www.pattern-trader.net Open in urlscan Pro
34.243.146.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.laxob.com/aff_c?offer_id=12799&aff_id=21643&aff_sub=sinbabu3.0
Effective URL:
http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
Submission: On May 02 via api (May 2nd 2020, 2:02:34 pm UTC) from US

Summary HTTP 66 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 6 countries across 27 domains to perform 66 HTTP transactions. The main IP is 34.243.146.12, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.pattern-trader.net.

This is the only time www.pattern-trader.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	52.210.2.133 52.210.2.133	16509 (AMAZON-02) (AMAZON-02)
1 1	35.157.74.22 35.157.74.22	16509 (AMAZON-02) (AMAZON-02)
1 1	34.213.159.135 34.213.159.135	16509 (AMAZON-02) (AMAZON-02)
7	35.244.148.197 35.244.148.197	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
5	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	130.211.31.128 130.211.31.128	15169 (GOOGLE) (GOOGLE)
1 1	212.32.250.3 212.32.250.3	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	2606:4700:303... 2606:4700:3031::681b:879c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	99.198.108.198 99.198.108.198	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 3	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	104.31.86.229 104.31.86.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	65.60.58.178 65.60.58.178	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	35.246.245.45 35.246.245.45	15169 (GOOGLE) (GOOGLE)
1 2	5.101.47.55 5.101.47.55	209813 (FASTCONTENT) (FASTCONTENT)
2	34.243.146.12 34.243.146.12	16509 (AMAZON-02) (AMAZON-02)
19	54.76.186.124 54.76.186.124	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
66	22

2 52.210.2.133 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-2-133.eu-west-1.compute.amazonaws.com

www.laxob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cpafull.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.74.22 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-74-22.eu-central-1.compute.amazonaws.com

router.adhoc4.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.213.159.135 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-159-135.us-west-2.compute.amazonaws.com

www.9t5.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.244.148.197 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 197.148.244.35.bc.googleusercontent.com

www.popcornlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.31.128 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 128.31.211.130.bc.googleusercontent.com

srv.popcornlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.250.3 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

clixscale.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::681b:879c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

so.slytrk06.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.198.108.198 (Chicago, United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

go.domainxchange.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.31.86.229 (United States)

ASN13335 (CLOUDFLARENET, US)

yltenim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.60.58.178 (Chicago, United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

jdango.olaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.246.245.45 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 45.245.246.35.bc.googleusercontent.com

chads-bagel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.101.47.55 (France) 1 redirects

ASN209813 (FASTCONTENT, DE)

getbestprofits1.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.243.146.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-146-12.eu-west-1.compute.amazonaws.com

www.pattern-trader.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 54.76.186.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-186-124.eu-west-1.compute.amazonaws.com

rs.pattern-trader.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	pattern-trader.net www.pattern-trader.net rs.pattern-trader.net	588 KB
8	gstatic.com fonts.gstatic.com	85 KB
8	popcornlinks.com www.popcornlinks.com srv.popcornlinks.com	138 KB
7	googleapis.com fonts.googleapis.com ajax.googleapis.com	77 KB
3	olaldo.com jdango.olaldo.com Failed	5 KB
3	google-analytics.com 1 redirects www.google-analytics.com	36 KB
3	domainxchange.xyz 1 redirects go.domainxchange.xyz	5 KB
2	getbestprofits1.life 1 redirects getbestprofits1.life	1 KB
2	yltenim.com yltenim.com	6 KB
2	facebook.net connect.facebook.net	152 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	26 KB
1	youtube.com www.youtube.com
1	ytimg.com i1.ytimg.com	11 KB
1	chads-bagel.com chads-bagel.com Failed	617 B
1	facebook.com www.facebook.com	321 B
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	180 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	164 B
1	slytrk06.com 1 redirects so.slytrk06.com	1 KB
1	g2afse.com 1 redirects clixscale.g2afse.com	217 B
1	bing.com bat.bing.com	8 KB
1	googletagmanager.com www.googletagmanager.com	32 KB
1	jquery.com code.jquery.com	30 KB
1	9t5.me 1 redirects www.9t5.me	293 B
1	adhoc4.net 1 redirects router.adhoc4.net	327 B
1	go2cloud.org 1 redirects cpafull.go2cloud.org	2 KB
1	laxob.com 1 redirects www.laxob.com	501 B
66	27

	Domain	Requested by
19	rs.pattern-trader.net	www.pattern-trader.net rs.pattern-trader.net
8	fonts.gstatic.com	www.pattern-trader.net
7	www.popcornlinks.com	www.popcornlinks.com
5	ajax.googleapis.com	www.popcornlinks.com
3	jdango.olaldo.com	yltenim.com jdango.olaldo.com
3	www.google-analytics.com	1 redirects www.googletagmanager.com
3	go.domainxchange.xyz	1 redirects www.popcornlinks.com go.domainxchange.xyz
2	www.pattern-trader.net	getbestprofits1.life
2	getbestprofits1.life	1 redirects yltenim.com
2	yltenim.com	go.domainxchange.xyz jdango.olaldo.com
2	connect.facebook.net	www.popcornlinks.com connect.facebook.net
2	maxcdn.bootstrapcdn.com	www.popcornlinks.com
2	fonts.googleapis.com	www.popcornlinks.com www.pattern-trader.net
1	www.youtube.com	rs.pattern-trader.net
1	i1.ytimg.com	rs.pattern-trader.net
1	chads-bagel.com	yltenim.com
1	www.facebook.com
1	www.google.de
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	so.slytrk06.com	1 redirects
1	clixscale.g2afse.com	1 redirects
1	srv.popcornlinks.com	www.popcornlinks.com
1	bat.bing.com	www.popcornlinks.com
1	www.googletagmanager.com	www.popcornlinks.com
1	code.jquery.com	www.popcornlinks.com
1	www.9t5.me	1 redirects
1	router.adhoc4.net	1 redirects
1	cpafull.go2cloud.org	1 redirects
1	www.laxob.com	1 redirects
66	30

This site contains no links.

Subject Issuer	Validity	Valid
www.popcornlinks.com GTS CA 1D2	`2020-03-23` - `2020-06-21`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-04-15` - `2020-07-14`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
srv.popcornlinks.com GTS CA 1D2	`2020-03-23` - `2020-06-21`	3 months	crt.sh
go.domainxchange.xyz Let's Encrypt Authority X3	`2020-03-31` - `2020-06-29`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-21` - `2020-10-09`	8 months	crt.sh
jdango.olaldo.com Let's Encrypt Authority X3	`2020-03-13` - `2020-06-11`	3 months	crt.sh
getbestprofits1.life Let's Encrypt Authority X3	`2020-04-06` - `2020-07-05`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
Frame ID: C76A43C0CE583BA2035C933624C918F4
Requests: 62 HTTP requests in this frame

Frame: https://www.youtube.com/embed/YT9Tsh22eeQ?showinfo=0&controls=0&rel=0&playsinline=1&wmode=transparent&autoplay=true&start=0
Frame ID: AAEFC162B79DC764A33AA372010698FA
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.laxob.com/aff_c?offer_id=12799&aff_id=21643&aff_sub=sinbabu3.0 HTTP 302
http://cpafull.go2cloud.org/aff_c?offer_id=13474&aff_id=2 HTTP 302
https://router.adhoc4.net/click/k5/AKeZ0d9Jjhwve?sub_id=2&click_id=102a2ec2451f4b512324d012e988c4 HTTP 303
https://www.9t5.me/ln/FO5zBjC4418?clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn HTTP 302
https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&su... Page URL
https://clixscale.g2afse.com/sl?id=5e319888bf7f144ffae31a23&pid=12&sub1=85oz3NW0Jeo1M8bjW6PZWYr2T6&sub2=0... HTTP 302
https://so.slytrk06.com/t/clk?id=8M3IYyyHlX8SX4vOTB&s1=85oz3NW0Jeo1M8bjW6PZWYr2T6&s2= HTTP 302
https://go.domainxchange.xyz/?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream... Page URL
https://go.domainxchange.xyz/?utm_term=6822246827463541495&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
https://go.domainxchange.xyz/proc.php?21efc783b1ffd80363f46de827e52713ac1e4c89 HTTP 302
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_... Page URL
https://jdango.olaldo.com/?utm_medium=92cd26b757d5a674d95c064121672878056ef453&utm_campaign=PL-SL-MNST... Page URL
https://jdango.olaldo.com/?utm_term=6822246836053475339&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
https://jdango.olaldo.com/proc.php?0c6189a37eeb0b51a17db3bcfb24665c34e0b823 HTTP 302
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_... Page URL
https://chads-bagel.com/9?clickid=lPL60F1T2090ae10007PS002MZ0ZNL805BSP1H007605BSP00000000&subid1=tkQ... HTTP 302
https://getbestprofits1.life/?u=ax7kteh&o=n2qh73n&t=GIOV@PL-SL-MNST_CRPT-PLPL-GIOV-ALL-DSKTP@tkQLLSUJFLp0... Page URL
https://getbestprofits1.life/web/ HTTP 302
http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Page Statistics

66
Requests

65 %
HTTPS

55 %
IPv6

27
Domains

30
Subdomains

22
IPs

6
Countries

1200 kB
Transfer

2137 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.laxob.com/aff_c?offer_id=12799&aff_id=21643&aff_sub=sinbabu3.0 HTTP 302
http://cpafull.go2cloud.org/aff_c?offer_id=13474&aff_id=2 HTTP 302
https://router.adhoc4.net/click/k5/AKeZ0d9Jjhwve?sub_id=2&click_id=102a2ec2451f4b512324d012e988c4 HTTP 303
https://www.9t5.me/ln/FO5zBjC4418?clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn HTTP 302
https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn Page URL
https://clixscale.g2afse.com/sl?id=5e319888bf7f144ffae31a23&pid=12&sub1=85oz3NW0Jeo1M8bjW6PZWYr2T6&sub2=0921&sub3=4418&sub5=exit HTTP 302
https://so.slytrk06.com/t/clk?id=8M3IYyyHlX8SX4vOTB&s1=85oz3NW0Jeo1M8bjW6PZWYr2T6&s2= HTTP 302
https://go.domainxchange.xyz/?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream_new&1=13551&cid=1d9a93f8-b4fa-4152-808e-b914b7b96e29 Page URL
https://go.domainxchange.xyz/?utm_term=6822246827463541495&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e Page URL
https://go.domainxchange.xyz/proc.php?21efc783b1ffd80363f46de827e52713ac1e4c89 HTTP 302
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6822246827463541495&ext1=797 Page URL
https://jdango.olaldo.com/?utm_medium=92cd26b757d5a674d95c064121672878056ef453&utm_campaign=PL-SL-MNST-MNTZ-GIOV-PC-RDRCT&1=tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&2={click_id}&cid={click_id} Page URL
https://jdango.olaldo.com/?utm_term=6822246836053475339&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e Page URL
https://jdango.olaldo.com/proc.php?0c6189a37eeb0b51a17db3bcfb24665c34e0b823 HTTP 302
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6822246836053475339&ext1=4681 Page URL
https://chads-bagel.com/9?clickid=lPL60F1T2090ae10007PS002MZ0ZNL805BSP1H007605BSP00000000&subid1=tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&subid2=PL-SL-MNST_CRPT-PLPL-GIOV-ALL-DSKTP&subid3=GIOV&affpubid=GIOV@PL-SL-MNST_CRPT-PLPL-GIOV-ALL-DSKTP@tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo HTTP 302
https://getbestprofits1.life/?u=ax7kteh&o=n2qh73n&t=GIOV@PL-SL-MNST_CRPT-PLPL-GIOV-ALL-DSKTP@tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&cid=171d5b1aa58d2aao9ob1bb59f4cbe9&clickid=lPL60F1T2090ae10007PS002MZ0ZNL805BSP1H007605BSP00000000&affpubid=GIOV%40PL-SL-MNST_CRPT-PLPL-GIOV-ALL-DSKTP%40tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&tsp=9 Page URL
https://getbestprofits1.life/web/ HTTP 302
http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.laxob.com/aff_c?offer_id=12799&aff_id=21643&aff_sub=sinbabu3.0 HTTP 302
http://cpafull.go2cloud.org/aff_c?offer_id=13474&aff_id=2 HTTP 302
https://router.adhoc4.net/click/k5/AKeZ0d9Jjhwve?sub_id=2&click_id=102a2ec2451f4b512324d012e988c4 HTTP 303
https://www.9t5.me/ln/FO5zBjC4418?clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn HTTP 302
https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn

Request Chain 20

https://clixscale.g2afse.com/sl?id=5e319888bf7f144ffae31a23&pid=12&sub1=85oz3NW0Jeo1M8bjW6PZWYr2T6&sub2=0921&sub3=4418&sub5=exit HTTP 302
https://so.slytrk06.com/t/clk?id=8M3IYyyHlX8SX4vOTB&s1=85oz3NW0Jeo1M8bjW6PZWYr2T6&s2= HTTP 302
https://go.domainxchange.xyz/?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream_new&1=13551&cid=1d9a93f8-b4fa-4152-808e-b914b7b96e29

Request Chain 24

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1490015110&t=pageview&_s=1&dl=https%3A%2F%2Fwww.popcornlinks.com%2Fwelcome.html%3Faff%3D4418%26theme%3D0921%26clickid%3D85oz3NW0Jeo1M8bjW6PZWYr2T6%26pub%3D2%26sub_pub_id%3DmWK9rndvkCRn&dp=%2Fwelcome.html%3Faff%3D4418%26theme%3D0921%26clickid%3D85oz3NW0Jeo1M8bjW6PZWYr2T6%26pub%3D2%26sub_pub_id%3DmWK9rndvkCRn&ul=en-us&de=windows-1252&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEADQ~&jid=1599414346&gjid=1027688565&cid=932478823.1588428120&tid=UA-79989177-1&_gid=742400473.1588428120&_r=1&gtm=2wg4m0P4LSJPZ&cd1=Default%204418&cd3=0921&cd4=2&z=764103603 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-79989177-1&cid=932478823.1588428120&jid=1599414346&_gid=742400473.1588428120&gjid=1027688565&_v=j81&z=764103603 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79989177-1&cid=932478823.1588428120&jid=1599414346&_v=j81&z=764103603 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79989177-1&cid=932478823.1588428120&jid=1599414346&_v=j81&z=764103603&slf_rd=1&random=2349446439

Request Chain 27

https://go.domainxchange.xyz/proc.php?21efc783b1ffd80363f46de827e52713ac1e4c89 HTTP 302
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6822246827463541495&ext1=797

Request Chain 31

https://jdango.olaldo.com/proc.php?0c6189a37eeb0b51a17db3bcfb24665c34e0b823 HTTP 302
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6822246836053475339&ext1=4681

Request Chain 33

https://chads-bagel.com/9?clickid=lPL60F1T2090ae10007PS002MZ0ZNL805BSP1H007605BSP00000000&subid1=tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&subid2=PL-SL-MNST_CRPT-PLPL-GIOV-ALL-DSKTP&subid3=GIOV&affpubid=GIOV@PL-SL-MNST_CRPT-PLPL-GIOV-ALL-DSKTP@tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo HTTP 302
https://getbestprofits1.life/?u=ax7kteh&o=n2qh73n&t=GIOV@PL-SL-MNST_CRPT-PLPL-GIOV-ALL-DSKTP@tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&cid=171d5b1aa58d2aao9ob1bb59f4cbe9&clickid=lPL60F1T2090ae10007PS002MZ0ZNL805BSP1H007605BSP00000000&affpubid=GIOV%40PL-SL-MNST_CRPT-PLPL-GIOV-ALL-DSKTP%40tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&tsp=9

66 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

welcome.html Show response
www.popcornlinks.com/
Redirect Chain

http://www.laxob.com/aff_c?offer_id=12799&aff_id=21643&aff_sub=sinbabu3.0
http://cpafull.go2cloud.org/aff_c?offer_id=13474&aff_id=2
https://router.adhoc4.net/click/k5/AKeZ0d9Jjhwve?sub_id=2&click_id=102a2ec2451f4b512324d012e988c4
https://www.9t5.me/ln/FO5zBjC4418?clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn

5 KB
6 KB

355ms
195ms

Document
text/html

35.244.148.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.148.197 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.148.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0b7770b7e9f729571f1388994feb0834c959008558d1778bd16e58c7f96e9d97

Request headers

:method: GET
:authority: www.popcornlinks.com
:scheme: https
:path: /welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
x-guploader-uploadid: AAANsUliSYqVp4acDl1bgbYj5L0fvGjwSZTfHcmHMuBevky9Y5LCdO8N3vMVv3zy65vz1yRarHBMx4hqetaLtunbar7hLq_xeQ
expires: Sat, 02 May 2020 15:01:58 GMT
date: Sat, 02 May 2020 14:01:58 GMT
cache-control: public, max-age=3600
last-modified: Mon, 03 Feb 2020 16:26:50 GMT
etag: "c6f6dd5e7be4d46cfeb788da9e85e8ea"
x-goog-generation: 1580747210237556
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5220
content-type: text/html
x-goog-hash: crc32c=jXujHQ== md5=xvbdXnvk1Gz+t4janoXo6g==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 5220
server: UploadServer
alt-svc: clear

Redirect headers

Content-Type: text/plain
Date: Sat, 02 May 2020 14:01:58 GMT
Location: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
Server: Apache-Coyote/1.1
Content-Length: 0
Connection: keep-alive

GET
H2 200 consts.js Show response
www.popcornlinks.com/consts/ 96 B
377 B 166ms
162ms Script
text/javascript 35.244.148.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.popcornlinks.com/consts/consts.js
Requested by: Host: www.popcornlinks.com
URL: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.148.197 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.148.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8e7d653b08ccb9d7bcfd84381d5b2c30c22b2ef4b941d43de0367e46eff765a7

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 02 May 2020 13:29:56 GMT
age: 1922
x-guploader-uploadid: AAANsUlnK27efMwuzphsBN7o-_3wJufzHx3ZMytD-pHMm0KUbQFnRtEHwo0_cXYs20DiFui8M14XY_D38F68GOo9_NQv9Oigxg
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 96
last-modified: Sun, 08 Sep 2019 15:15:12 GMT
server: UploadServer
etag: "0e5af7f85400b8e21dcef9113dd2313f"
x-goog-hash: crc32c=7NDGuw==, md5=Dlr3+FQAuOIdzvkRPdIxPw==
x-goog-generation: 1567955712706880
cache-control: public, max-age=3600
x-goog-stored-content-length: 96
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 02 May 2020 14:29:56 GMT

GET
H2 200 preAppLoading.js Show response
www.popcornlinks.com/ 4 KB
4 KB 165ms
161ms Script
text/javascript 35.244.148.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.popcornlinks.com/preAppLoading.js
Requested by: Host: www.popcornlinks.com
URL: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.148.197 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.148.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0a06af3ad0c7cf358417e22d5f3f10d9c6408a04c869b962d19d9bcf07b85352

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 02 May 2020 13:34:34 GMT
age: 1644
x-guploader-uploadid: AAANsUnUrOo62UFLIivYC6CXKPbQF_rXMRxgJUrKzIigFAzY5TOKy1NMZNnvQgfX8y4N75i6OAFXDnFCA-E4L7PJSA
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 4023
last-modified: Thu, 12 Mar 2020 09:20:03 GMT
server: UploadServer
etag: "c7049c8304cba42b887109012f3b2f9d"
x-goog-hash: crc32c=HDGQXA==, md5=xwScgwTLpCuIcQkBLzsvnQ==
x-goog-generation: 1584004803168033
cache-control: public, max-age=3600
x-goog-stored-content-length: 4023
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 02 May 2020 14:34:34 GMT

GET
H2 200 icon
fonts.googleapis.com/ 574 B
468 B 19ms
15ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www.popcornlinks.com
URL: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 02 May 2020 14:01:58 GMT
server: ESF
date: Sat, 02 May 2020 14:01:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 May 2020 14:01:58 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 622ms
545ms Stylesheet
text/css 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: www.popcornlinks.com
URL: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 02 May 2020 14:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
status: 200
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 19740

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 1057ms
981ms Stylesheet
text/css 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.popcornlinks.com
URL: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 02 May 2020 14:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 numberedLoader.css
www.popcornlinks.com/css/ 49 KB
49 KB 76ms
73ms Stylesheet
text/css 35.244.148.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.popcornlinks.com/css/numberedLoader.css
Requested by: Host: www.popcornlinks.com
URL: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.148.197 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.148.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c37f0b7e2010a80f39b5ed177e36bfe01de00f2dd986899c0f8c40c1acd2a2f7

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 02 May 2020 13:58:56 GMT
age: 182
x-guploader-uploadid: AAANsUnjBjj_e0xCHJ29S67MpwxANx-5jApL2fS7A5WvGriZ6bpuu-DlSClbuBISteFbozVN0cG9TLLomxXlC9IZWbk
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 49725
last-modified: Mon, 18 Nov 2019 14:52:29 GMT
server: UploadServer
etag: "ad4a80d7b6f3588e934e2282b820c4fb"
x-goog-hash: crc32c=58ZRug==, md5=rUqA17bzWI6TTiKCuCDE+w==
x-goog-generation: 1574088749303377
cache-control: public, max-age=3600
x-goog-stored-content-length: 49725
accept-ranges: bytes
content-type: text/css
expires: Sat, 02 May 2020 14:58:56 GMT

GET
H2 200 welcome.css
www.popcornlinks.com/css/ 2 KB
2 KB 74ms
71ms Stylesheet
text/css 35.244.148.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.popcornlinks.com/css/welcome.css
Requested by: Host: www.popcornlinks.com
URL: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.148.197 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.148.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 74c70b792a0539c0a17597f33af76e5d022dfb952a100a3af4ca8f434d3a3b56

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 02 May 2020 13:58:56 GMT
age: 182
x-guploader-uploadid: AAANsUm16Ywwomgwfime00tA5EJjQ6B81qkFCYKzIMckO3TveSgLd_W_Go76mONZG3VduitvRrLFBESA1D0eTsqRFzBdMU2sUQ
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 1750
last-modified: Mon, 18 Nov 2019 14:52:24 GMT
server: UploadServer
etag: "198d0b878ede8dffc747eb6fb7a0b511"
x-goog-hash: crc32c=80647w==, md5=GY0Lh47ejf/HR+tvt6C1EQ==
x-goog-generation: 1574088744404377
cache-control: public, max-age=3600
x-goog-stored-content-length: 1750
accept-ranges: bytes
content-type: text/css
expires: Sat, 02 May 2020 14:58:56 GMT

