clearskin.clicksoffers.com Open in urlscan Pro
138.201.30.150 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://v.ht/rgIS
Effective URL:
http://clearskin.clicksoffers.com/
Submission: On August 19 via manual (August 19th 2019, 1:39:05 pm UTC) from US

Summary HTTP 43 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 14 domains to perform 43 HTTP transactions. The main IP is 138.201.30.150, located in Germany and belongs to HETZNER-AS, DE. The main domain is clearskin.clicksoffers.com.

This is the only time clearskin.clicksoffers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	192.111.136.71 192.111.136.71	46562 (TOTAL-SER...) (TOTAL-SERVER-SOLUTIONS - Total Server Solutions L.L.C.)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:81e::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.38.152.27 54.38.152.27	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE - Google LLC)
28	138.201.30.150 138.201.30.150	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2606:4700::68... 2606:4700::6813:c597	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
2	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
43	12

1 192.111.136.71 (Atlanta, United States)

ASN46562 (TOTAL-SERVER-SOLUTIONS - Total Server Solutions L.L.C., US)

v.ht	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

goo.gl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.152.27 (Germany)

ASN16276 (OVH, FR)
PTR: up.top4top.net

up.top4top.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.98 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 138.201.30.150 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.150.30.201.138.clients.your-server.de

clearskin.clicksoffers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	clicksoffers.com clearskin.clicksoffers.com	1 MB
3	doubleclick.net securepubads.g.doubleclick.net	83 KB
2	gstatic.com fonts.gstatic.com	21 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	13 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	jquery.com code.jquery.com	24 KB
1	googleapis.com fonts.googleapis.com	739 B
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	top4top.net up.top4top.net	1 KB
1	goo.gl 1 redirects goo.gl	615 B
1	googletagservices.com www.googletagservices.com	12 KB
1	v.ht v.ht	2 KB
0	googlesyndication.com Failed tpc.googlesyndication.com Failed
43	14

	Domain	Requested by
28	clearskin.clicksoffers.com	v.ht clearskin.clicksoffers.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	fonts.gstatic.com	clearskin.clicksoffers.com
1	maxcdn.bootstrapcdn.com	clearskin.clicksoffers.com
1	cdnjs.cloudflare.com	clearskin.clicksoffers.com
1	code.jquery.com	clearskin.clicksoffers.com
1	fonts.googleapis.com	clearskin.clicksoffers.com
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	up.top4top.net	v.ht
1	goo.gl	1 redirects
1	www.googletagservices.com	v.ht
1	v.ht
0	tpc.googlesyndication.com Failed	securepubads.g.doubleclick.net
43	14

This site contains links to these domains. Also see Links.

Domain
skinclear.official-variconis.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
*.top4top.net AlphaSSL CA - SHA256 - G2	`2018-03-03` - `2020-04-03`	2 years	crt.sh
*.google.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA	`2018-10-03` - `2019-10-12`	a year	crt.sh
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh

This page contains 1 frames:

Primary Page: http://clearskin.clicksoffers.com/
Frame ID: 2819600365B38E8C027D833FD8184BF9
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://v.ht/rgIS Page URL
http://clearskin.clicksoffers.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

43
Requests

30 %
HTTPS

67 %
IPv6

14
Domains

14
Subdomains

12
IPs

3
Countries

1377 kB
Transfer

1667 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://skinclear.official-variconis.com/?h=815-1566221930-5d5aa66a3d1d04.33381305&tpl=c709f515
Title: BLOG DER AKTIVEN MUTTI

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://v.ht/rgIS Page URL
http://clearskin.clicksoffers.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://goo.gl/lYyE0T HTTP 302
https://up.top4top.net/images/spacer.gif

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK rgIS Show response
v.ht/ 3 KB
2 KB 4171ms
112ms Document
text/html 192.111.136.71
Total Server Solu...

