urlscan.io logo urlscan.io
SecurityTrails logo

bufferingvideos.com Open in urlscan Pro
134.122.8.228  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pc6.metrobank.com/
Effective URL: https://bufferingvideos.com/play/?camperid=sept89&campaign=sept89&device=Samsung%20SM-A205U&model=SM-A205U&country=GB&city=L...
Submission: On August 31 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 11 domains to perform 18 HTTP transactions. The main IP is 134.122.8.228, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is bufferingvideos.com.
TLS certificate: Issued by E5 on August 6th 2024. Valid for: 3 months.
This is the only time bufferingvideos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 185.53.177.52 61969 (TEAMINTER...)
1 2600:9000:225... 16509 (AMAZON-02)
1 18.210.227.137 14618 (AMAZON-AES)
1 1 3.224.14.170 14618 (AMAZON-AES)
2 2 2600:9000:223... 16509 (AMAZON-02)
2 18.239.50.56 16509 (AMAZON-02)
3 178.63.248.57 24940 (HETZNER-AS)
2 157.90.33.121 24940 (HETZNER-AS)
1 67.212.173.76 32475 (SINGLEHOP...)
1 1 24.144.83.121 14061 (DIGITALOC...)
4 134.122.8.228 14061 (DIGITALOC...)
18 8
4    185.53.177.52 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)
pc6.metrobank.com
1    2600:9000:2250:ca00:1d:4618:5c80:21 (United States)

ASN16509 (AMAZON-02, US)
d38psrni17bvxu.cloudfront.net
1    18.210.227.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-227-137.compute-1.amazonaws.com
fabri-qwi.com
1    3.224.14.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-14-170.compute-1.amazonaws.com
khurs-xkt.com
2    2600:9000:223c:1600:f:5851:4840:93a1 (United States)

ASN16509 (AMAZON-02, US)
trk.signupclicks.com
2    18.239.50.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-56.ams58.r.cloudfront.net
allowclicks.com
3    178.63.248.57 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sub6.1push.io
push-sdk.com
2    157.90.33.121 (Ismaning, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sub4.1push.io
uidsync.net
1    67.212.173.76 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
m.jampans.com
1    24.144.83.121 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sizzletrak.com
4    134.122.8.228 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
bufferingvideos.com
Apex Domain
Subdomains		 Transfer
4 bufferingvideos.com
bufferingvideos.com
28 KB
4 metrobank.com
pc6.metrobank.com
4 KB
3 push-sdk.com
push-sdk.com — Cisco Umbrella Rank: 37968
16 KB
2 uidsync.net
uidsync.net — Cisco Umbrella Rank: 36672
708 B
2 allowclicks.com
allowclicks.com
3 KB
2 signupclicks.com
trk.signupclicks.com
2 KB
1 sizzletrak.com
sizzletrak.com — Cisco Umbrella Rank: 654430
404 B
1 jampans.com
m.jampans.com
1 KB
1 khurs-xkt.com
khurs-xkt.com
1000 B
1 fabri-qwi.com
fabri-qwi.com — Cisco Umbrella Rank: 897688
3 KB
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
2 KB
18 11
Domain Requested by
4 bufferingvideos.com m.jampans.com
bufferingvideos.com
4 pc6.metrobank.com d38psrni17bvxu.cloudfront.net
pc6.metrobank.com
3 push-sdk.com allowclicks.com
push-sdk.com
2 uidsync.net push-sdk.com
2 allowclicks.com fabri-qwi.com
2 trk.signupclicks.com 2 redirects
1 sizzletrak.com 1 redirects
1 m.jampans.com allowclicks.com
1 khurs-xkt.com 1 redirects
1 fabri-qwi.com pc6.metrobank.com
1 d38psrni17bvxu.cloudfront.net pc6.metrobank.com
18 11

This site contains no links.

Subject Issuer Validity Valid
zeropark.com
Amazon RSA 2048 M02		 2024-06-11 -
2025-07-09		 a year crt.sh
allowclicks.com
Amazon RSA 2048 M03		 2024-07-06 -
2025-08-04		 a year crt.sh
push-sdk.com
R11		 2024-06-12 -
2024-09-10		 3 months crt.sh
uidsync.net
Sectigo RSA Domain Validation Secure Server CA		 2023-12-30 -
2025-01-29		 a year crt.sh
m.jampans.com
E6		 2024-08-30 -
2024-11-28		 3 months crt.sh
bufferingvideos.com
E5		 2024-08-06 -
2024-11-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bufferingvideos.com/play/?camperid=sept89&campaign=sept89&device=Samsung%20SM-A205U&model=SM-A205U&country=GB&city=London&language=en-GB&cid=cr9g31dmjjbc73960q90&topic={topic}
Frame ID: E8585056C91CC96C6F46F92C28CB5781
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://pc6.metrobank.com/ HTTP 307
    https://pc6.metrobank.com/ HTTP 307
    http://pc6.metrobank.com/ Page URL
  2. http://fabri-qwi.com/zclkvisitor/04105191-678e-11ef-ba49-1266cedafb87/85aefdc2-9ed0-48aa-922d-60f... HTTP 307
    https://fabri-qwi.com/zclkvisitor/04105191-678e-11ef-ba49-1266cedafb87/85aefdc2-9ed0-48aa-922d-60f... Page URL
  3. https://khurs-xkt.com/zclkredirect?visitid=04105191-678e-11ef-ba49-1266cedafb87&type=js&browserWid... HTTP 302
    https://trk.signupclicks.com/zp-redirect?target=https%3A%2F%2Fallowclicks.com%2FeSKIwbedO70saJ%2F%3Ftd%3D... HTTP 302
    https://allowclicks.com/eSKIwbedO70saJ/?td=trk.signupclicks.com&clickid=wr595qgjrk87pbr3j96n364g&sou... Page URL
  4. https://trk.signupclicks.com/click HTTP 302
    https://m.jampans.com/?utm_medium=bdc3ee0a6c8bbf8d5d237f2140c351143971df2a&np=2&cid=deeuen350ngilb... Page URL
  5. https://sizzletrak.com/click?key=f2cc57c9d9fe5e090b3e&subid=M7409267478418686082&pid=655-3e815c8z&p... HTTP 307
    https://bufferingvideos.com/play/?camperid=sept89&campaign=sept89&device=Samsung%20SM-A205U&model=SM-A20... Page URL

Page Statistics

18
Requests

67 %
HTTPS

18 %
IPv6

11
Domains

11
Subdomains

8
IPs

2
Countries

58 kB
Transfer

107 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pc6.metrobank.com/ HTTP 307
    https://pc6.metrobank.com/ HTTP 307
    http://pc6.metrobank.com/ Page URL
  2. http://fabri-qwi.com/zclkvisitor/04105191-678e-11ef-ba49-1266cedafb87/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=f4f6d140-3914-11ef-bced-0affd04c9415 HTTP 307
    https://fabri-qwi.com/zclkvisitor/04105191-678e-11ef-ba49-1266cedafb87/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=f4f6d140-3914-11ef-bced-0affd04c9415 Page URL
  3. https://khurs-xkt.com/zclkredirect?visitid=04105191-678e-11ef-ba49-1266cedafb87&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B01%3A00&timezoneName=Europe%2FLondon HTTP 302
    https://trk.signupclicks.com/zp-redirect?target=https%3A%2F%2Fallowclicks.com%2FeSKIwbedO70saJ%2F%3Ftd%3Dtrk.signupclicks.com%26clickid%3Dwr595qgjrk87pbr3j96n364g%26sourceid%3D00806162-39c8-49d9-a4e7-e1855fa4eec2%26cep%3DcRiO9d9aOQvmg2rjqV76As4BFuz8feFabu5JnsNut8MN_ZKXFmVtZJjWDJWdmOvuhwax7H4p_BJb1LgeRpVn2AH_r7oreOyWkLoUiuU8Qg9ppVq-wHeOOEpswH1Ar2i4cdB29kodeAmRornDVIu6_dQMCf9V5aH7rQDa9QyWuF6EBy7QgJGJ416NEIoDL9zEMl1R9O-aUfgb-4MMXtQBH56ld7ciHcaJmRpFjb2vWiHk-3qfUFXUDV9C849bBw9mvpq5MpMf62KjGLWkPItWViUDORlFPkk0fYHk5N6W9PeDOhGCCqGGa-eoH_VgbcxZW6oOlELA4nRR5P91tdt0Ho0P5v1HLq7QwpGR0FtLA-zLTnTWzVizLVaOYpDlXtenZY54BeyCSEhWoJAwpmbbeqqjiJT80YWe1dPL-NOfbw4i5pRIJqIVYyOJuu2sKXCfNUhx3xpoqkaXkKCTNNBcjDjf5thtbtIcf2gQygWyBHSjp8X6owmeGnMAlVu9PNhFj8sVy1uM8gTfdTefUYvnf10lgPr5BfE9S7sjkyKar_A%26lptoken%3D1717250e108b63bb14d0&caid=00806162-39c8-49d9-a4e7-e1855fa4eec2&zpid=04105191-678e-11ef-ba49-1266cedafb87&cid=&rt=R&ts=1725104514049&hash=Sc-_zkHGXBymowOP_LTcJziD1vTmrmfflP5rPRqTNBw HTTP 302
    https://allowclicks.com/eSKIwbedO70saJ/?td=trk.signupclicks.com&clickid=wr595qgjrk87pbr3j96n364g&sourceid=00806162-39c8-49d9-a4e7-e1855fa4eec2&cep=cRiO9d9aOQvmg2rjqV76As4BFuz8feFabu5JnsNut8MN_ZKXFmVtZJjWDJWdmOvuhwax7H4p_BJb1LgeRpVn2AH_r7oreOyWkLoUiuU8Qg9ppVq-wHeOOEpswH1Ar2i4cdB29kodeAmRornDVIu6_dQMCf9V5aH7rQDa9QyWuF6EBy7QgJGJ416NEIoDL9zEMl1R9O-aUfgb-4MMXtQBH56ld7ciHcaJmRpFjb2vWiHk-3qfUFXUDV9C849bBw9mvpq5MpMf62KjGLWkPItWViUDORlFPkk0fYHk5N6W9PeDOhGCCqGGa-eoH_VgbcxZW6oOlELA4nRR5P91tdt0Ho0P5v1HLq7QwpGR0FtLA-zLTnTWzVizLVaOYpDlXtenZY54BeyCSEhWoJAwpmbbeqqjiJT80YWe1dPL-NOfbw4i5pRIJqIVYyOJuu2sKXCfNUhx3xpoqkaXkKCTNNBcjDjf5thtbtIcf2gQygWyBHSjp8X6owmeGnMAlVu9PNhFj8sVy1uM8gTfdTefUYvnf10lgPr5BfE9S7sjkyKar_A&lptoken=1717250e108b63bb14d0 Page URL
  4. https://trk.signupclicks.com/click HTTP 302
    https://m.jampans.com/?utm_medium=bdc3ee0a6c8bbf8d5d237f2140c351143971df2a&np=2&cid=deeuen350ngilbr332dng830&utm_campaign=00806162-39c8-49d9-a4e7-e1855fa4eec2 Page URL
  5. https://sizzletrak.com/click?key=f2cc57c9d9fe5e090b3e&subid=M7409267478418686082&pid=655-3e815c8z&partner_id=655 HTTP 307
    https://bufferingvideos.com/play/?camperid=sept89&campaign=sept89&device=Samsung%20SM-A205U&model=SM-A205U&country=GB&city=London&language=en-GB&cid=cr9g31dmjjbc73960q90&topic={topic} Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://pc6.metrobank.com/ HTTP 307
  • https://pc6.metrobank.com/ HTTP 307
  • http://pc6.metrobank.com/
Request Chain 5
  • http://fabri-qwi.com/zclkvisitor/04105191-678e-11ef-ba49-1266cedafb87/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=f4f6d140-3914-11ef-bced-0affd04c9415 HTTP 307
  • https://fabri-qwi.com/zclkvisitor/04105191-678e-11ef-ba49-1266cedafb87/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=f4f6d140-3914-11ef-bced-0affd04c9415
Request Chain 6
  • https://khurs-xkt.com/zclkredirect?visitid=04105191-678e-11ef-ba49-1266cedafb87&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B01%3A00&timezoneName=Europe%2FLondon HTTP 302
  • https://trk.signupclicks.com/zp-redirect?target=https%3A%2F%2Fallowclicks.com%2FeSKIwbedO70saJ%2F%3Ftd%3Dtrk.signupclicks.com%26clickid%3Dwr595qgjrk87pbr3j96n364g%26sourceid%3D00806162-39c8-49d9-a4e7-e1855fa4eec2%26cep%3DcRiO9d9aOQvmg2rjqV76As4BFuz8feFabu5JnsNut8MN_ZKXFmVtZJjWDJWdmOvuhwax7H4p_BJb1LgeRpVn2AH_r7oreOyWkLoUiuU8Qg9ppVq-wHeOOEpswH1Ar2i4cdB29kodeAmRornDVIu6_dQMCf9V5aH7rQDa9QyWuF6EBy7QgJGJ416NEIoDL9zEMl1R9O-aUfgb-4MMXtQBH56ld7ciHcaJmRpFjb2vWiHk-3qfUFXUDV9C849bBw9mvpq5MpMf62KjGLWkPItWViUDORlFPkk0fYHk5N6W9PeDOhGCCqGGa-eoH_VgbcxZW6oOlELA4nRR5P91tdt0Ho0P5v1HLq7QwpGR0FtLA-zLTnTWzVizLVaOYpDlXtenZY54BeyCSEhWoJAwpmbbeqqjiJT80YWe1dPL-NOfbw4i5pRIJqIVYyOJuu2sKXCfNUhx3xpoqkaXkKCTNNBcjDjf5thtbtIcf2gQygWyBHSjp8X6owmeGnMAlVu9PNhFj8sVy1uM8gTfdTefUYvnf10lgPr5BfE9S7sjkyKar_A%26lptoken%3D1717250e108b63bb14d0&caid=00806162-39c8-49d9-a4e7-e1855fa4eec2&zpid=04105191-678e-11ef-ba49-1266cedafb87&cid=&rt=R&ts=1725104514049&hash=Sc-_zkHGXBymowOP_LTcJziD1vTmrmfflP5rPRqTNBw HTTP 302
  • https://allowclicks.com/eSKIwbedO70saJ/?td=trk.signupclicks.com&clickid=wr595qgjrk87pbr3j96n364g&sourceid=00806162-39c8-49d9-a4e7-e1855fa4eec2&cep=cRiO9d9aOQvmg2rjqV76As4BFuz8feFabu5JnsNut8MN_ZKXFmVtZJjWDJWdmOvuhwax7H4p_BJb1LgeRpVn2AH_r7oreOyWkLoUiuU8Qg9ppVq-wHeOOEpswH1Ar2i4cdB29kodeAmRornDVIu6_dQMCf9V5aH7rQDa9QyWuF6EBy7QgJGJ416NEIoDL9zEMl1R9O-aUfgb-4MMXtQBH56ld7ciHcaJmRpFjb2vWiHk-3qfUFXUDV9C849bBw9mvpq5MpMf62KjGLWkPItWViUDORlFPkk0fYHk5N6W9PeDOhGCCqGGa-eoH_VgbcxZW6oOlELA4nRR5P91tdt0Ho0P5v1HLq7QwpGR0FtLA-zLTnTWzVizLVaOYpDlXtenZY54BeyCSEhWoJAwpmbbeqqjiJT80YWe1dPL-NOfbw4i5pRIJqIVYyOJuu2sKXCfNUhx3xpoqkaXkKCTNNBcjDjf5thtbtIcf2gQygWyBHSjp8X6owmeGnMAlVu9PNhFj8sVy1uM8gTfdTefUYvnf10lgPr5BfE9S7sjkyKar_A&lptoken=1717250e108b63bb14d0
Request Chain 13
  • https://trk.signupclicks.com/click HTTP 302
  • https://m.jampans.com/?utm_medium=bdc3ee0a6c8bbf8d5d237f2140c351143971df2a&np=2&cid=deeuen350ngilbr332dng830&utm_campaign=00806162-39c8-49d9-a4e7-e1855fa4eec2

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
pc6.metrobank.com/
Redirect Chain
  • http://pc6.metrobank.com/
  • https://pc6.metrobank.com/
  • http://pc6.metrobank.com/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://pc6.metrobank.com/
Protocol
HTTP/1.1
Server
185.53.177.52 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
c6dfb73e9f0679a92d99ea93a1f7c011d42a9a8de0731150c59df08f23de8368

