everygems.com Open in urlscan Pro
170.130.143.227 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.geodas.info/done-look/bac4k2385sQ8n613R1q7781l3193Y23ycsIEwhDxIvfvIF4wavEGsi5DO_106BOlXih
Effective URL:
http://everygems.com/clicks/?cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4=
Submission: On November 02 via manual (November 2nd 2018, 12:05:38 pm UTC) from GB

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 25 HTTP transactions. The main IP is 170.130.143.227, located in Minneapolis, United States and belongs to EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US. The main domain is everygems.com.

This is the only time everygems.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:30:... 2606:4700:30::681c:386	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 11	170.130.143.227 170.130.143.227	62904 (EONIX-COM...) (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation)
7	54.191.3.117 54.191.3.117	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.43.168.227 52.43.168.227	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	52.207.17.93 52.207.17.93	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	156.154.200.36 156.154.200.36	19907 (NEUSTAR-AS6) (NEUSTAR-AS6 - NeuStar)
2 5	52.89.153.71 52.89.153.71	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
25	6

1 2606:4700:30::681c:386 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.geodas.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 170.130.143.227 (Minneapolis, United States) 1 redirects

ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US)

everygems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.191.3.117 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-191-3-117.us-west-2.compute.amazonaws.com

p.cpaoa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.43.168.227 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-43-168-227.us-west-2.compute.amazonaws.com

exchange.bdex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.207.17.93 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-207-17-93.compute-1.amazonaws.com

api.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 156.154.200.36 (Sterling, United States)

ASN19907 (NEUSTAR-AS6 - NeuStar, Inc., US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.89.153.71 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-89-153-71.us-west-2.compute.amazonaws.com

exchange.bdex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	everygems.com 1 redirects everygems.com	248 KB
7	cpaoa.org p.cpaoa.org	6 KB
6	bdex.com exchange.bdex.com Failed	9 KB
1	traversedlp.com 1 redirects api.traversedlp.com	495 B
1	agkn.com aa.agkn.com Failed	454 B
1	geodas.info 1 redirects www.geodas.info	464 B
0	rabofra.com Failed go.rabofra.com Failed
25	7

	Domain	Requested by
11	everygems.com	1 redirects everygems.com
7	p.cpaoa.org	everygems.com
6	exchange.bdex.com	p.cpaoa.org
1	api.traversedlp.com	1 redirects
1	aa.agkn.com	everygems.com
1	www.geodas.info	1 redirects
0	go.rabofra.com Failed	everygems.com
25	7

This site contains no links.

Subject Issuer	Validity	Valid
*.agkn.com RapidSSL RSA CA 2018	`2018-06-21` - `2020-09-16`	2 years	crt.sh
*.bdex.com Go Daddy Secure Certificate Authority - G2	`2018-03-17` - `2019-05-16`	a year	crt.sh

This page contains 3 frames:

Frame: http://go.rabofra.com/ts464-internationalemail-general-revs
Frame ID: 8F325EB12BC47DF05D38A49E7768157B
Requests: 3 HTTP requests in this frame

Frame: http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4=
Frame ID: 98DD19B323B4570C4F44AE03796EBE4C
Requests: 9 HTTP requests in this frame

Frame: http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%3A%2F%2Feverygems.com%2Fclicks%2Fclick.php%3Fip%3D148.251.45.254%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Deverygems.com%26cid%3D23078%26pub%3D107765%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4=
Frame ID: D7B30BA53EC6D9FFBA2C2DBDC127EF3B
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.geodas.info/done-look/bac4k2385sQ8n613R1q7781l3193Y23ycsIEwhDxIvfvIF4wavEGsi5DO_106BOlXih HTTP 302
http://everygems.com/clicks?cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= HTTP 301
http://everygems.com/clicks/?cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= Page URL
http://everygems.com/clicks/?cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= Page URL

Detected technologies

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

25
Requests

16 %
HTTPS

14 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

262 kB
Transfer

257 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.geodas.info/done-look/bac4k2385sQ8n613R1q7781l3193Y23ycsIEwhDxIvfvIF4wavEGsi5DO_106BOlXih HTTP 302
http://everygems.com/clicks?cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= HTTP 301
http://everygems.com/clicks/?cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= Page URL
http://everygems.com/clicks/?cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.geodas.info/done-look/bac4k2385sQ8n613R1q7781l3193Y23ycsIEwhDxIvfvIF4wavEGsi5DO_106BOlXih HTTP 302
http://everygems.com/clicks?cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= HTTP 301
http://everygems.com/clicks/?cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4=

Request Chain 8

http://api.traversedlp.com/retargeting/v1/include.gif?advertiserId=46d1ac2b-491a-40e3-907a-9402d7749cef&campaignId=0a9b5c32-1742-42d0-8591-9f007cb53e8e&advertiserProperties.offerId=undefined&advertiserProperties.impressionId=f8fe2b1a4f4e4e2b9dca457667b09937&advertiserProperties.uid=27b6d43a5b334fb1838e57f368e419d8 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212283888&cookieId=16498045-2461-4fdc-a954-3631798a2aab

Request Chain 17

http://api.traversedlp.com/retargeting/v1/include.gif?advertiserId=46d1ac2b-491a-40e3-907a-9402d7749cef&campaignId=0a9b5c32-1742-42d0-8591-9f007cb53e8e&advertiserProperties.offerId=undefined&advertiserProperties.impressionId=8b86fc1aac774cd5bea2d57217454a08&advertiserProperties.uid=f577c0cb8c164b1ead957b46d28c2b79 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212283888&cookieId=9c4806e0-d181-43fe-859c-b247321415cd

Request Chain 18

https://exchange.bdex.com/bdex/bdexIdentity.jsp?bdexPartnerAccountId=100&customerUserId=f577c0cb8c164b1ead957b46d28c2b79&api=Y&apiVersion=0.3 HTTP 302
https://exchange.bdex.com/bdex/confirmPrivacySettings.jsp?bdexPartnerAccountId=100&correlationId=8d7e70bc-f758-4082-9473-46c4ff2cd65f&redir=https%3A%2F%2Fexchange.bdex.com%2Fbdex%2FbdexIdentity.jsp%3FbdexPartnerAccountId%3D100%26customerUserId%3Df577c0cb8c164b1ead957b46d28c2b79%26api%3DY%26apiVersion%3D0.3%26correlationId%3D8d7e70bc-f758-4082-9473-46c4ff2cd65f

Request Chain 20

http://rapid-cdn.com/path/lp.php?trvid=10085&trvx=8636ccc4&vert=VERT&pubid=107765&cid=4740&system=NS HTTP 302
http://go.peavyyola.com/ts464-internationalemail-general?sxid=btaulj7yfhtv HTTP 302
http://go.rabofra.com/ts464-internationalemail-general-revs

Request Chain 21

https://exchange.bdex.com/bdex/confirmPrivacySettings.jsp?bdexPartnerAccountId=100&correlationId=8d7e70bc-f758-4082-9473-46c4ff2cd65f&redir=https%3A%2F%2Fexchange.bdex.com%2Fbdex%2FbdexIdentity.jsp%3FbdexPartnerAccountId%3D100%26customerUserId%3Df577c0cb8c164b1ead957b46d28c2b79%26api%3DY%26apiVersion%3D0.3%26correlationId%3D8d7e70bc-f758-4082-9473-46c4ff2cd65f HTTP 302
https://exchange.bdex.com/bdex/bdexIdentity.jsp?bdexPartnerAccountId=100&customerUserId=f577c0cb8c164b1ead957b46d28c2b79&api=Y&apiVersion=0.3&correlationId=8d7e70bc-f758-4082-9473-46c4ff2cd65f