GET
H2 200 fingerprintjs2.js Show response
www.popcornlinks.com/ 35 KB
36 KB 149ms
146ms Script
text/javascript 35.244.148.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.popcornlinks.com/fingerprintjs2.js
Requested by: Host: www.popcornlinks.com
URL: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.148.197 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.148.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0a38f58671095a8a5b0eea4b27ab252e874c4230adb768ee2b0155bba1e9afc5

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 02 May 2020 13:34:34 GMT
age: 1644
x-guploader-uploadid: AAANsUnimotwBdMg0osr1tVOa1Eeq5U4xlsnu1VVn6ZTsAtPQbQ3JgK2kb1EN5bkBmpgdUgGnzMGTFpMB2zhCboKyg
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 36185
last-modified: Wed, 14 Aug 2019 05:00:57 GMT
server: UploadServer
etag: "68ab45bd98459cb766f3ab26d086e5f5"
x-goog-hash: crc32c=OuDATw==, md5=aKtFvZhFnLdm86sm0Ibl9Q==
x-goog-generation: 1565758857773738
cache-control: public, max-age=3600
x-goog-stored-content-length: 36185
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 02 May 2020 14:34:34 GMT

GET
H/1.1 200
OK jquery-3.1.0.min.js Show response
code.jquery.com/ 84 KB
30 KB 34ms
6ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.0.min.js
Requested by: Host: www.popcornlinks.com
URL: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 02 May 2020 14:01:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Jul 2016 21:45:52 GMT
Server: nginx
ETag: W/"577ecd90-1514f"
Vary: Accept-Encoding
X-HW: 1588428118.dop130.fr8.t,1588428118.cds145.fr8.shn,1588428118.cds145.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30019

GET
H2 200 angular.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ 156 KB
55 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js

Requested by

Host: www.popcornlinks.com
URL: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 10 Apr 2020 02:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1941903
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56572
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Apr 2021 02:36:55 GMT

GET
H2 200 angular-animate.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ 25 KB
9 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular-animate.min.js

Requested by

Host: www.popcornlinks.com
URL: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41b5bb45e1ddfa4499fa81022f126ac0c0047d24bb9d0141945efa85d58e4c10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 00:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1342927
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9274
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Apr 2021 00:59:51 GMT

GET
H2 200 angular-sanitize.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ 26 KB
8 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular-sanitize.js

Requested by

Host: www.popcornlinks.com
URL: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47478b933ba06dcdd5aac22b8178f62b71e267dfc388ef21e516dc87240f0c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 07 Apr 2020 20:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2138331
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Apr 2021 20:03:07 GMT

GET
H2 200 angular-resource.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ 4 KB
2 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular-resource.min.js

Requested by

Host: www.popcornlinks.com
URL: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93e617091d75c8985946ce6b638c84e11c25a42cecbe4416e67a4b2641db8e62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 10 Apr 2020 06:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1928950
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2231
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Apr 2021 06:12:48 GMT

GET
H2 200 angular-cookies.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/ 1 KB
905 B 16ms
14ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular-cookies.min.js

Requested by

Host: www.popcornlinks.com
URL: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f79dfaabb417f7b777458a24663c5075dd1e56026e20578a0d74568b3c762375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 07 Apr 2020 17:49:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2146365
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 811
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Apr 2021 17:49:13 GMT

GET
H2 200 js-all-min.js Show response
www.popcornlinks.com/minified/js/ 40 KB
40 KB 121ms
120ms Script
text/javascript 35.244.148.197
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.popcornlinks.com/minified/js/js-all-min.js
Requested by: Host: www.popcornlinks.com
URL: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.148.197 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 197.148.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ee168ed48e3541a6a3405c6fd69074feb45762becaa8f3eb606bd6a777866883

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 02 May 2020 13:56:58 GMT
age: 300
x-guploader-uploadid: AAANsUkLYjCwtudVIrU1JCBOzo1w6N_z3S4wYmmV77EHIkqsou1AymUYHvg3qvWfVVl048KL5KECeEDu54_zNjBtAAaJk6kbEw
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 40793
last-modified: Thu, 30 Apr 2020 13:37:24 GMT
server: UploadServer
etag: "98317fb0dce466b679faa904fa7aefce"
x-goog-hash: crc32c=25i1lQ==, md5=mDF/sNzkZrZ5+qkE+nrvzg==
x-goog-generation: 1588253844777805
cache-control: public, max-age=3600
x-goog-stored-content-length: 40793
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 02 May 2020 14:56:58 GMT

GET
H2 200 gtm.js
www.googletagmanager.com/ 109 KB
32 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P4LSJPZ

Requested by

Host: www.popcornlinks.com
URL: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 02 May 2020 14:01:59 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32516
x-xss-protection: 0
last-modified: Sat, 02 May 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 May 2020 14:01:59 GMT

GET
H2 200 fbevents.js
connect.facebook.net/en_US/ 131 KB
32 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.popcornlinks.com
URL: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 31766
x-xss-protection: 0
pragma: public
x-fb-debug: dHc6Jfv4Ycn6mRP1C90pKWVCJHEpgwciGKjUCmM7yLEbo0ogkuOpcrnukYR7xbYoBOqKv43uw/zUf13mi9ACZQ==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Sat, 02 May 2020 14:01:59 GMT, Sat, 02 May 2020 14:01:59 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js
bat.bing.com/ 25 KB
8 KB 31ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.popcornlinks.com
URL: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 02 May 2020 14:01:59 GMT
content-encoding: gzip
last-modified: Mon, 13 Apr 2020 22:01:50 GMT
x-msedge-ref: Ref A: 30D8BF0CA66040D998C4212DE41E206C Ref B: FRAEDGE0915 Ref C: 2020-05-02T14:01:59Z
status: 200
etag: "0db222df11d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7610

POST
H2 500 checkByIp
srv.popcornlinks.com/rest/client/ 8 KB
2 KB 618ms
441ms XHR
text/html 130.211.31.128
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.popcornlinks.com/rest/client/checkByIp
Requested by: Host: www.popcornlinks.com
URL: https://www.popcornlinks.com/preAppLoading.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.31.128 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 128.31.211.130.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 02 May 2020 14:01:58 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
status: 500
vary: Accept-Encoding
content-language: en
access-control-allow-origin: https://www.popcornlinks.com
access-control-allow-credentials: true
content-type: text/html;charset=utf-8
alt-svc: clear
via: 1.1 google

GET
H2

200

/ Show response
go.domainxchange.xyz/
Redirect Chain

https://clixscale.g2afse.com/sl?id=5e319888bf7f144ffae31a23&pid=12&sub1=85oz3NW0Jeo1M8bjW6PZWYr2T6&sub2=0921&sub3=4418&sub5=exit
https://so.slytrk06.com/t/clk?id=8M3IYyyHlX8SX4vOTB&s1=85oz3NW0Jeo1M8bjW6PZWYr2T6&s2=
https://go.domainxchange.xyz/?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream_new&1=13551&cid=1d9a93f8-b4fa-4152-808e-b914b7b96e29

3 KB
2 KB

575ms
149ms

Document
text/html

99.198.108.198
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://go.domainxchange.xyz/?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream_new&1=13551&cid=1d9a93f8-b4fa-4152-808e-b914b7b96e29

Requested by

Host: www.popcornlinks.com
URL: https://www.popcornlinks.com/preAppLoading.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.198.108.198 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

99a902ed774afa1de9ac84075be429295a5efd7a33c5008c62577dad5c548078

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: go.domainxchange.xyz
:scheme: https
:path: /?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream_new&1=13551&cid=1d9a93f8-b4fa-4152-808e-b914b7b96e29
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn

Response headers

status: 200
server: nginx
date: Sat, 02 May 2020 14:02:00 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: u=dfd5452f01196721fe773b228dd41db2; expires=Sun, 02-May-2021 14:02:00 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

Redirect headers

status: 302
date: Sat, 02 May 2020 14:02:00 GMT
content-type: text/html; charset=utf-8
content-length: 0
set-cookie: __cfduid=d24642a28ecdd880b55235e3ae4899d631588428119; expires=Mon, 01-Jun-20 14:01:59 GMT; path=/; domain=.slytrk06.com; HttpOnly; SameSite=Lax AWSALB=/iL54PE5mmuAlGTkwj64OPwUxc5C/T6P8XWcrlGKOBa11Q8LhACUSWkSs/dZkl372hOoz5YGtvFmqkQcD8iavGAtiv800qrmInQEI0ezZsVD9B0wCzhCXRRBKOHW; Expires=Sat, 09 May 2020 14:02:00 GMT; Path=/ AWSALBCORS=/iL54PE5mmuAlGTkwj64OPwUxc5C/T6P8XWcrlGKOBa11Q8LhACUSWkSs/dZkl372hOoz5YGtvFmqkQcD8iavGAtiv800qrmInQEI0ezZsVD9B0wCzhCXRRBKOHW; Expires=Sat, 09 May 2020 14:02:00 GMT; Path=/; SameSite=None uip="[\"V7PWlWt\"\054 {\"rDq2o\": \"0r05oR6\"}]:1jUsiO:AwnLH-OkXn3Sk6R2gjHBhZL9DYE"; expires=Mon, 01 Jun 2020 14:02:00 GMT; Max-Age=2592000; Path=/ ydt_69a756d9a2a44370a5365f82fbdfa6e5="[\"1d9a93f8-b4fa-4152-808e-b914b7b96e29\"]:1jUsiO:87a2uwLmzHd2t9GYZbucGBDZe-Q"; expires=Mon, 01 Jun 2020 16:02:00 GMT; Max-Age=2599200; Path=/
location: https://go.domainxchange.xyz/?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream_new&1=13551&cid=1d9a93f8-b4fa-4152-808e-b914b7b96e29
cache-control: no-transform
x-frame-options: SAMEORIGIN
vary: Cookie, Origin
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58d24704ecaa0eaf-FRA
cf-request-id: 02774ab70c00000eaf0b94b200000001

GET
H2 200 analytics.js
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4LSJPZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 3939
date: Sat, 02 May 2020 12:56:20 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18174
expires: Sat, 02 May 2020 14:56:20 GMT

GET
H2 200 121631631805851
connect.facebook.net/signals/config/ 476 KB
120 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/121631631805851?v=2.9.18&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 122649
x-xss-protection: 0
pragma: private
x-fb-debug: e/Cs04CYorL4xQPBGMniq04h104F4k3lVCGj6An08QPJBUzAObC0KNbh5/JRhAEuzCrfSUCNSb9b3ASKMY8KHQ==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Sat, 02 May 2020 14:01:59 GMT, Sat, 02 May 2020 14:01:59 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: private
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4LSJPZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 3939
date: Sat, 02 May 2020 12:56:20 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18174
expires: Sat, 02 May 2020 14:56:20 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1490015110&t=pageview&_s=1&dl=https%3A%2F%2Fwww.popcornlinks.com%2Fwelcome.html%3Faff%3D4418%26theme%3D0921%26clickid%3D85oz3NW0Jeo1M8bjW6PZW...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-79989177-1&cid=932478823.1588428120&jid=1599414346&_gid=742400473.1588428120&gjid=1027688565&_v=j81&z=764103603
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79989177-1&cid=932478823.1588428120&jid=1599414346&_v=j81&z=764103603
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79989177-1&cid=932478823.1588428120&jid=1599414346&_v=j81&z=764103603&slf_rd=1&random=2349446439

