www.clkmg.com Open in urlscan Pro
50.97.212.250 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.bankofamerica.comgoogle.com/
Effective URL:
https://www.clkmg.com/err/?u=qvikar&l=lastminute&s=A&e=403
Submission: On April 27 via manual (April 27th 2021, 8:41:44 pm UTC) from US

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 14 HTTP transactions. The main IP is 50.97.212.250, located in San Jose, United States and belongs to SOFTLAYER, US. The main domain is www.clkmg.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on February 3rd 2021. Valid for: a year.

This is the only time www.clkmg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.107.56.193 185.107.56.193	43350 (NFORCE) (NFORCE)
1 2	209.15.13.136 209.15.13.136	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	173.192.101.24 173.192.101.24	36351 (SOFTLAYER) (SOFTLAYER)
1 1	192.254.234.214 192.254.234.214	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1 2	50.97.212.250 50.97.212.250	36351 (SOFTLAYER) (SOFTLAYER)
8	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	143.204.202.87 143.204.202.87	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	5

1 185.107.56.193 (Netherlands) 1 redirects

ASN43350 (NFORCE, NL)

www.bankofamerica.comgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.15.13.136 (Toronto, Canada) 1 redirects

ASN13768 (COGECO-PEER1, CA)

btpnative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.192.101.24 (Dallas, United States) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com

mybetterdl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p274639.mybetterdl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.254.234.214 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-254-234-214.unifiedlayer.com

qvikar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.97.212.250 (San Jose, United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: fa.d4.6132.ip4.static.sl-reverse.com

www.clkmg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.202.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-87.fra53.r.cloudfront.net

cdn.clkmg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	typekit.net use.typekit.net p.typekit.net	142 KB
5	clkmg.com 1 redirects www.clkmg.com cdn.clkmg.com	9 KB
2	mybetterdl.com 2 redirects mybetterdl.com p274639.mybetterdl.com	3 KB
2	btpnative.com 1 redirects btpnative.com	7 KB
1	qvikar.com 1 redirects qvikar.com	126 B
1	comgoogle.com 1 redirects www.bankofamerica.comgoogle.com	606 B
14	6

	Domain	Requested by
8	use.typekit.net	www.clkmg.com
3	cdn.clkmg.com	www.clkmg.com
2	www.clkmg.com	1 redirects
2	btpnative.com	1 redirects
1	p.typekit.net	www.clkmg.com
1	qvikar.com	1 redirects
1	p274639.mybetterdl.com	1 redirects
1	mybetterdl.com	1 redirects
1	www.bankofamerica.comgoogle.com	1 redirects
14	9

This site contains no links.

Subject Issuer	Validity	Valid
*.clkmg.com AlphaSSL CA - SHA256 - G2	`2021-02-03` - `2022-03-07`	a year	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.clkmg.com/err/?u=qvikar&l=lastminute&s=A&e=403
Frame ID: 2FD7FB6DB81E97C92CA0FF7AD16180D3
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.bankofamerica.comgoogle.com/ HTTP 302
http://btpnative.com/click?data=NU01SmZsaUQ2YnlZR3hzWnVhQThnMm1oUmlyVUx2R3NmcWVKRTJJT0tzNkdHa0dCb... Page URL
http://btpnative.com/Redirect/ HTTP 302
http://mybetterdl.com/aS/feedclick?s=NnlfnMR-U-p8Vk7yTyv99I8uDhK_8R6j6jUvurVsDL5aWBpKBd4gVCmlRn5dG... HTTP 302
http://p274639.mybetterdl.com/adServe/domainClick?ai=BHZR9knK0bIW4b-QPu25EcCOpKdW2wecVQaqf7C-t2o6mUxtRVKv2... HTTP 302
https://qvikar.com/lastminute/flight/364372905 HTTP 302
https://www.clkmg.com/qvikar/lastminute/flight/364372905/ HTTP 302
https://www.clkmg.com/err/?u=qvikar&l=lastminute&s=A&e=403 Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

14
Requests

93 %
HTTPS

25 %
IPv6

6
Domains

9
Subdomains

5
IPs

4
Countries

153 kB
Transfer

163 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bankofamerica.comgoogle.com/ HTTP 302
http://btpnative.com/click?data=NU01SmZsaUQ2YnlZR3hzWnVhQThnMm1oUmlyVUx2R3NmcWVKRTJJT0tzNkdHa0dCbGtVNjVydFdnTDJMaThJa0l4UFBrUTd1NTN3VzZZTFNQclMtS2gtY0k2NmR3TVpsZDhFTW5CQm13akFERUpFdWNpbG1rM1JWTWQycVQwc3VKOXdvRmhLZUxjbDhMbW1sa3lDNVB3Mg2&id=06d06be6-456a-4348-b066-17aee3d2a847 Page URL
http://btpnative.com/Redirect/ HTTP 302
http://mybetterdl.com/aS/feedclick?s=NnlfnMR-U-p8Vk7yTyv99I8uDhK_8R6j6jUvurVsDL5aWBpKBd4gVCmlRn5dGpARFKf9fXD8YYCdQfpG9b8AoYNkbxMK5NnqWwu1N9EyadmDnvSqaFKhvyj_azNvjJ2mEu8ndygsCPawsj9FqWLMRCZxWMXLFIoP2Y2n5k0YeHDKBHycKXW9Vrt65JxpnUTEHwHKQbwNW6fPbdyw0eF5rSkSjzjqAHzVSX0-qbl45hX93gnJqj1Tvudb7PturozvkYfd2j8xB7yszfQJQwNUul2nVu9MO0XXODxi6cliZ9sFFpa_XiZInN_AJfv26fhZ7tjItBj8Zp0Q5LChudVS6EHII6dKvyPwpdMynfMZ-YcTqKvdEilbw_guZUAfUqTRYv6ioEB52eX9hQvlhlJWkNsDryx2AlA4rcMrvFhEmH9ydQr0SblAAk1LkrktIxAhLh4ia8G9qkUjnZSOw3QwA4UpFz7_PTErajwlHOnBc4-_CQxvAMNpKPV_Nok7AvoaP2lwRjEowcF7EI0Jflq1P8mUXnNDHDWUsdBrkiaJCPnua7zrCR5JiSb007w7o7M2I80iubcpWQ3jqpyE_n9UV0Z1h7IcI1D-_VS6jfsR4Fo_XvKDDJtHKP3xDZOuZh7yVSISPo5L5WGHq0Y8T4NQNAEftzE0Z8MPEql_NZiuctm-0HNfriknRlyYIDN0xapF7L251P2Y6Z_aPdm3Ajfw_-oA8TOoz6h7mKBGYjhKH9t7GFGOGD3h8Y5kMK4iWUOhZQ-MJGjK-Dw4oLBxMp0G3vU8S-jRbLTn4rPvf9wjGyLxp7ldzUwLbio5M9rhNx9Idg_n-vdW_loHKxiiIpGZMG-U6qDvQD8MFBB2eCX-Joa6KqEUJ45dXfFTXOoGs7ODbEEeSPvhJmzEc5G6pdMS2DGXAHDpXyV6mShVRCFjbh6Kr8W2g8BSSJUV72NG5MzRSiDC9HU8zWE0lFRn8ZJVQbgao_M-_fkarvVA655eFHj5g0G67g9KgJ4kGsd99xwHiI8gTQyedKbw0PVsYMX47WhoFI1bORf13L6cxiUxxDljD3kZSCrbh-VZ8MCRACX5zhZVTlV5_PFmT-BhBn1bPITOsDemkvjHBb-lTV4DxOxX0rKrCJsCVWxRKGiHtNwZRgwE-Oq9w1h_lrGGFu0UgA6qehHpH1KPFQ6u9zXTOB6T50jh62bC0TFxwUZU5_kna2nHGlIOXq3_rrGNR3q5mg-cvLaAsovvlVLrHxGy3WlyZ17iz2HsUduqxBW63_b-PFz1MtdXA9qtzcTIvZHcP6TTbeFjoUe6vaHKlgXeKbzaQnQQXUEGaQDo0ipuDtJqP5-CVJ4AX97b70HIDvzI7brbYjatKXWNuYa8aAVn-f6BCB-ZcEkYHJvXEzOA5qbREG8oj9zp-4FDtHIq8B5Id-imSte3SizLK_IvEraXVgWfx-GJb9SDNffvJXToqjwNcKWQUfc5-OibXofRKupvXdTnlavyX2j_4XmfVif1Q7AeCGs0vT4RbIhwCEnt5bQkLDSOZdXJi_926N-o-nYw-bOf5wAa6ejxKKYwn_nZP9COGeG8XKoP_FPUSTgSndva9VQsL6I3UOFQbgEGZcOT7CbV6WOQqpHYKbGc1widgPMegb9urNGFGiTUtMPRVDLafuOSNq1ChJA8gDEPoK3r_qGwhRpZoOynUtuA-8jgQq4g3WK25Nxgh3l_6_DzmTNM42FBTTU3tNTyh2Iey4PHcoKFjPG01yqhN9VccAPzIzV9a96Edvp11dsCVcxpzIqt8bZD0Jc7DPjKV-M-JMu8EukJHDC6WvpcLPVTXhAno-lsZbmwoJHOdTUtsbFg-aXax0ypoJbToPGQeFLvZgp6dmamb1jDkZyOEHLUlBvZwEeSTjhFtTsfVcGLWJlhHY7k3c_QIy-9fmoRMAcTh4LOZDaGOIqBQUe4dyZLVFGmZRFUsM4pIQ6r9sPXT4HVLN8tPG0bC5kbgCy1j1b6j6JqrmStpoBgN0fqYfWc_LWSPY5zaokVnH1fKVE0YdQ7jRQsuY0RBag1lkrTy9X_VHO-YjPvWiydzTKm_wDyQQZ3SroqBwVqfJJKVbesHtz5Rru0GUeIR49Vjzec7WsRSfTkwWDWsZxQRMBoxZTYaQnzwocjOKFrxrDAa6fDGUkE6c2xs8MYLGxUAsR1LjWHNII2JMffNBTqkAvOfKv9lEZrJHAtaVefRQLnO0PB6EndKki9HFyWd-G3gyMO2CxqF_bfXe3dwRqpZC7wyGdqXmK43zsgxgyUUMvEi17vCLccWnviYJj-fMXt0TAPDK3-HBJr0IxqCdK2_ZPdkXVG70CQtMe7xYLewV9DDBNfkcv3FOPQ0BGiB08dzZHkQTSCARrm6W5uDibG9_0XZJKY3oEq-piXjUK6wHRVKAL3JXAbXBjYvrtGlc3hUjR60yNGh4abwso7zJXgUOkDgHed6Igk1EpU3jEYPW_JfByqgBlXJJmO0mzmshB-jixIjfpqU8mbtWslnPOd0_XvZ9NR2plTiDCEi7RKQVxE6EopJ67wd82KYTghlIZQeg1_sRt0ANmNY073ULs_HVVBOREfhAjcaniw7Uf5-d31WubTNOHDr2DdHFAiffGIZixUAMIvBihXkryTx8BGXufLMf5ZQ8raOvvlbIeD4-h0s4xEMacvaLA0rtg5Yuugvl7nAA319rQT5Ud6a0Dn6eNJizYKweXujG-J7JnMs7EaWDzJE_6X2Ti4dOAadnGy3NlEpHe1EwjPIKepRLxei0WLiqlDupeUiDxHQJpsyxV7m4MRXfqc9uZLa4fRBFckWAOikJqB5W6FAL90j4MI3tBeZISyGMJqezdY4GXqWgil0a5iKz9pTYVV3NUyS2OY4LGBq4r66DLXDHKpzb4RnYcMWoUrD5b5-r7l2lDkdfbcBL5ivmohsHDNuVrSZOF0djbF9OIMaYnRA9UrTBluRpZunlHWmX__7QBwfKIg9gwclLUQOoiSbIQGwUPSBrOrUUjRDzUWJxrIORO6fFUEkvSsxmH_F6c0zcr2oGt9x3pQAGqG_MteQPOTqHoSSKQsprate1VWtwz0kYYkYLwcwVYVpa09gLUKSwTAjqSnVtsHnFUGqn-wvrdqOplMbUVSr9o7MRCw2iDeXjn7NDYwqGLNmvdNVb-Ai2stHJ40dhGifIz7G5VEuRgymPiz2CCsgTeJvWnft0bBJgdj3hrjRVaHrtiICK7KFDIINlLNp88D_J3lQ0fSx8yQ5ZN_JRYbxP2ih26Ce_wl-kGMnp5jlJ17IEcBokdAyojWzrTzPJWscDTFdgTqOft_AJvDP6kxjIyomXbdUl7ERBaT4fJE5cGYor3Eh3pSDFveuCpB5VXW_4mxPElewyUZogBmV4--dMxSYqvlYBIR-Q95Ye9IzfNp69aAxcIr-aV-rJZ89R53tRdBW-x8j2fyp_gVlIdhEWpsRBbr1obFsxJFbG-f-YBBVde6IkFDlOtqjrm54DyjFMJ3hlMMf3AgdA2gKDw2YFq-a3KKIIx5ws8kSxi5Qzvw-VcgP5i6YsxV0E0xvrrTxLAOXpuEN7JmCPKqC_ZNt91HFwwf0VNq2WCHE7L6dhPUq04c-rxTN7VR1IFkYyenPk6yW7B1dWxFS71OA4M8VO5xzhQttIBuBapsLNtrm8oQCzgztUHS6iaF2zzVAou7gwrjM4qCBPRUHXgoMnnl08EzSxmtwXRyT1_j2cRDmvn20rx-LLe_ia3LyJ9XuE9JklpuI95mkGBgGAkXq9g5CkcIVM51975JzePlQcGkQSbySWStM4mCCt1oOgN9pzNxgu8myo8knxIs9hFRbzR9uXvAFktxRPlUe7k8AxCIuA9i0jx5m6WemXrinCiC0rag1MUxrEIDvVjZIyQPSqYnzK3bncJs59KMmSiHCwJn7aIEEeDU7QZXFB_h1SddY5zhb-4z_nir0mUV9_006yTxQr-FXzcrGnTGoaN80dppTISxNrbYDJGviJH3L4sJTriFV2VVO3XwPGoxhm3pC-YE3XOzbnPo_3Qt65148Kf6daaL2DOTo93lfWpbItZ1zNcNZqJWkFFJwO7c2njqcItqQzrAWc4lEy7Pmx8C6ONe2RpkWkZ5AmxkEa3NNkMUZr-WXOX91e9tNBlpeIjPA9ryzxxFuhMyUT9-EBgCOIKVGEvT4ultDLwAp4i-9U3yHBjgTrDELJSG4Ce32klrqfvqc-dGBrhH2qyYeOQaH3qmtvW5EaLkjV04-65OuSLeesmJKt6Qc5tWTFVbHtsdaw_yPFxKepreOXXNgYxy1aNfbh_Gjte-yYWVenOI-NxHgA8_Hr7q1lDTWTnrDHrmHRtz3mbm86MZtqdwVTxsNfcH45e8_3XI6f60i2yVm6DTnB7LyGc81-xkG2HFekntYE_IAqFr2jSDXLgIORng2BQ6PDt8Qhamyn6k74WveXcVSrrToBoe69ovvZ0wjgAh-lLfURZ52jM6-Hyv0hiLJyI21pyAQEAcbp9SD4YmDW_olsHQNA HTTP 302
http://p274639.mybetterdl.com/adServe/domainClick?ai=BHZR9knK0bIW4b-QPu25EcCOpKdW2wecVQaqf7C-t2o6mUxtRVKv2jsxELDaIN5eOfs0NjCoYs2a901Vv4CLay0cnjR2EaJ8jPsblUS5GDKY-LPYIKyBN4m9ad-3RsEmB2PeGuNFVoeu2IgIrsoUMgg2Us2nzwP8neVDR9LHzJDlk38lFhvE_aKHboJ7_CX6QYyenmOUnXsgRwGiR0DKiNbOtPM8laxwNMV2BOo5-38Am8M_qTGMjKiZdt1SXsREFpPh8kTlwZiivcSHelIMW964KkHlVdb_ibE8SV7DJRmiAGZXj750zFJiq-VgEhH5D3lh70jN82nr1oDFwiv5pX6slnz1Hne1F0Fb7HyPZ_Kn-BWUh2ERamxEFuvWhsWzEkVsb5_5gEFV17oiQUOU62qOubngPKMUwneGUwx_cCB0DaAoPDZgWr5rcoogjHnCzyRLGLlDO_D5VyA_mLpizFXQTTG-utPEsA5em4Q3smYI8qoL9k233UcXDB_RU2rZYIcTsvp2E9SrThz6vFM3tVHUgWRjJ6c-TrJbsHV1bEVLvU4DgzxU7nHOFC20gG4Fqmws22ubyhALODO1QdLqJoXbPNUCi7uDCuMzioIE9FQdeCgyeeXTwTNLGa3BdHJPX-PZxEOa-fbSvH4st7-JrcvIn1e4T0mSWm4j3maQYGAYCRer2DkKRwhUznX3vknN4-VBwaRBJvJJZK0ziYIK3Wg6A32nM3GC7ybKjySfEiz2EVFvNH25e8AWS3FE-VR7uTwDEIi4D2LSPHmbpZ6ZeuKcKILStqDUxTGsQgO9WNkjJA9KpifMrdudwmzn0oyZKIcLAmftogQR4NTtBlcUH-HVJ11jnOFv7jP-eKvSZRX3_TTrJPFCv4VfNysadMaho3zR2mlMhLE2ttgMka-IkfcviwlOuIVXZVU7dfA8ajGGbekL5gTdc7Nuc-j_dC3rnXjwp_p1povYM5Oj3eV9alsi1nXM1w1molaQUUnA7tzaeOpwi2pDOsBZziUTLs-bHwLo417ZGmRaRnkCbGQRrc02QxRmv5Zc5f3V7200GWl4iM8D2vLPHEW6EzJRP34QGAI4gpUYS9Pi6W0MvACniL71TfIcGOBOsMQslIbgJ7faSWup--pz50YGuEfarJh45Bofeqa29bkRouSNXTj7rk65It56yYkq3pBzm1ZMVVse2x1rD_I8XEp6mt45dc2BjHLVo19uH8aO177JhZV6c4j43EeADz8evurWUNNZOesMeuYdG3PeZubzoxm2p3BVPGw19wfjl7z_dcjp_rSLbJWboNOcHsvIozrqvAHL0t504Bp2cbLc2USkd7UTCM8gp6lEvF6LRYuKqUO6l5SIPM9LCz5E8ciHT2L9NFyVXF4ZL3riCD_lej7KMRtpNd8-bM7TR-A6o2LnrG8E1DfQ9ew0vOFsMc3sO13cAsy5wrirQarODB6s1TdmkZQqqBbUlIVqRlJElCiveXcVSrrToJc9r3PL9gX2JAbQMUL10Lli3oXuQ2PqgV4a5_BZxPoWqUzaeYhSjwo4wze4caGpDvAdDxfNZOFVxWfBO_Pgkf9Lj9hxf0SJk0tVfUbfcXAU2dgRsl_cISdhzavJEfo6eseVq4GY9uFdESEy041wghMrAgV2R4ubIyh-8XWjYI5uvZ0tvrAyc11VkHRUwGVzse4_hxqmBidZ34_EUBB7T3W5HBHAGI8aS_WnPuRnYd9p0RYa9hQXLPnvYpQjImT0vw&ui=NnlfnMR-U-p8Vk7yTyv99PbWwvziNp_1xLgNeF8Zj-iGJGC8HMFWFfpiPfceSvs4sgvrscywnx2jp_udpxlZ2pLxAewvyS7-gragJnZ_NOS8l2LrYZXlUQ&si=1&oref=ea56685dd78977ad17f417765729fb70&optunit=cHyiIPYMHJSoUcGaowjSEg&rb=i8W508k1yvEppUZ-XRqQEeFUFELflZ8w&rr=0&abtg=500 HTTP 302
https://qvikar.com/lastminute/flight/364372905 HTTP 302
https://www.clkmg.com/qvikar/lastminute/flight/364372905/ HTTP 302
https://www.clkmg.com/err/?u=qvikar&l=lastminute&s=A&e=403 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.bankofamerica.comgoogle.com/ HTTP 302
http://btpnative.com/click?data=NU01SmZsaUQ2YnlZR3hzWnVhQThnMm1oUmlyVUx2R3NmcWVKRTJJT0tzNkdHa0dCbGtVNjVydFdnTDJMaThJa0l4UFBrUTd1NTN3VzZZTFNQclMtS2gtY0k2NmR3TVpsZDhFTW5CQm13akFERUpFdWNpbG1rM1JWTWQycVQwc3VKOXdvRmhLZUxjbDhMbW1sa3lDNVB3Mg2&id=06d06be6-456a-4348-b066-17aee3d2a847

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set click
btpnative.com/
Redirect Chain

http://www.bankofamerica.comgoogle.com/
http://btpnative.com/click?data=NU01SmZsaUQ2YnlZR3hzWnVhQThnMm1oUmlyVUx2R3NmcWVKRTJJT0tzNkdHa0dCbGtVNjVydFdnTDJMaThJa0l4UFBrUTd1NTN3VzZZTFNQclMtS2gtY0k2NmR3TVpsZDhFTW5CQm13akFERUpFdWNpbG1rM1JWTWQyc...

5 KB
3 KB

262ms
233ms

Document
text/html

209.15.13.136
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: http://btpnative.com/click?data=NU01SmZsaUQ2YnlZR3hzWnVhQThnMm1oUmlyVUx2R3NmcWVKRTJJT0tzNkdHa0dCbGtVNjVydFdnTDJMaThJa0l4UFBrUTd1NTN3VzZZTFNQclMtS2gtY0k2NmR3TVpsZDhFTW5CQm13akFERUpFdWNpbG1rM1JWTWQycVQwc3VKOXdvRmhLZUxjbDhMbW1sa3lDNVB3Mg2&id=06d06be6-456a-4348-b066-17aee3d2a847
Protocol: HTTP/1.1
Server: 209.15.13.136 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash

Request headers

Host: btpnative.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: pFQHixtHqazTVKu=pFQHixtHqazTVKu; path=/
X-Server: web01
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Tue, 27 Apr 2021 20:41:26 GMT
Content-Length: 2184

