRnJ3c1BpZkdteG1DMFp1cW9VRTNGZjUrS2Q5SUxCTUIyb09xMCthUmE2QjltRHB2VjNaNkxFb3MyVjNkVFlIRDdTWFFyZHkzRm5FWExSaWJlR3FyUzVpSmxxR1VnRFhkZVhFNmxiM0xGRk0zc24yYXRjeDRQN09uWFJlY2I5YUdtMUQwRDBNdXJWTVRYczc1Ujd6dnFOREJwSmpzRWM5Wk54c21lSkhqejBoM2x3anVuODBWWmxlR0tEK3RWZnYweml3d1RZYU9jWGNyOU45VFJDaU91a25ieHNHcElCdUtaQklrYjNJK1RJNmFmbjFEM3NMUFhOQmlQei9aK3NHUGo3aU1tRThkblN3UFBDQ2tpd01NSTRNTWx3bWhRTjZOUDhjUTdQa04xeTFBN2RPb3Jza0NNRjdGZ0J2K2xjTmJlRWVISUNnbllkQzNRQm5tMHN6Y1lPQS9ieUpTRCtpZXVFME9hcENTNEk5ZndHRFAwelZCNlA4Rk05ZUl3QUtYdVE5VW1VWUFaWDJGL0lwY2gwTlBDY04wUkswQ3lFK3Faa2xTSThPUkROZTg4dy9aemNEMWRYTzdhN3p5KzdEcmVMeit3S0d6TWduSmtSWXl4QXdWSmk1cGpwOTV0YWdEcUpsb3k1SEgrUzdnTjJYQitWN0c5SGV0TCtua3Rad1p6a2pzOHVTTGM0MUlmTDJhSU94ano4Q1BIVENQSllXQkJmL1VMMjNTYTkyR1lTYjdicE9vSWZVLzJMKzJ6Z0s1OWIreVRwSDR2YXRPSFRJaFJhZWZGZS8rbDdzUFkrREVBZzhyb3BGdnRObDQycjV1TFZEb0c4MGFaTzVMZ09tTkNFeDI4cVdLNDhtU05xa0JnUlRxVUpnTWo0Nmt2N3ZiKzJxN2JQSUM1Si9jbG1PVTB0Y1NBdWJqaTZidlBCVHI3Y1FMSlE4OVBsZXMycU1Vb3JVS3Q2V3RxNjdTMnMwb0JzWCtEWGhWc3BKVW83M1hOYjVTZyswM1JOOGZLM2tYc0ROV2VYWHFyVDVuRExId2hKRDlnRDhIellBdHVEbDN5QTJyalVuTXFVTkgvUE1XT29JdFNPTi9JZklEbHF5UllMYm5xNTg0N2IwckIyKzlpQ1ZT; SERVERID=sfc37; x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1576352433.8953; FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3Yko3c2xOZ0hPUVJDUzRUczJPUHAwZHNtM1Y0T29WSlAvYWlOd0I0MFVDcg%3D%3D; 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=R2l2VmdaajRJSDlFakV1N3hmaTFWcjlOZGhuTDV1WGg5S0MwVVBrNUsvWFYvTnF6TTFoUTFBS3EvWU03QXI3OWZPYjd3TTdXOHdZby92aVZaUVlzYlpWK29WUXhmTlFpejR6dkhlaXU5SEU9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://now.loading-wsite.com/?utm_term=6770382151016775808&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f097979b8790cacbf9c9fff9fcfdc2f2f2f1f6c7c4c5f9

Response headers

status: 200
content-type: text/html;charset=utf-8
expires: Sat, 26 Jul 1997 05:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
date: Sat, 14 Dec 2019 19:40:34 GMT
content-encoding: gzip
vary: Accept-Encoding Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
x-cache-status: NOTCACHED
x-zen-fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
set-cookie: x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1576352434.5012; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:34 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3Yko3c2xOZ0hPUVJDUzRUczJPUHAwZWl5NitpYVVYRHBPVGpHYnNQUGFXcw%3D%3D; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:34 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=R2l2VmdaajRJSDlFakV1N3hmaTFWcjlOZGhuTDV1WGg5S0MwVVBrNUsvVzZiS1RBaGlaUzY2NTF3Z0cxQ2sybDNZMk5jTkxlREJaMkZnVnNoSTExZkVINy9QL2Q2OGU3c1BzeWNhWjdqaEE9; domain=minently.com; path=/; expires=Sat, 14-Dec-2019 20:45:34 UTC; Secure
server: ZENEDGE
x-cdn: Served-By-Zenedge

Redirect headers

status: 302
server: nginx
date: Sat, 14 Dec 2019 19:40:34 GMT
content-type: text/html; charset=UTF-8
location: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382151016775808&ext1=6437
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;

GET

/
now.loading-wsite.com/
Redirect Chain

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0901c50007PS002MZ0XHIX03DSR7505MK03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh&
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab29814293e4c7b8d15

0
0

GET
H2

200

/ Show response
now.loading-wsite.com/
Redirect Chain

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0901c50007PS002MZ0XHIX03DSR7505MK03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab298142946e857b595

3 KB
2 KB

109ms
109ms

Document
text/html

198.143.165.219
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab298142946e857b595

Requested by

Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382151016775808&ext1=6437

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

b1fc51f58fe36bca4fa62bdae933f781f011a11a126546b57ed85cfe3d8e3961

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: now.loading-wsite.com
:scheme: https
:path: /?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab298142946e857b595
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://minently.com/
accept-encoding: gzip, deflate, br
cookie: u=2092678c512e16d2d84aa2b03943d78e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://minently.com/

Response headers

status: 200
server: nginx
date: Sat, 14 Dec 2019 19:40:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

Redirect headers

Server: nginx
Date: Sat, 14 Dec 2019 19:40:34 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 5c6b12d41e26dc53cb2c4efe
Raund: 106zbkrzxi
Location: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab298142946e857b595

GET
H2 200 /
now.loading-wsite.com/ 7 KB
3 KB 117ms
117ms Document
text/html 198.143.165.219
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://now.loading-wsite.com/?utm_term=6770382151016776355&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f

Requested by

Host: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab298142946e857b595

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: now.loading-wsite.com
:scheme: https
:path: /?utm_term=6770382151016776355&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab298142946e857b595
accept-encoding: gzip, deflate, br
cookie: u=2092678c512e16d2d84aa2b03943d78e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab298142946e857b595

Response headers

status: 200
server: nginx
date: Sat, 14 Dec 2019 19:40:34 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H2

200

-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e Show response
minently.com/RnSda/rDN3/ojdn/
Redirect Chain

https://now.loading-wsite.com/proc.php?3cd68dd2a6121d7f36bf0cfcc455a84b99cc81a6
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382151016776355&ext1=6437

6 KB
4 KB

78ms
78ms

Document
text/html

205.147.93.131
Oracle Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382151016776355&ext1=6437

Requested by

Host: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_term=6770382151016776355&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.147.93.131 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),

Reverse DNS

Software

ZENEDGE /

Resource Hash

41b078c17fbe1bc5b9939048490af31e975ddeb798f16bdb2465e37d245129ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

:method: GET
:authority: minently.com
:scheme: https
:path: /RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382151016776355&ext1=6437
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://now.loading-wsite.com/?utm_term=6770382151016776355&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://now.loading-wsite.com/?utm_term=6770382151016776355&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f

Response headers

status: 200
content-type: text/html;charset=utf-8
expires: Sat, 26 Jul 1997 05:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
date: Sat, 14 Dec 2019 19:40:35 GMT
content-encoding: gzip
vary: Accept-Encoding Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
x-cache-status: NOTCACHED
x-zen-fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
set-cookie: MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=4621d07286daba4e86a23137aca5798e_1576352435.3761; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:35 UTC; Secure x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1576352435.3848; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:35 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3UnIvdE1oOVJ2L2xpQ3l6U0RRVFgyS2hlbHhIUGJ0a2FzNCtiR0NCQ3d4Zg%3D%3D; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:35 UTC; Secure 4621d07286daba4e86a23137aca5798e_1576352435.3761_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bDFxSmdQaVRNRkJMVEpDZ01Cclk0UElIdkt6dGhLZjhqdjJ3bjFPUWl5VUVqaGJEVVZTNnhGb0owem54OTFpRkhPc29yeEhsbmtGcXdPbkRQYU54TWhWTE1sdU1IRnh5RElpN29NdVRKNFk2eHh4OGRPekhiczRwUWkrRXNvL0R0bit4YmVIRHJ6YklkZWxmRUhCQzVXak5jVWc5Y2ZYaGJ5cTlvbFAzd3phSGMwMlRRd2FUQXRjR2hDTzQ0QkpLOFdhNlVib25yVEVhTktGcmVkaVN3emVuT05zcG0yVlhlZFcxa1hKYXZGWGdWVHg2NzdySFlPYWc3SVdwRFd4Uy9jNFhta0wyZDZGbDhINVVwYlRwaEF0T21zd1FkVzErNUJQSXpjUUFrS3JTOUo1WTROZUxkZUZOK1MzZHE0VjJVVWErd3MybDRkNWZTKzJlMG1RSTN4ekp1WHpsM1hYZXVjZkI1bERNVVdya20yVFhDVFdzMVE0b21LODVlRmh1Sk9HNDdycGpqQWtGbjZCU1NRdHZuR29zdjRmZmFwcUxvZ2JNS0tpeHRDZksrRC9BekxFUlc2SDF6NkJSU2VudmZKMkVxdTFWZVRWYld3VGhvRWQvVGRBSGRuMitwcHhMTzZNRnhhamh1ZWk0QWFUNS9LNlB2azRCS05iUVNkR2VHUXBLalRqeWVEdUZ1K0ptN1hLTWxDMmFRd3I0VEJFNVd1UnQ1TnlzZlJDT2JvQy9ENllIWkhEMHdyOUNKeEI1TUo2TE1XSC8wY0VhODJnQkxNQVdIOXZ3dDM3Q1ZUQmk0TW8yZmlWNGpIdHh2M3llazVTdjdMcGVDTFdkd1gxRmJzeXpvQncvOWliTlhRSmEzcmtzVlE4SG8rQnpZSlUvdnYxRjhWK2IyNnZmRllsYWhLM05iOG1iby9jOTBiNXUrQkhyYmttRXhBOG96SVVCRTdQR2tvMkJHTWQ4Y01uMk5GSjg5WkNnOWJyNjFaZVo4VXRSOTRTd0lpSjdmVmpDU0J4QUo4YVp4TUU0VGlXVlJlaDZjRi84MWlBZXMySzY4WEk1SjhkZTFrVWxZZy9RTWg0M0N1bzBNVTFqeFdxbS8xNlZXem9OR1ZBdHZ0V0dtandlQ05Dc3FySC9XNFdmSHFNc2RJaWxTK08wNEhzaDZmZmtWVTlKUWZXYVhRR3g0eXIwaTd4SXc3QjRjbURvc3lhOExoWkRxUFltVHRZLzlEUTJ3Z2ZLS0NU; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:35 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=c1g5RHVjNFRwYmJXUEYyOFZUQmVlbG14Rlh5cW8zV0I5VE5oc0hpWTNyMnhoeXlmU1d5VE1WQldZb1BuVTZWMjVjR0tpSmxwOTN2Tnh6V2s3OWtUYXljK1VnSDEvWWh4MTYyTFk4aFhZb1E9; domain=minently.com; path=/; expires=Sat, 14-Dec-2019 20:45:35 UTC; Secure SERVERID=sfc13; path=/
server: ZENEDGE
x-cdn: Served-By-Zenedge

Redirect headers

status: 302
server: nginx
date: Sat, 14 Dec 2019 19:40:35 GMT
content-type: text/html; charset=UTF-8
location: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382151016776355&ext1=6437
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;

GET

/
now.loading-wsite.com/
Redirect Chain

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0909300007PS002MZ0XHIX03DSRMY05VK03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh&
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab39814293fe4747f03

0
0

GET
H2

200

/ Show response
now.loading-wsite.com/
Redirect Chain

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0909300007PS002MZ0XHIX03DSRMY05VK03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab398142945b925406f

3 KB
2 KB

114ms
113ms

Document
text/html

198.143.165.219
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab398142945b925406f

Requested by

Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382151016776355&ext1=6437

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

9fc5fc5a0c610a2b2a36179a6995b98322a0c9534297ff56ff6acb2daa4afd39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: now.loading-wsite.com
:scheme: https
:path: /?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab398142945b925406f
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://minently.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://minently.com/

Response headers

status: 200
server: nginx
date: Sat, 14 Dec 2019 19:40:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: u=9be9a133fda95c96a1d501c0ec26de65; expires=Sun, 13-Dec-2020 19:40:35 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

Redirect headers

Server: nginx
Date: Sat, 14 Dec 2019 19:40:35 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 5c6b12d41e26dc53cb2c4efe
Raund: 106zbkrzxi
Location: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab398142945b925406f

GET
H2 200 / Show response
now.loading-wsite.com/ 7 KB
3 KB 125ms
125ms Document
text/html 198.143.165.219
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://now.loading-wsite.com/?utm_term=6770382155311743658&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f

Requested by

Host: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab398142945b925406f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

87d0ae504c75bc9689f99d8909b0693c88bbcdbe4a17eb6ea20a501a5fe5af63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: now.loading-wsite.com
:scheme: https
:path: /?utm_term=6770382155311743658&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab398142945b925406f
accept-encoding: gzip, deflate, br
cookie: u=9be9a133fda95c96a1d501c0ec26de65
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab398142945b925406f

Response headers

status: 200
server: nginx
date: Sat, 14 Dec 2019 19:40:35 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H2

200

-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e Show response
minently.com/RnSda/rDN3/ojdn/
Redirect Chain

https://now.loading-wsite.com/proc.php?093862f3b3c3065df2f60643286c13c2030c7d89
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382155311743658&ext1=6437

6 KB
2 KB

94ms
94ms

Document
text/html

205.147.93.131
Oracle Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382155311743658&ext1=6437

Requested by

Host: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_term=6770382155311743658&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.147.93.131 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),

Reverse DNS

Software

ZENEDGE /

Resource Hash

06fc47330c4e33768f7441538d347b1fa63a43b9c0820a155c282ea816de1ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

