urlscan.io logo urlscan.io
SecurityTrails logo

securedcampaign.up.st Open in urlscan Pro
91.213.52.123  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click.tracksummer.com/aff_c?offer_id=128035499&affiliate_id=9269&aff_sub2=tr_-8s4KBrk9zkBvHIc1KF5UftNZqDcPQiN&aff_sub5...
Effective URL: http://securedcampaign.up.st/secured/uk-en-soi-web/?HEKeyword=UKSD_MBP_1&utm_source=mobipium&utm_medium=cpa&utm_content=uk&ut...
Submission: On January 20 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 6 countries across 13 domains to perform 14 HTTP transactions. The main IP is 91.213.52.123, located in Greece and belongs to UPSTREAM-AS Greece, GR. The main domain is securedcampaign.up.st.
This is the only time securedcampaign.up.st was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.10.241.120 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-241-120.us-west-2.compute.amazonaws.com
click.tracksummer.com
1    116.202.17.203 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.203.17.202.116.clients.your-server.de
track1.cloud13go.com
1    205.147.93.131 (United States)

ASN393676 (ZENEDGE, US)
rosetheet.com
2    109.123.118.67 (Ilford, United Kingdom)

ASN13213 (UK2NET-AS, GB)
PTR: 118-67.topstaffsolutions.com
track.bruceleadx2.com
2    2a05:d018:483:6110:1151:1546:9e4a:df36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
cd-down.com
1    2a05:d018:483:6110:ec0e:b108:7f12:f2f9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
gdmconvtrck.com
1    35.157.9.102 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-9-102.eu-central-1.compute.amazonaws.com
2468024.catchtheclick.com
6    91.213.52.123 (Greece)

ASN49582 (UPSTREAM-AS Greece, GR)
securedcampaign.up.st
1    2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2001:4860:4802:32::75 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2001:4860:4802:38::75 (United States)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
6 securedcampaign.up.st 2468024.catchtheclick.com
securedcampaign.up.st
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 cd-down.com 1 redirects track.bruceleadx2.com
2 track.bruceleadx2.com 1 redirects rosetheet.com
1 www.google.de securedcampaign.up.st
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com securedcampaign.up.st
1 2468024.catchtheclick.com gdmconvtrck.com
1 gdmconvtrck.com cd-down.com
1 rosetheet.com
1 track1.cloud13go.com 1 redirects
1 click.tracksummer.com 1 redirects
14 13

This site contains no links.

Subject Issuer Validity Valid
*.catchtheclick.com
Let's Encrypt Authority X3		 2019-12-19 -
2020-03-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-12-20 -
2020-03-13		 3 months crt.sh
www.google.de
GTS CA 1O1		 2019-12-20 -
2020-03-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://securedcampaign.up.st/secured/uk-en-soi-web/?HEKeyword=UKSD_MBP_1&utm_source=mobipium&utm_medium=cpa&utm_content=uk&utm_campaign=UKSD_MBP_1-mobipium-web-cpa-uk-image&mbp_id=TpbjxURptR--hl5fx0xd9AloiSsUNVomeTxawZ2fr2kZUmSU-3Nr6d2_BAoNfcivY3wX2yFfP_Y9er5kQEP4Gw&mbp_pub_id=536-KU2WRjZhkJ
Frame ID: 08DF19686D14D68D21E1B09246D389B2
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://click.tracksummer.com/aff_c?offer_id=128035499&affiliate_id=9269&aff_sub2=tr_-8s4KBrk9zkBvHIc1KF5U... HTTP 302
    http://track1.cloud13go.com/go.php?p=5056092x1574&sub3=2411&sub1=b8e96021735e44079a97bfea5fe08d601579533... HTTP 302
    http://rosetheet.com/portent/netbios/acl/1-2361-f8134165651bbdc0c5e28e9aac9db56f?tvu=Mainstream&t... Page URL
  2. http://track.bruceleadx2.com/ck.php?kp=lGB20BVFA09054a0000RS003BU0T3ZP03C0ZDS02HV03C0Z00000000&line_item_... Page URL
  3. http://track.bruceleadx2.com/ck_jump?id=cz0zMTk3MDc1MTg4OTI4ODI5NyZ0PTE1Nzk1MzM3NzQmaD0xMjgzOTkzNjI2&__if... HTTP 302
    http://cd-down.com/?a=44826&c=207044&s1=UzoxODk3LFNCOjE1NTU1NS1ET0NGZEcwUHNwUzN0VUNmUDljcCxMOjE... Page URL
  4. http://cd-down.com/?a=44826&c=207044&oc=96883&sr=t&s1=UzoxODk3LFNCOjE1NTU1NS1ET0NGZEcwUHNwUzN0V... HTTP 302
    https://2468024.catchtheclick.com/?mob=ioXMDDGachYBup-IJi7dmNzgeK7WtZLM5G-TbPqOWDqFQGe1Gr4lMfWKAZqD8GWrFpYMVCE... Page URL
  5. http://securedcampaign.up.st/secured/uk-en-soi-web/?HEKeyword=UKSD_MBP_1&utm_source=mobipium&utm_medium=c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

