aclick.adhoc2.net Open in urlscan Pro
2400:cb00:2048:1::6819:e412 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://redirect.4thscience.com/4rbkfdkhzp90ul8u20tz461tl
Effective URL:
https://aclick.adhoc2.net/4F2_QZL52qG3sKAmPGOO5W?tt=2&var3=Prowpur&%3F%3Fs1=772131090&group_id=483&cntrl=00000&pid=10044&r...
Submission: On August 20 via manual (August 20th 2018, 3:57:45 pm UTC) from NZ

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 11 HTTP transactions. The main IP is 2400:cb00:2048:1::6819:e412, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is aclick.adhoc2.net.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on May 30th 2018. Valid for: 6 months.

This is the only time aclick.adhoc2.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	5.39.113.246 5.39.113.246	16276 (OVH) (OVH)
1 6	2400:cb00:204... 2400:cb00:2048:1::681b:ad4b	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2400:cb00:204... 2400:cb00:2048:1::681b:ac4b	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	65.98.109.146 65.98.109.146	25653 (FORTRESSITX) (FORTRESSITX - FortressITX)
1 2	162.213.121.168 162.213.121.168	40244 (TURNKEY-I...) (TURNKEY-INTERNET - Turnkey Internet Inc.)
1	91.234.99.85 91.234.99.85	48666 (AS-MAROSN...) (AS-MAROSNET Moscow)
1 1	185.35.138.112 185.35.138.112	62454 (ZYZTM) (ZYZTM)
1	2400:cb00:204... 2400:cb00:2048:1::6819:e412	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
11	6

1 5.39.113.246 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: mail01.4thscience.com

redirect.4thscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2400:cb00:2048:1::681b:ad4b (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.loafandbehold.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:cb00:2048:1::681b:ac4b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.loafandbehold.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.98.109.146 (Secaucus, United States) 1 redirects

ASN25653 (FORTRESSITX - FortressITX, US)

ctyofwins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.213.121.168 (Latham, United States) 1 redirects

ASN40244 (TURNKEY-INTERNET - Turnkey Internet Inc., US)
PTR: 162-213-121-168.static.as40244.net

ctyofwins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.234.99.85 (Kiev, Ukraine)

ASN48666 (AS-MAROSNET Moscow, Russia, RU)

shawck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.35.138.112 (Netherlands) 1 redirects

ASN62454 (ZYZTM, NL)
PTR: 185-35-138-112.v4.as62454.net

m1o6.safesslredirserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::6819:e412 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

aclick.adhoc2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	loafandbehold.com 1 redirects www.loafandbehold.com	128 KB
3	ctyofwins.com 2 redirects ctyofwins.com	2 KB
1	adhoc2.net aclick.adhoc2.net	627 B
1	safesslredirserv.com 1 redirects m1o6.safesslredirserv.com	431 B
1	shawck.com shawck.com	351 B
1	4thscience.com 1 redirects redirect.4thscience.com	442 B
0	allure2.net Failed router-ng.allure2.net Failed
11	7

	Domain	Requested by
8	www.loafandbehold.com	1 redirects www.loafandbehold.com
3	ctyofwins.com	2 redirects www.loafandbehold.com
1	aclick.adhoc2.net	shawck.com
1	m1o6.safesslredirserv.com	1 redirects
1	shawck.com	ctyofwins.com
1	redirect.4thscience.com	1 redirects
0	router-ng.allure2.net Failed
11	7

This site contains no links.

Subject Issuer	Validity	Valid
ctyofwins.com Let's Encrypt Authority X3	`2018-08-06` - `2018-11-04`	3 months	crt.sh
ssl378290.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-05-30` - `2018-12-06`	6 months	crt.sh

This page contains 1 frames:

Frame: http://router-ng.allure2.net/click/k5/1o0VJG/?%3F%3Fs1=772131090&aid=A3934539606-3826361694-2303646857&campaign_id=1228&clickid=Qj1CHx_pIzAE5CUG4XwI1nqi7G0&cntrl=00000&group_id=483&gsid=483&id=XNSX.%3A%3A472125-r75393-t483&impid=c3f47502-a491-11e8-9002-12c26be3c49e&p_id=10044&pid=10044&redid=75393&var3=Prowpur
Frame ID: DE3835F00CD4FF284D4E564C18047BBD
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://redirect.4thscience.com/4rbkfdkhzp90ul8u20tz461tl HTTP 302
http://www.loafandbehold.com/survey/ilfmkten/source=7120/subid=e:Ea8FVqE-70KxwPKiwlEGsFEEsVT6_8_csIEXMsox... Page URL
http://www.loafandbehold.com/urlshort_test/uid_long=10281&tracking_id=19285373&token=gZs5q8kFJg3TlSKyEls3... HTTP 302
http://ctyofwins.com/r/fd895a40-f7ed-42cf-a03b-b63e4bbafbd5//43Wqu/ HTTP 302
https://ctyofwins.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//43Wqu///?fctr=1&ptid=c7aff064-63fc-4... Page URL
https://ctyofwins.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991//43Wqu//cd8947a3-ec20-4cdf-9bee-f645... HTTP 302
http://shawck.com/fff0852f887112d000/100/cd8947a3-ec20-4cdf-9bee-f645b33e827e Page URL
https://m1o6.safesslredirserv.com/?s1=772131090&s2=472125&kw=472125 HTTP 302
https://aclick.adhoc2.net/4F2_QZL52qG3sKAmPGOO5W?tt=2&var3=Prowpur&%3F%3Fs1=772131090&group_id=483&cnt... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Page Statistics