Redirect headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Tue, 27 Apr 2021 20:41:27 GMT
location: http://btpnative.com/click?data=NU01SmZsaUQ2YnlZR3hzWnVhQThnMm1oUmlyVUx2R3NmcWVKRTJJT0tzNkdHa0dCbGtVNjVydFdnTDJMaThJa0l4UFBrUTd1NTN3VzZZTFNQclMtS2gtY0k2NmR3TVpsZDhFTW5CQm13akFERUpFdWNpbG1rM1JWTWQycVQwc3VKOXdvRmhLZUxjbDhMbW1sa3lDNVB3Mg2&id=06d06be6-456a-4348-b066-17aee3d2a847
server: nginx
set-cookie: sid=eff41092-a798-11eb-8f6b-f2a50e952004; path=/; domain=.comgoogle.com; expires=Sun, 15 May 2089 23:55:34 GMT; max-age=2147483647; HttpOnly

GET
H/1.1

200
OK

Primary Request / Show response
www.clkmg.com/err/
Redirect Chain

http://btpnative.com/Redirect/
http://mybetterdl.com/aS/feedclick?s=NnlfnMR-U-p8Vk7yTyv99I8uDhK_8R6j6jUvurVsDL5aWBpKBd4gVCmlRn5dGpARFKf9fXD8YYCdQfpG9b8AoYNkbxMK5NnqWwu1N9EyadmDnvSqaFKhvyj_azNvjJ2mEu8ndygsCPawsj9FqWLMRCZxWMXLFIoP...
http://p274639.mybetterdl.com/adServe/domainClick?ai=BHZR9knK0bIW4b-QPu25EcCOpKdW2wecVQaqf7C-t2o6mUxtRVKv2jsxELDaIN5eOfs0NjCoYs2a901Vv4CLay0cnjR2EaJ8jPsblUS5GDKY-LPYIKyBN4m9ad-3RsEmB2PeGuNFVoeu2IgI...
https://qvikar.com/lastminute/flight/364372905
https://www.clkmg.com/qvikar/lastminute/flight/364372905/
https://www.clkmg.com/err/?u=qvikar&l=lastminute&s=A&e=403

1 KB
2 KB

176ms
176ms

Document
text/html

50.97.212.250
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clkmg.com/err/?u=qvikar&l=lastminute&s=A&e=403

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.97.212.250 San Jose, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

fa.d4.6132.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

826a2fa2fa2ae55e8fd819ff1dd7cc3f0aacc8fe138601f727e42e534824a42b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.clkmg.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://btpnative.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: alc=1; lids=1398219-1398219+
Upgrade-Insecure-Requests: 1
Origin: http://btpnative.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://btpnative.com/

Response headers

Date: Tue, 27 Apr 2021 20:41:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="This is not a P3P policy! See http://www.clkmg.com for more info."
Server: nginx
X-Permitted-Cross-Domain-Policies: none
X-CM-FE: httpfe-01.clickmagick.com
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Tue, 27 Apr 2021 20:41:30 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 254
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://www.clkmg.com for more info."
Set-Cookie: alc=1; domain=.clkmg.com; expires=Tue Apr 27 20:41:35 2021; path=/; lids=1398219-1398219+; domain=.clkmg.com; expires=Wed Apr 27 20:41:30 2022; path=/;
Location: https://www.clkmg.com/err/?u=qvikar&l=lastminute&s=A&e=403
Server: nginx
X-Permitted-Cross-Domain-Policies: none
X-CM-FE: httpfe-01.clickmagick.com
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 wst2ulc.js Show response
use.typekit.net/ 19 KB
7 KB 43ms
30ms Script
text/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/wst2ulc.js

Requested by

Host: www.clkmg.com
URL: https://www.clkmg.com/err/?u=qvikar&l=lastminute&s=A&e=403

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

c8339fc8048521fecc33765f63b2d5434c3e889d07a7ea2142569d7523425eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.clkmg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Tue, 27 Apr 2021 20:41:31 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7063

GET
H/1.1 200
OK style.css
cdn.clkmg.com/misc/css/ 4 KB
5 KB 99ms
22ms Stylesheet
text/css 143.204.202.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.clkmg.com/misc/css/style.css
Requested by: Host: www.clkmg.com
URL: https://www.clkmg.com/err/?u=qvikar&l=lastminute&s=A&e=403
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-87.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: aee2eea98fe361676bd0521ec6807a2db03ff77854d5bf4abbf4c3765a7ef1cb

Request headers

Referer: https://www.clkmg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Apr 2021 00:48:16 GMT
Via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
X-Permitted-Cross-Domain-Policies: none
Age: 849195
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 4319
Last-Modified: Fri, 13 Nov 2020 22:42:01 GMT
Server: nginx
ETag: "5faf0bb9-10df"
Content-Type: text/css
Cache-Control: max-age=2592000, public, no-transform
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: TjsomKv5xnU6JMzDFWmxSM1SNFOeMKILVBSmdS176m1MNxDcQQ7c9w==
Expires: Tue, 18 May 2021 00:48:16 GMT