14
Requests

29 %
HTTPS

54 %
IPv6

13
Domains

13
Subdomains

9
IPs

6
Countries

103 kB
Transfer

242 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.tracksummer.com/aff_c?offer_id=128035499&affiliate_id=9269&aff_sub2=tr_-8s4KBrk9zkBvHIc1KF5UftNZqDcPQiN&aff_sub5=3_118_ATIQO~xVDc6b~dSLOsFmsE4R_CsvW8xKXPYJBEK0Qq9ujr5Va&gaid=B99A6C12-977D-4004-AC1B-855A5AF70876&aid=B99A6C12-977D-4004-AC1B-855A5AF70876&app_id=%E3%83%94%E3%82%A2%E3%83%8E%E3%82%BF%E3%82%A4%E3%83%AB%E3%82%B9%E3%83%86%E3%83%BC%E3%82%B8_ios HTTP 302
    http://track1.cloud13go.com/go.php?p=5056092x1574&sub3=2411&sub1=b8e96021735e44079a97bfea5fe08d601579533772116 HTTP 302
    http://rosetheet.com/portent/netbios/acl/1-2361-f8134165651bbdc0c5e28e9aac9db56f?tvu=Mainstream&tid=1579533772_32_5056092_1574_e3351592242a_lc1&af=1574 Page URL
  2. http://track.bruceleadx2.com/ck.php?kp=lGB20BVFA09054a0000RS003BU0T3ZP03C0ZDS02HV03C0Z00000000&line_item_id=19117&subid_spx=155555-DOCFdG0PspS3tUCfP9cp& Page URL
  3. http://track.bruceleadx2.com/ck_jump?id=cz0zMTk3MDc1MTg4OTI4ODI5NyZ0PTE1Nzk1MzM3NzQmaD0xMjgzOTkzNjI2&__if=0&__pm=0&__wv=0&__type=unknown&__deviceid= HTTP 302
    http://cd-down.com/?a=44826&c=207044&s1=UzoxODk3LFNCOjE1NTU1NS1ET0NGZEcwUHNwUzN0VUNmUDljcCxMOjE5MTE3LEM6Mjg1NjE%3D&s2=20200120_bae1a834-3b98-11ea-bfc3-51c7c5ea5447 Page URL
  4. http://cd-down.com/?a=44826&c=207044&oc=96883&sr=t&s1=UzoxODk3LFNCOjE1NTU1NS1ET0NGZEcwUHNwUzN0VUNmUDljcC&s2=20200120_bae1a834-3b98-11ea-bfc3-51c7c5ea5447&ref=http%3A%2F%2Ftrack.bruceleadx2.com%2Fck.php%3Fkp%3DlGB20BVFA09054a0000RS003BU0T3ZP03C0ZDS02HV03C0Z00000000%26line_item_id%3D19117%26subid_spx%3D155555-DOCFdG0PspS3tUCfP9cp%26&vt=1579533774591&h=d47ecbce2ae9e9787dc43966218ef49db540d21a&req=http%3A%2F%2Fcd-down.com%2F%3Fa%3D44826%26c%3D207044%26s1%3DUzoxODk3LFNCOjE1NTU1NS1ET0NGZEcwUHNwUzN0VUNmUDljcCxMOjE5MTE3LEM6Mjg1NjE%253D%26s2%3D20200120_bae1a834-3b98-11ea-bfc3-51c7c5ea5447&us=d30dae0ae2364451af669d8d3d1f2fb8 HTTP 302
    https://2468024.catchtheclick.com/?mob=ioXMDDGachYBup-IJi7dmNzgeK7WtZLM5G-TbPqOWDqFQGe1Gr4lMfWKAZqD8GWrFpYMVCEXbwx_vxk99rCC8w&tid=705945deb107422ea4a77c8038d91562121e2&tid1=44826 Page URL
  5. http://securedcampaign.up.st/secured/uk-en-soi-web/?HEKeyword=UKSD_MBP_1&utm_source=mobipium&utm_medium=cpa&utm_content=uk&utm_campaign=UKSD_MBP_1-mobipium-web-cpa-uk-image&mbp_id=TpbjxURptR--hl5fx0xd9AloiSsUNVomeTxawZ2fr2kZUmSU-3Nr6d2_BAoNfcivY3wX2yFfP_Y9er5kQEP4Gw&mbp_pub_id=536-KU2WRjZhkJ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://click.tracksummer.com/aff_c?offer_id=128035499&affiliate_id=9269&aff_sub2=tr_-8s4KBrk9zkBvHIc1KF5UftNZqDcPQiN&aff_sub5=3_118_ATIQO~xVDc6b~dSLOsFmsE4R_CsvW8xKXPYJBEK0Qq9ujr5Va&gaid=B99A6C12-977D-4004-AC1B-855A5AF70876&aid=B99A6C12-977D-4004-AC1B-855A5AF70876&app_id=%E3%83%94%E3%82%A2%E3%83%8E%E3%82%BF%E3%82%A4%E3%83%AB%E3%82%B9%E3%83%86%E3%83%BC%E3%82%B8_ios HTTP 302
  • http://track1.cloud13go.com/go.php?p=5056092x1574&sub3=2411&sub1=b8e96021735e44079a97bfea5fe08d601579533772116 HTTP 302
  • http://rosetheet.com/portent/netbios/acl/1-2361-f8134165651bbdc0c5e28e9aac9db56f?tvu=Mainstream&tid=1579533772_32_5056092_1574_e3351592242a_lc1&af=1574
Request Chain 2
  • http://track.bruceleadx2.com/ck_jump?id=cz0zMTk3MDc1MTg4OTI4ODI5NyZ0PTE1Nzk1MzM3NzQmaD0xMjgzOTkzNjI2&__if=0&__pm=0&__wv=0&__type=unknown&__deviceid= HTTP 302
  • http://cd-down.com/?a=44826&c=207044&s1=UzoxODk3LFNCOjE1NTU1NS1ET0NGZEcwUHNwUzN0VUNmUDljcCxMOjE5MTE3LEM6Mjg1NjE%3D&s2=20200120_bae1a834-3b98-11ea-bfc3-51c7c5ea5447
Request Chain 4
  • http://cd-down.com/?a=44826&c=207044&oc=96883&sr=t&s1=UzoxODk3LFNCOjE1NTU1NS1ET0NGZEcwUHNwUzN0VUNmUDljcC&s2=20200120_bae1a834-3b98-11ea-bfc3-51c7c5ea5447&ref=http%3A%2F%2Ftrack.bruceleadx2.com%2Fck.php%3Fkp%3DlGB20BVFA09054a0000RS003BU0T3ZP03C0ZDS02HV03C0Z00000000%26line_item_id%3D19117%26subid_spx%3D155555-DOCFdG0PspS3tUCfP9cp%26&vt=1579533774591&h=d47ecbce2ae9e9787dc43966218ef49db540d21a&req=http%3A%2F%2Fcd-down.com%2F%3Fa%3D44826%26c%3D207044%26s1%3DUzoxODk3LFNCOjE1NTU1NS1ET0NGZEcwUHNwUzN0VUNmUDljcCxMOjE5MTE3LEM6Mjg1NjE%253D%26s2%3D20200120_bae1a834-3b98-11ea-bfc3-51c7c5ea5447&us=d30dae0ae2364451af669d8d3d1f2fb8 HTTP 302
  • https://2468024.catchtheclick.com/?mob=ioXMDDGachYBup-IJi7dmNzgeK7WtZLM5G-TbPqOWDqFQGe1Gr4lMfWKAZqD8GWrFpYMVCEXbwx_vxk99rCC8w&tid=705945deb107422ea4a77c8038d91562121e2&tid1=44826
Request Chain 12
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1666259897&t=pageview&_s=1&dl=http%3A%2F%2Fsecuredcampaign.up.st%2Fsecured%2Fuk-en-soi-web%2F%3FHEKeyword%3DUKSD_MBP_1%26utm_source%3Dmobipium%26utm_medium%3Dcpa%26utm_content%3Duk%26utm_campaign%3DUKSD_MBP_1-mobipium-web-cpa-uk-image%26mbp_id%3DTpbjxURptR--hl5fx0xd9AloiSsUNVomeTxawZ2fr2kZUmSU-3Nr6d2_BAoNfcivY3wX2yFfP_Y9er5kQEP4Gw%26mbp_pub_id%3D536-KU2WRjZhkJ&ul=en-us&de=UTF-8&dt=uk-en-soi-web%20-%20securedcampaign.up.st&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1507036813&gjid=1532327363&cid=1194636127.1579533776&tid=UA-103487580-47&_gid=2024946057.1579533776&_r=1&gtm=2wg18153W97TS&z=141843141 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-103487580-47&cid=1194636127.1579533776&jid=1507036813&_gid=2024946057.1579533776&gjid=1532327363&_v=j79&z=141843141 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-103487580-47&cid=1194636127.1579533776&jid=1507036813&_v=j79&z=141843141 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-103487580-47&cid=1194636127.1579533776&jid=1507036813&_v=j79&z=141843141&slf_rd=1&random=4145474589