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79989177-1&cid=932478823.1588428120&jid=1599414346&_v=j81&z=764103603&slf_rd=1&random=2349446439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 May 2020 14:01:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 May 2020 14:01:59 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-79989177-1&cid=932478823.1588428120&jid=1599414346&_v=j81&z=764103603&slf_rd=1&random=2349446439
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
321 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=121631631805851&ev=PageView&dl=https%3A%2F%2Fwww.popcornlinks.com%2Fwelcome.html%3Faff%3D4418%26theme%3D0921%26clickid%3D85oz3NW0Jeo1M8bjW6PZWYr2T6%26pub%3D2%26sub_pub_id%3DmWK9rndvkCRn&rl=&if=false&ts=1588428119723&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1588428119722.899367272&it=1588428119639&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.popcornlinks.com/welcome.html?aff=4418&theme=0921&clickid=85oz3NW0Jeo1M8bjW6PZWYr2T6&pub=2&sub_pub_id=mWK9rndvkCRn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 02 May 2020 14:01:59 GMT, Sat, 02 May 2020 14:01:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 02 May 2020 14:01:59 GMT

GET
H2 200 / Show response
go.domainxchange.xyz/ 9 KB
3 KB 163ms
163ms Document
text/html 99.198.108.198
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://go.domainxchange.xyz/?utm_term=6822246827463541495&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e

Requested by

Host: go.domainxchange.xyz
URL: https://go.domainxchange.xyz/?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream_new&1=13551&cid=1d9a93f8-b4fa-4152-808e-b914b7b96e29

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.198.108.198 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

d5f6df2e1de03593288ba247bf26d06912b5e4c46a5c799d856b2d608f6bc0f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: go.domainxchange.xyz
:scheme: https
:path: /?utm_term=6822246827463541495&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://go.domainxchange.xyz/?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream_new&1=13551&cid=1d9a93f8-b4fa-4152-808e-b914b7b96e29
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: u=dfd5452f01196721fe773b228dd41db2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://go.domainxchange.xyz/?utm_medium=0d2e24c8102df1f08f7d0f16d84018b5ef5f0aa0&utm_campaign=mainstream_new&1=13551&cid=1d9a93f8-b4fa-4152-808e-b914b7b96e29

Response headers

status: 200
server: nginx
date: Sat, 02 May 2020 14:02:00 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H2

200

JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_ Show response
yltenim.com/nh4ea/ciqM/fC6c/
Redirect Chain

https://go.domainxchange.xyz/proc.php?21efc783b1ffd80363f46de827e52713ac1e4c89
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6822246827463541495&ext1=797

6 KB
4 KB

419ms
304ms

Document
text/html

104.31.86.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6822246827463541495&ext1=797
Requested by: Host: go.domainxchange.xyz
URL: https://go.domainxchange.xyz/?utm_term=6822246827463541495&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.31.86.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c4de69bf28319ecbac1e8dd4dd414c45a39895b20c165ea56ecea2c76d1dd68

Request headers

:method: GET
:authority: yltenim.com
:scheme: https
:path: /nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6822246827463541495&ext1=797
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://go.domainxchange.xyz/?utm_term=6822246827463541495&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://go.domainxchange.xyz/?utm_term=6822246827463541495&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e#

Response headers

status: 200
date: Sat, 02 May 2020 14:02:01 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=dd48b8e98801afbc4cc6fd642da56c3e41588428121; expires=Mon, 01-Jun-20 14:02:01 GMT; path=/; domain=.yltenim.com; HttpOnly; SameSite=Lax TR7A3jMiISYwstsFmTB2nnIHQbldWUy4oIejVz55dlg%3D=fc6ec4537ccaa59e281c7f264dfa7c3a_1588428121.3682; domain=yltenim.com; path=/; expires=Tue, 30-Apr-2030 14:02:01 UTC b5lq9eygwZllzl4luI4VBgQgNE5fCh5dQrQRotUx370%3D=1588428121.3708; domain=yltenim.com; path=/; expires=Tue, 30-Apr-2030 14:02:01 UTC vHgNpuORtFmyejMz%2Fu4SCq%2BJuUygP9Fo7yvtcHxZqjM%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3UzlRZ0lxcWZIVlpEcExUaitqMDZvRm94UlJqeTNKRWxCSnFHTWI1UGtYWg%3D%3D; domain=yltenim.com; path=/; expires=Tue, 30-Apr-2030 14:02:01 UTC fc6ec4537ccaa59e281c7f264dfa7c3a_1588428121.3682_ck=N3hQZmdab3cweW53akh4UnJQSEhNREtMZk9YOWtBaEdJZy95RTdSRi9rb2k1M1BQWjQySklvQjZqbG9XRFRMNHdaQnlsSXMyNlNJSTZ1V1RoWkhIUEErZGpHdGF3b0llUXpBNnB1WWh4akdxUGZsVkFuTUQzZThwdEVIU3NETUN3QjBMTHpxYmlUL1RabzhGSnhTQStEZ0hTb1VNY04wbHZ5bC9KS015czZkSEdvaTJvWjFPcjlVcE94am9rTXdnZEd5NHdhR00xdmN2V2RVWmRBU1pOd1RCM0dvUVBSNTFxY2VmcDhzc3d0RmRKR3dWMHRxdXFPNzNtMENoSnNVS2ovSitVMjUzWFVIems1cG1MYXJBeEhIaWEzTVVtRkRyTXlMQm5XaTdQQnVlOWhPK1R1MDFYb2pDeGxSZ2d1Zk5TVmpjZitYSGw0b0s5dk1ueXdHdmVndnR0dkpZY0I0empYcUdsSUM4VWFNemFrYXA5OHBuYlE2aGNGaWtmSFpycVhmNXM0cG1Xck5waVR0c3FZTzhkbmt1dGxlZ2M3b3BLNEFOK1hVVjNJODdwL01WLzJuMVI3cGp0MFVvQ0dqZW1rWWhLaHZkS2FINzVzU0xxYzVwLzVWVGc3MUIzR0lIUy9QUi8wVTJoRFgvNTRENXNmYzBDSVAwT1VrUTUwczBKVHVObjZNdVZFZ1lFSXpoYmk5L05xRmx4bThnK1dwN2twTmFNSVQ5aVJUWm1ZTk1GWWErVXNVMlc5ODBhcmY4V0hoVW1TV3VoYjJzL0kwZDZ4T2pLaThpd2cvQVIxYmZwUytXVm9DK3Z0Vmp4VzlvTDNLNGFHTnVqd2VJeDRnR3VGZWFMOU96djJ2R0FLSkNrenVwWktwa2thWUttYm85YkF4dlBCMnd0eTR4Nmh4N1lDSm1OQldGWkhoQmdUcFR3bXl0MWJ0bzhCSEg1eGZYWmhHRXY0UDRWUkJaaTdDamFwQUFDbXJWWGtFd254RlF3S24wcFpjVTBMVkQ2WElpSGRMSFprTUcyUUI1dDdyQWF6TWoxelp4c0kvMzBVTWl3VkVxQVFTZE9iZEg3WlhnaGhZWEd4VjZqcTdoTHRTNDBFMlJ5alFEaFhSRDl5Y2hmc0lpNmF3T2ZRaWwrRHFyOUhSb3RXN1lxQ2VxMzZ5dG9sSjlFRDVKMkR1NG13M3dqNXN1ZFIwdWVhNVlyaEFzUThOc0VxaldFMFFmT2Nob0xiU0FiM09nTDByVlJzdnFEZWR1eHZNc3FTVmFZSVVvZzVGazBuZXZpaVYyaGZjakZheDdZZmsxWWpROFQ3UG93MlkySHNUNXJZbnA3L09Cb3E1VGgrWjhGeXVyNXBqeFZGdFYrMlY0QmZQa1BTeXppMTBBVjdlNTF1bnZsU3BESXZvY1B1S0xzYzc3RnZwRGl0YUdrVU5mMEVZQlhxemZYTHVwRStNdGlaS28xSUF1S0hJbEhjcTRNL0tWZUpSNk4vVWZ1eWRIdWNOUVhnSld5aFBLV3ZXZHM1UTZySmxGMXFMQTZ1R0wrQ0hWVkE5Y21ucmRZbW5uOU9FVS8vSWEya1BXZHNmMk5BOFBHblllaHIxbXRGNmxiUWtsVUpEcUZpcWNub1E3bG05MnE2cm8vczNtMkE9PQ%3D%3D; domain=yltenim.com; path=/; expires=Tue, 30-Apr-2030 14:02:01 UTC f%2BNxABd9BuS%2BD6mZ%2FBtNNoR%2BezmypWHgySeOvF3EM0s%3D=ZzZXU0hqYTJzeUVLMU9XMkd1ay9RNlpzL3RpRXhWSXF4Q0JpTnNla28vNmJ6b3F5NktMOW1hMTRyNVZ2S2JXeDQ2b3pIbk5iYXcyWVlRbFJ0dXRsMFhhQyt1bDQ3TSs3R2FyNmRNS1MySnc9; domain=yltenim.com; path=/; expires=Sat, 02-May-2020 15:07:01 UTC SERVERID=sfc76; path=/
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58d2470e6bcad8bd-AMS
cf-request-id: 02774abd020000d8bdab16b200000001

Redirect headers

status: 302
server: nginx
date: Sat, 02 May 2020 14:02:01 GMT
content-type: text/html; charset=UTF-8
location: https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6822246827463541495&ext1=797
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;

GET /
jdango.olaldo.com/ 0
0

GET
H2 200 / Show response
jdango.olaldo.com/ 3 KB
2 KB 256ms
144ms Document
text/html 65.60.58.178
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://jdango.olaldo.com/?utm_medium=92cd26b757d5a674d95c064121672878056ef453&utm_campaign=PL-SL-MNST-MNTZ-GIOV-PC-RDRCT&1=tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&2={click_id}&cid={click_id}

Requested by

Host: yltenim.com
URL: https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6822246827463541495&ext1=797

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

65.60.58.178 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

ea5813ae23aa0baffd16f9cab6c3d6e0f90cf907b885d527eb83e4db2a274008

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: jdango.olaldo.com
:scheme: https
:path: /?utm_medium=92cd26b757d5a674d95c064121672878056ef453&utm_campaign=PL-SL-MNST-MNTZ-GIOV-PC-RDRCT&1=tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&2={click_id}&cid={click_id}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://yltenim.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://yltenim.com/

Response headers

status: 200
server: nginx
date: Sat, 02 May 2020 14:02:02 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: u=4484134721576b4db8c82cfdbf5ac71e; expires=Sun, 02-May-2021 14:02:02 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H2 200 / Show response
jdango.olaldo.com/ 9 KB
3 KB 148ms
148ms Document
text/html 65.60.58.178
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://jdango.olaldo.com/?utm_term=6822246836053475339&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e

