urlscan.io logo urlscan.io
SecurityTrails logo

www.bangalerts.com Open in urlscan Pro
2606:4700:30::681c:111a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ifyoura4datea10.appspot.com/t7VCMvX_jqGxInURApUSEcYCEkYhgcWCAyURMiURMfGhInYRDqJBbrVuQ1WSLqY94tGuXyIhL0JOgcGxPqUxQtTSEfWhglXx...
Effective URL: https://www.bangalerts.com/x/be/h45gg/?cep=PCckEHstIG9RTDH_70vCJSfhjoN8aHYNsCQELG55q00M0zTajLTe-WFnvsC-qEesFd4jpwyHK8yiQFz6...
Submission: On July 31 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 12 domains to perform 23 HTTP transactions. The main IP is 2606:4700:30::681c:111a, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.bangalerts.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 1st 2019. Valid for: a year.
This is the only time www.bangalerts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a00:1450:400... 15169 (GOOGLE)
1 35.197.52.214 15169 (GOOGLE)
2 3.18.227.114 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 52.49.160.253 16509 (AMAZON-02)
1 1 3.120.230.228 16509 (AMAZON-02)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
23 7
1    2a00:1450:4001:81c::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ifyoura4datea10.appspot.com
1    35.197.52.214 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 214.52.197.35.bc.googleusercontent.com
cleaneratrivialqwedgedd.club
2    3.18.227.114 (Columbus, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-18-227-114.us-east-2.compute.amazonaws.com
lltrk1.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
3    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    52.49.160.253 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-49-160-253.eu-west-1.compute.amazonaws.com
www.heywhatsup.xyz
1    3.120.230.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-120-230-228.eu-central-1.compute.amazonaws.com
x.bangalerts.com
1    2606:4700:30::681c:111a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.bangalerts.com
Domain Requested by
3 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
2 lltrk1.com cleaneratrivialqwedgedd.club
lltrk1.com
1 www.bangalerts.com lltrk1.com
www.bangalerts.com
1 x.bangalerts.com 1 redirects
1 www.heywhatsup.xyz 1 redirects
1 www.google.de
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com lltrk1.com
1 cleaneratrivialqwedgedd.club
1 ifyoura4datea10.appspot.com 1 redirects
0 ajax.googleapis.com Failed www.bangalerts.com
0 cdn-dt.fcdn.info Failed www.bangalerts.com
23 13

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
Google Internet Authority G3		 2019-07-02 -
2019-09-24		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2019-07-02 -
2019-09-24		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-04-01 -
2020-04-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.bangalerts.com/x/be/h45gg/?cep=PCckEHstIG9RTDH_70vCJSfhjoN8aHYNsCQELG55q00M0zTajLTe-WFnvsC-qEesFd4jpwyHK8yiQFz6z-adpbELO_gfYxVe0vdRDZm44jRK9pwsR0iT0CjdbOzOFwC0IwUiEZAX1NCwl6a9IM7pTPyavEE_daXJ6Fbe6kAs3R-iRTwA14VcF0627iP8yZ350TWd_ODMhpyvy4BVx7nFVNhPVpki_GFXQXRWTvoqkyhxhFltUlNSwSRauAdAHKXz1uUxqdTJ--Mf5mHVk6iS-lmJOqJSAlitMjEulVgfazpAb_tfZw6WOe1jeB0hl71KXDa-Dj3jMaCXmAh6ESMiPA&lptoken=1506646d617a915d04cd&source=5006&pub=362&source2=1150
Frame ID: 7E088E429C0ADD88DE6F2BFB9E8A7E76
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ifyoura4datea10.appspot.com/t7VCMvX_jqGxInURApUSEcYCEkYhgcWCAyURMiURMfGhInYRDqJBbrVuQ1WSLqY94tGuXyIhL0JO... HTTP 302
    http://cleaneratrivialqwedgedd.club/8h0k5zmt/t/r/776d999a/e/gerardnijskens4@hotmail.com/s/71912-A00678026,%7B$mv... Page URL
  2. http://lltrk1.com/smart.track?VID=1&AFID=21845&PERK=gerardnijskens4@hotmail.com&SID=y Page URL
  3. http://lltrk1.com/sanitize.go?url=http%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D1045%26... Page URL
  4. http://www.heywhatsup.xyz/aff_c?offer_id=1045&aff_id=1150 HTTP 302
    https://x.bangalerts.com/feb77b8d-383a-48a4-b764-da90a18f88de?source=5006&pub=362&source2=1150 HTTP 302
    https://www.bangalerts.com/x/be/h45gg/?cep=PCckEHstIG9RTDH_70vCJSfhjoN8aHYNsCQELG55q00M0zTajLTe-WFnvsC-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

