urlscan.io logo urlscan.io
SecurityTrails logo

bestfwdservice.com Open in urlscan Pro
141.8.224.25  Public Scan

Go To Rescan Add Verdict Report
URL: http://bestfwdservice.com/
Submission: On November 29 via manual from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 21 HTTP transactions. The main IP is 141.8.224.25, located in Switzerland and belongs to CONFLUENCE-NETWORK-INC - Confluence Networks Inc, VG. The main domain is bestfwdservice.com.
This is the only time bestfwdservice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 141.8.224.25 40034 (CONFLUENC...)
2 8.19.136.250 3356 (LEVEL3)
1 8.19.136.249 3356 (LEVEL3)
1 104.16.142.179 13335 (CLOUDFLAR...)
2 104.25.197.5 13335 (CLOUDFLAR...)
4 104.25.96.19 13335 (CLOUDFLAR...)
21 7
4    141.8.224.25 (Switzerland)

ASN40034 (CONFLUENCE-NETWORK-INC - Confluence Networks Inc, VG)
bestfwdservice.com
2    8.19.136.250 (Los Angeles, United States)

ASN3356 (LEVEL3 - Level 3 Communications, Inc., US)
vq61355.com
1    8.19.136.249 (Los Angeles, United States)

ASN3356 (LEVEL3 - Level 3 Communications, Inc., US)
www.advconversion.com
1    104.16.142.179 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
www.sc2spotlight.com
2    104.25.197.5 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
www.hotsreplay.org
4    104.25.96.19 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
www.cshighlight.com
www.cshighlights.com
Domain Requested by
4 bestfwdservice.com bestfwdservice.com
2 www.cshighlights.com www.cshighlight.com
2 www.cshighlight.com www.hotsreplay.org
2 www.hotsreplay.org www.sc2spotlight.com
2 vq61355.com
1 www.sc2spotlight.com
1 www.advconversion.com vq61355.com
0 www.dingit.tv Failed www.cshighlights.com
21 8

This site contains no links.

Subject Issuer Validity Valid

This page contains 8 frames:

Frame: http://vq61355.com/ctrd/click/newjump1.do?affiliate=65856&subid=56109&ai=KVuXGyADe1QnpU4UY6-IsdftLrbZB2ldZ7nPEqBmFMpCYpUu-8K8C-lT8LHvZ7qZerfpwJ-bg2rWUAdz-a1OP4epRTjG6XRlhjZoLPTOESV3u-RtqgOFd6USLF9YVylwUPZA0sHXy4eFgp7b-pfvcFvwir_ODnBu48xNBP8NXB6d1tGa_e_G6Yh0sjYXfPhPQa5Pf1CpSmldskR3ptaIXkRmI-r6j_wOl_WW_THw-2dfxLHd41BO_6Y-dKoAa5UfwLjrgkWI5aDAXdio2GTFwNUZKr_ePaoLxIUFzgAnQC71Gcm86aHUFCXp_nMm8xhRlr5-YQ7M6toNlENDt2cRc7kVYVwnGempnnMulPXcDH-8jcbZi0fVZzIM6LLwaD-g9ws-1QRCvfmgPX_PediRwqkpP9kn3-sp
Frame ID: 21347.1
Requests: 3 HTTP requests in this frame

Frame: http://bestfwdservice.com/?folio=9POOHPUPL&_glst=2&rfolio=9PO47447K
Frame ID: 21347.2
Requests: 1 HTTP requests in this frame

Frame: http://bestfwdservice.com/adclk?&gm=xhBY%2BWKmz0AK2pJN49s%2F7SGfbikOhWJxnQZ42skiiQj9TF75lqZVNLKfSZwYhd53E8SHAu4I3ib7GyaQ3MAeS3zYd0tsJvk5T408shJGMJylzznGYnOlikhUSExneoEvwVWQ%2FIWMpj9gsi3tjJnBleVu2VCjtCpV1iuEizI2Vo%2BbOGXrr64vHotieRXvZNJbbKB91BOV8SjAeb1J5J1O39gxoF8F2ZnbqshDLBBk2aZGAV4BG9nlmIXYAg%2F5fpkikM7gDjEcUVjXJm3wGTjp0L7%2FXST4%2BrRY3auxL6GHRF3tkpgOUJwehgcyQgZ6p37xOIarbrTbe6VP%2F4C2%2BtvMLNHUYjh%2B9H8JI6TuppOMHMc%3D&gc=11322279940468415088327&gi=eDcR7ONK24pPeOJ%2FONikpY5Qzh2EHZi2hJghRJh27kjfnVWo5Smbn1kv1PE%2FeNbXQ9FvijPy52yjM7qeZSoZrbHuIxGAi8xF3iDgfKViRjR2GKDwSdXH5nMMsaMpcCRuzMen71BE1uIyvVwHz%2FDElgy0V26bhOHWjh0knTiv2c2kJyv3RkThfKoLUPGEt0YB0YpIjEAAn9kkGPeFmMlV3mE3jx%2BacadDyGdBKTAe4MiYokPRtwkoPLcA49sw7vwE7CyXNNKuMLEqIRlxil%2FzKdXKr7SQ35TN4w%2BAhPAdAx9Ctoq6WEYgZ%2Fzi%2BCCNjOvbrc6K2vUU928ek3roLkxos5bS3k79ajO1ORtQ8gFTVk2tXXOO7hXW%2FMn054me1OoAhO44sIXGHIPafw52qCRUWHGjFjO0x9g%2FCoSruTUmvH%2BUTa3D3XVvJXkEBZpyxbJmN1FSQGhvADWqQVHtvdcwzuY29N%2BmJ%2FcsU9qCbt28k92wi%2Fe7TDoHwZBQm2PeXL2e&kgp=0&jccheck=1&zchdrdr=1
Frame ID: 21347.3
Requests: 1 HTTP requests in this frame

Frame: https://www.sc2spotlight.com/o/313?affiliate=65856-56109&c=0.0039
Frame ID: 21755.1
Requests: 4 HTTP requests in this frame

Frame: https://www.hotsreplay.org/o/313?affiliate=65856-56109&c=0.0039&time_slot=1480448401&cpm_slot=-1&campsignid=MM4CYZBQFRVDK%3D%3D%3D
Frame ID: 21898.1
Requests: 6 HTTP requests in this frame

Frame: http://www.cshighlight.com/o/313?affiliate=65856-56109&c=0.0039&time_slot=1480448401&cpm_slot=-1&campsignid=MQYCY2RVAAAA%3D%3D%3D%3D
Frame ID: 22042.1
Requests: 3 HTTP requests in this frame

Frame: https://www.cshighlights.com/o/313?affiliate=65856-56109&c=0.0039&time_slot=1480448401&cpm_slot=-1&campsignid=NI2QAAAAAAAA%3D%3D%3D%3D
Frame ID: 22120.1
Requests: 3 HTTP requests in this frame

