click.affcrunch.com Open in urlscan Pro
54.171.86.53 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wwwgretawire.com/link.php?M=2210164&N=452&L=237&F=H
Effective URL:
https://click.affcrunch.com/aff_r?offer_id=1442&aff_id=1734&url=https%3A%2F%2Fcarbonfx.net%2F%3Ftid%3D102059f0c9636d113bec41...
Submission: On February 13 via manual (February 13th 2018, 11:29:37 am UTC) from PL

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 13 domains to perform 20 HTTP transactions. The main IP is 54.171.86.53, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is click.affcrunch.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 30th 2018. Valid for: a year.

This is the only time click.affcrunch.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	69.64.36.67 69.64.36.67	30083 (HEG-US) (HEG-US - HEG US Inc.)
1	108.167.146.228 108.167.146.228	20013 (CYRUSONE) (CYRUSONE - CyrusOne LLC)
2 2	50.97.212.251 50.97.212.251	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
2	50.23.66.138 50.23.66.138	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
2	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE - Google LLC)
2	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE - Google LLC)
4	31.13.92.14 31.13.92.14	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	172.217.22.68 172.217.22.68	15169 (GOOGLE) (GOOGLE - Google LLC)
2	216.58.207.67 216.58.207.67	15169 (GOOGLE) (GOOGLE - Google LLC)
4	157.240.20.35 157.240.20.35	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 1	46.51.195.220 46.51.195.220	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.171.86.53 54.171.86.53	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
20	9

1 69.64.36.67 (Saint Louis, United States) 1 redirects

ASN30083 (HEG-US - HEG US Inc., US)
PTR: wwwgretawire.com

wwwgretawire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.167.146.228 (Houston, United States)

ASN20013 (CYRUSONE - CyrusOne LLC, US)

www.financereportsgroup.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.97.212.251 (San Jose, United States) 2 redirects

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: fb.d4.6132.ip4.static.sl-reverse.com

cdnvplin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trkrbst.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.23.66.138 (San Jose, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: clkmr.com

www.clkmr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.130 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.13.92.14 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.68 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f68.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.207.67 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.20.35 (Menlo Park, United States)

ASN32934 (FACEBOOK - Facebook, Inc., US)
PTR: edge-star-mini-shv-02-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.51.195.220 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-46-51-195-220.eu-west-1.compute.amazonaws.com

zap.btdx99.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.86.53 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-86-53.eu-west-1.compute.amazonaws.com

click.affcrunch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	facebook.com www.facebook.com	731 B
4	facebook.net connect.facebook.net	54 KB
2	google.de www.google.de	214 B
2	google.com www.google.com	214 B
2	doubleclick.net googleads.g.doubleclick.net	2 KB
2	googleadservices.com www.googleadservices.com	14 KB
2	clkmr.com www.clkmr.com	4 KB
1	affcrunch.com click.affcrunch.com	514 B
1	btdx99.com 1 redirects zap.btdx99.com	2 KB
1	trkrbst.click 1 redirects trkrbst.click	890 B
1	cdnvplin.com 1 redirects cdnvplin.com	854 B
1	financereportsgroup.tech www.financereportsgroup.tech	505 B
1	wwwgretawire.com 1 redirects wwwgretawire.com	389 B
20	13

	Domain	Requested by
4	www.facebook.com	www.clkmr.com
4	connect.facebook.net	www.clkmr.com
2	www.google.de	www.clkmr.com
2	www.google.com	www.clkmr.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	www.googleadservices.com	www.clkmr.com
2	www.clkmr.com
1	click.affcrunch.com
1	zap.btdx99.com	1 redirects
1	trkrbst.click	1 redirects
1	cdnvplin.com	1 redirects
1	www.financereportsgroup.tech
1	wwwgretawire.com	1 redirects
20	13

This site contains no links.

Subject Issuer	Validity	Valid
*.affcrunch.com Go Daddy Secure Certificate Authority - G2	`2018-01-30` - `2019-02-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://click.affcrunch.com/aff_r?offer_id=1442&aff_id=1734&url=https%3A%2F%2Fcarbonfx.net%2F%3Ftid%3D102059f0c9636d113bec411de18c71%26aff_id%3D1734%26pop%3D0&urlauth=600532446838938498662454381050
Frame ID: (E79B07EF4F7D65AA47882FC8301F88CA)
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://wwwgretawire.com/link.php?M=2210164&N=452&L=237&F=H HTTP 302
http://www.financereportsgroup.tech/freshleads/cm.php?form=638147&parm=ixlyesrq&email=misiu3111@vp.pl&name=Piotr... Page URL
http://cdnvplin.com/ixlyesrq?source=indjas-057&s1=indjas-057&p1=&s=indjas-057 HTTP 302
http://www.clkmr.com/redir.cgi?rid=59436&urlid=515674&s1=&s2=&s3=&s4=&s5=&url=http%3a%2f%2ftrkrbs... Page URL
http://trkrbst.click/dwskphhl?&source=indjas-057&s1=indjas-057&p1=&s=indjas-057 HTTP 302
http://www.clkmr.com/redir.cgi?rid=60771&urlid=709713&s1=&s2=&s3=&s4=&s5=&url=https%3a%2f%2fzap.b... Page URL
https://zap.btdx99.com/aff_c?offer_id=1442&aff_id=1734&&&source=indjas-057&s1=indjas-057&p1=&s=indj... HTTP 302
https://click.affcrunch.com/aff_r?offer_id=1442&aff_id=1734&url=https%3A%2F%2Fcarbonfx.net%2F%3Ftid%3D10... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

20
Requests

5 %
HTTPS

0 %
IPv6

13
Domains

13
Subdomains

9
IPs

2
Countries

77 kB
Transfer

232 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wwwgretawire.com/link.php?M=2210164&N=452&L=237&F=H HTTP 302
http://www.financereportsgroup.tech/freshleads/cm.php?form=638147&parm=ixlyesrq&email=misiu3111@vp.pl&name=Piotr&source=indjas-057&s1=indjas-057 Page URL
http://cdnvplin.com/ixlyesrq?source=indjas-057&s1=indjas-057&p1=&s=indjas-057 HTTP 302
http://www.clkmr.com/redir.cgi?rid=59436&urlid=515674&s1=&s2=&s3=&s4=&s5=&url=http%3a%2f%2ftrkrbst.click%2fdwskphhl%3f%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1 Page URL
http://trkrbst.click/dwskphhl?&source=indjas-057&s1=indjas-057&p1=&s=indjas-057 HTTP 302
http://www.clkmr.com/redir.cgi?rid=60771&urlid=709713&s1=&s2=&s3=&s4=&s5=&url=https%3a%2f%2fzap.btdx99.com%2faff_c%3foffer_id%3d1442%26aff_id%3d1734%26%26%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1 Page URL
https://zap.btdx99.com/aff_c?offer_id=1442&aff_id=1734&&&source=indjas-057&s1=indjas-057&p1=&s=indjas-057 HTTP 302
https://click.affcrunch.com/aff_r?offer_id=1442&aff_id=1734&url=https%3A%2F%2Fcarbonfx.net%2F%3Ftid%3D102059f0c9636d113bec411de18c71%26aff_id%3D1734%26pop%3D0&urlauth=600532446838938498662454381050 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://wwwgretawire.com/link.php?M=2210164&N=452&L=237&F=H HTTP 302
http://www.financereportsgroup.tech/freshleads/cm.php?form=638147&parm=ixlyesrq&email=misiu3111@vp.pl&name=Piotr&source=indjas-057&s1=indjas-057

Request Chain 1

http://cdnvplin.com/ixlyesrq?source=indjas-057&s1=indjas-057&p1=&s=indjas-057 HTTP 302
http://www.clkmr.com/redir.cgi?rid=59436&urlid=515674&s1=&s2=&s3=&s4=&s5=&url=http%3a%2f%2ftrkrbst.click%2fdwskphhl%3f%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1

Request Chain 4

http://connect.facebook.net/en_US/fbevents.js HTTP 307
https://connect.facebook.net/en_US/fbevents.js

Request Chain 5

http://connect.facebook.net/signals/config/532819670151775?v=2.8.11&r=stable HTTP 307
https://connect.facebook.net/signals/config/532819670151775?v=2.8.11&r=stable

Request Chain 10

http://trkrbst.click/dwskphhl?&source=indjas-057&s1=indjas-057&p1=&s=indjas-057 HTTP 302
http://www.clkmr.com/redir.cgi?rid=60771&urlid=709713&s1=&s2=&s3=&s4=&s5=&url=https%3a%2f%2fzap.btdx99.com%2faff_c%3foffer_id%3d1442%26aff_id%3d1734%26%26%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1

Request Chain 13

http://connect.facebook.net/en_US/fbevents.js HTTP 307
https://connect.facebook.net/en_US/fbevents.js

Request Chain 16

http://connect.facebook.net/signals/config/532819670151775?v=2.8.11&r=stable HTTP 307
https://connect.facebook.net/signals/config/532819670151775?v=2.8.11&r=stable

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

cm.php
www.financereportsgroup.tech/freshleads/
Redirect Chain

http://wwwgretawire.com/link.php?M=2210164&N=452&L=237&F=H
http://www.financereportsgroup.tech/freshleads/cm.php?form=638147&parm=ixlyesrq&email=misiu3111@vp.pl&name=Piotr&source=indjas-057&s1=indjas-057

364 B
505 B

684ms
201ms

Document
text/html

108.167.146.228
CyrusOne LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.financereportsgroup.tech/freshleads/cm.php?form=638147&parm=ixlyesrq&email=misiu3111@vp.pl&name=Piotr&source=indjas-057&s1=indjas-057
Protocol: HTTP/1.1
Server: 108.167.146.228 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection: keep-alive
Accept-Encoding: gzip, deflate
Host: www.financereportsgroup.tech
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Feb 2018 11:29:23 GMT
Content-Encoding: gzip
Server: nginx/1.12.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 13 Feb 2018 11:29:22 GMT
MS-Author-Via: DAV
Server: nginx
X-Powered-By: PHP/5.4.16 PleskLin
Transfer-Encoding: chunked
Content-Type: text/html
Location: http://www.financereportsgroup.tech/freshleads/cm.php?form=638147&parm=ixlyesrq&email=misiu3111@vp.pl&name=Piotr&source=indjas-057&s1=indjas-057
Connection: keep-alive

GET
H/1.1

200
OK

redir.cgi Show response
www.clkmr.com/
Redirect Chain

http://cdnvplin.com/ixlyesrq?source=indjas-057&s1=indjas-057&p1=&s=indjas-057
http://www.clkmr.com/redir.cgi?rid=59436&urlid=515674&s1=&s2=&s3=&s4=&s5=&url=http%3a%2f%2ftrkrbst.click%2fdwskphhl%3f%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1

1 KB
2 KB

324ms
166ms

Document
text/html

50.23.66.138
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.clkmr.com/redir.cgi?rid=59436&urlid=515674&s1=&s2=&s3=&s4=&s5=&url=http%3a%2f%2ftrkrbst.click%2fdwskphhl%3f%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1

Protocol

HTTP/1.1

Server

50.23.66.138 San Jose, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

clkmr.com

Software

nginx /

Resource Hash

1334cd4bed404dcb0c37db3015e42bffd710247d432fa85ad90c0dd7ad2b5165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.clkmr.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.financereportsgroup.tech/freshleads/cm.php?form=638147&parm=ixlyesrq&email=misiu3111@vp.pl&name=Piotr&source=indjas-057&s1=indjas-057
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.financereportsgroup.tech/freshleads/cm.php?form=638147&parm=ixlyesrq&email=misiu3111@vp.pl&name=Piotr&source=indjas-057&s1=indjas-057
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Feb 2018 11:29:25 GMT
X-CM-FE: httpfe-02.clickmagick.com
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See http://www.clkmr.com for more info."
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
X-XSS-Protection: 1; mode=block
Server: nginx

Redirect headers

Date: Tue, 13 Feb 2018 11:29:25 GMT
X-CM-FE: httpfe-01.clickmagick.com
Server: nginx
P3P: CP="This is not a P3P policy! See http://www.clkmr.com for more info."
Location: http://www.clkmr.com/redir.cgi?rid=59436&urlid=515674&s1=&s2=&s3=&s4=&s5=&url=http%3a%2f%2ftrkrbst.click%2fdwskphhl%3f%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
Set-Cookie: alc=1; expires=Tue Feb 13 11:29:30 2018; path=/; ridv=59436+; expires=Wed Feb 13 11:29:25 2019; path=/; vid=132760649; expires=Wed Feb 13 11:29:25 2019; path=/; rurl59436=; expires=Mon Feb 12 11:29:25 2018; path=/;
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 407
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK conversion.js Show response
www.googleadservices.com/pagead/ 18 KB
7 KB 28ms
27ms Script
text/javascript 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.clkmr.com
URL: http://www.clkmr.com/redir.cgi?rid=59436&urlid=515674&s1=&s2=&s3=&s4=&s5=&url=http%3a%2f%2ftrkrbst.click%2fdwskphhl%3f%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1

Protocol

HTTP/1.1

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

98786c449e5a4b389780e3f5363ec29ba2d67e3b0399a73a2a944a9b0a6261ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.clkmr.com/redir.cgi?rid=59436&urlid=515674&s1=&s2=&s3=&s4=&s5=&url=http%3a%2f%2ftrkrbst.click%2fdwskphhl%3f%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 13 Feb 2018 11:29:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 1139595683204754379
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 6782
X-XSS-Protection: 1; mode=block
Expires: Tue, 13 Feb 2018 11:29:25 GMT

GET
S 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/857511882/ 3 KB
1 KB 15ms
15ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/857511882/?random=1518521365634&cv=9&fst=1518521365634&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fwww.clkmr.com%2Fredir.cgi%3Frid%3D59436%26urlid%3D515674%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3D%26url%3Dhttp%253a%252f%252ftrkrbst.click%252fdwskphhl%253f%2526source%253dindjas-057%2526s1%253dindjas-057%2526p1%253d%2526s%253dindjas-057%26pixel%3D1&ref=http%3A%2F%2Fwww.financereportsgroup.tech%2Ffreshleads%2Fcm.php%3Fform%3D638147%26parm%3Dixlyesrq%26email%3Dmisiu3111%40vp.pl%26name%3DPiotr%26source%3Dindjas-057%26s1%3Dindjas-057&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion.js

Protocol

SPDY

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e8f0e5c91411901425ca9faf79759c6e53e6fcc758d8f4c2b10025b96cc6b843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.clkmr.com/redir.cgi?rid=59436&urlid=515674&s1=&s2=&s3=&s4=&s5=&url=http%3a%2f%2ftrkrbst.click%2fdwskphhl%3f%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2018 11:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1049
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

fbevents.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/fbevents.js
https://connect.facebook.net/en_US/fbevents.js

38 KB
12 KB

6ms
6ms

Script
application/x-javascript

31.13.92.14
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

SPDY

Server

31.13.92.14 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

fbf5a2df1e1aeefea9f3b91903b8cf0d2bd6d430f5a9c662410b96926e6182c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://www.clkmr.com/redir.cgi?rid=59436&urlid=515674&s1=&s2=&s3=&s4=&s5=&url=http%3a%2f%2ftrkrbst.click%2fdwskphhl%3f%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 12279
x-xss-protection: 0
pragma: private
x-fb-debug: lrZSNL2nrDdhOl0r+kFg82qP9xB5IR3H2ORLWyqxOS0+MyYrg4vvmwlQ3YNHud89WFxN9YkEQR+9H2oj/OrygA==
date: Tue, 13 Feb 2018 11:29:25 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/fbevents.js
Non-Authoritative-Reason: HSTS

GET
S

200

532819670151775 Show response
connect.facebook.net/signals/config/
Redirect Chain

http://connect.facebook.net/signals/config/532819670151775?v=2.8.11&r=stable
https://connect.facebook.net/signals/config/532819670151775?v=2.8.11&r=stable

56 KB
15 KB

6ms
6ms

Script
application/x-javascript

31.13.92.14
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/532819670151775?v=2.8.11&r=stable

Requested by

Protocol

SPDY

Server

31.13.92.14 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

23c73c5aceef10f2115c20f82ccee6e369a07576b99f5be450ffe12d4f815c2d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://www.clkmr.com/redir.cgi?rid=59436&urlid=515674&s1=&s2=&s3=&s4=&s5=&url=http%3a%2f%2ftrkrbst.click%2fdwskphhl%3f%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 15232
x-xss-protection: 0
pragma: public
x-fb-debug: vOG3XUDl6lYcPKeHKhZrWsAgr0kV7SmKqzncd0WJVNjVV1h8bdbg/RaTj+hRE+O+pGPkndC3m1aN3kbPJAU32w==
x-frame-options: DENY
date: Tue, 13 Feb 2018 11:29:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

Location: https://connect.facebook.net/signals/config/532819670151775?v=2.8.11&r=stable
Non-Authoritative-Reason: HSTS

GET
S 200 /
www.google.com/ads/user-lists/857511882/ 42 B
107 B 15ms
14ms Image
image/gif 172.217.22.68
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/user-lists/857511882/?random=1518521365634&cv=9&fst=1518519600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fwww.clkmr.com%2Fredir.cgi%3Frid%3D59436%26urlid%3D515674%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3D%26url%3Dhttp%253a%252f%252ftrkrbst.click%252fdwskphhl%253f%2526source%253dindjas-057%2526s1%253dindjas-057%2526p1%253d%2526s%253dindjas-057%26pixel%3D1&ref=http%3A%2F%2Fwww.financereportsgroup.tech%2Ffreshleads%2Fcm.php%3Fform%3D638147%26parm%3Dixlyesrq%26email%3Dmisiu3111%40vp.pl%26name%3DPiotr%26source%3Dindjas-057%26s1%3Dindjas-057&fmt=3&cdct=2&is_vtc=1&random=1923066032&rmt_tld=0&ipr=y

Requested by

Protocol

SPDY

Server

172.217.22.68 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f68.1e100.net

Software

adclick_server /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.clkmr.com/redir.cgi?rid=59436&urlid=515674&s1=&s2=&s3=&s4=&s5=&url=http%3a%2f%2ftrkrbst.click%2fdwskphhl%3f%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2018 11:29:25 GMT
x-content-type-options: nosniff
server: adclick_server
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 /
www.google.de/ads/user-lists/857511882/ 42 B
107 B 14ms
14ms Image
image/gif 216.58.207.67
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/user-lists/857511882/?random=1518521365634&cv=9&fst=1518519600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fwww.clkmr.com%2Fredir.cgi%3Frid%3D59436%26urlid%3D515674%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3D%26url%3Dhttp%253a%252f%252ftrkrbst.click%252fdwskphhl%253f%2526source%253dindjas-057%2526s1%253dindjas-057%2526p1%253d%2526s%253dindjas-057%26pixel%3D1&ref=http%3A%2F%2Fwww.financereportsgroup.tech%2Ffreshleads%2Fcm.php%3Fform%3D638147%26parm%3Dixlyesrq%26email%3Dmisiu3111%40vp.pl%26name%3DPiotr%26source%3Dindjas-057%26s1%3Dindjas-057&fmt=3&cdct=2&is_vtc=1&random=1923066032&rmt_tld=1&ipr=y

Requested by

Protocol

SPDY

Server

216.58.207.67 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f3.1e100.net

Software

adclick_server /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.clkmr.com/redir.cgi?rid=59436&urlid=515674&s1=&s2=&s3=&s4=&s5=&url=http%3a%2f%2ftrkrbst.click%2fdwskphhl%3f%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2018 11:29:25 GMT
x-content-type-options: nosniff
server: adclick_server
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
245 B 6ms
6ms Image
image/gif 157.240.20.35
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=532819670151775&ev=PageView&dl=http%3A%2F%2Fwww.clkmr.com%2Fredir.cgi%3Frid%3D59436%26urlid%3D515674%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3D%26url%3Dhttp%253a%252f%252ftrkrbst.click%252fdwskphhl%253f%2526source%253dindjas-057%2526s1%253dindjas-057%2526p1%253d%2526s%253dindjas-057%26pixel%3D1&rl=http%3A%2F%2Fwww.financereportsgroup.tech%2Ffreshleads%2Fcm.php%3Fform%3D638147%26parm%3Dixlyesrq%26email%3Dmisiu3111%40vp.pl%26name%3DPiotr%26source%3Dindjas-057%26s1%3Dindjas-057&if=false&ts=1518521365673&sw=1600&sh=1200&v=2.8.11&r=stable&ec=0&o=28&it=1518521365652
Requested by: Host: www.clkmr.com
URL: http://www.clkmr.com/redir.cgi?rid=59436&urlid=515674&s1=&s2=&s3=&s4=&s5=&url=http%3a%2f%2ftrkrbst.click%2fdwskphhl%3f%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
Protocol: SPDY
Server: 157.240.20.35 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS: edge-star-mini-shv-02-frt3.facebook.com
Software: proxygen /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: http://www.clkmr.com/redir.cgi?rid=59436&urlid=515674&s1=&s2=&s3=&s4=&s5=&url=http%3a%2f%2ftrkrbst.click%2fdwskphhl%3f%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 11:29:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 13 Feb 2018 11:29:25 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
244 B 6ms
6ms Image
image/gif 157.240.20.35
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=532819670151775&ev=Microdata&dl=http%3A%2F%2Fwww.clkmr.com%2Fredir.cgi%3Frid%3D59436%26urlid%3D515674%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3D%26url%3Dhttp%253a%252f%252ftrkrbst.click%252fdwskphhl%253f%2526source%253dindjas-057%2526s1%253dindjas-057%2526p1%253d%2526s%253dindjas-057%26pixel%3D1&rl=http%3A%2F%2Fwww.financereportsgroup.tech%2Ffreshleads%2Fcm.php%3Fform%3D638147%26parm%3Dixlyesrq%26email%3Dmisiu3111%40vp.pl%26name%3DPiotr%26source%3Dindjas-057%26s1%3Dindjas-057&if=false&ts=1518521367175&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[DataLayer]=%5B%5D&sw=1600&sh=1200&v=2.8.11&r=stable&o=28
Protocol: SPDY
Server: 157.240.20.35 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS: edge-star-mini-shv-02-frt3.facebook.com
Software: proxygen /
Resource Hash

Request headers

Referer: http://www.clkmr.com/redir.cgi?rid=59436&urlid=515674&s1=&s2=&s3=&s4=&s5=&url=http%3a%2f%2ftrkrbst.click%2fdwskphhl%3f%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 11:29:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 13 Feb 2018 11:29:27 GMT

GET
H/1.1

200
OK

redir.cgi Show response
www.clkmr.com/
Redirect Chain

http://trkrbst.click/dwskphhl?&source=indjas-057&s1=indjas-057&p1=&s=indjas-057
http://www.clkmr.com/redir.cgi?rid=60771&urlid=709713&s1=&s2=&s3=&s4=&s5=&url=https%3a%2f%2fzap.btdx99.com%2faff_c%3foffer_id%3d1442%26aff_id%3d1734%26%26%26source%3dindjas-057%26s1%3dindjas-057%26...

1 KB
2 KB

167ms
166ms

Document
text/html

50.23.66.138
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.clkmr.com/redir.cgi?rid=60771&urlid=709713&s1=&s2=&s3=&s4=&s5=&url=https%3a%2f%2fzap.btdx99.com%2faff_c%3foffer_id%3d1442%26aff_id%3d1734%26%26%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1

Protocol

HTTP/1.1

Server

50.23.66.138 San Jose, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

clkmr.com

Software

nginx /

Resource Hash

ee4f216e5ec3b719b656a6b75f961fefd195a1d4f776a18f6b67c9a0ce25b807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.clkmr.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.clkmr.com/redir.cgi?rid=59436&urlid=515674&s1=&s2=&s3=&s4=&s5=&url=http%3a%2f%2ftrkrbst.click%2fdwskphhl%3f%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.clkmr.com/redir.cgi?rid=59436&urlid=515674&s1=&s2=&s3=&s4=&s5=&url=http%3a%2f%2ftrkrbst.click%2fdwskphhl%3f%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 13 Feb 2018 11:29:27 GMT
X-CM-FE: httpfe-02.clickmagick.com
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See http://www.clkmr.com for more info."
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
X-XSS-Protection: 1; mode=block
Server: nginx

Redirect headers

Date: Tue, 13 Feb 2018 11:29:26 GMT
X-CM-FE: httpfe-01.clickmagick.com
Server: nginx
P3P: CP="This is not a P3P policy! See http://www.clkmr.com for more info."
Location: http://www.clkmr.com/redir.cgi?rid=60771&urlid=709713&s1=&s2=&s3=&s4=&s5=&url=https%3a%2f%2fzap.btdx99.com%2faff_c%3foffer_id%3d1442%26aff_id%3d1734%26%26%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
Set-Cookie: alc=1; expires=Tue Feb 13 11:29:31 2018; path=/; ridv=60771+; expires=Wed Feb 13 11:29:26 2019; path=/; vid=132760655; expires=Wed Feb 13 11:29:26 2019; path=/; rurl60771=; expires=Mon Feb 12 11:29:26 2018; path=/;
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 443
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK conversion.js Show response
www.googleadservices.com/pagead/ 18 KB
7 KB 26ms
26ms Script
text/javascript 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.clkmr.com
URL: http://www.clkmr.com/redir.cgi?rid=60771&urlid=709713&s1=&s2=&s3=&s4=&s5=&url=https%3a%2f%2fzap.btdx99.com%2faff_c%3foffer_id%3d1442%26aff_id%3d1734%26%26%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1

Protocol

HTTP/1.1

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

98786c449e5a4b389780e3f5363ec29ba2d67e3b0399a73a2a944a9b0a6261ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.clkmr.com/redir.cgi?rid=60771&urlid=709713&s1=&s2=&s3=&s4=&s5=&url=https%3a%2f%2fzap.btdx99.com%2faff_c%3foffer_id%3d1442%26aff_id%3d1734%26%26%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 13 Feb 2018 11:29:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 1139595683204754379
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 6782
X-XSS-Protection: 1; mode=block
Expires: Tue, 13 Feb 2018 11:29:27 GMT

GET
S 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/857511882/ 3 KB
1 KB 15ms
15ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/857511882/?random=1518521367234&cv=9&fst=1518521367234&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fwww.clkmr.com%2Fredir.cgi%3Frid%3D60771%26urlid%3D709713%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3D%26url%3Dhttps%253a%252f%252fzap.btdx99.com%252faff_c%253foffer_id%253d1442%2526aff_id%253d1734%2526%2526%2526source%253dindjas-057%2526s1%253dindjas-057%2526p1%253d%2526s%253dindjas-057%26pixel%3D1&ref=http%3A%2F%2Fwww.clkmr.com%2Fredir.cgi%3Frid%3D59436%26urlid%3D515674%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3D%26url%3Dhttp%253a%252f%252ftrkrbst.click%252fdwskphhl%253f%2526source%253dindjas-057%2526s1%253dindjas-057%2526p1%253d%2526s%253dindjas-057%26pixel%3D1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion.js

Protocol

SPDY

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

4ccb9311127fb2944afb4e17e4857d989a78b858f1bac231af27ffc0ea464ecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.clkmr.com/redir.cgi?rid=60771&urlid=709713&s1=&s2=&s3=&s4=&s5=&url=https%3a%2f%2fzap.btdx99.com%2faff_c%3foffer_id%3d1442%26aff_id%3d1734%26%26%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2018 11:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1018
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

fbevents.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/fbevents.js
https://connect.facebook.net/en_US/fbevents.js

38 KB
12 KB

6ms
6ms

Script
application/x-javascript

31.13.92.14
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

SPDY

Server

31.13.92.14 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

fbf5a2df1e1aeefea9f3b91903b8cf0d2bd6d430f5a9c662410b96926e6182c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://www.clkmr.com/redir.cgi?rid=60771&urlid=709713&s1=&s2=&s3=&s4=&s5=&url=https%3a%2f%2fzap.btdx99.com%2faff_c%3foffer_id%3d1442%26aff_id%3d1734%26%26%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 12279
x-xss-protection: 0
pragma: private
x-fb-debug: lrZSNL2nrDdhOl0r+kFg82qP9xB5IR3H2ORLWyqxOS0+MyYrg4vvmwlQ3YNHud89WFxN9YkEQR+9H2oj/OrygA==
date: Tue, 13 Feb 2018 11:29:27 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/fbevents.js
Non-Authoritative-Reason: HSTS

GET
S 200 /
www.google.com/ads/user-lists/857511882/ 42 B
107 B 19ms
19ms Image
image/gif 172.217.22.68
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/user-lists/857511882/?random=1518521367234&cv=9&fst=1518519600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fwww.clkmr.com%2Fredir.cgi%3Frid%3D60771%26urlid%3D709713%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3D%26url%3Dhttps%253a%252f%252fzap.btdx99.com%252faff_c%253foffer_id%253d1442%2526aff_id%253d1734%2526%2526%2526source%253dindjas-057%2526s1%253dindjas-057%2526p1%253d%2526s%253dindjas-057%26pixel%3D1&ref=http%3A%2F%2Fwww.clkmr.com%2Fredir.cgi%3Frid%3D59436%26urlid%3D515674%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3D%26url%3Dhttp%253a%252f%252ftrkrbst.click%252fdwskphhl%253f%2526source%253dindjas-057%2526s1%253dindjas-057%2526p1%253d%2526s%253dindjas-057%26pixel%3D1&fmt=3&cdct=2&is_vtc=1&random=507567451&rmt_tld=0&ipr=y

Requested by

Protocol

SPDY

Server

172.217.22.68 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f68.1e100.net

Software

adclick_server /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.clkmr.com/redir.cgi?rid=60771&urlid=709713&s1=&s2=&s3=&s4=&s5=&url=https%3a%2f%2fzap.btdx99.com%2faff_c%3foffer_id%3d1442%26aff_id%3d1734%26%26%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2018 11:29:27 GMT
x-content-type-options: nosniff
server: adclick_server
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 /
www.google.de/ads/user-lists/857511882/ 42 B
107 B 15ms
15ms Image
image/gif 216.58.207.67
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/user-lists/857511882/?random=1518521367234&cv=9&fst=1518519600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fwww.clkmr.com%2Fredir.cgi%3Frid%3D60771%26urlid%3D709713%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3D%26url%3Dhttps%253a%252f%252fzap.btdx99.com%252faff_c%253foffer_id%253d1442%2526aff_id%253d1734%2526%2526%2526source%253dindjas-057%2526s1%253dindjas-057%2526p1%253d%2526s%253dindjas-057%26pixel%3D1&ref=http%3A%2F%2Fwww.clkmr.com%2Fredir.cgi%3Frid%3D59436%26urlid%3D515674%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3D%26url%3Dhttp%253a%252f%252ftrkrbst.click%252fdwskphhl%253f%2526source%253dindjas-057%2526s1%253dindjas-057%2526p1%253d%2526s%253dindjas-057%26pixel%3D1&fmt=3&cdct=2&is_vtc=1&random=507567451&rmt_tld=1&ipr=y

Requested by

Protocol

SPDY

Server

216.58.207.67 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f3.1e100.net

Software

adclick_server /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.clkmr.com/redir.cgi?rid=60771&urlid=709713&s1=&s2=&s3=&s4=&s5=&url=https%3a%2f%2fzap.btdx99.com%2faff_c%3foffer_id%3d1442%26aff_id%3d1734%26%26%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2018 11:29:27 GMT
x-content-type-options: nosniff
server: adclick_server
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

532819670151775 Show response
connect.facebook.net/signals/config/
Redirect Chain

http://connect.facebook.net/signals/config/532819670151775?v=2.8.11&r=stable
https://connect.facebook.net/signals/config/532819670151775?v=2.8.11&r=stable

56 KB
15 KB

6ms
6ms

Script
application/x-javascript

31.13.92.14
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/532819670151775?v=2.8.11&r=stable

Requested by

Protocol

SPDY

Server

31.13.92.14 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

23c73c5aceef10f2115c20f82ccee6e369a07576b99f5be450ffe12d4f815c2d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://www.clkmr.com/redir.cgi?rid=60771&urlid=709713&s1=&s2=&s3=&s4=&s5=&url=https%3a%2f%2fzap.btdx99.com%2faff_c%3foffer_id%3d1442%26aff_id%3d1734%26%26%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 15232
x-xss-protection: 0
pragma: public
x-fb-debug: vOG3XUDl6lYcPKeHKhZrWsAgr0kV7SmKqzncd0WJVNjVV1h8bdbg/RaTj+hRE+O+pGPkndC3m1aN3kbPJAU32w==
x-frame-options: DENY
date: Tue, 13 Feb 2018 11:29:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

Location: https://connect.facebook.net/signals/config/532819670151775?v=2.8.11&r=stable
Non-Authoritative-Reason: HSTS

GET
S 200 /
www.facebook.com/tr/ 44 B
98 B 6ms
5ms Image
image/gif 157.240.20.35
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=532819670151775&ev=PageView&dl=http%3A%2F%2Fwww.clkmr.com%2Fredir.cgi%3Frid%3D60771%26urlid%3D709713%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3D%26url%3Dhttps%253a%252f%252fzap.btdx99.com%252faff_c%253foffer_id%253d1442%2526aff_id%253d1734%2526%2526%2526source%253dindjas-057%2526s1%253dindjas-057%2526p1%253d%2526s%253dindjas-057%26pixel%3D1&rl=http%3A%2F%2Fwww.clkmr.com%2Fredir.cgi%3Frid%3D59436%26urlid%3D515674%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3D%26url%3Dhttp%253a%252f%252ftrkrbst.click%252fdwskphhl%253f%2526source%253dindjas-057%2526s1%253dindjas-057%2526p1%253d%2526s%253dindjas-057%26pixel%3D1&if=false&ts=1518521367309&sw=1600&sh=1200&v=2.8.11&r=stable&ec=0&o=28&it=1518521367264
Requested by: Host: www.clkmr.com
URL: http://www.clkmr.com/redir.cgi?rid=60771&urlid=709713&s1=&s2=&s3=&s4=&s5=&url=https%3a%2f%2fzap.btdx99.com%2faff_c%3foffer_id%3d1442%26aff_id%3d1734%26%26%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
Protocol: SPDY
Server: 157.240.20.35 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS: edge-star-mini-shv-02-frt3.facebook.com
Software: proxygen /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: http://www.clkmr.com/redir.cgi?rid=60771&urlid=709713&s1=&s2=&s3=&s4=&s5=&url=https%3a%2f%2fzap.btdx99.com%2faff_c%3foffer_id%3d1442%26aff_id%3d1734%26%26%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 11:29:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 13 Feb 2018 11:29:27 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
144 B 6ms
5ms Image
image/gif 157.240.20.35
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=532819670151775&ev=Microdata&dl=http%3A%2F%2Fwww.clkmr.com%2Fredir.cgi%3Frid%3D60771%26urlid%3D709713%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3D%26url%3Dhttps%253a%252f%252fzap.btdx99.com%252faff_c%253foffer_id%253d1442%2526aff_id%253d1734%2526%2526%2526source%253dindjas-057%2526s1%253dindjas-057%2526p1%253d%2526s%253dindjas-057%26pixel%3D1&rl=http%3A%2F%2Fwww.clkmr.com%2Fredir.cgi%3Frid%3D59436%26urlid%3D515674%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3D%26url%3Dhttp%253a%252f%252ftrkrbst.click%252fdwskphhl%253f%2526source%253dindjas-057%2526s1%253dindjas-057%2526p1%253d%2526s%253dindjas-057%26pixel%3D1&if=false&ts=1518521368812&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[DataLayer]=%5B%5D&sw=1600&sh=1200&v=2.8.11&r=stable&o=28
Protocol: SPDY
Server: 157.240.20.35 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS: edge-star-mini-shv-02-frt3.facebook.com
Software: proxygen /
Resource Hash

Request headers

Referer: http://www.clkmr.com/redir.cgi?rid=60771&urlid=709713&s1=&s2=&s3=&s4=&s5=&url=https%3a%2f%2fzap.btdx99.com%2faff_c%3foffer_id%3d1442%26aff_id%3d1734%26%26%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 11:29:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 13 Feb 2018 11:29:28 GMT