11
Requests

18 %
HTTPS

38 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

129 kB
Transfer

355 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://redirect.4thscience.com/4rbkfdkhzp90ul8u20tz461tl HTTP 302
http://www.loafandbehold.com/survey/ilfmkten/source=7120/subid=e:Ea8FVqE-70KxwPKiwlEGsFEEsVT6_8_csIEXMsox2uA&subid2=4thscience.com&subid3=7120&firstname=Ian&surname=Dumbleton&city=Wellington/nrp=4rbkfdkhzp90ul8u20tz461tl Page URL
http://www.loafandbehold.com/urlshort_test/uid_long=10281&tracking_id=19285373&token=gZs5q8kFJg3TlSKyEls3xFKEIw7Ygaq3uOzBc1hh&preview=0&subid_json=eyJzdWJpZDEiOiJlOkVhOEZWcUUtNzBLeHdQS2l3bEVHc0ZFRXNWVDZfOF9jc0lFWE1zb3gydUEiLCJzdWJpZCI6ImU6RWE4RlZxRS03MEt4d1BLaXdsRUdzRkVFc1ZUNl84X2NzSUVYTXNveDJ1QSIsInN1YmlkMiI6IjR0aHNjaWVuY2UuY29tIiwic3ViaWQzIjoiNzEyMCIsImZpcnN0bmFtZSI6IklhbiIsInN1cm5hbWUiOiJEdW1ibGV0b24iLCJjaXR5IjoiV2VsbGluZ3RvbiJ9 HTTP 302
http://ctyofwins.com/r/fd895a40-f7ed-42cf-a03b-b63e4bbafbd5//43Wqu/ HTTP 302
https://ctyofwins.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//43Wqu///?fctr=1&ptid=c7aff064-63fc-4775-acec-abce9e5c1e8b Page URL
https://ctyofwins.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991//43Wqu//cd8947a3-ec20-4cdf-9bee-f645b33e827e/?fctr=1&ptid=c7aff064-63fc-4775-acec-abce9e5c1e8b&fctr=1 HTTP 302
http://shawck.com/fff0852f887112d000/100/cd8947a3-ec20-4cdf-9bee-f645b33e827e Page URL
https://m1o6.safesslredirserv.com/?s1=772131090&s2=472125&kw=472125 HTTP 302
https://aclick.adhoc2.net/4F2_QZL52qG3sKAmPGOO5W?tt=2&var3=Prowpur&%3F%3Fs1=772131090&group_id=483&cntrl=00000&pid=10044&redid=75393&gsid=483&campaign_id=1228&p_id=10044&id=XNSX.%3A%3A472125-r75393-t483&impid=c3f47502-a491-11e8-9002-12c26be3c49e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://redirect.4thscience.com/4rbkfdkhzp90ul8u20tz461tl HTTP 302
http://www.loafandbehold.com/survey/ilfmkten/source=7120/subid=e:Ea8FVqE-70KxwPKiwlEGsFEEsVT6_8_csIEXMsox2uA&subid2=4thscience.com&subid3=7120&firstname=Ian&surname=Dumbleton&city=Wellington/nrp=4rbkfdkhzp90ul8u20tz461tl

Request Chain 7

http://www.loafandbehold.com/urlshort_test/uid_long=10281&tracking_id=19285373&token=gZs5q8kFJg3TlSKyEls3xFKEIw7Ygaq3uOzBc1hh&preview=0&subid_json=eyJzdWJpZDEiOiJlOkVhOEZWcUUtNzBLeHdQS2l3bEVHc0ZFRXNWVDZfOF9jc0lFWE1zb3gydUEiLCJzdWJpZCI6ImU6RWE4RlZxRS03MEt4d1BLaXdsRUdzRkVFc1ZUNl84X2NzSUVYTXNveDJ1QSIsInN1YmlkMiI6IjR0aHNjaWVuY2UuY29tIiwic3ViaWQzIjoiNzEyMCIsImZpcnN0bmFtZSI6IklhbiIsInN1cm5hbWUiOiJEdW1ibGV0b24iLCJjaXR5IjoiV2VsbGluZ3RvbiJ9 HTTP 302
http://ctyofwins.com/r/fd895a40-f7ed-42cf-a03b-b63e4bbafbd5//43Wqu/ HTTP 302
https://ctyofwins.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//43Wqu///?fctr=1&ptid=c7aff064-63fc-4775-acec-abce9e5c1e8b

Request Chain 8

https://ctyofwins.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991//43Wqu//cd8947a3-ec20-4cdf-9bee-f645b33e827e/?fctr=1&ptid=c7aff064-63fc-4775-acec-abce9e5c1e8b&fctr=1 HTTP 302
http://shawck.com/fff0852f887112d000/100/cd8947a3-ec20-4cdf-9bee-f645b33e827e