Requested by

Host: jdango.olaldo.com
URL: https://jdango.olaldo.com/?utm_medium=92cd26b757d5a674d95c064121672878056ef453&utm_campaign=PL-SL-MNST-MNTZ-GIOV-PC-RDRCT&1=tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&2={click_id}&cid={click_id}

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

65.60.58.178 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/7.3.4

Resource Hash

9e9a02f067a3b963480a44fd1a6ff85f069a0c58a0bf45342cb590f9766af606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

:method: GET
:authority: jdango.olaldo.com
:scheme: https
:path: /?utm_term=6822246836053475339&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://jdango.olaldo.com/?utm_medium=92cd26b757d5a674d95c064121672878056ef453&utm_campaign=PL-SL-MNST-MNTZ-GIOV-PC-RDRCT&1=tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&2={click_id}&cid={click_id}
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: u=4484134721576b4db8c82cfdbf5ac71e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://jdango.olaldo.com/?utm_medium=92cd26b757d5a674d95c064121672878056ef453&utm_campaign=PL-SL-MNST-MNTZ-GIOV-PC-RDRCT&1=tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&2={click_id}&cid={click_id}

Response headers

status: 200
server: nginx
date: Sat, 02 May 2020 14:02:02 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip

GET
H2

200

JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_ Show response
yltenim.com/nh4ea/ciqM/fC6c/
Redirect Chain

https://jdango.olaldo.com/proc.php?0c6189a37eeb0b51a17db3bcfb24665c34e0b823
https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6822246836053475339&ext1=4681

7 KB
2 KB

110ms
109ms

Document
text/html

104.31.86.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6822246836053475339&ext1=4681
Requested by: Host: jdango.olaldo.com
URL: https://jdango.olaldo.com/?utm_term=6822246836053475339&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.31.86.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b160c61c374fc329466c2f56ab58f475d1965709d6dde69cb366ee07d48bed7

Request headers

:method: GET
:authority: yltenim.com
:scheme: https
:path: /nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6822246836053475339&ext1=4681
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://jdango.olaldo.com/?utm_term=6822246836053475339&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dd48b8e98801afbc4cc6fd642da56c3e41588428121; TR7A3jMiISYwstsFmTB2nnIHQbldWUy4oIejVz55dlg%3D=fc6ec4537ccaa59e281c7f264dfa7c3a_1588428121.3682; b5lq9eygwZllzl4luI4VBgQgNE5fCh5dQrQRotUx370%3D=1588428121.3708; vHgNpuORtFmyejMz%2Fu4SCq%2BJuUygP9Fo7yvtcHxZqjM%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3UzlRZ0lxcWZIVlpEcExUaitqMDZvRm94UlJqeTNKRWxCSnFHTWI1UGtYWg%3D%3D; fc6ec4537ccaa59e281c7f264dfa7c3a_1588428121.3682_ck=N3hQZmdab3cweW53akh4UnJQSEhNREtMZk9YOWtBaEdJZy95RTdSRi9rb2k1M1BQWjQySklvQjZqbG9XRFRMNHdaQnlsSXMyNlNJSTZ1V1RoWkhIUEErZGpHdGF3b0llUXpBNnB1WWh4akdxUGZsVkFuTUQzZThwdEVIU3NETUN3QjBMTHpxYmlUL1RabzhGSnhTQStEZ0hTb1VNY04wbHZ5bC9KS015czZkSEdvaTJvWjFPcjlVcE94am9rTXdnZEd5NHdhR00xdmN2V2RVWmRBU1pOd1RCM0dvUVBSNTFxY2VmcDhzc3d0RmRKR3dWMHRxdXFPNzNtMENoSnNVS2ovSitVMjUzWFVIems1cG1MYXJBeEhIaWEzTVVtRkRyTXlMQm5XaTdQQnVlOWhPK1R1MDFYb2pDeGxSZ2d1Zk5TVmpjZitYSGw0b0s5dk1ueXdHdmVndnR0dkpZY0I0empYcUdsSUM4VWFNemFrYXA5OHBuYlE2aGNGaWtmSFpycVhmNXM0cG1Xck5waVR0c3FZTzhkbmt1dGxlZ2M3b3BLNEFOK1hVVjNJODdwL01WLzJuMVI3cGp0MFVvQ0dqZW1rWWhLaHZkS2FINzVzU0xxYzVwLzVWVGc3MUIzR0lIUy9QUi8wVTJoRFgvNTRENXNmYzBDSVAwT1VrUTUwczBKVHVObjZNdVZFZ1lFSXpoYmk5L05xRmx4bThnK1dwN2twTmFNSVQ5aVJUWm1ZTk1GWWErVXNVMlc5ODBhcmY4V0hoVW1TV3VoYjJzL0kwZDZ4T2pLaThpd2cvQVIxYmZwUytXVm9DK3Z0Vmp4VzlvTDNLNGFHTnVqd2VJeDRnR3VGZWFMOU96djJ2R0FLSkNrenVwWktwa2thWUttYm85YkF4dlBCMnd0eTR4Nmh4N1lDSm1OQldGWkhoQmdUcFR3bXl0MWJ0bzhCSEg1eGZYWmhHRXY0UDRWUkJaaTdDamFwQUFDbXJWWGtFd254RlF3S24wcFpjVTBMVkQ2WElpSGRMSFprTUcyUUI1dDdyQWF6TWoxelp4c0kvMzBVTWl3VkVxQVFTZE9iZEg3WlhnaGhZWEd4VjZqcTdoTHRTNDBFMlJ5alFEaFhSRDl5Y2hmc0lpNmF3T2ZRaWwrRHFyOUhSb3RXN1lxQ2VxMzZ5dG9sSjlFRDVKMkR1NG13M3dqNXN1ZFIwdWVhNVlyaEFzUThOc0VxaldFMFFmT2Nob0xiU0FiM09nTDByVlJzdnFEZWR1eHZNc3FTVmFZSVVvZzVGazBuZXZpaVYyaGZjakZheDdZZmsxWWpROFQ3UG93MlkySHNUNXJZbnA3L09Cb3E1VGgrWjhGeXVyNXBqeFZGdFYrMlY0QmZQa1BTeXppMTBBVjdlNTF1bnZsU3BESXZvY1B1S0xzYzc3RnZwRGl0YUdrVU5mMEVZQlhxemZYTHVwRStNdGlaS28xSUF1S0hJbEhjcTRNL0tWZUpSNk4vVWZ1eWRIdWNOUVhnSld5aFBLV3ZXZHM1UTZySmxGMXFMQTZ1R0wrQ0hWVkE5Y21ucmRZbW5uOU9FVS8vSWEya1BXZHNmMk5BOFBHblllaHIxbXRGNmxiUWtsVUpEcUZpcWNub1E3bG05MnE2cm8vczNtMkE9PQ%3D%3D; f%2BNxABd9BuS%2BD6mZ%2FBtNNoR%2BezmypWHgySeOvF3EM0s%3D=ZzZXU0hqYTJzeUVLMU9XMkd1ay9RNlpzL3RpRXhWSXF4Q0JpTnNla28vNmJ6b3F5NktMOW1hMTRyNVZ2S2JXeDQ2b3pIbk5iYXcyWVlRbFJ0dXRsMFhhQyt1bDQ3TSs3R2FyNmRNS1MySnc9; SERVERID=sfc76
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://jdango.olaldo.com/?utm_term=6822246836053475339&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e#

Response headers

status: 200
date: Sat, 02 May 2020 14:02:02 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
set-cookie: b5lq9eygwZllzl4luI4VBgQgNE5fCh5dQrQRotUx370%3D=1588428122.47; domain=yltenim.com; path=/; expires=Tue, 30-Apr-2030 14:02:02 UTC vHgNpuORtFmyejMz%2Fu4SCq%2BJuUygP9Fo7yvtcHxZqjM%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3UzlRZ0lxcWZIVlpEcExUaitqMDZvRTNRVmpBSlQ4WnBHNW9sNXRHQTZldg%3D%3D; domain=yltenim.com; path=/; expires=Tue, 30-Apr-2030 14:02:02 UTC f%2BNxABd9BuS%2BD6mZ%2FBtNNoR%2BezmypWHgySeOvF3EM0s%3D=ZzZXU0hqYTJzeUVLMU9XMkd1ay9RNlpzL3RpRXhWSXF4Q0JpTnNla28vNmJ6b3F5NktMOW1hMTRyNVZ2S2JXeDQ2b3pIbk5iYXcyWVlRbFJ0dXRsMGJxMGplTVFvbDFKY3haS0xLTk5TRXp6cUtsM3hqQlFhdjd6SU04aWdhNmxZcktkMWJsNGlpWGdsN29rZFdhQmRVajFRcHNVQkhHU1FFWXg3OXl3OHFJPQ%3D%3D; domain=yltenim.com; path=/; expires=Sat, 02-May-2020 15:07:02 UTC
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 58d247154ec0d8bd-AMS
cf-request-id: 02774ac14c0000d8bdab1d2200000001

Redirect headers

status: 302
server: nginx
date: Sat, 02 May 2020 14:02:02 GMT
content-type: text/html; charset=UTF-8
location: https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6822246836053475339&ext1=4681
x-powered-by: PHP/7.3.4
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;

GET 9
chads-bagel.com/ 0
0

GET
H/1.1

200
OK

Cookie set /
getbestprofits1.life/
Redirect Chain

https://chads-bagel.com/9?clickid=lPL60F1T2090ae10007PS002MZ0ZNL805BSP1H007605BSP00000000&subid1=tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&subid2=PL-SL-MNST_CRPT-PLPL-GIOV-AL...
https://getbestprofits1.life/?u=ax7kteh&o=n2qh73n&t=GIOV@PL-SL-MNST_CRPT-PLPL-GIOV-ALL-DSKTP@tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&cid=171d5b1aa58d2aao9ob1bb59f4cbe9&clic...

906 B
1 KB

211ms
69ms

Document
text/html

5.101.47.55
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://getbestprofits1.life/?u=ax7kteh&o=n2qh73n&t=GIOV@PL-SL-MNST_CRPT-PLPL-GIOV-ALL-DSKTP@tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&cid=171d5b1aa58d2aao9ob1bb59f4cbe9&clickid=lPL60F1T2090ae10007PS002MZ0ZNL805BSP1H007605BSP00000000&affpubid=GIOV%40PL-SL-MNST_CRPT-PLPL-GIOV-ALL-DSKTP%40tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&tsp=9
Requested by: Host: yltenim.com
URL: https://yltenim.com/nh4ea/ciqM/fC6c/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_?diM=MS_WW_Desktop_Feb20&subid=6822246836053475339&ext1=4681
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.101.47.55 , France, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash

Request headers

Host: getbestprofits1.life
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://yltenim.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://yltenim.com/nh4ea/ciqM/Zzuf/JGLJgY-JXI3SDVohQh-Ym7VL_i64mzeLG003Dj6O6K5wXxUxduZ_/ICqZ14_fRIrcC1x8F0nTyUva6SwO3_k?ori=76x&ex=6&pbi=5ead7d5a786342.613426305

Response headers

Server: nginx
Date: Sat, 02 May 2020 14:02:02 GMT
Content-Type: text/html
Content-Length: 906
Connection: keep-alive
Cache-Control: private no-transform
Set-Cookie: sid=tx2c305tknegreyzxjn4vkub; path=/
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

Redirect headers

status: 302
server: openresty/1.15.8.1
date: Sat, 02 May 2020 14:02:02 GMT
content-length: 0
location: https://getbestprofits1.life/?u=ax7kteh&o=n2qh73n&t=GIOV@PL-SL-MNST_CRPT-PLPL-GIOV-ALL-DSKTP@tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&cid=171d5b1aa58d2aao9ob1bb59f4cbe9&clickid=lPL60F1T2090ae10007PS002MZ0ZNL805BSP1H007605BSP00000000&affpubid=GIOV%40PL-SL-MNST_CRPT-PLPL-GIOV-ALL-DSKTP%40tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&tsp=9
set-cookie: o8837d325cd3e537d84e6b5e97296387f=d659e4c9c46f61c224e30376eaed9f18609b0424379b17738660d95146d7a183
pragma: no-cache
expires: 0
cache-control: max-age=0 must-revalidate no-cache no-store
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
strict-transport-security: max-age=15724800; includeSubDomains

GET
H/1.1

200
OK

Primary Request

Cookie set lp Show response
www.pattern-trader.net/
Redirect Chain

https://getbestprofits1.life/web/
http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728

17 KB
18 KB

174ms
129ms

Document
text/html

34.243.146.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
Requested by: Host: getbestprofits1.life
URL: https://getbestprofits1.life/?u=ax7kteh&o=n2qh73n&t=GIOV@PL-SL-MNST_CRPT-PLPL-GIOV-ALL-DSKTP@tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&cid=171d5b1aa58d2aao9ob1bb59f4cbe9&clickid=lPL60F1T2090ae10007PS002MZ0ZNL805BSP1H007605BSP00000000&affpubid=GIOV%40PL-SL-MNST_CRPT-PLPL-GIOV-ALL-DSKTP%40tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&tsp=9
Protocol: HTTP/1.1
Server: 34.243.146.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-146-12.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b2c6f460a09ca49cd8081827d5b9e2a3d54f2eecc2c98891c4faa6935af19e84

Request headers

Host: www.pattern-trader.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://getbestprofits1.life/?u=ax7kteh&o=n2qh73n&t=GIOV@PL-SL-MNST_CRPT-PLPL-GIOV-ALL-DSKTP@tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&cid=171d5b1aa58d2aao9ob1bb59f4cbe9&clickid=lPL60F1T2090ae10007PS002MZ0ZNL805BSP1H007605BSP00000000&affpubid=GIOV%40PL-SL-MNST_CRPT-PLPL-GIOV-ALL-DSKTP%40tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&tsp=9

Response headers

Date: Sat, 02 May 2020 14:02:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: AWSALB=XDttn2VDTgg800vjegWkDBd9iD9nHRXeevZcQMyJ8NDh33AaHGXdWvK2KatsKk9zhhLsJoLd8OUbFhrY1xariHVZDjUOSC6yQLzTj2jeqAF5KVtgjlsxvkVU0YZd; Expires=Sat, 09 May 2020 14:02:03 GMT; Path=/ AWSALBCORS=XDttn2VDTgg800vjegWkDBd9iD9nHRXeevZcQMyJ8NDh33AaHGXdWvK2KatsKk9zhhLsJoLd8OUbFhrY1xariHVZDjUOSC6yQLzTj2jeqAF5KVtgjlsxvkVU0YZd; Expires=Sat, 09 May 2020 14:02:03 GMT; Path=/; SameSite=None l_1=25e7; expires=Mon, 04-May-2020 14:02:03 GMT; Max-Age=172800; path=/; domain=.pattern-trader.net l_2=acf93; expires=Mon, 04-May-2020 14:02:03 GMT; Max-Age=172800; path=/; domain=.pattern-trader.net l_3=116688595; expires=Sat, 27-Jun-2020 14:02:03 GMT; Max-Age=4838400; path=/; domain=.pattern-trader.net
Server: Apache
Expires: Tue, 17 Apr 2001 00:06:59 GMT
Last-Modified: Sat, 02 May 2020 14:02:03 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Pragma: no-cache

Redirect headers

Server: nginx
Date: Sat, 02 May 2020 14:02:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 229
Connection: keep-alive
Location: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
X-Powered-By: ASP.NET
Cache-Control: no-transform

GET
H/1.1 200
OK bootstrap.min.css
rs.pattern-trader.net/rs/ext/ 118 KB
119 KB 142ms
102ms Stylesheet
text/css 54.76.186.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://rs.pattern-trader.net/rs/ext/bootstrap.min.css
Requested by: Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
Protocol: HTTP/1.1
Server: 54.76.186.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-186-124.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2f84a570c284130bcc02e9c2bca933f8ffae012f5445950c72254ecb7c5ce152

Request headers

Referer: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 02 May 2020 14:02:03 GMT
Last-Modified: Tue, 25 Dec 2018 09:30:28 GMT
Server: nginx
ETag: "5c21f8b4-1d99a"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 121242

GET
H/1.1 200
OK style1.css
rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/ 15 KB
15 KB 154ms
114ms Stylesheet
text/css 54.76.186.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/style1.css
Requested by: Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
Protocol: HTTP/1.1
Server: 54.76.186.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-186-124.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 79cbfaa5df35609d4d01717d07ecb6324606c05aa7709cb91cc3d01af3055d02

Request headers

Referer: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 02 May 2020 14:02:03 GMT
Last-Modified: Thu, 17 Jan 2019 14:21:46 GMT
Server: nginx
ETag: "5c408f7a-3baf"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15279

GET
H/1.1 200
OK pt_logo.svg
rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/ 9 KB
9 KB 135ms
107ms Image
image/svg+xml 54.76.186.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/pt_logo.svg
Requested by: Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
Protocol: HTTP/1.1
Server: 54.76.186.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-186-124.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6fc0e97ff197c49a80741d45b5b572f597cd6feb6d91d4fdc7e03b1baadbf713

Request headers

Referer: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 02 May 2020 14:02:03 GMT
Last-Modified: Thu, 17 Jan 2019 14:21:46 GMT
Server: nginx
ETag: "5c408f7a-23db"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9179

GET
H/1.1 200
OK flag.png
rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/312qpf_pl/ 326 B
557 B 129ms
100ms Image
image/png 54.76.186.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/312qpf_pl/flag.png
Requested by: Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
Protocol: HTTP/1.1
Server: 54.76.186.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-186-124.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 67d1169b0c88a5f9ae7043e3a7857e2bef0a1b6a7f474ea4f9017eed8ce7fc42

Request headers

Referer: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 02 May 2020 14:02:03 GMT
Last-Modified: Thu, 17 Jan 2019 14:21:46 GMT
Server: nginx
ETag: "5c408f7a-146"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 326

GET
H/1.1 200
OK icon_algo.svg
rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/ 1 KB
1 KB 139ms
111ms Image
image/svg+xml 54.76.186.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/icon_algo.svg
Requested by: Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
Protocol: HTTP/1.1
Server: 54.76.186.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-186-124.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9c5dcd8332621e899d320276245d05f2dcecb58221f94cde0475236fe3d35760

Request headers

Referer: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 02 May 2020 14:02:03 GMT
Last-Modified: Thu, 17 Jan 2019 14:21:46 GMT
Server: nginx
ETag: "5c408f7a-4e7"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1255

GET
H/1.1 200
OK icon_clock.svg
rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/ 954 B
1 KB 193ms
64ms Image
image/svg+xml 54.76.186.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/icon_clock.svg
Requested by: Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
Protocol: HTTP/1.1
Server: 54.76.186.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-186-124.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 38b315c5897c468031d991c968412ed04585b53676d3689d022d0bb0ac7e1e6c

Request headers

Referer: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 02 May 2020 14:02:03 GMT
Last-Modified: Thu, 17 Jan 2019 14:21:46 GMT
Server: nginx
ETag: "5c408f7a-3ba"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 954

GET
H/1.1 200
OK icon_user.svg
rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/ 2 KB
2 KB 89ms
65ms Image
image/svg+xml 54.76.186.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/icon_user.svg
Requested by: Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
Protocol: HTTP/1.1
Server: 54.76.186.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-186-124.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 00326fd67323daab320052ff3f205afed8f0c83ffc0f5ded7295a7c23db65bee

Request headers

Referer: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 02 May 2020 14:02:03 GMT
Last-Modified: Thu, 17 Jan 2019 14:21:46 GMT
Server: nginx
ETag: "5c408f7a-6b4"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1716

GET
H/1.1 200
OK app_scr.jpg
rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/ 136 KB
137 KB 109ms
72ms Image
image/jpeg 54.76.186.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/app_scr.jpg
Requested by: Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
Protocol: HTTP/1.1
Server: 54.76.186.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-186-124.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ab7d1f95031041d1a4a7703c80fbb0090834c10fb3424f524442497ca1e2cb5b

Request headers

Referer: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 02 May 2020 14:02:03 GMT
Last-Modified: Thu, 17 Jan 2019 14:21:46 GMT
Server: nginx
ETag: "5c408f7a-22144"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 139588

GET
H/1.1 200
OK platform_icons.png
rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/ 5 KB
5 KB 70ms
65ms Image
image/png 54.76.186.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/platform_icons.png
Requested by: Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
Protocol: HTTP/1.1
Server: 54.76.186.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-186-124.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 379970496579ce20359bedb35c343fb34eda887aa001fbc7758aa0a4e02dd5d5

Request headers

Referer: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 02 May 2020 14:02:03 GMT
Last-Modified: Thu, 17 Jan 2019 14:21:46 GMT
Server: nginx
ETag: "5c408f7a-13d1"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5073

GET
H/1.1 200
OK 85.jpg
rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/ 5 KB
6 KB 69ms
67ms Image
image/jpeg 54.76.186.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/85.jpg
Requested by: Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
Protocol: HTTP/1.1
Server: 54.76.186.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-186-124.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e55f3cdab57eb4084f7006cfe9f7f047e638e1b257a53498aaed14b83087152a

Request headers

Referer: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 02 May 2020 14:02:03 GMT
Last-Modified: Thu, 17 Jan 2019 14:21:46 GMT
Server: nginx
ETag: "5c408f7a-1570"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5488

GET
H/1.1 200
OK 19.jpg
rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/ 7 KB
7 KB 69ms
68ms Image
image/jpeg 54.76.186.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/19.jpg
Requested by: Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
Protocol: HTTP/1.1
Server: 54.76.186.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-186-124.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c493b0a6d9a42ed0a102bcd31360d00491e23ac5cb4f7cbf8ae9c61f577ccccc

Request headers

Referer: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 02 May 2020 14:02:03 GMT
Last-Modified: Thu, 17 Jan 2019 14:21:46 GMT
Server: nginx
ETag: "5c408f7a-1b23"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6947

GET
H/1.1 200
OK 20.jpg
rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/ 6 KB
6 KB 125ms
65ms Image
image/jpeg 54.76.186.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/20.jpg
Requested by: Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
Protocol: HTTP/1.1
Server: 54.76.186.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-186-124.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 56cfb2a08032e82843ccac91504bbf42ababde4aea91bbacd9b683912cd8b21a