:method: GET
:authority: minently.com
:scheme: https
:path: /RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382155311743658&ext1=6437
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://now.loading-wsite.com/?utm_term=6770382155311743658&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
accept-encoding: gzip, deflate, br
cookie: MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=4621d07286daba4e86a23137aca5798e_1576352435.3761; x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1576352435.3848; FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3UnIvdE1oOVJ2L2xpQ3l6U0RRVFgyS2hlbHhIUGJ0a2FzNCtiR0NCQ3d4Zg%3D%3D; 4621d07286daba4e86a23137aca5798e_1576352435.3761_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bDFxSmdQaVRNRkJMVEpDZ01Cclk0UElIdkt6dGhLZjhqdjJ3bjFPUWl5VUVqaGJEVVZTNnhGb0owem54OTFpRkhPc29yeEhsbmtGcXdPbkRQYU54TWhWTE1sdU1IRnh5RElpN29NdVRKNFk2eHh4OGRPekhiczRwUWkrRXNvL0R0bit4YmVIRHJ6YklkZWxmRUhCQzVXak5jVWc5Y2ZYaGJ5cTlvbFAzd3phSGMwMlRRd2FUQXRjR2hDTzQ0QkpLOFdhNlVib25yVEVhTktGcmVkaVN3emVuT05zcG0yVlhlZFcxa1hKYXZGWGdWVHg2NzdySFlPYWc3SVdwRFd4Uy9jNFhta0wyZDZGbDhINVVwYlRwaEF0T21zd1FkVzErNUJQSXpjUUFrS3JTOUo1WTROZUxkZUZOK1MzZHE0VjJVVWErd3MybDRkNWZTKzJlMG1RSTN4ekp1WHpsM1hYZXVjZkI1bERNVVdya20yVFhDVFdzMVE0b21LODVlRmh1Sk9HNDdycGpqQWtGbjZCU1NRdHZuR29zdjRmZmFwcUxvZ2JNS0tpeHRDZksrRC9BekxFUlc2SDF6NkJSU2VudmZKMkVxdTFWZVRWYld3VGhvRWQvVGRBSGRuMitwcHhMTzZNRnhhamh1ZWk0QWFUNS9LNlB2azRCS05iUVNkR2VHUXBLalRqeWVEdUZ1K0ptN1hLTWxDMmFRd3I0VEJFNVd1UnQ1TnlzZlJDT2JvQy9ENllIWkhEMHdyOUNKeEI1TUo2TE1XSC8wY0VhODJnQkxNQVdIOXZ3dDM3Q1ZUQmk0TW8yZmlWNGpIdHh2M3llazVTdjdMcGVDTFdkd1gxRmJzeXpvQncvOWliTlhRSmEzcmtzVlE4SG8rQnpZSlUvdnYxRjhWK2IyNnZmRllsYWhLM05iOG1iby9jOTBiNXUrQkhyYmttRXhBOG96SVVCRTdQR2tvMkJHTWQ4Y01uMk5GSjg5WkNnOWJyNjFaZVo4VXRSOTRTd0lpSjdmVmpDU0J4QUo4YVp4TUU0VGlXVlJlaDZjRi84MWlBZXMySzY4WEk1SjhkZTFrVWxZZy9RTWg0M0N1bzBNVTFqeFdxbS8xNlZXem9OR1ZBdHZ0V0dtandlQ05Dc3FySC9XNFdmSHFNc2RJaWxTK08wNEhzaDZmZmtWVTlKUWZXYVhRR3g0eXIwaTd4SXc3QjRjbURvc3lhOExoWkRxUFltVHRZLzlEUTJ3Z2ZLS0NU; 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=c1g5RHVjNFRwYmJXUEYyOFZUQmVlbG14Rlh5cW8zV0I5VE5oc0hpWTNyMnhoeXlmU1d5VE1WQldZb1BuVTZWMjVjR0tpSmxwOTN2Tnh6V2s3OWtUYXljK1VnSDEvWWh4MTYyTFk4aFhZb1E9; SERVERID=sfc13
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://now.loading-wsite.com/?utm_term=6770382155311743658&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f

Response headers

status: 200
content-type: text/html;charset=utf-8
expires: Sat, 26 Jul 1997 05:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
date: Sat, 14 Dec 2019 19:40:36 GMT
content-encoding: gzip
vary: Accept-Encoding Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
x-cache-status: NOTCACHED
x-zen-fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
set-cookie: x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1576352436.0006; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:35 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3UnIvdE1oOVJ2L2xpQ3l6U0RRVFgySmJqVGZYVmQxMHNTWHBFM3c2bVFyVg%3D%3D; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:35 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=c1g5RHVjNFRwYmJXUEYyOFZUQmVlbG14Rlh5cW8zV0I5VE5oc0hpWTNyM3ZXNFhMSXl1eVFHTHdLbmJCMCtYTy9qdTNFbGJHUFQ0WWNiNzF6Smt3d3VwaXBlRDRPa056M3dQZ2xPa3NGM009; domain=minently.com; path=/; expires=Sat, 14-Dec-2019 20:45:36 UTC; Secure
server: ZENEDGE
x-cdn: Served-By-Zenedge

Redirect headers

status: 302
server: nginx
date: Sat, 14 Dec 2019 19:40:35 GMT
content-type: text/html; charset=UTF-8
location: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382155311743658&ext1=6437
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;

GET

/
now.loading-wsite.com/
Redirect Chain

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG09093e0007PS002MZ0XHIX03DSRMY05YX03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh&
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab49814293e9f7d4d30

0
0

GET
H2

200

/ Show response
now.loading-wsite.com/
Redirect Chain

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG09093e0007PS002MZ0XHIX03DSRMY05YX03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab498142944ae2fb6d5

3 KB
1 KB

112ms
111ms

Document
text/html

198.143.165.219
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab498142944ae2fb6d5

Requested by

Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382155311743658&ext1=6437

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx /

Resource Hash

4b827b55ec4fb5513cdb82ed70559a40d8ef54732115f912889261a2060dae7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: now.loading-wsite.com
:scheme: https
:path: /?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab498142944ae2fb6d5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://minently.com/
accept-encoding: gzip, deflate, br
cookie: u=9be9a133fda95c96a1d501c0ec26de65
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://minently.com/

Response headers

status: 200
server: nginx
date: Sat, 14 Dec 2019 19:40:36 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

Redirect headers

Server: nginx
Date: Sat, 14 Dec 2019 19:40:36 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 5c6b12d41e26dc53cb2c4efe
Raund: 106zbkrzxi
Location: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab498142944ae2fb6d5

GET
H2 200 / Show response
now.loading-wsite.com/ 7 KB
3 KB 123ms
122ms Document
text/html 198.143.165.219
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://now.loading-wsite.com/?utm_term=6770382159623487519&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f

Requested by

Host: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab498142944ae2fb6d5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

74f4a2d8efddc8edf09695fb4b025096ce0cece3d1cec69f88c8860c860ecd8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: now.loading-wsite.com
:scheme: https
:path: /?utm_term=6770382159623487519&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab498142944ae2fb6d5
accept-encoding: gzip, deflate, br
cookie: u=9be9a133fda95c96a1d501c0ec26de65
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab498142944ae2fb6d5

Response headers

status: 200
server: nginx
date: Sat, 14 Dec 2019 19:40:36 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H2

200

-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e
minently.com/RnSda/rDN3/ojdn/
Redirect Chain

https://now.loading-wsite.com/proc.php?478ef5ed5579d85848a4a328a4020d8e0648ea4e
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382159623487519&ext1=6437

6 KB
2 KB

63ms
63ms

Document
text/html

205.147.93.131
Oracle Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382159623487519&ext1=6437

Requested by

Host: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_term=6770382159623487519&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.147.93.131 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),

Reverse DNS

Software

ZENEDGE /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

:method: GET
:authority: minently.com
:scheme: https
:path: /RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382159623487519&ext1=6437
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://now.loading-wsite.com/?utm_term=6770382159623487519&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
accept-encoding: gzip, deflate, br
cookie: MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=4621d07286daba4e86a23137aca5798e_1576352435.3761; 4621d07286daba4e86a23137aca5798e_1576352435.3761_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bDFxSmdQaVRNRkJMVEpDZ01Cclk0UElIdkt6dGhLZjhqdjJ3bjFPUWl5VUVqaGJEVVZTNnhGb0owem54OTFpRkhPc29yeEhsbmtGcXdPbkRQYU54TWhWTE1sdU1IRnh5RElpN29NdVRKNFk2eHh4OGRPekhiczRwUWkrRXNvL0R0bit4YmVIRHJ6YklkZWxmRUhCQzVXak5jVWc5Y2ZYaGJ5cTlvbFAzd3phSGMwMlRRd2FUQXRjR2hDTzQ0QkpLOFdhNlVib25yVEVhTktGcmVkaVN3emVuT05zcG0yVlhlZFcxa1hKYXZGWGdWVHg2NzdySFlPYWc3SVdwRFd4Uy9jNFhta0wyZDZGbDhINVVwYlRwaEF0T21zd1FkVzErNUJQSXpjUUFrS3JTOUo1WTROZUxkZUZOK1MzZHE0VjJVVWErd3MybDRkNWZTKzJlMG1RSTN4ekp1WHpsM1hYZXVjZkI1bERNVVdya20yVFhDVFdzMVE0b21LODVlRmh1Sk9HNDdycGpqQWtGbjZCU1NRdHZuR29zdjRmZmFwcUxvZ2JNS0tpeHRDZksrRC9BekxFUlc2SDF6NkJSU2VudmZKMkVxdTFWZVRWYld3VGhvRWQvVGRBSGRuMitwcHhMTzZNRnhhamh1ZWk0QWFUNS9LNlB2azRCS05iUVNkR2VHUXBLalRqeWVEdUZ1K0ptN1hLTWxDMmFRd3I0VEJFNVd1UnQ1TnlzZlJDT2JvQy9ENllIWkhEMHdyOUNKeEI1TUo2TE1XSC8wY0VhODJnQkxNQVdIOXZ3dDM3Q1ZUQmk0TW8yZmlWNGpIdHh2M3llazVTdjdMcGVDTFdkd1gxRmJzeXpvQncvOWliTlhRSmEzcmtzVlE4SG8rQnpZSlUvdnYxRjhWK2IyNnZmRllsYWhLM05iOG1iby9jOTBiNXUrQkhyYmttRXhBOG96SVVCRTdQR2tvMkJHTWQ4Y01uMk5GSjg5WkNnOWJyNjFaZVo4VXRSOTRTd0lpSjdmVmpDU0J4QUo4YVp4TUU0VGlXVlJlaDZjRi84MWlBZXMySzY4WEk1SjhkZTFrVWxZZy9RTWg0M0N1bzBNVTFqeFdxbS8xNlZXem9OR1ZBdHZ0V0dtandlQ05Dc3FySC9XNFdmSHFNc2RJaWxTK08wNEhzaDZmZmtWVTlKUWZXYVhRR3g0eXIwaTd4SXc3QjRjbURvc3lhOExoWkRxUFltVHRZLzlEUTJ3Z2ZLS0NU; SERVERID=sfc13; x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1576352436.0006; FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3UnIvdE1oOVJ2L2xpQ3l6U0RRVFgySmJqVGZYVmQxMHNTWHBFM3c2bVFyVg%3D%3D; 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=c1g5RHVjNFRwYmJXUEYyOFZUQmVlbG14Rlh5cW8zV0I5VE5oc0hpWTNyM3ZXNFhMSXl1eVFHTHdLbmJCMCtYTy9qdTNFbGJHUFQ0WWNiNzF6Smt3d3VwaXBlRDRPa056M3dQZ2xPa3NGM009
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://now.loading-wsite.com/?utm_term=6770382159623487519&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f

Response headers

status: 200
content-type: text/html;charset=utf-8
expires: Sat, 26 Jul 1997 05:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
date: Sat, 14 Dec 2019 19:40:36 GMT
content-encoding: gzip
vary: Accept-Encoding Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
x-cache-status: NOTCACHED
x-zen-fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
set-cookie: x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1576352436.6033; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:36 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3UnIvdE1oOVJ2L2xpQ3l6U0RRVFgyS1BtMTlRUTVHVGs5VXBTZTVpRWk0Ng%3D%3D; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:36 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=c1g5RHVjNFRwYmJXUEYyOFZUQmVlbG14Rlh5cW8zV0I5VE5oc0hpWTNyM1B6UUVhVkdCeHJXbC9JaUdhb0JhcHQ3NVpKQVc1OFcxK1pCdi9mbHRTdFR3Zk1QWXRMdSs5VGVDVnFKbzVYdjA9; domain=minently.com; path=/; expires=Sat, 14-Dec-2019 20:45:36 UTC; Secure
server: ZENEDGE
x-cdn: Served-By-Zenedge

Redirect headers

status: 302
server: nginx
date: Sat, 14 Dec 2019 19:40:36 GMT
content-type: text/html; charset=UTF-8
location: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382159623487519&ext1=6437
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;

GET
H2

200

/ Show response
now.loading-wsite.com/
Redirect Chain

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG0904a90007PS002MZ0XHIX03DSRMY062C03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab498142945495dd0b3

3 KB
2 KB

111ms
111ms

Document
text/html

198.143.165.219
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab498142945495dd0b3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

c092f9205fa24a7e5aac9c181ab35ce577882e4647714c384b4a2a4713792ac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: now.loading-wsite.com
:scheme: https
:path: /?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab498142945495dd0b3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://minently.com/
accept-encoding: gzip, deflate, br
cookie: u=9be9a133fda95c96a1d501c0ec26de65
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://minently.com/

Response headers

status: 200
server: nginx
date: Sat, 14 Dec 2019 19:40:36 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

Redirect headers

Server: nginx
Date: Sat, 14 Dec 2019 19:40:36 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 5c6b12d41e26dc53cb2c4efe
Raund: 106zbkrzxi
Location: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab498142945495dd0b3

GET
H2 200 / Show response
now.loading-wsite.com/ 7 KB
3 KB 120ms
120ms Document
text/html 198.143.165.219
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://now.loading-wsite.com/?utm_term=6770382159606711136&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f

Requested by

Host: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab498142945495dd0b3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

31085e94c17e9704fc220ac5d7af73392a240289f437f03f480bd7f3bcc9acec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: now.loading-wsite.com
:scheme: https
:path: /?utm_term=6770382159606711136&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab498142945495dd0b3
accept-encoding: gzip, deflate, br
cookie: u=9be9a133fda95c96a1d501c0ec26de65
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab498142945495dd0b3

