garlanca.com Open in urlscan Pro
52.222.146.225  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://www.rayjump.com/template/traffic_lp.html Page URL
2. https://topcampaign.site/c/4c81761c-b3b0-11e5-b565-02f6361de079?pubid=17581 Page URL
3. https://topcampaign.site/v/4fd31850-6e9e-11e8-80e3-0141c2d5aa08/c/4c81761c-b3b0-11e5-b565-02f6361de079/?pubid=17581&_i=1&_s=4fd2b2a2-6e9e-11e8-b5a9-0141c2d5aaa4&_r=www.rayjump.com&_n=&_d=6|0|0|0|1|1|||1600x1200|u|1|Google%20Inc.|1|24|24|96|74-f2397a3c|0|0|81|1|2|o:10,min:18,gl:0,font:30,t:81|u|lum0y,6nq96o,0|en-US|Linux%20x86_64|aaaa0|20030107|5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20HeadlessChrome/66.0.3359.139%20Safari/537.36|0|8|148.251.45.170|u|0|u|u|u|u|u|u|0_0_0_0_1_0_1_0_0_0|1|u|404|n|n|n|n|1600x1200 Page URL
4. https://garlanca.com/l/8c579bd6-2433-11e6-9af1-02401b02a2b5/v/4fe24a64-6e9e-11e8-8f99-11417159c831/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	traffic_lp.html Show response www.rayjump.com/template/	59 KB 15 KB	32ms 17ms	Document text/html	128.1.77.20 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Full URL http://www.rayjump.com/template/traffic_lp.html? Protocol HTTP/1.1 Server 128.1.77.20 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, DE), Reverse DNS Software UCloud/CDN / Resource Hash a95160648dada700e787e48daf1ae8e26d6396257f68e139ce765837e1863bed Request headers Host www.rayjump.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 04CFF653FDC7E506866C7E7A0052A665 Response headers Server UCloud/CDN Date Tue, 12 Jun 2018 19:57:41 GMT Content-Type text/html Last-Modified Thu, 10 May 2018 07:07:14 GMT Content-Encoding gzip Age 25092 Content-Length 15279 Via http/1.1 UCloud (icdn-cache [cRs f ]), http/1.1 UCloud (icdn-cache [cRs f ]) Etag "5af3efa2-ed7b" Connection keep-alive
GET H/1.1	200 OK	icon.jpg www.rayjump.com/upload/gamelist/600002/	8 KB 9 KB	21ms 20ms	Image image/jpeg	128.1.77.20 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Show image Full URL http://www.rayjump.com/upload/gamelist/600002/icon.jpg Requested by Host: www.rayjump.com URL: http://www.rayjump.com/template/traffic_lp.html? Protocol HTTP/1.1 Server 128.1.77.20 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, DE), Reverse DNS Software UCloud/CDN / Resource Hash 181adbff05ae99420a19fa994f607e1b569b52b860de0adcb73aa8c2b3aac0a4 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.rayjump.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://www.rayjump.com/template/traffic_lp.html? Connection keep-alive Cache-Control no-cache Referer http://www.rayjump.com/template/traffic_lp.html? User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Tue, 12 Jun 2018 17:20:20 GMT Via http/1.1 UCloud (icdn-cache [cRs f ]), http/1.1 UCloud (icdn-cache [cRs f ]) Last-Modified Thu, 08 Dec 2016 07:27:54 GMT Server UCloud/CDN Age 24960 ETag "58490b7a-20d7" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 8407
GET H/1.1	200 OK	icon.jpg www.rayjump.com/upload/gamelist/600004/	8 KB 9 KB	41ms 11ms	Image image/jpeg	128.1.78.40 Zenlayer Inc
General Check archive.org Show headers Download Go to Show image Full URL http://www.rayjump.com/upload/gamelist/600004/icon.jpg Requested by Host: www.rayjump.com URL: http://www.rayjump.com/template/traffic_lp.html? Protocol HTTP/1.1 Server 128.1.78.40 Los Angeles, United States, ASN21859 (ZNET - Zenlayer Inc, US), Reverse DNS Software UCloud/CDN / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.rayjump.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://www.rayjump.com/template/traffic_lp.html? Connection keep-alive Cache-Control no-cache Referer http://www.rayjump.com/template/traffic_lp.html? User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Tue, 12 Jun 2018 20:23:47 GMT Via http/1.1 UCloud (icdn-cache [cRs f ]), http/1.1 UCloud (icdn-cache [cRs f ]) Last-Modified Thu, 08 Dec 2016 07:28:00 GMT Server UCloud/CDN Age 13972 ETag "58490b80-20b9" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 8377