Frame: http://www.dingit.tv/highlight/313?affiliate=65856-56109&c=0.0039&time_slot=1480448401&cpm_slot=-1
Frame ID: 22191.1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

21
Requests

24 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

7
IPs

2
Countries

14 kB
Transfer

35 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request 0
  • http://bestfwdservice.com/?ga=PCIevYkVmgTDMYSRiylXLCjMc9%2BoWXcZi97hkBZ81hrrA0zTMCbvtebJcTO0NcsVcguYHmr3vmsa2jdzm1yskg%3D%3D&gerf=Wqt1mQFzSGlneuje81y49KEFfagijYLanx7OkZefkRc%3D&guro=O%2BHhf5WKpkFih...
  • http://bestfwdservice.com/?folio=9POOHPUPL&_glst=2&rfolio=9PO47447K
Request 1
  • http://bestfwdservice.com/?ga=xuWFuW%2BZpmTWDtlMB8%2BT6HIzwrXTk%2FZ8Xixn6O0vrbyNGtzdptOcntCXq8OrlYXXAVeLdSk%2FKcC%2BUC1v43k%2BZw%3D%3D&gerf=zGq%2BTiGRUgwdLlPQGw8oX6riKllsYA7iBjx%2Bi5fwh1l8Oc6AxJw7V...
  • http://bestfwdservice.com/adclk?&gm=xhBY%2BWKmz0AK2pJN49s%2F7SGfbikOhWJxnQZ42skiiQj9TF75lqZVNLKfSZwYhd53E8SHAu4I3ib7GyaQ3MAeS3zYd0tsJvk5T408shJGMJylzznGYnOlikhUSExneoEvwVWQ%2FIWMpj9gsi3tjJnBleVu2VC...
Request 2
  • http://search.semp.net/click?i=T*GTGIB280E_0
  • http://vq61355.com/ctrd/click/newjump1.do?affiliate=65856&subid=56109&ai=KVuXGyADe1QnpU4UY6-IsdftLrbZB2ldZ7nPEqBmFMpCYpUu-8K8C-lT8LHvZ7qZerfpwJ-bg2rWUAdz-a1OP4epRTjG6XRlhjZoLPTOESV3u-RtqgOFd6USLF9Y...
Request 6
  • http://vq61355.com/ctrd/click/newjump2.do?affiliate=65856&subid=56109&tr=QxDNJ67OXyyK4hhMv7JGm3JRhEuOLAYA2kHqbg4dNndv1aTYD0CqnkV8lBoc9jBaMAOd2Ub3ufRW_1Yt0ZnmrP4iWDadZIlgplueM56gbgG0Gmsw1zLaAQw1vgqd...
  • https://www.sc2spotlight.com/o/313?affiliate=65856-56109&c=0.0039

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bestfwdservice.com/ 		1 KB
1005 B 		Document
General
Check archive.org
Download Go to
Full URL
http://bestfwdservice.com/
Protocol
HTTP/1.1
Server
141.8.224.25 , Switzerland, ASN40034 (CONFLUENCE-NETWORK-INC - Confluence Networks Inc, VG),
Reverse DNS
Software
Apache /
Resource Hash
bbcb55b8fd98db1e83337075d845fd4475f1429c527f4acf007e1113c37170fb

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36
Cache-Control
no-cache
Host
bestfwdservice.com
Connection
keep-alive
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=67
Content-Length
759
Date
Tue, 29 Nov 2016 19:40:45 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
/
bestfwdservice.com/ Frame 2134
Redirect Chain
  • http://bestfwdservice.com/?ga=PCIevYkVmgTDMYSRiylXLCjMc9%2BoWXcZi97hkBZ81hrrA0zTMCbvtebJcTO0NcsVcguYHmr3vmsa2jdzm1yskg%3D%3D&gerf=Wqt1mQFzSGlneuje81y49KEFfagijYLanx7OkZefkRc%3D&guro=O%2BHhf5WKpkFih...
  • http://bestfwdservice.com/?folio=9POOHPUPL&_glst=2&rfolio=9PO47447K
 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://bestfwdservice.com/?folio=9POOHPUPL&_glst=2&rfolio=9PO47447K
Requested by
Host: bestfwdservice.com
URL: http://bestfwdservice.com/
Protocol
HTTP/1.1
Server
141.8.224.25 , Switzerland, ASN40034 (CONFLUENCE-NETWORK-INC - Confluence Networks Inc, VG),
Reverse DNS
Software
Apache /
Resource Hash
88f55614476ff132a74b55f28e83bcefe32d8fa864e30145b86152341a4a3ae1

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Encoding
gzip, deflate, sdch
Cookie
gvc=905vr2279940460521756
Pragma
no-cache
Referer
http://bestfwdservice.com/
Host
bestfwdservice.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36
Cache-Control
no-cache
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36
Referer
http://bestfwdservice.com/

Response headers

Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=115
Content-Length
822
Date
Tue, 29 Nov 2016 19:40:46 GMT
Content-Encoding
gzip

