davino.clkpfct.com Open in urlscan Pro
192.198.107.194 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pxlme.me/l4zSvKCJ
Effective URL:
http://davino.clkpfct.com/go/marineac
Submission: On September 27 via manual (September 27th 2018, 7:52:39 pm UTC) from US

Summary HTTP 14 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 192.198.107.194, located in Buffalo, United States and belongs to SERVER-MANIA - B2 Net Solutions Inc., CA. The main domain is davino.clkpfct.com.

This is the only time davino.clkpfct.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2	51.15.139.10 51.15.139.10		12876 (AS12876) (AS12876)
11	192.198.107.194 192.198.107.194		55286 (SERVER-MANIA) (SERVER-MANIA - B2 Net Solutions Inc.)
1	2606:4700:30:... 2606:4700:30::681c:12b4		13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
14	3

2 51.15.139.10 (France)

ASN12876 (AS12876, FR)
PTR: 10-139-15-51.rev.cloud.scaleway.com

pxlme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 192.198.107.194 (Buffalo, United States)

ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA)
PTR: mta.em-x.net

davino.clkpfct.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681c:12b4 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

websnail.gb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	clkpfct.com davino.clkpfct.com	402 KB
2	pxlme.me pxlme.me	903 B
1	gb.net websnail.gb.net
14	3

	Domain	Requested by
11	davino.clkpfct.com	pxlme.me davino.clkpfct.com
2	pxlme.me	pxlme.me
1	websnail.gb.net	davino.clkpfct.com
14	3

This site contains no links.

Subject Issuer	Validity	Valid
pxlme.me Let's Encrypt Authority X3	`2018-09-10` - `2018-12-09`	3 months	crt.sh
*.clickperfect.com RapidSSL RSA CA 2018	`2018-08-22` - `2019-08-22`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2018-09-25` - `2019-09-25`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://davino.clkpfct.com/go/marineac
Frame ID: EDBCFFE42862E44CF11DE249E819FD8A
Requests: 13 HTTP requests in this frame

Frame: https://websnail.gb.net/bin/nsw/data/
Frame ID: E07750BD71D90415D1C467984D6B9FE8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://pxlme.me/l4zSvKCJ Page URL
http://davino.clkpfct.com/go/marineac Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

FancyBox (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery\.fancybox\.pack\.js(?:\?v=([\d.]+))?$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i
script /jquery\.fancybox\.pack\.js(?:\?v=([\d.]+))?$/i
script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery-ui.*\.js/i