Response headers

status: 200
server: nginx
date: Sat, 14 Dec 2019 19:40:36 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H2

200

-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e Show response
minently.com/RnSda/rDN3/ojdn/
Redirect Chain

https://now.loading-wsite.com/proc.php?758bcf3859b3f7fd36ecb1a7d38cc75e8de7feac
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382159606711136&ext1=6437

6 KB
2 KB

81ms
81ms

Document
text/html

205.147.93.131
Oracle Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382159606711136&ext1=6437

Requested by

Host: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_term=6770382159606711136&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.147.93.131 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),

Reverse DNS

Software

ZENEDGE /

Resource Hash

eb28f0867aa0c60fe8d37c4c12f2fbbe7d573b2112645d26c963ddd1d648613d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

:method: GET
:authority: minently.com
:scheme: https
:path: /RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382159606711136&ext1=6437
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://now.loading-wsite.com/?utm_term=6770382159606711136&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
accept-encoding: gzip, deflate, br
cookie: MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=4621d07286daba4e86a23137aca5798e_1576352435.3761; 4621d07286daba4e86a23137aca5798e_1576352435.3761_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bDFxSmdQaVRNRkJMVEpDZ01Cclk0UElIdkt6dGhLZjhqdjJ3bjFPUWl5VUVqaGJEVVZTNnhGb0owem54OTFpRkhPc29yeEhsbmtGcXdPbkRQYU54TWhWTE1sdU1IRnh5RElpN29NdVRKNFk2eHh4OGRPekhiczRwUWkrRXNvL0R0bit4YmVIRHJ6YklkZWxmRUhCQzVXak5jVWc5Y2ZYaGJ5cTlvbFAzd3phSGMwMlRRd2FUQXRjR2hDTzQ0QkpLOFdhNlVib25yVEVhTktGcmVkaVN3emVuT05zcG0yVlhlZFcxa1hKYXZGWGdWVHg2NzdySFlPYWc3SVdwRFd4Uy9jNFhta0wyZDZGbDhINVVwYlRwaEF0T21zd1FkVzErNUJQSXpjUUFrS3JTOUo1WTROZUxkZUZOK1MzZHE0VjJVVWErd3MybDRkNWZTKzJlMG1RSTN4ekp1WHpsM1hYZXVjZkI1bERNVVdya20yVFhDVFdzMVE0b21LODVlRmh1Sk9HNDdycGpqQWtGbjZCU1NRdHZuR29zdjRmZmFwcUxvZ2JNS0tpeHRDZksrRC9BekxFUlc2SDF6NkJSU2VudmZKMkVxdTFWZVRWYld3VGhvRWQvVGRBSGRuMitwcHhMTzZNRnhhamh1ZWk0QWFUNS9LNlB2azRCS05iUVNkR2VHUXBLalRqeWVEdUZ1K0ptN1hLTWxDMmFRd3I0VEJFNVd1UnQ1TnlzZlJDT2JvQy9ENllIWkhEMHdyOUNKeEI1TUo2TE1XSC8wY0VhODJnQkxNQVdIOXZ3dDM3Q1ZUQmk0TW8yZmlWNGpIdHh2M3llazVTdjdMcGVDTFdkd1gxRmJzeXpvQncvOWliTlhRSmEzcmtzVlE4SG8rQnpZSlUvdnYxRjhWK2IyNnZmRllsYWhLM05iOG1iby9jOTBiNXUrQkhyYmttRXhBOG96SVVCRTdQR2tvMkJHTWQ4Y01uMk5GSjg5WkNnOWJyNjFaZVo4VXRSOTRTd0lpSjdmVmpDU0J4QUo4YVp4TUU0VGlXVlJlaDZjRi84MWlBZXMySzY4WEk1SjhkZTFrVWxZZy9RTWg0M0N1bzBNVTFqeFdxbS8xNlZXem9OR1ZBdHZ0V0dtandlQ05Dc3FySC9XNFdmSHFNc2RJaWxTK08wNEhzaDZmZmtWVTlKUWZXYVhRR3g0eXIwaTd4SXc3QjRjbURvc3lhOExoWkRxUFltVHRZLzlEUTJ3Z2ZLS0NU; SERVERID=sfc13; x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1576352436.6033; FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3UnIvdE1oOVJ2L2xpQ3l6U0RRVFgyS1BtMTlRUTVHVGs5VXBTZTVpRWk0Ng%3D%3D; 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=c1g5RHVjNFRwYmJXUEYyOFZUQmVlbG14Rlh5cW8zV0I5VE5oc0hpWTNyM1B6UUVhVkdCeHJXbC9JaUdhb0JhcHQ3NVpKQVc1OFcxK1pCdi9mbHRTdFR3Zk1QWXRMdSs5VGVDVnFKbzVYdjA9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://now.loading-wsite.com/?utm_term=6770382159606711136&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f

Response headers

status: 200
content-type: text/html;charset=utf-8
expires: Sat, 26 Jul 1997 05:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
date: Sat, 14 Dec 2019 19:40:37 GMT
content-encoding: gzip
vary: Accept-Encoding Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
x-cache-status: NOTCACHED
x-zen-fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
set-cookie: x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1576352437.1403; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:37 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3UnIvdE1oOVJ2L2xpQ3l6U0RRVFgySnpLVjFieWhzY3NHLzZsS3FiaFZ1Ug%3D%3D; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:37 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=c1g5RHVjNFRwYmJXUEYyOFZUQmVlbG14Rlh5cW8zV0I5VE5oc0hpWTNyMTVHbzJaZTRwdjJxK1kwUzZEZjk4SU11ZmlEY0Jsd0FZaHAxWExXaytLbmxGYTloSytENThQOFdTUWtXNDA2Wmc9; domain=minently.com; path=/; expires=Sat, 14-Dec-2019 20:45:37 UTC; Secure
server: ZENEDGE
x-cdn: Served-By-Zenedge

Redirect headers

status: 302
server: nginx
date: Sat, 14 Dec 2019 19:40:37 GMT
content-type: text/html; charset=UTF-8
location: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382159606711136&ext1=6437
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;

GET
H2

200

/ Show response
now.loading-wsite.com/
Redirect Chain

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG090a410007PS002MZ0XHIX03DSRMY065I03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab59814294ef90da40f

3 KB
2 KB

109ms
108ms

Document
text/html

198.143.165.219
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab59814294ef90da40f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

5fb54913be596e6602571524dd3033441311b640552d6443577b930920d6c9a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: now.loading-wsite.com
:scheme: https
:path: /?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab59814294ef90da40f
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://minently.com/
accept-encoding: gzip, deflate, br
cookie: u=9be9a133fda95c96a1d501c0ec26de65
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://minently.com/

Response headers

status: 200
server: nginx
date: Sat, 14 Dec 2019 19:40:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

Redirect headers

Server: nginx
Date: Sat, 14 Dec 2019 19:40:37 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 5c6b12d41e26dc53cb2c4efe
Raund: 106zbkrzxi
Location: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab59814294ef90da40f

GET
H2 200 / Show response
now.loading-wsite.com/ 7 KB
3 KB 123ms
122ms Document
text/html 198.143.165.219
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://now.loading-wsite.com/?utm_term=6770382163901677819&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f

Requested by

Host: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab59814294ef90da40f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

146bc7ac49aafa5490fb986f0b17cd19855f6871bede4a62e0ed0515a59a918c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: now.loading-wsite.com
:scheme: https
:path: /?utm_term=6770382163901677819&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab59814294ef90da40f
accept-encoding: gzip, deflate, br
cookie: u=9be9a133fda95c96a1d501c0ec26de65
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab59814294ef90da40f

Response headers

status: 200
server: nginx
date: Sat, 14 Dec 2019 19:40:37 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H2

200

-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e Show response
minently.com/RnSda/rDN3/ojdn/
Redirect Chain

https://now.loading-wsite.com/proc.php?3364ecc98a3786b8d91a536c72c0c22d0a942212
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382163901677819&ext1=6437

6 KB
2 KB

68ms
67ms

Document
text/html

205.147.93.131
Oracle Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382163901677819&ext1=6437

Requested by

Host: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_term=6770382163901677819&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.147.93.131 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),

Reverse DNS

Software

ZENEDGE /

Resource Hash

7a218cab24dca80d1f211862f1fc45442d419ed4435401802dc501aa3d20ad62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

:method: GET
:authority: minently.com
:scheme: https
:path: /RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382163901677819&ext1=6437
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://now.loading-wsite.com/?utm_term=6770382163901677819&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
accept-encoding: gzip, deflate, br
cookie: MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=4621d07286daba4e86a23137aca5798e_1576352435.3761; 4621d07286daba4e86a23137aca5798e_1576352435.3761_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bDFxSmdQaVRNRkJMVEpDZ01Cclk0UElIdkt6dGhLZjhqdjJ3bjFPUWl5VUVqaGJEVVZTNnhGb0owem54OTFpRkhPc29yeEhsbmtGcXdPbkRQYU54TWhWTE1sdU1IRnh5RElpN29NdVRKNFk2eHh4OGRPekhiczRwUWkrRXNvL0R0bit4YmVIRHJ6YklkZWxmRUhCQzVXak5jVWc5Y2ZYaGJ5cTlvbFAzd3phSGMwMlRRd2FUQXRjR2hDTzQ0QkpLOFdhNlVib25yVEVhTktGcmVkaVN3emVuT05zcG0yVlhlZFcxa1hKYXZGWGdWVHg2NzdySFlPYWc3SVdwRFd4Uy9jNFhta0wyZDZGbDhINVVwYlRwaEF0T21zd1FkVzErNUJQSXpjUUFrS3JTOUo1WTROZUxkZUZOK1MzZHE0VjJVVWErd3MybDRkNWZTKzJlMG1RSTN4ekp1WHpsM1hYZXVjZkI1bERNVVdya20yVFhDVFdzMVE0b21LODVlRmh1Sk9HNDdycGpqQWtGbjZCU1NRdHZuR29zdjRmZmFwcUxvZ2JNS0tpeHRDZksrRC9BekxFUlc2SDF6NkJSU2VudmZKMkVxdTFWZVRWYld3VGhvRWQvVGRBSGRuMitwcHhMTzZNRnhhamh1ZWk0QWFUNS9LNlB2azRCS05iUVNkR2VHUXBLalRqeWVEdUZ1K0ptN1hLTWxDMmFRd3I0VEJFNVd1UnQ1TnlzZlJDT2JvQy9ENllIWkhEMHdyOUNKeEI1TUo2TE1XSC8wY0VhODJnQkxNQVdIOXZ3dDM3Q1ZUQmk0TW8yZmlWNGpIdHh2M3llazVTdjdMcGVDTFdkd1gxRmJzeXpvQncvOWliTlhRSmEzcmtzVlE4SG8rQnpZSlUvdnYxRjhWK2IyNnZmRllsYWhLM05iOG1iby9jOTBiNXUrQkhyYmttRXhBOG96SVVCRTdQR2tvMkJHTWQ4Y01uMk5GSjg5WkNnOWJyNjFaZVo4VXRSOTRTd0lpSjdmVmpDU0J4QUo4YVp4TUU0VGlXVlJlaDZjRi84MWlBZXMySzY4WEk1SjhkZTFrVWxZZy9RTWg0M0N1bzBNVTFqeFdxbS8xNlZXem9OR1ZBdHZ0V0dtandlQ05Dc3FySC9XNFdmSHFNc2RJaWxTK08wNEhzaDZmZmtWVTlKUWZXYVhRR3g0eXIwaTd4SXc3QjRjbURvc3lhOExoWkRxUFltVHRZLzlEUTJ3Z2ZLS0NU; SERVERID=sfc13; x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1576352437.1403; FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3UnIvdE1oOVJ2L2xpQ3l6U0RRVFgySnpLVjFieWhzY3NHLzZsS3FiaFZ1Ug%3D%3D; 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=c1g5RHVjNFRwYmJXUEYyOFZUQmVlbG14Rlh5cW8zV0I5VE5oc0hpWTNyMTVHbzJaZTRwdjJxK1kwUzZEZjk4SU11ZmlEY0Jsd0FZaHAxWExXaytLbmxGYTloSytENThQOFdTUWtXNDA2Wmc9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://now.loading-wsite.com/?utm_term=6770382163901677819&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f

Response headers

status: 200
content-type: text/html;charset=utf-8
expires: Sat, 26 Jul 1997 05:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
date: Sat, 14 Dec 2019 19:40:37 GMT
content-encoding: gzip
vary: Accept-Encoding Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
x-cache-status: NOTCACHED
x-zen-fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
set-cookie: x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1576352437.6283; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:37 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3UnIvdE1oOVJ2L2xpQ3l6U0RRVFgySjdHVUI0TUR0bUI4UXBnZG1ZcXY4UA%3D%3D; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:37 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=c1g5RHVjNFRwYmJXUEYyOFZUQmVlbG14Rlh5cW8zV0I5VE5oc0hpWTNyMGEzK3BydXdtNVAzSVZwc2xuYld6bUFac2N5SFRkbUdMYnlSS1FkZTV1dWdJcGI2U0ZtM0xzMHN6RVgvYmhROXM9; domain=minently.com; path=/; expires=Sat, 14-Dec-2019 20:45:37 UTC; Secure
server: ZENEDGE
x-cdn: Served-By-Zenedge

Redirect headers

status: 302
server: nginx
date: Sat, 14 Dec 2019 19:40:37 GMT
content-type: text/html; charset=UTF-8
location: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382163901677819&ext1=6437
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;

GET

/
now.loading-wsite.com/
Redirect Chain

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG090b560007PS002MZ0XHIX03DSRMY067X03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh&
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab59814293be524a851

0
0

GET
H2

200

/ Show response
now.loading-wsite.com/
Redirect Chain

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG090b560007PS002MZ0XHIX03DSRMY067X03DSR00000000&source=157851&data1=fQA8WjCQANeomJo1qwTh
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab59814293af60efd83

3 KB
2 KB

109ms
109ms

Document
text/html

198.143.165.219
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab59814293af60efd83

Requested by

Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382163901677819&ext1=6437

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

76103c83e915bc55255d80d5df8174a89e1063fe309ca901f0387b31b57f8f34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: now.loading-wsite.com
:scheme: https
:path: /?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab59814293af60efd83
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://minently.com/
accept-encoding: gzip, deflate, br
cookie: u=9be9a133fda95c96a1d501c0ec26de65
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://minently.com/