Redirect headers

Content-Encoding
gzip
Location
http://bestfwdservice.com/?folio=9POOHPUPL&_glst=2&rfolio=9PO47447K
Content-Length
20
Vary
Accept-Encoding,User-Agent
Keep-Alive
timeout=5, max=128
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Set-Cookie
gvc=905vr2279940460521756; expires=Sun, 28-Nov-2021 19:40:46 GMT; path=/; domain=bestfwdservice.com; httponly
Date
Tue, 29 Nov 2016 19:40:45 GMT
Server
Apache
adclk
bestfwdservice.com/ Frame 2134
Redirect Chain
  • http://bestfwdservice.com/?ga=xuWFuW%2BZpmTWDtlMB8%2BT6HIzwrXTk%2FZ8Xixn6O0vrbyNGtzdptOcntCXq8OrlYXXAVeLdSk%2FKcC%2BUC1v43k%2BZw%3D%3D&gerf=zGq%2BTiGRUgwdLlPQGw8oX6riKllsYA7iBjx%2Bi5fwh1l8Oc6AxJw7V...
  • http://bestfwdservice.com/adclk?&gm=xhBY%2BWKmz0AK2pJN49s%2F7SGfbikOhWJxnQZ42skiiQj9TF75lqZVNLKfSZwYhd53E8SHAu4I3ib7GyaQ3MAeS3zYd0tsJvk5T408shJGMJylzznGYnOlikhUSExneoEvwVWQ%2FIWMpj9gsi3tjJnBleVu2VC...
 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://bestfwdservice.com/adclk?&gm=xhBY%2BWKmz0AK2pJN49s%2F7SGfbikOhWJxnQZ42skiiQj9TF75lqZVNLKfSZwYhd53E8SHAu4I3ib7GyaQ3MAeS3zYd0tsJvk5T408shJGMJylzznGYnOlikhUSExneoEvwVWQ%2FIWMpj9gsi3tjJnBleVu2VCjtCpV1iuEizI2Vo%2BbOGXrr64vHotieRXvZNJbbKB91BOV8SjAeb1J5J1O39gxoF8F2ZnbqshDLBBk2aZGAV4BG9nlmIXYAg%2F5fpkikM7gDjEcUVjXJm3wGTjp0L7%2FXST4%2BrRY3auxL6GHRF3tkpgOUJwehgcyQgZ6p37xOIarbrTbe6VP%2F4C2%2BtvMLNHUYjh%2B9H8JI6TuppOMHMc%3D&gc=11322279940468415088327&gi=eDcR7ONK24pPeOJ%2FONikpY5Qzh2EHZi2hJghRJh27kjfnVWo5Smbn1kv1PE%2FeNbXQ9FvijPy52yjM7qeZSoZrbHuIxGAi8xF3iDgfKViRjR2GKDwSdXH5nMMsaMpcCRuzMen71BE1uIyvVwHz%2FDElgy0V26bhOHWjh0knTiv2c2kJyv3RkThfKoLUPGEt0YB0YpIjEAAn9kkGPeFmMlV3mE3jx%2BacadDyGdBKTAe4MiYokPRtwkoPLcA49sw7vwE7CyXNNKuMLEqIRlxil%2FzKdXKr7SQ35TN4w%2BAhPAdAx9Ctoq6WEYgZ%2Fzi%2BCCNjOvbrc6K2vUU928ek3roLkxos5bS3k79ajO1ORtQ8gFTVk2tXXOO7hXW%2FMn054me1OoAhO44sIXGHIPafw52qCRUWHGjFjO0x9g%2FCoSruTUmvH%2BUTa3D3XVvJXkEBZpyxbJmN1FSQGhvADWqQVHtvdcwzuY29N%2BmJ%2FcsU9qCbt28k92wi%2Fe7TDoHwZBQm2PeXL2e&kgp=0&jccheck=1&zchdrdr=1
Requested by
Host: bestfwdservice.com
URL: http://bestfwdservice.com/?folio=9POOHPUPL&_glst=2&rfolio=9PO47447K
Protocol
HTTP/1.1
Server
141.8.224.25 , Switzerland, ASN40034 (CONFLUENCE-NETWORK-INC - Confluence Networks Inc, VG),
Reverse DNS
Software
Apache /
Resource Hash
af846222d628c1c4901013f432b7039d23878376fbfd27cbfe134e186dfd3dd3

Request headers

Accept-Language
en-US,en;q=0.8
Connection
keep-alive
Referer
http://bestfwdservice.com/?folio=9POOHPUPL&_glst=2&rfolio=9PO47447K
Upgrade-Insecure-Requests
1
Accept-Encoding
gzip, deflate, sdch
Host
bestfwdservice.com
Pragma
no-cache
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cookie
gvc=905vr2279940460521756; fjccheck=1; browser_width=1598; browser_height=1132
Referer
http://bestfwdservice.com/?folio=9POOHPUPL&_glst=2&rfolio=9PO47447K
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Date
Tue, 29 Nov 2016 19:40:48 GMT
Server
Apache
Cache-Control
private, no-cache
Pragma
no-cache
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Expires
Mon, 22 Jul 2002 11:12:01 GMT
Keep-Alive
timeout=5, max=109
Content-Length
2139

Redirect headers

Content-Encoding
gzip
Connection
Keep-Alive
Keep-Alive
timeout=5, max=125
Location
http://bestfwdservice.com/adclk?&gm=xhBY%2BWKmz0AK2pJN49s%2F7SGfbikOhWJxnQZ42skiiQj9TF75lqZVNLKfSZwYhd53E8SHAu4I3ib7GyaQ3MAeS3zYd0tsJvk5T408shJGMJylzznGYnOlikhUSExneoEvwVWQ%2FIWMpj9gsi3tjJnBleVu2VCjtCpV1iuEizI2Vo%2BbOGXrr64vHotieRXvZNJbbKB91BOV8SjAeb1J5J1O39gxoF8F2ZnbqshDLBBk2aZGAV4BG9nlmIXYAg%2F5fpkikM7gDjEcUVjXJm3wGTjp0L7%2FXST4%2BrRY3auxL6GHRF3tkpgOUJwehgcyQgZ6p37xOIarbrTbe6VP%2F4C2%2BtvMLNHUYjh%2B9H8JI6TuppOMHMc%3D&gc=11322279940468415088327&gi=eDcR7ONK24pPeOJ%2FONikpY5Qzh2EHZi2hJghRJh27kjfnVWo5Smbn1kv1PE%2FeNbXQ9FvijPy52yjM7qeZSoZrbHuIxGAi8xF3iDgfKViRjR2GKDwSdXH5nMMsaMpcCRuzMen71BE1uIyvVwHz%2FDElgy0V26bhOHWjh0knTiv2c2kJyv3RkThfKoLUPGEt0YB0YpIjEAAn9kkGPeFmMlV3mE3jx%2BacadDyGdBKTAe4MiYokPRtwkoPLcA49sw7vwE7CyXNNKuMLEqIRlxil%2FzKdXKr7SQ35TN4w%2BAhPAdAx9Ctoq6WEYgZ%2Fzi%2BCCNjOvbrc6K2vUU928ek3roLkxos5bS3k79ajO1ORtQ8gFTVk2tXXOO7hXW%2FMn054me1OoAhO44sIXGHIPafw52qCRUWHGjFjO0x9g%2FCoSruTUmvH%2BUTa3D3XVvJXkEBZpyxbJmN1FSQGhvADWqQVHtvdcwzuY29N%2BmJ%2FcsU9qCbt28k92wi%2Fe7TDoHwZBQm2PeXL2e&kgp=0&jccheck=1&zchdrdr=1
Content-Length
20
Content-Type
text/html; charset=UTF-8
Server
Apache
Vary
Accept-Encoding,User-Agent
Date
Tue, 29 Nov 2016 19:40:46 GMT
newjump1.do
vq61355.com/ctrd/click/
Redirect Chain
  • http://search.semp.net/click?i=T*GTGIB280E_0
  • http://vq61355.com/ctrd/click/newjump1.do?affiliate=65856&subid=56109&ai=KVuXGyADe1QnpU4UY6-IsdftLrbZB2ldZ7nPEqBmFMpCYpUu-8K8C-lT8LHvZ7qZerfpwJ-bg2rWUAdz-a1OP4epRTjG6XRlhjZoLPTOESV3u-RtqgOFd6USLF9Y...
 		0
0
favicon.ico
bestfwdservice.com/ 		10 B
276 B 		Other
General
Check archive.org
Download Go to
Full URL
http://bestfwdservice.com/favicon.ico
Protocol
HTTP/1.1
Server
141.8.224.25 , Switzerland, ASN40034 (CONFLUENCE-NETWORK-INC - Confluence Networks Inc, VG),
Reverse DNS
Software
Apache /
Resource Hash
c75eb01138771bfb2a5517aeae882356733782767c4560cc9601c34d2591ca75