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
1-2361-f8134165651bbdc0c5e28e9aac9db56f
rosetheet.com/portent/netbios/acl/
Redirect Chain
  • http://click.tracksummer.com/aff_c?offer_id=128035499&affiliate_id=9269&aff_sub2=tr_-8s4KBrk9zkBvHIc1KF5UftNZqDcPQiN&aff_sub5=3_118_ATIQO~xVDc6b~dSLOsFmsE4R_CsvW8xKXPYJBEK0Qq9ujr5Va&gaid=B99A6C12-9...
  • http://track1.cloud13go.com/go.php?p=5056092x1574&sub3=2411&sub1=b8e96021735e44079a97bfea5fe08d601579533772116
  • http://rosetheet.com/portent/netbios/acl/1-2361-f8134165651bbdc0c5e28e9aac9db56f?tvu=Mainstream&tid=1579533772_32_5056092_1574_e3351592242a_lc1&af=1574
5 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://rosetheet.com/portent/netbios/acl/1-2361-f8134165651bbdc0c5e28e9aac9db56f?tvu=Mainstream&tid=1579533772_32_5056092_1574_e3351592242a_lc1&af=1574
Protocol
HTTP/1.1
Server
205.147.93.131 , United States, ASN393676 (ZENEDGE, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
e822424fe07247c01a50937d170765c75b8767172ac66cd273cfdf29031d1cbf

Request headers

Host
rosetheet.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 20 Jan 2020 15:22:54 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
vary
Accept-Encoding Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
expires
Sat, 26 Jul 1997 05:00:00 GMT
set-cookie
SCLohzIjcWzaVJ1fIokBpCjY%2F1Uv8alIkgzmftgnf9c%3D=75b25a85775abf7fde78f6d22e22cad9_1579533773.8471; domain=rosetheet.com; path=/; expires=Thu, 17-Jan-2030 15:22:53 UTC 3S9yrTPbh%2BzdVfVn4UIeH2UUIPb%2B6GI7UxZbmhhwcqk%3D=1579533773.8505; domain=rosetheet.com; path=/; expires=Thu, 17-Jan-2030 15:22:53 UTC 2U3QMzI6N7euJEy5nDsfGDG56x1vLa19N2brqHdWvt0%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3YW1vNXdzYVFiRVhlSm5KVDVRUlc4bHZwS0xSL3VwcDFGY2JRcFZITHpsbg%3D%3D; domain=rosetheet.com; path=/; expires=Thu, 17-Jan-2030 15:22:53 UTC 75b25a85775abf7fde78f6d22e22cad9_1579533773.8471_ck=MzhEZ044WllxeTNrQ0VUajhpc0lud0MvL05RZENtQS9NQVRuK3dhdkJNVGdVS0VZL3JwbVp3YnE2dXFVaFhSSWF5bUdhdmJIZXYrRjN4WUNEMlZrQUJpcmlPOHNhRzh3L25tZzZWVXE3WjVIUE1zbi83S2JlZTl3NnNzZ2JXRE5sNGlzbWhkcnhjcjZzeWxQNm1lT3NLV0pnWXhkOFNKU2VwQ1UxSHhRSEl1elB0c05CVm1xV1JsaFRQNDZ1bm9md08xMUxKQVBkamRWSkpmdGJHYytwYzBhVldjd3Q2SEdMYnY3U2Y2Q01YWGoxdHNsanVnZ2x3Zlk3L1hxZVBXa3dzL3Y0ZUlMY0VkelZLcC9wK2c1aVBzVlN2anRsNWpITUc0K3c0MGVBaUlVbmpnaDZucHA3SXhhUmlZYmNPVkJqSTJCcjZCdjFucWJtTCtlT1NVL2VkZzlZTkkwUlVDMTRBMHF5MHREQXFMV0RLZFlUQWc5Y3ZsRjFFREV1ajhKeFlFcDBCZFVzaFlGczFqRVVsWFBJYTFpZmtTbGVYcEdFTE5raThQSHhBN21UVDVkakFyZGF6WEhqTVExanRBVmN6QXd0S2tsWXBMakZDQXJnM0MxMzllYnhQVE1yNTlaNUFVTk5pMEVQSGI3SStvdmhFUWoxTlNhR3hrTUJic2RaZC9idHVoK0l2MTdhd3BDejNlQjJkZ2R3c2hQZHVtKytqOEpZeUw1SjVwVzd2L1dNUm9GRHVtMU9BelFxN3ZXaVVhQ1JtMmJ1S3Q5RkluRE5yWGpyTGNJMEpZUHphN2J0d29kZE81MzBTZFc3U2RsNW9KeUIxQ0RyZFBkNGMwVTdTK0czYlpwd2w1M1NXZTZlZTFZWFdJVkI2emdHeXhpOVhkRDU5Njh5QkZFQXRVSzg3dktFM3plN1pOQ2NSZ1JQRDgzY0tzeUVTam5jN2d3T3BodlBQeEpVRysyOWdpZGpLclFzYzRWcC9VPQ%3D%3D; domain=rosetheet.com; path=/; expires=Thu, 17-Jan-2030 15:22:53 UTC orcRfB2ZzuVYm%2BYidjgnKaBfRmWvyhrnRcUSpuav24k%3D=NjhqOHoyQmcyUzk4Si9zZDdlNU9pNUlkUllBNExzSjN1VjY1QTM5ZTlmMk92M3JBTnJGU3RkY2dBU3dGRExMV25Vd0s0R0daUGs4bnpUeGV0bCtucHgzT21qdXFCNmdZWnpsSzBDTWVxczA9; domain=rosetheet.com; path=/; expires=Mon, 20-Jan-2020 16:27:53 UTC SERVERID=sfc53; path=/
X-Zen-Fury
57edbcaaf5d179dbaec4d79e12c8a7e5d4a1a3e5
Server
ZENEDGE
X-Cache-Status
NOTCACHED
Content-Encoding
gzip

Redirect headers

Date
Mon, 20 Jan 2020 15:22:52 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Set-Cookie
PHPSESSID=aob5c6d36k3knqq724rv643h82; path=/ numhits=1; expires=Mon, 02-Mar-2020 07:22:52 GMT; Max-Age=3600000
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Location
http://rosetheet.com/portent/netbios/acl/1-2361-f8134165651bbdc0c5e28e9aac9db56f?tvu=Mainstream&tid=1579533772_32_5056092_1574_e3351592242a_lc1&af=1574
Server
nginx centminmod
X-Powered-By
centminmod
Cookie set ck.php
track.bruceleadx2.com/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://track.bruceleadx2.com/ck.php?kp=lGB20BVFA09054a0000RS003BU0T3ZP03C0ZDS02HV03C0Z00000000&line_item_id=19117&subid_spx=155555-DOCFdG0PspS3tUCfP9cp&
Requested by
Host: rosetheet.com
URL: http://rosetheet.com/portent/netbios/acl/1-2361-f8134165651bbdc0c5e28e9aac9db56f?tvu=Mainstream&tid=1579533772_32_5056092_1574_e3351592242a_lc1&af=1574
Protocol
HTTP/1.1
Server
109.123.118.67 Ilford, United Kingdom, ASN13213 (UK2NET-AS, GB),
Reverse DNS
118-67.topstaffsolutions.com
Software
SpirooxPerformance-Server-1.0 /
Resource Hash
b04348810f8da881e2a05617ff3bfac5f39d1810cd903fac696bbdb65022bfe3