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set nrp=4rbkfdkhzp90ul8u20tz461tl Show response www.loafandbehold.com/survey/ilfmkten/source=7120/subid=e:Ea8FVqE-70KxwPKiwlEGsFEEsVT6_8_csIEXMsox2uA&subid2=4thscience.com&subid3=7120&firstname=Ian&surname=Dumbleton&city=Wellington/ Redirect Chain http://redirect.4thscience.com/4rbkfdkhzp90ul8u20tz461tl http://www.loafandbehold.com/survey/ilfmkten/source=7120/subid=e:Ea8FVqE-70KxwPKiwlEGsFEEsVT6_8_csIEXMsox2uA&subid2=4thscience.com&subid3=7120&firstname=Ian&surname=Dumbleton&city=Wellington/nrp=4r...	5 KB 3 KB	158ms 138ms	Document text/html	2400:cb00:2048:1::681b:ad4b Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.loafandbehold.com/survey/ilfmkten/source=7120/subid=e:Ea8FVqE-70KxwPKiwlEGsFEEsVT6_8_csIEXMsox2uA&subid2=4thscience.com&subid3=7120&firstname=Ian&surname=Dumbleton&city=Wellington/nrp=4rbkfdkhzp90ul8u20tz461tl Protocol HTTP/1.1 Server 2400:cb00:2048:1::681b:ad4b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.6.33 Resource Hash `4fa2f90bcc0ab3501a60e7c7edb31a3c46147f357c112018f7c9887de9ba6446` Request headers Host www.loafandbehold.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id DE3835F00CD4FF284D4E564C18047BBD Response headers Date Mon, 20 Aug 2018 15:57:34 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d07fd17cb0cd78fcc5b1417a29d1856e71534780654; expires=Tue, 20-Aug-19 15:57:34 GMT; path=/; domain=.loafandbehold.com; HttpOnly laravel_session=eyJpdiI6IklYY01uMEFtUVFKV0FGazFQcWRxNlE9PSIsInZhbHVlIjoiVnEyMkU0OXhDXC9Gd2tUT1k2Nll4ZUVtODR4RjUybE9BNktXVFhiSVFEVVd0dWVoNVI3aWpVUml5UjlGZzJHNUxBZWJydHdWZU53WkFcL1l2ajJncnJDQT09IiwibWFjIjoiMDFjYmI5NWJkOTVhNDE2MDJlMjZhOGEwNDU3ODU4OTMwMzdjMjViY2JjYjE0YjQ1YTdhNGY2NDE3ODkyNWI2ZSJ9; expires=Mon, 27-Aug-2018 14:36:34 GMT; Max-Age=599940; path=/; httponly Vary Accept-Encoding X-Powered-By PHP/5.6.33 Cache-Control no-cache Server cloudflare CF-RAY 44d60e74237e266c-FRA Content-Encoding gzip Redirect headers Server nginx/1.4.6 (Ubuntu) Date Mon, 20 Aug 2018 15:57:52 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive X-Frame-Options SAMEORIGIN Location http://www.loafandbehold.com/survey/ilfmkten/source=7120/subid=e:Ea8FVqE-70KxwPKiwlEGsFEEsVT6_8_csIEXMsox2uA&subid2=4thscience.com&subid3=7120&firstname=Ian&surname=Dumbleton&city=Wellington/nrp=4rbkfdkhzp90ul8u20tz461tl
GET H/1.1	200 OK	jquery.js Show response www.loafandbehold.com/js/	278 KB 102 KB	117ms 117ms	Script application/javascript	2400:cb00:2048:1::681b:ad4b Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.loafandbehold.com/js/jquery.js Requested by Host: www.loafandbehold.com URL: http://www.loafandbehold.com/survey/ilfmkten/source=7120/subid=e:Ea8FVqE-70KxwPKiwlEGsFEEsVT6_8_csIEXMsox2uA&subid2=4thscience.com&subid3=7120&firstname=Ian&surname=Dumbleton&city=Wellington/nrp=4rbkfdkhzp90ul8u20tz461tl Protocol HTTP/1.1 Server 2400:cb00:2048:1::681b:ad4b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `2065aecca0fb9b0567358d352ed5f1ab72fce139bf449b4d09805f5d9c3725ed` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.loafandbehold.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Cache-Control no-cache Cookie __cfduid=d07fd17cb0cd78fcc5b1417a29d1856e71534780654; laravel_session=eyJpdiI6IklYY01uMEFtUVFKV0FGazFQcWRxNlE9PSIsInZhbHVlIjoiVnEyMkU0OXhDXC9Gd2tUT1k2Nll4ZUVtODR4RjUybE9BNktXVFhiSVFEVVd0dWVoNVI3aWpVUml5UjlGZzJHNUxBZWJydHdWZU53WkFcL1l2ajJncnJDQT09IiwibWFjIjoiMDFjYmI5NWJkOTVhNDE2MDJlMjZhOGEwNDU3ODU4OTMwMzdjMjViY2JjYjE0YjQ1YTdhNGY2NDE3ODkyNWI2ZSJ9 Connection keep-alive User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 20 Aug 2018 15:57:34 GMT Content-Encoding gzip CF-Cache-Status REVALIDATED Last-Modified Wed, 19 Oct 2016 13:11:54 GMT Server cloudflare ETag W/"5807711a-456ea" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 44d60e7503c0266c-FRA Expires Mon, 20 Aug 2018 19:57:34 GMT