Request headers

Connection
keep-alive
Cache-Control
no-cache
Host
bestfwdservice.com
Accept-Encoding
gzip, deflate, sdch
Accept-Language
en-US,en;q=0.8
Pragma
no-cache
Accept
*/*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36
Cookie
gvc=905vr2279940460521756; fjccheck=1; browser_width=1598; browser_height=1132; __bbck=31a6e3267b72a3ad218f895648d92dd0
Referer
http://bestfwdservice.com/
Referer
http://bestfwdservice.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=82
Content-Length
30
Date
Tue, 29 Nov 2016 19:40:48 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Cookie set newjump1.do
vq61355.com/ctrd/click/ Frame 2175 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://vq61355.com/ctrd/click/newjump1.do?affiliate=65856&subid=56109&ai=KVuXGyADe1QnpU4UY6-IsdftLrbZB2ldZ7nPEqBmFMpCYpUu-8K8C-lT8LHvZ7qZerfpwJ-bg2rWUAdz-a1OP4epRTjG6XRlhjZoLPTOESV3u-RtqgOFd6USLF9YVylwUPZA0sHXy4eFgp7b-pfvcFvwir_ODnBu48xNBP8NXB6d1tGa_e_G6Yh0sjYXfPhPQa5Pf1CpSmldskR3ptaIXkRmI-r6j_wOl_WW_THw-2dfxLHd41BO_6Y-dKoAa5UfwLjrgkWI5aDAXdio2GTFwNUZKr_ePaoLxIUFzgAnQC71Gcm86aHUFCXp_nMm8xhRlr5-YQ7M6toNlENDt2cRc7kVYVwnGempnnMulPXcDH-8jcbZi0fVZzIM6LLwaD-g9ws-1QRCvfmgPX_PediRwqkpP9kn3-sp
Protocol
HTTP/1.1
Server
8.19.136.250 Los Angeles, United States, ASN3356 (LEVEL3 - Level 3 Communications, Inc., US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
063d818bec057d4602804ec8d810417fcfa6bf5f2924fcf45697b2983801e8f0
Security Headers
Name Value
Content-Security-Policy script-src http://*.adsafeprotected.com *.td553.com 'unsafe-inline'
X-Content-Security-Policy script-src http://*.adsafeprotected.com *.td553.com 'unsafe-inline'

Request headers

Upgrade-Insecure-Requests
1
Accept-Encoding
gzip, deflate, sdch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36
Referer
http://bestfwdservice.com/adclk?&gm=xhBY%2BWKmz0AK2pJN49s%2F7SGfbikOhWJxnQZ42skiiQj9TF75lqZVNLKfSZwYhd53E8SHAu4I3ib7GyaQ3MAeS3zYd0tsJvk5T408shJGMJylzznGYnOlikhUSExneoEvwVWQ%2FIWMpj9gsi3tjJnBleVu2VCjtCpV1iuEizI2Vo%2BbOGXrr64vHotieRXvZNJbbKB91BOV8SjAeb1J5J1O39gxoF8F2ZnbqshDLBBk2aZGAV4BG9nlmIXYAg%2F5fpkikM7gDjEcUVjXJm3wGTjp0L7%2FXST4%2BrRY3auxL6GHRF3tkpgOUJwehgcyQgZ6p37xOIarbrTbe6VP%2F4C2%2BtvMLNHUYjh%2B9H8JI6TuppOMHMc%3D&gc=11322279940468415088327&gi=eDcR7ONK24pPeOJ%2FONikpY5Qzh2EHZi2hJghRJh27kjfnVWo5Smbn1kv1PE%2FeNbXQ9FvijPy52yjM7qeZSoZrbHuIxGAi8xF3iDgfKViRjR2GKDwSdXH5nMMsaMpcCRuzMen71BE1uIyvVwHz%2FDElgy0V26bhOHWjh0knTiv2c2kJyv3RkThfKoLUPGEt0YB0YpIjEAAn9kkGPeFmMlV3mE3jx%2BacadDyGdBKTAe4MiYokPRtwkoPLcA49sw7vwE7CyXNNKuMLEqIRlxil%2FzKdXKr7SQ35TN4w%2BAhPAdAx9Ctoq6WEYgZ%2Fzi%2BCCNjOvbrc6K2vUU928ek3roLkxos5bS3k79ajO1ORtQ8gFTVk2tXXOO7hXW%2FMn054me1OoAhO44sIXGHIPafw52qCRUWHGjFjO0x9g%2FCoSruTUmvH%2BUTa3D3XVvJXkEBZpyxbJmN1FSQGhvADWqQVHtvdcwzuY29N%2BmJ%2FcsU9qCbt28k92wi%2Fe7TDoHwZBQm2PeXL2e&kgp=0&jccheck=1&zchdrdr=1
Host
vq61355.com
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Connection
keep-alive
Pragma
no-cache
Accept-Language
en-US,en;q=0.8
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://bestfwdservice.com/adclk?&gm=xhBY%2BWKmz0AK2pJN49s%2F7SGfbikOhWJxnQZ42skiiQj9TF75lqZVNLKfSZwYhd53E8SHAu4I3ib7GyaQ3MAeS3zYd0tsJvk5T408shJGMJylzznGYnOlikhUSExneoEvwVWQ%2FIWMpj9gsi3tjJnBleVu2VCjtCpV1iuEizI2Vo%2BbOGXrr64vHotieRXvZNJbbKB91BOV8SjAeb1J5J1O39gxoF8F2ZnbqshDLBBk2aZGAV4BG9nlmIXYAg%2F5fpkikM7gDjEcUVjXJm3wGTjp0L7%2FXST4%2BrRY3auxL6GHRF3tkpgOUJwehgcyQgZ6p37xOIarbrTbe6VP%2F4C2%2BtvMLNHUYjh%2B9H8JI6TuppOMHMc%3D&gc=11322279940468415088327&gi=eDcR7ONK24pPeOJ%2FONikpY5Qzh2EHZi2hJghRJh27kjfnVWo5Smbn1kv1PE%2FeNbXQ9FvijPy52yjM7qeZSoZrbHuIxGAi8xF3iDgfKViRjR2GKDwSdXH5nMMsaMpcCRuzMen71BE1uIyvVwHz%2FDElgy0V26bhOHWjh0knTiv2c2kJyv3RkThfKoLUPGEt0YB0YpIjEAAn9kkGPeFmMlV3mE3jx%2BacadDyGdBKTAe4MiYokPRtwkoPLcA49sw7vwE7CyXNNKuMLEqIRlxil%2FzKdXKr7SQ35TN4w%2BAhPAdAx9Ctoq6WEYgZ%2Fzi%2BCCNjOvbrc6K2vUU928ek3roLkxos5bS3k79ajO1ORtQ8gFTVk2tXXOO7hXW%2FMn054me1OoAhO44sIXGHIPafw52qCRUWHGjFjO0x9g%2FCoSruTUmvH%2BUTa3D3XVvJXkEBZpyxbJmN1FSQGhvADWqQVHtvdcwzuY29N%2BmJ%2FcsU9qCbt28k92wi%2Fe7TDoHwZBQm2PeXL2e&kgp=0&jccheck=1&zchdrdr=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36

Response headers

Server
Apache-Coyote/1.1
Content-Encoding
gzip
Content-Language
en-US
X-Content-Security-Policy
script-src http://*.adsafeprotected.com *.td553.com 'unsafe-inline'
Cache-Control
max-age=0, must-revalidate, no-store, no-cache
Set-Cookie
UID=65856&56109&1480448449572&148.251.45.170; Expires=Wed, 30-Nov-2016 19:40:49 GMT; Path=/
Content-Security-Policy
script-src http://*.adsafeprotected.com *.td553.com 'unsafe-inline'
Date
Tue, 29 Nov 2016 19:40:49 GMT
Content-Type
text/html;charset=ISO-8859-1
Transfer-Encoding
chunked
X-Webkit-CSP
script-src http://*.adsafeprotected.com *.td553.com 'unsafe-inline'
Cookie set set.do
www.advconversion.com/convtrack/conversion/ Frame 2175 		43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.advconversion.com/convtrack/conversion/set.do?affId=65856&subAffiliate=56109&id=70948&campaignId=103945&adgroupId=586130&aId=1367350&keywordId=0&keyword=Best&ecnCategoryId=0&ecnSubCategoryId=0&ecnCreativeId=0&listId=1480448446971_93_95913_61193002_1&clickIp=wcxCgsWUA%2BBnFHpI5wvAmQ%3D%3D
Requested by
Host: vq61355.com
URL: http://vq61355.com/ctrd/click/newjump1.do?affiliate=65856&subid=56109&ai=KVuXGyADe1QnpU4UY6-IsdftLrbZB2ldZ7nPEqBmFMpCYpUu-8K8C-lT8LHvZ7qZerfpwJ-bg2rWUAdz-a1OP4epRTjG6XRlhjZoLPTOESV3u-RtqgOFd6USLF9YVylwUPZA0sHXy4eFgp7b-pfvcFvwir_ODnBu48xNBP8NXB6d1tGa_e_G6Yh0sjYXfPhPQa5Pf1CpSmldskR3ptaIXkRmI-r6j_wOl_WW_THw-2dfxLHd41BO_6Y-dKoAa5UfwLjrgkWI5aDAXdio2GTFwNUZKr_ePaoLxIUFzgAnQC71Gcm86aHUFCXp_nMm8xhRlr5-YQ7M6toNlENDt2cRc7kVYVwnGempnnMulPXcDH-8jcbZi0fVZzIM6LLwaD-g9ws-1QRCvfmgPX_PediRwqkpP9kn3-sp
Protocol
HTTP/1.1
Server
8.19.136.249 Los Angeles, United States, ASN3356 (LEVEL3 - Level 3 Communications, Inc., US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
www.advconversion.com
Referer
http://vq61355.com/ctrd/click/newjump1.do?affiliate=65856&subid=56109&ai=KVuXGyADe1QnpU4UY6-IsdftLrbZB2ldZ7nPEqBmFMpCYpUu-8K8C-lT8LHvZ7qZerfpwJ-bg2rWUAdz-a1OP4epRTjG6XRlhjZoLPTOESV3u-RtqgOFd6USLF9YVylwUPZA0sHXy4eFgp7b-pfvcFvwir_ODnBu48xNBP8NXB6d1tGa_e_G6Yh0sjYXfPhPQa5Pf1CpSmldskR3ptaIXkRmI-r6j_wOl_WW_THw-2dfxLHd41BO_6Y-dKoAa5UfwLjrgkWI5aDAXdio2GTFwNUZKr_ePaoLxIUFzgAnQC71Gcm86aHUFCXp_nMm8xhRlr5-YQ7M6toNlENDt2cRc7kVYVwnGempnnMulPXcDH-8jcbZi0fVZzIM6LLwaD-g9ws-1QRCvfmgPX_PediRwqkpP9kn3-sp
Connection
keep-alive
Accept-Language
en-US,en;q=0.8
Accept
image/webp,image/*,*/*;q=0.8
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36
Referer
http://vq61355.com/ctrd/click/newjump1.do?affiliate=65856&subid=56109&ai=KVuXGyADe1QnpU4UY6-IsdftLrbZB2ldZ7nPEqBmFMpCYpUu-8K8C-lT8LHvZ7qZerfpwJ-bg2rWUAdz-a1OP4epRTjG6XRlhjZoLPTOESV3u-RtqgOFd6USLF9YVylwUPZA0sHXy4eFgp7b-pfvcFvwir_ODnBu48xNBP8NXB6d1tGa_e_G6Yh0sjYXfPhPQa5Pf1CpSmldskR3ptaIXkRmI-r6j_wOl_WW_THw-2dfxLHd41BO_6Y-dKoAa5UfwLjrgkWI5aDAXdio2GTFwNUZKr_ePaoLxIUFzgAnQC71Gcm86aHUFCXp_nMm8xhRlr5-YQ7M6toNlENDt2cRc7kVYVwnGempnnMulPXcDH-8jcbZi0fVZzIM6LLwaD-g9ws-1QRCvfmgPX_PediRwqkpP9kn3-sp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36

Response headers

Server
Apache-Coyote/1.1
Set-Cookie
saleConversion=version2.0^!65856%7C%7C56109%7C%7C70948%7C%7C103945%7C%7C586130%7C%7CBest%7C%7C0%7C%7C1367350%7C%7C0%7C%7C0%7C%7C0%7C%7C1480448446971_93_95913_61193002_1%7C%7CwcxCgsWUA%2BBnFHpI5wvAmQ%3D%3D; Domain=.advconversion.com; Expires=Thu, 29-Dec-2016 19:40:50 GMT; Path=/
P3P
policyref=\"http://www.advertise.com/w3c/p3p.xml\",CP=\"NON DSP COR PSAa PSDa NOR IND UNI COM NAV DEM\"
Content-Length
43
Content-Type
image/gif
Date
Tue, 29 Nov 2016 19:40:49 GMT
313
www.sc2spotlight.com/o/ Frame 2175
Redirect Chain
  • http://vq61355.com/ctrd/click/newjump2.do?affiliate=65856&subid=56109&tr=QxDNJ67OXyyK4hhMv7JGm3JRhEuOLAYA2kHqbg4dNndv1aTYD0CqnkV8lBoc9jBaMAOd2Ub3ufRW_1Yt0ZnmrP4iWDadZIlgplueM56gbgG0Gmsw1zLaAQw1vgqd...
  • https://www.sc2spotlight.com/o/313?affiliate=65856-56109&c=0.0039
 		0
0
favicon.ico
vq61355.com/ Frame 2175 		1016 B
675 B 		Other
General
Check archive.org
Download Go to
Full URL
http://vq61355.com/favicon.ico
Protocol
HTTP/1.1
Server
8.19.136.250 Los Angeles, United States, ASN3356 (LEVEL3 - Level 3 Communications, Inc., US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
1c64933edd9fee10d4302913ebd3d62b844caf91e099a8ff8966f51dd0c8de96

Request headers

Pragma
no-cache
Accept-Language
en-US,en;q=0.8
Connection
keep-alive
Host
vq61355.com
Cache-Control
no-cache
Referer
http://vq61355.com/ctrd/click/newjump1.do?affiliate=65856&subid=56109&ai=KVuXGyADe1QnpU4UY6-IsdftLrbZB2ldZ7nPEqBmFMpCYpUu-8K8C-lT8LHvZ7qZerfpwJ-bg2rWUAdz-a1OP4epRTjG6XRlhjZoLPTOESV3u-RtqgOFd6USLF9YVylwUPZA0sHXy4eFgp7b-pfvcFvwir_ODnBu48xNBP8NXB6d1tGa_e_G6Yh0sjYXfPhPQa5Pf1CpSmldskR3ptaIXkRmI-r6j_wOl_WW_THw-2dfxLHd41BO_6Y-dKoAa5UfwLjrgkWI5aDAXdio2GTFwNUZKr_ePaoLxIUFzgAnQC71Gcm86aHUFCXp_nMm8xhRlr5-YQ7M6toNlENDt2cRc7kVYVwnGempnnMulPXcDH-8jcbZi0fVZzIM6LLwaD-g9ws-1QRCvfmgPX_PediRwqkpP9kn3-sp
Accept
*/*
Cookie
UID=65856&56109&1480448449572&148.251.45.170
Accept-Encoding
gzip, deflate, sdch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36
Referer
http://vq61355.com/ctrd/click/newjump1.do?affiliate=65856&subid=56109&ai=KVuXGyADe1QnpU4UY6-IsdftLrbZB2ldZ7nPEqBmFMpCYpUu-8K8C-lT8LHvZ7qZerfpwJ-bg2rWUAdz-a1OP4epRTjG6XRlhjZoLPTOESV3u-RtqgOFd6USLF9YVylwUPZA0sHXy4eFgp7b-pfvcFvwir_ODnBu48xNBP8NXB6d1tGa_e_G6Yh0sjYXfPhPQa5Pf1CpSmldskR3ptaIXkRmI-r6j_wOl_WW_THw-2dfxLHd41BO_6Y-dKoAa5UfwLjrgkWI5aDAXdio2GTFwNUZKr_ePaoLxIUFzgAnQC71Gcm86aHUFCXp_nMm8xhRlr5-YQ7M6toNlENDt2cRc7kVYVwnGempnnMulPXcDH-8jcbZi0fVZzIM6LLwaD-g9ws-1QRCvfmgPX_PediRwqkpP9kn3-sp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36

Response headers

ntCoent-Length
1016
Content-Language
en
Content-Type
text/html;charset=utf-8
Cache-Control
private
Content-Length
426
Date
Tue, 29 Nov 2016 19:40:50 GMT
Content-Encoding
gzip
Server
Apache-Coyote/1.1
Cookie set 313
www.sc2spotlight.com/o/ Frame 2189 		201 B
584 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sc2spotlight.com/o/313?affiliate=65856-56109&c=0.0039
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.142.179 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx / PHP/5.5.38
Resource Hash
a2e83b8a49256ebe6a689e1f607abf288b67581a0acfd56b663827e0d2a9b36f

Request headers

Upgrade-Insecure-Requests
1
Connection
keep-alive
Cache-Control
no-cache
Host
www.sc2spotlight.com
Accept-Language
en-US,en;q=0.8
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer
http://vq61355.com/ctrd/click/newjump1.do?affiliate=65856&subid=56109&ai=KVuXGyADe1QnpU4UY6-IsdftLrbZB2ldZ7nPEqBmFMpCYpUu-8K8C-lT8LHvZ7qZerfpwJ-bg2rWUAdz-a1OP4epRTjG6XRlhjZoLPTOESV3u-RtqgOFd6USLF9YVylwUPZA0sHXy4eFgp7b-pfvcFvwir_ODnBu48xNBP8NXB6d1tGa_e_G6Yh0sjYXfPhPQa5Pf1CpSmldskR3ptaIXkRmI-r6j_wOl_WW_THw-2dfxLHd41BO_6Y-dKoAa5UfwLjrgkWI5aDAXdio2GTFwNUZKr_ePaoLxIUFzgAnQC71Gcm86aHUFCXp_nMm8xhRlr5-YQ7M6toNlENDt2cRc7kVYVwnGempnnMulPXcDH-8jcbZi0fVZzIM6LLwaD-g9ws-1QRCvfmgPX_PediRwqkpP9kn3-sp
Accept-Encoding
gzip, deflate, sdch, br
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36
Pragma
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36
Upgrade-Insecure-Requests
1
Referer
http://vq61355.com/ctrd/click/newjump1.do?affiliate=65856&subid=56109&ai=KVuXGyADe1QnpU4UY6-IsdftLrbZB2ldZ7nPEqBmFMpCYpUu-8K8C-lT8LHvZ7qZerfpwJ-bg2rWUAdz-a1OP4epRTjG6XRlhjZoLPTOESV3u-RtqgOFd6USLF9YVylwUPZA0sHXy4eFgp7b-pfvcFvwir_ODnBu48xNBP8NXB6d1tGa_e_G6Yh0sjYXfPhPQa5Pf1CpSmldskR3ptaIXkRmI-r6j_wOl_WW_THw-2dfxLHd41BO_6Y-dKoAa5UfwLjrgkWI5aDAXdio2GTFwNUZKr_ePaoLxIUFzgAnQC71Gcm86aHUFCXp_nMm8xhRlr5-YQ7M6toNlENDt2cRc7kVYVwnGempnnMulPXcDH-8jcbZi0fVZzIM6LLwaD-g9ws-1QRCvfmgPX_PediRwqkpP9kn3-sp

Response headers

Transfer-Encoding
chunked
Content-Type
text/html
X-Powered-By
PHP/5.5.38
Server
cloudflare-nginx
Set-Cookie
__cfduid=d5c93039462b7939ba38fc61983236b4f1480448450; expires=Wed, 29-Nov-17 19:40:50 GMT; path=/; domain=.sc2spotlight.com; HttpOnly
Connection
keep-alive
CF-RAY
309888a22982639d-FRA
Date
Tue, 29 Nov 2016 19:40:51 GMT
Content-Encoding
gzip
313
www.hotsreplay.org/o/ Frame 2189 		0
0
truncated
/ Frame 2189 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e306705c996676db01f4072ed3d6f33d89089a848ab0b2a0ba07a2d866ec309f

Request headers

Response headers
truncated
/ Frame 2189 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3011fd16e43cd860b9782c4eafe77c1cc40da2e0f6e2e5ea547d98d6efac879

Request headers

Response headers
truncated
/ Frame 2189 		155 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