Response headers

status: 200
server: nginx
date: Sat, 14 Dec 2019 19:40:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

Redirect headers

Server: nginx
Date: Sat, 14 Dec 2019 19:40:37 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 5c6b12d41e26dc53cb2c4efe
Raund: 106zbkrzxi
Location: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab59814293af60efd83

GET
H2 200 / Show response
now.loading-wsite.com/ 7 KB
3 KB 122ms
121ms Document
text/html 198.143.165.219
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://now.loading-wsite.com/?utm_term=6770382163901678267&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f097979b8790cacbf9c9fff9fcfdc2f2f2f1f6c7c4c5f9

Requested by

Host: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab59814293af60efd83

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

338cf501227be12367556b78b8b7d17ed5f4fc87423128bb657d1dae596aa346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: now.loading-wsite.com
:scheme: https
:path: /?utm_term=6770382163901678267&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f097979b8790cacbf9c9fff9fcfdc2f2f2f1f6c7c4c5f9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab59814293af60efd83
accept-encoding: gzip, deflate, br
cookie: u=9be9a133fda95c96a1d501c0ec26de65
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab59814293af60efd83

Response headers

status: 200
server: nginx
date: Sat, 14 Dec 2019 19:40:38 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H2

200

-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e Show response
minently.com/RnSda/rDN3/ojdn/
Redirect Chain

https://now.loading-wsite.com/proc.php?62f957eec5047097553b88a2ab7783cea508d029
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382163901678267&ext1=6437

5 KB
2 KB

187ms
187ms

Document
text/html

205.147.93.131
Oracle Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382163901678267&ext1=6437

Requested by

Host: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_term=6770382163901678267&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f097979b8790cacbf9c9fff9fcfdc2f2f2f1f6c7c4c5f9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.147.93.131 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),

Reverse DNS

Software

ZENEDGE /

Resource Hash

4d187d6296e4beb2dc19b872377716fbb51946b5d69c477f16a6cd8ed41746fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

:method: GET
:authority: minently.com
:scheme: https
:path: /RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382163901678267&ext1=6437
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://now.loading-wsite.com/?utm_term=6770382163901678267&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f097979b8790cacbf9c9fff9fcfdc2f2f2f1f6c7c4c5f9
accept-encoding: gzip, deflate, br
cookie: MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=4621d07286daba4e86a23137aca5798e_1576352435.3761; 4621d07286daba4e86a23137aca5798e_1576352435.3761_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bDFxSmdQaVRNRkJMVEpDZ01Cclk0UElIdkt6dGhLZjhqdjJ3bjFPUWl5VUVqaGJEVVZTNnhGb0owem54OTFpRkhPc29yeEhsbmtGcXdPbkRQYU54TWhWTE1sdU1IRnh5RElpN29NdVRKNFk2eHh4OGRPekhiczRwUWkrRXNvL0R0bit4YmVIRHJ6YklkZWxmRUhCQzVXak5jVWc5Y2ZYaGJ5cTlvbFAzd3phSGMwMlRRd2FUQXRjR2hDTzQ0QkpLOFdhNlVib25yVEVhTktGcmVkaVN3emVuT05zcG0yVlhlZFcxa1hKYXZGWGdWVHg2NzdySFlPYWc3SVdwRFd4Uy9jNFhta0wyZDZGbDhINVVwYlRwaEF0T21zd1FkVzErNUJQSXpjUUFrS3JTOUo1WTROZUxkZUZOK1MzZHE0VjJVVWErd3MybDRkNWZTKzJlMG1RSTN4ekp1WHpsM1hYZXVjZkI1bERNVVdya20yVFhDVFdzMVE0b21LODVlRmh1Sk9HNDdycGpqQWtGbjZCU1NRdHZuR29zdjRmZmFwcUxvZ2JNS0tpeHRDZksrRC9BekxFUlc2SDF6NkJSU2VudmZKMkVxdTFWZVRWYld3VGhvRWQvVGRBSGRuMitwcHhMTzZNRnhhamh1ZWk0QWFUNS9LNlB2azRCS05iUVNkR2VHUXBLalRqeWVEdUZ1K0ptN1hLTWxDMmFRd3I0VEJFNVd1UnQ1TnlzZlJDT2JvQy9ENllIWkhEMHdyOUNKeEI1TUo2TE1XSC8wY0VhODJnQkxNQVdIOXZ3dDM3Q1ZUQmk0TW8yZmlWNGpIdHh2M3llazVTdjdMcGVDTFdkd1gxRmJzeXpvQncvOWliTlhRSmEzcmtzVlE4SG8rQnpZSlUvdnYxRjhWK2IyNnZmRllsYWhLM05iOG1iby9jOTBiNXUrQkhyYmttRXhBOG96SVVCRTdQR2tvMkJHTWQ4Y01uMk5GSjg5WkNnOWJyNjFaZVo4VXRSOTRTd0lpSjdmVmpDU0J4QUo4YVp4TUU0VGlXVlJlaDZjRi84MWlBZXMySzY4WEk1SjhkZTFrVWxZZy9RTWg0M0N1bzBNVTFqeFdxbS8xNlZXem9OR1ZBdHZ0V0dtandlQ05Dc3FySC9XNFdmSHFNc2RJaWxTK08wNEhzaDZmZmtWVTlKUWZXYVhRR3g0eXIwaTd4SXc3QjRjbURvc3lhOExoWkRxUFltVHRZLzlEUTJ3Z2ZLS0NU; SERVERID=sfc13; x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1576352437.6283; FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3UnIvdE1oOVJ2L2xpQ3l6U0RRVFgySjdHVUI0TUR0bUI4UXBnZG1ZcXY4UA%3D%3D; 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=c1g5RHVjNFRwYmJXUEYyOFZUQmVlbG14Rlh5cW8zV0I5VE5oc0hpWTNyMGEzK3BydXdtNVAzSVZwc2xuYld6bUFac2N5SFRkbUdMYnlSS1FkZTV1dWdJcGI2U0ZtM0xzMHN6RVgvYmhROXM9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://now.loading-wsite.com/?utm_term=6770382163901678267&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f097979b8790cacbf9c9fff9fcfdc2f2f2f1f6c7c4c5f9

Response headers

status: 200
content-type: text/html;charset=utf-8
expires: Sat, 26 Jul 1997 05:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
date: Sat, 14 Dec 2019 19:40:38 GMT
content-encoding: gzip
vary: Accept-Encoding Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
x-cache-status: NOTCACHED
x-zen-fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
set-cookie: x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1576352438.2105; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:38 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3UnIvdE1oOVJ2L2xpQ3l6U0RRVFgySWpzcUFFUEVwMi9Pem42Z0t3M2kvczVmaXVCc0cvQ3VvS1Q5Zk16dGVXa1E9PQ%3D%3D; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:38 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=c1g5RHVjNFRwYmJXUEYyOFZUQmVlbG14Rlh5cW8zV0I5VE5oc0hpWTNyMGEzK3BydXdtNVAzSVZwc2xuYld6bUFac2N5SFRkbUdMYnlSS1FkZTV1dW1uVk1NN21LQXRsbkVkdkNQYUpmdThQclZ5UFA0cEE3ZHN6Rk5idEVkYXNOQzQ3bk5BbXN4Qkl5WWtEb3paM0VraFNVSXNWT1UrdVVvQUR6NGRKYmdNPQ%3D%3D; domain=minently.com; path=/; expires=Sat, 14-Dec-2019 20:45:38 UTC; Secure
server: ZENEDGE
x-cdn: Served-By-Zenedge

Redirect headers

status: 302
server: nginx
date: Sat, 14 Dec 2019 19:40:38 GMT
content-type: text/html; charset=UTF-8
location: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382163901678267&ext1=6437
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;

GET click
tracking.adacts.com/ 0
0

GET
H/1.1

200
OK

23866140943888e169de Show response
kongtraff.com/l/
Redirect Chain

https://tracking.adacts.com/click?aff_sub1=lBE20AQIG0901640007PS002MZ0ZG0H03DSRMY06CH03DSR00000000&aff_id=212&offer_id=8855
https://tracking.adacts.com/click?aff_sub1=lBE20AQIG0901640007PS002MZ0ZG0H03DSRMY06CH03DSR00000000&aff_id=212&offer_id=8505
https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId}

36 KB
12 KB

95ms
22ms

Document
text/html

62.212.87.141
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId}
Requested by: Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382163901678267&ext1=6437
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.212.87.141 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a

Request headers

Host: kongtraff.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://minently.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://minently.com/

Response headers

Server: nginx
Date: Sat, 14 Dec 2019 19:40:39 GMT
Content-Type: text/html
Last-Modified: Tue, 20 Aug 2019 14:25:19 GMT
Transfer-Encoding: chunked
ETag: W/"5d5c02cf-8fdd"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

Redirect headers

status: 302
date: Sat, 14 Dec 2019 19:40:39 GMT
content-type: text/html; charset=UTF-8
location: https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId}
server: nginx/1.10.3 (Ubuntu)
set-cookie: ohbid=c90e8324-4fa0-41b5-84bb-86ccf11102f1; expires=Sat, 14-Mar-2020 00:00:00 GMT; Max-Age=7791561; path=/
cache-control: no-cache, private

GET
H/1.1

200
OK

gw Show response
kongtraff.com/
Redirect Chain

https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId}&code=37Y3VvBDU6PT07Pjw-P0ZCQ0ERhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdK3eVm6OnUKlqaZNragB1ZWsFBW9.CTpAOzwNd3cRQkR...
https://kongtraff.com/gw?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fmakedirect.xyz%2Fd%3Fzid%3D16%26uid%3D13%26psubid%3Dbmconv_20191214204039_57ba11f2_815c_4a4b_a686_a1...

1 KB
1 KB

19ms
19ms

Document
text/html

62.212.87.141
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://kongtraff.com/gw?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fmakedirect.xyz%2Fd%3Fzid%3D16%26uid%3D13%26psubid%3Dbmconv_20191214204039_57ba11f2_815c_4a4b_a686_a1b727e06e67%26sub1%3D40533_%7ByourSubPublisherId%7D&vId=bmconv_20191214204039_57ba11f2_815c_4a4b_a686_a1b727e06e67&hash=23866140943888e169de&ete=true
Requested by: Host: go.selfcenteredteammates.net
URL: http://go.selfcenteredteammates.net/c/unsubscribe?email=staf.pynnaert%40myonline.be&list=selfcenteredteammates.net&locale=sv_SE&e=e:BnHSKkq4jQSvFDkzeMB8mEPZtw8ke_cDcalaF0SJ9rg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.212.87.141 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e13ed77dfeaa6337766a94370d26a84f27097e38ef8aeb897f3cdcb5a39e2b4b

Request headers

Host: kongtraff.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Referer: https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId}
Accept-Encoding: gzip, deflate, br
Cookie: BSESSID=trke607af64-51c2-4216-a3b7-ca6c65cc2bd5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId}

Response headers

Server: nginx
Date: Sat, 14 Dec 2019 19:40:39 GMT
Content-Type: text/html
Last-Modified: Thu, 04 Jul 2019 15:58:34 GMT
Transfer-Encoding: chunked
ETag: W/"5d1e222a-589"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Sat, 14 Dec 2019 19:40:39 GMT
Transfer-Encoding: chunked
Location: //kongtraff.com/gw?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fmakedirect.xyz%2Fd%3Fzid%3D16%26uid%3D13%26psubid%3Dbmconv_20191214204039_57ba11f2_815c_4a4b_a686_a1b727e06e67%26sub1%3D40533_%7ByourSubPublisherId%7D&vId=bmconv_20191214204039_57ba11f2_815c_4a4b_a686_a1b727e06e67&hash=23866140943888e169de&ete=true
Cache-Control: private, max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Set-Cookie: BSESSID=trke607af64-51c2-4216-a3b7-ca6c65cc2bd5; Max-Age=63072000; Expires=Mon, 13 Dec 2021 19:40:39 GMT; Path=/

GET
H/1.1 200
OK d
makedirect.xyz/ 14 KB
3 KB 1918ms
1232ms Document
text/html 104.248.255.79
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://makedirect.xyz/d?zid=16&uid=13&psubid=bmconv_20191214204039_57ba11f2_815c_4a4b_a686_a1b727e06e67&sub1=40533_{yourSubPublisherId}
Requested by: Host: kongtraff.com
URL: https://kongtraff.com/l/23866140943888e169de?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fmakedirect.xyz%2Fd%3Fzid%3D16%26uid%3D13%26psubid%3Dbmconv_20191214204039_57ba11f2_815c_4a4b_a686_a1b727e06e67%26sub1%3D40533_%7ByourSubPublisherId%7D&vId=bmconv_20191214204039_57ba11f2_815c_4a4b_a686_a1b727e06e67&hash=23866140943888e169de&ete=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.248.255.79 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.15.3 /
Resource Hash

Request headers

Host: makedirect.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://kongtraff.com/l/23866140943888e169de?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fmakedirect.xyz%2Fd%3Fzid%3D16%26uid%3D13%26psubid%3Dbmconv_20191214204039_57ba11f2_815c_4a4b_a686_a1b727e06e67%26sub1%3D40533_%7ByourSubPublisherId%7D&vId=bmconv_20191214204039_57ba11f2_815c_4a4b_a686_a1b727e06e67&hash=23866140943888e169de&ete=true
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://kongtraff.com/l/23866140943888e169de?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fmakedirect.xyz%2Fd%3Fzid%3D16%26uid%3D13%26psubid%3Dbmconv_20191214204039_57ba11f2_815c_4a4b_a686_a1b727e06e67%26sub1%3D40533_%7ByourSubPublisherId%7D&vId=bmconv_20191214204039_57ba11f2_815c_4a4b_a686_a1b727e06e67&hash=23866140943888e169de&ete=true

Response headers

Server: nginx/1.15.3
Date: Sat, 14 Dec 2019 19:40:41 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

GET
H2

200

/
ads.conscier.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/58a324f4-9758ab18-e98416a3-003b-cb22/
Redirect Chain

https://makedirect.xyz/r?zid=16&uid=13&c_from=https://kongtraff.com&pubid=&psubid=bmconv_20191214204039_57ba11f2_815c_4a4b_a686_a1b727e06e67&c_inif=n&c_key=16%7C8%7C24%7C24%7C1%7C0%7C1600%7C1200%7C...
https://ads.conscier.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/58a324f4-9758ab18-e98416a3-003b-cb22/?Subid=&externalid=16-37-100-199943-8037-1576352442&c_click_id=16-37-...