Request headers

Host
track.bruceleadx2.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://rosetheet.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://rosetheet.com/

Response headers

Date
Mon, 20 Jan 2020 15:22:54 GMT
Server
SpirooxPerformance-Server-1.0
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Expires
0
Pragma
no-cache
Content-Length
1172
Connection
close
Content-Type
text/html; charset=utf-8
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie
session=20200120_bae1a834-3b98-11ea-bfc3-51c7c5ea5447%7C31970751889288297%7C2020-01-20T15%3A22%3A54%2B0000%7C2635167%7CUnited+Kingdom%7C19117%7C155555-DOCFdG0PspS3tUCfP9cp%7ClGB20BVFA09054a0000RS003BU0T3ZP03C0ZDS02HV03C0Z00000000%7C2806%7C4%7C1897%7C19117%7C2%7C2402%7C0%7C12657%7C10976%7C28561%7C4655%7C0%7C0%7C3%7C1%7CMac%7C79%7C%7C%7CChrome%7CHydra+Communications+Ltd%7CWIFI%7C89.34.96.0%2F24%7C89.34.96.84%7C0%7C155555-DOCFdG0PspS3tUCfP9cp%7Cnull%7Cnull%7Cnull%7Cnull%7Cnull%7Cnull%7Cnull%7Cnull%7Cnull%7C%7C0.0%7C0.0%7C0.0%7C0.0%7C0%7Crosetheet.com%7C1579533774465%7C%7Cfalse%7Cfalse%7C22%7C0%7C27%7C%7C0%7C0%7C%7Ctrack.bruceleadx2.com%7Cgb%7C%7C0.0%7C; domain=track.bruceleadx2.com; path=/; expires=Tue, 18 Feb 2020 15:22:54 GMT
/
cd-down.com/
Redirect Chain
  • http://track.bruceleadx2.com/ck_jump?id=cz0zMTk3MDc1MTg4OTI4ODI5NyZ0PTE1Nzk1MzM3NzQmaD0xMjgzOTkzNjI2&__if=0&__pm=0&__wv=0&__type=unknown&__deviceid=
  • http://cd-down.com/?a=44826&c=207044&s1=UzoxODk3LFNCOjE1NTU1NS1ET0NGZEcwUHNwUzN0VUNmUDljcCxMOjE5MTE3LEM6Mjg1NjE%3D&s2=20200120_bae1a834-3b98-11ea-bfc3-51c7c5ea5447
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cd-down.com/?a=44826&c=207044&s1=UzoxODk3LFNCOjE1NTU1NS1ET0NGZEcwUHNwUzN0VUNmUDljcCxMOjE5MTE3LEM6Mjg1NjE%3D&s2=20200120_bae1a834-3b98-11ea-bfc3-51c7c5ea5447
Requested by
Host: track.bruceleadx2.com
URL: http://track.bruceleadx2.com/ck.php?kp=lGB20BVFA09054a0000RS003BU0T3ZP03C0ZDS02HV03C0Z00000000&line_item_id=19117&subid_spx=155555-DOCFdG0PspS3tUCfP9cp&
Protocol
HTTP/1.1
Server
2a05:d018:483:6110:1151:1546:9e4a:df36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
42f5406c4b05b426a857fc11d5d5535010383eb149899ff38f53385487fd5f23

Request headers

Host
cd-down.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://track.bruceleadx2.com/ck.php?kp=lGB20BVFA09054a0000RS003BU0T3ZP03C0ZDS02HV03C0Z00000000&line_item_id=19117&subid_spx=155555-DOCFdG0PspS3tUCfP9cp&
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://track.bruceleadx2.com/ck.php?kp=lGB20BVFA09054a0000RS003BU0T3ZP03C0ZDS02HV03C0Z00000000&line_item_id=19117&subid_spx=155555-DOCFdG0PspS3tUCfP9cp&

Response headers

Date
Mon, 20 Jan 2020 15:22:54 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Vary
Accept-Encoding
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
Expires
Sat, 1 May 2020 12:00:00 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
Content-Encoding
gzip

Redirect headers

Date
Mon, 20 Jan 2020 15:22:54 GMT
Server
SpirooxPerformance-Server-1.0
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Expires
0
Pragma
no-cache
Connection
close
Location
http://cd-down.com/?a=44826&c=207044&s1=UzoxODk3LFNCOjE1NTU1NS1ET0NGZEcwUHNwUzN0VUNmUDljcCxMOjE5MTE3LEM6Mjg1NjE%3D&s2=20200120_bae1a834-3b98-11ea-bfc3-51c7c5ea5447
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie
c28561=1 ; domain=track.bruceleadx2.com; path=/; expires=Tue, 21 Jan 2020 15:22:54 GMT l19117=1 ; domain=track.bruceleadx2.com; path=/; expires=Tue, 21 Jan 2020 15:22:54 GMT
trck
gdmconvtrck.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://gdmconvtrck.com/trck
Requested by
Host: cd-down.com
URL: http://cd-down.com/?a=44826&c=207044&s1=UzoxODk3LFNCOjE1NTU1NS1ET0NGZEcwUHNwUzN0VUNmUDljcCxMOjE5MTE3LEM6Mjg1NjE%3D&s2=20200120_bae1a834-3b98-11ea-bfc3-51c7c5ea5447
Protocol
HTTP/1.1
Server
2a05:d018:483:6110:ec0e:b108:7f12:f2f9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d223ebac34d5f90136997042b80ed8ccb1e0ad849f06412b77e8250125134591