GET H/1.1	200 OK	icon.jpg www.rayjump.com/template/	14 KB 14 KB	41ms 11ms	Image image/jpeg	128.1.78.40 Zenlayer Inc
General Check archive.org Show headers Download Go to Show image Full URL http://www.rayjump.com/template/icon.jpg Requested by Host: www.rayjump.com URL: http://www.rayjump.com/template/traffic_lp.html? Protocol HTTP/1.1 Server 128.1.78.40 Los Angeles, United States, ASN21859 (ZNET - Zenlayer Inc, US), Reverse DNS Software UCloud/CDN / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.rayjump.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://www.rayjump.com/template/traffic_lp.html? Connection keep-alive Cache-Control no-cache Referer http://www.rayjump.com/template/traffic_lp.html? User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Tue, 12 Jun 2018 20:23:47 GMT Via http/1.1 UCloud (icdn-cache [cRs f ]), http/1.1 UCloud (icdn-cache [cRs f ]) Last-Modified Thu, 08 Dec 2016 07:29:10 GMT Server UCloud/CDN Age 13972 ETag "58490bc6-3638" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 13880
GET H/1.1	200 OK	template.js Show response www.rayjump.com/js/	9 KB 4 KB	35ms 17ms	Script application/javascript	128.1.77.20 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Full URL http://www.rayjump.com/js/template.js?v=123 Requested by Host: www.rayjump.com URL: http://www.rayjump.com/template/traffic_lp.html? Protocol HTTP/1.1 Server 128.1.77.20 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, DE), Reverse DNS Software UCloud/CDN / Resource Hash eb02697b71afdaf41554a16b1f020f280a7f914848214d3ac59d062cc2bef20b Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.rayjump.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept */* Referer http://www.rayjump.com/template/traffic_lp.html? Connection keep-alive Cache-Control no-cache Referer http://www.rayjump.com/template/traffic_lp.html? User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Tue, 12 Jun 2018 18:36:27 GMT Content-Encoding gzip Last-Modified Wed, 17 Jan 2018 17:34:08 GMT Server UCloud/CDN Age 20104 Etag "5a5f8910-2349" Content-Type application/javascript Via http/1.1 UCloud (icdn-cache [cRs f ]), http/1.1 UCloud (icdn-cache [cRs f ]) Connection keep-alive Content-Length 3576
GET H/1.1	200 OK	adsbygoogle.js pagead2.googlesyndication.com/pagead/js/	72 KB 27 KB	18ms 17ms	Script text/javascript	216.58.206.2 Google LLC
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: www.rayjump.com URL: http://www.rayjump.com/template/traffic_lp.html? Protocol HTTP/1.1 Server 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s20-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://www.rayjump.com/template/traffic_lp.html? User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Timing-Allow-Origin * Date Wed, 13 Jun 2018 00:11:25 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cafe ETag 7899496937182063670 Vary Accept-Encoding P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control private, max-age=3600 Content-Disposition attachment; filename="f.txt" Content-Type text/javascript; charset=UTF-8 Content-Length 27059 X-XSS-Protection 1; mode=block Expires Wed, 13 Jun 2018 00:11:25 GMT
GET H/1.1	200 OK	star.png www.rayjump.com/template/	2 KB 2 KB	15ms 9ms	Image image/png	128.1.78.40 Zenlayer Inc
General Check archive.org Show headers Download Go to Show image Full URL http://www.rayjump.com/template/star.png Requested by Host: www.rayjump.com URL: http://www.rayjump.com/template/traffic_lp.html? Protocol HTTP/1.1 Server 128.1.78.40 Los Angeles, United States, ASN21859 (ZNET - Zenlayer Inc, US), Reverse DNS Software UCloud/CDN / Resource Hash a0d0c1549249494ca35dbf0ee319405a8cebd08d3652eab6872e6db50a47d7fb Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.rayjump.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://www.rayjump.com/template/traffic_lp.html? Connection keep-alive Cache-Control no-cache Referer http://www.rayjump.com/template/traffic_lp.html? User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Tue, 12 Jun 2018 20:23:47 GMT Via http/1.1 UCloud (icdn-cache [cRs f ]), http/1.1 UCloud (icdn-cache [cRs f ]) Last-Modified Thu, 08 Dec 2016 07:29:10 GMT Server UCloud/CDN Age 13972 ETag "58490bc6-653" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1619
GET H/1.1	200 OK	lato_bold.ttf www.rayjump.com/template/	119 KB 119 KB	16ms 11ms	Font application/octet-stream	128.1.78.40 Zenlayer Inc
General Check archive.org Show headers Download Go to Full URL http://www.rayjump.com/template/lato_bold.ttf Requested by Host: www.rayjump.com URL: http://www.rayjump.com/template/traffic_lp.html? Protocol HTTP/1.1 Server 128.1.78.40 Los Angeles, United States, ASN21859 (ZNET - Zenlayer Inc, US), Reverse DNS Software UCloud/CDN / Resource Hash Request headers Pragma no-cache Origin http://www.rayjump.com Accept-Encoding gzip, deflate Host www.rayjump.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept */* Referer http://www.rayjump.com/template/traffic_lp.html? Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Referer http://www.rayjump.com/template/traffic_lp.html? Origin http://www.rayjump.com Response headers Date Tue, 12 Jun 2018 20:23:48 GMT Via http/1.1 UCloud (icdn-cache [cRs f ]), http/1.1 UCloud (icdn-cache [cRs f ]) Last-Modified Thu, 08 Dec 2016 07:29:10 GMT Server UCloud/CDN Age 13971 ETag "58490bc6-1dbbc" Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes Content-Length 121788
GET H/1.1	200 OK	free.png www.rayjump.com/template/	2 KB 2 KB	16ms 10ms	Image image/png	128.1.78.40 Zenlayer Inc
General Check archive.org Show headers Download Go to Show image Full URL http://www.rayjump.com/template/free.png Requested by Host: www.rayjump.com URL: http://www.rayjump.com/template/traffic_lp.html? Protocol HTTP/1.1 Server 128.1.78.40 Los Angeles, United States, ASN21859 (ZNET - Zenlayer Inc, US), Reverse DNS Software UCloud/CDN / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.rayjump.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://www.rayjump.com/template/traffic_lp.html? Connection keep-alive Cache-Control no-cache Referer http://www.rayjump.com/template/traffic_lp.html? User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Tue, 12 Jun 2018 20:23:48 GMT Via http/1.1 UCloud (icdn-cache [cRs f ]), http/1.1 UCloud (icdn-cache [cRs f ]) Last-Modified Thu, 08 Dec 2016 07:29:10 GMT Server UCloud/CDN Age 13971 ETag "58490bc6-6e4" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1764
GET H2	200	4c81761c-b3b0-11e5-b565-02f6361de079 Show response topcampaign.site/c/	11 KB 12 KB	63ms 15ms	Document text/html	52.222.146.214 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://topcampaign.site/c/4c81761c-b3b0-11e5-b565-02f6361de079?pubid=17581 Requested by Host: www.rayjump.com URL: http://www.rayjump.com/js/template.js?v=123 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.222.146.214 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-52-222-146-214.fra53.r.cloudfront.net Software nginx / React/alpha Resource Hash 3d87fe53e6b351e78abd7c1918647677457877c51ee7921362dfadbf8d227562 Request headers :method GET :authority topcampaign.site :scheme https :path /c/4c81761c-b3b0-11e5-b565-02f6361de079?pubid=17581 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 referer http://www.rayjump.com/upload/app/apph5wall/index.html accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 04CFF653FDC7E506866C7E7A0052A665 Referer http://www.rayjump.com/upload/app/apph5wall/index.html Response headers status 200 content-length 11553 date Wed, 13 Jun 2018 00:11:25 GMT server nginx cache-control no-cache set-cookie _s=4fd2b2a2-6e9e-11e8-b5a9-0141c2d5aaa4; Path=/; Expires=Sat, 23-Jun-2018 00:11:25 GMT; HttpOnly x-powered-by React/alpha x-cache Miss from cloudfront via 1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront) x-amz-cf-id E4oaHlDy8vj2Dty3MHlwd2xrU5lbgz7UQ-8RTQZaTBcxXNMNK1KfSw==
GET H2	200	/ topcampaign.site/v/4fd31850-6e9e-11e8-80e3-0141c2d5aa08/c/4c81761c-b3b0-11e5-b565-02f6361de079/	89 B 435 B	38ms 38ms	Document text/html	52.222.146.214 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://topcampaign.site/v/4fd31850-6e9e-11e8-80e3-0141c2d5aa08/c/4c81761c-b3b0-11e5-b565-02f6361de079/?pubid=17581&_i=1&_s=4fd2b2a2-6e9e-11e8-b5a9-0141c2d5aaa4&_r=www.rayjump.com&_n=&_d=6|0|0|0|1|1|||1600x1200|u|1|Google%20Inc.|1|24|24|96|74-f2397a3c|0|0|81|1|2|o:10,min:18,gl:0,font:30,t:81|u|lum0y,6nq96o,0|en-US|Linux%20x86_64|aaaa0|20030107|5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20HeadlessChrome/66.0.3359.139%20Safari/537.36|0|8|148.251.45.170|u|0|u|u|u|u|u|u|0_0_0_0_1_0_1_0_0_0|1|u|404|n|n|n|n|1600x1200 Requested by Host: topcampaign.site URL: https://topcampaign.site/c/4c81761c-b3b0-11e5-b565-02f6361de079?pubid=17581 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.222.146.214 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-52-222-146-214.fra53.r.cloudfront.net Software nginx / React/alpha Resource Hash Request headers :method GET :authority topcampaign.site :scheme https :path /v/4fd31850-6e9e-11e8-80e3-0141c2d5aa08/c/4c81761c-b3b0-11e5-b565-02f6361de079/?pubid=17581&_i=1&_s=4fd2b2a2-6e9e-11e8-b5a9-0141c2d5aaa4&_r=www.rayjump.com&_n=&_d=6|0|0|0|1|1|||1600x1200|u|1|Google%20Inc.|1|24|24|96|74-f2397a3c|0|0|81|1|2|o:10,min:18,gl:0,font:30,t:81|u|lum0y,6nq96o,0|en-US|Linux%20x86_64|aaaa0|20030107|5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20HeadlessChrome/66.0.3359.139%20Safari/537.36|0|8|148.251.45.170|u|0|u|u|u|u|u|u|0_0_0_0_1_0_1_0_0_0|1|u|404|n|n|n|n|1600x1200 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 accept-encoding gzip, deflate cookie _s=4fd2b2a2-6e9e-11e8-b5a9-0141c2d5aaa4 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 04CFF653FDC7E506866C7E7A0052A665 Response headers status 200 content-type text/html;charset=utf-8 content-length 89 date Wed, 13 Jun 2018 00:11:25 GMT server nginx cache-control no-cache refresh 0;url=https://garlanca.com/l/8c579bd6-2433-11e6-9af1-02401b02a2b5/v/4fe24a64-6e9e-11e8-8f99-11417159c831/ x-powered-by React/alpha x-cache Miss from cloudfront via 1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront) x-amz-cf-id oKRYZJfVy2nbBjjqziPexv2AUuiX7Y38lZEzTJk5-FB9xxVXMgHrbw==
GET H2	200	Primary Request / Show response garlanca.com/l/8c579bd6-2433-11e6-9af1-02401b02a2b5/v/4fe24a64-6e9e-11e8-8f99-11417159c831/	5 KB 5 KB	33ms 14ms	Document text/html	52.222.146.225 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://garlanca.com/l/8c579bd6-2433-11e6-9af1-02401b02a2b5/v/4fe24a64-6e9e-11e8-8f99-11417159c831/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.222.146.225 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-52-222-146-225.fra53.r.cloudfront.net Software nginx / React/alpha Resource Hash fc2807603767e78da77876102afa767b0ed2266cc8d6f3633d64a0572bcfb211 Request headers :method GET :authority garlanca.com :scheme https :path /l/8c579bd6-2433-11e6-9af1-02401b02a2b5/v/4fe24a64-6e9e-11e8-8f99-11417159c831/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 referer https://topcampaign.site/v/4fd31850-6e9e-11e8-80e3-0141c2d5aa08/c/4c81761c-b3b0-11e5-b565-02f6361de079/?pubid=17581&_i=1&_s=4fd2b2a2-6e9e-11e8-b5a9-0141c2d5aaa4&_r=www.rayjump.com&_n=&_d=6|0|0|0|1|1|||1600x1200|u|1|Google%20Inc.|1|24|24|96|74-f2397a3c|0|0|81|1|2|o:10,min:18,gl:0,font:30,t:81|u|lum0y,6nq96o,0|en-US|Linux%20x86_64|aaaa0|20030107|5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20HeadlessChrome/66.0.3359.139%20Safari/537.36|0|8|148.251.45.170|u|0|u|u|u|u|u|u|0_0_0_0_1_0_1_0_0_0|1|u|404|n|n|n|n|1600x1200 accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 04CFF653FDC7E506866C7E7A0052A665 Referer https://topcampaign.site/v/4fd31850-6e9e-11e8-80e3-0141c2d5aa08/c/4c81761c-b3b0-11e5-b565-02f6361de079/?pubid=17581&_i=1&_s=4fd2b2a2-6e9e-11e8-b5a9-0141c2d5aaa4&_r=www.rayjump.com&_n=&_d=6|0|0|0|1|1|||1600x1200|u|1|Google%20Inc.|1|24|24|96|74-f2397a3c|0|0|81|1|2|o:10,min:18,gl:0,font:30,t:81|u|lum0y,6nq96o,0|en-US|Linux%20x86_64|aaaa0|20030107|5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20HeadlessChrome/66.0.3359.139%20Safari/537.36|0|8|148.251.45.170|u|0|u|u|u|u|u|u|0_0_0_0_1_0_1_0_0_0|1|u|404|n|n|n|n|1600x1200 Response headers status 200 content-length 5145 date Wed, 13 Jun 2018 00:11:25 GMT server nginx cache-control no-cache x-powered-by React/alpha x-cache Miss from cloudfront via 1.1 4d1cbe225c5d30aa78ec9a6fa1ba4211.cloudfront.net (CloudFront) x-amz-cf-id 8lNs1ufURl7pAJun6t_UUMCsCYINplmZKRpwoohvClD6ZXH57XpVww==
GET H2	200	imag.png garlanca.com/static/8c579bd6-2433-11e6-9af1-02401b02a2b5/	33 KB 34 KB	9ms 8ms	Image image/png	52.222.146.225 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://garlanca.com/static/8c579bd6-2433-11e6-9af1-02401b02a2b5/imag.png Requested by Host: garlanca.com URL: https://garlanca.com/l/8c579bd6-2433-11e6-9af1-02401b02a2b5/v/4fe24a64-6e9e-11e8-8f99-11417159c831/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.222.146.225 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-52-222-146-225.fra53.r.cloudfront.net Software nginx / Resource Hash c5653e8f2b38ac1aa15e61c60728c01562a6b3fe1cd0ea8d263bd62d6e7528fb Request headers :path /static/8c579bd6-2433-11e6-9af1-02401b02a2b5/imag.png pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority garlanca.com :scheme https :method GET User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Fri, 18 May 2018 10:06:31 GMT via 1.1 4d1cbe225c5d30aa78ec9a6fa1ba4211.cloudfront.net (CloudFront) last-modified Fri, 18 May 2018 10:06:15 GMT server nginx age 2210694 etag "5afea597-853b" x-cache Hit from cloudfront content-type image/png status 200 cache-control max-age=2592000 public accept-ranges bytes content-length 34107 x-amz-cf-id 1HmGhvkoOPuLwQQOAnUwgpDR1r1JAPOuLbbB6fg1SgrSJfp9rY0OOQ== expires Sun, 17 Jun 2018 10:06:31 GMT
GET S	200	api.js Show response www.google.com/recaptcha/	838 B 606 B	17ms 16ms	Script text/javascript	172.217.22.4 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit Requested by Host: garlanca.com URL: https://garlanca.com/l/8c579bd6-2433-11e6-9af1-02401b02a2b5/v/4fe24a64-6e9e-11e8-8f99-11417159c831/ Protocol SPDY Server 172.217.22.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s14-in-f4.1e100.net Software GSE / Resource Hash d8ec1a2ff1b4a430b1e9e4fd4d907e2c767224cd502f95cc096bdb9ca2adce06 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Wed, 13 Jun 2018 00:11:25 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 status 200 cache-control private, max-age=300 alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 470 x-xss-protection 1; mode=block expires Wed, 13 Jun 2018 00:11:25 GMT
GET S	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/api2/v1528135568984/	234 KB 76 KB	6ms 5ms	Script text/javascript	172.217.22.3 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/api2/v1528135568984/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit Protocol SPDY Server 172.217.22.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s14-in-f3.1e100.net Software sffe / Resource Hash 6aa4ac95121ef50a6f9ced5d23078e1a1da3d0d287f0c88f2db4b2da13898015 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Wed, 06 Jun 2018 17:08:04 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 05 Jun 2018 17:15:00 GMT server sffe age 543802 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 77439 x-xss-protection 1; mode=block expires Thu, 06 Jun 2019 17:08:04 GMT
GET H2	200	anchor www.google.com/recaptcha/api2/ Frame 3D2C	0 0	31ms 31ms	Document text/html	172.217.22.4 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LegYR0TAAAAAPQj12s9xvGu3_2O2jvIB5bb2NI6&co=aHR0cHM6Ly9nYXJsYW5jYS5jb206NDQz&hl=en&type=image&v=v1528135568984&theme=light&size=normal&cb=yswwcdgrpqvb Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/api2/v1528135568984/recaptcha__en.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.217.22.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s14-in-f4.1e100.net Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-9qzdSDfWgilH2TqwJfofaTPBWdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/anchor?ar=1&k=6LegYR0TAAAAAPQj12s9xvGu3_2O2jvIB5bb2NI6&co=aHR0cHM6Ly9nYXJsYW5jYS5jb206NDQz&hl=en&type=image&v=v1528135568984&theme=light&size=normal&cb=yswwcdgrpqvb pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 04CFF653FDC7E506866C7E7A0052A665 Response headers status 200 content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Wed, 13 Jun 2018 00:11:26 GMT content-security-policy script-src 'report-sample' 'nonce-9qzdSDfWgilH2TqwJfofaTPBWdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 10642 server GSE alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35"
GET H2	200	bframe www.google.com/recaptcha/api2/ Frame C2FB	0 0	19ms 19ms	Document text/html	172.217.22.4 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1528135568984&k=6LegYR0TAAAAAPQj12s9xvGu3_2O2jvIB5bb2NI6&cb=z7b6uqt4kve Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/api2/v1528135568984/recaptcha__en.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.217.22.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s14-in-f4.1e100.net Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-WKRG8VuH/cMKUHzWJ3VyCo/SafQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/bframe?hl=en&v=v1528135568984&k=6LegYR0TAAAAAPQj12s9xvGu3_2O2jvIB5bb2NI6&cb=z7b6uqt4kve pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 04CFF653FDC7E506866C7E7A0052A665 Response headers status 200 content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Wed, 13 Jun 2018 00:11:26 GMT content-security-policy script-src 'report-sample' 'nonce-WKRG8VuH/cMKUHzWJ3VyCo/SafQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 682 server GSE alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35"

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| verifyCallback number| widgetId1 function| onloadCallback function| showCaptcha function| hideCaptcha function| getRecaptchaUrl function| onCaptchaResolved function| gotoFinalLocation function| beforeCaptchaRender function| afterCaptchaRender object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| recaptcha object| closure_lm_656983

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

garlanca.com
pagead2.googlesyndication.com
topcampaign.site
www.google.com
www.gstatic.com
www.rayjump.com
128.1.77.20
128.1.78.40
172.217.22.3
172.217.22.4
216.58.206.2
52.222.146.214
52.222.146.225
181adbff05ae99420a19fa994f607e1b569b52b860de0adcb73aa8c2b3aac0a4
3d87fe53e6b351e78abd7c1918647677457877c51ee7921362dfadbf8d227562
6aa4ac95121ef50a6f9ced5d23078e1a1da3d0d287f0c88f2db4b2da13898015
a0d0c1549249494ca35dbf0ee319405a8cebd08d3652eab6872e6db50a47d7fb
a95160648dada700e787e48daf1ae8e26d6396257f68e139ce765837e1863bed
c5653e8f2b38ac1aa15e61c60728c01562a6b3fe1cd0ea8d263bd62d6e7528fb
d8ec1a2ff1b4a430b1e9e4fd4d907e2c767224cd502f95cc096bdb9ca2adce06
eb02697b71afdaf41554a16b1f020f280a7f914848214d3ac59d062cc2bef20b
fc2807603767e78da77876102afa767b0ed2266cc8d6f3633d64a0572bcfb211