Submitted URL: http://id-jtkv.mailfetchmsg.icu/9081ddcfd94c0e1399bf909688068e0c?nLrLG=&JtKV=cm9uLnBldGVyc29uQGVuYnJpZGdlLmNvbQ==&JtKV=rbFIDWEB
Effective URL: http://yakakolviec.com/pl/0620/2.html?aa=1&sid=bWD5lAWWRVJjqWqk0YDEQMWlHK&%3F%3Fgroup_id=483&aid=A3934539606-3826361694...
Submission: On September 12 via manual from CA

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 20 HTTP transactions. The main IP is 95.211.157.246, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is yakakolviec.com.
This is the only time yakakolviec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 192.3.202.53 36352 (AS-COLOCR...)
2 2400:cb00:204... 13335 (CLOUDFLAR...)
1 1 191.101.34.10 20454 (SSASN2)
1 2400:cb00:204... 13335 (CLOUDFLAR...)
1 1 2400:cb00:204... 13335 (CLOUDFLAR...)
4 95.211.157.246 60781 (LEASEWEB-...)
1 205.185.208.52 20446 (HIGHWINDS3)
1 2a03:2880:f01... 32934 (FACEBOOK)
20 7
Domain Requested by
4 yakakolviec.com yakakolviec.com
4 id-jtkv.mailfetchmsg.icu 1 redirects id-jtkv.mailfetchmsg.icu
2 trk.clk1.site id-jtkv.mailfetchmsg.icu
1 connect.facebook.net yakakolviec.com
1 code.jquery.com yakakolviec.com
1 router-ng.allure2.net 1 redirects
1 aclick.adhoc2.net trk.clk1.site
1 7a59.popularflawlessredirect.com 1 redirects
0 fonts.gstatic.com Failed yakakolviec.com
20 9

This site contains no links.

Subject Issuer Validity Valid
sni166830.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2018-09-07 -
2019-03-16
6 months crt.sh
ssl378290.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2018-05-30 -
2018-12-06
6 months crt.sh
code.jquery.com
Let's Encrypt Authority X3
2018-08-29 -
2018-11-27
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2017-12-15 -
2019-03-22
a year crt.sh

This page contains 1 frames:

Primary Page: http://yakakolviec.com/pl/0620/2.html?aa=1&sid=bWD5lAWWRVJjqWqk0YDEQMWlHK&%3F%3Fgroup_id=483&aid=A3934539606-3826361694-2303646857&campaign_id=20&cntrl=00000&group_id=483&gsid=483&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780&p_id=20172&pid=20172&redid=77295&var3=Prowpur
Frame ID: 6E688876B16702435ACC9333CB04B87D
Requests: 20 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://id-jtkv.mailfetchmsg.icu/9081ddcfd94c0e1399bf909688068e0c?nLrLG=&JtKV=cm9uLnBldGVyc29uQGVuYnJpZGdlLmN... Page URL
  2. http://id-jtkv.mailfetchmsg.icu/redirect?r=aerr HTTP 302
    https://trk.clk1.site/geo-go Page URL
  3. https://trk.clk1.site/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodH... Page URL
  4. https://7a59.popularflawlessredirect.com/ HTTP 302
    https://aclick.adhoc2.net/4F2_QZL52qG3sKAmPGOO5W?tt=2&var3=Prowpur&%3F%3Fgroup_id=483&group_id=483&cnt... Page URL
  5. http://router-ng.allure2.net/click/k5/1o0VJG/?%3F%3Fgroup_id=483&aid=A3934539606-3826361694-2303646857&ca... HTTP 303
    http://yakakolviec.com/pl/0620/2.html?aa=1&sid=bWD5lAWWRVJjqWqk0YDEQMWlHK&%3F%3Fgroup_id=483&aid=A3... Page URL

Page Statistics

20
Requests

25 %
HTTPS

50 %
IPv6

9
Domains

9
Subdomains

7
IPs

4
Countries

583 kB
Transfer

683 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://id-jtkv.mailfetchmsg.icu/9081ddcfd94c0e1399bf909688068e0c?nLrLG=&JtKV=cm9uLnBldGVyc29uQGVuYnJpZGdlLmNvbQ==&JtKV=rbFIDWEB Page URL
  2. http://id-jtkv.mailfetchmsg.icu/redirect?r=aerr HTTP 302
    https://trk.clk1.site/geo-go Page URL
  3. https://trk.clk1.site/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczpcL1wvN2E1OS5wb3B1bGFyZmxhd2xlc3NyZWRpcmVjdC5jb21cLyJ9.LGeZ__tyEzSrqB2yDPUNrfPBTgTivISQiQDXzYGhMHs Page URL
  4. https://7a59.popularflawlessredirect.com/ HTTP 302
    https://aclick.adhoc2.net/4F2_QZL52qG3sKAmPGOO5W?tt=2&var3=Prowpur&%3F%3Fgroup_id=483&group_id=483&cntrl=00000&pid=20172&redid=77295&gsid=483&campaign_id=20&p_id=20172&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780 Page URL
  5. http://router-ng.allure2.net/click/k5/1o0VJG/?%3F%3Fgroup_id=483&aid=A3934539606-3826361694-2303646857&campaign_id=20&clickid=7W_BYwzXIN2SXMB-3Tq8Q7Ei7G0&cntrl=00000&group_id=483&gsid=483&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780&p_id=20172&pid=20172&redid=77295&var3=Prowpur HTTP 303
    http://yakakolviec.com/pl/0620/2.html?aa=1&sid=bWD5lAWWRVJjqWqk0YDEQMWlHK&%3F%3Fgroup_id=483&aid=A3934539606-3826361694-2303646857&campaign_id=20&cntrl=00000&group_id=483&gsid=483&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780&p_id=20172&pid=20172&redid=77295&var3=Prowpur Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://id-jtkv.mailfetchmsg.icu/redirect?r=aerr HTTP 302
  • https://trk.clk1.site/geo-go
Request Chain 5
  • https://7a59.popularflawlessredirect.com/ HTTP 302
  • https://aclick.adhoc2.net/4F2_QZL52qG3sKAmPGOO5W?tt=2&var3=Prowpur&%3F%3Fgroup_id=483&group_id=483&cntrl=00000&pid=20172&redid=77295&gsid=483&campaign_id=20&p_id=20172&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
9081ddcfd94c0e1399bf909688068e0c
id-jtkv.mailfetchmsg.icu/
3 KB
3 KB
Document
General
Full URL
http://id-jtkv.mailfetchmsg.icu/9081ddcfd94c0e1399bf909688068e0c?nLrLG=&JtKV=cm9uLnBldGVyc29uQGVuYnJpZGdlLmNvbQ==&JtKV=rbFIDWEB
Protocol
HTTP/1.1
Server
192.3.202.53 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS
north.givensharp.net
Software
/
Resource Hash
fa0fda43098da11d47b7bdd913bd7439a61e4c9908fbe56cda4b5bd265dbdc4c

Request headers

Host
id-jtkv.mailfetchmsg.icu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
6E688876B16702435ACC9333CB04B87D

Response headers

content-length
3028
last-modified
Mon, 27 Aug 2018 20:15:18 GMT
cache-control
max-age=0
content-type
text/html; charset=utf-8
date
Wed, 12 Sep 2018 11:31:50 GMT
connection
close
main.53281413.js
id-jtkv.mailfetchmsg.icu/static/js/
397 KB
397 KB
Script
General
Full URL
http://id-jtkv.mailfetchmsg.icu/static/js/main.53281413.js
Requested by
Host: id-jtkv.mailfetchmsg.icu
URL: http://id-jtkv.mailfetchmsg.icu/9081ddcfd94c0e1399bf909688068e0c?nLrLG=&JtKV=cm9uLnBldGVyc29uQGVuYnJpZGdlLmNvbQ==&JtKV=rbFIDWEB
Protocol
HTTP/1.1
Server
192.3.202.53 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS
north.givensharp.net
Software
/
Resource Hash
f352d44f836c2394fa7c96112fed7fb8df621ba056315266cafaf5c1ae5b0b39

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
id-jtkv.mailfetchmsg.icu
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://id-jtkv.mailfetchmsg.icu/9081ddcfd94c0e1399bf909688068e0c?nLrLG=&JtKV=cm9uLnBldGVyc29uQGVuYnJpZGdlLmNvbQ==&JtKV=rbFIDWEB
Connection
keep-alive
Cache-Control
no-cache
Referer
http://id-jtkv.mailfetchmsg.icu/9081ddcfd94c0e1399bf909688068e0c?nLrLG=&JtKV=cm9uLnBldGVyc29uQGVuYnJpZGdlLmNvbQ==&JtKV=rbFIDWEB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 11:31:51 GMT
cache-control
max-age=0
last-modified
Mon, 27 Aug 2018 20:14:20 GMT
connection
close
content-length
406321
content-type
application/javascript; charset=utf-8
9081ddcfd94c0e1399bf909688068e0c
id-jtkv.mailfetchmsg.icu/api/
9 B
151 B
XHR
General
Full URL
http://id-jtkv.mailfetchmsg.icu/api/9081ddcfd94c0e1399bf909688068e0c?nLrLG=&JtKV=cm9uLnBldGVyc29uQGVuYnJpZGdlLmNvbQ==&JtKV=rbFIDWEB
Requested by
Host: id-jtkv.mailfetchmsg.icu
URL: http://id-jtkv.mailfetchmsg.icu/static/js/main.53281413.js
Protocol
HTTP/1.1
Server
192.3.202.53 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS
north.givensharp.net
Software
/
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
id-jtkv.mailfetchmsg.icu
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
application/json, text/plain, */*
Referer
http://id-jtkv.mailfetchmsg.icu/
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/plain, */*
Referer
http://id-jtkv.mailfetchmsg.icu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Sep 2018 11:31:52 GMT
connection
close
content-length
9
content-type
text/plain; charset=utf-8
geo-go
trk.clk1.site/
Redirect Chain
  • http://id-jtkv.mailfetchmsg.icu/redirect?r=aerr
  • https://trk.clk1.site/geo-go
329 B
1 KB
Document
General
Full URL
https://trk.clk1.site/geo-go
Requested by
Host: id-jtkv.mailfetchmsg.icu
URL: http://id-jtkv.mailfetchmsg.icu/static/js/main.53281413.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::681b:bbb8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.2.9
Resource Hash
b77c70662016ace0a68cfada2586491a25ad8ded17aff98b04ff54c660ad7f21
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
trk.clk1.site
:scheme
https
:path
/geo-go
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://id-jtkv.mailfetchmsg.icu/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
6E688876B16702435ACC9333CB04B87D
Referer
http://id-jtkv.mailfetchmsg.icu/

Response headers

status
200
date
Wed, 12 Sep 2018 11:31:54 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d769ebda43c8741be7cc6a747284c37861536751913; expires=Thu, 12-Sep-19 11:31:53 GMT; path=/; domain=.clk1.site; HttpOnly _token=uuid_3n75tp74boh5j62sc_3n75tp74boh5j62sc5b98f92a33f819.09606045; expires=Sat, 13-Oct-2018 11:31:54 GMT; Max-Age=2678400; path=/; domain=.trk.clk1.site bca93=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0XCI6MTUzNjc1MTkxNH0sXCJjYW1wYWlnbnNcIjp7XCI0XCI6MTUzNjc1MTkxNH0sXCJ0aW1lXCI6MTUzNjc1MTkxNH0ifQ.ojt22Ax4wUdEHKfgD-fDcFc4DSmEENGIORYM-WrqoIo; expires=Sat, 13-Oct-2018 11:31:54 GMT; Max-Age=2678400; path=/; domain=.trk.clk1.site
x-powered-by
PHP/7.2.9
last-modified
Wed, 12 Sep 2018 11:31:54 GMT
cache-control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
pragma
no-cache
expires
0
x-content-type-options
nosniff
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
45920ce3ce1fbed5-FRA
content-encoding
gzip

Redirect headers

location
https://trk.clk1.site/geo-go
content-type
text/html; charset=utf-8
content-length
87
date
Wed, 12 Sep 2018 11:31:53 GMT
connection
close
gateway.php
trk.clk1.site/
236 B
278 B
Document
General
Full URL
https://trk.clk1.site/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczpcL1wvN2E1OS5wb3B1bGFyZmxhd2xlc3NyZWRpcmVjdC5jb21cLyJ9.LGeZ__tyEzSrqB2yDPUNrfPBTgTivISQiQDXzYGhMHs
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::681b:bbb8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.2.9
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
trk.clk1.site
:scheme
https
:path
/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczpcL1wvN2E1OS5wb3B1bGFyZmxhd2xlc3NyZWRpcmVjdC5jb21cLyJ9.LGeZ__tyEzSrqB2yDPUNrfPBTgTivISQiQDXzYGhMHs
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://trk.clk1.site/geo-go
accept-encoding
gzip, deflate
cookie
__cfduid=d769ebda43c8741be7cc6a747284c37861536751913; _token=uuid_3n75tp74boh5j62sc_3n75tp74boh5j62sc5b98f92a33f819.09606045; bca93=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0XCI6MTUzNjc1MTkxNH0sXCJjYW1wYWlnbnNcIjp7XCI0XCI6MTUzNjc1MTkxNH0sXCJ0aW1lXCI6MTUzNjc1MTkxNH0ifQ.ojt22Ax4wUdEHKfgD-fDcFc4DSmEENGIORYM-WrqoIo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
6E688876B16702435ACC9333CB04B87D
Referer
https://trk.clk1.site/geo-go

Response headers

status
200
date
Wed, 12 Sep 2018 11:31:55 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.2.9
x-content-type-options
nosniff
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
45920ceec9b6bed5-FRA
content-encoding
gzip
4F2_QZL52qG3sKAmPGOO5W
aclick.adhoc2.net/
Redirect Chain
  • https://7a59.popularflawlessredirect.com/
  • https://aclick.adhoc2.net/4F2_QZL52qG3sKAmPGOO5W?tt=2&var3=Prowpur&%3F%3Fgroup_id=483&group_id=483&cntrl=00000&pid=20172&redid=77295&gsid=483&campaign_id=20&p_id=20172&id=XNSX.-r77295-t483&impid=74...
390 B
621 B
Document
General
Full URL
https://aclick.adhoc2.net/4F2_QZL52qG3sKAmPGOO5W?tt=2&var3=Prowpur&%3F%3Fgroup_id=483&group_id=483&cntrl=00000&pid=20172&redid=77295&gsid=483&campaign_id=20&p_id=20172&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780
Requested by
Host: trk.clk1.site
URL: https://trk.clk1.site/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczpcL1wvN2E1OS5wb3B1bGFyZmxhd2xlc3NyZWRpcmVjdC5jb21cLyJ9.LGeZ__tyEzSrqB2yDPUNrfPBTgTivISQiQDXzYGhMHs
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6819:e412 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
aclick.adhoc2.net
:scheme
https
:path
/4F2_QZL52qG3sKAmPGOO5W?tt=2&var3=Prowpur&%3F%3Fgroup_id=483&group_id=483&cntrl=00000&pid=20172&redid=77295&gsid=483&campaign_id=20&p_id=20172&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://trk.clk1.site/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczpcL1wvN2E1OS5wb3B1bGFyZmxhd2xlc3NyZWRpcmVjdC5jb21cLyJ9.LGeZ__tyEzSrqB2yDPUNrfPBTgTivISQiQDXzYGhMHs
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
6E688876B16702435ACC9333CB04B87D
Referer
https://trk.clk1.site/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwczpcL1wvN2E1OS5wb3B1bGFyZmxhd2xlc3NyZWRpcmVjdC5jb21cLyJ9.LGeZ__tyEzSrqB2yDPUNrfPBTgTivISQiQDXzYGhMHs

Response headers

status
200
date
Wed, 12 Sep 2018 11:31:57 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d34660fd19dc07a8e3041b67fe4d639a11536751917; expires=Thu, 12-Sep-19 11:31:57 GMT; path=/; domain=.adhoc2.net; HttpOnly
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
45920cf93b3a6487-FRA
content-encoding
gzip

Redirect headers

Date
Wed, 12 Sep 2018 11:31:56 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-ImpID
7496b448-b67f-11e8-b807-aa1f778d2780
Location
https://aclick.adhoc2.net/4F2_QZL52qG3sKAmPGOO5W?tt=2&var3=Prowpur&%3F%3Fgroup_id=483&group_id=483&cntrl=00000&pid=20172&redid=77295&gsid=483&campaign_id=20&p_id=20172&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780
Primary Request 2.html
yakakolviec.com/pl/0620/
Redirect Chain
  • http://router-ng.allure2.net/click/k5/1o0VJG/?%3F%3Fgroup_id=483&aid=A3934539606-3826361694-2303646857&campaign_id=20&clickid=7W_BYwzXIN2SXMB-3Tq8Q7Ei7G0&cntrl=00000&group_id=483&gsid=483&id=XNSX.-...
  • http://yakakolviec.com/pl/0620/2.html?aa=1&sid=bWD5lAWWRVJjqWqk0YDEQMWlHK&%3F%3Fgroup_id=483&aid=A3934539606-3826361694-2303646857&campaign_id=20&cntrl=00000&group_id=483&gsid=483&id=XNSX.-r77295-t...
31 KB
8 KB
Document
General
Full URL
http://yakakolviec.com/pl/0620/2.html?aa=1&sid=bWD5lAWWRVJjqWqk0YDEQMWlHK&%3F%3Fgroup_id=483&aid=A3934539606-3826361694-2303646857&campaign_id=20&cntrl=00000&group_id=483&gsid=483&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780&p_id=20172&pid=20172&redid=77295&var3=Prowpur
Protocol
HTTP/1.1
Server
95.211.157.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.1.19 /
Resource Hash
3f85adaed6ff8713385df00d314fe9c70b1f5a0b568264f40aac6dc61c1a92b2

Request headers

Host
yakakolviec.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
6E688876B16702435ACC9333CB04B87D

Response headers

Server
nginx/1.1.19
Date
Wed, 12 Sep 2018 11:31:57 GMT
Content-Type
text/html
Last-Modified
Mon, 13 Aug 2018 14:27:31 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip

Redirect headers

Date
Wed, 12 Sep 2018 11:31:57 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=db7c1313306c49ad6bcf616b85179ac061536751917; expires=Thu, 12-Sep-19 11:31:57 GMT; path=/; domain=.allure2.net; HttpOnly
Location
http://yakakolviec.com/pl/0620/2.html?aa=1&sid=bWD5lAWWRVJjqWqk0YDEQMWlHK&%3F%3Fgroup_id=483&aid=A3934539606-3826361694-2303646857&campaign_id=20&cntrl=00000&group_id=483&gsid=483&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780&p_id=20172&pid=20172&redid=77295&var3=Prowpur
Server
cloudflare
CF-RAY
45920cfa225f63cd-FRA
css.css
yakakolviec.com/pl/0620/2_pliki/
11 KB
11 KB
Stylesheet
General
Full URL
http://yakakolviec.com/pl/0620/2_pliki/css.css
Requested by
Host: yakakolviec.com
URL: http://yakakolviec.com/pl/0620/2.html?aa=1&sid=bWD5lAWWRVJjqWqk0YDEQMWlHK&%3F%3Fgroup_id=483&aid=A3934539606-3826361694-2303646857&campaign_id=20&cntrl=00000&group_id=483&gsid=483&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780&p_id=20172&pid=20172&redid=77295&var3=Prowpur
Protocol
HTTP/1.1
Server
95.211.157.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.1.19 /
Resource Hash
10a2c31ed60155ce15e60441f7721cd95f498ff37a4de1c1733f5da6cb436f20

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
yakakolviec.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://yakakolviec.com/pl/0620/2.html?aa=1&sid=bWD5lAWWRVJjqWqk0YDEQMWlHK&%3F%3Fgroup_id=483&aid=A3934539606-3826361694-2303646857&campaign_id=20&cntrl=00000&group_id=483&gsid=483&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780&p_id=20172&pid=20172&redid=77295&var3=Prowpur
Connection
keep-alive
Cache-Control
no-cache
Referer
http://yakakolviec.com/pl/0620/2.html?aa=1&sid=bWD5lAWWRVJjqWqk0YDEQMWlHK&%3F%3Fgroup_id=483&aid=A3934539606-3826361694-2303646857&campaign_id=20&cntrl=00000&group_id=483&gsid=483&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780&p_id=20172&pid=20172&redid=77295&var3=Prowpur
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 12 Sep 2018 11:31:58 GMT
Last-Modified
Wed, 20 Jun 2018 13:44:19 GMT
Server
nginx/1.1.19
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10847
Content-Type
text/css
styles-ad9aa0ea.css
yakakolviec.com/pl/0620/2_pliki/
112 KB
112 KB
Stylesheet
General
Full URL
http://yakakolviec.com/pl/0620/2_pliki/styles-ad9aa0ea.css
Requested by
Host: yakakolviec.com
URL: http://yakakolviec.com/pl/0620/2.html?aa=1&sid=bWD5lAWWRVJjqWqk0YDEQMWlHK&%3F%3Fgroup_id=483&aid=A3934539606-3826361694-2303646857&campaign_id=20&cntrl=00000&group_id=483&gsid=483&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780&p_id=20172&pid=20172&redid=77295&var3=Prowpur
Protocol
HTTP/1.1
Server
95.211.157.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.1.19 /
Resource Hash
93d1f00e7abd3df49c450bb60bc16660155918bdd8af17f72c2cbfbd93f55ab9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
yakakolviec.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://yakakolviec.com/pl/0620/2.html?aa=1&sid=bWD5lAWWRVJjqWqk0YDEQMWlHK&%3F%3Fgroup_id=483&aid=A3934539606-3826361694-2303646857&campaign_id=20&cntrl=00000&group_id=483&gsid=483&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780&p_id=20172&pid=20172&redid=77295&var3=Prowpur
Connection
keep-alive
Cache-Control
no-cache
Referer
http://yakakolviec.com/pl/0620/2.html?aa=1&sid=bWD5lAWWRVJjqWqk0YDEQMWlHK&%3F%3Fgroup_id=483&aid=A3934539606-3826361694-2303646857&campaign_id=20&cntrl=00000&group_id=483&gsid=483&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780&p_id=20172&pid=20172&redid=77295&var3=Prowpur
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 12 Sep 2018 11:31:58 GMT
Last-Modified
Wed, 20 Jun 2018 13:44:19 GMT
Server
nginx/1.1.19
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
114400
Content-Type
text/css
jquery-2.2.4.min.js
code.jquery.com/
84 KB
34 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: yakakolviec.com
URL: http://yakakolviec.com/pl/0620/2.html?aa=1&sid=bWD5lAWWRVJjqWqk0YDEQMWlHK&%3F%3Fgroup_id=483&aid=A3934539606-3826361694-2303646857&campaign_id=20&cntrl=00000&group_id=483&gsid=483&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780&p_id=20172&pid=20172&redid=77295&var3=Prowpur
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://yakakolviec.com/pl/0620/2.html?aa=1&sid=bWD5lAWWRVJjqWqk0YDEQMWlHK&%3F%3Fgroup_id=483&aid=A3934539606-3826361694-2303646857&campaign_id=20&cntrl=00000&group_id=483&gsid=483&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780&p_id=20172&pid=20172&redid=77295&var3=Prowpur
Origin
http://yakakolviec.com

Response headers

Date
Wed, 12 Sep 2018 11:31:58 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 May 2016 17:24:41 GMT
Server
nginx
ETag
W/"573f4859-14e4a"
Vary
Accept-Encoding
X-HW
1536751918.dop009.fr8.t,1536751918.cds049.fr8.shn,1536751918.cds049.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
34834
all-00f295e2.js
yakakolviec.com/pl/0620/2_pliki/
2 KB
2 KB
Script
General
Full URL
http://yakakolviec.com/pl/0620/2_pliki/all-00f295e2.js?0628
Requested by
Host: yakakolviec.com
URL: http://yakakolviec.com/pl/0620/2.html?aa=1&sid=bWD5lAWWRVJjqWqk0YDEQMWlHK&%3F%3Fgroup_id=483&aid=A3934539606-3826361694-2303646857&campaign_id=20&cntrl=00000&group_id=483&gsid=483&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780&p_id=20172&pid=20172&redid=77295&var3=Prowpur
Protocol
HTTP/1.1
Server
95.211.157.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.1.19 /
Resource Hash
d5f4b3bfa95c42c66a9ebf295278a9e5a771a68586ec52b82bf3473cdda32102

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
yakakolviec.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://yakakolviec.com/pl/0620/2.html?aa=1&sid=bWD5lAWWRVJjqWqk0YDEQMWlHK&%3F%3Fgroup_id=483&aid=A3934539606-3826361694-2303646857&campaign_id=20&cntrl=00000&group_id=483&gsid=483&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780&p_id=20172&pid=20172&redid=77295&var3=Prowpur
Connection
keep-alive
Cache-Control
no-cache
Referer
http://yakakolviec.com/pl/0620/2.html?aa=1&sid=bWD5lAWWRVJjqWqk0YDEQMWlHK&%3F%3Fgroup_id=483&aid=A3934539606-3826361694-2303646857&campaign_id=20&cntrl=00000&group_id=483&gsid=483&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780&p_id=20172&pid=20172&redid=77295&var3=Prowpur
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 12 Sep 2018 11:31:58 GMT
Last-Modified
Wed, 08 Aug 2018 11:09:11 GMT
Server
nginx/1.1.19
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1912
Content-Type
application/x-javascript
fbevents.js
connect.facebook.net/en_US/
44 KB
14 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: yakakolviec.com
URL: http://yakakolviec.com/pl/0620/2.html?aa=1&sid=bWD5lAWWRVJjqWqk0YDEQMWlHK&%3F%3Fgroup_id=483&aid=A3934539606-3826361694-2303646857&campaign_id=20&cntrl=00000&group_id=483&gsid=483&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780&p_id=20172&pid=20172&redid=77295&var3=Prowpur
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://yakakolviec.com/pl/0620/2.html?aa=1&sid=bWD5lAWWRVJjqWqk0YDEQMWlHK&%3F%3Fgroup_id=483&aid=A3934539606-3826361694-2303646857&campaign_id=20&cntrl=00000&group_id=483&gsid=483&id=XNSX.-r77295-t483&impid=7496b448-b67f-11e8-b807-aa1f778d2780&p_id=20172&pid=20172&redid=77295&var3=Prowpur
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
x-fb-debug
tPUYnyl45u2ds8PFZTK9VC5CoivVvDj0NalguHrxZ2MFeWOqU8VljNfGsPdpoQo6NHbUugfH1ZXySp0oJccWdw==
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 12 Sep 2018 11:31:58 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
content-length
13680
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
background-1fc8c00b.jpg
yakakolviec.com/pl/0620/images/
0
0

icon-arrow.svg
yakakolviec.com/pl/0620/images/svg/
0
0

icon-signup.svg
yakakolviec.com/pl/0620/images/svg/
0
0

sprite-flags-2-5abd9ffe.png
yakakolviec.com/pl/0620/images/
0
0

6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v11/
0
0

6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v11/
0
0

6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v11/
0
0

icon-check.svg
yakakolviec.com/pl/0620/images/svg/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
yakakolviec.com
URL
http://yakakolviec.com/pl/0620/images/background-1fc8c00b.jpg
Domain
yakakolviec.com
URL
http://yakakolviec.com/pl/0620/images/svg/icon-arrow.svg
Domain
yakakolviec.com
URL
http://yakakolviec.com/pl/0620/images/svg/icon-signup.svg
Domain
yakakolviec.com
URL
http://yakakolviec.com/pl/0620/images/sprite-flags-2-5abd9ffe.png
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/sourcesanspro/v11/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/sourcesanspro/v11/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/sourcesanspro/v11/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
Domain
yakakolviec.com
URL
http://yakakolviec.com/pl/0620/images/svg/icon-check.svg

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
.adhoc2.net/ Name: __cfduid
Value: d34660fd19dc07a8e3041b67fe4d639a11536751917