23
Requests

22 %
HTTPS

64 %
IPv6

12
Domains

13
Subdomains

7
IPs

4
Countries

91 kB
Transfer

165 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ifyoura4datea10.appspot.com/t7VCMvX_jqGxInURApUSEcYCEkYhgcWCAyURMiURMfGhInYRDqJBbrVuQ1WSLqY94tGuXyIhL0JOgcGxPqUxQtTSEfWhglXxogWiHvLBcqYBwcVRrpTx4oGyHqIu=0HODoLO7rIeXzH_DxGCnfWSU4G7 HTTP 302
    http://cleaneratrivialqwedgedd.club/8h0k5zmt/t/r/776d999a/e/gerardnijskens4@hotmail.com/s/71912-A00678026,%7B$mv%7D, Page URL
  2. http://lltrk1.com/smart.track?VID=1&AFID=21845&PERK=gerardnijskens4@hotmail.com&SID=y Page URL
  3. http://lltrk1.com/sanitize.go?url=http%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D1045%26aff_id%3D1150 Page URL
  4. http://www.heywhatsup.xyz/aff_c?offer_id=1045&aff_id=1150 HTTP 302
    https://x.bangalerts.com/feb77b8d-383a-48a4-b764-da90a18f88de?source=5006&pub=362&source2=1150 HTTP 302
    https://www.bangalerts.com/x/be/h45gg/?cep=PCckEHstIG9RTDH_70vCJSfhjoN8aHYNsCQELG55q00M0zTajLTe-WFnvsC-qEesFd4jpwyHK8yiQFz6z-adpbELO_gfYxVe0vdRDZm44jRK9pwsR0iT0CjdbOzOFwC0IwUiEZAX1NCwl6a9IM7pTPyavEE_daXJ6Fbe6kAs3R-iRTwA14VcF0627iP8yZ350TWd_ODMhpyvy4BVx7nFVNhPVpki_GFXQXRWTvoqkyhxhFltUlNSwSRauAdAHKXz1uUxqdTJ--Mf5mHVk6iS-lmJOqJSAlitMjEulVgfazpAb_tfZw6WOe1jeB0hl71KXDa-Dj3jMaCXmAh6ESMiPA&lptoken=1506646d617a915d04cd&source=5006&pub=362&source2=1150 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ifyoura4datea10.appspot.com/t7VCMvX_jqGxInURApUSEcYCEkYhgcWCAyURMiURMfGhInYRDqJBbrVuQ1WSLqY94tGuXyIhL0JOgcGxPqUxQtTSEfWhglXxogWiHvLBcqYBwcVRrpTx4oGyHqIu=0HODoLO7rIeXzH_DxGCnfWSU4G7 HTTP 302
  • http://cleaneratrivialqwedgedd.club/8h0k5zmt/t/r/776d999a/e/gerardnijskens4@hotmail.com/s/71912-A00678026,%7B$mv%7D,
Request Chain 7
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1904661023&t=pageview&_s=1&dl=http%3A%2F%2Flltrk1.com%2Fsmart.track%3FVID%3D1%26AFID%3D21845%26PERK%3Dgerardnijskens4%40hotmail.com%26SID%3Dy&dr=http%3A%2F%2Fcleaneratrivialqwedgedd.club%2F8h0k5zmt%2Ft%2Fr%2F776d999a%2Fe%2Fgerardnijskens4%40hotmail.com%2Fs%2F71912-A00678026%2C%257B%24mv%257D%2C&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=oGBAAUAB~&jid=183455701&gjid=964266372&cid=1667498445.1564617297&tid=UA-109215160-2&_gid=487860764.1564617297&_r=1&gtm=2ou7o0&z=497175998 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109215160-2&cid=1667498445.1564617297&jid=183455701&_gid=487860764.1564617297&gjid=964266372&_v=j77&z=497175998 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=1667498445.1564617297&jid=183455701&_v=j77&z=497175998 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=1667498445.1564617297&jid=183455701&_v=j77&z=497175998&slf_rd=1&random=2883631516