GET H/1.1	200 OK	bootstrap.js Show response www.loafandbehold.com/js/	67 KB 18 KB	67ms 61ms	Script application/javascript	2400:cb00:2048:1::681b:ac4b Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.loafandbehold.com/js/bootstrap.js Requested by Host: www.loafandbehold.com URL: http://www.loafandbehold.com/survey/ilfmkten/source=7120/subid=e:Ea8FVqE-70KxwPKiwlEGsFEEsVT6_8_csIEXMsox2uA&subid2=4thscience.com&subid3=7120&firstname=Ian&surname=Dumbleton&city=Wellington/nrp=4rbkfdkhzp90ul8u20tz461tl Protocol HTTP/1.1 Server 2400:cb00:2048:1::681b:ac4b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.loafandbehold.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Cache-Control no-cache Cookie __cfduid=d07fd17cb0cd78fcc5b1417a29d1856e71534780654; laravel_session=eyJpdiI6IklYY01uMEFtUVFKV0FGazFQcWRxNlE9PSIsInZhbHVlIjoiVnEyMkU0OXhDXC9Gd2tUT1k2Nll4ZUVtODR4RjUybE9BNktXVFhiSVFEVVd0dWVoNVI3aWpVUml5UjlGZzJHNUxBZWJydHdWZU53WkFcL1l2ajJncnJDQT09IiwibWFjIjoiMDFjYmI5NWJkOTVhNDE2MDJlMjZhOGEwNDU3ODU4OTMwMzdjMjViY2JjYjE0YjQ1YTdhNGY2NDE3ODkyNWI2ZSJ9 Connection keep-alive User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 20 Aug 2018 15:57:34 GMT Content-Encoding gzip CF-Cache-Status REVALIDATED Last-Modified Wed, 19 Oct 2016 13:11:56 GMT Server cloudflare ETag W/"5807711c-10d1a" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 44d60e75138197c8-FRA Expires Mon, 20 Aug 2018 19:57:34 GMT
GET H/1.1	200 OK	jquery.cookie.js Show response www.loafandbehold.com/js/plugins/jqueryCookie/	3 KB 2 KB	96ms 90ms	Script application/javascript	2400:cb00:2048:1::681b:ad4b Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.loafandbehold.com/js/plugins/jqueryCookie/jquery.cookie.js Requested by Host: www.loafandbehold.com URL: http://www.loafandbehold.com/survey/ilfmkten/source=7120/subid=e:Ea8FVqE-70KxwPKiwlEGsFEEsVT6_8_csIEXMsox2uA&subid2=4thscience.com&subid3=7120&firstname=Ian&surname=Dumbleton&city=Wellington/nrp=4rbkfdkhzp90ul8u20tz461tl Protocol HTTP/1.1 Server 2400:cb00:2048:1::681b:ad4b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.loafandbehold.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Cache-Control no-cache Cookie __cfduid=d07fd17cb0cd78fcc5b1417a29d1856e71534780654; laravel_session=eyJpdiI6IklYY01uMEFtUVFKV0FGazFQcWRxNlE9PSIsInZhbHVlIjoiVnEyMkU0OXhDXC9Gd2tUT1k2Nll4ZUVtODR4RjUybE9BNktXVFhiSVFEVVd0dWVoNVI3aWpVUml5UjlGZzJHNUxBZWJydHdWZU53WkFcL1l2ajJncnJDQT09IiwibWFjIjoiMDFjYmI5NWJkOTVhNDE2MDJlMjZhOGEwNDU3ODU4OTMwMzdjMjViY2JjYjE0YjQ1YTdhNGY2NDE3ODkyNWI2ZSJ9 Connection keep-alive User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 20 Aug 2018 15:57:34 GMT Content-Encoding gzip CF-Cache-Status REVALIDATED Last-Modified Wed, 19 Oct 2016 13:14:52 GMT Server cloudflare ETag W/"580771cc-c31" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 44d60e75173a27b0-FRA Expires Mon, 20 Aug 2018 19:57:34 GMT
POST H/1.1	200 OK	Cookie set survey Show response www.loafandbehold.com/survey/	11 B 787 B	71ms 71ms	XHR text/html	2400:cb00:2048:1::681b:ad4b Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.loafandbehold.com/survey/survey Requested by Host: www.loafandbehold.com URL: http://www.loafandbehold.com/js/jquery.js Protocol HTTP/1.1 Server 2400:cb00:2048:1::681b:ad4b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.6.33 Resource Hash `b711bf106e56b54fcb06d2abd26fd61e41575ac591a82fd02a6fbae9137fb66f` Request headers Pragma no-cache Origin http://www.loafandbehold.com Accept-Encoding gzip, deflate Host www.loafandbehold.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept text/html, /; q=0.01 Cache-Control no-cache X-Requested-With XMLHttpRequest Cookie __cfduid=d07fd17cb0cd78fcc5b1417a29d1856e71534780654; laravel_session=eyJpdiI6IklYY01uMEFtUVFKV0FGazFQcWRxNlE9PSIsInZhbHVlIjoiVnEyMkU0OXhDXC9Gd2tUT1k2Nll4ZUVtODR4RjUybE9BNktXVFhiSVFEVVd0dWVoNVI3aWpVUml5UjlGZzJHNUxBZWJydHdWZU53WkFcL1l2ajJncnJDQT09IiwibWFjIjoiMDFjYmI5NWJkOTVhNDE2MDJlMjZhOGEwNDU3ODU4OTMwMzdjMjViY2JjYjE0YjQ1YTdhNGY2NDE3ODkyNWI2ZSJ9; b2ZmZXJXYWxs=%7B%22campaign%22%3A%229571%22%2C%22survey%22%3A%2211149%22%2C%22source%22%3A%227120%22%2C%22subid%22%3A%22subid%3De%3AEa8FVqE-70KxwPKiwlEGsFEEsVT6_8_csIEXMsox2uA%26subid2%3D4thscience.com%26subid3%3D7120%26firstname%3DIan%26surname%3DDumbleton%26city%3DWellington%22%2C%22firstSession%22%3A%22gZs5q8kFJg3TlSKyEls3xFKEIw7Ygaq3uOzBc1hh_9571%22%7D; survey_id_11149=true; cHJvZHVjdENvb210281=triggerON; cHJvZHVjdENQQQ10281=triggerON Connection keep-alive