203 B
420 B

293ms
108ms

Document
text/html

31.170.100.126
SOLTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.conscier.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/58a324f4-9758ab18-e98416a3-003b-cb22/?Subid=&externalid=16-37-100-199943-8037-1576352442&c_click_id=16-37-100-199943-8037-1576352442
Requested by: Host: makedirect.xyz
URL: https://makedirect.xyz/d?zid=16&uid=13&psubid=bmconv_20191214204039_57ba11f2_815c_4a4b_a686_a1b727e06e67&sub1=40533_{yourSubPublisherId}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.170.100.126 , Spain, ASN201942 (SOLTIA, ES),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: ads.conscier.com
:scheme: https
:path: /f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/58a324f4-9758ab18-e98416a3-003b-cb22/?Subid=&externalid=16-37-100-199943-8037-1576352442&c_click_id=16-37-100-199943-8037-1576352442
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: nginx
date: Sat, 14 Dec 2019 19:40:42 GMT
content-type: text/html; charset=UTF-8
content-length: 173
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: no-cache, private
content-encoding: gzip
x-device: desktop
accept-ranges: bytes
age: 0
tp-cache: MISS
vary: Accept-Encoding

Redirect headers

Server: nginx/1.15.3
Date: Sat, 14 Dec 2019 19:40:42 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 254
Connection: keep-alive
Location: https://ads.conscier.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/58a324f4-9758ab18-e98416a3-003b-cb22/?Subid=&externalid=16-37-100-199943-8037-1576352442&c_click_id=16-37-100-199943-8037-1576352442
Set-Cookie: chrot=37; Expires=Sun, 15 Dec 2019 00:00:00 GMT chfrq=eyIzNyI6eyJpZCI6MzcsInJlbWFpbmRlciI6OTk5fX0=; Expires=Sun, 15 Dec 2019 00:00:00 GMT

GET
H2 200 4446df96-990a-11e5-b565-02f6361de079 Show response
reorget.com/c/ 6 KB
4 KB 460ms
387ms Document
text/html 104.26.15.246
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://reorget.com/c/4446df96-990a-11e5-b565-02f6361de079?cid=M2019121419-cd66255b0e3a465575db0c32855dd76f&pubid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.246 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13abe3f0cbfaeae53c09bec56f571aaa64a242b7cd36d00fbec782132507d179

Request headers

:method: GET
:authority: reorget.com
:scheme: https
:path: /c/4446df96-990a-11e5-b565-02f6361de079?cid=M2019121419-cd66255b0e3a465575db0c32855dd76f&pubid=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 14 Dec 2019 19:40:43 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d72adbb231d7902973c2351d4c64c0fad1576352442; expires=Mon, 13-Jan-20 19:40:42 GMT; path=/; domain=.reorget.com; HttpOnly; Secure kOXRx8uQ972FdKoxznvI086hPQW%2BO5CzKM%2FWMHVIuzQ%3D=2e1f47d53f62495f4d7a61c06c670c13_1576352442.9931; domain=reorget.com; path=/; expires=Tue, 11-Dec-2029 19:40:42 UTC jyT%2BvOa1Gu%2B%2F5DpfEWsDqPj6mnhIfcScTp1C8nLGtL4%3D=1576352443.0002; domain=reorget.com; path=/; expires=Tue, 11-Dec-2029 19:40:42 UTC X0N0acOrpNQ4j%2FOBDK2aKoyckX7CPM91KLYGJ2SICQ4%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3Wm9RN1JmRUJHbEQvUkVDMk5Yc3RnQWdCNHJaWDVrNjRCWWhJUHROa1ZMLw%3D%3D; domain=reorget.com; path=/; expires=Tue, 11-Dec-2029 19:40:43 UTC 2e1f47d53f62495f4d7a61c06c670c13_1576352442.9931_ck=ZkhBY0ZOUXlRMWVtekpSNVhOZ29NMTVOT0hXYlBBWUJiWXg3ZkdwZ1p1NmJ2STVRaEtTSHhKVndTNStkNFRaMWNwaElYSVRNQm5RdjFIbVBGSGhPdVUwWllVT3JoM2VGdURhVmFPRTROYWZ4M3V5UDBwK2ZySDVhcXEwUktNY0pwOXNET3hrMkJhNmt0OTAvdEpaMWkxTW1wSFVSY21IcDBUYkhNanU5RDVDdlRKN0JQb1pQZWVQSFVTQzYzTCsvSGU3WmV0ZEhLQ2lHMlZHS2F0T3dpYzNxMVZYajU5ZnhhNlUzU3l6Um5VcTcvbVZ5VE9NaGhNWnljN2J6Y2k2ZVhSK0libis1RVVsS2xwZ214ZnB2TmNkWlBBZHowMFhhSVZBd0Fpckw4S1hPVE1haE5SR1BTZFlQSlpMeHlTdlJyZFpSOVdhV29vblZMbnZSOHl6MW5PZ0tjT0NaTElnMWN0V3V2Z2RBa3E1cFNGL2NqOFNPN21QZ0xIcEhldnhrNFFSYXM3UUNrK2RaMzZ6ckIzaVV3a3MwNXEwK1ZEMWlxV3BNSEt5UkZCMGpRVHlpanFYdmxENjd6VUdkTDB4cWMzTXc3dVRsRksraWhGSWJnZnptMjFPVDdJclJ3dVZRYTBMcitWZSthMEdIWDB3U2tPa2h6aXVYMjRRVDNvR1NRd2FRZUdQZDhoSFUraFJBS2tDTnJSSjN2VGxvS0NERVNXWG9VUktaUXZKZHlRcE9nbW92WCtyRG1VU3R3eDVKdW1xeG96anVVQjZRY29ZNVJTRUh6WHArUjR5NXkvQUxvRUQxSGNBRlFYdGhBNGYxVFBVZDlCVTNHVG1kRmhBZkxPbEptU1pzTmxodXFLUlJMYWVqMStucTYwRGVyME9ld3AzOUhuRWhYR1ZWMmJWUDVNZDZpUmpjSkQxRHRzMHQ5OHphQWxWb1pDQ3Q2aTRtSUNvdHRVR3IyekFrdHlXMUVNOUwxcEhYUWdnaVR1eEJ2TitIVm5EcklVYXRIbGZqSXozL3Z6ZDlRWis0WVpDZ3ZMUklJWXoxRVVKd1Z6SkFpYkdiNkc5TncxVFBUNWpSVWlrdXVGWmhzaDFOajQ1MXQweThoU3FRd2Nia2xlM3h3ZksvNWpCbGdtRmxkSVBiOGR1TWYrRFp4VGVGWWw4Y1lkdU5xU1ZIQVY5QitGM214ZXJIbUYwV2FrdXlQVUorRS9BZU5aalptbmZGMHFieXMzRlBpa3BkSkxUM0ZyT2lhSytyNDA0OUgrQ1ppVlBrRi9SejZFNElqTnhzdFhyMmVqZTRZRUtWRFRRQ3Qrc2haZzV1SHgwTkM4VT0%3D; domain=reorget.com; path=/; expires=Tue, 11-Dec-2029 19:40:43 UTC ZDhUCVCp9jP%2Fgtv5C%2BTYbIZZaNOx4a4Y5Q0lOidf%2FLk%3D=emVwWXFNZjZ4bm1yMWIvbXJWajlkU0MvMDNNMm93MXFNRHRtK0lEVGxuSE00MWJaNUJrLzlhbUlhVFVCVm5ORWRwUXhkZWtuaGNLRFF4bTZVWTkvdU9FNHpUd0cvMTFZZlpkTnhnd3RackU9; domain=reorget.com; path=/; expires=Sat, 14-Dec-2019 20:45:43 UTC SERVERID=sfc22; path=/
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5452a6b0b8ac72ff-AMS

GET

/
now.loading-wsite.com/
Redirect Chain

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG090d9e0007PS00E6X0XHIX047ASIA070X047AS00000000&source=196084&data1=a0sNMlW_75VgGJCv2AcJ&
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=196084&cid=5df53abb981429400b21dc41

0
0

GET
H2

200

/ Show response
now.loading-wsite.com/
Redirect Chain

http://go-rillatrack.com/b.php?trf=m&p=custom_105t14y752&d=5cd042df98142940333186ff&pid=lBE20AQIG090d9e0007PS00E6X0XHIX047ASIA070X047AS00000000&source=196084&data1=a0sNMlW_75VgGJCv2AcJ
https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=196084&cid=5df53abb98142944b92bbda4

3 KB
2 KB

111ms
110ms

Document
text/html

198.143.165.219
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=196084&cid=5df53abb98142944b92bbda4

Requested by

Host: reorget.com
URL: https://reorget.com/c/4446df96-990a-11e5-b565-02f6361de079?cid=M2019121419-cd66255b0e3a465575db0c32855dd76f&pubid=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

ef39ed27edeee6b8be0ff8b001fed9b058ca6b2ef371d315983f241c5c5a3296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: now.loading-wsite.com
:scheme: https
:path: /?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=196084&cid=5df53abb98142944b92bbda4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://reorget.com/
accept-encoding: gzip, deflate, br
cookie: u=9be9a133fda95c96a1d501c0ec26de65
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://reorget.com/

Response headers

status: 200
server: nginx
date: Sat, 14 Dec 2019 19:40:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

Redirect headers

Server: nginx
Date: Sat, 14 Dec 2019 19:40:43 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 5c6b12d41e26dc53cb2c4efe
Raund: 106zbkrzxi
Location: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=196084&cid=5df53abb98142944b92bbda4

GET
H2 200 / Show response
now.loading-wsite.com/ 7 KB
3 KB 112ms
112ms Document
text/html 198.143.165.219
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://now.loading-wsite.com/?utm_term=6770382189671482030&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e

Requested by

Host: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=196084&cid=5df53abb98142944b92bbda4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

ca575125da4a9a77aac9ca36b0b4b2873eef51cb31dfe4d18d1d27dfd9d285b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: now.loading-wsite.com
:scheme: https
:path: /?utm_term=6770382189671482030&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=196084&cid=5df53abb98142944b92bbda4
accept-encoding: gzip, deflate, br
cookie: u=9be9a133fda95c96a1d501c0ec26de65
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=196084&cid=5df53abb98142944b92bbda4

Response headers

status: 200
server: nginx
date: Sat, 14 Dec 2019 19:40:43 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H2

200

-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e Show response
minently.com/RnSda/rDN3/ojdn/
Redirect Chain

https://now.loading-wsite.com/proc.php?25829ee2b0c9d358da349fc86988971269474635
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382189671482030&ext1=6437

9 KB
3 KB

45ms
44ms

Document
text/html

205.147.93.131
Oracle Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382189671482030&ext1=6437

Requested by

Host: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_term=6770382189671482030&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.147.93.131 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),

Reverse DNS

Software

ZENEDGE /

Resource Hash

7b0ff0df30f846fde82c5f4310de56cbd6f44917dbbd79f8a2bb9afc57a18002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

:method: GET
:authority: minently.com
:scheme: https
:path: /RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382189671482030&ext1=6437
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://now.loading-wsite.com/?utm_term=6770382189671482030&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
accept-encoding: gzip, deflate, br
cookie: MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=4621d07286daba4e86a23137aca5798e_1576352435.3761; 4621d07286daba4e86a23137aca5798e_1576352435.3761_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bDFxSmdQaVRNRkJMVEpDZ01Cclk0UElIdkt6dGhLZjhqdjJ3bjFPUWl5VUVqaGJEVVZTNnhGb0owem54OTFpRkhPc29yeEhsbmtGcXdPbkRQYU54TWhWTE1sdU1IRnh5RElpN29NdVRKNFk2eHh4OGRPekhiczRwUWkrRXNvL0R0bit4YmVIRHJ6YklkZWxmRUhCQzVXak5jVWc5Y2ZYaGJ5cTlvbFAzd3phSGMwMlRRd2FUQXRjR2hDTzQ0QkpLOFdhNlVib25yVEVhTktGcmVkaVN3emVuT05zcG0yVlhlZFcxa1hKYXZGWGdWVHg2NzdySFlPYWc3SVdwRFd4Uy9jNFhta0wyZDZGbDhINVVwYlRwaEF0T21zd1FkVzErNUJQSXpjUUFrS3JTOUo1WTROZUxkZUZOK1MzZHE0VjJVVWErd3MybDRkNWZTKzJlMG1RSTN4ekp1WHpsM1hYZXVjZkI1bERNVVdya20yVFhDVFdzMVE0b21LODVlRmh1Sk9HNDdycGpqQWtGbjZCU1NRdHZuR29zdjRmZmFwcUxvZ2JNS0tpeHRDZksrRC9BekxFUlc2SDF6NkJSU2VudmZKMkVxdTFWZVRWYld3VGhvRWQvVGRBSGRuMitwcHhMTzZNRnhhamh1ZWk0QWFUNS9LNlB2azRCS05iUVNkR2VHUXBLalRqeWVEdUZ1K0ptN1hLTWxDMmFRd3I0VEJFNVd1UnQ1TnlzZlJDT2JvQy9ENllIWkhEMHdyOUNKeEI1TUo2TE1XSC8wY0VhODJnQkxNQVdIOXZ3dDM3Q1ZUQmk0TW8yZmlWNGpIdHh2M3llazVTdjdMcGVDTFdkd1gxRmJzeXpvQncvOWliTlhRSmEzcmtzVlE4SG8rQnpZSlUvdnYxRjhWK2IyNnZmRllsYWhLM05iOG1iby9jOTBiNXUrQkhyYmttRXhBOG96SVVCRTdQR2tvMkJHTWQ4Y01uMk5GSjg5WkNnOWJyNjFaZVo4VXRSOTRTd0lpSjdmVmpDU0J4QUo4YVp4TUU0VGlXVlJlaDZjRi84MWlBZXMySzY4WEk1SjhkZTFrVWxZZy9RTWg0M0N1bzBNVTFqeFdxbS8xNlZXem9OR1ZBdHZ0V0dtandlQ05Dc3FySC9XNFdmSHFNc2RJaWxTK08wNEhzaDZmZmtWVTlKUWZXYVhRR3g0eXIwaTd4SXc3QjRjbURvc3lhOExoWkRxUFltVHRZLzlEUTJ3Z2ZLS0NU; SERVERID=sfc13; x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1576352438.2105; FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3UnIvdE1oOVJ2L2xpQ3l6U0RRVFgySWpzcUFFUEVwMi9Pem42Z0t3M2kvczVmaXVCc0cvQ3VvS1Q5Zk16dGVXa1E9PQ%3D%3D; 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=c1g5RHVjNFRwYmJXUEYyOFZUQmVlbG14Rlh5cW8zV0I5VE5oc0hpWTNyMGEzK3BydXdtNVAzSVZwc2xuYld6bUFac2N5SFRkbUdMYnlSS1FkZTV1dW1uVk1NN21LQXRsbkVkdkNQYUpmdThQclZ5UFA0cEE3ZHN6Rk5idEVkYXNOQzQ3bk5BbXN4Qkl5WWtEb3paM0VraFNVSXNWT1UrdVVvQUR6NGRKYmdNPQ%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://now.loading-wsite.com/?utm_term=6770382189671482030&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e