GET
H/1.1

200
OK

Primary Request aff_r Show response
click.affcrunch.com/
Redirect Chain

https://zap.btdx99.com/aff_c?offer_id=1442&aff_id=1734&&&source=indjas-057&s1=indjas-057&p1=&s=indjas-057
https://click.affcrunch.com/aff_r?offer_id=1442&aff_id=1734&url=https%3A%2F%2Fcarbonfx.net%2F%3Ftid%3D102059f0c9636d113bec411de18c71%26aff_id%3D1734%26pop%3D0&urlauth=600532446838938498662454381050

256 B
514 B

898ms
45ms

Document
text/html

54.171.86.53
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://click.affcrunch.com/aff_r?offer_id=1442&aff_id=1734&url=https%3A%2F%2Fcarbonfx.net%2F%3Ftid%3D102059f0c9636d113bec411de18c71%26aff_id%3D1734%26pop%3D0&urlauth=600532446838938498662454381050
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.86.53 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-171-86-53.eu-west-1.compute.amazonaws.com
Software: nginx/1.13.6 /
Resource Hash: 2d55ad585ad1df22eebc154ca7ccb403512f6cd7d393037430f1d26bb0d104fd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: click.affcrunch.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.clkmr.com/redir.cgi?rid=60771&urlid=709713&s1=&s2=&s3=&s4=&s5=&url=https%3a%2f%2fzap.btdx99.com%2faff_c%3foffer_id%3d1442%26aff_id%3d1734%26%26%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.clkmr.com/redir.cgi?rid=60771&urlid=709713&s1=&s2=&s3=&s4=&s5=&url=https%3a%2f%2fzap.btdx99.com%2faff_c%3foffer_id%3d1442%26aff_id%3d1734%26%26%26source%3dindjas-057%26s1%3dindjas-057%26p1%3d%26s%3dindjas-057&pixel=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2018 11:29:32 GMT
Server: nginx/1.13.6
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 256
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Feb 2018 11:29:31 GMT
Content-Type: text/html; charset=iso-8859-1
Server: nginx/1.13.6
tracking_id: 102059f0c9636d113bec411de18c71
P3P: CP="NOI CUR OUR NOR INT"
Location: https://click.affcrunch.com/aff_r?offer_id=1442&aff_id=1734&url=https%3A%2F%2Fcarbonfx.net%2F%3Ftid%3D102059f0c9636d113bec411de18c71%26aff_id%3D1734%26pop%3D0&urlauth=600532446838938498662454381050
Set-Cookie: enc_aff_session_1442=ENC034d5d6a83a339c5b9c29744d3befd66b19077d5749cc7ce8b9716fff25fe0f68ca5a86a36f758794b535942697723588963c8386e254111442299e3b796d8598972ee385458a4fe0e8c6af98a49626a1918e106e40e2e369aa596fd41baee0fbd5889916910032220663130347f9ebd5c8bada80deb96c96235dbaca0484251dc51ca382af65a509ffd752eab360c2744a341dd6c109b1c8f2060726c70dc72734b894a38d5a5c1f74eed4f51e01a1eb7f7cf59bebe98faf739d1491d50a0aa182781bd360dd4872b836c92c4ad4369ecc453556a1174b45a37e62bb9245f71d139fe59eb93e40b4a26586bc6af25d393e8d7cff0e2c58ebc90a84c2ee411ae31aa0353e709d9af9519ab710e8f3b5e83eb777a143c6e5933409b22eb918f849a078359df; expires=Sun, 13 May 2018 11:29:31 GMT; path=/; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI2My4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEyXzYpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS82My4wLjMyMzkuODQgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==; expires=Thu, 07 Jan 2021 22:09:31 GMT; path=/;
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 393
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnvplin.com
click.affcrunch.com
connect.facebook.net
googleads.g.doubleclick.net
trkrbst.click
www.clkmr.com
www.facebook.com
www.financereportsgroup.tech
www.google.com
www.google.de
www.googleadservices.com
wwwgretawire.com
zap.btdx99.com
108.167.146.228
157.240.20.35
172.217.22.2
172.217.22.68
172.217.23.130
216.58.207.67
31.13.92.14
46.51.195.220
50.23.66.138
50.97.212.251
54.171.86.53
69.64.36.67
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1334cd4bed404dcb0c37db3015e42bffd710247d432fa85ad90c0dd7ad2b5165
23c73c5aceef10f2115c20f82ccee6e369a07576b99f5be450ffe12d4f815c2d
2d55ad585ad1df22eebc154ca7ccb403512f6cd7d393037430f1d26bb0d104fd
4ccb9311127fb2944afb4e17e4857d989a78b858f1bac231af27ffc0ea464ecd
98786c449e5a4b389780e3f5363ec29ba2d67e3b0399a73a2a944a9b0a6261ae
e8f0e5c91411901425ca9faf79759c6e53e6fcc758d8f4c2b10025b96cc6b843
ee4f216e5ec3b719b656a6b75f961fefd195a1d4f776a18f6b67c9a0ce25b807
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbf5a2df1e1aeefea9f3b91903b8cf0d2bd6d430f5a9c662410b96926e6182c1

click.affcrunch.com Open in urlscan Pro 54.171.86.53 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

5 %HTTPS

0 %IPv6

13 Domains

13 Subdomains

9 IPs

2 Countries

77 kBTransfer

232 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

click.affcrunch.com Open in urlscan Pro
54.171.86.53 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

5 %
HTTPS

0 %
IPv6

13
Domains

13
Subdomains

9
IPs

2
Countries

77 kB
Transfer

232 kB
Size

0
Cookies

20 HTTP transactions
0 data transactions