Content-Length 57 Accept text/html, /; q=0.01 Origin http://www.loafandbehold.com X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Mon, 20 Aug 2018 15:57:35 GMT Content-Encoding gzip Server cloudflare X-Powered-By PHP/5.6.33 Vary Accept-Encoding Connection keep-alive Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin http://www.loafandbehold.com Cache-Control no-cache Transfer-Encoding chunked Set-Cookie laravel_session=eyJpdiI6ImZWMFhhUEptMkN3RllRN3BOblhHamc9PSIsInZhbHVlIjoiZWh6MGpcL1BFaDdzWXRSMFFiVkprYU1ZUkY2QkN6RkFycEgxR20xdmNXblBOREdmTEVIM3duT0tTSUc4K2d0K2NMeFNWUWJcL04wMlN5UEw4K1ZCTUY3QT09IiwibWFjIjoiNTkwMjQ5MjlkNTE0NmVlNzI3MDc5MjUwYzc2N2UyOWNmZmRmMzRhMDlkMmZjZWNiNjNmZTNjODZjOGY5NGEwNSJ9; expires=Mon, 27-Aug-2018 14:36:35 GMT; Max-Age=599940; path=/; httponly CF-RAY 44d60e760400266c-FRA
POST H/1.1	200 OK	Cookie set survey www.loafandbehold.com/survey/	19 B 797 B	115ms 115ms	XHR text/html	2400:cb00:2048:1::681b:ad4b Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.loafandbehold.com/survey/survey Requested by Host: www.loafandbehold.com URL: http://www.loafandbehold.com/js/jquery.js Protocol HTTP/1.1 Server 2400:cb00:2048:1::681b:ad4b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.6.33 Resource Hash Request headers Pragma no-cache Origin http://www.loafandbehold.com Accept-Encoding gzip, deflate Host www.loafandbehold.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept application/json, text/javascript, /; q=0.01 Cache-Control no-cache X-Requested-With XMLHttpRequest Cookie __cfduid=d07fd17cb0cd78fcc5b1417a29d1856e71534780654; laravel_session=eyJpdiI6IklYY01uMEFtUVFKV0FGazFQcWRxNlE9PSIsInZhbHVlIjoiVnEyMkU0OXhDXC9Gd2tUT1k2Nll4ZUVtODR4RjUybE9BNktXVFhiSVFEVVd0dWVoNVI3aWpVUml5UjlGZzJHNUxBZWJydHdWZU53WkFcL1l2ajJncnJDQT09IiwibWFjIjoiMDFjYmI5NWJkOTVhNDE2MDJlMjZhOGEwNDU3ODU4OTMwMzdjMjViY2JjYjE0YjQ1YTdhNGY2NDE3ODkyNWI2ZSJ9; b2ZmZXJXYWxs=%7B%22campaign%22%3A%229571%22%2C%22survey%22%3A%2211149%22%2C%22source%22%3A%227120%22%2C%22subid%22%3A%22subid%3De%3AEa8FVqE-70KxwPKiwlEGsFEEsVT6_8_csIEXMsox2uA%26subid2%3D4thscience.com%26subid3%3D7120%26firstname%3DIan%26surname%3DDumbleton%26city%3DWellington%22%2C%22firstSession%22%3A%22gZs5q8kFJg3TlSKyEls3xFKEIw7Ygaq3uOzBc1hh_9571%22%7D; survey_id_11149=true; cHJvZHVjdENvb210281=triggerON; cHJvZHVjdENQQQ10281=triggerON Connection keep-alive Content-Length 62 Accept application/json, text/javascript, /; q=0.01 Origin http://www.loafandbehold.com X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Mon, 20 Aug 2018 15:57:35 GMT Content-Encoding gzip Server cloudflare X-Powered-By PHP/5.6.33 Vary Accept-Encoding Connection keep-alive Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin http://www.loafandbehold.com Cache-Control no-cache Transfer-Encoding chunked Set-Cookie laravel_session=eyJpdiI6IkdxekZ0Qzh2UmRTQm5hUkhZOExzZkE9PSIsInZhbHVlIjoiNVdTKzlOK0ZkdVJSTzhlSlhneWRFQlZGZkdhUVwveE00UVZ2WFpHNWhiQjZJWDRUS1ZpOWdkTllZQ2t1akl4RzBYQUtyMXhUaHRRbDJxaGlpWjZrUHRBPT0iLCJtYWMiOiI0NDJlZmUwYWZkY2ViODgzYjAzMWNhYWNjNzE1MzBjN2ZjNDljYzkxNTM1OGY0YTA4Y2UyNzAyYmI1YjY1OGQ0In0%3D; expires=Mon, 27-Aug-2018 14:36:35 GMT; Max-Age=599940; path=/; httponly CF-RAY 44d60e76178327b0-FRA
POST H/1.1	200 OK	Cookie set survey www.loafandbehold.com/survey/	18 B 799 B	86ms 86ms	XHR text/html	2400:cb00:2048:1::681b:ac4b Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.loafandbehold.com/survey/survey Requested by Host: www.loafandbehold.com URL: http://www.loafandbehold.com/js/jquery.js Protocol HTTP/1.1 Server 2400:cb00:2048:1::681b:ac4b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.6.33 Resource Hash Request headers Pragma no-cache Origin http://www.loafandbehold.com Accept-Encoding gzip, deflate Host www.loafandbehold.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept application/json, text/javascript, /; q=0.01 Cache-Control no-cache X-Requested-With XMLHttpRequest Cookie __cfduid=d07fd17cb0cd78fcc5b1417a29d1856e71534780654; laravel_session=eyJpdiI6IklYY01uMEFtUVFKV0FGazFQcWRxNlE9PSIsInZhbHVlIjoiVnEyMkU0OXhDXC9Gd2tUT1k2Nll4ZUVtODR4RjUybE9BNktXVFhiSVFEVVd0dWVoNVI3aWpVUml5UjlGZzJHNUxBZWJydHdWZU53WkFcL1l2ajJncnJDQT09IiwibWFjIjoiMDFjYmI5NWJkOTVhNDE2MDJlMjZhOGEwNDU3ODU4OTMwMzdjMjViY2JjYjE0YjQ1YTdhNGY2NDE3ODkyNWI2ZSJ9; b2ZmZXJXYWxs=%7B%22campaign%22%3A%229571%22%2C%22survey%22%3A%2211149%22%2C%22source%22%3A%227120%22%2C%22subid%22%3A%22subid%3De%3AEa8FVqE-70KxwPKiwlEGsFEEsVT6_8_csIEXMsox2uA%26subid2%3D4thscience.com%26subid3%3D7120%26firstname%3DIan%26surname%3DDumbleton%26city%3DWellington%22%2C%22firstSession%22%3A%22gZs5q8kFJg3TlSKyEls3xFKEIw7Ygaq3uOzBc1hh_9571%22%7D; survey_id_11149=true; cHJvZHVjdENvb210281=triggerON; cHJvZHVjdENQQQ10281=triggerON Connection keep-alive Content-Length 181 Accept application/json, text/javascript, /; q=0.01 Origin http://www.loafandbehold.com X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Mon, 20 Aug 2018 15:57:35 GMT Content-Encoding gzip Server cloudflare X-Powered-By PHP/5.6.33 Vary Accept-Encoding Connection keep-alive Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin http://www.loafandbehold.com Cache-Control no-cache Transfer-Encoding chunked Set-Cookie laravel_session=eyJpdiI6Ik9CTXRZS1BBd2dxeFwvWXJJcGRJVGlRPT0iLCJ2YWx1ZSI6IkN4eENZVWpEUG9YY3FCeDhzaEpLT3lcL0RDM0ZTXC83bkdrNWhtM0ZnSUE2Z1N6Sjh5SGJ3YXUzZ2h4NGhFUHJ4c1NVWVFEQUZ4VFh4S3VwZ3Z4YjhmeHc9PSIsIm1hYyI6IjYxZDFmNTUyZDlhZjY1MzMxODBhM2I4NjMwMTI4OWJmNTFjYmFiZGIwM2U5NDJjNzY1MzJiZWM0M2I4MzYyOGYifQ%3D%3D; expires=Mon, 27-Aug-2018 14:36:35 GMT; Max-Age=599940; path=/; httponly CF-RAY 44d60e7613fb97c8-FRA
GET H/1.1	200 OK	/ Show response ctyofwins.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//43Wqu/// Redirect Chain http://www.loafandbehold.com/urlshort_test/uid_long=10281&tracking_id=19285373&token=gZs5q8kFJg3TlSKyEls3xFKEIw7Ygaq3uOzBc1hh&preview=0&subid_json=eyJzdWJpZDEiOiJlOkVhOEZWcUUtNzBLeHdQS2l3bEVHc0ZFRX... http://ctyofwins.com/r/fd895a40-f7ed-42cf-a03b-b63e4bbafbd5//43Wqu/ https://ctyofwins.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//43Wqu///?fctr=1&ptid=c7aff064-63fc-4775-acec-abce9e5c1e8b	733 B 890 B	402ms 96ms	Document text/html	162.213.121.168 Turnkey Internet ...
General Check archive.org Show headers Download Go to Full URL https://ctyofwins.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//43Wqu///?fctr=1&ptid=c7aff064-63fc-4775-acec-abce9e5c1e8b Requested by Host: www.loafandbehold.com URL: http://www.loafandbehold.com/survey/ilfmkten/source=7120/subid=e:Ea8FVqE-70KxwPKiwlEGsFEEsVT6_8_csIEXMsox2uA&subid2=4thscience.com&subid3=7120&firstname=Ian&surname=Dumbleton&city=Wellington/nrp=4rbkfdkhzp90ul8u20tz461tl Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 162.213.121.168 Latham, United States, ASN40244 (TURNKEY-INTERNET - Turnkey Internet Inc., US), Reverse DNS 162-213-121-168.static.as40244.net Software nginx / Resource Hash `56d7197777d4d5e4f49b1804d4c14bc32a1f7dce8eed86aa6e3744087e8e3dbb` Request headers Host ctyofwins.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id DE3835F00CD4FF284D4E564C18047BBD Response headers Server nginx Date Mon, 20 Aug 2018 15:57:36 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive set-cookie 8e4d8882-511a-4735-b38f-b657767e925e=cd8947a3-ec20-4cdf-9bee-f645b33e827e; Version=1; Expires=Wed, 19-Sep-2018 15:57:36 GMT; Max-Age=2592000; Domain=ctyofwins.com; Path=/ 8e4d8882-511a-4735-b38f-b657767e925e-check=cd8947a3-ec20-4cdf-9bee-f645b33e827e; Version=1; Expires=Mon, 20-Aug-2018 16:07:36 GMT; Max-Age=600; Domain=ctyofwins.com; Path=/ Cache-Control no-cache Expires Mon, 20 Aug 2018 15:57:36 GMT Content-Encoding gzip Redirect headers Server nginx Date Mon, 20 Aug 2018 15:57:36 GMT Content-Length 142 Connection keep-alive Location https://ctyofwins.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//43Wqu///?fctr=1&ptid=c7aff064-63fc-4775-acec-abce9e5c1e8b Cache-Control no-cache Expires Mon, 20 Aug 2018 15:57:36 GMT
GET H/1.1	200 OK	Cookie set cd8947a3-ec20-4cdf-9bee-f645b33e827e Show response shawck.com/fff0852f887112d000/100/ Redirect Chain https://ctyofwins.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991//43Wqu//cd8947a3-ec20-4cdf-9bee-f645b33e827e/?fctr=1&ptid=c7aff064-63fc-4775-acec-abce9e5c1e8b&fctr=1 http://shawck.com/fff0852f887112d000/100/cd8947a3-ec20-4cdf-9bee-f645b33e827e	130 B 351 B	542ms 452ms	Document text/html	91.234.99.85 AS-MAROSNET Moscow