General

Check archive.org

Show headers Download Go to

Full URL: http://v.ht/rgIS
Protocol: HTTP/1.1
Server: 192.111.136.71 Atlanta, United States, ASN46562 (TOTAL-SERVER-SOLUTIONS - Total Server Solutions L.L.C., US),
Reverse DNS
Software: Hotcores /
Resource Hash: d13b88dfdf7e07c6f2182deef04544bb27bca3e7538ae28af8a5164466a637d9

Request headers

Host: v.ht
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: Hotcores
Date: Mon, 19 Aug 2019 13:38:48 GMT
Content-Type: text/html; Charset=UTF-8;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
I-AM: Beta
Content-Encoding: gzip

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 35 KB
12 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: v.ht
URL: http://v.ht/rgIS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

46a22150b8dc486a0fa9d2202b8a9b112bcfe677863948be8ce50c863e5aad67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://v.ht/rgIS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 19 Aug 2019 13:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "254 / 974 of 1000 / last-modified: 1565982831"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 12276
x-xss-protection: 0
expires: Mon, 19 Aug 2019 13:38:48 GMT

GET
H/1.1

200
OK

spacer.gif
up.top4top.net/images/
Redirect Chain

https://goo.gl/lYyE0T
https://up.top4top.net/images/spacer.gif

807 B
1 KB

101ms
22ms

Image
image/gif

54.38.152.27
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://up.top4top.net/images/spacer.gif
Requested by: Host: v.ht
URL: http://v.ht/rgIS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.38.152.27 , Germany, ASN16276 (OVH, FR),
Reverse DNS: up.top4top.net
Software: HotCores /
Resource Hash

Request headers

Referer: http://v.ht/rgIS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:49 GMT
Last-Modified: Mon, 26 Sep 2016 09:33:17 GMT
Server: HotCores
ETag: "57e8eb5d-327"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 807
Expires: Mon, 26 Aug 2019 13:38:49 GMT

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: ESF
status: 302
date: Mon, 19 Aug 2019 13:38:49 GMT
x-frame-options: SAMEORIGIN
content-type: application/binary
location: https://up.top4top.net/images/spacer.gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-OkfDzssOmd/q1SdqBE/efw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self', script-src 'nonce-OkfDzssOmd/q1SdqBE/efw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DurableDeepLinkUi/cspreport
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 33ms
33ms Script
application/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=v.ht

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://v.ht/rgIS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Aug 2019 13:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=v.ht

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://v.ht/rgIS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Aug 2019 13:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019080801.js Show response
securepubads.g.doubleclick.net/gpt/ 158 KB
58 KB 40ms
39ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019080801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

dbc8d0bf25102c9e472c0ad2be7c307fbbb7c0a4c5951acfdeb1790af720cd0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://v.ht/rgIS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 19 Aug 2019 13:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 08 Aug 2019 13:06:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 59576
x-xss-protection: 0
expires: Mon, 19 Aug 2019 13:38:48 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 409 B
472 B 45ms
44ms XHR
text/plain 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2716621500118015&correlator=1424276100418953&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=21064371&vrg=2019080801&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=0&sfv=1-0-35&ecs=20190819&iu=%2F5837603%2FVht_360&sz=300x360&cookie_enabled=1&bc=23&abxe=1&lmt=1566221928&dt=1566221928960&dlt=1566221928825&idt=120&frm=20&biw=1600&bih=1200&oid=3&adx=-12245933&ady=-12245933&adk=495576698&uci=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fv.ht%2FrgIS&dssz=7&icsg=170&std=0&vis=1&scr_x=0&scr_y=0&psz=330x423&msz=0x0&blev=1&bisch=1&ga_vid=1716901890.1566221929&ga_sid=1566221929&ga_hid=1081638261&fws=128&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019080801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e35682698b1adbfe055478e3b7a099842478b2cad2048a30642002b5dad44bf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://v.ht/rgIS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 19 Aug 2019 13:38:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 283
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://v.ht
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019080801.js Show response
securepubads.g.doubleclick.net/gpt/ 66 KB
25 KB 41ms
41ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019080801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019080801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

5a71ed7e2814d4c4ee366471671d531f71b36a63c7118c88aa58e54fbba21b18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://v.ht/rgIS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 19 Aug 2019 13:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 08 Aug 2019 13:06:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 25145
x-xss-protection: 0
expires: Mon, 19 Aug 2019 13:38:48 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 0
0

GET
H/1.1 200
OK Primary Request Cookie set / Show response
clearskin.clicksoffers.com/ 45 KB
11 KB 1091ms
26ms Document
text/html 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://clearskin.clicksoffers.com/
Requested by: Host: v.ht
URL: http://v.ht/rgIS
Protocol: HTTP/1.1
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 90f833490c8a352d44ee4ac3ac7d5ab26cd37cf905f2cb65e5b7c82919b48d47

Request headers

Host: clearskin.clicksoffers.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://v.ht/rgIS
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://v.ht/rgIS

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 19 Aug 2019 13:38:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: u=592b8dbf23de82bfb078db7816de9e61945214bdeec12d122fcb070cf5dc999ba%3A2%3A%7Bi%3A0%3Bs%3A1%3A%22u%22%3Bi%3A1%3Bi%3A1566259199%3B%7D; expires=Tue, 20-Aug-2019 23:59:59 GMT; Max-Age=123669; path=/; HttpOnly fh=0de90435025a68be92643c24e73d8bef6975a283b9023b7537adad9044a631b6a%3A2%3A%7Bi%3A0%3Bs%3A2%3A%22fh%22%3Bi%3A1%3Bi%3A1566221930%3B%7D; expires=Sat, 17-Aug-2024 13:38:50 GMT; Max-Age=157680000; path=/; HttpOnly
Content-Encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 7 KB
739 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Mono:400,500,700

Requested by

Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

09c2a4e61d9fdd77445cf799813a7c4723f8d70290f61b365e0ff87d6012baaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 19 Aug 2019 13:38:50 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Mon, 19 Aug 2019 13:38:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Mon, 19 Aug 2019 13:38:50 GMT

GET
H/1.1 200
OK jquery-3.2.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 30ms
6ms Script
application/javascript 2001:4de0:ac18::1:a:2a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Sec-Fetch-Mode: cors
Referer: http://clearskin.clicksoffers.com/
Origin: http://clearskin.clicksoffers.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Mar 2017 19:01:15 GMT
Server: nginx
ETag: W/"58d026fb-10fdd"
Vary: Accept-Encoding
X-HW: 1566221930.dop006.fr8.t,1566221930.cds057.fr8.shn,1566221930.cds057.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 23856

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/ 19 KB
7 KB 31ms
15ms Script
application/javascript 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js

Requested by

Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: cors
Referer: http://clearskin.clicksoffers.com/
Origin: http://clearskin.clicksoffers.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 19 Aug 2019 13:38:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 10855872
status: 200
served-in-seconds: 0.049
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:26:22 GMT
server: cloudflare
etag: W/"5afd4abe-4a59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 508c87b8cf56c2d6-FRA
expires: Sat, 08 Aug 2020 13:38:50 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/js/ 50 KB
13 KB 24ms
8ms Script
text/javascript 2001:4de0:ac19::1:b:1a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/js/bootstrap.min.js
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b

Request headers

Sec-Fetch-Mode: cors
Referer: http://clearskin.clicksoffers.com/
Origin: http://clearskin.clicksoffers.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 19 Aug 2019 13:38:50 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:33:52 GMT
status: 200
etag: "1544639632"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 12979

GET
H/1.1 200
OK main.js Show response
clearskin.clicksoffers.com/static/76a92302/js/ 856 B
1 KB 11ms
10ms Script
application/javascript 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://clearskin.clicksoffers.com/static/76a92302/js/main.js
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6f4d7c86137f227852572ed1629490d245806d1d5e9e9a31d5909630a72b703d

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-358"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 856

GET
H/1.1 200
OK localstorage.js Show response
clearskin.clicksoffers.com/static/76a92302/js/ 2 KB
2 KB 22ms
10ms Script
application/javascript 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://clearskin.clicksoffers.com/static/76a92302/js/localstorage.js
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5063ffac179924b8a5e9987b92eb50e2829c624d7149a23ab64ea1f5286a6fb2

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-634"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1588

GET
H/1.1 200
OK style.min.css
clearskin.clicksoffers.com/static/76a92302/css/ 162 KB
163 KB 21ms
10ms Stylesheet
text/css 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://clearskin.clicksoffers.com/static/76a92302/css/style.min.css
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fdcbedcb14a0fc8ebdb2d0d9747ae98ec9e66ce26055abf1b57875c82a5fff7c

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-28926"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 166182

GET
H/1.1 200
OK 001.jpg
clearskin.clicksoffers.com/static/76a92302/preland/ 81 KB
82 KB 33ms
11ms Image
image/jpeg 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clearskin.clicksoffers.com/static/76a92302/preland/001.jpg
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 47df867f881dacfdf80f004dd2cce90472c433dcd36107735fed7866cc83ae4c

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-14523"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 83235

GET
H/1.1 200
OK 002.jpg
clearskin.clicksoffers.com/static/76a92302/preland/ 58 KB
59 KB 52ms
11ms Image
image/jpeg 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clearskin.clicksoffers.com/static/76a92302/preland/002.jpg
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 68c5cfb19b2b73fae859b14286c6458c898f3c7dee26741eb6b5b19bf1a89788

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-e94d"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 59725

GET
H/1.1 200
OK 003.jpg
clearskin.clicksoffers.com/static/76a92302/preland/ 84 KB
84 KB 14ms
10ms Image
image/jpeg 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clearskin.clicksoffers.com/static/76a92302/preland/003.jpg
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d7e0dadfcb77e961b4911292f3a25849fe4fca4a656d191c0657c206ad6918a5

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-1506d"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 86125

GET
H/1.1 200
OK 004.jpg
clearskin.clicksoffers.com/static/76a92302/preland/ 69 KB
69 KB 25ms
11ms Image
image/jpeg 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clearskin.clicksoffers.com/static/76a92302/preland/004.jpg
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0c92b719970090d5c0852a9cee55d262bc5fca9844d14a55bec95cb7403715b3

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-11358"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70488

GET
H/1.1 200
OK 005.jpg
clearskin.clicksoffers.com/static/76a92302/preland/ 48 KB
48 KB 26ms
10ms Image
image/jpeg 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clearskin.clicksoffers.com/static/76a92302/preland/005.jpg
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5918768fb3600f5cfd9e0094d988d1899ce5f69bfc2b694850b7308140d7f314

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-be15"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48661

GET
H/1.1 200
OK 006.jpg
clearskin.clicksoffers.com/static/76a92302/preland/ 78 KB
78 KB 36ms
11ms Image
image/jpeg 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clearskin.clicksoffers.com/static/76a92302/preland/006.jpg
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3e3555955e963d8ddf29c55b3be26bfba5ffa2ed98bfceac0dbcd33c54546de9

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-13683"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79491

GET
H/1.1 200
OK 007.jpg
clearskin.clicksoffers.com/static/76a92302/preland/ 65 KB
65 KB 47ms
11ms Image
image/jpeg 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clearskin.clicksoffers.com/static/76a92302/preland/007.jpg
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c37e8447d7cf6713c00fecf8a170869145164102b50f01b4cfb8a8c1849ce615

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-10493"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66707

GET
H/1.1 200
OK 008.jpg
clearskin.clicksoffers.com/static/76a92302/preland/ 93 KB
93 KB 37ms
12ms Image
image/jpeg 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clearskin.clicksoffers.com/static/76a92302/preland/008.jpg
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b65057ac8f4d1f7baffd3e05f72821eab0cc4c8c4335cd0d746fe87c79e4a142

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-1742d"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95277

GET
H/1.1 200
OK comments-1.jpg
clearskin.clicksoffers.com/static/76a92302/preland/comments/ 15 KB
15 KB 84ms
11ms Image
image/jpeg 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clearskin.clicksoffers.com/static/76a92302/preland/comments/comments-1.jpg
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9591b358014b6ba671a923f3021c2b6c51cf0b1b80db17b3d268a25bb2075092

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-3bd9"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15321

GET
H/1.1 200
OK admin.jpg
clearskin.clicksoffers.com/static/76a92302/preland/comments/ 26 KB
26 KB 85ms
11ms Image
image/jpeg 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clearskin.clicksoffers.com/static/76a92302/preland/comments/admin.jpg
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: aa137f502edf56bba9c249139e0a7579a6b42807e89cca07e0d18969770e5737

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-66d6"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26326

GET
H/1.1 200
OK comments-2.jpg
clearskin.clicksoffers.com/static/76a92302/preland/comments/ 13 KB
14 KB 73ms
11ms Image
image/jpeg 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clearskin.clicksoffers.com/static/76a92302/preland/comments/comments-2.jpg
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8d78b708af7c734e5e8df95547e373b55eac6a8e0f7aceb9a3cad4cac9ea2de5