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Accept-CH
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime
30
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 31 Aug 2024 11:41:52 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_t0QYupCE9NHwzycsf8r3lOFu8ZOr0CsoUPvrrFAcaGMzZ4zyvVBQH2a5ZLISWWvCoPX8NJWRev2PMMyxlAYLGQ==
X-Buckets
X-Domain
metrobank.com
X-Language
english
X-Redirect
zeropark_zeroclick
X-Subdomain
pc6
X-Template
tpl_MobileCleanBlack_twoclick

Redirect headers

Location
http://pc6.metrobank.com/
Non-Authoritative-Reason
HttpsUpgrades
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: pc6.metrobank.com
URL: http://pc6.metrobank.com/
Protocol
HTTP/1.1
Server
2600:9000:2250:ca00:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

Referer
http://pc6.metrobank.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Sat, 31 Aug 2024 01:30:11 GMT
Via
1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 Mar 2024 11:48:11 GMT
Server
nginx
X-Amz-Cf-Pop
FRA60-P2
Age
36701
ETag
"65fc1e7b-448"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1096
X-Amz-Cf-Id
eGE2u20pHXdk1P7sONQmI0eww0RbmIFBmQSgOjOrxHM-ggSsHryT1g==
track.php
pc6.metrobank.com/ 		0
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://pc6.metrobank.com/track.php?domain=metrobank.com&toggle=browserjs&uid=MTcyNTEwNDUxMi4xMzQyOjQxYTY2NGYwNmUzYTNhZmFhYWViNDE3YTEwMDljNTk2N2IzMGNlYTkzNWE3NzI1M2IzYzZhZDVhOTk2M2U4ZTg6NjZkMzAxODAyMGMxMQ%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
185.53.177.52 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://pc6.metrobank.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Sat, 31 Aug 2024 11:41:52 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
browserjs
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
Connection
keep-alive
ls.php
pc6.metrobank.com/ 		16 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://pc6.metrobank.com/ls.php?t=66d30180&token=5f1e6b6766bf851c795caf670053ab8bf0f8b1df
Requested by
Host: pc6.metrobank.com
URL: http://pc6.metrobank.com/
Protocol
HTTP/1.1
Server
185.53.177.52 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://pc6.metrobank.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Sat, 31 Aug 2024 11:41:52 GMT
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding
chunked
Accept-CH-Lifetime
30
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Methods
POST, OPTIONS
Charset
utf-8
Access-Control-Max-Age
86400
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_nDtiiUnGjL0tmOfglKWwYNyP0yKZSLZo9ogUxyedeer5s5FVx8lzXLGBmbYSpZ9ybpxgAZ25eODSjPEq/Cbk4Q==
Connection
keep-alive
X-Log-Success
66d30180ef218d0cc90f3fdb
track.php
pc6.metrobank.com/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://pc6.metrobank.com/track.php?click=ead99348d7a9df0d6fc49877ca5d98ca8252dec7&domain=metrobank.com&uid=MTcyNTEwNDUxMi4xMzQyOjQxYTY2NGYwNmUzYTNhZmFhYWViNDE3YTEwMDljNTk2N2IzMGNlYTkzNWE3NzI1M2IzYzZhZDVhOTk2M2U4ZTg6NjZkMzAxODAyMGMxMQ%3D%3D&ts=fE1vYmlsZUNsZWFuQmxhY2t8fDQ3OWMwfHx8fHx8fDY2ZDMwMTgwMjBiZDN8fHwxNzI1MTA0NTEyLjQzODh8NzMzMzBkMDU0ODcwNzE3ZjllZjY4OTI4MDFmZDg2OGE0MzNjYTMwZXx8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDVmMWU2YjY3NjZiZjg1MWM3OTVjYWY2NzAwNTNhYjhiZjBmOGIxZGZ8MHx8MHwwfHx8&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
185.53.177.52 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://pc6.metrobank.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Sat, 31 Aug 2024 11:41:52 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
none
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
X-View-Match
true
Connection
keep-alive
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
fabri-qwi.com/zclkvisitor/04105191-678e-11ef-ba49-1266cedafb87/
Redirect Chain
  • http://fabri-qwi.com/zclkvisitor/04105191-678e-11ef-ba49-1266cedafb87/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=f4f6d140-3914-11ef-bced-0affd04c9415
  • https://fabri-qwi.com/zclkvisitor/04105191-678e-11ef-ba49-1266cedafb87/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=f4f6d140-3914-11ef-bced-0affd04c9415
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fabri-qwi.com/zclkvisitor/04105191-678e-11ef-ba49-1266cedafb87/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=f4f6d140-3914-11ef-bced-0affd04c9415
Requested by
Host: pc6.metrobank.com
URL: http://pc6.metrobank.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.227.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-227-137.compute-1.amazonaws.com
Software
/
Resource Hash
5ca61e9cd0c56f72c50bd1fb5e1e6bae399f3f5d083078bc2c416010b921c6c2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://pc6.metrobank.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
3088
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Sat, 31 Aug 2024 11:41:53 GMT

Redirect headers

Location
https://fabri-qwi.com/zclkvisitor/04105191-678e-11ef-ba49-1266cedafb87/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=f4f6d140-3914-11ef-bced-0affd04c9415
Non-Authoritative-Reason
HttpsUpgrades
/
allowclicks.com/eSKIwbedO70saJ/
Redirect Chain
  • https://khurs-xkt.com/zclkredirect?visitid=04105191-678e-11ef-ba49-1266cedafb87&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
  • https://trk.signupclicks.com/zp-redirect?target=https%3A%2F%2Fallowclicks.com%2FeSKIwbedO70saJ%2F%3Ftd%3Dtrk.signupclicks.com%26clickid%3Dwr595qgjrk87pbr3j96n364g%26sourceid%3D00806162-39c8-49d9-a4...
  • https://allowclicks.com/eSKIwbedO70saJ/?td=trk.signupclicks.com&clickid=wr595qgjrk87pbr3j96n364g&sourceid=00806162-39c8-49d9-a4e7-e1855fa4eec2&cep=cRiO9d9aOQvmg2rjqV76As4BFuz8feFabu5JnsNut8MN_ZKXFm...
9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://allowclicks.com/eSKIwbedO70saJ/?td=trk.signupclicks.com&clickid=wr595qgjrk87pbr3j96n364g&sourceid=00806162-39c8-49d9-a4e7-e1855fa4eec2&cep=cRiO9d9aOQvmg2rjqV76As4BFuz8feFabu5JnsNut8MN_ZKXFmVtZJjWDJWdmOvuhwax7H4p_BJb1LgeRpVn2AH_r7oreOyWkLoUiuU8Qg9ppVq-wHeOOEpswH1Ar2i4cdB29kodeAmRornDVIu6_dQMCf9V5aH7rQDa9QyWuF6EBy7QgJGJ416NEIoDL9zEMl1R9O-aUfgb-4MMXtQBH56ld7ciHcaJmRpFjb2vWiHk-3qfUFXUDV9C849bBw9mvpq5MpMf62KjGLWkPItWViUDORlFPkk0fYHk5N6W9PeDOhGCCqGGa-eoH_VgbcxZW6oOlELA4nRR5P91tdt0Ho0P5v1HLq7QwpGR0FtLA-zLTnTWzVizLVaOYpDlXtenZY54BeyCSEhWoJAwpmbbeqqjiJT80YWe1dPL-NOfbw4i5pRIJqIVYyOJuu2sKXCfNUhx3xpoqkaXkKCTNNBcjDjf5thtbtIcf2gQygWyBHSjp8X6owmeGnMAlVu9PNhFj8sVy1uM8gTfdTefUYvnf10lgPr5BfE9S7sjkyKar_A&lptoken=1717250e108b63bb14d0
Requested by
Host: fabri-qwi.com
URL: https://fabri-qwi.com/zclkvisitor/04105191-678e-11ef-ba49-1266cedafb87/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=f4f6d140-3914-11ef-bced-0affd04c9415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.50.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-50-56.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
750a916feb9dc4594b4c3334879b854590a5c6603d5ab6caba89cc52fa609b95

Request headers

Referer
https://fabri-qwi.com/zclkvisitor/04105191-678e-11ef-ba49-1266cedafb87/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=f4f6d140-3914-11ef-bced-0affd04c9415
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

age
5735
content-encoding
gzip
content-type
text/html
date
Sat, 31 Aug 2024 10:06:20 GMT
etag
W/"bc5f0821283edcde4a44299b6be17a13"
last-modified
Fri, 14 Jun 2024 11:38:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 702b555619c53ec5f8f56dfeed61c334.cloudfront.net (CloudFront)
x-amz-cf-id
scvCBOx_cSpb9J1q0naSTjOwND8HqaMKPG2DRmKIVRZnmoFMvu0_Gg==
x-amz-cf-pop
AMS58-P3
x-cache
Hit from cloudfront

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Sat, 31 Aug 2024 11:41:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://allowclicks.com/eSKIwbedO70saJ/?td=trk.signupclicks.com&clickid=wr595qgjrk87pbr3j96n364g&sourceid=00806162-39c8-49d9-a4e7-e1855fa4eec2&cep=cRiO9d9aOQvmg2rjqV76As4BFuz8feFabu5JnsNut8MN_ZKXFmVtZJjWDJWdmOvuhwax7H4p_BJb1LgeRpVn2AH_r7oreOyWkLoUiuU8Qg9ppVq-wHeOOEpswH1Ar2i4cdB29kodeAmRornDVIu6_dQMCf9V5aH7rQDa9QyWuF6EBy7QgJGJ416NEIoDL9zEMl1R9O-aUfgb-4MMXtQBH56ld7ciHcaJmRpFjb2vWiHk-3qfUFXUDV9C849bBw9mvpq5MpMf62KjGLWkPItWViUDORlFPkk0fYHk5N6W9PeDOhGCCqGGa-eoH_VgbcxZW6oOlELA4nRR5P91tdt0Ho0P5v1HLq7QwpGR0FtLA-zLTnTWzVizLVaOYpDlXtenZY54BeyCSEhWoJAwpmbbeqqjiJT80YWe1dPL-NOfbw4i5pRIJqIVYyOJuu2sKXCfNUhx3xpoqkaXkKCTNNBcjDjf5thtbtIcf2gQygWyBHSjp8X6owmeGnMAlVu9PNhFj8sVy1uM8gTfdTefUYvnf10lgPr5BfE9S7sjkyKar_A&lptoken=1717250e108b63bb14d0
pragma
no-cache
server
nginx
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-id
e6iKHFBbb3dsgS3AMlxL5ZlAEAnIyio1nF7Ksr1kycPWnsliOtKtFQ==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
sdk.js
push-sdk.com/f/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://push-sdk.com/f/sdk.js?z=1222145
Requested by
Host: allowclicks.com
URL: https://allowclicks.com/eSKIwbedO70saJ/?td=trk.signupclicks.com&clickid=wr595qgjrk87pbr3j96n364g&sourceid=00806162-39c8-49d9-a4e7-e1855fa4eec2&cep=cRiO9d9aOQvmg2rjqV76As4BFuz8feFabu5JnsNut8MN_ZKXFmVtZJjWDJWdmOvuhwax7H4p_BJb1LgeRpVn2AH_r7oreOyWkLoUiuU8Qg9ppVq-wHeOOEpswH1Ar2i4cdB29kodeAmRornDVIu6_dQMCf9V5aH7rQDa9QyWuF6EBy7QgJGJ416NEIoDL9zEMl1R9O-aUfgb-4MMXtQBH56ld7ciHcaJmRpFjb2vWiHk-3qfUFXUDV9C849bBw9mvpq5MpMf62KjGLWkPItWViUDORlFPkk0fYHk5N6W9PeDOhGCCqGGa-eoH_VgbcxZW6oOlELA4nRR5P91tdt0Ho0P5v1HLq7QwpGR0FtLA-zLTnTWzVizLVaOYpDlXtenZY54BeyCSEhWoJAwpmbbeqqjiJT80YWe1dPL-NOfbw4i5pRIJqIVYyOJuu2sKXCfNUhx3xpoqkaXkKCTNNBcjDjf5thtbtIcf2gQygWyBHSjp8X6owmeGnMAlVu9PNhFj8sVy1uM8gTfdTefUYvnf10lgPr5BfE9S7sjkyKar_A&lptoken=1717250e108b63bb14d0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.63.248.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub6.1push.io
Software
Angie /
Resource Hash
7a54a48535e98ca46d1275d906a69cb3a95a5026a5034ef300ec56318155d38e

Request headers

Referer
https://allowclicks.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 31 Aug 2024 11:41:54 GMT
content-encoding
gzip
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate
server
Angie
content-length
15349
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
event
push-sdk.com/ 		0
527 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://push-sdk.com/event?z=1222145
Requested by
Host: push-sdk.com
URL: https://push-sdk.com/f/sdk.js?z=1222145
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.63.248.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub6.1push.io
Software
Angie /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://allowclicks.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 31 Aug 2024 11:41:55 GMT
server
Angie
accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://allowclicks.com
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
content-length
0
expires
Tue, 11 Jan 1994 00:00:00 GMT
favicon.ico
allowclicks.com/ 		378 B
626 B 		Other
General
Check archive.org
Download Go to
Full URL
https://allowclicks.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.50.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-50-56.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6dc70f2ebe9863e3599136d7b97fbd2653ccd47f2d103d0aeb42dcfd3ae75a53

Request headers

Referer
https://allowclicks.com/eSKIwbedO70saJ/?td=trk.signupclicks.com&clickid=wr595qgjrk87pbr3j96n364g&sourceid=00806162-39c8-49d9-a4e7-e1855fa4eec2&cep=cRiO9d9aOQvmg2rjqV76As4BFuz8feFabu5JnsNut8MN_ZKXFmVtZJjWDJWdmOvuhwax7H4p_BJb1LgeRpVn2AH_r7oreOyWkLoUiuU8Qg9ppVq-wHeOOEpswH1Ar2i4cdB29kodeAmRornDVIu6_dQMCf9V5aH7rQDa9QyWuF6EBy7QgJGJ416NEIoDL9zEMl1R9O-aUfgb-4MMXtQBH56ld7ciHcaJmRpFjb2vWiHk-3qfUFXUDV9C849bBw9mvpq5MpMf62KjGLWkPItWViUDORlFPkk0fYHk5N6W9PeDOhGCCqGGa-eoH_VgbcxZW6oOlELA4nRR5P91tdt0Ho0P5v1HLq7QwpGR0FtLA-zLTnTWzVizLVaOYpDlXtenZY54BeyCSEhWoJAwpmbbeqqjiJT80YWe1dPL-NOfbw4i5pRIJqIVYyOJuu2sKXCfNUhx3xpoqkaXkKCTNNBcjDjf5thtbtIcf2gQygWyBHSjp8X6owmeGnMAlVu9PNhFj8sVy1uM8gTfdTefUYvnf10lgPr5BfE9S7sjkyKar_A&lptoken=1717250e108b63bb14d0
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Sat, 31 Aug 2024 11:41:54 GMT
via
1.1 702b555619c53ec5f8f56dfeed61c334.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
AMS58-P3
x-cache
Error from cloudfront
content-type
text/html; charset=utf-8
content-length
378
x-amz-cf-id
rJCI2heUkmF6Qc9mxJpoqvlMTXrbxqGL5oeAJTc5hEXy1uHkJl59Dw==
sync
uidsync.net/ 		62 B
708 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://uidsync.net/sync?user_id=oLp55WY8U4dTyzftUOL2FI
Requested by
Host: push-sdk.com
URL: https://push-sdk.com/f/sdk.js?z=1222145
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.121 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub4.1push.io
Software
Angie /
Resource Hash
4e5aea278d69c2a03d00fb13491b189f6a2a3b2052077021d8aa0cc1c4d2ab4a

Request headers

Referer
https://allowclicks.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 31 Aug 2024 11:41:55 GMT
server
Angie
accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://allowclicks.com
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
content-length
62
expires
Tue, 11 Jan 1994 00:00:00 GMT
sync
uidsync.net/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://uidsync.net/sync?user_id=oLp55WY8U4dTyzftUOL2FI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.121 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub4.1push.io
Software
Angie /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://allowclicks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://allowclicks.com
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
date
Sat, 31 Aug 2024 11:41:55 GMT
expires
Tue, 11 Jan 1994 00:00:00 GMT
pragma
no-cache
server
Angie
event
push-sdk.com/ 		0
528 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://push-sdk.com/event?z=1222145
Requested by
Host: push-sdk.com
URL: https://push-sdk.com/f/sdk.js?z=1222145
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.63.248.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub6.1push.io
Software
Angie /
Resource Hash

Request headers

Referer
https://allowclicks.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 31 Aug 2024 11:41:56 GMT
server
Angie
accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://allowclicks.com
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
content-length
0
expires
Tue, 11 Jan 1994 00:00:00 GMT
/
m.jampans.com/
Redirect Chain
  • https://trk.signupclicks.com/click
  • https://m.jampans.com/?utm_medium=bdc3ee0a6c8bbf8d5d237f2140c351143971df2a&np=2&cid=deeuen350ngilbr332dng830&utm_campaign=00806162-39c8-49d9-a4e7-e1855fa4eec2
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.jampans.com/?utm_medium=bdc3ee0a6c8bbf8d5d237f2140c351143971df2a&np=2&cid=deeuen350ngilbr332dng830&utm_campaign=00806162-39c8-49d9-a4e7-e1855fa4eec2
Requested by
Host: allowclicks.com
URL: https://allowclicks.com/eSKIwbedO70saJ/?td=trk.signupclicks.com&clickid=wr595qgjrk87pbr3j96n364g&sourceid=00806162-39c8-49d9-a4e7-e1855fa4eec2&cep=cRiO9d9aOQvmg2rjqV76As4BFuz8feFabu5JnsNut8MN_ZKXFmVtZJjWDJWdmOvuhwax7H4p_BJb1LgeRpVn2AH_r7oreOyWkLoUiuU8Qg9ppVq-wHeOOEpswH1Ar2i4cdB29kodeAmRornDVIu6_dQMCf9V5aH7rQDa9QyWuF6EBy7QgJGJ416NEIoDL9zEMl1R9O-aUfgb-4MMXtQBH56ld7ciHcaJmRpFjb2vWiHk-3qfUFXUDV9C849bBw9mvpq5MpMf62KjGLWkPItWViUDORlFPkk0fYHk5N6W9PeDOhGCCqGGa-eoH_VgbcxZW6oOlELA4nRR5P91tdt0Ho0P5v1HLq7QwpGR0FtLA-zLTnTWzVizLVaOYpDlXtenZY54BeyCSEhWoJAwpmbbeqqjiJT80YWe1dPL-NOfbw4i5pRIJqIVYyOJuu2sKXCfNUhx3xpoqkaXkKCTNNBcjDjf5thtbtIcf2gQygWyBHSjp8X6owmeGnMAlVu9PNhFj8sVy1uM8gTfdTefUYvnf10lgPr5BfE9S7sjkyKar_A&lptoken=1717250e108b63bb14d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.173.76 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
9323e07044480b6e5f9a2c0ab5054c6274926382c6b171485ff899c8e43addf8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://allowclicks.com/eSKIwbedO70saJ/?td=trk.signupclicks.com&clickid=wr595qgjrk87pbr3j96n364g&sourceid=00806162-39c8-49d9-a4e7-e1855fa4eec2&cep=cRiO9d9aOQvmg2rjqV76As4BFuz8feFabu5JnsNut8MN_ZKXFmVtZJjWDJWdmOvuhwax7H4p_BJb1LgeRpVn2AH_r7oreOyWkLoUiuU8Qg9ppVq-wHeOOEpswH1Ar2i4cdB29kodeAmRornDVIu6_dQMCf9V5aH7rQDa9QyWuF6EBy7QgJGJ416NEIoDL9zEMl1R9O-aUfgb-4MMXtQBH56ld7ciHcaJmRpFjb2vWiHk-3qfUFXUDV9C849bBw9mvpq5MpMf62KjGLWkPItWViUDORlFPkk0fYHk5N6W9PeDOhGCCqGGa-eoH_VgbcxZW6oOlELA4nRR5P91tdt0Ho0P5v1HLq7QwpGR0FtLA-zLTnTWzVizLVaOYpDlXtenZY54BeyCSEhWoJAwpmbbeqqjiJT80YWe1dPL-NOfbw4i5pRIJqIVYyOJuu2sKXCfNUhx3xpoqkaXkKCTNNBcjDjf5thtbtIcf2gQygWyBHSjp8X6owmeGnMAlVu9PNhFj8sVy1uM8gTfdTefUYvnf10lgPr5BfE9S7sjkyKar_A&lptoken=1717250e108b63bb14d0#
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc
h3=":443"; ma=604800; persist=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 31 Aug 2024 11:41:57 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Sat, 31 Aug 2024 11:41:56 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://m.jampans.com/?utm_medium=bdc3ee0a6c8bbf8d5d237f2140c351143971df2a&np=2&cid=deeuen350ngilbr332dng830&utm_campaign=00806162-39c8-49d9-a4e7-e1855fa4eec2
pragma
no-cache
server
nginx
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-id
7MKHcl90Jz-wEby1I9GkDSfymLfTYdTFfPZTb1qF4MuYIjWqFdoimw==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
Primary Request /
bufferingvideos.com/play/
Redirect Chain
  • https://sizzletrak.com/click?key=f2cc57c9d9fe5e090b3e&subid=M7409267478418686082&pid=655-3e815c8z&partner_id=655
  • https://bufferingvideos.com/play/?camperid=sept89&campaign=sept89&device=Samsung%20SM-A205U&model=SM-A205U&country=GB&city=London&language=en-GB&cid=cr9g31dmjjbc73960q90&topic={topic}
13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bufferingvideos.com/play/?camperid=sept89&campaign=sept89&device=Samsung%20SM-A205U&model=SM-A205U&country=GB&city=London&language=en-GB&cid=cr9g31dmjjbc73960q90&topic={topic}
Requested by
Host: m.jampans.com
URL: https://m.jampans.com/proc.php?7eccc8e9655878f18a70b5d26e3a2988b79d0946
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.122.8.228 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4a069896e2e1ca77a6ce3505ebb972ccd1d68e192bb9197010de9bafec3ae53d

Request headers

Referer
https://m.jampans.com/proc.php?7eccc8e9655878f18a70b5d26e3a2988b79d0946#0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 31 Aug 2024 11:41:58 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

content-length
0
date
Sat, 31 Aug 2024 11:41:58 GMT
location
https://bufferingvideos.com/play/?camperid=sept89&campaign=sept89&device=Samsung SM-A205U&model=SM-A205U&country=GB&city=London&language=en-GB&cid=cr9g31dmjjbc73960q90&topic={topic}
server
Caddy
x-request-id
d9b8d73b-d757-4662-96f2-bcdff70a9f69
gift.png
bufferingvideos.com/play/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bufferingvideos.com/play/gift.png
Requested by
Host: bufferingvideos.com
URL: https://bufferingvideos.com/play/?camperid=sept89&campaign=sept89&device=Samsung%20SM-A205U&model=SM-A205U&country=GB&city=London&language=en-GB&cid=cr9g31dmjjbc73960q90&topic={topic}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.122.8.228 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b9d8f03d4064cd127779902f0b76a51772ff5dbd9edd905d2e16fa18a113338d

Request headers

Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Sat, 31 Aug 2024 11:41:58 GMT
Last-Modified
Tue, 06 Aug 2024 21:06:59 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"66b29073-1dfc"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7676
ODelI1aHBYDBqgeIAH2zlNV_2ngZ8dMf8fLgjYEouxg.woff2
bufferingvideos.com/play/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bufferingvideos.com/play/ODelI1aHBYDBqgeIAH2zlNV_2ngZ8dMf8fLgjYEouxg.woff2
Requested by
Host: bufferingvideos.com
URL: https://bufferingvideos.com/play/?camperid=sept89&campaign=sept89&device=Samsung%20SM-A205U&model=SM-A205U&country=GB&city=London&language=en-GB&cid=cr9g31dmjjbc73960q90&topic={topic}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.122.8.228 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2

Request headers

Referer
https://bufferingvideos.com/play/?camperid=sept89&campaign=sept89&device=Samsung%20SM-A205U&model=SM-A205U&country=GB&city=London&language=en-GB&cid=cr9g31dmjjbc73960q90&topic={topic}
Origin
https://bufferingvideos.com
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Sat, 31 Aug 2024 11:41:58 GMT
Last-Modified
Tue, 06 Aug 2024 21:06:59 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"66b29073-3e24"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15908
favicon.ico
bufferingvideos.com/ 		564 B
392 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bufferingvideos.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
134.122.8.228 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Sat, 31 Aug 2024 11:41:58 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Domain/Path Name / Value
.trk.signupclicks.com/ Name: cep-v4
Value: cRiO9d9aOQvmg2rjqV76As4BFuz8feFabu5JnsNut8MN_ZKXFmVtZJjWDJWdmOvuhwax7H4p_BJb1LgeRpVn2AH_r7oreOyWkLoUiuU8Qg9ppVq-wHeOOEpswH1Ar2i4cdB29kodeAmRornDVIu6_dQMCf9V5aH7rQDa9QyWuF6EBy7QgJGJ416NEIoDL9zEMl1R9O-aUfgb-4MMXtQBH56ld7ciHcaJmRpFjb2vWiHk-3qfUFXUDV9C849bBw9mvpq5MpMf62KjGLWkPItWViUDORlFPkk0fYHk5N6W9PeDOhGCCqGGa-eoH_VgbcxZW6oOlELA4nRR5P91tdt0Ho0P5v1HLq7QwpGR0FtLA-zLTnTWzVizLVaOYpDlXtenZY54BeyCSEhWoJAwpmbbeqqjiJT80YWe1dPL-NOfbw4i5pRIJqIVYyOJuu2sKXCfNUhx3xpoqkaXkKCTNNBcjDjf5thtbtIcf2gQygWyBHSjp8X6owmeGnMAlVu9PNhFj8sVy1uM8gTfdTefUYvnf10lgPr5BfE9S7sjkyKar_A
uidsync.net/ Name: rauid
Value: oLp55WY8U4dTyzftUOL2FI
.trk.signupclicks.com/ Name: voluum-cid-v4
Value: %7B%22cid%22%3A%22deeuen350ngilbr332dng830%22%2C%22caid%22%3A%2200806162-39c8-49d9-a4e7-e1855fa4eec2%22%7D
.trk.signupclicks.com/ Name: 00806162-39c8-49d9-a4e7-e1855fa4eec2-clk-v4
Value: 00806162-39c8-49d9-a4e7-e1855fa4eec2
.trk.signupclicks.com/ Name: 00806162-39c8-49d9-a4e7-e1855fa4eec2-v4
Value: EVmfrnWoASwKdoMu7hr4V-CshS-9ZHzO-xeI7tyWf48
sizzletrak.com/ Name: uclick
Value: zOjcxltdaN81guqlbWCYvrR2dzaYRqWzEAi2PsX866ixEFEzxtBISU+wI7bed4PMBecm+Q==
sizzletrak.com/ Name: bcid
Value: cr9g31dmjjbc73960q90
sizzletrak.com/ Name: cid
Value: cr9g31dmjjbc73960q90

2 Console Messages

Source Level URL
Text
network error URL: https://allowclicks.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://bufferingvideos.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)