Request headers

Referer: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 02 May 2020 14:02:03 GMT
Last-Modified: Thu, 17 Jan 2019 14:21:46 GMT
Server: nginx
ETag: "5c408f7a-170c"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5900

GET
H/1.1 200
OK security_icons.png
rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/ 25 KB
26 KB 80ms
69ms Image
image/png 54.76.186.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/security_icons.png
Requested by: Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
Protocol: HTTP/1.1
Server: 54.76.186.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-186-124.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a48fca23f43035e4c0c9c93b3b27ef605b013789427ac71fc9b585256155f0a5

Request headers

Referer: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 02 May 2020 14:02:03 GMT
Last-Modified: Thu, 17 Jan 2019 14:21:46 GMT
Server: nginx
ETag: "5c408f7a-65bc"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26044

GET
H/1.1 200
OK pt_logo_white.svg
rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/ 6 KB
6 KB 74ms
67ms Image
image/svg+xml 54.76.186.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/pt_logo_white.svg
Requested by: Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
Protocol: HTTP/1.1
Server: 54.76.186.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-186-124.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 81c1fa39048c6fa88413b7c2dcc63f993bc48d022bb023330e8671745cad61ef

Request headers

Referer: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 02 May 2020 14:02:03 GMT
Last-Modified: Thu, 17 Jan 2019 14:21:46 GMT
Server: nginx
ETag: "5c408f7a-1733"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5939

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
rs.pattern-trader.net/rs/ext/ 94 KB
94 KB 71ms
71ms Script
application/javascript 54.76.186.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://rs.pattern-trader.net/rs/ext/jquery-1.11.3.min.js
Requested by: Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
Protocol: HTTP/1.1
Server: 54.76.186.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-186-124.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

Referer: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 02 May 2020 14:02:03 GMT
Last-Modified: Tue, 25 Dec 2018 09:30:28 GMT
Server: nginx
ETag: "5c21f8b4-176f8"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95992

GET
H/1.1 200
OK bootstrap.min.js Show response
rs.pattern-trader.net/rs/ext/ 36 KB
36 KB 65ms
65ms Script
application/javascript 54.76.186.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://rs.pattern-trader.net/rs/ext/bootstrap.min.js
Requested by: Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
Protocol: HTTP/1.1
Server: 54.76.186.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-186-124.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 02 May 2020 14:02:03 GMT
Last-Modified: Tue, 25 Dec 2018 09:30:28 GMT
Server: nginx
ETag: "5c21f8b4-90b5"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37045

GET
H2 200 css
fonts.googleapis.com/ 5 KB
785 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rajdhani:400,700|Raleway:400,400i,700&subset=latin-ext

Requested by

Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f501cc0771844bd01a56b4a973b3588f9016a7d221b9c3cab6cc96dd5ceba648

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 02 May 2020 14:02:03 GMT
server: ESF
date: Sat, 02 May 2020 14:02:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 May 2020 14:02:03 GMT

GET
H/1.1 200
OK video.htm Show response
rs.pattern-trader.net/rs/htm/ Frame AAEF 3 KB
3 KB 134ms
108ms Document
text/html 54.76.186.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://rs.pattern-trader.net/rs/htm/video.htm?v=YT-YT9Tsh22eeQ&autoplay=1&startsec=0
Requested by: Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
Protocol: HTTP/1.1
Server: 54.76.186.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-186-124.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 42cdc9616d429203279b4dc81a268c3ec30d43f660709d700dde217f1660d480

Request headers

Host: rs.pattern-trader.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: l_1=25e7; l_2=acf93; l_3=116688595
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728

Response headers

Date: Sat, 02 May 2020 14:02:03 GMT
Content-Type: text/html
Content-Length: 2676
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 18 Feb 2020 13:34:26 GMT
ETag: "5e4be7e2-a74"
Accept-Ranges: bytes

GET
DATA 200
OK truncated
/ 847 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e01a475425b48a40b7dd1c70f9f2172ec2f4c7a456b85a97fbfe12e308051f30

Request headers

Referer: http://rs.pattern-trader.net/rs/prod/patterntrader_luz0hs/style1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 LDI2apCSOBg7S-QT7pa8FvOreefkkbIx.woff2
fonts.gstatic.com/s/rajdhani/v9/ 9 KB
9 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rajdhani/v9/LDI2apCSOBg7S-QT7pa8FvOreefkkbIx.woff2

Requested by

Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f934f8e9f41920c9fb8c1e6becce47026cbd5be106221bfdc9d59d2f821ddb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rajdhani:400,700|Raleway:400,400i,700&subset=latin-ext
Origin: http://www.pattern-trader.net

Response headers

date: Mon, 27 Apr 2020 23:16:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:49:25 GMT
server: sffe
age: 398737
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9312
x-xss-protection: 0
expires: Tue, 27 Apr 2021 23:16:26 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rajdhani:400,700|Raleway:400,400i,700&subset=latin-ext
Origin: http://www.pattern-trader.net

Response headers

date: Sat, 28 Mar 2020 14:50:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:04 GMT
server: sffe
age: 3021098
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13428
x-xss-protection: 0
expires: Sun, 28 Mar 2021 14:50:25 GMT

GET
H2 200 1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2

Requested by

Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rajdhani:400,700|Raleway:400,400i,700&subset=latin-ext
Origin: http://www.pattern-trader.net

Response headers

date: Sat, 04 Apr 2020 11:59:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:42 GMT
server: sffe
age: 2426530
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13228
x-xss-protection: 0
expires: Sun, 04 Apr 2021 11:59:53 GMT

GET
H2 200 1Ptsg8zYS_SKggPNyCg4TYFqL_KWxQ.woff2
fonts.gstatic.com/s/raleway/v14/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptsg8zYS_SKggPNyCg4TYFqL_KWxQ.woff2

Requested by

Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e0fd9812ea2aad0ed2fa667b8f591d2008e1a4a238b365c7b07c9365f487c16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rajdhani:400,700|Raleway:400,400i,700&subset=latin-ext
Origin: http://www.pattern-trader.net

Response headers

date: Thu, 16 Apr 2020 22:00:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:47 GMT
server: sffe
age: 1353696
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14224
x-xss-protection: 0
expires: Fri, 16 Apr 2021 22:00:27 GMT

GET
H2 200 LDI2apCSOBg7S-QT7pa8FvOleefkkbIxyyg.woff2
fonts.gstatic.com/s/rajdhani/v9/ 7 KB
7 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rajdhani/v9/LDI2apCSOBg7S-QT7pa8FvOleefkkbIxyyg.woff2

Requested by

Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9e5c31083af592f1bd83a8462b2397d9efcc880d9253dc796246df97dd40232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rajdhani:400,700|Raleway:400,400i,700&subset=latin-ext
Origin: http://www.pattern-trader.net

Response headers

date: Mon, 27 Apr 2020 23:16:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:49:14 GMT
server: sffe
age: 398733
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6872
x-xss-protection: 0
expires: Tue, 27 Apr 2021 23:16:30 GMT

GET
H2 200 1Ptrg8zYS_SKggPNwJYtWqhPANqczVsq4A.woff2
fonts.gstatic.com/s/raleway/v14/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwJYtWqhPANqczVsq4A.woff2

Requested by

Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

390364cc07ac7bfe65e544b07b59a4158013f94de9770db8c68b96f23cdcbccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rajdhani:400,700|Raleway:400,400i,700&subset=latin-ext
Origin: http://www.pattern-trader.net

Response headers

date: Sat, 04 Apr 2020 07:23:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:55 GMT
server: sffe
age: 2443094
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9340
x-xss-protection: 0
expires: Sun, 04 Apr 2021 07:23:49 GMT

GET
H2 200 1Ptug8zYS_SKggPNyCMIT4ttDfCmxA.woff2
fonts.gstatic.com/s/raleway/v14/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyCMIT4ttDfCmxA.woff2

Requested by

Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9545e3627ea461154cab8a69f9710d5b2d544e3f38e21dd61dd08991cb8b4b13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rajdhani:400,700|Raleway:400,400i,700&subset=latin-ext
Origin: http://www.pattern-trader.net

Response headers

date: Sat, 28 Mar 2020 13:16:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:13 GMT
server: sffe
age: 3026720
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9388
x-xss-protection: 0
expires: Sun, 28 Mar 2021 13:16:43 GMT

GET
H2 200 1Ptsg8zYS_SKggPNyCg4Q4FqL_KWxWMT.woff2
fonts.gstatic.com/s/raleway/v14/ 10 KB
10 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptsg8zYS_SKggPNyCg4Q4FqL_KWxWMT.woff2

Requested by

Host: www.pattern-trader.net
URL: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8779379d6cd5ba83513242df60bc7393e455ea5ed2062ff302be096ee8f6337

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rajdhani:400,700|Raleway:400,400i,700&subset=latin-ext
Origin: http://www.pattern-trader.net

Response headers

date: Fri, 17 Apr 2020 00:29:33 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:00 GMT
server: sffe
age: 1344750
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10204
x-xss-protection: 0
expires: Sat, 17 Apr 2021 00:29:33 GMT

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
rs.pattern-trader.net/rs/ext/ Frame AAEF 94 KB
94 KB 72ms
71ms Script
application/javascript 54.76.186.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://rs.pattern-trader.net/rs/ext/jquery-1.11.3.min.js
Requested by: Host: rs.pattern-trader.net
URL: http://rs.pattern-trader.net/rs/htm/video.htm?v=YT-YT9Tsh22eeQ&autoplay=1&startsec=0
Protocol: HTTP/1.1
Server: 54.76.186.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-186-124.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

Referer: http://rs.pattern-trader.net/rs/htm/video.htm?v=YT-YT9Tsh22eeQ&autoplay=1&startsec=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 02 May 2020 14:02:03 GMT
Last-Modified: Tue, 25 Dec 2018 09:30:28 GMT
Server: nginx
ETag: "5c21f8b4-176f8"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95992

GET
H/1.1 200
OK video.gif
rs.pattern-trader.net/rs/htm/ Frame AAEF 3 KB
3 KB 119ms
64ms Image
image/gif 54.76.186.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rs.pattern-trader.net/rs/htm/video.gif
Requested by: Host: rs.pattern-trader.net
URL: http://rs.pattern-trader.net/rs/htm/video.htm?v=YT-YT9Tsh22eeQ&autoplay=1&startsec=0
Protocol: HTTP/1.1
Server: 54.76.186.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-186-124.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 271978b06de1a969aabd38bdeb72771935f8cedee9b284af9d54328710983627

Request headers

Referer: http://rs.pattern-trader.net/rs/htm/video.htm?v=YT-YT9Tsh22eeQ&autoplay=1&startsec=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 02 May 2020 14:02:03 GMT
Last-Modified: Tue, 25 Dec 2018 09:30:28 GMT
Server: nginx
ETag: "5c21f8b4-a30"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2608

GET
H2 200 hqdefault.jpg
i1.ytimg.com/vi/YT9Tsh22eeQ/ Frame AAEF 11 KB
11 KB 35ms
14ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/YT9Tsh22eeQ/hqdefault.jpg?_662.1753763001655

Requested by

Host: rs.pattern-trader.net
URL: http://rs.pattern-trader.net/rs/htm/video.htm?v=YT-YT9Tsh22eeQ&autoplay=1&startsec=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54391608a0189ff8ded9b12987d6680256c0f0c1d91edf9191196a3a587bce17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rs.pattern-trader.net/rs/htm/video.htm?v=YT-YT9Tsh22eeQ&autoplay=1&startsec=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 02 May 2020 14:02:03 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10994
x-xss-protection: 0
expires: Sat, 02 May 2020 16:02:03 GMT

GET
H2 200 YT9Tsh22eeQ
www.youtube.com/embed/ Frame AAEF 0
0 147ms
147ms Document
text/html 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/YT9Tsh22eeQ?showinfo=0&controls=0&rel=0&playsinline=1&wmode=transparent&autoplay=true&start=0

Requested by

Host: rs.pattern-trader.net
URL: http://rs.pattern-trader.net/rs/htm/video.htm?v=YT-YT9Tsh22eeQ&autoplay=1&startsec=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/YT9Tsh22eeQ?showinfo=0&controls=0&rel=0&playsinline=1&wmode=transparent&autoplay=true&start=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://rs.pattern-trader.net/rs/htm/video.htm?v=YT-YT9Tsh22eeQ&autoplay=1&startsec=0
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://rs.pattern-trader.net/rs/htm/video.htm?v=YT-YT9Tsh22eeQ&autoplay=1&startsec=0

Response headers

status: 200
content-encoding: br
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
x-content-type-options: nosniff
content-type: text/html; charset=utf-8
cache-control: no-cache
expires: Tue, 27 Apr 1971 19:44:06 GMT
date: Sat, 02 May 2020 14:02:04 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=tKFLqOl6Odo; path=/; domain=.youtube.com; secure; expires=Thu, 29-Oct-2020 14:02:04 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=tKFLqOl6Odo; path=/; domain=.youtube.com; secure; expires=Thu, 29-Oct-2020 14:02:04 GMT; httponly; samesite=None YSC=AbB8qjfzv5c; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sat, 02-May-2020 14:32:04 GMT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK load.gif
www.pattern-trader.net/lp/ 0
558 B 78ms
78ms Image
text/html 34.243.146.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.pattern-trader.net/lp/load.gif?k=98a_tlnxb&e=683&w1=18g&w2=xc
Protocol: HTTP/1.1
Server: 34.243.146.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-146-12.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.pattern-trader.net/lp?k=acf93&i=25e7&utm=ce734b15-87cc-44bf-b89f-cfec63ba3aca&utm2=l65728
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 02 May 2020 14:02:04 GMT
Server: Apache
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: jdango.olaldo.com
URL: https://jdango.olaldo.com/?utm_medium=92cd26b757d5a674d95c064121672878056ef453&utm_campaign=PL-SL-MNST-MNTZ-GIOV-PC-RDRCT&1=tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&2={click_id}&cid={click_id}&

Domain: chads-bagel.com
URL: https://chads-bagel.com/9?clickid=lPL60F1T2090ae10007PS002MZ0ZNL805BSP1H007605BSP00000000&subid1=tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&subid2=PL-SL-MNST_CRPT-PLPL-GIOV-ALL-DSKTP&subid3=GIOV&affpubid=GIOV@PL-SL-MNST_CRPT-PLPL-GIOV-ALL-DSKTP@tkQLLSUJFLp0ikM1lumcGxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 13:33:00	Name: VISITOR_INFO1_LIVE Value: tKFLqOl6Odo
.pattern-trader.net/	1970-01-19 09:16:40	Name: l_1 Value: 25e7
.pattern-trader.net/	1970-01-19 09:16:40	Name: l_2 Value: acf93
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: AbB8qjfzv5c
www.pattern-trader.net/	1970-01-19 09:23:52	Name: AWSALBCORS Value: XDttn2VDTgg800vjegWkDBd9iD9nHRXeevZcQMyJ8NDh33AaHGXdWvK2KatsKk9zhhLsJoLd8OUbFhrY1xariHVZDjUOSC6yQLzTj2jeqAF5KVtgjlsxvkVU0YZd
.youtube.com/	1970-01-19 09:13:49	Name: GPS Value: 1
.pattern-trader.net/	1970-01-19 10:34:26	Name: l_3 Value: 116688595
www.pattern-trader.net/	1970-01-19 09:23:52	Name: AWSALB Value: XDttn2VDTgg800vjegWkDBd9iD9nHRXeevZcQMyJ8NDh33AaHGXdWvK2KatsKk9zhhLsJoLd8OUbFhrY1xariHVZDjUOSC6yQLzTj2jeqAF5KVtgjlsxvkVU0YZd

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.popcornlinks.com/preAppLoading.js(Line 111) Message: Error Tracking:ReferenceError: checkByIpResult is not defined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bat.bing.com
chads-bagel.com
clixscale.g2afse.com
code.jquery.com
connect.facebook.net
cpafull.go2cloud.org
fonts.googleapis.com
fonts.gstatic.com
getbestprofits1.life
go.domainxchange.xyz
i1.ytimg.com
jdango.olaldo.com
maxcdn.bootstrapcdn.com
router.adhoc4.net
rs.pattern-trader.net
so.slytrk06.com
srv.popcornlinks.com
stats.g.doubleclick.net
www.9t5.me
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.laxob.com
www.pattern-trader.net
www.popcornlinks.com
www.youtube.com
yltenim.com
chads-bagel.com
jdango.olaldo.com
104.31.86.229
130.211.31.128
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:1b
212.32.250.3
2606:4700:3031::681b:879c
2620:1ec:c11::200
2a00:1450:4001:801::200e
2a00:1450:4001:806::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:814::200a
2a00:1450:4001:819::2004
2a00:1450:4001:819::200e
2a00:1450:4001:81b::200e
2a00:1450:4001:81f::2003
2a00:1450:4001:824::2008
2a00:1450:400c:c0c::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.213.159.135
34.243.146.12
35.157.74.22
35.244.148.197
35.246.245.45
5.101.47.55
52.210.2.133
54.76.186.124
65.60.58.178
99.198.108.198
00326fd67323daab320052ff3f205afed8f0c83ffc0f5ded7295a7c23db65bee
0a06af3ad0c7cf358417e22d5f3f10d9c6408a04c869b962d19d9bcf07b85352
0a38f58671095a8a5b0eea4b27ab252e874c4230adb768ee2b0155bba1e9afc5
0b7770b7e9f729571f1388994feb0834c959008558d1778bd16e58c7f96e9d97
0c4de69bf28319ecbac1e8dd4dd414c45a39895b20c165ea56ecea2c76d1dd68
271978b06de1a969aabd38bdeb72771935f8cedee9b284af9d54328710983627
2e0fd9812ea2aad0ed2fa667b8f591d2008e1a4a238b365c7b07c9365f487c16
2f84a570c284130bcc02e9c2bca933f8ffae012f5445950c72254ecb7c5ce152
379970496579ce20359bedb35c343fb34eda887aa001fbc7758aa0a4e02dd5d5
38b315c5897c468031d991c968412ed04585b53676d3689d022d0bb0ac7e1e6c
390364cc07ac7bfe65e544b07b59a4158013f94de9770db8c68b96f23cdcbccc
41b5bb45e1ddfa4499fa81022f126ac0c0047d24bb9d0141945efa85d58e4c10
42cdc9616d429203279b4dc81a268c3ec30d43f660709d700dde217f1660d480
47478b933ba06dcdd5aac22b8178f62b71e267dfc388ef21e516dc87240f0c2e
4f934f8e9f41920c9fb8c1e6becce47026cbd5be106221bfdc9d59d2f821ddb0
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54391608a0189ff8ded9b12987d6680256c0f0c1d91edf9191196a3a587bce17
56cfb2a08032e82843ccac91504bbf42ababde4aea91bbacd9b683912cd8b21a
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
67d1169b0c88a5f9ae7043e3a7857e2bef0a1b6a7f474ea4f9017eed8ce7fc42
6fc0e97ff197c49a80741d45b5b572f597cd6feb6d91d4fdc7e03b1baadbf713
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
74c70b792a0539c0a17597f33af76e5d022dfb952a100a3af4ca8f434d3a3b56
79cbfaa5df35609d4d01717d07ecb6324606c05aa7709cb91cc3d01af3055d02
7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082
81c1fa39048c6fa88413b7c2dcc63f993bc48d022bb023330e8671745cad61ef
8e7d653b08ccb9d7bcfd84381d5b2c30c22b2ef4b941d43de0367e46eff765a7
93e617091d75c8985946ce6b638c84e11c25a42cecbe4416e67a4b2641db8e62
9545e3627ea461154cab8a69f9710d5b2d544e3f38e21dd61dd08991cb8b4b13
99a902ed774afa1de9ac84075be429295a5efd7a33c5008c62577dad5c548078
9b160c61c374fc329466c2f56ab58f475d1965709d6dde69cb366ee07d48bed7
9c5dcd8332621e899d320276245d05f2dcecb58221f94cde0475236fe3d35760
9e9a02f067a3b963480a44fd1a6ff85f069a0c58a0bf45342cb590f9766af606
a48fca23f43035e4c0c9c93b3b27ef605b013789427ac71fc9b585256155f0a5
ab7d1f95031041d1a4a7703c80fbb0090834c10fb3424f524442497ca1e2cb5b
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b2c6f460a09ca49cd8081827d5b9e2a3d54f2eecc2c98891c4faa6935af19e84
b8779379d6cd5ba83513242df60bc7393e455ea5ed2062ff302be096ee8f6337
c37f0b7e2010a80f39b5ed177e36bfe01de00f2dd986899c0f8c40c1acd2a2f7
c493b0a6d9a42ed0a102bcd31360d00491e23ac5cb4f7cbf8ae9c61f577ccccc
d5f6df2e1de03593288ba247bf26d06912b5e4c46a5c799d856b2d608f6bc0f5
d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe
e01a475425b48a40b7dd1c70f9f2172ec2f4c7a456b85a97fbfe12e308051f30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55f3cdab57eb4084f7006cfe9f7f047e638e1b257a53498aaed14b83087152a
e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870
ea5813ae23aa0baffd16f9cab6c3d6e0f90cf907b885d527eb83e4db2a274008
ee168ed48e3541a6a3405c6fd69074feb45762becaa8f3eb606bd6a777866883
f501cc0771844bd01a56b4a973b3588f9016a7d221b9c3cab6cc96dd5ceba648
f79dfaabb417f7b777458a24663c5075dd1e56026e20578a0d74568b3c762375
f9e5c31083af592f1bd83a8462b2397d9efcc880d9253dc796246df97dd40232

www.pattern-trader.net Open in urlscan Pro 34.243.146.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

65 %HTTPS

55 %IPv6

27 Domains

30 Subdomains

22 IPs

6 Countries

1200 kBTransfer

2137 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.pattern-trader.net Open in urlscan Pro
34.243.146.12 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

65 %
HTTPS

55 %
IPv6

27
Domains

30
Subdomains

22
IPs

6
Countries

1200 kB
Transfer

2137 kB
Size

8
Cookies

66 HTTP transactions
1 data transactions