Request headers

Referer
http://cd-down.com/?a=44826&c=207044&s1=UzoxODk3LFNCOjE1NTU1NS1ET0NGZEcwUHNwUzN0VUNmUDljcCxMOjE5MTE3LEM6Mjg1NjE%3D&s2=20200120_bae1a834-3b98-11ea-bfc3-51c7c5ea5447
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Jan 2020 15:22:54 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/javascript;charset=utf-8
Access-Control-Allow-Origin
*, *
Cache-Control
no-cache, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
Expires
Sat, 1 May 2020 12:00:00 GMT
Cookie set /
2468024.catchtheclick.com/
Redirect Chain
  • http://cd-down.com/?a=44826&c=207044&oc=96883&sr=t&s1=UzoxODk3LFNCOjE1NTU1NS1ET0NGZEcwUHNwUzN0VUNmUDljcC&s2=20200120_bae1a834-3b98-11ea-bfc3-51c7c5ea5447&ref=http%3A%2F%2Ftrack.bruceleadx2.com%2Fck...
  • https://2468024.catchtheclick.com/?mob=ioXMDDGachYBup-IJi7dmNzgeK7WtZLM5G-TbPqOWDqFQGe1Gr4lMfWKAZqD8GWrFpYMVCEXbwx_vxk99rCC8w&tid=705945deb107422ea4a77c8038d91562121e2&tid1=44826
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2468024.catchtheclick.com/?mob=ioXMDDGachYBup-IJi7dmNzgeK7WtZLM5G-TbPqOWDqFQGe1Gr4lMfWKAZqD8GWrFpYMVCEXbwx_vxk99rCC8w&tid=705945deb107422ea4a77c8038d91562121e2&tid1=44826
Requested by
Host: gdmconvtrck.com
URL: http://gdmconvtrck.com/trck
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.157.9.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-9-102.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.1 / PHP/7.0.33
Resource Hash
88fa3ae298098640521700c052c5fa6d81e53b432eaec72a26ed07638cde2c37

Request headers

Host
2468024.catchtheclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
http://cd-down.com/?a=44826&c=207044&s1=UzoxODk3LFNCOjE1NTU1NS1ET0NGZEcwUHNwUzN0VUNmUDljcCxMOjE5MTE3LEM6Mjg1NjE%3D&s2=20200120_bae1a834-3b98-11ea-bfc3-51c7c5ea5447
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://cd-down.com/?a=44826&c=207044&s1=UzoxODk3LFNCOjE1NTU1NS1ET0NGZEcwUHNwUzN0VUNmUDljcCxMOjE5MTE3LEM6Mjg1NjE%3D&s2=20200120_bae1a834-3b98-11ea-bfc3-51c7c5ea5447

Response headers

Server
nginx/1.16.1
Date
Mon, 20 Jan 2020 15:22:54 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.0.33
Set-Cookie
jarr=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/

Redirect headers

Date
Mon, 20 Jan 2020 15:22:54 GMT
Content-Type
text/html;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Set-Cookie
gdm_click_freq_v1_1_001=zHkpxIgbuf4TXoRv6wenwHvCvB2dKVfhRmyJ68VA+KvHuKLHUU4PXe1UIPIhB+PO; Expires=Sun, 19-Apr-2020 15:22:54 GMT gdm_sid_v1_3_001=knLEaM8LsdsB9kATBgxW0Bc0RSKAQMgPfOCfR4xZmoDHUQGxiXfwKZu4Zqd6beN/AI1PL4SHyI4MyW1MNaC+vBrymQIzpByCfyeap2/2KrRN/FhEr1uHX0chm3BpcQOH4IpP7lmLtMcjVYCOX8iBg2/zqky+m88PDHwkx7dXcwpbnyEUlalW1ddBhTxvcOwpJkBijfVgqkezAo7PAO9Wjp6HQzdVDctwlisxfWvomumt2+Ffeo5fDNbPgSCmYt+Wf9Xd4+iYwf+xvmvaat+mIB26CeTy2otwVVGT9VXC59/z6vJCm7BieoPI95vAqKpq8sLjbRJ0L0TyY2HtiAFlfh8CZTDWq7jQA2b1m+6M23ygD8g90w7PanVxu+nkjb8cV0dOX0XpKqwdhOxo17Q+nT9CbUtM3VCVHbPqAZLrOqr60QAnqAF2Bl2MG+3N8jyqkuMeac06gVxCBrgGiHY7sZC283QF+8fQMLxWTP2h+nOuDkUeP2kq6aIKWkh4T118JFZ7qu+5W6OSqzbLfJ9xJyL3mgQDYzDoqwjHfbIYvQFg42vCOVgIyY540c8w829BRz2mUU7mZuJ6JwP9tZ5zSp34oBmRMtFAc/lVD5xCoo+lUOCG3b0btzmMpJGc+avibtdLy1VvTtAtzMDZdT2JxxEJocbu9ekdMMrSClUiXld3gPa6Qrsx997XLfToOmMM1lXWBO1m3MirYpzbmO82U8Ii4b7WcULEyFWh4OmX8PPQkt7kzBpy7pUR/ZSq3Tm5cl/qNReLWL1VQWbAH9iYNIPoz6monJ9ZcCDyMTplsfSHs17DXaLnKycwoqLbgTfJbl3ncEJI4Bt4/E8GvXseWLPp0tCxy2nEyaqCSaoPU5jYCaLDF/AE7rKz4wtorXQXTlfr30vZC2X02Cn+Cgx/JP0zKFWplqE0E5SayUCzrs+1OxdTiknJI1jj8dxa+JwAQAm23Nx3Vf3MYPkluQx4ZN7YqXBMiwTqEPm1PSjMKRkRuOQXaoJ8ee9i2ESo+Lb/8ibkLTlTTf5aTd7jMUvdL8H7X912rUmDHjY4iT2i1iCVaVgQSnKi7IQhH0znV66NbQRn65A7thkm3rR1PN/7Qf+KrT6G8cJFR3P0/9/Ley98z9EEWSujqSgyRDIryBbqZxOPUh0TBxuMYXzC448kjnihjDHhTBj7NDUZxDQA818ld+N8XB2k1acjYz5g4eXY2hRYnv9IS6G0Gf+Z8uyxgg==; Expires=Sun, 19-Apr-2020 15:22:54 GMT gdm_suid_v1_1_001=h6J9IwKsUH7CLXjbCqgcn1Su3LENkvaJW/FvH0U4xEFAmFVi+/iBf46DKI64N1tD; Expires=Sun, 19-Apr-2020 15:22:54 GMT gdm_uid_v1_1_001=h6J9IwKsUH7CLXjbCqgcn1Su3LENkvaJW/FvH0U4xEFAmFVi+/iBf46DKI64N1tD; Expires=Sun, 19-Apr-2020 15:22:54 GMT gdm_click_adv_freq_v1_1_001=k5zWhR2J/ZQ3D//T/Wiu+Xr+wAWT4/L1yyQm2OszQ+C/j5tZYlBCfb+EEi5IZoyM; Expires=Sun, 19-Apr-2020 15:22:54 GMT
Location
https://2468024.catchtheclick.com/?mob=ioXMDDGachYBup-IJi7dmNzgeK7WtZLM5G-TbPqOWDqFQGe1Gr4lMfWKAZqD8GWrFpYMVCEXbwx_vxk99rCC8w&tid=705945deb107422ea4a77c8038d91562121e2&tid1=44826
Content-Language
en-US
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
Primary Request Cookie set /
securedcampaign.up.st/secured/uk-en-soi-web/ 		56 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://securedcampaign.up.st/secured/uk-en-soi-web/?HEKeyword=UKSD_MBP_1&utm_source=mobipium&utm_medium=cpa&utm_content=uk&utm_campaign=UKSD_MBP_1-mobipium-web-cpa-uk-image&mbp_id=TpbjxURptR--hl5fx0xd9AloiSsUNVomeTxawZ2fr2kZUmSU-3Nr6d2_BAoNfcivY3wX2yFfP_Y9er5kQEP4Gw&mbp_pub_id=536-KU2WRjZhkJ
Requested by
Host: 2468024.catchtheclick.com
URL: https://2468024.catchtheclick.com/?mob=ioXMDDGachYBup-IJi7dmNzgeK7WtZLM5G-TbPqOWDqFQGe1Gr4lMfWKAZqD8GWrFpYMVCEXbwx_vxk99rCC8w&tid=705945deb107422ea4a77c8038d91562121e2&tid1=44826
Protocol
HTTP/1.1
Server
91.213.52.123 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software
/
Resource Hash
c475f37c1e56b4ccf4c719f6de15dab9634a1358ea7e0c7c22d15768867b33cf
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Host
securedcampaign.up.st
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 20 Jan 2020 15:22:55 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
X-Frame-Options
DENY
Link
<http://securedcampaign.up.st/secured/wp-json/>; rel="https://api.w.org/" <http://securedcampaign.up.st/secured/?p=64>; rel=shortlink
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
6344
Content-Type
text/html; charset=UTF-8
Set-Cookie
PHPSESSID=8fe7f9ae9fda83221e9e503becc971d2; path=/ wr_userPermID=L2xTZTh5OERweGh2VkZDRjcyMVIzQT09; expires=Thu, 17-Jan-2030 15:22:55 GMT; Max-Age=315360000; path=/; domain=securedcampaign.up.st; HttpOnly wr_userSessionID=SU9lMWpSZ0NyeVFTTW1NSkVQcW1TUT09; expires=Mon, 20-Jan-2020 15:22:55 GMT; Max-Age=0; path=/; domain=securedcampaign.up.st; HttpOnly cookieHEKeyword=b2EvQk44VVhVdld0YjlsalR5K1UvQT09; expires=Mon, 20-Jan-2020 17:22:55 GMT; Max-Age=7200; path=/; domain=securedcampaign.up.st; HttpOnly vas_pend=ee1; expires=Thu, 23-Jan-2020 15:22:55 GMT; Max-Age=259200; path=/ wr_userSessionID=YmZCUkZyOFN1RTZTNSs2c2g2OUxOQT09; expires=Mon, 20-Jan-2020 15:22:55 GMT; Max-Age=0; path=/; domain=securedcampaign.up.st; HttpOnly TS01ce928d=0119fdce0730b47f55136edbeec4fa3026f8a78fc9fe112730e31d9004a84e65c90af34e231105d67799d124baf6ff8b30736ef55684af712565a30af810e647d25d85e16bab4fe4d5bd30bb882234d07b5fcad22d; Path=/ TS012ac2bf=0119fdce07e7fd77694d170070d3156868da806edbfe112730e31d9004a84e65c90af34e236e8b14a9db212d0a5db04d895579ba6a466938c9d1006019a4a38ab9ef0ccf2ef6839ff6f8e76b2f64cd0ba3469605c84cfecbc817d9fd00f2ebfea3a3f265c8e95bab7e290231d77c2d5d99c95ff6a3; path=/; domain=securedcampaign.up.st
Keep-Alive
timeout=2, max=1000
Connection
Keep-Alive
widget-options.css
securedcampaign.up.st/secured/wp-content/plugins/widget-options/assets/css/ 		1010 B
574 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://securedcampaign.up.st/secured/wp-content/plugins/widget-options/assets/css/widget-options.css?ver=130
Requested by
Host: securedcampaign.up.st
URL: http://securedcampaign.up.st/secured/uk-en-soi-web/?HEKeyword=UKSD_MBP_1&utm_source=mobipium&utm_medium=cpa&utm_content=uk&utm_campaign=UKSD_MBP_1-mobipium-web-cpa-uk-image&mbp_id=TpbjxURptR--hl5fx0xd9AloiSsUNVomeTxawZ2fr2kZUmSU-3Nr6d2_BAoNfcivY3wX2yFfP_Y9er5kQEP4Gw&mbp_pub_id=536-KU2WRjZhkJ
Protocol
HTTP/1.1
Server
91.213.52.123 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software
/
Resource Hash
acda3b1eaf36ea10066decf21f77191c2e951811da7ca34ff97fb32996725f10