General Check archive.org Show headers Download Go to Full URL http://shawck.com/fff0852f887112d000/100/cd8947a3-ec20-4cdf-9bee-f645b33e827e Requested by Host: ctyofwins.com URL: https://ctyofwins.com/r/29e028de-409a-4a78-8317-2efe4b5cb991//43Wqu///?fctr=1&ptid=c7aff064-63fc-4775-acec-abce9e5c1e8b Protocol HTTP/1.1 Server 91.234.99.85 Kiev, Ukraine, ASN48666 (AS-MAROSNET Moscow, Russia, RU), Reverse DNS Software Apache / Resource Hash `4c84c9a657e28d409799883652a88419987b760323405bf87761b341429bf037` Request headers Host shawck.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id DE3835F00CD4FF284D4E564C18047BBD Response headers Date Mon, 20 Aug 2018 15:57:37 GMT Content-Type text/html; charset=UTF-8 Content-Length 130 Server Apache Set-Cookie uid3546=772131090-20180820105737-d7fbf5f46bf47d86452532b502097749-; path=/ Redirect headers Server nginx Date Mon, 20 Aug 2018 15:57:36 GMT Content-Length 100 Connection keep-alive set-cookie 8e4d8882-511a-4735-b38f-b657767e925e=cd8947a3-ec20-4cdf-9bee-f645b33e827e; Version=1; Expires=Wed, 19-Sep-2018 15:57:36 GMT; Max-Age=2592000; Domain=ctyofwins.com; Path=/ Location http://shawck.com/fff0852f887112d000/100/cd8947a3-ec20-4cdf-9bee-f645b33e827e Cache-Control no-cache Expires Mon, 20 Aug 2018 15:57:36 GMT
GET H2	200	Primary Request 4F2_QZL52qG3sKAmPGOO5W Show response aclick.adhoc2.net/ Redirect Chain https://m1o6.safesslredirserv.com/?s1=772131090&s2=472125&kw=472125 https://aclick.adhoc2.net/4F2_QZL52qG3sKAmPGOO5W?tt=2&var3=Prowpur&%3F%3Fs1=772131090&group_id=483&cntrl=00000&pid=10044&redid=75393&gsid=483&campaign_id=1228&p_id=10044&id=XNSX.%3A%3A472125-r75393...	404 B 627 B	130ms 101ms	Document text/html	2400:cb00:2048:1::6819:e412 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://aclick.adhoc2.net/4F2_QZL52qG3sKAmPGOO5W?tt=2&var3=Prowpur&%3F%3Fs1=772131090&group_id=483&cntrl=00000&pid=10044&redid=75393&gsid=483&campaign_id=1228&p_id=10044&id=XNSX.%3A%3A472125-r75393-t483&impid=c3f47502-a491-11e8-9002-12c26be3c49e Requested by Host: shawck.com URL: http://shawck.com/fff0852f887112d000/100/cd8947a3-ec20-4cdf-9bee-f645b33e827e Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::6819:e412 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `9932e74b551edb70e01211f09d0ae9842d31a9f60603a775caf3aedacb1ff2e8` Request headers :method GET :authority aclick.adhoc2.net :scheme https :path /4F2_QZL52qG3sKAmPGOO5W?tt=2&var3=Prowpur&%3F%3Fs1=772131090&group_id=483&cntrl=00000&pid=10044&redid=75393&gsid=483&campaign_id=1228&p_id=10044&id=XNSX.%3A%3A472125-r75393-t483&impid=c3f47502-a491-11e8-9002-12c26be3c49e pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 referer http://shawck.com/fff0852f887112d000/100/cd8947a3-ec20-4cdf-9bee-f645b33e827e accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id DE3835F00CD4FF284D4E564C18047BBD Referer http://shawck.com/fff0852f887112d000/100/cd8947a3-ec20-4cdf-9bee-f645b33e827e Response headers status 200 date Mon, 20 Aug 2018 15:57:40 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=d6331eab3214651339eacb4c27f612e121534780660; expires=Tue, 20-Aug-19 15:57:40 GMT; path=/; domain=.adhoc2.net; HttpOnly vary Accept-Encoding expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 44d60e955ff1978c-FRA content-encoding gzip Redirect headers Date Mon, 20 Aug 2018 15:57:39 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked X-ImpID c3f47502-a491-11e8-9002-12c26be3c49e Location https://aclick.adhoc2.net/4F2_QZL52qG3sKAmPGOO5W?tt=2&var3=Prowpur&%3F%3Fs1=772131090&group_id=483&cntrl=00000&pid=10044&redid=75393&gsid=483&campaign_id=1228&p_id=10044&id=XNSX.%3A%3A472125-r75393-t483&impid=c3f47502-a491-11e8-9002-12c26be3c49e
GET		/ router-ng.allure2.net/click/k5/1o0VJG/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: router-ng.allure2.net
URL: http://router-ng.allure2.net/click/k5/1o0VJG/?%3F%3Fs1=772131090&aid=A3934539606-3826361694-2303646857&campaign_id=1228&clickid=Qj1CHx_pIzAE5CUG4XwI1nqi7G0&cntrl=00000&group_id=483&gsid=483&id=XNSX.%3A%3A472125-r75393-t483&impid=c3f47502-a491-11e8-9002-12c26be3c49e&p_id=10044&pid=10044&redid=75393&var3=Prowpur