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
71912-A00678026,%7B$mv%7D,
cleaneratrivialqwedgedd.club/8h0k5zmt/t/r/776d999a/e/gerardnijskens4@hotmail.com/s/
Redirect Chain
  • https://ifyoura4datea10.appspot.com/t7VCMvX_jqGxInURApUSEcYCEkYhgcWCAyURMiURMfGhInYRDqJBbrVuQ1WSLqY94tGuXyIhL0JOgcGxPqUxQtTSEfWhglXxogWiHvLBcqYBwcVRrpTx4oGyHqIu=0HODoLO7rIeXzH_DxGCnfWSU4G7
  • http://cleaneratrivialqwedgedd.club/8h0k5zmt/t/r/776d999a/e/gerardnijskens4@hotmail.com/s/71912-A00678026,%7B$mv%7D,
44 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cleaneratrivialqwedgedd.club/8h0k5zmt/t/r/776d999a/e/gerardnijskens4@hotmail.com/s/71912-A00678026,%7B$mv%7D,
Protocol
HTTP/1.1
Server
35.197.52.214 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.52.197.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
f88cb8813664c404efb7046adacad7d131597b30310147a5f97c66df7b0ba69d

Request headers

Host
cleaneratrivialqwedgedd.club
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 31 Jul 2019 23:54:53 GMT
content-type
text/html; charset=UTF-8
content-length
44856
connection
close
server
Apache

Redirect headers

status
302
location
http://cleaneratrivialqwedgedd.club/8h0k5zmt/t/r/776d999a/e/gerardnijskens4@hotmail.com/s/71912-A00678026,{$mv},
content-type
text/html
x-cloud-trace-context
0a496e07ad33f01c401f4246e658bc05
date
Wed, 31 Jul 2019 23:54:53 GMT
server
Google Frontend
content-length
0
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
fp.php
cleaneratrivialqwedgedd.club/images/ 		0
0
smart.track
lltrk1.com/ 		794 B
951 B 		Document
General
Check archive.org
Download Go to
Full URL
http://lltrk1.com/smart.track?VID=1&AFID=21845&PERK=gerardnijskens4@hotmail.com&SID=y
Requested by
Host: cleaneratrivialqwedgedd.club
URL: http://cleaneratrivialqwedgedd.club/8h0k5zmt/t/r/776d999a/e/gerardnijskens4@hotmail.com/s/71912-A00678026,%7B$mv%7D,
Protocol
HTTP/1.1
Server
3.18.227.114 Columbus, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-18-227-114.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
7e66c83c91cdae753cba0e4743430e2fbafe64846cec7ef72f5b3c000cb16a6a

Request headers

Host
lltrk1.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://cleaneratrivialqwedgedd.club/8h0k5zmt/t/r/776d999a/e/gerardnijskens4@hotmail.com/s/71912-A00678026,%7B$mv%7D,
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cleaneratrivialqwedgedd.club/8h0k5zmt/t/r/776d999a/e/gerardnijskens4@hotmail.com/s/71912-A00678026,%7B$mv%7D,