Request headers

Referer
http://securedcampaign.up.st/secured/uk-en-soi-web/?HEKeyword=UKSD_MBP_1&utm_source=mobipium&utm_medium=cpa&utm_content=uk&utm_campaign=UKSD_MBP_1-mobipium-web-cpa-uk-image&mbp_id=TpbjxURptR--hl5fx0xd9AloiSsUNVomeTxawZ2fr2kZUmSU-3Nr6d2_BAoNfcivY3wX2yFfP_Y9er5kQEP4Gw&mbp_pub_id=536-KU2WRjZhkJ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 20 Jan 2020 15:22:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Dec 2019 08:39:17 GMT
ETag
"3f2-599f6614d1740-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=999
Content-Length
270
style.css
securedcampaign.up.st/secured/wp-content/themes/webrec/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://securedcampaign.up.st/secured/wp-content/themes/webrec/style.css?ver=130
Requested by
Host: securedcampaign.up.st
URL: http://securedcampaign.up.st/secured/uk-en-soi-web/?HEKeyword=UKSD_MBP_1&utm_source=mobipium&utm_medium=cpa&utm_content=uk&utm_campaign=UKSD_MBP_1-mobipium-web-cpa-uk-image&mbp_id=TpbjxURptR--hl5fx0xd9AloiSsUNVomeTxawZ2fr2kZUmSU-3Nr6d2_BAoNfcivY3wX2yFfP_Y9er5kQEP4Gw&mbp_pub_id=536-KU2WRjZhkJ
Protocol
HTTP/1.1
Server
91.213.52.123 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software
/
Resource Hash
7ea8ef0fbf691b441c53087789db857966fbff599cdb06aefd544c41b6a4f62c

Request headers

Referer
http://securedcampaign.up.st/secured/uk-en-soi-web/?HEKeyword=UKSD_MBP_1&utm_source=mobipium&utm_medium=cpa&utm_content=uk&utm_campaign=UKSD_MBP_1-mobipium-web-cpa-uk-image&mbp_id=TpbjxURptR--hl5fx0xd9AloiSsUNVomeTxawZ2fr2kZUmSU-3Nr6d2_BAoNfcivY3wX2yFfP_Y9er5kQEP4Gw&mbp_pub_id=536-KU2WRjZhkJ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 20 Jan 2020 15:22:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Dec 2019 08:39:17 GMT
ETag
"1fa8-599f6614d1740-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=1000
Content-Length
2214
WRTemplate.css
securedcampaign.up.st/secured/wp-content/themes/webrec-layout/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://securedcampaign.up.st/secured/wp-content/themes/webrec-layout/WRTemplate.css?ver=130
Requested by
Host: securedcampaign.up.st
URL: http://securedcampaign.up.st/secured/uk-en-soi-web/?HEKeyword=UKSD_MBP_1&utm_source=mobipium&utm_medium=cpa&utm_content=uk&utm_campaign=UKSD_MBP_1-mobipium-web-cpa-uk-image&mbp_id=TpbjxURptR--hl5fx0xd9AloiSsUNVomeTxawZ2fr2kZUmSU-3Nr6d2_BAoNfcivY3wX2yFfP_Y9er5kQEP4Gw&mbp_pub_id=536-KU2WRjZhkJ
Protocol
HTTP/1.1
Server
91.213.52.123 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software
/
Resource Hash
b5129c30d275e5966acae8786e8cb3e74171b243934a7a22eed119e38e4f8300