Response headers

status: 200
content-type: text/html;charset=utf-8
expires: Sat, 26 Jul 1997 05:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
date: Sat, 14 Dec 2019 19:40:44 GMT
content-encoding: gzip
vary: Accept-Encoding Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
x-cache-status: NOTCACHED
x-zen-fury: 3715ec5f13c22e155506edf69c9dc4e10b722757
set-cookie: x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1576352444.1161; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:44 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=R3Y2S1hGaC84bnAyclNZNGJNVWJsSEQxNHhDYklDYlZuS1ora243SW0weXY0L0dtbWVJbmg5OVBiY2x5K3F1TA%3D%3D; domain=minently.com; path=/; expires=Tue, 11-Dec-2029 19:40:44 UTC; Secure
server: ZENEDGE
x-cdn: Served-By-Zenedge

Redirect headers

status: 302
server: nginx
date: Sat, 14 Dec 2019 19:40:44 GMT
content-type: text/html; charset=UTF-8
location: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382189671482030&ext1=6437
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;

GET _jJl6aEmlhfDJUUkL_ryHW-tNYI9m58
minently.com/RnSda/rDN3/qD5mv_k/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e/ 0
0

GET
H/1.1

200
OK

23866140943888e169de Show response
kongtraff.com/l/
Redirect Chain

https://minently.com/RnSda/rDN3/qD5mv_k/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e/_jJl6aEmlhfDJUUkL_ryHW-tNYI9m58?ori=13x&timer=true&jch=0||1600||1200||0||112221000011001010110&hh=50
https://tracking.adacts.com/click?aff_sub1=lBE20AQIG09088a0007PS002MZ0ZG0H03DSRMY07AU03DSR00000000&aff_id=212&offer_id=8855
https://tracking.adacts.com/click?aff_sub1=lBE20AQIG09088a0007PS002MZ0ZG0H03DSRMY07AU03DSR00000000&aff_id=212&offer_id=8505
https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId}

36 KB
12 KB

56ms
20ms

Document
text/html

62.212.87.141
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId}
Requested by: Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e?qDo=MS_WW_AGG_Desktop&subid=6770382189671482030&ext1=6437
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.212.87.141 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a

Request headers

Host: kongtraff.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://minently.com/
Accept-Encoding: gzip, deflate, br
Cookie: BSESSID=trke607af64-51c2-4216-a3b7-ca6c65cc2bd5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://minently.com/

Response headers

Server: nginx
Date: Sat, 14 Dec 2019 19:40:44 GMT
Content-Type: text/html
Last-Modified: Tue, 20 Aug 2019 14:25:19 GMT
Transfer-Encoding: chunked
ETag: W/"5d5c02cf-8fdd"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

Redirect headers

status: 302
date: Sat, 14 Dec 2019 19:40:44 GMT
content-type: text/html; charset=UTF-8
location: https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId}
server: nginx/1.10.3 (Ubuntu)
set-cookie: ohbid=c90e8324-4fa0-41b5-84bb-86ccf11102f1; expires=Sat, 14-Mar-2020 00:00:00 GMT; Max-Age=7791556; path=/
cache-control: no-cache, private

GET
H/1.1

200
OK

gw Show response
kongtraff.com/
Redirect Chain

https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId}&code=1aY3VvBDU6PT07Pjw-QEFGP0IRhYV3Fn.GGI9lcwM1OgVva2kKOzwMfXqDEV17gYmNNo9QT183NgN4aG4ICHKBDD1DPj8QenoURUd...
https://kongtraff.com/gw?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fmakedirect.xyz%2Fd%3Fzid%3D16%26uid%3D13%26psubid%3Dbmconv_20191214204044_73b88a43_a18d_471b_bf93_3a...

1 KB
1 KB

32ms
31ms

Document
text/html

62.212.87.141
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://kongtraff.com/gw?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fmakedirect.xyz%2Fd%3Fzid%3D16%26uid%3D13%26psubid%3Dbmconv_20191214204044_73b88a43_a18d_471b_bf93_3ac03e1edb68%26sub1%3D40533_%7ByourSubPublisherId%7D&vId=bmconv_20191214204044_73b88a43_a18d_471b_bf93_3ac03e1edb68&hash=23866140943888e169de&ete=true
Requested by: Host: go.selfcenteredteammates.net
URL: http://go.selfcenteredteammates.net/c/unsubscribe?email=staf.pynnaert%40myonline.be&list=selfcenteredteammates.net&locale=sv_SE&e=e:BnHSKkq4jQSvFDkzeMB8mEPZtw8ke_cDcalaF0SJ9rg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.212.87.141 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e13ed77dfeaa6337766a94370d26a84f27097e38ef8aeb897f3cdcb5a39e2b4b

Request headers

Host: kongtraff.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Referer: https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId}
Accept-Encoding: gzip, deflate, br
Cookie: BSESSID=trk5c089214-e447-4875-9187-f3b4d4060e2a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://kongtraff.com/l/23866140943888e169de?sub={yourClickId}&source={yourSubPublisherId}

Response headers

Server: nginx
Date: Sat, 14 Dec 2019 19:40:44 GMT
Content-Type: text/html
Last-Modified: Thu, 04 Jul 2019 15:58:34 GMT
Transfer-Encoding: chunked
ETag: W/"5d1e222a-589"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Sat, 14 Dec 2019 19:40:44 GMT
Transfer-Encoding: chunked
Location: //kongtraff.com/gw?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fmakedirect.xyz%2Fd%3Fzid%3D16%26uid%3D13%26psubid%3Dbmconv_20191214204044_73b88a43_a18d_471b_bf93_3ac03e1edb68%26sub1%3D40533_%7ByourSubPublisherId%7D&vId=bmconv_20191214204044_73b88a43_a18d_471b_bf93_3ac03e1edb68&hash=23866140943888e169de&ete=true
Cache-Control: private, max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Set-Cookie: BSESSID=trk5c089214-e447-4875-9187-f3b4d4060e2a; Max-Age=63072000; Expires=Mon, 13 Dec 2021 19:40:44 GMT; Path=/

GET
H/1.1 200
OK d Show response
makedirect.xyz/ 14 KB
3 KB 1164ms
1164ms Document
text/html 104.248.255.79
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://makedirect.xyz/d?zid=16&uid=13&psubid=bmconv_20191214204044_73b88a43_a18d_471b_bf93_3ac03e1edb68&sub1=40533_{yourSubPublisherId}
Requested by: Host: kongtraff.com
URL: https://kongtraff.com/l/23866140943888e169de?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fmakedirect.xyz%2Fd%3Fzid%3D16%26uid%3D13%26psubid%3Dbmconv_20191214204044_73b88a43_a18d_471b_bf93_3ac03e1edb68%26sub1%3D40533_%7ByourSubPublisherId%7D&vId=bmconv_20191214204044_73b88a43_a18d_471b_bf93_3ac03e1edb68&hash=23866140943888e169de&ete=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.248.255.79 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.15.3 /
Resource Hash: 8c3cff8cb6b3213bee7ebb05f0bf2ad61717c25d1830bb8957d30a051946631b

Request headers

Host: makedirect.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://kongtraff.com/l/23866140943888e169de?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fmakedirect.xyz%2Fd%3Fzid%3D16%26uid%3D13%26psubid%3Dbmconv_20191214204044_73b88a43_a18d_471b_bf93_3ac03e1edb68%26sub1%3D40533_%7ByourSubPublisherId%7D&vId=bmconv_20191214204044_73b88a43_a18d_471b_bf93_3ac03e1edb68&hash=23866140943888e169de&ete=true
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://kongtraff.com/l/23866140943888e169de?sub=%7ByourClickId%7D&source=%7ByourSubPublisherId%7D&url=https%3A%2F%2Fmakedirect.xyz%2Fd%3Fzid%3D16%26uid%3D13%26psubid%3Dbmconv_20191214204044_73b88a43_a18d_471b_bf93_3ac03e1edb68%26sub1%3D40533_%7ByourSubPublisherId%7D&vId=bmconv_20191214204044_73b88a43_a18d_471b_bf93_3ac03e1edb68&hash=23866140943888e169de&ete=true

Response headers

Server: nginx/1.15.3
Date: Sat, 14 Dec 2019 19:40:45 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

GET
H2

200

/
ads.conscier.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/58a324f4-9758ab18-e98416a3-003b-cb22/
Redirect Chain

https://makedirect.xyz/r?zid=16&uid=13&c_from=https://kongtraff.com&pubid=&psubid=bmconv_20191214204044_73b88a43_a18d_471b_bf93_3ac03e1edb68&c_inif=n&c_key=16%7C8%7C24%7C24%7C1%7C0%7C1600%7C1200%7C...
https://ads.conscier.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/58a324f4-9758ab18-e98416a3-003b-cb22/?Subid=&externalid=16-37-100-850204-2007-1576352446&c_click_id=16-37-...

208 B
424 B

117ms
117ms

Document
text/html

31.170.100.126
SOLTIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.conscier.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/58a324f4-9758ab18-e98416a3-003b-cb22/?Subid=&externalid=16-37-100-850204-2007-1576352446&c_click_id=16-37-100-850204-2007-1576352446
Requested by: Host: makedirect.xyz
URL: https://makedirect.xyz/d?zid=16&uid=13&psubid=bmconv_20191214204044_73b88a43_a18d_471b_bf93_3ac03e1edb68&sub1=40533_{yourSubPublisherId}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.170.100.126 , Spain, ASN201942 (SOLTIA, ES),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: ads.conscier.com
:scheme: https
:path: /f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/58a324f4-9758ab18-e98416a3-003b-cb22/?Subid=&externalid=16-37-100-850204-2007-1576352446&c_click_id=16-37-100-850204-2007-1576352446
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: nginx
date: Sat, 14 Dec 2019 19:40:46 GMT
content-type: text/html; charset=UTF-8
content-length: 178
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: no-cache, private
content-encoding: gzip
x-device: desktop
accept-ranges: bytes
age: 0
tp-cache: MISS
vary: Accept-Encoding

Redirect headers

Server: nginx/1.15.3
Date: Sat, 14 Dec 2019 19:40:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 254
Connection: keep-alive
Location: https://ads.conscier.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/58a324f4-9758ab18-e98416a3-003b-cb22/?Subid=&externalid=16-37-100-850204-2007-1576352446&c_click_id=16-37-100-850204-2007-1576352446
Set-Cookie: chrot=37; Expires=Sun, 15 Dec 2019 00:00:00 GMT chfrq=eyIzNyI6eyJpZCI6MzcsInJlbWFpbmRlciI6OTk5fX0=; Expires=Sun, 15 Dec 2019 00:00:00 GMT

GET
H2

200

Primary Request registration Show response
cullgame.com/
Redirect Chain

http://routeserve.info/?affid=762hgrfkij23&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=
https://routeserve.info/?affid=762hgrfkij23&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=
https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23

29 KB
8 KB

178ms
99ms

Document
text/html

104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

91008c360efb8415c1fd1a987e617190e9f722c4c3eb2c47fa8987f7cc1ecb96

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: cullgame.com
:scheme: https
:path: /registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 14 Dec 2019 19:40:47 GMT
content-type: text/html
set-cookie: __cfduid=db00ed3a7bdac1d97a303d3af405d09581576352447; expires=Mon, 13-Jan-20 19:40:47 GMT; path=/; domain=.cullgame.com; HttpOnly; Secure CakeCookie[a_aid]=NzYyaGdyZmtpajIz; Path=/; Secure; CakeCookie[clickid]=TTIwMTkxMjE0MTktZmNjMDg1MmZmMzdhMzU3NzM2YTAyMDA1YTFhOWU1OTA%3D; Path=/; Secure; CakeCookie[lang]=eng; Path=/; Secure; CakeCookie[v_id]=ZDUwODA5ZjgtNjAwMy1jOWZhLWNhNTAtNWMwZDM3OGIyMjEw; Path=/; Secure;
cf-ray: 5452a6ce1dcc9bd3-AMS
age: 354751
cache-control: public, max-age=604800
expires: Sat, 21 Dec 2019 19:40:47 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cache-tag: 1227,cullgame.com,/registration,INTL,m-2-romaProX,eng
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache-url: https://cullgame.com/registration?lang=eng&theme=m-2-romaProX
x-frame-options: SAMEORIGIN
x-fruit: banana
server: cloudflare
content-encoding: gzip

Redirect headers

status: 302
date: Sat, 14 Dec 2019 19:40:47 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
set-cookie: __cfduid=da5280930380d2121797061c47f9e88c71576352447; expires=Mon, 13-Jan-20 19:40:47 GMT; path=/; domain=.routeserve.info; HttpOnly; Secure data=eyJzaXRlIjoiY3VsbGdhbWUuY29tIiwicmVxdWVzdGVkVGhlbWUiOiJtLTItcm9tYVBybyIsInJvdXRlZFRoZW1lIjoibS0yLXJvbWFQcm9YIiwidmlzaXRvcklkIjoiZDUwODA5ZjgtNjAwMy1jOWZhLWNhNTAtNWMwZDM3OGIyMjEwIn0=; Max-Age=3600; Expires=Sat, 14 Dec 2019 19:40:51 GMT;
location: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5452a6cd7b1fc867-AMS

GET
H2 200 basic-main.1fab3afc.css
cullgame.com/theme/Master/SubscriptionPages/css/subscriptions/theme-rev/ 23 KB
5 KB 33ms
31ms Stylesheet
text/css 104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cullgame.com/theme/Master/SubscriptionPages/css/subscriptions/theme-rev/basic-main.1fab3afc.css

Requested by

Host: cullgame.com
URL: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ab08d60cec3c94dc6319c32715f741407e01c1f97b6c39e265029c895656de7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6119
status: 200
last-modified: Tue, 10 Dec 2019 16:26:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5defc72f-5b72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-fruit: banana
cache-control: public, max-age=14400
cf-ray: 5452a6cefea79bd3-AMS
expires: Sat, 14 Dec 2019 23:40:47 GMT

GET
H2 200 romapro-basic.014f5803.css
cullgame.com/theme/Master/SubscriptionPages/css/subscriptions/theme-rev/ 30 KB
6 KB 31ms
28ms Stylesheet
text/css 104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cullgame.com/theme/Master/SubscriptionPages/css/subscriptions/theme-rev/romapro-basic.014f5803.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bfff7c2ebe7b46dd0e1e94052b60a2dbba6688307ab22fa626583a7ff37d4b8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6119
status: 200
last-modified: Tue, 10 Dec 2019 16:26:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5defc72f-761c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-fruit: banana
cache-control: public, max-age=14400
cf-ray: 5452a6cefeac9bd3-AMS
expires: Sat, 14 Dec 2019 23:40:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
572 B 19ms
16ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:200,300,400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

1dbc31cd4b013d811fc87b468247060a8d78eeaaaebb1f8fc2f7894b583dbe8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 14 Dec 2019 19:40:47 GMT
server: ESF
access-control-allow-origin: *
date: Sat, 14 Dec 2019 19:40:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sat, 14 Dec 2019 19:40:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
564 B 23ms
20ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

3af0ae27f1791aea9da60e94e1cf03291881d516c6b62575a8b7a402b96d299c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 14 Dec 2019 19:40:47 GMT
server: ESF
access-control-allow-origin: *
date: Sat, 14 Dec 2019 19:40:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sat, 14 Dec 2019 19:40:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 384 B
328 B 21ms
19ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Candal

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

234721bdee39c6ad327441878f9fce19e14bced19127a7eb4fc339d0dcb1d803

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 14 Dec 2019 19:40:47 GMT
server: ESF
access-control-allow-origin: *
date: Sat, 14 Dec 2019 19:40:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sat, 14 Dec 2019 19:40:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
521 B 23ms
21ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e4ad5784c7123f5e5acf19919e5979228a042d0fa8555c94c06e979652c33e2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 14 Dec 2019 19:40:47 GMT
server: ESF
access-control-allow-origin: *
date: Sat, 14 Dec 2019 19:40:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sat, 14 Dec 2019 19:40:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
610 B 28ms
25ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

72d29524187edb426ffe7138b789ea1712f21531420b9c4d9b0eed568384bb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 14 Dec 2019 19:40:47 GMT
server: ESF
access-control-allow-origin: *
date: Sat, 14 Dec 2019 19:40:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sat, 14 Dec 2019 19:40:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
434 B 27ms
25ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Anton

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

feebd6c9d68ce4abb3f7f203d7f9b0011e0e55f439a960e2a4c4dee286fd954f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 14 Dec 2019 19:40:47 GMT
server: ESF
access-control-allow-origin: *
date: Sat, 14 Dec 2019 19:40:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sat, 14 Dec 2019 19:40:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
495 B 28ms
26ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Yanone+Kaffeesatz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

028c35b31db9c39e8b14e07d979919912180f1c8fed8bd5627d4fa9f6a28f385

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 14 Dec 2019 19:40:47 GMT
server: ESF
access-control-allow-origin: *
date: Sat, 14 Dec 2019 19:40:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sat, 14 Dec 2019 19:40:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 407 B
335 B 27ms
25ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Abel

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

4ae087b29abf84ffdc9bae58b201c36c39c9b4bae5aa0086c115d0fae1d9420e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 14 Dec 2019 19:40:47 GMT
server: ESF
access-control-allow-origin: *
date: Sat, 14 Dec 2019 19:40:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sat, 14 Dec 2019 19:40:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 767 B
400 B 29ms
27ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 14 Dec 2019 19:40:47 GMT
server: ESF
access-control-allow-origin: *
date: Sat, 14 Dec 2019 19:40:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sat, 14 Dec 2019 19:40:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
546 B 28ms
26ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e5b09ae4f391ccd8e04977e2330f1e533a2a507d95c609a3fd437a7ffc7cddfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 14 Dec 2019 19:40:47 GMT
server: ESF
access-control-allow-origin: *
date: Sat, 14 Dec 2019 19:40:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sat, 14 Dec 2019 19:40:47 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 141 KB
20 KB 38ms
7ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by: Host: cullgame.com
URL: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
Origin: https://cullgame.com

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:34:10 GMT
access-control-allow-origin: *
etag: "1544639650"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 20563

GET
H2 200 all.css
use.fontawesome.com/releases/v5.0.13/css/ 40 KB
10 KB 82ms
26ms Stylesheet
text/css 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Requested by: Host: cullgame.com
URL: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
Origin: https://cullgame.com

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
content-encoding: gzip
last-modified: Thu, 10 May 2018 15:10:14 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"d61bfe9b56c13ecff5313ee3abb45e8b"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
7 KB 21ms
20ms Stylesheet
text/css 2606:4700::6811:4004
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 20986388
cf-ray: 5452a6cefaf28c68-VIE
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:19:12 GMT
server: cloudflare
etag: W/"5afd4910-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Thu, 03 Dec 2020 19:40:47 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
H2 200 iphone11pro.png
cullgame.com/theme/Master/SubscriptionPages/img/placeholders/ 132 KB
133 KB 33ms
32ms Image
image/png 104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cullgame.com/theme/Master/SubscriptionPages/img/placeholders/iphone11pro.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3a64a71242c000db7b7afa2f131ac9f8716b69a619ccdaf5622371763fbaaf0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
cf-cache-status: HIT
age: 2867
status: 200
content-length: 135456
last-modified: Tue, 10 Dec 2019 16:20:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5defc5d9-21120"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-fruit: banana
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5452a6cefeae9bd3-AMS
expires: Sat, 14 Dec 2019 23:40:47 GMT

GET
H2 200 iphone-outline.png
cullgame.com/theme/Master/SubscriptionPages/img/placeholders/min/ 774 B
932 B 29ms
27ms Image
image/png 104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cullgame.com/theme/Master/SubscriptionPages/img/placeholders/min/iphone-outline.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed94c420b5b0787cdf2dcb62806b27ee255e686a5b1b3944f535e7cb2f0d3c61

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
cf-cache-status: HIT
age: 2867
status: 200
content-length: 774
last-modified: Tue, 10 Dec 2019 16:20:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5defc5d9-306"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-fruit: banana
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5452a6cefeb19bd3-AMS
expires: Sat, 14 Dec 2019 23:40:47 GMT

GET
H2 200 apple-logo-white.png
cullgame.com/theme/Master/SubscriptionPages/img/placeholders/min/ 971 B
1 KB 32ms
29ms Image
image/png 104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cullgame.com/theme/Master/SubscriptionPages/img/placeholders/min/apple-logo-white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

25ba27da4af9829fafff6ddea0191446a1adef9c6e5f27d18d27280362f2c619

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
cf-cache-status: HIT
age: 2867
status: 200
content-length: 971
last-modified: Tue, 10 Dec 2019 16:20:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5defc5d9-3cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-fruit: banana
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5452a6cf8f6b9bd3-AMS
expires: Sat, 14 Dec 2019 23:40:47 GMT

GET
H2 200 cullgame_dark.png
cullgame.com/img/logos/gamez/min/ 12 KB
12 KB 28ms
26ms Image
image/png 104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cullgame.com/img/logos/gamez/min/cullgame_dark.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3383cc08cadb0da03d7ad8bd4789d99030366cc5db70f387541a41c99768a805

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
cf-cache-status: HIT
age: 3177
status: 200
content-length: 12582
last-modified: Tue, 10 Dec 2019 16:20:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5defc5d9-3126"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-fruit: banana
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5452a6cf8f6c9bd3-AMS
expires: Sat, 14 Dec 2019 23:40:47 GMT

GET
H2 200 en.png
cullgame.com/img/flags/min/ 545 B
650 B 33ms
31ms Image
image/png 104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cullgame.com/img/flags/min/en.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6cf87f6b6f6c3cd542a6156d69257c1dba10b58fa034d291bcf83b1713938e9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
cf-cache-status: HIT
age: 3177
status: 200
content-length: 545
last-modified: Tue, 10 Dec 2019 16:20:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5defc5d9-221"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-fruit: banana
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5452a6cf8f6f9bd3-AMS
expires: Sat, 14 Dec 2019 23:40:47 GMT

GET
H2 200 ar.png
cullgame.com/img/flags/min/ 428 B
510 B 32ms
30ms Image
image/png 104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cullgame.com/img/flags/min/ar.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d42be6e56327fef927abfcdbed9a90ff588ed85eb7dc6d4fd977f23484b53776

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
cf-cache-status: HIT
age: 3185
status: 200
content-length: 428
last-modified: Tue, 10 Dec 2019 16:20:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5defc5d9-1ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-fruit: banana
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5452a6cf8f709bd3-AMS
expires: Sat, 14 Dec 2019 23:40:47 GMT

GET
H2 200 da.png
cullgame.com/img/flags/min/ 352 B
433 B 30ms
28ms Image
image/png 104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cullgame.com/img/flags/min/da.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

95253486ae74b2987697e95e810fb4e2c5866e7290d3e8c3bfa64b33ed7fb76b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
cf-cache-status: HIT
age: 3182
status: 200
content-length: 352
last-modified: Tue, 10 Dec 2019 16:20:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5defc5d9-160"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-fruit: banana
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5452a6cf8f719bd3-AMS
expires: Sat, 14 Dec 2019 23:40:47 GMT

GET
H2 200 de.png
cullgame.com/img/flags/min/ 364 B
441 B 30ms
29ms Image
image/png 104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cullgame.com/img/flags/min/de.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

21f38ae028adb9455c66a185775d4ea208add60aae4e4f2376f57227a48756a7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
cf-cache-status: HIT
age: 3182
status: 200
content-length: 364
last-modified: Tue, 10 Dec 2019 16:20:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5defc5d9-16c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-fruit: banana
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5452a6cf8f729bd3-AMS
expires: Sat, 14 Dec 2019 23:40:47 GMT

GET
H2 200 es.png
cullgame.com/img/flags/min/ 344 B
425 B 32ms
31ms Image
image/png 104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cullgame.com/img/flags/min/es.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0326c79a8e173153873aa2b31581b54aebc0bcbf4ab2d55807f5d84098d523b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
cf-cache-status: HIT
age: 3177
status: 200
content-length: 344
last-modified: Tue, 10 Dec 2019 16:20:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5defc5d9-158"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-fruit: banana
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5452a6cf8f739bd3-AMS
expires: Sat, 14 Dec 2019 23:40:47 GMT

GET
H2 200 fr.png
cullgame.com/img/flags/min/ 369 B
473 B 31ms
30ms Image
image/png 104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cullgame.com/img/flags/min/fr.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f414502d6c48e571dd4baf8bfbdf6fb5dabdd791cf6c789a0264806b314ca58

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
cf-cache-status: HIT
age: 4097
status: 200
content-length: 369
last-modified: Tue, 10 Dec 2019 16:20:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5defc5d9-171"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-fruit: banana
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5452a6cf8f759bd3-AMS
expires: Sat, 14 Dec 2019 23:40:47 GMT

GET
H2 200 it.png
cullgame.com/img/flags/min/ 420 B
571 B 33ms
32ms Image
image/png 104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cullgame.com/img/flags/min/it.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7992f57d67156f994a38c6bb4ec72fa57601a284558db5e065c02dc36ee9d8c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
cf-cache-status: HIT
age: 3177
status: 200
content-length: 420
last-modified: Tue, 10 Dec 2019 16:20:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5defc5d9-1a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-fruit: banana
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5452a6cf8f769bd3-AMS
expires: Sat, 14 Dec 2019 23:40:47 GMT

GET
H2 200 ja.png
cullgame.com/img/flags/min/ 420 B
481 B 49ms
48ms Image
image/png 104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cullgame.com/img/flags/min/ja.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5efce88ac7228ea159bcf7fd1cc56d73c19428394218706524bac0e9151d4c61

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
cf-cache-status: HIT
age: 3177
status: 200
content-length: 420
last-modified: Tue, 10 Dec 2019 16:20:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5defc5d9-1a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-fruit: banana
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5452a6cf9f7f9bd3-AMS
expires: Sat, 14 Dec 2019 23:40:47 GMT

GET
H2 200 nl.png
cullgame.com/img/flags/min/ 310 B
421 B 40ms
39ms Image
image/png 104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cullgame.com/img/flags/min/nl.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e188f98c3d1c722d93cf24bb7c2561584a6fc3ea2d1ab35a7fd52b3bbb2188cd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
cf-cache-status: HIT
age: 3177
status: 200
content-length: 310
last-modified: Tue, 10 Dec 2019 16:20:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5defc5d9-136"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-fruit: banana
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5452a6cf9f809bd3-AMS
expires: Sat, 14 Dec 2019 23:40:47 GMT

GET
H2 200 no.png
cullgame.com/img/flags/min/ 397 B
475 B 50ms
49ms Image
image/png 104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cullgame.com/img/flags/min/no.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f59e4cf0fa6ee21a54ba82946499f611b0333a1fc15e55590567a812d464b6fb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
cf-cache-status: HIT
age: 3177
status: 200
content-length: 397
last-modified: Tue, 10 Dec 2019 16:20:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5defc5d9-18d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-fruit: banana
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5452a6cf9f819bd3-AMS
expires: Sat, 14 Dec 2019 23:40:47 GMT

GET
H2 200 pt.png
cullgame.com/img/flags/min/ 407 B
530 B 47ms
46ms Image
image/png 104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cullgame.com/img/flags/min/pt.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2af22923899eea4a4997481bae73840ab2f4294798b85509f3cb63c05fe68e2c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
cf-cache-status: HIT
age: 3177
status: 200
content-length: 407
last-modified: Tue, 10 Dec 2019 16:20:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5defc5d9-197"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-fruit: banana
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5452a6cf9f829bd3-AMS
expires: Sat, 14 Dec 2019 23:40:47 GMT