Response headers
313
www.hotsreplay.org/o/ Frame 2189 		0
0
313
www.hotsreplay.org/o/ Frame 2204 		200 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hotsreplay.org/o/313?affiliate=65856-56109&c=0.0039&time_slot=1480448401&cpm_slot=-1&campsignid=MM4CYZBQFRVDK%3D%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.25.197.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx / PHP/5.5.38
Resource Hash
361e5117bdc7dccadaceb8341439648f31fc85972e2937faa55adcdf76b90952

Request headers

:authority
www.hotsreplay.org
:scheme
https
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
referer
https://www.sc2spotlight.com/o/313?affiliate=65856-56109&c=0.0039
accept-language
en-US,en;q=0.8
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
cache-control
no-cache
:method
GET
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36
:path
/o/313?affiliate=65856-56109&c=0.0039&time_slot=1480448401&cpm_slot=-1&campsignid=MM4CYZBQFRVDK%3D%3D%3D
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36
Upgrade-Insecure-Requests
1
Referer
https://www.sc2spotlight.com/o/313?affiliate=65856-56109&c=0.0039

Response headers

content-encoding
gzip
server
cloudflare-nginx
x-powered-by
PHP/5.5.38
content-type
text/html
status
200
set-cookie
__cfduid=d602cacfe4eb3d057eeca3f6acfd161f21480448452; expires=Wed, 29-Nov-17 19:40:52 GMT; path=/; domain=.hotsreplay.org; HttpOnly
cf-ray
309888a98d57231e-FRA
date
Tue, 29 Nov 2016 19:40:52 GMT
313
www.cshighlight.com/o/ Frame 2204 		0
0
favicon.ico
www.hotsreplay.org/ Frame 2204 		880 B
625 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.hotsreplay.org/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.25.197.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx / PHP/5.5.38
Resource Hash
bdd31fc5d0e325ef4ffc744ef717bb48c74e383ec77b7ee14fdd65c32236c862

Request headers

accept-encoding
gzip, deflate, sdch, br
:method
GET
accept
*/*
cache-control
no-cache
cookie
__cfduid=d602cacfe4eb3d057eeca3f6acfd161f21480448452
:authority
www.hotsreplay.org
pragma
no-cache
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36
accept-language
en-US,en;q=0.8
:scheme
https
:path
/favicon.ico
referer
https://www.hotsreplay.org/o/313?affiliate=65856-56109&c=0.0039&time_slot=1480448401&cpm_slot=-1&campsignid=MM4CYZBQFRVDK%3D%3D%3D
Referer
https://www.hotsreplay.org/o/313?affiliate=65856-56109&c=0.0039&time_slot=1480448401&cpm_slot=-1&campsignid=MM4CYZBQFRVDK%3D%3D%3D
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36

Response headers

content-type
text/html
cache-control
public, max-age=604800
content-encoding
gzip
cf-ray
309888ac6e6a231e-FRA
date
Tue, 29 Nov 2016 19:40:52 GMT
cf-cache-status
HIT
vary
Accept-Encoding
server
cloudflare-nginx
expires
Tue, 06 Dec 2016 19:40:52 GMT
status
200
x-powered-by
PHP/5.5.38
Cookie set 313
www.cshighlight.com/o/ Frame 2212 		202 B
581 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.cshighlight.com/o/313?affiliate=65856-56109&c=0.0039&time_slot=1480448401&cpm_slot=-1&campsignid=MQYCY2RVAAAA%3D%3D%3D%3D
Protocol
HTTP/1.1
Server
104.25.96.19 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx / PHP/5.5.38
Resource Hash
c8f5fd7291c8bbaeed905d2e2c100bcf17a592cd825fafc7bb5ce180b0cdf779

Request headers

Accept-Language
en-US,en;q=0.8
Pragma
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36
Host
www.cshighlight.com
Connection
keep-alive
Upgrade-Insecure-Requests
1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Encoding
gzip, deflate, sdch
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36
Upgrade-Insecure-Requests
1

Response headers

Date
Tue, 29 Nov 2016 19:40:52 GMT
Set-Cookie
__cfduid=dab23e3a223f21cc77cdde86be18570511480448452; expires=Wed, 29-Nov-17 19:40:52 GMT; path=/; domain=.cshighlight.com; HttpOnly
CF-RAY
309888ae06f20f7b-FRA
Transfer-Encoding
chunked
Content-Encoding
gzip
Connection
keep-alive
Server
cloudflare-nginx
Content-Type
text/html
X-Powered-By
PHP/5.5.38
313
www.cshighlights.com/o/ Frame 2212 		0
0
favicon.ico
www.cshighlight.com/ Frame 2212 		880 B
878 B 		Other
General
Check archive.org
Download Go to
Full URL
http://www.cshighlight.com/favicon.ico
Protocol
HTTP/1.1
Server
104.25.96.19 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx / PHP/5.5.38
Resource Hash
bdd31fc5d0e325ef4ffc744ef717bb48c74e383ec77b7ee14fdd65c32236c862

Request headers

Accept-Encoding
gzip, deflate, sdch
Accept
*/*
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36
Cache-Control
no-cache
Host
www.cshighlight.com
Referer
http://www.cshighlight.com/o/313?affiliate=65856-56109&c=0.0039&time_slot=1480448401&cpm_slot=-1&campsignid=MQYCY2RVAAAA%3D%3D%3D%3D
Accept-Language
en-US,en;q=0.8
Cookie
__cfduid=dab23e3a223f21cc77cdde86be18570511480448452
Pragma
no-cache
Referer
http://www.cshighlight.com/o/313?affiliate=65856-56109&c=0.0039&time_slot=1480448401&cpm_slot=-1&campsignid=MQYCY2RVAAAA%3D%3D%3D%3D
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36

Response headers

Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
Expires
Tue, 06 Dec 2016 19:40:53 GMT
Date
Tue, 29 Nov 2016 19:40:53 GMT
Transfer-Encoding
chunked
CF-RAY
309888afc0010f7b-FRA
Cache-Control
public, max-age=604800
CF-Cache-Status
HIT
Content-Encoding
gzip
X-Powered-By
PHP/5.5.38
Server
cloudflare-nginx
313
www.cshighlights.com/o/ Frame 2219 		175 B
381 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cshighlights.com/o/313?affiliate=65856-56109&c=0.0039&time_slot=1480448401&cpm_slot=-1&campsignid=NI2QAAAAAAAA%3D%3D%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.25.96.19 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx / PHP/5.5.38
Resource Hash
af3e7e8095d3cf9a15b14c21a89d40902a4f70870326cabc370971dededcf665