Request headers

Referer
http://securedcampaign.up.st/secured/uk-en-soi-web/?HEKeyword=UKSD_MBP_1&utm_source=mobipium&utm_medium=cpa&utm_content=uk&utm_campaign=UKSD_MBP_1-mobipium-web-cpa-uk-image&mbp_id=TpbjxURptR--hl5fx0xd9AloiSsUNVomeTxawZ2fr2kZUmSU-3Nr6d2_BAoNfcivY3wX2yFfP_Y9er5kQEP4Gw&mbp_pub_id=536-KU2WRjZhkJ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 20 Jan 2020 15:22:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Dec 2019 08:39:17 GMT
ETag
"680e-599f6614d1740-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=1000
Content-Length
3857
Gamedom-Logo.png
securedcampaign.up.st/secured/wp-content/uploads/2018/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://securedcampaign.up.st/secured/wp-content/uploads/2018/11/Gamedom-Logo.png
Requested by
Host: securedcampaign.up.st
URL: http://securedcampaign.up.st/secured/uk-en-soi-web/?HEKeyword=UKSD_MBP_1&utm_source=mobipium&utm_medium=cpa&utm_content=uk&utm_campaign=UKSD_MBP_1-mobipium-web-cpa-uk-image&mbp_id=TpbjxURptR--hl5fx0xd9AloiSsUNVomeTxawZ2fr2kZUmSU-3Nr6d2_BAoNfcivY3wX2yFfP_Y9er5kQEP4Gw&mbp_pub_id=536-KU2WRjZhkJ
Protocol
HTTP/1.1
Server
91.213.52.123 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software
/
Resource Hash
00a1905e158cde16ec4ee8a728a9cb1f98075a282b6ecb5c849afd434bfc09c9

Request headers

Referer
http://securedcampaign.up.st/secured/uk-en-soi-web/?HEKeyword=UKSD_MBP_1&utm_source=mobipium&utm_medium=cpa&utm_content=uk&utm_campaign=UKSD_MBP_1-mobipium-web-cpa-uk-image&mbp_id=TpbjxURptR--hl5fx0xd9AloiSsUNVomeTxawZ2fr2kZUmSU-3Nr6d2_BAoNfcivY3wX2yFfP_Y9er5kQEP4Gw&mbp_pub_id=536-KU2WRjZhkJ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 20 Jan 2020 15:22:55 GMT
Last-Modified
Mon, 20 Jan 2020 15:22:55 GMT
ETag
W/"88e-59c93dd95ba92"
Content-Type
image/png
Cache-Control
max-age=5184000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=1000
Content-Length
2190
Expires
Fri, 20 Mar 2020 15:22:55 GMT
gtm.js
www.googletagmanager.com/ 		58 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-53W97TS
Requested by
Host: securedcampaign.up.st
URL: http://securedcampaign.up.st/secured/uk-en-soi-web/?HEKeyword=UKSD_MBP_1&utm_source=mobipium&utm_medium=cpa&utm_content=uk&utm_campaign=UKSD_MBP_1-mobipium-web-cpa-uk-image&mbp_id=TpbjxURptR--hl5fx0xd9AloiSsUNVomeTxawZ2fr2kZUmSU-3Nr6d2_BAoNfcivY3wX2yFfP_Y9er5kQEP4Gw&mbp_pub_id=536-KU2WRjZhkJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8b9ffcdb367d829d7c5be366b9383d8d8d2babb74e2a301548c6dec9c84affb6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://securedcampaign.up.st/secured/uk-en-soi-web/?HEKeyword=UKSD_MBP_1&utm_source=mobipium&utm_medium=cpa&utm_content=uk&utm_campaign=UKSD_MBP_1-mobipium-web-cpa-uk-image&mbp_id=TpbjxURptR--hl5fx0xd9AloiSsUNVomeTxawZ2fr2kZUmSU-3Nr6d2_BAoNfcivY3wX2yFfP_Y9er5kQEP4Gw&mbp_pub_id=536-KU2WRjZhkJ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 20 Jan 2020 15:22:55 GMT
content-encoding
br
last-modified
Mon, 20 Jan 2020 15:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
21916
x-xss-protection
0
expires
Mon, 20 Jan 2020 15:22:55 GMT
UK-Gamedom_Sniff-Bg.jpg
securedcampaign.up.st/secured/wp-content/uploads/2018/11/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://securedcampaign.up.st/secured/wp-content/uploads/2018/11/UK-Gamedom_Sniff-Bg.jpg
Requested by
Host: securedcampaign.up.st
URL: http://securedcampaign.up.st/secured/uk-en-soi-web/?HEKeyword=UKSD_MBP_1&utm_source=mobipium&utm_medium=cpa&utm_content=uk&utm_campaign=UKSD_MBP_1-mobipium-web-cpa-uk-image&mbp_id=TpbjxURptR--hl5fx0xd9AloiSsUNVomeTxawZ2fr2kZUmSU-3Nr6d2_BAoNfcivY3wX2yFfP_Y9er5kQEP4Gw&mbp_pub_id=536-KU2WRjZhkJ
Protocol
HTTP/1.1
Server
91.213.52.123 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software
/
Resource Hash
9356355aec2881b67c6abb80785d3acd8dc8077839491ebfa64bdce89cbe7d8a