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.adhoc2.net/	1970-01-19 03:05:16	Name: __cfduid Value: d6331eab3214651339eacb4c27f612e121534780660

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aclick.adhoc2.net
ctyofwins.com
m1o6.safesslredirserv.com
redirect.4thscience.com
router-ng.allure2.net
shawck.com
www.loafandbehold.com
router-ng.allure2.net
162.213.121.168
185.35.138.112
2400:cb00:2048:1::6819:e412
2400:cb00:2048:1::681b:ac4b
2400:cb00:2048:1::681b:ad4b
5.39.113.246
65.98.109.146
91.234.99.85
2065aecca0fb9b0567358d352ed5f1ab72fce139bf449b4d09805f5d9c3725ed
4c84c9a657e28d409799883652a88419987b760323405bf87761b341429bf037
4fa2f90bcc0ab3501a60e7c7edb31a3c46147f357c112018f7c9887de9ba6446
56d7197777d4d5e4f49b1804d4c14bc32a1f7dce8eed86aa6e3744087e8e3dbb
9932e74b551edb70e01211f09d0ae9842d31a9f60603a775caf3aedacb1ff2e8
b711bf106e56b54fcb06d2abd26fd61e41575ac591a82fd02a6fbae9137fb66f
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4

aclick.adhoc2.net Open in urlscan Pro 2400:cb00:2048:1::6819:e412 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

18 %HTTPS

38 %IPv6

7 Domains

7 Subdomains

6 IPs

4 Countries

129 kBTransfer

355 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

Indicators

aclick.adhoc2.net Open in urlscan Pro
2400:cb00:2048:1::6819:e412 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

18 %
HTTPS

38 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

129 kB
Transfer

355 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions