urlscan.io logo urlscan.io
SecurityTrails logo

l2.clckrs.com Open in urlscan Pro
188.226.172.213  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://uploadphasestroglodytes.site/5wMWFgL21p7nAfMStS8GAh8G8gIStV7mpq_GRh8V9XLnR=9Eh6NGVfLzFnLj4g7n8f8T4k9T8dADwg8zMh9TEp8yhGET8m8T...
Effective URL: https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
Submission: On September 01 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 12 domains to perform 14 HTTP transactions. The main IP is 188.226.172.213, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is l2.clckrs.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on October 30th 2017. Valid for: a year.
This is the only time l2.clckrs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 35.197.52.214 15169 (GOOGLE)
2 52.15.116.42 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 34.240.71.119 16509 (AMAZON-02)
1 1 2400:cb00:204... 13335 (CLOUDFLAR...)
1 1 54.164.198.58 14618 (AMAZON-AES)
1 1 165.227.181.132 14061 (DIGITALOC...)
6 188.226.172.213 14061 (DIGITALOC...)
14 6
2    35.197.52.214 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 214.52.197.35.bc.googleusercontent.com
uploadphasestroglodytes.site
2    52.15.116.42 (Columbus, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-15-116-42.us-east-2.compute.amazonaws.com
ufjdhd.com
1    2a00:1450:4001:806::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
3    2a00:1450:4001:818::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c0c::9d (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80b::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:806::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    34.240.71.119 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-240-71-119.eu-west-1.compute.amazonaws.com
www.heywhatsup.xyz
1    2400:cb00:2048:1::681b:b458 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
x.datingtrk.com
1    54.164.198.58 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-164-198-58.compute-1.amazonaws.com
www.conversiontrk.com
1    165.227.181.132 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
l.brmediatrk.com
6    188.226.172.213 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
PTR: push.7click.com
l2.clckrs.com
Domain Requested by
6 l2.clckrs.com ufjdhd.com
l2.clckrs.com
3 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
2 ufjdhd.com uploadphasestroglodytes.site
ufjdhd.com
2 uploadphasestroglodytes.site
1 l.brmediatrk.com 1 redirects
1 www.conversiontrk.com 1 redirects
1 x.datingtrk.com 1 redirects
1 www.heywhatsup.xyz 1 redirects
1 www.google.de
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com ufjdhd.com
14 12

This site contains links to these domains. Also see Links.

Domain
click2pawn.com
Subject Issuer Validity Valid
*.google-analytics.com
Google Internet Authority G3		 2018-08-14 -
2018-10-23		 2 months crt.sh
www.google.de
Google Internet Authority G3		 2018-08-14 -
2018-10-23		 2 months crt.sh
*.clckrs.com
AlphaSSL CA - SHA256 - G2		 2017-10-30 -
2018-10-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
Frame ID: 68AB37C6C85982BDCB2D55AD40AB3B70
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://uploadphasestroglodytes.site/5wMWFgL21p7nAfMStS8GAh8G8gIStV7mpq_GRh8V9XLnR=9Eh6NGVfLzFnLj4g7n8f8T4k9T8dAD... Page URL
  2. http://ufjdhd.com/click.track?CID=382713&AFID=415875&ADID=1857426&BRITT=Replay-36258&PERK=jonw... Page URL
  3. http://ufjdhd.com/sanitize.go?url=http%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D361%26a... Page URL
  4. http://www.heywhatsup.xyz/aff_c?offer_id=361&aff_id=1063&aff_sub=Replay-36258&aff_sub2=22463-A00071659... HTTP 302
    http://x.datingtrk.com/1ddd953f-8375-4262-be60-d39bc05e3a77?source=902&source2=Replay-36258 HTTP 302
    http://www.conversiontrk.com/track/MzYyLjUyMC41MjAuMTQzNS4wLjAuMC4wLjAuMC4wLjA/?_ocid=w13GNOOG8A8PQRFGH5U... HTTP 302
    http://l.brmediatrk.com/sf1/?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902&_ocid=w13GNOOG8A8PQRFGH5U... HTTP 302
    https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

14
Requests

71 %
HTTPS

50 %
IPv6

12
Domains

12
Subdomains

6
IPs

3
Countries

381 kB
Transfer

478 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://uploadphasestroglodytes.site/5wMWFgL21p7nAfMStS8GAh8G8gIStV7mpq_GRh8V9XLnR=9Eh6NGVfLzFnLj4g7n8f8T4k9T8dADwg8zMh9TEp8yhGET8m8TEo70kiIj8gND0c Page URL
  2. http://ufjdhd.com/click.track?CID=382713&AFID=415875&ADID=1857426&BRITT=Replay-36258&PERK=jonwamn@yahoo.com&SID=22463-A000716590,VR36258,M2c30u1,yahoo Page URL
  3. http://ufjdhd.com/sanitize.go?url=http%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D361%26aff_id%3D1063%26aff_sub%3DReplay-36258%26aff_sub2%3D22463-A000716590%2CVR36258%2CM2c30u1%2Cyahoo%26aff_sub3%3Djonwamn%40yahoo.com Page URL
  4. http://www.heywhatsup.xyz/aff_c?offer_id=361&aff_id=1063&aff_sub=Replay-36258&aff_sub2=22463-A000716590,VR36258,M2c30u1,yahoo&aff_sub3=jonwamn@yahoo.com HTTP 302
    http://x.datingtrk.com/1ddd953f-8375-4262-be60-d39bc05e3a77?source=902&source2=Replay-36258 HTTP 302
    http://www.conversiontrk.com/track/MzYyLjUyMC41MjAuMTQzNS4wLjAuMC4wLjAuMC4wLjA/?_ocid=w13GNOOG8A8PQRFGH5U9EE4O&autocamp=902 HTTP 302
    http://l.brmediatrk.com/sf1/?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902&_ocid=w13GNOOG8A8PQRFGH5U9EE4O&autocamp=902&ocode=MzYyLjM3My4zNzMuOTA2LjEyNTQuMC4wLjAuMC4wLjAuMA HTTP 302
    https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1137666571&t=pageview&_s=1&dl=http%3A%2F%2Fufjdhd.com%2Fclick.track%3FCID%3D382713%26AFID%3D415875%26ADID%3D1857426%26BRITT%3DReplay-36258%26PERK%3Djonwamn%40yahoo.com%26SID%3D22463-A000716590%2CVR36258%2CM2c30u1%2Cyahoo&dr=http%3A%2F%2Fuploadphasestroglodytes.site%2F5wMWFgL21p7nAfMStS8GAh8G8gIStV7mpq_GRh8V9XLnR%3D9Eh6NGVfLzFnLj4g7n8f8T4k9T8dADwg8zMh9TEp8yhGET8m8TEo70kiIj8gND0c&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=oGBAAUAB~&jid=128447277&gjid=2125397634&cid=2023924375.1535773930&tid=UA-109215160-2&_gid=843179649.1535773930&_r=1&gtm=u8o&z=1786144587 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109215160-2&cid=2023924375.1535773930&jid=128447277&_gid=843179649.1535773930&gjid=2125397634&_v=j68&z=1786144587 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=2023924375.1535773930&jid=128447277&_v=j68&z=1786144587 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=2023924375.1535773930&jid=128447277&_v=j68&z=1786144587&slf_rd=1&random=2569794179

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
5wMWFgL21p7nAfMStS8GAh8G8gIStV7mpq_GRh8V9XLnR=9Eh6NGVfLzFnLj4g7n8f8T4k9T8dADwg8zMh9TEp8yhGET8m8TEo70kiIj8gND0c
uploadphasestroglodytes.site/ 		44 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://uploadphasestroglodytes.site/5wMWFgL21p7nAfMStS8GAh8G8gIStV7mpq_GRh8V9XLnR=9Eh6NGVfLzFnLj4g7n8f8T4k9T8dADwg8zMh9TEp8yhGET8m8TEo70kiIj8gND0c
Protocol
HTTP/1.1
Server
35.197.52.214 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.52.197.35.bc.googleusercontent.com
Software
Apache/2.4.18 /
Resource Hash
02e3abcb078c95cad2d5dbff1b240a5dc4e6ef2e7c8f0e34e75947304df0198a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Host
uploadphasestroglodytes.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
68AB37C6C85982BDCB2D55AD40AB3B70

Response headers

Date
Sat, 01 Sep 2018 03:52:08 GMT
Server
Apache/2.4.18
Connection
Close
Vary
Accept-Encoding
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin
Content-Length
13239
Content-Type
text/html; charset=UTF-8
fp.php
uploadphasestroglodytes.site/images/ 		35 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://uploadphasestroglodytes.site/images/fp.php?e=nz9hq2SgoxO5LJuiol5wo20&p=9d0d12375b4ca0e4b7a13993d23dbd04&r=0089e0a7
Protocol
HTTP/1.1
Server
35.197.52.214 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.52.197.35.bc.googleusercontent.com
Software
Apache/2.4.18 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
uploadphasestroglodytes.site
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://uploadphasestroglodytes.site/5wMWFgL21p7nAfMStS8GAh8G8gIStV7mpq_GRh8V9XLnR=9Eh6NGVfLzFnLj4g7n8f8T4k9T8dADwg8zMh9TEp8yhGET8m8TEo70kiIj8gND0c
Connection
keep-alive
Cache-Control
no-cache
Referer
http://uploadphasestroglodytes.site/5wMWFgL21p7nAfMStS8GAh8G8gIStV7mpq_GRh8V9XLnR=9Eh6NGVfLzFnLj4g7n8f8T4k9T8dADwg8zMh9TEp8yhGET8m8TEo70kiIj8gND0c
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 01 Sep 2018 03:52:09 GMT
X-Content-Type-Options
nosniff
Server
Apache/2.4.18
Connection
Close
Content-Length
35
X-Frame-Options
sameorigin
Content-Type
image/gif
click.track
ufjdhd.com/ 		777 B
934 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ufjdhd.com/click.track?CID=382713&AFID=415875&ADID=1857426&BRITT=Replay-36258&PERK=jonwamn@yahoo.com&SID=22463-A000716590,VR36258,M2c30u1,yahoo
Requested by
Host: uploadphasestroglodytes.site
URL: http://uploadphasestroglodytes.site/5wMWFgL21p7nAfMStS8GAh8G8gIStV7mpq_GRh8V9XLnR=9Eh6NGVfLzFnLj4g7n8f8T4k9T8dADwg8zMh9TEp8yhGET8m8TEo70kiIj8gND0c
Protocol
HTTP/1.1
Server
52.15.116.42 Columbus, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-15-116-42.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
b28190b5216c02abbcfa09c58d3582121c3462b0200d01f3ec82965b2788a96c

Request headers

Host
ufjdhd.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://uploadphasestroglodytes.site/5wMWFgL21p7nAfMStS8GAh8G8gIStV7mpq_GRh8V9XLnR=9Eh6NGVfLzFnLj4g7n8f8T4k9T8dADwg8zMh9TEp8yhGET8m8TEo70kiIj8gND0c
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
68AB37C6C85982BDCB2D55AD40AB3B70
Referer
http://uploadphasestroglodytes.site/5wMWFgL21p7nAfMStS8GAh8G8gIStV7mpq_GRh8V9XLnR=9Eh6NGVfLzFnLj4g7n8f8T4k9T8dADwg8zMh9TEp8yhGET8m8TEo70kiIj8gND0c

Response headers

Date
Sat, 01 Sep 2018 03:52:10 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
777
Connection
keep-alive
Server
Apache
js
www.googletagmanager.com/gtag/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-109215160-2
Requested by
Host: ufjdhd.com
URL: http://ufjdhd.com/click.track?CID=382713&AFID=415875&ADID=1857426&BRITT=Replay-36258&PERK=jonwamn@yahoo.com&SID=22463-A000716590,VR36258,M2c30u1,yahoo
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:806::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
f6215fe91398988393e4a7b531cbdff51b5f60933704d93b10ac2f8ef2d1a811
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ufjdhd.com/click.track?CID=382713&AFID=415875&ADID=1857426&BRITT=Replay-36258&PERK=jonwamn@yahoo.com&SID=22463-A000716590,VR36258,M2c30u1,yahoo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 01 Sep 2018 03:52:10 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
25664
x-xss-protection
1; mode=block
expires
Sat, 01 Sep 2018 03:52:10 GMT
sanitize.go
ufjdhd.com/ 		188 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ufjdhd.com/sanitize.go?url=http%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D361%26aff_id%3D1063%26aff_sub%3DReplay-36258%26aff_sub2%3D22463-A000716590%2CVR36258%2CM2c30u1%2Cyahoo%26aff_sub3%3Djonwamn%40yahoo.com
Requested by
Host: ufjdhd.com
URL: http://ufjdhd.com/click.track?CID=382713&AFID=415875&ADID=1857426&BRITT=Replay-36258&PERK=jonwamn@yahoo.com&SID=22463-A000716590,VR36258,M2c30u1,yahoo
Protocol
HTTP/1.1
Server
52.15.116.42 Columbus, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-15-116-42.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
e2de48ef6ade77381ca634eb6a2ce36b5f7048108d076c7525be726c9bc8ade3

Request headers

Host
ufjdhd.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://ufjdhd.com/click.track?CID=382713&AFID=415875&ADID=1857426&BRITT=Replay-36258&PERK=jonwamn@yahoo.com&SID=22463-A000716590,VR36258,M2c30u1,yahoo
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
68AB37C6C85982BDCB2D55AD40AB3B70
Referer
http://ufjdhd.com/click.track?CID=382713&AFID=415875&ADID=1857426&BRITT=Replay-36258&PERK=jonwamn@yahoo.com&SID=22463-A000716590,VR36258,M2c30u1,yahoo

Response headers

Date
Sat, 01 Sep 2018 03:52:10 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
188
Connection
keep-alive
Server
Apache
analytics.js
www.google-analytics.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109215160-2
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://ufjdhd.com/click.track?CID=382713&AFID=415875&ADID=1857426&BRITT=Replay-36258&PERK=jonwamn@yahoo.com&SID=22463-A000716590,VR36258,M2c30u1,yahoo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
784
date
Sat, 01 Sep 2018 03:39:06 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14386
expires
Sat, 01 Sep 2018 05:39:06 GMT
collect
www.google-analytics.com/ 		35 B
126 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://ufjdhd.com/click.track?CID=382713&AFID=415875&ADID=1857426&BRITT=Replay-36258&PERK=jonwamn@yahoo.com&SID=22463-A000716590,VR36258,M2c30u1,yahoo
Origin
http://ufjdhd.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 01 Sep 2018 03:52:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
http://ufjdhd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1137666571&t=pageview&_s=1&dl=http%3A%2F%2Fufjdhd.com%2Fclick.track%3FCID%3D382713%26AFID%3D415875%26ADID%3D1857426%26BRITT%3DReplay-36258%26...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109215160-2&cid=2023924375.1535773930&jid=128447277&_gid=843179649.1535773930&gjid=2125397634&_v=j68&z=1786144587
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=2023924375.1535773930&jid=128447277&_v=j68&z=1786144587
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=2023924375.1535773930&jid=128447277&_v=j68&z=1786144587&slf_rd=1&random=2569794179
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=2023924375.1535773930&jid=128447277&_v=j68&z=1786144587&slf_rd=1&random=2569794179
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ufjdhd.com/click.track?CID=382713&AFID=415875&ADID=1857426&BRITT=Replay-36258&PERK=jonwamn@yahoo.com&SID=22463-A000716590,VR36258,M2c30u1,yahoo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Sep 2018 03:52:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 01 Sep 2018 03:52:10 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=2023924375.1535773930&jid=128447277&_v=j68&z=1786144587&slf_rd=1&random=2569794179
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request sf1
l2.clckrs.com/l/
Redirect Chain
  • http://www.heywhatsup.xyz/aff_c?offer_id=361&aff_id=1063&aff_sub=Replay-36258&aff_sub2=22463-A000716590,VR36258,M2c30u1,yahoo&aff_sub3=jonwamn@yahoo.com
  • http://x.datingtrk.com/1ddd953f-8375-4262-be60-d39bc05e3a77?source=902&source2=Replay-36258
  • http://www.conversiontrk.com/track/MzYyLjUyMC41MjAuMTQzNS4wLjAuMC4wLjAuMC4wLjA/?_ocid=w13GNOOG8A8PQRFGH5U9EE4O&autocamp=902
  • http://l.brmediatrk.com/sf1/?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902&_ocid=w13GNOOG8A8PQRFGH5U9EE4O&autocamp=902&ocode=MzYyLjM3My4zNzMuOTA2LjEyNTQuMC4wLjAuMC4wLjAuMA
  • https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
Requested by
Host: ufjdhd.com
URL: http://ufjdhd.com/sanitize.go?url=http%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D361%26aff_id%3D1063%26aff_sub%3DReplay-36258%26aff_sub2%3D22463-A000716590%2CVR36258%2CM2c30u1%2Cyahoo%26aff_sub3%3Djonwamn%40yahoo.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.226.172.213 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
push.7click.com
Software
nginx/1.13.3 /
Resource Hash
5f732d7dc347608b8024efc823e2292979c3606118549e724b2438c5afb77a2b

Request headers

:method
GET
:authority
l2.clckrs.com
:scheme
https
:path
/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://ufjdhd.com/sanitize.go?url=http%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D361%26aff_id%3D1063%26aff_sub%3DReplay-36258%26aff_sub2%3D22463-A000716590%2CVR36258%2CM2c30u1%2Cyahoo%26aff_sub3%3Djonwamn%40yahoo.com
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
68AB37C6C85982BDCB2D55AD40AB3B70
Referer
http://ufjdhd.com/sanitize.go?url=http%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D361%26aff_id%3D1063%26aff_sub%3DReplay-36258%26aff_sub2%3D22463-A000716590%2CVR36258%2CM2c30u1%2Cyahoo%26aff_sub3%3Djonwamn%40yahoo.com

Response headers

status
200
server
nginx/1.13.3
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
date
Sat, 01 Sep 2018 03:52:11 GMT
set-cookie
XSRF-TOKEN=eyJpdiI6InVVS0gyMXF4K1kyN05cL3ErQ3g3eUNRPT0iLCJ2YWx1ZSI6IlJvN0IwVFl5ajQ3bWppNHZKUTFvTGJodHJmUjhGMXNJcjlVdkNvOG9pczhESm83ZHVsK1FUM29zSG5EQ0dXb0dCQkFScFcyY09OaXc4Y0ppcHhOSFlBPT0iLCJtYWMiOiIyYWQ0Mzc0NmIwNTBmMjlhNzRkYTZmMmNjZDM5MjI2YzJlZTZmMjdmN2Q2ZDExNWJmYmVlMzE0NzE3NjgwMWM2In0%3D; expires=Sat, 01-Sep-2018 05:52:11 GMT; Max-Age=7200; path=/ lander_session=eyJpdiI6Imh6ZGZaZ1wvKytoMVBqMzNablRsRmFBPT0iLCJ2YWx1ZSI6Im1CWTIrdVZqS1JwUFhEalozNjF1eVdHNHh2NXdNZ3BoYjc4TVpyZ25PbWx0ekM4dHJhUGJNQWlyWjVQZHZ5YmR2NldsbG9peVpvSVBWakdwTmwxaDFRPT0iLCJtYWMiOiI3NmY3NWQyYjU5YzcwM2I1MzA2MDMxMGU4YzlhN2RhMDY4OTM1YzQyMmY0NzdmNmU0NmE2MjEzZWVjNzk1MGZhIn0%3D; expires=Sat, 01-Sep-2018 05:52:11 GMT; Max-Age=7200; path=/; HttpOnly
content-encoding
gzip

Redirect headers

Date
Sat, 01 Sep 2018 03:52:11 GMT
Server
Apache/2.4.18 (Ubuntu)
Location
https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
Content-Length
2981
Content-Type
text/html; charset=UTF-8
bootstrap.min.css
l2.clckrs.com/images/sf1/ 		153 KB
153 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://l2.clckrs.com/images/sf1/bootstrap.min.css
Requested by
Host: l2.clckrs.com
URL: https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.226.172.213 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
push.7click.com
Software
nginx/1.13.3 /
Resource Hash
5f9e9e3c4627dc31561e968b23478ba130eea270ef933cd1f183d07f536d4f60

Request headers

:path
/images/sf1/bootstrap.min.css
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InVVS0gyMXF4K1kyN05cL3ErQ3g3eUNRPT0iLCJ2YWx1ZSI6IlJvN0IwVFl5ajQ3bWppNHZKUTFvTGJodHJmUjhGMXNJcjlVdkNvOG9pczhESm83ZHVsK1FUM29zSG5EQ0dXb0dCQkFScFcyY09OaXc4Y0ppcHhOSFlBPT0iLCJtYWMiOiIyYWQ0Mzc0NmIwNTBmMjlhNzRkYTZmMmNjZDM5MjI2YzJlZTZmMjdmN2Q2ZDExNWJmYmVlMzE0NzE3NjgwMWM2In0%3D; lander_session=eyJpdiI6Imh6ZGZaZ1wvKytoMVBqMzNablRsRmFBPT0iLCJ2YWx1ZSI6Im1CWTIrdVZqS1JwUFhEalozNjF1eVdHNHh2NXdNZ3BoYjc4TVpyZ25PbWx0ekM4dHJhUGJNQWlyWjVQZHZ5YmR2NldsbG9peVpvSVBWakdwTmwxaDFRPT0iLCJtYWMiOiI3NmY3NWQyYjU5YzcwM2I1MzA2MDMxMGU4YzlhN2RhMDY4OTM1YzQyMmY0NzdmNmU0NmE2MjEzZWVjNzk1MGZhIn0%3D
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
l2.clckrs.com
referer
https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
:scheme
https
:method
GET
Referer
https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 01 Sep 2018 03:52:11 GMT
last-modified
Tue, 31 Oct 2017 14:41:49 GMT
server
nginx/1.13.3
etag
"59f88bad-263db"
content-type
text/css
status
200
accept-ranges
bytes
content-length
156635
style.css
l2.clckrs.com/images/sf1/ 		32 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://l2.clckrs.com/images/sf1/style.css
Requested by
Host: l2.clckrs.com
URL: https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.226.172.213 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
push.7click.com
Software
nginx/1.13.3 /
Resource Hash
f2520d3e33e412ec92690f79df3c39f1930d22c2cf126dc85a0641bcde13e9c4

Request headers

:path
/images/sf1/style.css
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InVVS0gyMXF4K1kyN05cL3ErQ3g3eUNRPT0iLCJ2YWx1ZSI6IlJvN0IwVFl5ajQ3bWppNHZKUTFvTGJodHJmUjhGMXNJcjlVdkNvOG9pczhESm83ZHVsK1FUM29zSG5EQ0dXb0dCQkFScFcyY09OaXc4Y0ppcHhOSFlBPT0iLCJtYWMiOiIyYWQ0Mzc0NmIwNTBmMjlhNzRkYTZmMmNjZDM5MjI2YzJlZTZmMjdmN2Q2ZDExNWJmYmVlMzE0NzE3NjgwMWM2In0%3D; lander_session=eyJpdiI6Imh6ZGZaZ1wvKytoMVBqMzNablRsRmFBPT0iLCJ2YWx1ZSI6Im1CWTIrdVZqS1JwUFhEalozNjF1eVdHNHh2NXdNZ3BoYjc4TVpyZ25PbWx0ekM4dHJhUGJNQWlyWjVQZHZ5YmR2NldsbG9peVpvSVBWakdwTmwxaDFRPT0iLCJtYWMiOiI3NmY3NWQyYjU5YzcwM2I1MzA2MDMxMGU4YzlhN2RhMDY4OTM1YzQyMmY0NzdmNmU0NmE2MjEzZWVjNzk1MGZhIn0%3D
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
l2.clckrs.com
referer
https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
:scheme
https
:method
GET
Referer
https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 01 Sep 2018 03:52:11 GMT
last-modified
Tue, 31 Oct 2017 14:41:49 GMT
server
nginx/1.13.3
etag
"59f88bad-8067"
content-type
text/css
status
200
accept-ranges
bytes
content-length
32871
pusher.js
l2.clckrs.com/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l2.clckrs.com/pusher.js
Requested by
Host: l2.clckrs.com
URL: https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.226.172.213 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
push.7click.com
Software
nginx/1.13.3 /
Resource Hash
49a9b0ffa7015f71f6653199ba7716c54fb413a8e83521c81ac1d10e0ec92aef

Request headers

:path
/pusher.js
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InVVS0gyMXF4K1kyN05cL3ErQ3g3eUNRPT0iLCJ2YWx1ZSI6IlJvN0IwVFl5ajQ3bWppNHZKUTFvTGJodHJmUjhGMXNJcjlVdkNvOG9pczhESm83ZHVsK1FUM29zSG5EQ0dXb0dCQkFScFcyY09OaXc4Y0ppcHhOSFlBPT0iLCJtYWMiOiIyYWQ0Mzc0NmIwNTBmMjlhNzRkYTZmMmNjZDM5MjI2YzJlZTZmMjdmN2Q2ZDExNWJmYmVlMzE0NzE3NjgwMWM2In0%3D; lander_session=eyJpdiI6Imh6ZGZaZ1wvKytoMVBqMzNablRsRmFBPT0iLCJ2YWx1ZSI6Im1CWTIrdVZqS1JwUFhEalozNjF1eVdHNHh2NXdNZ3BoYjc4TVpyZ25PbWx0ekM4dHJhUGJNQWlyWjVQZHZ5YmR2NldsbG9peVpvSVBWakdwTmwxaDFRPT0iLCJtYWMiOiI3NmY3NWQyYjU5YzcwM2I1MzA2MDMxMGU4YzlhN2RhMDY4OTM1YzQyMmY0NzdmNmU0NmE2MjEzZWVjNzk1MGZhIn0%3D
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
l2.clckrs.com
referer
https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
:scheme
https
:method
GET
Referer
https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 01 Sep 2018 03:52:11 GMT
last-modified
Thu, 30 Nov 2017 12:18:27 GMT
server
nginx/1.13.3
etag
"5a1ff713-97e"
content-type
application/javascript; charset=utf-8
status
200
accept-ranges
bytes
content-length
2430
default.ogg
l2.clckrs.com/images/sf1/ 		11 KB
12 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://l2.clckrs.com/images/sf1/default.ogg
Requested by
Host: l2.clckrs.com
URL: https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.226.172.213 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
push.7click.com
Software
nginx/1.13.3 /
Resource Hash
9bbd64e8db88c92e290a33123f885a16e5aeeff15ff6a26ac983fa4c839e4e34

Request headers

:path
/images/sf1/default.ogg
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InVVS0gyMXF4K1kyN05cL3ErQ3g3eUNRPT0iLCJ2YWx1ZSI6IlJvN0IwVFl5ajQ3bWppNHZKUTFvTGJodHJmUjhGMXNJcjlVdkNvOG9pczhESm83ZHVsK1FUM29zSG5EQ0dXb0dCQkFScFcyY09OaXc4Y0ppcHhOSFlBPT0iLCJtYWMiOiIyYWQ0Mzc0NmIwNTBmMjlhNzRkYTZmMmNjZDM5MjI2YzJlZTZmMjdmN2Q2ZDExNWJmYmVlMzE0NzE3NjgwMWM2In0%3D; lander_session=eyJpdiI6Imh6ZGZaZ1wvKytoMVBqMzNablRsRmFBPT0iLCJ2YWx1ZSI6Im1CWTIrdVZqS1JwUFhEalozNjF1eVdHNHh2NXdNZ3BoYjc4TVpyZ25PbWx0ekM4dHJhUGJNQWlyWjVQZHZ5YmR2NldsbG9peVpvSVBWakdwTmwxaDFRPT0iLCJtYWMiOiI3NmY3NWQyYjU5YzcwM2I1MzA2MDMxMGU4YzlhN2RhMDY4OTM1YzQyMmY0NzdmNmU0NmE2MjEzZWVjNzk1MGZhIn0%3D
accept-encoding
identity;q=1, *;q=0
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
chrome-proxy
frfr
accept
*/*
cache-control
no-cache
:authority
l2.clckrs.com
referer
https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
:scheme
https
range
bytes=0-
:method
GET
Referer
https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Range
bytes=0-
chrome-proxy
frfr

Response headers

date
Sat, 01 Sep 2018 03:52:11 GMT
last-modified
Tue, 31 Oct 2017 14:41:49 GMT
server
nginx/1.13.3
etag
"59f88bad-2dd7"
status
206
content-type
audio/ogg
Content-Range
bytes 0-11734/11735
Content-Length
11735
photo3.jpg
l2.clckrs.com/images/sf1/images/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l2.clckrs.com/images/sf1/images/photo3.jpg
Requested by
Host: l2.clckrs.com
URL: https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.226.172.213 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
push.7click.com
Software
nginx/1.13.3 /
Resource Hash
f403475281fbf391c0fa6b4024984b767ed62c7fe14f22564339df1ce6b62f70

Request headers

:path
/images/sf1/images/photo3.jpg
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6InVVS0gyMXF4K1kyN05cL3ErQ3g3eUNRPT0iLCJ2YWx1ZSI6IlJvN0IwVFl5ajQ3bWppNHZKUTFvTGJodHJmUjhGMXNJcjlVdkNvOG9pczhESm83ZHVsK1FUM29zSG5EQ0dXb0dCQkFScFcyY09OaXc4Y0ppcHhOSFlBPT0iLCJtYWMiOiIyYWQ0Mzc0NmIwNTBmMjlhNzRkYTZmMmNjZDM5MjI2YzJlZTZmMjdmN2Q2ZDExNWJmYmVlMzE0NzE3NjgwMWM2In0%3D; lander_session=eyJpdiI6Imh6ZGZaZ1wvKytoMVBqMzNablRsRmFBPT0iLCJ2YWx1ZSI6Im1CWTIrdVZqS1JwUFhEalozNjF1eVdHNHh2NXdNZ3BoYjc4TVpyZ25PbWx0ekM4dHJhUGJNQWlyWjVQZHZ5YmR2NldsbG9peVpvSVBWakdwTmwxaDFRPT0iLCJtYWMiOiI3NmY3NWQyYjU5YzcwM2I1MzA2MDMxMGU4YzlhN2RhMDY4OTM1YzQyMmY0NzdmNmU0NmE2MjEzZWVjNzk1MGZhIn0%3D
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
l2.clckrs.com
referer
https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
:scheme
https
:method
GET
Referer
https://l2.clckrs.com/l/sf1?s1=cs1&s2=45b8a0ceb1c14a3.46270991&s3=362-902
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 01 Sep 2018 03:52:11 GMT
last-modified
Tue, 31 Oct 2017 14:41:49 GMT
server
nginx/1.13.3
etag
"59f88bad-1f2e6"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
127718

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| app boolean| PreventExitPop function| ExitPop

2 Cookies

Domain/Path Name / Value
l2.clckrs.com/ Name: lander_session
Value: eyJpdiI6Imh6ZGZaZ1wvKytoMVBqMzNablRsRmFBPT0iLCJ2YWx1ZSI6Im1CWTIrdVZqS1JwUFhEalozNjF1eVdHNHh2NXdNZ3BoYjc4TVpyZ25PbWx0ekM4dHJhUGJNQWlyWjVQZHZ5YmR2NldsbG9peVpvSVBWakdwTmwxaDFRPT0iLCJtYWMiOiI3NmY3NWQyYjU5YzcwM2I1MzA2MDMxMGU4YzlhN2RhMDY4OTM1YzQyMmY0NzdmNmU0NmE2MjEzZWVjNzk1MGZhIn0%3D
l2.clckrs.com/ Name: XSRF-TOKEN
Value: eyJpdiI6InVVS0gyMXF4K1kyN05cL3ErQ3g3eUNRPT0iLCJ2YWx1ZSI6IlJvN0IwVFl5ajQ3bWppNHZKUTFvTGJodHJmUjhGMXNJcjlVdkNvOG9pczhESm83ZHVsK1FUM29zSG5EQ0dXb0dCQkFScFcyY09OaXc4Y0ppcHhOSFlBPT0iLCJtYWMiOiIyYWQ0Mzc0NmIwNTBmMjlhNzRkYTZmMmNjZDM5MjI2YzJlZTZmMjdmN2Q2ZDExNWJmYmVlMzE0NzE3NjgwMWM2In0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin