urlscan.io logo urlscan.io
SecurityTrails logo

clcktrck.com Open in urlscan Pro
3.68.5.1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wetransferpremium.com/?uclick=qde21npmbl&uclickhash=qde21npmbl-qde21npmbl-37-0-pm0-q5sypm-q5ejh9-20c2c6
Effective URL: https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/22c01bf0427f1de78adb9175102766ef57af5e82dc9475f3c3d81a1fc27b5d0...
Submission: On February 06 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 11 domains to perform 15 HTTP transactions. The main IP is 3.68.5.1, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is clcktrck.com. The Cisco Umbrella rank of the primary domain is 211965.
TLS certificate: Issued by R3 on December 28th 2023. Valid for: 3 months.
This is the only time clcktrck.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 72.52.178.23 32244 (LIQUIDWEB)
4 13.248.148.254 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
2 52.54.240.234 14618 (AMAZON-AES)
1 2 52.117.247.211 36351 (SOFTLAYER)
1 52.116.53.146 36351 (SOFTLAYER)
1 2a01:4f8:162:... 24940 (HETZNER-AS)
1 2 116.203.4.24 24940 (HETZNER-AS)
1 2 3.68.5.1 16509 (AMAZON-02)
1 151.101.2.137 ()
15 10
1    72.52.178.23 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com
wetransferpremium.com
4    13.248.148.254 (United States)

ASN16509 (AMAZON-02, US)
PTR: aba1c1ff9d2ec5376.awsglobalaccelerator.com
ww12.wetransferpremium.com
1    2600:9000:20ed:4000:1d:4618:5c80:21 (United States)

ASN16509 (AMAZON-02, US)
d38psrni17bvxu.cloudfront.net
2    52.54.240.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-240-234.compute-1.amazonaws.com
facht-fmm.com
2    52.117.247.211 (United States)

ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com
myckdom.com
p444222.myckdom.com
1    52.116.53.146 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 92.35.7434.ip4.static.sl-reverse.com
clkdeals.com
1    2a01:4f8:162:452::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)
plorexdry.com
2    116.203.4.24 (Tettnang, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.24.4.203.116.clients.your-server.de
buybutwhere.com
2    3.68.5.1 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: portal.noctemque.com
clcktrck.com
1    151.101.2.137 (None, )

ASN- ()
js-agent.newrelic.com
Apex Domain
Subdomains		 Transfer
5 wetransferpremium.com
wetransferpremium.com
ww12.wetransferpremium.com
5 KB
2 clcktrck.com
clcktrck.com — Cisco Umbrella Rank: 211965
22 KB
2 buybutwhere.com
buybutwhere.com — Cisco Umbrella Rank: 563162
19 KB
2 myckdom.com
myckdom.com — Cisco Umbrella Rank: 227980
p444222.myckdom.com
1 KB
2 facht-fmm.com
facht-fmm.com
7 KB
1 newrelic.com
js-agent.newrelic.com
29 KB
1 plorexdry.com
plorexdry.com
613 B
1 clkdeals.com
clkdeals.com — Cisco Umbrella Rank: 308268
197 B
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
2 KB
0 nr-data.net Failed
bam.eu01.nr-data.net Failed
0 newprogrammatic.click Failed
media.newprogrammatic.click Failed
15 11
Domain Requested by
4 ww12.wetransferpremium.com d38psrni17bvxu.cloudfront.net
ww12.wetransferpremium.com
2 clcktrck.com 1 redirects buybutwhere.com
2 buybutwhere.com 1 redirects plorexdry.com
2 facht-fmm.com ww12.wetransferpremium.com
facht-fmm.com
1 js-agent.newrelic.com clcktrck.com
1 plorexdry.com p444222.myckdom.com
1 clkdeals.com p444222.myckdom.com
1 p444222.myckdom.com facht-fmm.com
1 myckdom.com 1 redirects
1 d38psrni17bvxu.cloudfront.net ww12.wetransferpremium.com
1 wetransferpremium.com 1 redirects
0 bam.eu01.nr-data.net Failed clcktrck.com
0 media.newprogrammatic.click Failed
15 13

This site contains no links.

Subject Issuer Validity Valid
*.myckdom.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-20 -
2024-03-20		 a year crt.sh
www.clkdeals.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-18 -
2024-12-29		 a year crt.sh
plorexdry.com
R3		 2023-12-18 -
2024-03-17		 3 months crt.sh
buybutwhere.com
R3		 2024-02-04 -
2024-05-04		 3 months crt.sh
clcktrck.com
R3		 2023-12-28 -
2024-03-27		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-01-15 -
2025-02-15		 a year crt.sh

This page contains 1 frames:

Frame: https://media.newprogrammatic.click/zclkvisitor/759119d3-c53b-11ee-a607-0aad4c736709/598f28f0-4e3d-11ee-81d4-0a6ab97fcc8d?campaignid=1fc69e70-7e83-11ee-98f6-123f4a2b6bb7&extclickid=cdc54f3640714df93802973e8f1f1714
Frame ID: F17C1A9080385A92C7BAADB3DB359873
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://wetransferpremium.com/?uclick=qde21npmbl&uclickhash=qde21npmbl-qde21npmbl-37-0-pm0-q5sypm-q5ejh9-2... HTTP 302
    http://ww12.wetransferpremium.com/?uclick=qde21npmbl&uclickhash=qde21npmbl-qde21npmbl-37-0-pm0-q5sypm-q5ejh9-2... Page URL
  2. http://facht-fmm.com/zclkvisitor/731851a0-c53b-11ee-b818-0a26d77d996b/85aefdc2-9ed0-48aa-922d-60f... Page URL
  3. http://facht-fmm.com/zclkredirect?visitid=731851a0-c53b-11ee-b818-0a26d77d996b&type=js&browserWid... Page URL
  4. https://myckdom.com/aS/feedclick?s=xBdFjItUBs8l84p0biKs3o8uDhK_8R6jVWykoKzGRpwYsbNsDmArcILUfaDR_... HTTP 302
    https://p444222.myckdom.com/adServe/domainClick?ai=IvYkF1H4zHbS7C7myPb_DepYzOUuOD8oC8CM5tQNi93kHHbVTbgH6... Page URL
  5. https://plorexdry.com/r/b?s=425144408&s2=RO+Services+Telecom+Web+Design+%26+Development+Web+Affili... Page URL
  6. https://buybutwhere.com/buy/with/am4/in?store=zoomget.com&nid=51&sid1=ac987d9c021a5efc6c35820408a24b... HTTP 302
    https://buybutwhere.com/buy/in?store=zoomget.com Page URL
  7. https://clcktrck.com/us/s/red_u_plain.php?t=direct&s=2619&pub=5&sub=am4238f11aae4daefb4fd2db7100c... HTTP 302
    https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/22c01bf0427f1de78adb9175102766ef57af5e82dc9... Page URL

Page Statistics

15
Requests

40 %
HTTPS

20 %
IPv6

11
Domains

13
Subdomains

10
IPs

2
Countries

84 kB
Transfer

208 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wetransferpremium.com/?uclick=qde21npmbl&uclickhash=qde21npmbl-qde21npmbl-37-0-pm0-q5sypm-q5ejh9-20c2c6 HTTP 302
    http://ww12.wetransferpremium.com/?uclick=qde21npmbl&uclickhash=qde21npmbl-qde21npmbl-37-0-pm0-q5sypm-q5ejh9-20c2c6&usid=17&utid=30490323960 Page URL
  2. http://facht-fmm.com/zclkvisitor/731851a0-c53b-11ee-b818-0a26d77d996b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=73301f62-c53b-11ee-b818-0a26d77d996b Page URL
  3. http://facht-fmm.com/zclkredirect?visitid=731851a0-c53b-11ee-b818-0a26d77d996b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected%20%20%20%20%20%20%20%20=false&usingEventListener=true Page URL
  4. https://myckdom.com/aS/feedclick?s=xBdFjItUBs8l84p0biKs3o8uDhK_8R6jVWykoKzGRpwYsbNsDmArcILUfaDR__NeVVH-ImtJpPaG_Nh80WMmwqfTqqBykvhwncn2dNnoElK5YpYs62H3TFnLXpC25qhjphn_x0BlwTgwt6QWV9axOl8GNGGraCko4uWPid2k_ULJLJS9JEXkbmu1YxIca0iVd0_By-xp7GPhmBS-58OGxgpLqIom1mSxE5QxWqWEHQ-L1S0CoI05VkrBt36QjRdipEcpFGFxdB7izdIm0qtRPrUiiHl-eaypKdlIJ1sbzK4xOvytFjAVQ4WoD1a9MwS0H9urngZVtL44YasPSpyvDHzVETC71uLm1lMMx6qcA2JCdjhhmO_r_dvLhDWW8WqHPWica_2BsOXAg8p7Z-OwYvOazP4_DeZQxA_7VYJ7P3c2TqLAfGZcLtjAxdByvxfibJAUeF4RVP2IY4i7qDlxZg633_xfCnJxpPgRx4YJnVZe7wu8wLKtU7B6Y6VvdLabsMivsKPEa2m8BJ0u6oV2ipEvTdcobhpzwt4eqtLMJQXg073MMLdXmtEb4C811Ih1WaiKn3OY9ND_CznBnsptnuOapmyO-1usz4-lpJjnNFF7iR53u3iZro_Vxa-FXD_nmm3DQfpi6Xyhazl20RWLWZSvcYm7J2nJCvUMksj1mp8K1WhJDwMWRB7u7B7IvuHTpLEursZ0RAiGZ27UqFB2YJzKmQrMLIhxEr-oPV38d_oH_3kvLjyE2P1Vni91VBn20NGOalszWl4U99AdHxKit69e9Bx_FYW4NxGSz2IJiaNqtIKut2CcCUBNcNsn4-fRfeDZS13rx2roEA9Pd-Zj9PCMDW4IxwLXmacWLVgYVbU54VpRKjgySAeb-Apx6pEUuYw6RhE-hDUy06a4JeSsJ8XUtKHw4ytQxo2RuPXYi1ntKO4Q6QYxJyfQ1MUL7FcOtewB_jsOkToXKZLbNLOQfuHxHeN3pBA4R0_KVFM46y04GBo5qacmvgd1WaBOaby7W7oK-dWINGDdyH0s6CnZkXEx2GBAMMLPeDBEanPsRxxcTQtRPdux7U1T1CZWUCX4yGyWDkl85uKiI8MZMtHi2v37-fJM7zOJjONx3LVFhnyk-iH4-ghlFw3epIYMNcYs3sd27cPOx2gKeHxRP85ce_ym3PMbblisfsMFmROnY0s5jFcpO74AINo8RZVXIFMXKg-tIL1k-QlD-QfICOZmGUPu7Y2xXq4l3o1FpkMo91JHtSGXu6MRQGlv-9QrW5wts7w1YzK3bKzUpIOsgllvU7M4YfEROtEaJaYPqgCBvNF5n_5wzrFXRV8c04W42KCm-IdYR97Ebwr_k0QIIjwDRFR8AvgFZw0edZwsVh_JvbfJhgKGl7q8UizJH7Bg2nTumz1eSTJDKHu63izlalXy2UgSJqvpFhgbrIGMjKvcp7ZBp8l65ppSEf6UwfFsEk9mmBOhsG40TXWjcpBGNxjvyDmMMKiT1gysqVf8fegPLUQzWaEkHi7i9O9GtnDaKSHfuzIjQy-D0d_GIxV2e1cjGw HTTP 302
    https://p444222.myckdom.com/adServe/domainClick?ai=IvYkF1H4zHbS7C7myPb_DepYzOUuOD8oC8CM5tQNi93kHHbVTbgH6VSxBqeMueKc99BR0zSB5CcRODAEEwGEQ7Ya8rrWp55oatozv7RYJ26hYUpW4ltgOat5w42VJMx7Fvmd6sxyOmsbzyF7PsxqXEmblNAPdeexE15yz728krV__W_JMtiNWygu4EAhLehVZan_-uJdGep9wde4Dug0Wu9GtnDaKSHfuzIjQy-D0d_6-J7z7Cr0DTmMMKiT1gysKCl6sHNy6f-oh2NZTk7RHCsu4BXhTxTIjVe5fIIFOUTVCW9UoLTzK2_T5x_FGAdpIKKNlj9I1Bp0zkQJR4Qsl-RCaNkT3qyOnwM9sZtI20k3QkkpNB0KG6OIZhD5UZ8zUEpDz_87JciBp9n2wO8e3QXL0tt9b_p24Wg6c98G2nieKTEQPOdaBRbRh5WhN0Axej_wmAiUbeplkkLEB146pQ&ui=xBdFjItUBs8l84p0biKs3vbWwvziNp_11Mw5XOE4fEJgRQ0mpM225RFlSN3JAsfNbGKuL02M14BSXuzqBNF9UF5470vxtUEWYVjVvgEtuhNOXi6ZHu-FZA&si=1&oref=d945bf35d645c5e09627b3d63ae5e36d&optunit=SkfGynD1gzAMQXSPasiir7Ogl2zrWbEc&rb=ft7t19tsIyg&rr=1&abtg=0 Page URL
  5. https://plorexdry.com/r/b?s=425144408&s2=RO+Services+Telecom+Web+Design+%26+Development+Web+Affiliate+Programs+Internet&s3=447073755 Page URL
  6. https://buybutwhere.com/buy/with/am4/in?store=zoomget.com&nid=51&sid1=ac987d9c021a5efc6c35820408a24b68&url=https%3A%2F%2Fzoomget.com HTTP 302
    https://buybutwhere.com/buy/in?store=zoomget.com Page URL
  7. https://clcktrck.com/us/s/red_u_plain.php?t=direct&s=2619&pub=5&sub=am4238f11aae4daefb4fd2db7100c3b4&uid=4ce8336a-d5a5-4701-becb-283300664d5b&d=https%3A%2F%2Fzoomget.com HTTP 302
    https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/22c01bf0427f1de78adb9175102766ef57af5e82dc9475f3c3d81a1fc27b5d040a3357ad6c3527824575010dd4b4f9f1d476541570dd2ddf62cdd7d72b9a5b06d50ced76cce482796e2336be98cafd7300194aa908698725b8de4e41538d0e81acb3935f8a7d38ec738944121b0b4c75 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://wetransferpremium.com/?uclick=qde21npmbl&uclickhash=qde21npmbl-qde21npmbl-37-0-pm0-q5sypm-q5ejh9-20c2c6 HTTP 302
  • http://ww12.wetransferpremium.com/?uclick=qde21npmbl&uclickhash=qde21npmbl-qde21npmbl-37-0-pm0-q5sypm-q5ejh9-20c2c6&usid=17&utid=30490323960
Request Chain 7
  • https://myckdom.com/aS/feedclick?s=xBdFjItUBs8l84p0biKs3o8uDhK_8R6jVWykoKzGRpwYsbNsDmArcILUfaDR__NeVVH-ImtJpPaG_Nh80WMmwqfTqqBykvhwncn2dNnoElK5YpYs62H3TFnLXpC25qhjphn_x0BlwTgwt6QWV9axOl8GNGGraCko4uWPid2k_ULJLJS9JEXkbmu1YxIca0iVd0_By-xp7GPhmBS-58OGxgpLqIom1mSxE5QxWqWEHQ-L1S0CoI05VkrBt36QjRdipEcpFGFxdB7izdIm0qtRPrUiiHl-eaypKdlIJ1sbzK4xOvytFjAVQ4WoD1a9MwS0H9urngZVtL44YasPSpyvDHzVETC71uLm1lMMx6qcA2JCdjhhmO_r_dvLhDWW8WqHPWica_2BsOXAg8p7Z-OwYvOazP4_DeZQxA_7VYJ7P3c2TqLAfGZcLtjAxdByvxfibJAUeF4RVP2IY4i7qDlxZg633_xfCnJxpPgRx4YJnVZe7wu8wLKtU7B6Y6VvdLabsMivsKPEa2m8BJ0u6oV2ipEvTdcobhpzwt4eqtLMJQXg073MMLdXmtEb4C811Ih1WaiKn3OY9ND_CznBnsptnuOapmyO-1usz4-lpJjnNFF7iR53u3iZro_Vxa-FXD_nmm3DQfpi6Xyhazl20RWLWZSvcYm7J2nJCvUMksj1mp8K1WhJDwMWRB7u7B7IvuHTpLEursZ0RAiGZ27UqFB2YJzKmQrMLIhxEr-oPV38d_oH_3kvLjyE2P1Vni91VBn20NGOalszWl4U99AdHxKit69e9Bx_FYW4NxGSz2IJiaNqtIKut2CcCUBNcNsn4-fRfeDZS13rx2roEA9Pd-Zj9PCMDW4IxwLXmacWLVgYVbU54VpRKjgySAeb-Apx6pEUuYw6RhE-hDUy06a4JeSsJ8XUtKHw4ytQxo2RuPXYi1ntKO4Q6QYxJyfQ1MUL7FcOtewB_jsOkToXKZLbNLOQfuHxHeN3pBA4R0_KVFM46y04GBo5qacmvgd1WaBOaby7W7oK-dWINGDdyH0s6CnZkXEx2GBAMMLPeDBEanPsRxxcTQtRPdux7U1T1CZWUCX4yGyWDkl85uKiI8MZMtHi2v37-fJM7zOJjONx3LVFhnyk-iH4-ghlFw3epIYMNcYs3sd27cPOx2gKeHxRP85ce_ym3PMbblisfsMFmROnY0s5jFcpO74AINo8RZVXIFMXKg-tIL1k-QlD-QfICOZmGUPu7Y2xXq4l3o1FpkMo91JHtSGXu6MRQGlv-9QrW5wts7w1YzK3bKzUpIOsgllvU7M4YfEROtEaJaYPqgCBvNF5n_5wzrFXRV8c04W42KCm-IdYR97Ebwr_k0QIIjwDRFR8AvgFZw0edZwsVh_JvbfJhgKGl7q8UizJH7Bg2nTumz1eSTJDKHu63izlalXy2UgSJqvpFhgbrIGMjKvcp7ZBp8l65ppSEf6UwfFsEk9mmBOhsG40TXWjcpBGNxjvyDmMMKiT1gysqVf8fegPLUQzWaEkHi7i9O9GtnDaKSHfuzIjQy-D0d_GIxV2e1cjGw HTTP 302
  • https://p444222.myckdom.com/adServe/domainClick?ai=IvYkF1H4zHbS7C7myPb_DepYzOUuOD8oC8CM5tQNi93kHHbVTbgH6VSxBqeMueKc99BR0zSB5CcRODAEEwGEQ7Ya8rrWp55oatozv7RYJ26hYUpW4ltgOat5w42VJMx7Fvmd6sxyOmsbzyF7PsxqXEmblNAPdeexE15yz728krV__W_JMtiNWygu4EAhLehVZan_-uJdGep9wde4Dug0Wu9GtnDaKSHfuzIjQy-D0d_6-J7z7Cr0DTmMMKiT1gysKCl6sHNy6f-oh2NZTk7RHCsu4BXhTxTIjVe5fIIFOUTVCW9UoLTzK2_T5x_FGAdpIKKNlj9I1Bp0zkQJR4Qsl-RCaNkT3qyOnwM9sZtI20k3QkkpNB0KG6OIZhD5UZ8zUEpDz_87JciBp9n2wO8e3QXL0tt9b_p24Wg6c98G2nieKTEQPOdaBRbRh5WhN0Axej_wmAiUbeplkkLEB146pQ&ui=xBdFjItUBs8l84p0biKs3vbWwvziNp_11Mw5XOE4fEJgRQ0mpM225RFlSN3JAsfNbGKuL02M14BSXuzqBNF9UF5470vxtUEWYVjVvgEtuhNOXi6ZHu-FZA&si=1&oref=d945bf35d645c5e09627b3d63ae5e36d&optunit=SkfGynD1gzAMQXSPasiir7Ogl2zrWbEc&rb=ft7t19tsIyg&rr=1&abtg=0
Request Chain 10
  • https://buybutwhere.com/buy/with/am4/in?store=zoomget.com&nid=51&sid1=ac987d9c021a5efc6c35820408a24b68&url=https%3A%2F%2Fzoomget.com HTTP 302
  • https://buybutwhere.com/buy/in?store=zoomget.com
Request Chain 12
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/22c01bf0427f1de78adb9175102766ef57af5e82dc9475f3c3d81a1fc27b5d040a3357ad6c3527824575010dd4b4f9f1d476541570dd2ddf62cdd7d72b9a5b06d50ced76cce482796e2336be98cafd7300194aa908698725b8de4e41538d0e81acb3935f8a7d38ec738944121b0b4c75?&m=1 HTTP 302
  • https://media.newprogrammatic.click/zclkvisitor/759119d3-c53b-11ee-a607-0aad4c736709/598f28f0-4e3d-11ee-81d4-0a6ab97fcc8d?campaignid=1fc69e70-7e83-11ee-98f6-123f4a2b6bb7&extclickid=cdc54f3640714df93802973e8f1f1714

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ww12.wetransferpremium.com/
Redirect Chain
  • http://wetransferpremium.com/?uclick=qde21npmbl&uclickhash=qde21npmbl-qde21npmbl-37-0-pm0-q5sypm-q5ejh9-20c2c6
  • http://ww12.wetransferpremium.com/?uclick=qde21npmbl&uclickhash=qde21npmbl-qde21npmbl-37-0-pm0-q5sypm-q5ejh9-20c2c6&usid=17&utid=30490323960
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww12.wetransferpremium.com/?uclick=qde21npmbl&uclickhash=qde21npmbl-qde21npmbl-37-0-pm0-q5sypm-q5ejh9-20c2c6&usid=17&utid=30490323960
Protocol
HTTP/1.1
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash
ff31f381381d6637efb283b1115ab970e76922706bde4fc8cb2f374289fb0487

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-CH
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime
30
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Feb 2024 22:02:42 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Ltc1bUiMgILdzeTycFgFVwilqGeXMmsxIg+wFW9LkeN+vPjJ9XZtDZBXJcgoD9xbP4dRrpybcgZG4IC7teJ+zA==
X-Domain
wetransferpremium.com
X-Redirect
zeropark_zeroclick
X-Subdomain
ww12

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Feb 2024 22:02:39 GMT
Location
http://ww12.wetransferpremium.com/?uclick=qde21npmbl&uclickhash=qde21npmbl-qde21npmbl-37-0-pm0-q5sypm-q5ejh9-20c2c6&usid=17&utid=30490323960
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By
PHP/5.4.16
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: ww12.wetransferpremium.com
URL: http://ww12.wetransferpremium.com/?uclick=qde21npmbl&uclickhash=qde21npmbl-qde21npmbl-37-0-pm0-q5sypm-q5ejh9-20c2c6&usid=17&utid=30490323960
Protocol
HTTP/1.1
Server
2600:9000:20ed:4000:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ww12.wetransferpremium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 23:52:49 GMT
Via
1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 11:12:07 GMT
Server
nginx
X-Amz-Cf-Pop
PHL50-C1
Age
79793
ETag
"63ce6b87-448"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1096
X-Amz-Cf-Id
E0-Oz_1B3h0Op16vq0rDul41uq9MxG2lcBXSYLm8y3dx9ojZsWtnSw==
track.php
ww12.wetransferpremium.com/ 		0
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww12.wetransferpremium.com/track.php?domain=wetransferpremium.com&toggle=browserjs&uid=MTcwNzI1Njk2MS45MTQyOjM3ODFkODM1ZTIzMDc0MWQxMjIwMGM4OWI5Y2I0MDNjNWNiMzM5OTQxNTk1MTUzZTIyZjA2MWU0ZTNiNTlhMDY6NjVjMmFjODFkZjMyMQ%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ww12.wetransferpremium.com/?uclick=qde21npmbl&uclickhash=qde21npmbl-qde21npmbl-37-0-pm0-q5sypm-q5ejh9-20c2c6&usid=17&utid=30490323960
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Tue, 06 Feb 2024 22:02:42 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
browserjs
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
Connection
keep-alive
ls.php
ww12.wetransferpremium.com/ 		16 B
865 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww12.wetransferpremium.com/ls.php?t=65c2ac82&token=c9f7267d3ecfe0a51b7e21b96d8a6cb1eff6dd3e
Requested by
Host: ww12.wetransferpremium.com
URL: http://ww12.wetransferpremium.com/?uclick=qde21npmbl&uclickhash=qde21npmbl-qde21npmbl-37-0-pm0-q5sypm-q5ejh9-20c2c6&usid=17&utid=30490323960
Protocol
HTTP/1.1
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ww12.wetransferpremium.com/?uclick=qde21npmbl&uclickhash=qde21npmbl-qde21npmbl-37-0-pm0-q5sypm-q5ejh9-20c2c6&usid=17&utid=30490323960
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Tue, 06 Feb 2024 22:02:42 GMT
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding
chunked
Accept-CH-Lifetime
30
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Methods
POST, OPTIONS
Charset
utf-8
Access-Control-Max-Age
86400
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_uN/yzU0d+9CtSf6S9oFf9ijS8ZXw+cRcJz2ySRKzTosR9q7WstWZVmIHl+kuWO7VR3LZZMVPt7SWfVMcKobLLg==
Connection
keep-alive
track.php
ww12.wetransferpremium.com/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww12.wetransferpremium.com/track.php?click=9ac3a187ad674b5edde29d56902a529ac458724c&domain=wetransferpremium.com&uid=MTcwNzI1Njk2MS45MTQyOjM3ODFkODM1ZTIzMDc0MWQxMjIwMGM4OWI5Y2I0MDNjNWNiMzM5OTQxNTk1MTUzZTIyZjA2MWU0ZTNiNTlhMDY6NjVjMmFjODFkZjMyMQ%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NWMyYWM4MWRmMmQ0fHx8MTcwNzI1Njk2Mi4xNzM5fDkxNTE3ZWVmYmYwMmYwMmQ4MTY2NWYwODJiMTNkZDVkMDE0ZDIwN2J8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxjOWY3MjY3ZDNlY2ZlMGE1MWI3ZTIxYjk2ZDhhNmNiMWVmZjZkZDNlfDB8fDB8MHx8&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ww12.wetransferpremium.com/?uclick=qde21npmbl&uclickhash=qde21npmbl-qde21npmbl-37-0-pm0-q5sypm-q5ejh9-20c2c6&usid=17&utid=30490323960
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Tue, 06 Feb 2024 22:02:42 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
none
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
X-View-Match
true
Connection
keep-alive
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
facht-fmm.com/zclkvisitor/731851a0-c53b-11ee-b818-0a26d77d996b/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://facht-fmm.com/zclkvisitor/731851a0-c53b-11ee-b818-0a26d77d996b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=73301f62-c53b-11ee-b818-0a26d77d996b
Requested by
Host: ww12.wetransferpremium.com
URL: http://ww12.wetransferpremium.com/?uclick=qde21npmbl&uclickhash=qde21npmbl-qde21npmbl-37-0-pm0-q5sypm-q5ejh9-20c2c6&usid=17&utid=30490323960
Protocol
HTTP/1.1
Server
52.54.240.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-240-234.compute-1.amazonaws.com
Software
hCxvBEBB /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://ww12.wetransferpremium.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Tue, 06 Feb 2024 22:02:42 GMT
Server
hCxvBEBB
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
zclkredirect
facht-fmm.com/ 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://facht-fmm.com/zclkredirect?visitid=731851a0-c53b-11ee-b818-0a26d77d996b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected%20%20%20%20%20%20%20%20=false&usingEventListener=true
Requested by
Host: facht-fmm.com
URL: http://facht-fmm.com/zclkvisitor/731851a0-c53b-11ee-b818-0a26d77d996b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=73301f62-c53b-11ee-b818-0a26d77d996b
Protocol
HTTP/1.1
Server
52.54.240.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-240-234.compute-1.amazonaws.com
Software
brWWUXKe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://facht-fmm.com/zclkvisitor/731851a0-c53b-11ee-b818-0a26d77d996b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=73301f62-c53b-11ee-b818-0a26d77d996b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Tue, 06 Feb 2024 22:02:42 GMT
Server
brWWUXKe
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
redirected
JS
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
domainClick
p444222.myckdom.com/adServe/
Redirect Chain
  • https://myckdom.com/aS/feedclick?s=xBdFjItUBs8l84p0biKs3o8uDhK_8R6jVWykoKzGRpwYsbNsDmArcILUfaDR__NeVVH-ImtJpPaG_Nh80WMmwqfTqqBykvhwncn2dNnoElK5YpYs62H3TFnLXpC25qhjphn_x0BlwTgwt6QWV9axOl8GNGGraCko4u...
  • https://p444222.myckdom.com/adServe/domainClick?ai=IvYkF1H4zHbS7C7myPb_DepYzOUuOD8oC8CM5tQNi93kHHbVTbgH6VSxBqeMueKc99BR0zSB5CcRODAEEwGEQ7Ya8rrWp55oatozv7RYJ26hYUpW4ltgOat5w42VJMx7Fvmd6sxyOmsbzyF7Ps...
721 B
757 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p444222.myckdom.com/adServe/domainClick?ai=IvYkF1H4zHbS7C7myPb_DepYzOUuOD8oC8CM5tQNi93kHHbVTbgH6VSxBqeMueKc99BR0zSB5CcRODAEEwGEQ7Ya8rrWp55oatozv7RYJ26hYUpW4ltgOat5w42VJMx7Fvmd6sxyOmsbzyF7PsxqXEmblNAPdeexE15yz728krV__W_JMtiNWygu4EAhLehVZan_-uJdGep9wde4Dug0Wu9GtnDaKSHfuzIjQy-D0d_6-J7z7Cr0DTmMMKiT1gysKCl6sHNy6f-oh2NZTk7RHCsu4BXhTxTIjVe5fIIFOUTVCW9UoLTzK2_T5x_FGAdpIKKNlj9I1Bp0zkQJR4Qsl-RCaNkT3qyOnwM9sZtI20k3QkkpNB0KG6OIZhD5UZ8zUEpDz_87JciBp9n2wO8e3QXL0tt9b_p24Wg6c98G2nieKTEQPOdaBRbRh5WhN0Axej_wmAiUbeplkkLEB146pQ&ui=xBdFjItUBs8l84p0biKs3vbWwvziNp_11Mw5XOE4fEJgRQ0mpM225RFlSN3JAsfNbGKuL02M14BSXuzqBNF9UF5470vxtUEWYVjVvgEtuhNOXi6ZHu-FZA&si=1&oref=d945bf35d645c5e09627b3d63ae5e36d&optunit=SkfGynD1gzAMQXSPasiir7Ogl2zrWbEc&rb=ft7t19tsIyg&rr=1&abtg=0
Requested by
Host: facht-fmm.com
URL: http://facht-fmm.com/zclkredirect?visitid=731851a0-c53b-11ee-b818-0a26d77d996b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected%20%20%20%20%20%20%20%20=false&usingEventListener=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.117.247.211 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
d3.f7.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
ed6304863a0e3350304221f5825c1d8d204d204ad882f9e57c7c1421d983fd2f

Request headers

Referer
http://facht-fmm.com/zclkredirect?visitid=731851a0-c53b-11ee-b818-0a26d77d996b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected%20%20%20%20%20%20%20%20=false&usingEventListener=true
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Tue, 06 Feb 2024 22:02:43 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
0
date
Tue, 06 Feb 2024 22:02:43 GMT
location
https://p444222.myckdom.com/adServe/domainClick?ai=IvYkF1H4zHbS7C7myPb_DepYzOUuOD8oC8CM5tQNi93kHHbVTbgH6VSxBqeMueKc99BR0zSB5CcRODAEEwGEQ7Ya8rrWp55oatozv7RYJ26hYUpW4ltgOat5w42VJMx7Fvmd6sxyOmsbzyF7PsxqXEmblNAPdeexE15yz728krV__W_JMtiNWygu4EAhLehVZan_-uJdGep9wde4Dug0Wu9GtnDaKSHfuzIjQy-D0d_6-J7z7Cr0DTmMMKiT1gysKCl6sHNy6f-oh2NZTk7RHCsu4BXhTxTIjVe5fIIFOUTVCW9UoLTzK2_T5x_FGAdpIKKNlj9I1Bp0zkQJR4Qsl-RCaNkT3qyOnwM9sZtI20k3QkkpNB0KG6OIZhD5UZ8zUEpDz_87JciBp9n2wO8e3QXL0tt9b_p24Wg6c98G2nieKTEQPOdaBRbRh5WhN0Axej_wmAiUbeplkkLEB146pQ&ui=xBdFjItUBs8l84p0biKs3vbWwvziNp_11Mw5XOE4fEJgRQ0mpM225RFlSN3JAsfNbGKuL02M14BSXuzqBNF9UF5470vxtUEWYVjVvgEtuhNOXi6ZHu-FZA&si=1&oref=d945bf35d645c5e09627b3d63ae5e36d&optunit=SkfGynD1gzAMQXSPasiir7Ogl2zrWbEc&rb=ft7t19tsIyg&rr=1&abtg=0
server
nginx
track
clkdeals.com/adServe/ 		49 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clkdeals.com/adServe/track?subid=90787641414&prdid=2750&price=0
Requested by
Host: p444222.myckdom.com
URL: https://p444222.myckdom.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.116.53.146 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
92.35.7434.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 22:02:43 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
b
plorexdry.com/r/ 		337 B
613 B 		Document
General
Check archive.org
Download Go to
Full URL
https://plorexdry.com/r/b?s=425144408&s2=RO+Services+Telecom+Web+Design+%26+Development+Web+Affiliate+Programs+Internet&s3=447073755
Requested by
Host: p444222.myckdom.com
URL: https://p444222.myckdom.com/adServe/domainClick?ai=IvYkF1H4zHbS7C7myPb_DepYzOUuOD8oC8CM5tQNi93kHHbVTbgH6VSxBqeMueKc99BR0zSB5CcRODAEEwGEQ7Ya8rrWp55oatozv7RYJ26hYUpW4ltgOat5w42VJMx7Fvmd6sxyOmsbzyF7PsxqXEmblNAPdeexE15yz728krV__W_JMtiNWygu4EAhLehVZan_-uJdGep9wde4Dug0Wu9GtnDaKSHfuzIjQy-D0d_6-J7z7Cr0DTmMMKiT1gysKCl6sHNy6f-oh2NZTk7RHCsu4BXhTxTIjVe5fIIFOUTVCW9UoLTzK2_T5x_FGAdpIKKNlj9I1Bp0zkQJR4Qsl-RCaNkT3qyOnwM9sZtI20k3QkkpNB0KG6OIZhD5UZ8zUEpDz_87JciBp9n2wO8e3QXL0tt9b_p24Wg6c98G2nieKTEQPOdaBRbRh5WhN0Axej_wmAiUbeplkkLEB146pQ&ui=xBdFjItUBs8l84p0biKs3vbWwvziNp_11Mw5XOE4fEJgRQ0mpM225RFlSN3JAsfNbGKuL02M14BSXuzqBNF9UF5470vxtUEWYVjVvgEtuhNOXi6ZHu-FZA&si=1&oref=d945bf35d645c5e09627b3d63ae5e36d&optunit=SkfGynD1gzAMQXSPasiir7Ogl2zrWbEc&rb=ft7t19tsIyg&rr=1&abtg=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:162:452::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache/2.4.37 (CentOS Stream) OpenSSL/1.1.1k /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Feb 2024 22:02:44 GMT
Keep-Alive
timeout=5, max=100
Referrer-Policy
no-referrer
Server
Apache/2.4.37 (CentOS Stream) OpenSSL/1.1.1k
Transfer-Encoding
chunked
in
buybutwhere.com/buy/
Redirect Chain
  • https://buybutwhere.com/buy/with/am4/in?store=zoomget.com&nid=51&sid1=ac987d9c021a5efc6c35820408a24b68&url=https%3A%2F%2Fzoomget.com
  • https://buybutwhere.com/buy/in?store=zoomget.com
56 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buybutwhere.com/buy/in?store=zoomget.com
Requested by
Host: plorexdry.com
URL: https://plorexdry.com/r/b?s=425144408&s2=RO+Services+Telecom+Web+Design+%26+Development+Web+Affiliate+Programs+Internet&s3=447073755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
116.203.4.24 Tettnang, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.24.4.203.116.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

Referer
https://plorexdry.com/r/b?s=425144408&s2=RO+Services+Telecom+Web+Design+%26+Development+Web+Affiliate+Programs+Internet&s3=447073755
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Feb 2024 22:02:45 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Tue, 06 Feb 2024 22:02:45 GMT
location
https://buybutwhere.com/buy/in?store=zoomget.com
referrer-policy
no-referrer
server
nginx
Primary Request 22c01bf0427f1de78adb9175102766ef57af5e82dc9475f3c3d81a1fc27b5d040a3357ad6c3527824575010dd4b4f9f1d476541570dd2ddf62cdd7d72b9a5b06d50ced76cce482796e2336be98cafd7300194aa908698725b8de4e41538d0e81acb39...
clcktrck.com/3340b07f6352b061e0908fa0e76668dc/
Redirect Chain
  • https://clcktrck.com/us/s/red_u_plain.php?t=direct&s=2619&pub=5&sub=am4238f11aae4daefb4fd2db7100c3b4&uid=4ce8336a-d5a5-4701-becb-283300664d5b&d=https%3A%2F%2Fzoomget.com
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/22c01bf0427f1de78adb9175102766ef57af5e82dc9475f3c3d81a1fc27b5d040a3357ad6c3527824575010dd4b4f9f1d476541570dd2ddf62cdd7d72b9a5b06d50ced76cce4827...
55 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/22c01bf0427f1de78adb9175102766ef57af5e82dc9475f3c3d81a1fc27b5d040a3357ad6c3527824575010dd4b4f9f1d476541570dd2ddf62cdd7d72b9a5b06d50ced76cce482796e2336be98cafd7300194aa908698725b8de4e41538d0e81acb3935f8a7d38ec738944121b0b4c75
Requested by
Host: buybutwhere.com
URL: https://buybutwhere.com/buy/in?store=zoomget.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.68.5.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
portal.noctemque.com
Software
nginx /
Resource Hash
4b1c504c446f92c032156cedb74a9a87883f4a63d18285b4c62a0242dacfee05