Page Statistics

14
Requests

21 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

403 kB
Transfer

399 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pxlme.me/l4zSvKCJ Page URL
http://davino.clkpfct.com/go/marineac Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	l4zSvKCJ Show response pxlme.me/	565 B 614 B	564ms 226ms	Document text/html	51.15.139.10 AS12876
General Check archive.org Show headers Download Go to Full URL https://pxlme.me/l4zSvKCJ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.15.139.10 , France, ASN12876 (AS12876, FR), Reverse DNS 10-139-15-51.rev.cloud.scaleway.com Software nginx/1.10.3 (Ubuntu) / Resource Hash `152f20b60127eb6143d538eb26492b2e917880dcd4d1e0b81de43bc396afe358` Request headers Host pxlme.me Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Server nginx/1.10.3 (Ubuntu) Date Thu, 27 Sep 2018 19:52:28 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Cache-Control private, max-age=90 Content-Encoding gzip
GET H/1.1	200 OK	5bacda9cbc0e8933124a1b83 pxlme.me/stats/	41 B 289 B	112ms 111ms	Image image/gif	51.15.139.10 AS12876
General Check archive.org Show headers Download Go to Show image Full URL https://pxlme.me/stats/5bacda9cbc0e8933124a1b83?pixels=&domain=pxlme.me Requested by Host: pxlme.me URL: https://pxlme.me/l4zSvKCJ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.15.139.10 , France, ASN12876 (AS12876, FR), Reverse DNS 10-139-15-51.rev.cloud.scaleway.com Software nginx/1.10.3 (Ubuntu) / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host pxlme.me User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://pxlme.me/l4zSvKCJ Connection keep-alive Cache-Control no-cache Referer https://pxlme.me/l4zSvKCJ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Sep 2018 19:52:28 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx/1.10.3 (Ubuntu) Connection keep-alive Content-Type image/gif Content-Length 41 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	Primary Request Cookie set marineac Show response davino.clkpfct.com/go/	3 KB 4 KB	1008ms 887ms	Document text/html	192.198.107.194 B2 Net Solutions ...
General Check archive.org Show headers Download Go to Full URL http://davino.clkpfct.com/go/marineac Requested by Host: pxlme.me URL: https://pxlme.me/l4zSvKCJ Protocol HTTP/1.1 Server 192.198.107.194 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA), Reverse DNS mta.em-x.net Software Apache/2.2.15 (CentOS) / PHP/5.6.32 Resource Hash `65f84c084431e5bae03d1ccced0b9fe684f1a31d986610b27b41ef283a48d559` Request headers Host davino.clkpfct.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Sep 2018 19:53:02 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.6.32 Set-Cookie PHPSESSID=bkotr35c5f197db9sg35fo8sr6; path=/ track_lid_action=11%7E%7E%7Ehttps%3A%2F%2Fwebsnail.gb.net%2Fbin%2Fnsw%2Fdata%2F%7E%7E%7E0; expires=Thu, 27-Sep-2018 20:53:02 GMT; Max-Age=3600; path=/; domain=.clkpfct.com track_lid_sales=11%7E%7E%7Ehttps%3A%2F%2Fwebsnail.gb.net%2Fbin%2Fnsw%2Fdata%2F%7E%7E%7E0; expires=Thu, 27-Sep-2018 20:53:02 GMT; Max-Age=3600; path=/; domain=.clkpfct.com track_lid_event=11%7E%7E%7Ehttps%3A%2F%2Fwebsnail.gb.net%2Fbin%2Fnsw%2Fdata%2F%7E%7E%7E0; expires=Thu, 27-Sep-2018 20:53:02 GMT; Max-Age=3600; path=/; domain=.clkpfct.com clickperfect_session=eyJpdiI6Ilp2bTF3dFJCeUE2aUljM1M3ZlNtNFE9PSIsInZhbHVlIjoieW8xS1NIa3NhMVBiXC92ZjQ4VE5oSHJlYStvNEdWb3d6Mkc0d0dzZG55TjZYaDlvTHhLZk95WjExUXNxblJ0N25LRHB3WjNhMktNYWVHQ3R5bW9haGZBPT0iLCJtYWMiOiJiNDk2MzJlMzZkMjlhZDQyMDNkYzBkZmFlZWRkYTVhN2ZhNDc3OWVjMTNjMThkMzc5MGIyNTE4Yjk3YzUwNzE4In0%3D; expires=Thu, 27-Sep-2018 21:53:03 GMT; Max-Age=7200; path=/; domain=.clickperfect.com; httponly Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 no-cache, private Pragma no-cache Content-Length 2721 Keep-Alive timeout=15, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	jquery-ui-1.10.3.custom.css davino.clkpfct.com/track/css/jQuery_plugins/ui-lightness/	31 KB 31 KB	734ms 97ms	Stylesheet text/css	192.198.107.194 B2 Net Solutions ...
General Check archive.org Show headers Download Go to Full URL https://davino.clkpfct.com/track/css/jQuery_plugins/ui-lightness/jquery-ui-1.10.3.custom.css Requested by Host: davino.clkpfct.com URL: http://davino.clkpfct.com/go/marineac Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.198.107.194 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA), Reverse DNS mta.em-x.net Software Apache/2.2.15 (CentOS) / Resource Hash `349c205af510a9ee6c51e15b0121a8210ea22958eabb318c0adb825e6b00c45f` Request headers Referer http://davino.clkpfct.com/go/marineac User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Sep 2018 19:53:03 GMT Last-Modified Thu, 13 Jul 2017 05:45:54 GMT Server Apache/2.2.15 (CentOS) ETag "a40585-7b92-5542c722a20b2" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=100 Content-Length 31634