Response headers

Date
Wed, 31 Jul 2019 23:54:56 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
794
Connection
keep-alive
Server
Apache
js
www.googletagmanager.com/gtag/ 		68 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-109215160-2
Requested by
Host: lltrk1.com
URL: http://lltrk1.com/smart.track?VID=1&AFID=21845&PERK=gerardnijskens4@hotmail.com&SID=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
916eeb9a7f00b0dbfcbc08d87ee06bce6c28ad97dd9ec4464ab19be0403e4874
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://lltrk1.com/smart.track?VID=1&AFID=21845&PERK=gerardnijskens4@hotmail.com&SID=y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 31 Jul 2019 23:54:56 GMT
content-encoding
br
last-modified
Wed, 31 Jul 2019 21:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
26352
x-xss-protection
0
expires
Wed, 31 Jul 2019 23:54:56 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109215160-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://lltrk1.com/smart.track?VID=1&AFID=21845&PERK=gerardnijskens4@hotmail.com&SID=y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 21:35:04 GMT
server
Golfe2
age
4068
date
Wed, 31 Jul 2019 22:47:08 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17707
expires
Thu, 01 Aug 2019 00:47:08 GMT
sanitize.go
lltrk1.com/ 		222 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
http://lltrk1.com/sanitize.go?url=http%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D1045%26aff_id%3D1150
Requested by
Host: lltrk1.com
URL: http://lltrk1.com/smart.track?VID=1&AFID=21845&PERK=gerardnijskens4@hotmail.com&SID=y
Protocol
HTTP/1.1
Server
3.18.227.114 Columbus, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-18-227-114.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
0e21b939a5f7e0e4cadedf5df961c80f8403ba1b931c7f7edb01225b5f17358b

Request headers

Host
lltrk1.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://lltrk1.com/smart.track?VID=1&AFID=21845&PERK=gerardnijskens4@hotmail.com&SID=y
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://lltrk1.com/smart.track?VID=1&AFID=21845&PERK=gerardnijskens4@hotmail.com&SID=y