Request headers

Referer
http://securedcampaign.up.st/secured/uk-en-soi-web/?HEKeyword=UKSD_MBP_1&utm_source=mobipium&utm_medium=cpa&utm_content=uk&utm_campaign=UKSD_MBP_1-mobipium-web-cpa-uk-image&mbp_id=TpbjxURptR--hl5fx0xd9AloiSsUNVomeTxawZ2fr2kZUmSU-3Nr6d2_BAoNfcivY3wX2yFfP_Y9er5kQEP4Gw&mbp_pub_id=536-KU2WRjZhkJ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 20 Jan 2020 15:22:55 GMT
Last-Modified
Mon, 20 Jan 2020 15:22:55 GMT
ETag
W/"8c78-59c93dd958bb2"
Content-Type
image/jpeg
Cache-Control
max-age=5184000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=999
Content-Length
35960
Expires
Fri, 20 Mar 2020 15:22:55 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53W97TS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://securedcampaign.up.st/secured/uk-en-soi-web/?HEKeyword=UKSD_MBP_1&utm_source=mobipium&utm_medium=cpa&utm_content=uk&utm_campaign=UKSD_MBP_1-mobipium-web-cpa-uk-image&mbp_id=TpbjxURptR--hl5fx0xd9AloiSsUNVomeTxawZ2fr2kZUmSU-3Nr6d2_BAoNfcivY3wX2yFfP_Y9er5kQEP4Gw&mbp_pub_id=536-KU2WRjZhkJ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
6280
date
Mon, 20 Jan 2020 13:38:15 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Mon, 20 Jan 2020 15:38:15 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1666259897&t=pageview&_s=1&dl=http%3A%2F%2Fsecuredcampaign.up.st%2Fsecured%2Fuk-en-soi-web%2F%3FHEKeyword%3DUKSD_MBP_1%26utm_source%3Dmobipiu...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-103487580-47&cid=1194636127.1579533776&jid=1507036813&_gid=2024946057.1579533776&gjid=1532327363&_v=j79&z=141843141
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-103487580-47&cid=1194636127.1579533776&jid=1507036813&_v=j79&z=141843141
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-103487580-47&cid=1194636127.1579533776&jid=1507036813&_v=j79&z=141843141&slf_rd=1&random=4145474589
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-103487580-47&cid=1194636127.1579533776&jid=1507036813&_v=j79&z=141843141&slf_rd=1&random=4145474589
Requested by
Host: securedcampaign.up.st
URL: http://securedcampaign.up.st/secured/uk-en-soi-web/?HEKeyword=UKSD_MBP_1&utm_source=mobipium&utm_medium=cpa&utm_content=uk&utm_campaign=UKSD_MBP_1-mobipium-web-cpa-uk-image&mbp_id=TpbjxURptR--hl5fx0xd9AloiSsUNVomeTxawZ2fr2kZUmSU-3Nr6d2_BAoNfcivY3wX2yFfP_Y9er5kQEP4Gw&mbp_pub_id=536-KU2WRjZhkJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::75 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://securedcampaign.up.st/secured/uk-en-soi-web/?HEKeyword=UKSD_MBP_1&utm_source=mobipium&utm_medium=cpa&utm_content=uk&utm_campaign=UKSD_MBP_1-mobipium-web-cpa-uk-image&mbp_id=TpbjxURptR--hl5fx0xd9AloiSsUNVomeTxawZ2fr2kZUmSU-3Nr6d2_BAoNfcivY3wX2yFfP_Y9er5kQEP4Gw&mbp_pub_id=536-KU2WRjZhkJ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Jan 2020 15:22:55 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 20 Jan 2020 15:22:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-103487580-47&cid=1194636127.1579533776&jid=1507036813&_v=j79&z=141843141&slf_rd=1&random=4145474589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer number| pinTries function| registerform197901086315795337752572hideButtons function| registerform49441089915795337752575hideButtons function| registerform31794666915795337752579hideButtons function| registerform182418196015795337752581hideButtons function| registerform37554695315795337752583hideButtons function| registerform134898027315795337752584hideButtons function| registerform116564983215795337752587hideButtons function| registerform190157928615795337752589hideButtons function| registerform115693116015795337752591hideButtons function| registerform125161786815795337752218hideButtons function| registerform196406036115795337752596hideButtons function| registerform210573368615795337752597hideButtons function| registerform1701309392157953377526hideButtons function| registerform161207654115795337752601hideButtons function| registerform73435273015795337752603hideButtons function| registerform183896904415795337752605hideButtons function| registerform190122688715795337752607hideButtons boolean| pinflowcalled function| asyncpagecallpinflow function| asyncpagecall function| closemodal object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

10 Cookies

Domain/Path Name / Value
.up.st/ Name: _gat_UA-103487580-47
Value: 1
.up.st/ Name: _ga
Value: GA1.2.1194636127.1579533776
.securedcampaign.up.st/ Name: TS012ac2bf
Value: 0119fdce07e7fd77694d170070d3156868da806edbfe112730e31d9004a84e65c90af34e236e8b14a9db212d0a5db04d895579ba6a466938c9d1006019a4a38ab9ef0ccf2ef6839ff6f8e76b2f64cd0ba3469605c84cfecbc817d9fd00f2ebfea3a3f265c8e95bab7e290231d77c2d5d99c95ff6a3
securedcampaign.up.st/ Name: TS01ce928d
Value: 0119fdce0730b47f55136edbeec4fa3026f8a78fc9fe112730e31d9004a84e65c90af34e231105d67799d124baf6ff8b30736ef55684af712565a30af810e647d25d85e16bab4fe4d5bd30bb882234d07b5fcad22d
securedcampaign.up.st/ Name: vas_pend
Value: ee1
.securedcampaign.up.st/ Name: wr_userPermID
Value: L2xTZTh5OERweGh2VkZDRjcyMVIzQT09
.securedcampaign.up.st/ Name: cookieHEKeyword
Value: b2EvQk44VVhVdld0YjlsalR5K1UvQT09
.up.st/ Name: _gid
Value: GA1.2.2024946057.1579533776
.up.st/ Name: _gcl_au
Value: 1.1.1862278618.1579533776
securedcampaign.up.st/ Name: PHPSESSID
Value: 8fe7f9ae9fda83221e9e503becc971d2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2468024.catchtheclick.com
cd-down.com
click.tracksummer.com
gdmconvtrck.com
rosetheet.com
securedcampaign.up.st
stats.g.doubleclick.net
track.bruceleadx2.com
track1.cloud13go.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
109.123.118.67
116.202.17.203
2001:4860:4802:32::75
2001:4860:4802:38::75
205.147.93.131
2a00:1450:4001:81a::200e
2a00:1450:4001:820::2008
2a00:1450:400c:c06::9c
2a05:d018:483:6110:1151:1546:9e4a:df36
2a05:d018:483:6110:ec0e:b108:7f12:f2f9
35.157.9.102
52.10.241.120
91.213.52.123
00a1905e158cde16ec4ee8a728a9cb1f98075a282b6ecb5c849afd434bfc09c9
42f5406c4b05b426a857fc11d5d5535010383eb149899ff38f53385487fd5f23
7ea8ef0fbf691b441c53087789db857966fbff599cdb06aefd544c41b6a4f62c
88fa3ae298098640521700c052c5fa6d81e53b432eaec72a26ed07638cde2c37
8b9ffcdb367d829d7c5be366b9383d8d8d2babb74e2a301548c6dec9c84affb6
9356355aec2881b67c6abb80785d3acd8dc8077839491ebfa64bdce89cbe7d8a
acda3b1eaf36ea10066decf21f77191c2e951811da7ca34ff97fb32996725f10
b04348810f8da881e2a05617ff3bfac5f39d1810cd903fac696bbdb65022bfe3
b5129c30d275e5966acae8786e8cb3e74171b243934a7a22eed119e38e4f8300
c475f37c1e56b4ccf4c719f6de15dab9634a1358ea7e0c7c22d15768867b33cf
d223ebac34d5f90136997042b80ed8ccb1e0ad849f06412b77e8250125134591
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e822424fe07247c01a50937d170765c75b8767172ac66cd273cfdf29031d1cbf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629