25 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response everygems.com/clicks/ Redirect Chain http://www.geodas.info/done-look/bac4k2385sQ8n613R1q7781l3193Y23ycsIEwhDxIvfvIF4wavEGsi5DO_106BOlXih http://everygems.com/clicks?cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= http://everygems.com/clicks/?cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4=	434 B 627 B	311ms 140ms	Document text/html	170.130.143.227 Eonix Corporation
General Check archive.org Show headers Download Go to Full URL http://everygems.com/clicks/?cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= Protocol HTTP/1.1 Server 170.130.143.227 Minneapolis, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US), Reverse DNS Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash `0c31d515201ee40aea03412f4f1e5e7fc723bc5c6561564e521e1ef72df0ebeb` Request headers Host everygems.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 02 Nov 2018 12:05:22 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Content-Length 434 Connection close Content-Type text/html; charset=UTF-8 Redirect headers Date Fri, 02 Nov 2018 12:05:21 GMT Server Apache/2.2.15 (CentOS) Location http://everygems.com/clicks/?cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= Content-Length 380 Connection close Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	click.php Show response everygems.com/clicks/ Frame 98DD	4 KB 5 KB	289ms 134ms	Document text/html	170.130.143.227 Eonix Corporation
General Check archive.org Show headers Download Go to Full URL http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= Requested by Host: everygems.com URL: http://everygems.com/clicks/?cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= Protocol HTTP/1.1 Server 170.130.143.227 Minneapolis, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US), Reverse DNS Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash `0fcd9ecc57f1b8b5c281d557957ca56baa7709fb1c89d411e127ffc2e1fcfe20` Request headers Host everygems.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://everygems.com/clicks/?cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://everygems.com/clicks/?cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= Response headers Date Fri, 02 Nov 2018 12:05:22 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Content-Length 4446 Connection close Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	fingerprint4.min.js Show response everygems.com/clicks/ Frame 98DD	33 KB 33 KB	288ms 134ms	Script text/javascript	170.130.143.227 Eonix Corporation
General Check archive.org Show headers Download Go to Full URL http://everygems.com/clicks/fingerprint4.min.js Requested by Host: everygems.com URL: http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= Protocol HTTP/1.1 Server 170.130.143.227 Minneapolis, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US), Reverse DNS Software Apache/2.2.15 (CentOS) / Resource Hash `c0b32c6298bcc389697b3a0e2c889cb6d0885d5fe7f4576646e499a0a7bcc395` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host everygems.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= Connection keep-alive Cache-Control no-cache Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 02 Nov 2018 12:05:23 GMT Last-Modified Thu, 20 Sep 2018 19:32:46 GMT Server Apache/2.2.15 (CentOS) ETag "1b40472-83fb-57652966a87a3" Content-Type text/javascript Connection close Accept-Ranges bytes Content-Length 33787
GET H/1.1	200 OK	jquery-3.0.0.min.js Show response everygems.com/clicks/ Frame 98DD	84 KB 85 KB	294ms 137ms	Script text/javascript	170.130.143.227 Eonix Corporation
General Check archive.org Show headers Download Go to Full URL http://everygems.com/clicks/jquery-3.0.0.min.js Requested by Host: everygems.com URL: http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= Protocol HTTP/1.1 Server 170.130.143.227 Minneapolis, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US), Reverse DNS Software Apache/2.2.15 (CentOS) / Resource Hash `6069398299730203aa434d1520ccf88ee8bf0aeee241aca18edbd85c78943432` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host everygems.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= Connection keep-alive Cache-Control no-cache Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 02 Nov 2018 12:05:23 GMT Last-Modified Thu, 16 Mar 2017 23:50:45 GMT Server Apache/2.2.15 (CentOS) ETag "1b405c8-15144-54ae1bac74adb" Content-Type text/javascript Connection close Accept-Ranges bytes Content-Length 86340
GET H/1.1	200 OK	l.js Show response p.cpaoa.org/ Frame 98DD	2 KB 2 KB	427ms 177ms	Script application/javascript	54.191.3.117 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://p.cpaoa.org/l.js?impression_type=jsredir&impression_guid=4c03fb4a810b2094&partner_id=107765&_loc=http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=&user_agent=Mozilla%252F5.0+%2528Macintosh%253B+Intel+Mac+OS+X+10_13_5%2529+AppleWebKit%252F537.36+%2528KHTML%252C+like+Gecko%2529+Chrome%252F67.0.3396.87+Safari%252F537.36&domain=everygems.com&cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4=&_gid=4aa63536 Requested by Host: everygems.com URL: http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= Protocol HTTP/1.1 Server 54.191.3.117 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-191-3-117.us-west-2.compute.amazonaws.com Software nginx/1.8.1 / Resource Hash `6e5442d91ef6dd643148c4e7b475b1f2f51931d56f6feee02051785c9ef1e908` Request headers Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Fri, 02 Nov 2018 12:05:24 GMT Server nginx/1.8.1 Connection keep-alive Content-Length 2131 Content-Type application/javascript
POST H/1.1	200 OK	click.php everygems.com/clicks/ Frame 98DD	130 B 323 B	503ms 333ms	XHR text/html	170.130.143.227 Eonix Corporation
General Check archive.org Show headers Download Go to Full URL http://everygems.com/clicks/click.php Requested by Host: everygems.com URL: http://everygems.com/clicks/jquery-3.0.0.min.js Protocol HTTP/1.1 Server 170.130.143.227 Minneapolis, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US), Reverse DNS Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash Request headers Pragma no-cache Origin http://everygems.com Accept-Encoding gzip, deflate Host everygems.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept application/json, text/javascript, /; q=0.01 Cache-Control no-cache X-Requested-With XMLHttpRequest Connection keep-alive Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= Content-Length 247 Accept application/json, text/javascript, /; q=0.01 Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= Origin http://everygems.com X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Fri, 02 Nov 2018 12:05:24 GMT Server Apache/2.2.15 (CentOS) Connection close X-Powered-By PHP/5.3.3 Content-Length 130 Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	t.png p.cpaoa.org/ Frame 98DD	68 B 381 B	369ms 178ms	Image image/png	54.191.3.117 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://p.cpaoa.org/t.png?4lfp=9a48b4818e0eeda4eb3a85d8cd970e84 Requested by Host: everygems.com URL: http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= Protocol HTTP/1.1 Server 54.191.3.117 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-191-3-117.us-west-2.compute.amazonaws.com Software nginx/1.8.1 / Resource Hash `93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20` Request headers Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Fri, 02 Nov 2018 12:05:24 GMT Server nginx/1.8.1 Connection keep-alive Content-Length 68 Content-Type image/png
GET		bdex-identity-api-0.3.js exchange.bdex.com/bdex/api/identity/ Frame 98DD	0 0

GET		g.pixel aa.agkn.com/adscores/ Frame 98DD Redirect Chain http://api.traversedlp.com/retargeting/v1/include.gif?advertiserId=46d1ac2b-491a-40e3-907a-9402d7749cef&campaignId=0a9b5c32-1742-42d0-8591-9f007cb53e8e&advertiserProperties.offerId=undefined&advert... https://aa.agkn.com/adscores/g.pixel?sid=9212283888&cookieId=16498045-2461-4fdc-a954-3631798a2aab	0 0

GET H/1.1	200 OK	dl.png p.cpaoa.org/ Frame 98DD	68 B 246 B	179ms 179ms	Image image/png	54.191.3.117 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://p.cpaoa.org/dl.png?4lci=&iguid=4c03fb4a810b2094 Requested by Host: everygems.com URL: http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= Protocol HTTP/1.1 Server 54.191.3.117 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-191-3-117.us-west-2.compute.amazonaws.com Software nginx/1.8.1 / Resource Hash Request headers Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Fri, 02 Nov 2018 12:05:24 GMT Server nginx/1.8.1 Connection keep-alive Content-Length 68 Content-Type image/png
GET H/1.1	200 OK	Primary Request / Show response everygems.com/clicks/	827 B 1020 B	302ms 139ms	Document text/html	170.130.143.227 Eonix Corporation
General Check archive.org Show headers Download Go to Full URL http://everygems.com/clicks/?cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= Requested by Host: everygems.com URL: http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= Protocol HTTP/1.1 Server 170.130.143.227 Minneapolis, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US), Reverse DNS Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash `8af48ceb959da38eb4f608c7c468f5630ec8477c69f32d9eea32e1c67aa95da7` Request headers Host everygems.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= Accept-Encoding gzip, deflate Cookie clkcheck23078=_107765 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=23078&pub=107765&sid1=&sid2=&sid3=&sid4= Response headers Date Fri, 02 Nov 2018 12:05:24 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Content-Length 827 Connection close Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	click.php Show response everygems.com/clicks/ Frame D7B3	5 KB 5 KB	296ms 137ms	Document text/html	170.130.143.227 Eonix Corporation
General Check archive.org Show headers Download Go to Full URL http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%3A%2F%2Feverygems.com%2Fclicks%2Fclick.php%3Fip%3D148.251.45.254%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Deverygems.com%26cid%3D23078%26pub%3D107765%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= Requested by Host: everygems.com URL: http://everygems.com/clicks/?cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= Protocol HTTP/1.1 Server 170.130.143.227 Minneapolis, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US), Reverse DNS Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash `a23ef6e1b03e1a2b874de1aebe9424b9f127aecedf425fe8229014ceca9e5bce` Request headers Host everygems.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://everygems.com/clicks/?cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= Accept-Encoding gzip, deflate Cookie clkcheck23078=_107765 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://everygems.com/clicks/?cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= Response headers Date Fri, 02 Nov 2018 12:05:24 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Content-Length 4875 Connection close Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	fingerprint4.min.js Show response everygems.com/clicks/ Frame D7B3	33 KB 33 KB	299ms 136ms	Script text/javascript	170.130.143.227 Eonix Corporation
General Check archive.org Show headers Download Go to Full URL http://everygems.com/clicks/fingerprint4.min.js Requested by Host: everygems.com URL: http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%3A%2F%2Feverygems.com%2Fclicks%2Fclick.php%3Fip%3D148.251.45.254%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Deverygems.com%26cid%3D23078%26pub%3D107765%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= Protocol HTTP/1.1 Server 170.130.143.227 Minneapolis, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US), Reverse DNS Software Apache/2.2.15 (CentOS) / Resource Hash `c0b32c6298bcc389697b3a0e2c889cb6d0885d5fe7f4576646e499a0a7bcc395` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host everygems.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%3A%2F%2Feverygems.com%2Fclicks%2Fclick.php%3Fip%3D148.251.45.254%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Deverygems.com%26cid%3D23078%26pub%3D107765%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= Cookie clkcheck23078=_107765 Connection keep-alive Cache-Control no-cache Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%3A%2F%2Feverygems.com%2Fclicks%2Fclick.php%3Fip%3D148.251.45.254%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Deverygems.com%26cid%3D23078%26pub%3D107765%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 02 Nov 2018 12:05:25 GMT Last-Modified Thu, 20 Sep 2018 19:32:46 GMT Server Apache/2.2.15 (CentOS) ETag "1b40472-83fb-57652966a87a3" Content-Type text/javascript Connection close Accept-Ranges bytes Content-Length 33787
GET H/1.1	200 OK	jquery-3.0.0.min.js Show response everygems.com/clicks/ Frame D7B3	84 KB 85 KB	293ms 137ms	Script text/javascript	170.130.143.227 Eonix Corporation
General Check archive.org Show headers Download Go to Full URL http://everygems.com/clicks/jquery-3.0.0.min.js Requested by Host: everygems.com URL: http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%3A%2F%2Feverygems.com%2Fclicks%2Fclick.php%3Fip%3D148.251.45.254%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Deverygems.com%26cid%3D23078%26pub%3D107765%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= Protocol HTTP/1.1 Server 170.130.143.227 Minneapolis, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US), Reverse DNS Software Apache/2.2.15 (CentOS) / Resource Hash `6069398299730203aa434d1520ccf88ee8bf0aeee241aca18edbd85c78943432` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host everygems.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%3A%2F%2Feverygems.com%2Fclicks%2Fclick.php%3Fip%3D148.251.45.254%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Deverygems.com%26cid%3D23078%26pub%3D107765%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= Cookie clkcheck23078=_107765 Connection keep-alive Cache-Control no-cache Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%3A%2F%2Feverygems.com%2Fclicks%2Fclick.php%3Fip%3D148.251.45.254%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Deverygems.com%26cid%3D23078%26pub%3D107765%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 02 Nov 2018 12:05:25 GMT Last-Modified Thu, 16 Mar 2017 23:50:45 GMT Server Apache/2.2.15 (CentOS) ETag "1b405c8-15144-54ae1bac74adb" Content-Type text/javascript Connection close Accept-Ranges bytes Content-Length 86340
GET H/1.1	200 OK	l.js Show response p.cpaoa.org/ Frame D7B3	2 KB 3 KB	182ms 182ms	Script application/javascript	54.191.3.117 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://p.cpaoa.org/l.js?impression_type=jsredir&impression_guid=7e02f159dcb665f8&partner_id=107765&_loc=http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%253A%252F%252Feverygems.com%252Fclicks%252Fclick.php%253Fip%253D148.251.45.254%2526referer_url%253D%2526user_agent%253DMozilla%25252F5.0%252B%252528Macintosh%25253B%252BIntel%252BMac%252BOS%252BX%252B10_13_5%252529%252BAppleWebKit%25252F537.36%252B%252528KHTML%25252C%252Blike%252BGecko%252529%252BChrome%25252F67.0.3396.87%252BSafari%25252F537.36%2526domain%253Deverygems.com%2526cid%253D23078%2526pub%253D107765%2526sid1%253D%2526sid2%253D%2526sid3%253D%2526sid4%253D&user_agent=Mozilla%252F5.0+%2528Macintosh%253B+Intel+Mac+OS+X+10_13_5%2529+AppleWebKit%252F537.36+%2528KHTML%252C+like+Gecko%2529+Chrome%252F67.0.3396.87+Safari%252F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4=&_gid=4aa63536 Requested by Host: everygems.com URL: http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%3A%2F%2Feverygems.com%2Fclicks%2Fclick.php%3Fip%3D148.251.45.254%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Deverygems.com%26cid%3D23078%26pub%3D107765%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= Protocol HTTP/1.1 Server 54.191.3.117 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-191-3-117.us-west-2.compute.amazonaws.com Software nginx/1.8.1 / Resource Hash `0aa69e45dffd606206bf09abec23642a4aa1cb19bd346b683f45fe492d8688b0` Request headers Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%3A%2F%2Feverygems.com%2Fclicks%2Fclick.php%3Fip%3D148.251.45.254%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Deverygems.com%26cid%3D23078%26pub%3D107765%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Fri, 02 Nov 2018 12:05:25 GMT Server nginx/1.8.1 Connection keep-alive Content-Length 2530 Content-Type application/javascript
POST H/1.1	200 OK	click.php everygems.com/clicks/ Frame D7B3	187 B 380 B	624ms 464ms	XHR text/html	170.130.143.227 Eonix Corporation
General Check archive.org Show headers Download Go to Full URL http://everygems.com/clicks/click.php Requested by Host: everygems.com URL: http://everygems.com/clicks/jquery-3.0.0.min.js Protocol HTTP/1.1 Server 170.130.143.227 Minneapolis, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US), Reverse DNS Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash Request headers Pragma no-cache Origin http://everygems.com Accept-Encoding gzip, deflate Host everygems.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept application/json, text/javascript, /; q=0.01 Cache-Control no-cache X-Requested-With XMLHttpRequest Cookie clkcheck23078=_107765 Connection keep-alive Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%3A%2F%2Feverygems.com%2Fclicks%2Fclick.php%3Fip%3D148.251.45.254%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Deverygems.com%26cid%3D23078%26pub%3D107765%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= Content-Length 653 Accept application/json, text/javascript, /; q=0.01 Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%3A%2F%2Feverygems.com%2Fclicks%2Fclick.php%3Fip%3D148.251.45.254%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Deverygems.com%26cid%3D23078%26pub%3D107765%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= Origin http://everygems.com X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Fri, 02 Nov 2018 12:05:25 GMT Server Apache/2.2.15 (CentOS) Connection close X-Powered-By PHP/5.3.3 Content-Length 187 Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	t.png p.cpaoa.org/ Frame D7B3	68 B 246 B	177ms 177ms	Image image/png	54.191.3.117 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://p.cpaoa.org/t.png?4lfp=9a48b4818e0eeda4eb3a85d8cd970e84 Requested by Host: everygems.com URL: http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%3A%2F%2Feverygems.com%2Fclicks%2Fclick.php%3Fip%3D148.251.45.254%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Deverygems.com%26cid%3D23078%26pub%3D107765%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= Protocol HTTP/1.1 Server 54.191.3.117 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-191-3-117.us-west-2.compute.amazonaws.com Software nginx/1.8.1 / Resource Hash `93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20` Request headers Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%3A%2F%2Feverygems.com%2Fclicks%2Fclick.php%3Fip%3D148.251.45.254%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Deverygems.com%26cid%3D23078%26pub%3D107765%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Fri, 02 Nov 2018 12:05:25 GMT Server nginx/1.8.1 Connection keep-alive Content-Length 68 Content-Type image/png
GET H/1.1	200 OK	bdex-identity-api-0.3.js Show response exchange.bdex.com/bdex/api/identity/ Frame D7B3	6 KB 7 KB	412ms 182ms	Script application/javascript	52.43.168.227 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://exchange.bdex.com/bdex/api/identity/bdex-identity-api-0.3.js Requested by Host: p.cpaoa.org URL: http://p.cpaoa.org/l.js?impression_type=jsredir&impression_guid=7e02f159dcb665f8&partner_id=107765&_loc=http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%253A%252F%252Feverygems.com%252Fclicks%252Fclick.php%253Fip%253D148.251.45.254%2526referer_url%253D%2526user_agent%253DMozilla%25252F5.0%252B%252528Macintosh%25253B%252BIntel%252BMac%252BOS%252BX%252B10_13_5%252529%252BAppleWebKit%25252F537.36%252B%252528KHTML%25252C%252Blike%252BGecko%252529%252BChrome%25252F67.0.3396.87%252BSafari%25252F537.36%2526domain%253Deverygems.com%2526cid%253D23078%2526pub%253D107765%2526sid1%253D%2526sid2%253D%2526sid3%253D%2526sid4%253D&user_agent=Mozilla%252F5.0+%2528Macintosh%253B+Intel+Mac+OS+X+10_13_5%2529+AppleWebKit%252F537.36+%2528KHTML%252C+like+Gecko%2529+Chrome%252F67.0.3396.87+Safari%252F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4=&_gid=4aa63536 Protocol HTTP/1.1 Server 52.43.168.227 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-43-168-227.us-west-2.compute.amazonaws.com Software Apache / Resource Hash `f6327e00a7e67977308afa5acccb36654b5d9c8b23125d57f85fde13474cb9e1` Request headers Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%3A%2F%2Feverygems.com%2Fclicks%2Fclick.php%3Fip%3D148.251.45.254%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Deverygems.com%26cid%3D23078%26pub%3D107765%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 02 Nov 2018 12:05:25 GMT Last-Modified Tue, 18 Sep 2018 08:55:54 GMT Server Apache ETag W/"6491-1537260954000" Content-Type application/javascript Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 6491 Expires Fri, 02 Nov 2018 13:05:26 GMT
GET H/1.1	200 OK	g.pixel aa.agkn.com/adscores/ Frame D7B3 Redirect Chain http://api.traversedlp.com/retargeting/v1/include.gif?advertiserId=46d1ac2b-491a-40e3-907a-9402d7749cef&campaignId=0a9b5c32-1742-42d0-8591-9f007cb53e8e&advertiserProperties.offerId=undefined&advert... https://aa.agkn.com/adscores/g.pixel?sid=9212283888&cookieId=9c4806e0-d181-43fe-859c-b247321415cd	43 B 454 B	109ms 108ms	Image image/gif	156.154.200.36 NeuStar
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212283888&cookieId=9c4806e0-d181-43fe-859c-b247321415cd Requested by Host: everygems.com URL: http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%3A%2F%2Feverygems.com%2Fclicks%2Fclick.php%3Fip%3D148.251.45.254%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Deverygems.com%26cid%3D23078%26pub%3D107765%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 156.154.200.36 Sterling, United States, ASN19907 (NEUSTAR-AS6 - NeuStar, Inc., US), Reverse DNS Software AAWebServer / Resource Hash `98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a` Request headers Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%3A%2F%2Feverygems.com%2Fclicks%2Fclick.php%3Fip%3D148.251.45.254%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Deverygems.com%26cid%3D23078%26pub%3D107765%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Fri, 02 Nov 2018 12:05:26 GMT Server AAWebServer P3P policyref="http://www.agkn.com/p3p/p3p.xml",CP="NOI NID" Cache-Control no-cache, no-store, must-revalidate Connection close Content-Type image/gif Content-Length 43 Expires 0 Redirect headers Date Fri, 02 Nov 2018 12:05:25 GMT Server nginx/1.12.1 Vary Accept, Accept-Encoding P3P CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA" Location https://aa.agkn.com/adscores/g.pixel?sid=9212283888&cookieId=9c4806e0-d181-43fe-859c-b247321415cd Connection keep-alive Content-Type text/plain; charset=UTF-8 Content-Length 119
GET H/1.1	302 Found	confirmPrivacySettings.jsp exchange.bdex.com/bdex/ Frame D7B3 Redirect Chain https://exchange.bdex.com/bdex/bdexIdentity.jsp?bdexPartnerAccountId=100&customerUserId=f577c0cb8c164b1ead957b46d28c2b79&api=Y&apiVersion=0.3 https://exchange.bdex.com/bdex/confirmPrivacySettings.jsp?bdexPartnerAccountId=100&correlationId=8d7e70bc-f758-4082-9473-46c4ff2cd65f&redir=https%3A%2F%2Fexchange.bdex.com%2Fbdex%2FbdexIdentity.jsp...	0 -1 B	785ms 181ms	XHR text/html	52.89.153.71 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://exchange.bdex.com/bdex/confirmPrivacySettings.jsp?bdexPartnerAccountId=100&correlationId=8d7e70bc-f758-4082-9473-46c4ff2cd65f&redir=https%3A%2F%2Fexchange.bdex.com%2Fbdex%2FbdexIdentity.jsp%3FbdexPartnerAccountId%3D100%26customerUserId%3Df577c0cb8c164b1ead957b46d28c2b79%26api%3DY%26apiVersion%3D0.3%26correlationId%3D8d7e70bc-f758-4082-9473-46c4ff2cd65f Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.89.153.71 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-89-153-71.us-west-2.compute.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash Request headers Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%3A%2F%2Feverygems.com%2Fclicks%2Fclick.php%3Fip%3D148.251.45.254%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Deverygems.com%26cid%3D23078%26pub%3D107765%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 02 Nov 2018 12:05:26 GMT Server Apache-Coyote/1.1 Access-Control-Allow-Origin http://everygems.com p3p CP="This is not a P3P policy!" Location https://exchange.bdex.com/bdex/confirmPrivacySettings.jsp?bdexPartnerAccountId=100&correlationId=8d7e70bc-f758-4082-9473-46c4ff2cd65f&redir=https%3A%2F%2Fexchange.bdex.com%2Fbdex%2FbdexIdentity.jsp%3FbdexPartnerAccountId%3D100%26customerUserId%3Df577c0cb8c164b1ead957b46d28c2b79%26api%3DY%26apiVersion%3D0.3%26correlationId%3D8d7e70bc-f758-4082-9473-46c4ff2cd65f Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html;charset=ISO-8859-1 Content-Length 0 Redirect headers Date Fri, 02 Nov 2018 12:05:26 GMT Server Apache-Coyote/1.1 Access-Control-Allow-Origin http://everygems.com p3p CP="This is not a P3P policy!" Location https://exchange.bdex.com/bdex/confirmPrivacySettings.jsp?bdexPartnerAccountId=100&correlationId=8d7e70bc-f758-4082-9473-46c4ff2cd65f&redir=https%3A%2F%2Fexchange.bdex.com%2Fbdex%2FbdexIdentity.jsp%3FbdexPartnerAccountId%3D100%26customerUserId%3Df577c0cb8c164b1ead957b46d28c2b79%26api%3DY%26apiVersion%3D0.3%26correlationId%3D8d7e70bc-f758-4082-9473-46c4ff2cd65f Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html;charset=ISO-8859-1 Content-Length 0
GET H/1.1	200 OK	dl.png p.cpaoa.org/ Frame D7B3	68 B 246 B	176ms 176ms	Image image/png	54.191.3.117 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://p.cpaoa.org/dl.png?4lci=N2QxZDhlNGU5NTFhYjRlMTgzNmE3YWE4YTI1ZWVkMjM&iguid=7e02f159dcb665f8 Protocol HTTP/1.1 Server 54.191.3.117 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-191-3-117.us-west-2.compute.amazonaws.com Software nginx/1.8.1 / Resource Hash Request headers Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%3A%2F%2Feverygems.com%2Fclicks%2Fclick.php%3Fip%3D148.251.45.254%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Deverygems.com%26cid%3D23078%26pub%3D107765%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Fri, 02 Nov 2018 12:05:26 GMT Server nginx/1.8.1 Connection keep-alive Content-Length 68 Content-Type image/png
GET		ts464-internationalemail-general-revs go.rabofra.com/ Redirect Chain http://rapid-cdn.com/path/lp.php?trvid=10085&trvx=8636ccc4&vert=VERT&pubid=107765&cid=4740&system=NS http://go.peavyyola.com/ts464-internationalemail-general?sxid=btaulj7yfhtv http://go.rabofra.com/ts464-internationalemail-general-revs	0 0

GET H/1.1	302 Found	bdexIdentity.jsp exchange.bdex.com/bdex/ Frame D7B3 Redirect Chain https://exchange.bdex.com/bdex/confirmPrivacySettings.jsp?bdexPartnerAccountId=100&correlationId=8d7e70bc-f758-4082-9473-46c4ff2cd65f&redir=https%3A%2F%2Fexchange.bdex.com%2Fbdex%2FbdexIdentity.jsp... https://exchange.bdex.com/bdex/bdexIdentity.jsp?bdexPartnerAccountId=100&customerUserId=f577c0cb8c164b1ead957b46d28c2b79&api=Y&apiVersion=0.3&correlationId=8d7e70bc-f758-4082-9473-46c4ff2cd65f	0 -1 B	182ms 181ms	XHR text/html	52.89.153.71 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://exchange.bdex.com/bdex/bdexIdentity.jsp?bdexPartnerAccountId=100&customerUserId=f577c0cb8c164b1ead957b46d28c2b79&api=Y&apiVersion=0.3&correlationId=8d7e70bc-f758-4082-9473-46c4ff2cd65f Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.89.153.71 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-89-153-71.us-west-2.compute.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash Request headers Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%3A%2F%2Feverygems.com%2Fclicks%2Fclick.php%3Fip%3D148.251.45.254%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Deverygems.com%26cid%3D23078%26pub%3D107765%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 02 Nov 2018 12:05:26 GMT Server Apache-Coyote/1.1 Access-Control-Allow-Origin http://everygems.com Content-Type text/html Location https://exchange.bdex.com/bdex/bdexIdentity.jsp?bdexPartnerAccountId=100&customerUserId=f577c0cb8c164b1ead957b46d28c2b79&api=Y&apiVersion=0.3&correlationId=8d7e70bc-f758-4082-9473-46c4ff2cd65f Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 Redirect headers Date Fri, 02 Nov 2018 12:05:26 GMT Server Apache-Coyote/1.1 Access-Control-Allow-Origin http://everygems.com Content-Type text/html Location https://exchange.bdex.com/bdex/bdexIdentity.jsp?bdexPartnerAccountId=100&customerUserId=f577c0cb8c164b1ead957b46d28c2b79&api=Y&apiVersion=0.3&correlationId=8d7e70bc-f758-4082-9473-46c4ff2cd65f Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0
GET H/1.1	200 OK	bdexIdentity.jsp exchange.bdex.com/bdex/ Frame D7B3	198 B 672 B	191ms 190ms	XHR text/xml	52.89.153.71 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://exchange.bdex.com/bdex/bdexIdentity.jsp?bdexPartnerAccountId=100&customerUserId=f577c0cb8c164b1ead957b46d28c2b79&api=Y&apiVersion=0.3&correlationId=8d7e70bc-f758-4082-9473-46c4ff2cd65f Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.89.153.71 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-89-153-71.us-west-2.compute.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%3A%2F%2Feverygems.com%2Fclicks%2Fclick.php%3Fip%3D148.251.45.254%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Deverygems.com%26cid%3D23078%26pub%3D107765%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= Origin http://everygems.com Response headers Date Fri, 02 Nov 2018 12:05:26 GMT Server Apache-Coyote/1.1 p3p CP="This is not a P3P policy!" Access-Control-Allow-Origin http://everygems.com Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/xml;charset=ISO-8859-1 Content-Length 198
GET H/1.1	200 OK	t.png p.cpaoa.org/ Frame D7B3	68 B 246 B	176ms 176ms	Image image/png	54.191.3.117 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://p.cpaoa.org/t.png?bdex=9612673b-de97-11e8-9e88-025a1d8a72bb2567 Protocol HTTP/1.1 Server 54.191.3.117 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-191-3-117.us-west-2.compute.amazonaws.com Software nginx/1.8.1 / Resource Hash Request headers Referer http://everygems.com/clicks/click.php?ip=148.251.45.254&referer_url=http%3A%2F%2Feverygems.com%2Fclicks%2Fclick.php%3Fip%3D148.251.45.254%26referer_url%3D%26user_agent%3DMozilla%252F5.0%2B%2528Macintosh%253B%2BIntel%2BMac%2BOS%2BX%2B10_13_5%2529%2BAppleWebKit%252F537.36%2B%2528KHTML%252C%2Blike%2BGecko%2529%2BChrome%252F67.0.3396.87%2BSafari%252F537.36%26domain%3Deverygems.com%26cid%3D23078%26pub%3D107765%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D&user_agent=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&domain=everygems.com&cid=4740&pub=107765&prevcid=23078&sid1=&sid2=&sid3=&sid4= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Fri, 02 Nov 2018 12:05:27 GMT Server nginx/1.8.1 Connection keep-alive Content-Length 68 Content-Type image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: exchange.bdex.com
URL: http://exchange.bdex.com/bdex/api/identity/bdex-identity-api-0.3.js

Domain: aa.agkn.com
URL: https://aa.agkn.com/adscores/g.pixel?sid=9212283888&cookieId=16498045-2461-4fdc-a954-3631798a2aab

Domain: go.rabofra.com
URL: http://go.rabofra.com/ts464-internationalemail-general-revs

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
api.traversedlp.com
everygems.com
exchange.bdex.com
go.rabofra.com
p.cpaoa.org
www.geodas.info
aa.agkn.com
exchange.bdex.com
go.rabofra.com
156.154.200.36
170.130.143.227
2606:4700:30::681c:386
52.207.17.93
52.43.168.227
52.89.153.71
54.191.3.117
0aa69e45dffd606206bf09abec23642a4aa1cb19bd346b683f45fe492d8688b0
0c31d515201ee40aea03412f4f1e5e7fc723bc5c6561564e521e1ef72df0ebeb
0fcd9ecc57f1b8b5c281d557957ca56baa7709fb1c89d411e127ffc2e1fcfe20
6069398299730203aa434d1520ccf88ee8bf0aeee241aca18edbd85c78943432
6e5442d91ef6dd643148c4e7b475b1f2f51931d56f6feee02051785c9ef1e908
8af48ceb959da38eb4f608c7c468f5630ec8477c69f32d9eea32e1c67aa95da7
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a23ef6e1b03e1a2b874de1aebe9424b9f127aecedf425fe8229014ceca9e5bce
c0b32c6298bcc389697b3a0e2c889cb6d0885d5fe7f4576646e499a0a7bcc395
f6327e00a7e67977308afa5acccb36654b5d9c8b23125d57f85fde13474cb9e1

everygems.com Open in urlscan Pro 170.130.143.227 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

16 %HTTPS

14 %IPv6

7 Domains

7 Subdomains

6 IPs

3 Countries

262 kBTransfer

257 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

everygems.com Open in urlscan Pro
170.130.143.227 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

16 %
HTTPS

14 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

262 kB
Transfer

257 kB
Size

0
Cookies

25 HTTP transactions
0 data transactions