Response headers

Date
Wed, 31 Jul 2019 23:55:04 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
222
Connection
keep-alive
Server
Apache
collect
www.google-analytics.com/ 		35 B
144 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://lltrk1.com/smart.track?VID=1&AFID=21845&PERK=gerardnijskens4@hotmail.com&SID=y
Origin
http://lltrk1.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 31 Jul 2019 23:54:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
http://lltrk1.com
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1904661023&t=pageview&_s=1&dl=http%3A%2F%2Flltrk1.com%2Fsmart.track%3FVID%3D1%26AFID%3D21845%26PERK%3Dgerardnijskens4%40hotmail.com%26SID%3Dy...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109215160-2&cid=1667498445.1564617297&jid=183455701&_gid=487860764.1564617297&gjid=964266372&_v=j77&z=497175998
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=1667498445.1564617297&jid=183455701&_v=j77&z=497175998
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=1667498445.1564617297&jid=183455701&_v=j77&z=497175998&slf_rd=1&random=2883631516
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=1667498445.1564617297&jid=183455701&_v=j77&z=497175998&slf_rd=1&random=2883631516
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://lltrk1.com/smart.track?VID=1&AFID=21845&PERK=gerardnijskens4@hotmail.com&SID=y
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2019 23:54:57 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jul 2019 23:54:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=1667498445.1564617297&jid=183455701&_v=j77&z=497175998&slf_rd=1&random=2883631516
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request /
www.bangalerts.com/x/be/h45gg/
Redirect Chain
  • http://www.heywhatsup.xyz/aff_c?offer_id=1045&aff_id=1150
  • https://x.bangalerts.com/feb77b8d-383a-48a4-b764-da90a18f88de?source=5006&pub=362&source2=1150
  • https://www.bangalerts.com/x/be/h45gg/?cep=PCckEHstIG9RTDH_70vCJSfhjoN8aHYNsCQELG55q00M0zTajLTe-WFnvsC-qEesFd4jpwyHK8yiQFz6z-adpbELO_gfYxVe0vdRDZm44jRK9pwsR0iT0CjdbOzOFwC0IwUiEZAX1NCwl6a9IM7pTPyavE...
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bangalerts.com/x/be/h45gg/?cep=PCckEHstIG9RTDH_70vCJSfhjoN8aHYNsCQELG55q00M0zTajLTe-WFnvsC-qEesFd4jpwyHK8yiQFz6z-adpbELO_gfYxVe0vdRDZm44jRK9pwsR0iT0CjdbOzOFwC0IwUiEZAX1NCwl6a9IM7pTPyavEE_daXJ6Fbe6kAs3R-iRTwA14VcF0627iP8yZ350TWd_ODMhpyvy4BVx7nFVNhPVpki_GFXQXRWTvoqkyhxhFltUlNSwSRauAdAHKXz1uUxqdTJ--Mf5mHVk6iS-lmJOqJSAlitMjEulVgfazpAb_tfZw6WOe1jeB0hl71KXDa-Dj3jMaCXmAh6ESMiPA&lptoken=1506646d617a915d04cd&source=5006&pub=362&source2=1150
Requested by
Host: lltrk1.com
URL: http://lltrk1.com/sanitize.go?url=http%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D1045%26aff_id%3D1150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681c:111a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
www.bangalerts.com
:scheme
https
:path
/x/be/h45gg/?cep=PCckEHstIG9RTDH_70vCJSfhjoN8aHYNsCQELG55q00M0zTajLTe-WFnvsC-qEesFd4jpwyHK8yiQFz6z-adpbELO_gfYxVe0vdRDZm44jRK9pwsR0iT0CjdbOzOFwC0IwUiEZAX1NCwl6a9IM7pTPyavEE_daXJ6Fbe6kAs3R-iRTwA14VcF0627iP8yZ350TWd_ODMhpyvy4BVx7nFVNhPVpki_GFXQXRWTvoqkyhxhFltUlNSwSRauAdAHKXz1uUxqdTJ--Mf5mHVk6iS-lmJOqJSAlitMjEulVgfazpAb_tfZw6WOe1jeB0hl71KXDa-Dj3jMaCXmAh6ESMiPA&lptoken=1506646d617a915d04cd&source=5006&pub=362&source2=1150
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://lltrk1.com/sanitize.go?url=http%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D1045%26aff_id%3D1150
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://lltrk1.com/sanitize.go?url=http%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D1045%26aff_id%3D1150

Response headers

status
200
date
Wed, 31 Jul 2019 23:55:05 GMT
content-type
text/html
set-cookie
__cfduid=d2f86269619e775e4634bccc1d4dbd7401564617305; expires=Thu, 30-Jul-20 23:55:05 GMT; path=/; domain=.bangalerts.com; HttpOnly DO-LB=node-146444967|XUIqX|XUIqX; path=/
last-modified
Tue, 23 Jul 2019 19:47:23 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000 private
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4ff3804ca8f397a8-FRA
content-encoding
br