GET H/1.1	200 OK	jquery.fancybox.css davino.clkpfct.com/track/css/jQuery_plugins/jquery.fancyBox-v2.1.5-0/	5 KB 5 KB	740ms 100ms	Stylesheet text/css	192.198.107.194 B2 Net Solutions ...
General Check archive.org Show headers Download Go to Full URL https://davino.clkpfct.com/track/css/jQuery_plugins/jquery.fancyBox-v2.1.5-0/jquery.fancybox.css Requested by Host: davino.clkpfct.com URL: http://davino.clkpfct.com/go/marineac Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.198.107.194 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA), Reverse DNS mta.em-x.net Software Apache/2.2.15 (CentOS) / Resource Hash `b2c1bafef32f0f96185af6add818f1798d59262a56d5979db52ea5321548823c` Request headers Referer http://davino.clkpfct.com/go/marineac User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Sep 2018 19:53:03 GMT Last-Modified Thu, 13 Jul 2017 05:45:54 GMT Server Apache/2.2.15 (CentOS) ETag "a40535-132a-5542c722a0942" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=100 Content-Length 4906
GET H/1.1	200 OK	jquery-1.11.0.min.js Show response davino.clkpfct.com/track/	94 KB 94 KB	990ms 97ms	Script text/javascript	192.198.107.194 B2 Net Solutions ...
General Check archive.org Show headers Download Go to Full URL https://davino.clkpfct.com/track/jquery-1.11.0.min.js Requested by Host: davino.clkpfct.com URL: http://davino.clkpfct.com/go/marineac Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.198.107.194 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA), Reverse DNS mta.em-x.net Software Apache/2.2.15 (CentOS) / Resource Hash `b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682` Request headers Referer http://davino.clkpfct.com/go/marineac User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Sep 2018 19:53:04 GMT Last-Modified Thu, 13 Jul 2017 05:45:54 GMT Server Apache/2.2.15 (CentOS) ETag "a4058a-1787d-5542c722a20b2" Content-Type text/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=100 Content-Length 96381
GET H/1.1	200 OK	jquery-ui-1.10.3.custom.min.js Show response davino.clkpfct.com/track/	223 KB 223 KB	741ms 100ms	Script text/javascript	192.198.107.194 B2 Net Solutions ...
General Check archive.org Show headers Download Go to Full URL https://davino.clkpfct.com/track/jquery-ui-1.10.3.custom.min.js Requested by Host: davino.clkpfct.com URL: http://davino.clkpfct.com/go/marineac Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.198.107.194 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA), Reverse DNS mta.em-x.net Software Apache/2.2.15 (CentOS) / Resource Hash `3da042e03246f0106ecd625183058a0d975599467a246921eef21342122f11f3` Request headers Referer http://davino.clkpfct.com/go/marineac User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Sep 2018 19:53:03 GMT Last-Modified Thu, 13 Jul 2017 05:45:54 GMT Server Apache/2.2.15 (CentOS) ETag "a4058b-37b29-5542c722a2c6a" Content-Type text/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=100 Content-Length 228137
GET H/1.1	200 OK	jquery.fancybox.pack.js Show response davino.clkpfct.com/track/	23 KB 23 KB	841ms 101ms	Script text/javascript	192.198.107.194 B2 Net Solutions ...
General Check archive.org Show headers Download Go to Full URL https://davino.clkpfct.com/track/jquery.fancybox.pack.js Requested by Host: davino.clkpfct.com URL: http://davino.clkpfct.com/go/marineac Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.198.107.194 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA), Reverse DNS mta.em-x.net Software Apache/2.2.15 (CentOS) / Resource Hash `bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347` Request headers Referer http://davino.clkpfct.com/go/marineac User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Sep 2018 19:53:04 GMT Last-Modified Thu, 13 Jul 2017 05:45:54 GMT Server Apache/2.2.15 (CentOS) ETag "a4058d-5a5f-5542c722a2c6a" Content-Type text/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=99 Content-Length 23135
GET H/1.1	200 OK	jquery.cookie.js Show response davino.clkpfct.com/track/	3 KB 3 KB	920ms 97ms	Script text/javascript	192.198.107.194 B2 Net Solutions ...
General Check archive.org Show headers Download Go to Full URL https://davino.clkpfct.com/track/jquery.cookie.js Requested by Host: davino.clkpfct.com URL: http://davino.clkpfct.com/go/marineac Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.198.107.194 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA), Reverse DNS mta.em-x.net Software Apache/2.2.15 (CentOS) / Resource Hash `13161f845883ddc67c4adec84919b2350c3ab125c5c4263dbb736594c54ccd71` Request headers Referer http://davino.clkpfct.com/go/marineac User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Sep 2018 19:53:04 GMT Last-Modified Thu, 13 Jul 2017 05:45:54 GMT Server Apache/2.2.15 (CentOS) ETag "a4058c-c17-5542c722a2c6a" Content-Type text/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=100 Content-Length 3095
GET H/1.1	200 OK	fingerprint.js Show response davino.clkpfct.com/track/	10 KB 10 KB	926ms 97ms	Script text/javascript	192.198.107.194 B2 Net Solutions ...
General Check archive.org Show headers Download Go to Full URL https://davino.clkpfct.com/track/fingerprint.js Requested by Host: davino.clkpfct.com URL: http://davino.clkpfct.com/go/marineac Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.198.107.194 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA), Reverse DNS mta.em-x.net Software Apache/2.2.15 (CentOS) / Resource Hash `113dbd0401f3554c6ec536190009e9beab1e4fc51cc8d85ac8ed509fd501c06f` Request headers Referer http://davino.clkpfct.com/go/marineac User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Sep 2018 19:53:04 GMT Last-Modified Thu, 13 Jul 2017 05:45:54 GMT Server Apache/2.2.15 (CentOS) ETag "a40588-269c-5542c722a20b2" Content-Type text/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=99 Content-Length 9884
GET H/1.1	200 OK	functions.js Show response davino.clkpfct.com/track/	1 KB 1 KB	1018ms 97ms	Script text/javascript	192.198.107.194 B2 Net Solutions ...
General Check archive.org Show headers Download Go to Full URL https://davino.clkpfct.com/track/functions.js Requested by Host: davino.clkpfct.com URL: http://davino.clkpfct.com/go/marineac Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.198.107.194 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA), Reverse DNS mta.em-x.net Software Apache/2.2.15 (CentOS) / Resource Hash `ba2325ad21d388f838f243e4b74ae5d87339f56e049e430e891391446d879407` Request headers Referer http://davino.clkpfct.com/go/marineac User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Sep 2018 19:53:04 GMT Last-Modified Thu, 13 Jul 2017 05:45:54 GMT Server Apache/2.2.15 (CentOS) ETag "a40589-48e-5542c722a20b2" Content-Type text/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=99 Content-Length 1166
GET H/1.1	200 OK	bg_opac.png davino.clkpfct.com/images/general/	119 B 410 B	103ms 97ms	Image image/png	192.198.107.194 B2 Net Solutions ...
General Check archive.org Show headers Download Go to Show image Full URL https://davino.clkpfct.com/images/general/bg_opac.png Requested by Host: davino.clkpfct.com URL: http://davino.clkpfct.com/go/marineac Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.198.107.194 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA), Reverse DNS mta.em-x.net Software Apache/2.2.15 (CentOS) / Resource Hash `098a0365baa450402c328d789bc9281e9f417400e045085ab0ab8f1d4ea4fbda` Request headers Referer http://davino.clkpfct.com/go/marineac User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Sep 2018 19:53:04 GMT Last-Modified Thu, 13 Jul 2017 05:45:53 GMT Server Apache/2.2.15 (CentOS) ETag "aa0053-77-5542c72236222" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=98 Content-Length 119
GET H/1.1	200 OK	loader.gif davino.clkpfct.com/images/general/	6 KB 7 KB	115ms 100ms	Image image/gif	192.198.107.194 B2 Net Solutions ...
General Check archive.org Show headers Download Go to Show image Full URL https://davino.clkpfct.com/images/general/loader.gif Requested by Host: davino.clkpfct.com URL: http://davino.clkpfct.com/go/marineac Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.198.107.194 Buffalo, United States, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA), Reverse DNS mta.em-x.net Software Apache/2.2.15 (CentOS) / Resource Hash `72e96570e6552f02c81e6d47ed1b0901cf96d3140a226ee9fb6edd9b799d9e82` Request headers Referer http://davino.clkpfct.com/go/marineac User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 27 Sep 2018 19:53:04 GMT Last-Modified Thu, 13 Jul 2017 05:45:53 GMT Server Apache/2.2.15 (CentOS) ETag "aa0064-198c-5542c72236dda" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=98 Content-Length 6540
GET H2	200	/ websnail.gb.net/bin/nsw/data/ Frame E077	0 0	74ms 42ms	Document text/html	2606:4700:30::681c:12b4 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://websnail.gb.net/bin/nsw/data/ Requested by Host: davino.clkpfct.com URL: http://davino.clkpfct.com/go/marineac Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::681c:12b4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority websnail.gb.net :scheme https :path /bin/nsw/data/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 referer http://davino.clkpfct.com/go/marineac accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://davino.clkpfct.com/go/marineac Response headers status 200 date Thu, 27 Sep 2018 19:52:31 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=dc9d715e7a3cf50f05b0ce232ba3812d31538077951; expires=Fri, 27-Sep-19 19:52:31 GMT; path=/; domain=.websnail.gb.net; HttpOnly; Secure expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 461082dd0924bf02-FRA content-encoding gzip

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Fingerprint function| populateAnalyticsInfo function| displayLoadingImage function| hideLoadingImage function| Redirect2URL function| postAjaxForm

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.websnail.gb.net/	1970-01-19 04:00:13	Name: __cfduid Value: dc9d715e7a3cf50f05b0ce232ba3812d31538077951
			.clkpfct.com/	1970-01-18 19:14:41	Name: track_lid_event Value: 11%7E%7E%7Ehttps%3A%2F%2Fwebsnail.gb.net%2Fbin%2Fnsw%2Fdata%2F%7E%7E%7E0
			.clkpfct.com/	1970-01-18 19:14:41	Name: track_lid_action Value: 11%7E%7E%7Ehttps%3A%2F%2Fwebsnail.gb.net%2Fbin%2Fnsw%2Fdata%2F%7E%7E%7E0
			.clkpfct.com/	1970-01-18 19:14:41	Name: track_lid_sales Value: 11%7E%7E%7Ehttps%3A%2F%2Fwebsnail.gb.net%2Fbin%2Fnsw%2Fdata%2F%7E%7E%7E0
			davino.clkpfct.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: bkotr35c5f197db9sg35fo8sr6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

davino.clkpfct.com
pxlme.me
websnail.gb.net
192.198.107.194
2606:4700:30::681c:12b4
51.15.139.10
098a0365baa450402c328d789bc9281e9f417400e045085ab0ab8f1d4ea4fbda
113dbd0401f3554c6ec536190009e9beab1e4fc51cc8d85ac8ed509fd501c06f
13161f845883ddc67c4adec84919b2350c3ab125c5c4263dbb736594c54ccd71
152f20b60127eb6143d538eb26492b2e917880dcd4d1e0b81de43bc396afe358
349c205af510a9ee6c51e15b0121a8210ea22958eabb318c0adb825e6b00c45f
3da042e03246f0106ecd625183058a0d975599467a246921eef21342122f11f3
65f84c084431e5bae03d1ccced0b9fe684f1a31d986610b27b41ef283a48d559
72e96570e6552f02c81e6d47ed1b0901cf96d3140a226ee9fb6edd9b799d9e82
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b2c1bafef32f0f96185af6add818f1798d59262a56d5979db52ea5321548823c
ba2325ad21d388f838f243e4b74ae5d87339f56e049e430e891391446d879407
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855