Request headers

Referer
https://buybutwhere.com/buy/in?store=zoomget.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, private max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Feb 2024 22:02:47 GMT
expires
Thu, 1 Jan 1970 00:00:00 GMT
pragma
no-cache
referrer-policy
origin
server
nginx
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, private max-age=0, no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
date
Tue, 06 Feb 2024 22:02:46 GMT
expires
Thu, 1 Jan 1970 00:00:00 GMT
location
https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/22c01bf0427f1de78adb9175102766ef57af5e82dc9475f3c3d81a1fc27b5d040a3357ad6c3527824575010dd4b4f9f1d476541570dd2ddf62cdd7d72b9a5b06d50ced76cce482796e2336be98cafd7300194aa908698725b8de4e41538d0e81acb3935f8a7d38ec738944121b0b4c75
pragma
no-cache
referrer-policy
origin
server
nginx
nr-spa-1.251.1.min.js
js-agent.newrelic.com/ 		87 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1.251.1.min.js
Requested by
Host: clcktrck.com
URL: https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/22c01bf0427f1de78adb9175102766ef57af5e82dc9475f3c3d81a1fc27b5d040a3357ad6c3527824575010dd4b4f9f1d476541570dd2ddf62cdd7d72b9a5b06d50ced76cce482796e2336be98cafd7300194aa908698725b8de4e41538d0e81acb3935f8a7d38ec738944121b0b4c75
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://clcktrck.com/
Origin
https://clcktrck.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
OhDO3B1C4AxTz_s5RAKQ44ag5.sMIaKK
content-encoding
br
via
1.1 varnish
date
Tue, 06 Feb 2024 22:02:47 GMT
strict-transport-security
max-age=300
x-amz-request-id
4KN9SHKVCHPTW8QG
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
29260
x-amz-id-2
ktUOJpyQh8wfjD4xY8JEB3ZdqMjZVa0cFE6PuT2bf0j5stCJmSsCAryHMkHr0BPuOq4lQH4LBwY=
x-served-by
cache-ewr18175-EWR
last-modified
Mon, 29 Jan 2024 21:25:17 GMT
server
AmazonS3
x-timer
S1707256967.355341,VS0,VE0
etag
"74bb5562421fc11ec1e50cd70dd234d5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
229800
598f28f0-4e3d-11ee-81d4-0a6ab97fcc8d
media.newprogrammatic.click/zclkvisitor/759119d3-c53b-11ee-a607-0aad4c736709/
Redirect Chain
  • https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/22c01bf0427f1de78adb9175102766ef57af5e82dc9475f3c3d81a1fc27b5d040a3357ad6c3527824575010dd4b4f9f1d476541570dd2ddf62cdd7d72b9a5b06d50ced76cce4827...
  • https://media.newprogrammatic.click/zclkvisitor/759119d3-c53b-11ee-a607-0aad4c736709/598f28f0-4e3d-11ee-81d4-0a6ab97fcc8d?campaignid=1fc69e70-7e83-11ee-98f6-123f4a2b6bb7&extclickid=cdc54f3640714df9...
0
0
NRJS-f9fc585c87dfd7b0710
bam.eu01.nr-data.net/1/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
media.newprogrammatic.click
URL
https://media.newprogrammatic.click/zclkvisitor/759119d3-c53b-11ee-a607-0aad4c736709/598f28f0-4e3d-11ee-81d4-0a6ab97fcc8d?campaignid=1fc69e70-7e83-11ee-98f6-123f4a2b6bb7&extclickid=cdc54f3640714df93802973e8f1f1714
Domain
bam.eu01.nr-data.net
URL
https://bam.eu01.nr-data.net/1/NRJS-f9fc585c87dfd7b0710?a=431133262&v=1.251.1&to=MhBSZQoZXhYCARBQWAtacVIMEV8LTBcKUlkKAl4%3D&rst=2086&ck=0&s=a6dbf882d3322500&ref=https://clcktrck.com/3340b07f6352b061e0908fa0e76668dc/22c01bf0427f1de78adb9175102766ef57af5e82dc9475f3c3d81a1fc27b5d040a3357ad6c3527824575010dd4b4f9f1d476541570dd2ddf62cdd7d72b9a5b06d50ced76cce482796e2336be98cafd7300194aa908698725b8de4e41538d0e81acb3935f8a7d38ec738944121b0b4c75&hr=0&af=err,xhr,stn,ins,spa&ap=5&be=1796&fe=28&dc=26&at=HldRE0IDTRg%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1707256965318,%22n%22:0,%22r%22:0,%22re%22:1574,%22f%22:1574,%22dn%22:1574,%22dne%22:1574,%22c%22:1574,%22s%22:1574,%22ce%22:1574,%22rq%22:1575,%22rp%22:1796,%22rpe%22:1799,%22di%22:1822,%22ds%22:1822,%22de%22:1822,%22dc%22:1822,%22l%22:1822,%22le%22:1824%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=1824&fcp=1824

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
.myckdom.com/ Name: rhid
Value: 83724519851
.myckdom.com/ Name: loi
Value: ad_1808163_off_1250729_aff_15952_cid_444222-13753013133_ts_1707256963