GET
H/1.1 200
OK spacer.gif
cdn.clkmg.com/images/ 43 B
632 B 78ms
22ms Image
image/gif 143.204.202.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.clkmg.com/images/spacer.gif
Requested by: Host: www.clkmg.com
URL: https://www.clkmg.com/err/?u=qvikar&l=lastminute&s=A&e=403
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-87.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://www.clkmg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 04:55:47 GMT
Via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
X-Permitted-Cross-Domain-Policies: none
Age: 2216744
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 43
Last-Modified: Thu, 23 Feb 2017 23:21:15 GMT
Server: nginx
ETag: "58af6e6b-2b"
Content-Type: image/gif
Cache-Control: max-age=7776000, public, no-transform
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: e8y8l-aQZV4Q35u9woxENhSEdKNZ1tf-oiQUDsYaUF9J5XSztWukZA==
Expires: Thu, 01 Jul 2021 04:55:47 GMT

GET
H2 200 l
use.typekit.net/af/949f99/00000000000000003b9b3068/27/ 20 KB
20 KB 26ms
14ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by: Host: www.clkmg.com
URL: https://www.clkmg.com/err/?u=qvikar&l=lastminute&s=A&e=403
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 881e7b20812ce29768f6a17c9ad915d47bda3210d3e9d71211058e678edc200d

Request headers

Origin: https://www.clkmg.com
Referer: https://www.clkmg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 20:41:31 GMT
server: nginx
etag: "269ca480d9f4b562d1fba420527e4402600739cc"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20008

GET
H2 200 l
use.typekit.net/af/576d53/00000000000000003b9b3066/27/ 19 KB
19 KB 29ms
17ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/576d53/00000000000000003b9b3066/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n6&v=3
Requested by: Host: www.clkmg.com
URL: https://www.clkmg.com/err/?u=qvikar&l=lastminute&s=A&e=403
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 444825f8594a1762e91c371701c5cb977f1f5a1cf3ffdaeee7275ed02ef08ee1

Request headers

Origin: https://www.clkmg.com
Referer: https://www.clkmg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 20:41:31 GMT
server: nginx
etag: "3ccd1ae03778c6cb2046e3eed29ee013671c6f8b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19668

GET
H2 200 l
use.typekit.net/af/705e94/00000000000000003b9b3062/27/ 19 KB
19 KB 35ms
24ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by: Host: www.clkmg.com
URL: https://www.clkmg.com/err/?u=qvikar&l=lastminute&s=A&e=403
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9712da95885dd6bdb189f5a01d816defeb9ef10da71d750906a30e11156bf7c6

Request headers

Origin: https://www.clkmg.com
Referer: https://www.clkmg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 20:41:31 GMT
server: nginx
etag: "83d5d34ada9d3835ff15f4e0202acf78c83bd6d3"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19464

GET
H2 200 l
use.typekit.net/af/5c84c3/00000000000000000001787b/27/ 19 KB
20 KB 45ms
34ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5c84c3/00000000000000000001787b/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by: Host: www.clkmg.com
URL: https://www.clkmg.com/err/?u=qvikar&l=lastminute&s=A&e=403
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1a5664bf0b1e1b4470e725c6eec04507a0af9fb9bd38a9c39e26aacfe00abfa4

Request headers

Origin: https://www.clkmg.com
Referer: https://www.clkmg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 20:41:31 GMT
server: nginx
etag: "cc491c805d4dcb7839d2ec6e2918417164a45327"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19896

GET
H2 200 l
use.typekit.net/af/5ea570/00000000000000000001787d/27/ 20 KB
20 KB 33ms
22ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5ea570/00000000000000000001787d/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n5&v=3
Requested by: Host: www.clkmg.com
URL: https://www.clkmg.com/err/?u=qvikar&l=lastminute&s=A&e=403
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2753ce7d38a7f3543ac46c4cd196839c534666e4e1c7c2830c1301550aaff7c3

Request headers

Origin: https://www.clkmg.com
Referer: https://www.clkmg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 20:41:31 GMT
server: nginx
etag: "78f4821a3250e7634b12981dfef1fb7dd79ec532"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20604

GET
H2 200 l
use.typekit.net/af/113b28/00000000000000003b9ae568/27/ 18 KB
18 KB 33ms
21ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/113b28/00000000000000003b9ae568/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.clkmg.com
URL: https://www.clkmg.com/err/?u=qvikar&l=lastminute&s=A&e=403
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d05537281c02251d877fa358d37c648781d2426c19853287217cd888964a12e0

Request headers

Origin: https://www.clkmg.com
Referer: https://www.clkmg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 20:41:31 GMT
server: nginx
etag: "fdc56dbcde57a49cc839f72806b45d7200f7867b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18116

GET
H2 200 l
use.typekit.net/af/156fde/00000000000000003b9ae56a/27/ 18 KB
18 KB 38ms
28ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/156fde/00000000000000003b9ae56a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: www.clkmg.com
URL: https://www.clkmg.com/err/?u=qvikar&l=lastminute&s=A&e=403
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: adc70882dcbb6ba533bccc988bfdca8bce844a098435c5f496eb38c544376f9e

Request headers

Origin: https://www.clkmg.com
Referer: https://www.clkmg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 20:41:31 GMT
server: nginx
etag: "872eff388a4366c268fa6cc2ccadf8d3facbf129"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18552

GET
H/1.1 200
OK bg.gif
cdn.clkmg.com/images/ 799 B
1 KB 81ms
22ms Image
image/gif 143.204.202.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.clkmg.com/images/bg.gif

Requested by

Host: www.clkmg.com
URL: https://www.clkmg.com/err/?u=qvikar&l=lastminute&s=A&e=403

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.202.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-202-87.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

775af1e05be91c6fdb8caca7051355119556ebd7e8e4d719ac440efa5c358eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.clkmg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 01:26:43 GMT
Via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
X-CM-FE: httpfe-02.clickmagick.com
X-Permitted-Cross-Domain-Policies: none
Age: 2229288
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 799
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 23 Feb 2017 23:21:15 GMT
Server: nginx
ETag: "58af6e6b-31f"
Content-Type: image/gif
Cache-Control: max-age=7776000, public, no-transform
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: MgYgLm65iY4ekTIu29IP2fZhhtJkL78RUWl6d8NjyfeaJmNLTokzaQ==
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jul 2021 01:26:43 GMT

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 24ms
6ms Image
image/gif 2a02:26f0:6c00:2ae::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=wst2ulc&ht=tk&h=www.clkmg.com&f=139.173.175.9785.9791.30497.30499&a=957171&js=1.20.0&app=typekit&e=js&_=1619556091209
Requested by: Host: www.clkmg.com
URL: https://www.clkmg.com/err/?u=qvikar&l=lastminute&s=A&e=403
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://www.clkmg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 20:41:31 GMT
last-modified: Wed, 02 Sep 2020 03:58:21 GMT
server: nginx
etag: "5f4f185d-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.clkmg.com/	1970-01-20 02:38:12	Name: lids Value: 1398219-1398219+
			.clkmg.com/	1970-01-19 17:52:36	Name: alc Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

btpnative.com
cdn.clkmg.com
mybetterdl.com
p.typekit.net
p274639.mybetterdl.com
qvikar.com
use.typekit.net
www.bankofamerica.comgoogle.com
www.clkmg.com
143.204.202.87
173.192.101.24
185.107.56.193
192.254.234.214
209.15.13.136
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00::210:ba2a
50.97.212.250
1a5664bf0b1e1b4470e725c6eec04507a0af9fb9bd38a9c39e26aacfe00abfa4
2753ce7d38a7f3543ac46c4cd196839c534666e4e1c7c2830c1301550aaff7c3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
444825f8594a1762e91c371701c5cb977f1f5a1cf3ffdaeee7275ed02ef08ee1
775af1e05be91c6fdb8caca7051355119556ebd7e8e4d719ac440efa5c358eb3
826a2fa2fa2ae55e8fd819ff1dd7cc3f0aacc8fe138601f727e42e534824a42b
881e7b20812ce29768f6a17c9ad915d47bda3210d3e9d71211058e678edc200d
9712da95885dd6bdb189f5a01d816defeb9ef10da71d750906a30e11156bf7c6
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
adc70882dcbb6ba533bccc988bfdca8bce844a098435c5f496eb38c544376f9e
aee2eea98fe361676bd0521ec6807a2db03ff77854d5bf4abbf4c3765a7ef1cb
c8339fc8048521fecc33765f63b2d5434c3e889d07a7ea2142569d7523425eaa
d05537281c02251d877fa358d37c648781d2426c19853287217cd888964a12e0

www.clkmg.com Open in urlscan Pro 50.97.212.250 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

25 %IPv6

6 Domains

9 Subdomains

5 IPs

4 Countries

153 kBTransfer

163 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

2 Cookies

Indicators

www.clkmg.com Open in urlscan Pro
50.97.212.250 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

25 %
IPv6

6
Domains

9
Subdomains

5
IPs

4
Countries

153 kB
Transfer

163 kB
Size

2
Cookies

14 HTTP transactions
0 data transactions