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-3527"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13607

GET
H/1.1 200
OK empty.png
clearskin.clicksoffers.com/static/76a92302/preland/comments/ 5 KB
6 KB 84ms
11ms Image
image/png 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clearskin.clicksoffers.com/static/76a92302/preland/comments/empty.png
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a8bfa8a9409ff27c8719ab5f0a57d4e3908ac00a47e3c4da765f2d2f7770f11d

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-1553"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5459

GET
H/1.1 200
OK comments-img-4.jpg
clearskin.clicksoffers.com/static/76a92302/preland/comments/ 50 KB
50 KB 35ms
11ms Image
image/jpeg 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clearskin.clicksoffers.com/static/76a92302/preland/comments/comments-img-4.jpg
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d0f485820ac7fab76bb0b5246982de87d84c506e838426d03572dd0ca115c3da

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-c83c"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51260

GET
H/1.1 200
OK comments-3.jpg
clearskin.clicksoffers.com/static/76a92302/preland/comments/ 15 KB
15 KB 34ms
11ms Image
image/jpeg 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clearskin.clicksoffers.com/static/76a92302/preland/comments/comments-3.jpg
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 267eae515fd27889794bd92d6f018a5f0f1e2bd213eb360914b774c741d696f8

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-3b03"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15107

GET
H/1.1 200
OK comments-img-6.jpg
clearskin.clicksoffers.com/static/76a92302/preland/comments/ 115 KB
116 KB 36ms
11ms Image
image/jpeg 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clearskin.clicksoffers.com/static/76a92302/preland/comments/comments-img-6.jpg
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f306f8b647b411638ba7bff22b583aa14ef04b23b8cba91e4976dda63c388dfa

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-1cde8"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 118248

GET
H/1.1 200
OK comments-4.jpg
clearskin.clicksoffers.com/static/76a92302/preland/comments/ 13 KB
13 KB 59ms
11ms Image
image/jpeg 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clearskin.clicksoffers.com/static/76a92302/preland/comments/comments-4.jpg
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6b3b4138c9e921522739ce09acd7899d5726e44e608c76ffb573b25d9f3d72c0

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-3478"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13432

GET
H/1.1 200
OK comments-5.jpg
clearskin.clicksoffers.com/static/76a92302/preland/comments/ 15 KB
15 KB 48ms
13ms Image
image/jpeg 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clearskin.clicksoffers.com/static/76a92302/preland/comments/comments-5.jpg
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 00fdae18857e5cc903d86947365ae614c941ae20b814e25ef454486732b33cca

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-3a0c"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14860

GET
H/1.1 200
OK comments-6.jpg
clearskin.clicksoffers.com/static/76a92302/preland/comments/ 18 KB
18 KB 34ms
11ms Image
image/jpeg 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clearskin.clicksoffers.com/static/76a92302/preland/comments/comments-6.jpg
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 637ab3fa62cc27361d32e0be6c2395fe291660fd9694d52a8cd50d6487e774e6

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-4834"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18484

GET
H/1.1 200
OK comments-img-8.jpg
clearskin.clicksoffers.com/static/76a92302/preland/comments/ 55 KB
56 KB 36ms
12ms Image
image/jpeg 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clearskin.clicksoffers.com/static/76a92302/preland/comments/comments-img-8.jpg
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a79a91b69b686696f83681e7db60ddf669fd5033e022d22ee99d8b661448d0b8

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-dddd"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56797

GET
H/1.1 200
OK comments-7.jpg
clearskin.clicksoffers.com/static/76a92302/preland/comments/ 11 KB
12 KB 47ms
12ms Image
image/jpeg 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clearskin.clicksoffers.com/static/76a92302/preland/comments/comments-7.jpg
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 824e97a40aa4f86a700fe5b029626cd788536f0ae1654b6dbe6c4cc2e9898985

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-2dd9"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11737

GET
H/1.1 404
Not Found counter.min.js
clearskin.clicksoffers.com/static/ 0
0 36ms
11ms Script
text/html 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://clearskin.clicksoffers.com/static/counter.min.js
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: http://clearskin.clicksoffers.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK background.png
clearskin.clicksoffers.com/static/76a92302/img/ 600 B
847 B 23ms
11ms Image
image/png 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clearskin.clicksoffers.com/static/76a92302/img/background.png
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: eaf38b917dadeff5e7ae0d589dfd3bf3a7b0a0ebc03ecfd7c2031eff82a04920

Request headers

Referer: http://clearskin.clicksoffers.com/static/76a92302/css/style.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-258"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 600

GET
H/1.1 200
OK background-header.png
clearskin.clicksoffers.com/static/76a92302/img/ 27 KB
27 KB 23ms
10ms Image
image/png 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clearskin.clicksoffers.com/static/76a92302/img/background-header.png
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f1cb7cacc81fdf2b68a742896c8b53ff26ae23d1d532c35c03be4b2e53797605

Request headers

Referer: http://clearskin.clicksoffers.com/static/76a92302/css/style.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-6a93"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27283

GET
H2 200 L0xkDF4xlVMF-BfR8bXMIjC4iGqxf7-pAVU_.woff2
fonts.gstatic.com/s/robotomono/v7/ 11 KB
11 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotomono/v7/L0xkDF4xlVMF-BfR8bXMIjC4iGqxf7-pAVU_.woff2

Requested by

Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

29ae47b44b7692ce0a5224d105032da309d69d136017e5b5694bf513023adb5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto+Mono:400,500,700
Origin: http://clearskin.clicksoffers.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 22 Jul 2019 19:40:08 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:17:58 GMT
server: sffe
age: 2397522
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10780
x-xss-protection: 0
expires: Tue, 21 Jul 2020 19:40:08 GMT

GET
H2 200 L0x5DF4xlVMF-BfR8bXMIjhLq3-cXbKD.woff2
fonts.gstatic.com/s/robotomono/v7/ 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotomono/v7/L0x5DF4xlVMF-BfR8bXMIjhLq3-cXbKD.woff2

Requested by

Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1b30194114dabbb03f83f4b4943034428869d50010a7a6121c47f362ad158bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto+Mono:400,500,700
Origin: http://clearskin.clicksoffers.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 22 Jul 2019 19:40:08 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:18:43 GMT
server: sffe
age: 2397522
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 11004
x-xss-protection: 0
expires: Tue, 21 Jul 2020 19:40:08 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
clearskin.clicksoffers.com/static/76a92302/fonts/ 75 KB
76 KB 20ms
11ms Font
application/octet-stream 138.201.30.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://clearskin.clicksoffers.com/static/76a92302/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: clearskin.clicksoffers.com
URL: http://clearskin.clicksoffers.com/
Protocol: HTTP/1.1
Security: , ,
Server: 138.201.30.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.30.201.138.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://clearskin.clicksoffers.com/static/76a92302/css/style.min.css
Origin: http://clearskin.clicksoffers.com

Response headers

Date: Mon, 19 Aug 2019 13:38:50 GMT
Last-Modified: Fri, 19 Jul 2019 10:33:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5d319c5f-12d68"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77160

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			clearskin.clicksoffers.com/	1970-01-20 22:51:41	Name: fh Value: 0de90435025a68be92643c24e73d8bef6975a283b9023b7537adad9044a631b6a%3A2%3A%7Bi%3A0%3Bs%3A2%3A%22fh%22%3Bi%3A1%3Bi%3A1566221930%3B%7D
			clearskin.clicksoffers.com/	1970-01-19 03:05:45	Name: u Value: 592b8dbf23de82bfb078db7816de9e61945214bdeec12d122fcb070cf5dc999ba%3A2%3A%7Bi%3A0%3Bs%3A1%3A%22u%22%3Bi%3A1%3Bi%3A1566259199%3B%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
clearskin.clicksoffers.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
goo.gl
maxcdn.bootstrapcdn.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
up.top4top.net
v.ht
www.googletagservices.com
tpc.googlesyndication.com
138.201.30.150
172.217.18.98
192.111.136.71
2001:4de0:ac18::1:a:2a
2001:4de0:ac19::1:b:1a
2606:4700::6813:c597
2a00:1450:4001:806::200a
2a00:1450:4001:808::2002
2a00:1450:4001:817::2003
2a00:1450:4001:81e::200e
2a00:1450:4001:81f::2002
54.38.152.27
00fdae18857e5cc903d86947365ae614c941ae20b814e25ef454486732b33cca
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
09c2a4e61d9fdd77445cf799813a7c4723f8d70290f61b365e0ff87d6012baaf
0c92b719970090d5c0852a9cee55d262bc5fca9844d14a55bec95cb7403715b3
0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b
1b30194114dabbb03f83f4b4943034428869d50010a7a6121c47f362ad158bac
267eae515fd27889794bd92d6f018a5f0f1e2bd213eb360914b774c741d696f8
29ae47b44b7692ce0a5224d105032da309d69d136017e5b5694bf513023adb5f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3e3555955e963d8ddf29c55b3be26bfba5ffa2ed98bfceac0dbcd33c54546de9
46a22150b8dc486a0fa9d2202b8a9b112bcfe677863948be8ce50c863e5aad67
47df867f881dacfdf80f004dd2cce90472c433dcd36107735fed7866cc83ae4c
5063ffac179924b8a5e9987b92eb50e2829c624d7149a23ab64ea1f5286a6fb2
5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017
5918768fb3600f5cfd9e0094d988d1899ce5f69bfc2b694850b7308140d7f314
5a71ed7e2814d4c4ee366471671d531f71b36a63c7118c88aa58e54fbba21b18
637ab3fa62cc27361d32e0be6c2395fe291660fd9694d52a8cd50d6487e774e6
68c5cfb19b2b73fae859b14286c6458c898f3c7dee26741eb6b5b19bf1a89788
6b3b4138c9e921522739ce09acd7899d5726e44e608c76ffb573b25d9f3d72c0
6f4d7c86137f227852572ed1629490d245806d1d5e9e9a31d5909630a72b703d
824e97a40aa4f86a700fe5b029626cd788536f0ae1654b6dbe6c4cc2e9898985
8d78b708af7c734e5e8df95547e373b55eac6a8e0f7aceb9a3cad4cac9ea2de5
90f833490c8a352d44ee4ac3ac7d5ab26cd37cf905f2cb65e5b7c82919b48d47
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
9591b358014b6ba671a923f3021c2b6c51cf0b1b80db17b3d268a25bb2075092
a79a91b69b686696f83681e7db60ddf669fd5033e022d22ee99d8b661448d0b8
a8bfa8a9409ff27c8719ab5f0a57d4e3908ac00a47e3c4da765f2d2f7770f11d
aa137f502edf56bba9c249139e0a7579a6b42807e89cca07e0d18969770e5737
b65057ac8f4d1f7baffd3e05f72821eab0cc4c8c4335cd0d746fe87c79e4a142
c37e8447d7cf6713c00fecf8a170869145164102b50f01b4cfb8a8c1849ce615
d0f485820ac7fab76bb0b5246982de87d84c506e838426d03572dd0ca115c3da
d13b88dfdf7e07c6f2182deef04544bb27bca3e7538ae28af8a5164466a637d9
d7e0dadfcb77e961b4911292f3a25849fe4fca4a656d191c0657c206ad6918a5
dbc8d0bf25102c9e472c0ad2be7c307fbbb7c0a4c5951acfdeb1790af720cd0b
e35682698b1adbfe055478e3b7a099842478b2cad2048a30642002b5dad44bf6
eaf38b917dadeff5e7ae0d589dfd3bf3a7b0a0ebc03ecfd7c2031eff82a04920
f1cb7cacc81fdf2b68a742896c8b53ff26ae23d1d532c35c03be4b2e53797605
f306f8b647b411638ba7bff22b583aa14ef04b23b8cba91e4976dda63c388dfa
fdcbedcb14a0fc8ebdb2d0d9747ae98ec9e66ce26055abf1b57875c82a5fff7c

clearskin.clicksoffers.com Open in urlscan Pro 138.201.30.150 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

30 %HTTPS

67 %IPv6

14 Domains

14 Subdomains

12 IPs

3 Countries

1377 kBTransfer

1667 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

clearskin.clicksoffers.com Open in urlscan Pro
138.201.30.150 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

30 %
HTTPS

67 %
IPv6

14
Domains

14
Subdomains

12
IPs

3
Countries

1377 kB
Transfer

1667 kB
Size

2
Cookies

43 HTTP transactions
0 data transactions