Request headers

accept-encoding
gzip, deflate, sdch, br
:authority
www.cshighlights.com
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36
upgrade-insecure-requests
1
:method
GET
pragma
no-cache
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
cache-control
no-cache
referer
http://www.cshighlight.com/o/313?affiliate=65856-56109&c=0.0039&time_slot=1480448401&cpm_slot=-1&campsignid=MQYCY2RVAAAA%3D%3D%3D%3D
:scheme
https
accept-language
en-US,en;q=0.8
:path
/o/313?affiliate=65856-56109&c=0.0039&time_slot=1480448401&cpm_slot=-1&campsignid=NI2QAAAAAAAA%3D%3D%3D%3D
Upgrade-Insecure-Requests
1
Referer
http://www.cshighlight.com/o/313?affiliate=65856-56109&c=0.0039&time_slot=1480448401&cpm_slot=-1&campsignid=MQYCY2RVAAAA%3D%3D%3D%3D
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36

Response headers

cf-ray
309888b20e7f2738-FRA
date
Tue, 29 Nov 2016 19:40:53 GMT
content-encoding
gzip
server
cloudflare-nginx
x-powered-by
PHP/5.5.38
content-type
text/html
status
200
set-cookie
__cfduid=d64997c18276e5113c25fbcf47b1f18a21480448453; expires=Wed, 29-Nov-17 19:40:53 GMT; path=/; domain=.cshighlights.com; HttpOnly
313
www.dingit.tv/highlight/ Frame 2219 		0
0
favicon.ico
www.cshighlights.com/ Frame 2219 		884 B
626 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.cshighlights.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.25.96.19 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx / PHP/5.5.38
Resource Hash
1273bbd291f9435be96a891bca32bb8f1240f5182bd2dc84e46a90c24773ca12

Request headers

user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36
:authority
www.cshighlights.com
:method
GET
:path
/favicon.ico
cookie
__cfduid=d64997c18276e5113c25fbcf47b1f18a21480448453
:scheme
https
cache-control
no-cache
pragma
no-cache
accept
*/*
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
referer
https://www.cshighlights.com/o/313?affiliate=65856-56109&c=0.0039&time_slot=1480448401&cpm_slot=-1&campsignid=NI2QAAAAAAAA%3D%3D%3D%3D
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.100 Safari/537.36
Referer
https://www.cshighlights.com/o/313?affiliate=65856-56109&c=0.0039&time_slot=1480448401&cpm_slot=-1&campsignid=NI2QAAAAAAAA%3D%3D%3D%3D

Response headers

content-type
text/html
vary
Accept-Encoding
cf-cache-status
HIT
cache-control
public, max-age=604800
status
200
x-powered-by
PHP/5.5.38
server
cloudflare-nginx
cf-ray
309888b42f662738-FRA
expires
Tue, 06 Dec 2016 19:40:53 GMT
date
Tue, 29 Nov 2016 19:40:53 GMT
content-encoding
gzip

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vq61355.com
URL
http://vq61355.com/ctrd/click/newjump1.do?affiliate=65856&subid=56109&ai=KVuXGyADe1QnpU4UY6-IsdftLrbZB2ldZ7nPEqBmFMpCYpUu-8K8C-lT8LHvZ7qZerfpwJ-bg2rWUAdz-a1OP4epRTjG6XRlhjZoLPTOESV3u-RtqgOFd6USLF9YVylwUPZA0sHXy4eFgp7b-pfvcFvwir_ODnBu48xNBP8NXB6d1tGa_e_G6Yh0sjYXfPhPQa5Pf1CpSmldskR3ptaIXkRmI-r6j_wOl_WW_THw-2dfxLHd41BO_6Y-dKoAa5UfwLjrgkWI5aDAXdio2GTFwNUZKr_ePaoLxIUFzgAnQC71Gcm86aHUFCXp_nMm8xhRlr5-YQ7M6toNlENDt2cRc7kVYVwnGempnnMulPXcDH-8jcbZi0fVZzIM6LLwaD-g9ws-1QRCvfmgPX_PediRwqkpP9kn3-sp
Domain
www.sc2spotlight.com
URL
https://www.sc2spotlight.com/o/313?affiliate=65856-56109&c=0.0039
Domain
www.hotsreplay.org
URL
https://www.hotsreplay.org/o/313?affiliate=65856-56109&c=0.0039&time_slot=1480448401&cpm_slot=-1&campsignid=MM4CYZBQFRVDK%3D%3D%3D
Domain
www.hotsreplay.org
URL
https://www.hotsreplay.org/o/313?affiliate=65856-56109&c=0.0039&time_slot=1480448401&cpm_slot=-1&campsignid=MM4CYZBQFRVDK%3D%3D%3D
Domain
www.cshighlight.com
URL
http://www.cshighlight.com/o/313?affiliate=65856-56109&c=0.0039&time_slot=1480448401&cpm_slot=-1&campsignid=MQYCY2RVAAAA%3D%3D%3D%3D
Domain
www.cshighlights.com
URL
https://www.cshighlights.com/o/313?affiliate=65856-56109&c=0.0039&time_slot=1480448401&cpm_slot=-1&campsignid=NI2QAAAAAAAA%3D%3D%3D%3D
Domain
www.dingit.tv
URL
http://www.dingit.tv/highlight/313?affiliate=65856-56109&c=0.0039&time_slot=1480448401&cpm_slot=-1

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bestfwdservice.com
vq61355.com
www.advconversion.com
www.cshighlight.com
www.cshighlights.com
www.dingit.tv
www.hotsreplay.org
www.sc2spotlight.com
vq61355.com
www.cshighlight.com
www.cshighlights.com
www.dingit.tv
www.hotsreplay.org
www.sc2spotlight.com
104.16.142.179
104.25.197.5
104.25.96.19
141.8.224.25
8.19.136.249
8.19.136.250
063d818bec057d4602804ec8d810417fcfa6bf5f2924fcf45697b2983801e8f0
1273bbd291f9435be96a891bca32bb8f1240f5182bd2dc84e46a90c24773ca12
1c64933edd9fee10d4302913ebd3d62b844caf91e099a8ff8966f51dd0c8de96
361e5117bdc7dccadaceb8341439648f31fc85972e2937faa55adcdf76b90952
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521
88f55614476ff132a74b55f28e83bcefe32d8fa864e30145b86152341a4a3ae1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2e83b8a49256ebe6a689e1f607abf288b67581a0acfd56b663827e0d2a9b36f
af3e7e8095d3cf9a15b14c21a89d40902a4f70870326cabc370971dededcf665
af846222d628c1c4901013f432b7039d23878376fbfd27cbfe134e186dfd3dd3
b3011fd16e43cd860b9782c4eafe77c1cc40da2e0f6e2e5ea547d98d6efac879
bbcb55b8fd98db1e83337075d845fd4475f1429c527f4acf007e1113c37170fb
bdd31fc5d0e325ef4ffc744ef717bb48c74e383ec77b7ee14fdd65c32236c862
c75eb01138771bfb2a5517aeae882356733782767c4560cc9601c34d2591ca75
c8f5fd7291c8bbaeed905d2e2c100bcf17a592cd825fafc7bb5ce180b0cdf779
e306705c996676db01f4072ed3d6f33d89089a848ab0b2a0ba07a2d866ec309f