GET
H2 200 sv.png
cullgame.com/img/flags/min/ 389 B
515 B 39ms
37ms Image
image/png 104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cullgame.com/img/flags/min/sv.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f96fc8f9f474e8b8a6a82ed9bb5e22e19c6c5921fd363bb903fa693dfb9447a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
cf-cache-status: HIT
age: 4097
status: 200
content-length: 389
last-modified: Tue, 10 Dec 2019 16:20:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5defc5d9-185"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-fruit: banana
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 5452a6cf9f849bd3-AMS
expires: Sat, 14 Dec 2019 23:40:47 GMT

GET
H2 200 email-decode.min.js Show response
cullgame.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
807 B 41ms
40ms Script
application/javascript 104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cullgame.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
content-encoding: gzip
last-modified: Tue, 10 Dec 2019 17:32:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5defd6a1-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 5452a6cf2ee79bd3-AMS
expires: Mon, 16 Dec 2019 19:40:47 GMT

GET
H2 200 scripts.min.ca3179bc.js Show response
cullgame.com/theme/Master/SubscriptionPages/js/subscriptions/min-rev/ 237 KB
74 KB 33ms
33ms Script
application/javascript 104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cullgame.com/theme/Master/SubscriptionPages/js/subscriptions/min-rev/scripts.min.ca3179bc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c55033e09734425e90a941e7dc159586325a46601906a6fde250361b0b3b077

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6119
status: 200
last-modified: Tue, 10 Dec 2019 16:26:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5defc72f-3b2db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-fruit: banana
cache-control: public, max-age=14400
cf-ray: 5452a6cf6f469bd3-AMS
expires: Sat, 14 Dec 2019 23:40:47 GMT

GET
H2 200 regValidation.min.8cfdcecb.js Show response
cullgame.com/theme/Master/SubscriptionPages/js/subscriptions/validation/min-rev/ 4 KB
982 B 33ms
33ms Script
application/javascript 104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cullgame.com/theme/Master/SubscriptionPages/js/subscriptions/validation/min-rev/regValidation.min.8cfdcecb.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f69df65dbf77addc9bc9199bf45845213f810f34ebc41cc6617af74ea971af1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6118
status: 200
last-modified: Tue, 10 Dec 2019 16:26:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5defc72f-e94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-fruit: banana
cache-control: public, max-age=14400
cf-ray: 5452a6cf6f4c9bd3-AMS
expires: Sat, 14 Dec 2019 23:40:47 GMT

GET
H2 200 main.js Show response
cullgame.com/theme/Master/SubscriptionPages/js/subscriptions/ 9 KB
2 KB 35ms
33ms Script
application/javascript 104.17.20.75
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cullgame.com/theme/Master/SubscriptionPages/js/subscriptions/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.20.75 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbd066b4d5ebfb0b0be80216f86d5da48e28e005cc2d82ff54f2ddc941c1f22b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6118
status: 200
last-modified: Tue, 10 Dec 2019 16:20:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5defc5d9-2279"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-fruit: banana
cache-control: public, max-age=14400
cf-ray: 5452a6cf8f689bd3-AMS
expires: Sat, 14 Dec 2019 23:40:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 50 KB
19 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:80b::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MMPL24Z

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

588ffa985c7d88575fc4826408a2cd260e1b4d0abcc493bc60b1852d9331bd22

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://cullgame.com/registration?theme=m-2-romaProX&v_id=d50809f8-6003-c9fa-ca50-5c0d378b2210&page=m-2-romaPro&clickid=M2019121419-fcc0852ff37a357736a02005a1a9e590&pubid=&a_aid=762hgrfkij23
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 19:40:47 GMT
content-encoding: br
last-modified: Sat, 14 Dec 2019 18:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 19298
x-xss-protection: 0
expires: Sat, 14 Dec 2019 19:40:47 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto
Origin: https://cullgame.com

Response headers

date: Thu, 21 Nov 2019 15:36:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 2001866
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Fri, 20 Nov 2020 15:36:21 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab19814294479021551

Domain: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab19814294cf759653f

Domain: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab29814293e4c7b8d15

Domain: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab39814293fe4747f03

Domain: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab49814293e9f7d4d30

Domain: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=157851&cid=5df53ab59814293be524a851

Domain: tracking.adacts.com
URL: https://tracking.adacts.com/click?aff_sub1=lBE20AQIG0901640007PS002MZ0ZG0H03DSRMY06CH03DSR00000000&aff_id=212&offer_id=8855&

Domain: now.loading-wsite.com
URL: https://now.loading-wsite.com/?utm_medium=044188730a0d579726ff030f34159eece2e383db&utm_campaign=MS&1=196084&cid=5df53abb981429400b21dc41

Domain: minently.com
URL: https://minently.com/RnSda/rDN3/qD5mv_k/-nsy7qV12UzKdEclLfy6SOfF-12z43GPMrEyUTBKdtGlCYlxwB8e/_jJl6aEmlhfDJUUkL_ryHW-tNYI9m58?ori=13x&jch=0||1600||1200||0||112221000011001010110&hh=50

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cullgame.com/	1969-12-31 23:59:59	Name: CakeCookie[lang] Value: eng
cullgame.com/	1969-12-31 23:59:59	Name: CakeCookie[clickid] Value: TTIwMTkxMjE0MTktZmNjMDg1MmZmMzdhMzU3NzM2YTAyMDA1YTFhOWU1OTA%3D
cullgame.com/	1970-01-19 05:53:15	Name: contestDate Value: Sun%20Dec%2015%202019%2008:40:48%20GMT+0100%20(Central%20European%20Standard%20Time)
cullgame.com/	1969-12-31 23:59:59	Name: CakeCookie[v_id] Value: ZDUwODA5ZjgtNjAwMy1jOWZhLWNhNTAtNWMwZDM3OGIyMjEw
cullgame.com/	1969-12-31 23:59:59	Name: CakeCookie[a_aid] Value: NzYyaGdyZmtpajIz
.cullgame.com/	1970-01-19 06:35:44	Name: __cfduid Value: db00ed3a7bdac1d97a303d3af405d09581576352447

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cullgame.com/theme/Master/SubscriptionPages/js/subscriptions/min-rev/scripts.min.ca3179bc.js(Line 1) Message: generic
console-api	log	URL: https://cullgame.com/theme/Master/SubscriptionPages/js/subscriptions/main.js(Line 177) Message: generic

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.conscier.com
cdnjs.cloudflare.com
cullgame.com
fonts.googleapis.com
fonts.gstatic.com
go-rillatrack.com
go.selfcenteredteammates.net
kongtraff.com
links.securedark.com
makedirect.xyz
maxcdn.bootstrapcdn.com
minently.com
now.loading-wsite.com
reorget.com
routeserve.info
tracking.adacts.com
use.fontawesome.com
www.googletagmanager.com
minently.com
now.loading-wsite.com
tracking.adacts.com
104.17.20.75
104.18.222.81
104.248.255.79
104.26.15.246
198.143.165.219
198.143.165.221
2001:4de0:ac19::1:b:3a
205.147.93.131
23.111.9.35
2606:4700::6811:4004
2a00:1450:4001:80b::2008
2a00:1450:4001:817::2003
2a00:1450:4001:824::200a
31.170.100.126
45.95.82.112
52.76.175.101
62.212.87.141
94.23.206.47
028c35b31db9c39e8b14e07d979919912180f1c8fed8bd5627d4fa9f6a28f385
06fc47330c4e33768f7441538d347b1fa63a43b9c0820a155c282ea816de1ca6
13abe3f0cbfaeae53c09bec56f571aaa64a242b7cd36d00fbec782132507d179
146bc7ac49aafa5490fb986f0b17cd19855f6871bede4a62e0ed0515a59a918c
1dbc31cd4b013d811fc87b468247060a8d78eeaaaebb1f8fc2f7894b583dbe8d
21f38ae028adb9455c66a185775d4ea208add60aae4e4f2376f57227a48756a7
234721bdee39c6ad327441878f9fce19e14bced19127a7eb4fc339d0dcb1d803
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25ba27da4af9829fafff6ddea0191446a1adef9c6e5f27d18d27280362f2c619
29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a
2af22923899eea4a4997481bae73840ab2f4294798b85509f3cb63c05fe68e2c
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2f69df65dbf77addc9bc9199bf45845213f810f34ebc41cc6617af74ea971af1
31085e94c17e9704fc220ac5d7af73392a240289f437f03f480bd7f3bcc9acec
3383cc08cadb0da03d7ad8bd4789d99030366cc5db70f387541a41c99768a805
338cf501227be12367556b78b8b7d17ed5f4fc87423128bb657d1dae596aa346
3af0ae27f1791aea9da60e94e1cf03291881d516c6b62575a8b7a402b96d299c
3f414502d6c48e571dd4baf8bfbdf6fb5dabdd791cf6c789a0264806b314ca58
41b078c17fbe1bc5b9939048490af31e975ddeb798f16bdb2465e37d245129ae
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
4a2b5a616d7d1f888678d08ff94dce79b1e79f7879a3457545d2d070a9fe9505
4ae087b29abf84ffdc9bae58b201c36c39c9b4bae5aa0086c115d0fae1d9420e
4b827b55ec4fb5513cdb82ed70559a40d8ef54732115f912889261a2060dae7f
4d187d6296e4beb2dc19b872377716fbb51946b5d69c477f16a6cd8ed41746fd
5573ef6a0c74e4270b580f565dda7208a4f643f9c6b7454bf562f1b4a2d5fe30
588ffa985c7d88575fc4826408a2cd260e1b4d0abcc493bc60b1852d9331bd22
5ab08d60cec3c94dc6319c32715f741407e01c1f97b6c39e265029c895656de7
5c55033e09734425e90a941e7dc159586325a46601906a6fde250361b0b3b077
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5efce88ac7228ea159bcf7fd1cc56d73c19428394218706524bac0e9151d4c61
5fb54913be596e6602571524dd3033441311b640552d6443577b930920d6c9a9
619bd868bad465e227e357658b2ce29096d6f54b8230941638aba4195c456e82
65165879dcaa296d5422a97aee1dfead71cab7343bb456e9a6b4229966dc11fc
6f96fc8f9f474e8b8a6a82ed9bb5e22e19c6c5921fd363bb903fa693dfb9447a
72d29524187edb426ffe7138b789ea1712f21531420b9c4d9b0eed568384bb88
74f4a2d8efddc8edf09695fb4b025096ce0cece3d1cec69f88c8860c860ecd8e
76103c83e915bc55255d80d5df8174a89e1063fe309ca901f0387b31b57f8f34
775eca78a841270fa9b1535350637a63f75d58a3698b83ca4967dba34f7e2c1b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a218cab24dca80d1f211862f1fc45442d419ed4435401802dc501aa3d20ad62
7b0ff0df30f846fde82c5f4310de56cbd6f44917dbbd79f8a2bb9afc57a18002
82274f441b5afb40978455be2c403bd351dee7295ed779ab444aef25100650da
87d0ae504c75bc9689f99d8909b0693c88bbcdbe4a17eb6ea20a501a5fe5af63
8bfff7c2ebe7b46dd0e1e94052b60a2dbba6688307ab22fa626583a7ff37d4b8
8c3cff8cb6b3213bee7ebb05f0bf2ad61717c25d1830bb8957d30a051946631b
90f6fc54298e48562cab8e9c3f6e60504044ce937b5ef0334465e9adf28fd0a6
91008c360efb8415c1fd1a987e617190e9f722c4c3eb2c47fa8987f7cc1ecb96
95253486ae74b2987697e95e810fb4e2c5866e7290d3e8c3bfa64b33ed7fb76b
9fc5fc5a0c610a2b2a36179a6995b98322a0c9534297ff56ff6acb2daa4afd39
b1fc51f58fe36bca4fa62bdae933f781f011a11a126546b57ed85cfe3d8e3961
b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9
c092f9205fa24a7e5aac9c181ab35ce577882e4647714c384b4a2a4713792ac3
c7992f57d67156f994a38c6bb4ec72fa57601a284558db5e065c02dc36ee9d8c
ca575125da4a9a77aac9ca36b0b4b2873eef51cb31dfe4d18d1d27dfd9d285b0
cbd066b4d5ebfb0b0be80216f86d5da48e28e005cc2d82ff54f2ddc941c1f22b
d0326c79a8e173153873aa2b31581b54aebc0bcbf4ab2d55807f5d84098d523b
d42be6e56327fef927abfcdbed9a90ff588ed85eb7dc6d4fd977f23484b53776
e13ed77dfeaa6337766a94370d26a84f27097e38ef8aeb897f3cdcb5a39e2b4b
e188f98c3d1c722d93cf24bb7c2561584a6fc3ea2d1ab35a7fd52b3bbb2188cd
e4ad5784c7123f5e5acf19919e5979228a042d0fa8555c94c06e979652c33e2e
e5b09ae4f391ccd8e04977e2330f1e533a2a507d95c609a3fd437a7ffc7cddfa
e6cf87f6b6f6c3cd542a6156d69257c1dba10b58fa034d291bcf83b1713938e9
eb28f0867aa0c60fe8d37c4c12f2fbbe7d573b2112645d26c963ddd1d648613d
ed94c420b5b0787cdf2dcb62806b27ee255e686a5b1b3944f535e7cb2f0d3c61
ef39ed27edeee6b8be0ff8b001fed9b058ca6b2ef371d315983f241c5c5a3296
f3a64a71242c000db7b7afa2f131ac9f8716b69a619ccdaf5622371763fbaaf0
f59e4cf0fa6ee21a54ba82946499f611b0333a1fc15e55590567a812d464b6fb
f886b77a342c845764c46e0609320d41eb0942bb4c7f8a29668e7c7b45571e62
f9cc951381fa7bfbdbc01fa483734e097de058dfe20e9338628f836d90919b70
feebd6c9d68ce4abb3f7f203d7f9b0011e0e55f439a960e2a4c4dee286fd954f

cullgame.com Open in urlscan Pro 104.17.20.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

87 Requests

86 %HTTPS

28 %IPv6

18 Domains

18 Subdomains

16 IPs

7 Countries

427 kBTransfer

1042 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

cullgame.com Open in urlscan Pro
104.17.20.75 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

86 %
HTTPS

28 %
IPv6

18
Domains

18
Subdomains

16
IPs

7
Countries

427 kB
Transfer

1042 kB
Size

6
Cookies

87 HTTP transactions
0 data transactions