Redirect headers

Server
nginx
Date
Wed, 31 Jul 2019 23:55:04 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://www.bangalerts.com/x/be/h45gg/?cep=PCckEHstIG9RTDH_70vCJSfhjoN8aHYNsCQELG55q00M0zTajLTe-WFnvsC-qEesFd4jpwyHK8yiQFz6z-adpbELO_gfYxVe0vdRDZm44jRK9pwsR0iT0CjdbOzOFwC0IwUiEZAX1NCwl6a9IM7pTPyavEE_daXJ6Fbe6kAs3R-iRTwA14VcF0627iP8yZ350TWd_ODMhpyvy4BVx7nFVNhPVpki_GFXQXRWTvoqkyhxhFltUlNSwSRauAdAHKXz1uUxqdTJ--Mf5mHVk6iS-lmJOqJSAlitMjEulVgfazpAb_tfZw6WOe1jeB0hl71KXDa-Dj3jMaCXmAh6ESMiPA&lptoken=1506646d617a915d04cd&source=5006&pub=362&source2=1150
Pragma
no-cache
Set-Cookie
feb77b8d-383a-48a4-b764-da90a18f88de-v4=feb77b8d-383a-48a4-b764-da90a18f88de;Max-Age=86400;Expires=Thu, 01-Aug-2019 23:55:04 GMT;domain=x.bangalerts.com;path=/;HttpOnly cep-v4=wMLNL_crqjrPtOBJx-BOazOEgwrgrcv9sqJZBGNpJXeUibWVhX_7QysTuzf3Kcr0kQXakg9M3spJ4hUoVI6rt-z9AHikgIxjydZzUTfAocpXhld0HmDJ8KrJb-C0gq1FKs34sgZV4stC6BSMxe_gPmsKgIIKoAxWb3wTrrv4RWxDm6FdScQ8b1OkQ44TU-QGsV5mCn8te26o7ltOQvqRlNct6k6ODfwtVXcCAUHGyLvaEE_xiW83X4rNdoD8rTsXCHx2Gh9ARGRfRggtzD53fjCNtlQjKF3VzDapQH9p0OZeXexw3W1x6VfqeFzJ0iImo8KAWT6MDeZNPDN7G2jpGw;Max-Age=86400;Expires=Thu, 01-Aug-2019 23:55:04 GMT;domain=x.bangalerts.com;path=/;HttpOnly
css.css
www.bangalerts.com/x/be/h45gg/files/ 		0
0
swpush.min.js
cdn-dt.fcdn.info/ 		0
0
5.gif
www.bangalerts.com/x/be/h45gg/files/ 		0
0
ok-button.png
www.bangalerts.com/x/be/h45gg/files/ 		0
0
yes-button.png
www.bangalerts.com/x/be/h45gg/files/ 		0
0
no-buttonn.png
www.bangalerts.com/x/be/h45gg/files/ 		0
0
next-button.png
www.bangalerts.com/x/be/h45gg/files/ 		0
0
loading.gif
www.bangalerts.com/x/be/h45gg/ 		0
0
agree-button.png
www.bangalerts.com/x/be/h45gg/files/ 		0
0
csf-dark.css
www.bangalerts.com/css/ 		0
0
csf-dark.js
www.bangalerts.com/js/ 		0
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		0
0
script.js
www.bangalerts.com/x/be/h45gg/files/ 		0
0
app.js
www.bangalerts.com/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cleaneratrivialqwedgedd.club
URL
http://cleaneratrivialqwedgedd.club/images/fp.php?e=M2IlLKWxozydp2gyoaZ0DTuiqT1unJjhL29g&p=f1439b81e3be8fb69f4190e8a272a827&r=00204866
Domain
www.bangalerts.com
URL
https://www.bangalerts.com/x/be/h45gg/files/css.css
Domain
cdn-dt.fcdn.info
URL
https://cdn-dt.fcdn.info/swpush.min.js
Domain
www.bangalerts.com
URL
https://www.bangalerts.com/x/be/h45gg/files/5.gif
Domain
www.bangalerts.com
URL
https://www.bangalerts.com/x/be/h45gg/files/ok-button.png
Domain
www.bangalerts.com
URL
https://www.bangalerts.com/x/be/h45gg/files/yes-button.png
Domain
www.bangalerts.com
URL
https://www.bangalerts.com/x/be/h45gg/files/no-buttonn.png
Domain
www.bangalerts.com
URL
https://www.bangalerts.com/x/be/h45gg/files/next-button.png
Domain
www.bangalerts.com
URL
https://www.bangalerts.com/x/be/h45gg/loading.gif
Domain
www.bangalerts.com
URL
https://www.bangalerts.com/x/be/h45gg/files/agree-button.png
Domain
www.bangalerts.com
URL
https://www.bangalerts.com/css/csf-dark.css
Domain
www.bangalerts.com
URL
https://www.bangalerts.com/js/csf-dark.js
Domain
ajax.googleapis.com
URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Domain
www.bangalerts.com
URL
https://www.bangalerts.com/x/be/h45gg/files/script.js
Domain
www.bangalerts.com
URL
https://www.bangalerts.com/js/app.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies