link.babi.gdn Open in urlscan Pro
52.211.95.198 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clicktime.symantec.com/a/1/07PPuE8OiVXE1oIOsTZ0fBHpXgOCUmYBHbKURsYKrKU=?d=6-gW050Ql92u_MUNmg-K4Ti7gijEiMJQDfHiCA0r-6TV4...
Effective URL:
http://link.babi.gdn/c/1ec0179e4156568c?&%3F%3Fs1=727339329&group_id=483&email=email&cntrl=00000&pid=10044&redid=3231...
Submission: On March 21 via manual (March 21st 2018, 3:17:40 am UTC) from AU

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 5 countries across 6 domains to perform 9 HTTP transactions. The main IP is 52.211.95.198, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is link.babi.gdn.

This is the only time link.babi.gdn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	85.158.139.121 85.158.139.121	21345 (SYMANTEC-EU) (SYMANTEC-EU)
1 1	5.196.133.146 5.196.133.146	16276 (OVH) (OVH)
3	104.24.98.149 104.24.98.149	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 5	104.24.99.149 104.24.99.149	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	192.241.151.40 192.241.151.40	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
1 1	203.189.238.250 203.189.238.250	134833 (LIHGL-HK ...) (LIHGL-HK LANLIAN INTERNATIONAL HOLDING GROUP LIMITED)
1	52.211.95.198 52.211.95.198	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
9	4

1 85.158.139.121 (European Union) 1 redirects

ASN21345 (SYMANTEC-EU, GB)
PTR: ctr.am1.symsaas.net

clicktime.symantec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.196.133.146 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: mail01.blueadrenalin.com

sunshine.blueadrenalin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.24.98.149 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.gagarinspointofview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.24.99.149 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.gagarinspointofview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.241.151.40 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
PTR: ae574.com

tackergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.189.238.250 (China) 1 redirects

ASN134833 (LIHGL-HK LANLIAN INTERNATIONAL HOLDING GROUP LIMITED, HK)

o33lq.5155625.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.95.198 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-211-95-198.eu-west-1.compute.amazonaws.com

link.babi.gdn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	gagarinspointofview.com 1 redirects www.gagarinspointofview.com	127 KB
1	babi.gdn link.babi.gdn	2 KB
1	5155625.com 1 redirects o33lq.5155625.com	416 B
1	tackergy.com tackergy.com	342 B
1	blueadrenalin.com 1 redirects sunshine.blueadrenalin.com	369 B
1	symantec.com 1 redirects clicktime.symantec.com	283 B
9	6

	Domain	Requested by
8	www.gagarinspointofview.com	1 redirects www.gagarinspointofview.com
1	link.babi.gdn
1	o33lq.5155625.com	1 redirects
1	tackergy.com
1	sunshine.blueadrenalin.com	1 redirects
1	clicktime.symantec.com	1 redirects
9	6

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://link.babi.gdn/c/1ec0179e4156568c?&%3F%3Fs1=727339329&group_id=483&email=email&cntrl=00000&pid=10044&redid=32313&gsid=483&campaign_id=165&p_id=10044&id=XNSX.%3A%3A470204-r32313-t483&impid=64dd1568-2cb6-11e8-a06e-fa245441bcee
Frame ID: 7264FE6852EDBCA2F988B4B744BA98D8
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://clicktime.symantec.com/a/1/07PPuE8OiVXE1oIOsTZ0fBHpXgOCUmYBHbKURsYKrKU=?d=6-gW050Ql92u_MUNmg-K4Ti7g... HTTP 307
http://sunshine.blueadrenalin.com/ro9nynajnhaofuygnydc8mkxi HTTP 302
http://www.gagarinspointofview.com/survey/kmseloc/source=6209/subid=e:XgWvqZHgJrksr2prK1rC3g&subid2=blueadrenal... Page URL
http://www.gagarinspointofview.com/urlshort_test/uid_long=7427&tracking_id=11878369&token=sciIoFLo44UV8rqte7S0L... HTTP 302
http://tackergy.com/197d674bbe1dfd7800/3phaZ/ Page URL
http://o33lq.5155625.com/?s1=727339329&s2=470204&kw=470204 HTTP 302
http://link.babi.gdn/c/1ec0179e4156568c?&%3F%3Fs1=727339329&group_id=483&email=email&cntrl=00000&... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Page Statistics

9
Requests

0 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

4
IPs

5
Countries

129 kB
Transfer

358 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clicktime.symantec.com/a/1/07PPuE8OiVXE1oIOsTZ0fBHpXgOCUmYBHbKURsYKrKU=?d=6-gW050Ql92u_MUNmg-K4Ti7gijEiMJQDfHiCA0r-6TV4M5uT9XDw2F7jPpCOBQ8vtno4hqCwp0YKyDM1uZ1Pxn9kLRaCbSiTD4hTjy2Q8P-mJZtlh37b7zAd3jo2WYkiZ6UOaoujSYX6yJltvT2qPVDGsi6eMSHGZ1ztfYmM_hvIiX0uJ5eKh_frh2nrMlRSa89kI50hnxW0V0J8UB5BZPS6h8ZV6wsEcAwakF3YAkxhiHWZeQlRnsGuJHhOg10LsrhDxpGw2syOwPpvx-iVoSxVcVz8DrTMcq7J_hNAaWziHuELYPNFNDSNoV5FLeMMa4toO4nUug9_BePa5e8FMR-IaHKwZdyfdnrg15614QnX7eCkPshaIj47DlNaOvHnUv3MmenqE-yHrfTFTVWPgtAfhXe7B8TWZM%3D&u=http%3A%2F%2Fsunshine.blueadrenalin.com%2Fro9nynajnhaofuygnydc8mkxi HTTP 307
http://sunshine.blueadrenalin.com/ro9nynajnhaofuygnydc8mkxi HTTP 302
http://www.gagarinspointofview.com/survey/kmseloc/source=6209/subid=e:XgWvqZHgJrksr2prK1rC3g&subid2=blueadrenalin.com/nrp=ro9nynajnhaofuygnydc8mkxi Page URL
http://www.gagarinspointofview.com/urlshort_test/uid_long=7427&tracking_id=11878369&token=sciIoFLo44UV8rqte7S0LlMYZwHzGZDjTqDiy1Lw&preview=0&subid_json=eyJzdWJpZDEiOiJlOlhnV3ZxWkhnSnJrc3IycHJLMXJDM2ciLCJzdWJpZCI6ImU6WGdXdnFaSGdKcmtzcjJwcksxckMzZyIsInN1YmlkMiI6ImJsdWVhZHJlbmFsaW4uY29tIn0= HTTP 302
http://tackergy.com/197d674bbe1dfd7800/3phaZ/ Page URL
http://o33lq.5155625.com/?s1=727339329&s2=470204&kw=470204 HTTP 302
http://link.babi.gdn/c/1ec0179e4156568c?&%3F%3Fs1=727339329&group_id=483&email=email&cntrl=00000&pid=10044&redid=32313&gsid=483&campaign_id=165&p_id=10044&id=XNSX.%3A%3A470204-r32313-t483&impid=64dd1568-2cb6-11e8-a06e-fa245441bcee Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://clicktime.symantec.com/a/1/07PPuE8OiVXE1oIOsTZ0fBHpXgOCUmYBHbKURsYKrKU=?d=6-gW050Ql92u_MUNmg-K4Ti7gijEiMJQDfHiCA0r-6TV4M5uT9XDw2F7jPpCOBQ8vtno4hqCwp0YKyDM1uZ1Pxn9kLRaCbSiTD4hTjy2Q8P-mJZtlh37b7zAd3jo2WYkiZ6UOaoujSYX6yJltvT2qPVDGsi6eMSHGZ1ztfYmM_hvIiX0uJ5eKh_frh2nrMlRSa89kI50hnxW0V0J8UB5BZPS6h8ZV6wsEcAwakF3YAkxhiHWZeQlRnsGuJHhOg10LsrhDxpGw2syOwPpvx-iVoSxVcVz8DrTMcq7J_hNAaWziHuELYPNFNDSNoV5FLeMMa4toO4nUug9_BePa5e8FMR-IaHKwZdyfdnrg15614QnX7eCkPshaIj47DlNaOvHnUv3MmenqE-yHrfTFTVWPgtAfhXe7B8TWZM%3D&u=http%3A%2F%2Fsunshine.blueadrenalin.com%2Fro9nynajnhaofuygnydc8mkxi HTTP 307
http://sunshine.blueadrenalin.com/ro9nynajnhaofuygnydc8mkxi HTTP 302
http://www.gagarinspointofview.com/survey/kmseloc/source=6209/subid=e:XgWvqZHgJrksr2prK1rC3g&subid2=blueadrenalin.com/nrp=ro9nynajnhaofuygnydc8mkxi

Request Chain 7

http://www.gagarinspointofview.com/urlshort_test/uid_long=7427&tracking_id=11878369&token=sciIoFLo44UV8rqte7S0LlMYZwHzGZDjTqDiy1Lw&preview=0&subid_json=eyJzdWJpZDEiOiJlOlhnV3ZxWkhnSnJrc3IycHJLMXJDM2ciLCJzdWJpZCI6ImU6WGdXdnFaSGdKcmtzcjJwcksxckMzZyIsInN1YmlkMiI6ImJsdWVhZHJlbmFsaW4uY29tIn0= HTTP 302
http://tackergy.com/197d674bbe1dfd7800/3phaZ/

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set nrp=ro9nynajnhaofuygnydc8mkxi Show response www.gagarinspointofview.com/survey/kmseloc/source=6209/subid=e:XgWvqZHgJrksr2prK1rC3g&subid2=blueadrenalin.com/ Redirect Chain https://clicktime.symantec.com/a/1/07PPuE8OiVXE1oIOsTZ0fBHpXgOCUmYBHbKURsYKrKU=?d=6-gW050Ql92u_MUNmg-K4Ti7gijEiMJQDfHiCA0r-6TV4M5uT9XDw2F7jPpCOBQ8vtno4hqCwp0YKyDM1uZ1Pxn9kLRaCbSiTD4hTjy2Q8P-mJZtlh3... http://sunshine.blueadrenalin.com/ro9nynajnhaofuygnydc8mkxi http://www.gagarinspointofview.com/survey/kmseloc/source=6209/subid=e:XgWvqZHgJrksr2prK1rC3g&subid2=blueadrenalin.com/nrp=ro9nynajnhaofuygnydc8mkxi	5 KB 3 KB	92ms 86ms	Document text/html	104.24.98.149 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.gagarinspointofview.com/survey/kmseloc/source=6209/subid=e:XgWvqZHgJrksr2prK1rC3g&subid2=blueadrenalin.com/nrp=ro9nynajnhaofuygnydc8mkxi Protocol HTTP/1.1 Server 104.24.98.149 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.6.33 Resource Hash `125a1fee5756d4067e3c3a3264462340e5ebe937c8ff1c66996a956f29fd60b1` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.gagarinspointofview.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Cache-Control no-cache Connection keep-alive User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Wed, 21 Mar 2018 03:17:30 GMT Content-Encoding gzip Server cloudflare X-Powered-By PHP/5.6.33 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Set-Cookie __cfduid=d6263b3bbc1ec919b08c1d89c4a18a8251521602250; expires=Thu, 21-Mar-19 03:17:30 GMT; path=/; domain=.gagarinspointofview.com; HttpOnly laravel_session=eyJpdiI6IkptRkREU3dBUkx0U01Hb2pCdkNvOFE9PSIsInZhbHVlIjoiemdBQndiNGp4N0tVNTMxd1Jyb0ErTmpNWGg4UVFXbEFNSXo0N081aGxmcXRVZkRTcHowakxSWE1YK1puXC9PVCtjbUhWN3RWTzhBMStJODNBWmhNMXNnPT0iLCJtYWMiOiIzY2I0MDcyYjkwNGM3ZDY5MDc0NjI5NjE4NTA0ODE1ZjI1Y2JjYTU4NjkyMzg4M2JkNTRhNGMwMWU2OTJiOWJlIn0%3D; expires=Wed, 28-Mar-2018 00:56:30 GMT; Max-Age=596340; path=/; httponly Cache-Control no-cache Transfer-Encoding chunked Connection keep-alive CF-RAY 3fed4412121c266c-FRA Redirect headers Location http://www.gagarinspointofview.com/survey/kmseloc/source=6209/subid=e:XgWvqZHgJrksr2prK1rC3g&subid2=blueadrenalin.com/nrp=ro9nynajnhaofuygnydc8mkxi Date Wed, 21 Mar 2018 03:17:26 GMT Transfer-Encoding chunked Server nginx/1.4.6 (Ubuntu) Connection keep-alive X-Frame-Options SAMEORIGIN Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	jquery.js Show response www.gagarinspointofview.com/js/	278 KB 102 KB	9ms 8ms	Script application/javascript	104.24.98.149 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.gagarinspointofview.com/js/jquery.js Requested by Host: www.gagarinspointofview.com URL: http://www.gagarinspointofview.com/survey/kmseloc/source=6209/subid=e:XgWvqZHgJrksr2prK1rC3g&subid2=blueadrenalin.com/nrp=ro9nynajnhaofuygnydc8mkxi Protocol HTTP/1.1 Server 104.24.98.149 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `2065aecca0fb9b0567358d352ed5f1ab72fce139bf449b4d09805f5d9c3725ed` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.gagarinspointofview.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept / Cache-Control no-cache Cookie __cfduid=d6263b3bbc1ec919b08c1d89c4a18a8251521602250; laravel_session=eyJpdiI6IkptRkREU3dBUkx0U01Hb2pCdkNvOFE9PSIsInZhbHVlIjoiemdBQndiNGp4N0tVNTMxd1Jyb0ErTmpNWGg4UVFXbEFNSXo0N081aGxmcXRVZkRTcHowakxSWE1YK1puXC9PVCtjbUhWN3RWTzhBMStJODNBWmhNMXNnPT0iLCJtYWMiOiIzY2I0MDcyYjkwNGM3ZDY5MDc0NjI5NjE4NTA0ODE1ZjI1Y2JjYTU4NjkyMzg4M2JkNTRhNGMwMWU2OTJiOWJlIn0%3D Connection keep-alive User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Wed, 21 Mar 2018 03:17:30 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Wed, 19 Oct 2016 13:11:54 GMT Server cloudflare ETag W/"5807711a-456ea" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 3fed4412a22d266c-FRA Expires Wed, 21 Mar 2018 07:17:30 GMT
GET H/1.1	200 OK	bootstrap.js Show response www.gagarinspointofview.com/js/	67 KB 18 KB	17ms 11ms	Script application/javascript	104.24.99.149 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.gagarinspointofview.com/js/bootstrap.js Requested by Host: www.gagarinspointofview.com URL: http://www.gagarinspointofview.com/survey/kmseloc/source=6209/subid=e:XgWvqZHgJrksr2prK1rC3g&subid2=blueadrenalin.com/nrp=ro9nynajnhaofuygnydc8mkxi Protocol HTTP/1.1 Server 104.24.99.149 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.gagarinspointofview.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept / Cache-Control no-cache Cookie __cfduid=d6263b3bbc1ec919b08c1d89c4a18a8251521602250; laravel_session=eyJpdiI6IkptRkREU3dBUkx0U01Hb2pCdkNvOFE9PSIsInZhbHVlIjoiemdBQndiNGp4N0tVNTMxd1Jyb0ErTmpNWGg4UVFXbEFNSXo0N081aGxmcXRVZkRTcHowakxSWE1YK1puXC9PVCtjbUhWN3RWTzhBMStJODNBWmhNMXNnPT0iLCJtYWMiOiIzY2I0MDcyYjkwNGM3ZDY5MDc0NjI5NjE4NTA0ODE1ZjI1Y2JjYTU4NjkyMzg4M2JkNTRhNGMwMWU2OTJiOWJlIn0%3D Connection keep-alive User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Wed, 21 Mar 2018 03:17:30 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Wed, 19 Oct 2016 13:11:56 GMT Server cloudflare ETag W/"5807711c-10d1a" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 3fed4412b2d8977a-FRA Expires Wed, 21 Mar 2018 07:17:30 GMT
GET H/1.1	200 OK	jquery.cookie.js Show response www.gagarinspointofview.com/js/plugins/jqueryCookie/	3 KB 2 KB	18ms 13ms	Script application/javascript	104.24.99.149 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.gagarinspointofview.com/js/plugins/jqueryCookie/jquery.cookie.js Requested by Host: www.gagarinspointofview.com URL: http://www.gagarinspointofview.com/survey/kmseloc/source=6209/subid=e:XgWvqZHgJrksr2prK1rC3g&subid2=blueadrenalin.com/nrp=ro9nynajnhaofuygnydc8mkxi Protocol HTTP/1.1 Server 104.24.99.149 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.gagarinspointofview.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept / Cache-Control no-cache Cookie __cfduid=d6263b3bbc1ec919b08c1d89c4a18a8251521602250; laravel_session=eyJpdiI6IkptRkREU3dBUkx0U01Hb2pCdkNvOFE9PSIsInZhbHVlIjoiemdBQndiNGp4N0tVNTMxd1Jyb0ErTmpNWGg4UVFXbEFNSXo0N081aGxmcXRVZkRTcHowakxSWE1YK1puXC9PVCtjbUhWN3RWTzhBMStJODNBWmhNMXNnPT0iLCJtYWMiOiIzY2I0MDcyYjkwNGM3ZDY5MDc0NjI5NjE4NTA0ODE1ZjI1Y2JjYTU4NjkyMzg4M2JkNTRhNGMwMWU2OTJiOWJlIn0%3D Connection keep-alive User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Wed, 21 Mar 2018 03:17:30 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Wed, 19 Oct 2016 13:14:52 GMT Server cloudflare ETag W/"580771cc-c31" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 3fed4412b5d69798-FRA Expires Wed, 21 Mar 2018 07:17:30 GMT
POST H/1.1	200 OK	Cookie set survey Show response www.gagarinspointofview.com/survey/	16 B 768 B	54ms 53ms	XHR text/html	104.24.98.149 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.gagarinspointofview.com/survey/survey Requested by Host: www.gagarinspointofview.com URL: http://www.gagarinspointofview.com/js/jquery.js Protocol HTTP/1.1 Server 104.24.98.149 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.6.33 Resource Hash `377034300d692835b36c8a10e163fd64fb748ec150e0d1c880172de423dce811` Request headers Pragma no-cache Origin http://www.gagarinspointofview.com Accept-Encoding gzip, deflate Host www.gagarinspointofview.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept text/html, /; q=0.01 Cache-Control no-cache X-Requested-With XMLHttpRequest Cookie __cfduid=d6263b3bbc1ec919b08c1d89c4a18a8251521602250; laravel_session=eyJpdiI6IkptRkREU3dBUkx0U01Hb2pCdkNvOFE9PSIsInZhbHVlIjoiemdBQndiNGp4N0tVNTMxd1Jyb0ErTmpNWGg4UVFXbEFNSXo0N081aGxmcXRVZkRTcHowakxSWE1YK1puXC9PVCtjbUhWN3RWTzhBMStJODNBWmhNMXNnPT0iLCJtYWMiOiIzY2I0MDcyYjkwNGM3ZDY5MDc0NjI5NjE4NTA0ODE1ZjI1Y2JjYTU4NjkyMzg4M2JkNTRhNGMwMWU2OTJiOWJlIn0%3D; b2ZmZXJXYWxs=%7B%22campaign%22%3A%227035%22%2C%22survey%22%3A%228083%22%2C%22source%22%3A%226209%22%2C%22subid%22%3A%22subid%3De%3AXgWvqZHgJrksr2prK1rC3g%26subid2%3Dblueadrenalin.com%22%2C%22firstSession%22%3A%22sciIoFLo44UV8rqte7S0LlMYZwHzGZDjTqDiy1Lw_7035%22%7D; survey_id_8083=true; cHJvZHVjdENvb27427=triggerON; cHJvZHVjdENQQQ7427=triggerON Connection keep-alive Content-Length 56 Accept text/html, /; q=0.01 Origin http://www.gagarinspointofview.com X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 21 Mar 2018 03:17:30 GMT Content-Encoding gzip Server cloudflare X-Powered-By PHP/5.6.33 Vary Accept-Encoding Connection keep-alive Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin Cache-Control no-cache Transfer-Encoding chunked Set-Cookie laravel_session=eyJpdiI6ImZmQVVsUDA3Q0ZuR09RNFErZ2gzeGc9PSIsInZhbHVlIjoiUDR4Z2YwWk9IMUxPVm9TdnlxQ1JCYnRLRWNWbkVocmtwT0VCNmJGdFB5RWt5WTJOd01ldFk3eXR1OU9mVEE1V01xU0VFWGp0U1pKU2Jla2pBTlBITnc9PSIsIm1hYyI6IjZjMjhiN2Y3ZjhkZmYzMzRkOTMyMjJjY2NkMjJlYTE2MGU0YWE3MzczOThlMmIyNjdlZjFkZDBiMWJlYTE4NGMifQ%3D%3D; expires=Wed, 28-Mar-2018 00:56:30 GMT; Max-Age=596340; path=/; httponly CF-RAY 3fed4412f236266c-FRA
POST H/1.1	200 OK	Cookie set survey Show response www.gagarinspointofview.com/survey/	19 B 779 B	66ms 66ms	XHR text/html	104.24.99.149 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.gagarinspointofview.com/survey/survey Requested by Host: www.gagarinspointofview.com URL: http://www.gagarinspointofview.com/js/jquery.js Protocol HTTP/1.1 Server 104.24.99.149 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.6.33 Resource Hash `e69e632fd455bb94aa01816ae5530a7eb04e5ac5bc0a63d5f96d7d12f8a3f7b3` Request headers Pragma no-cache Origin http://www.gagarinspointofview.com Accept-Encoding gzip, deflate Host www.gagarinspointofview.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept application/json, text/javascript, /; q=0.01 Cache-Control no-cache X-Requested-With XMLHttpRequest Cookie __cfduid=d6263b3bbc1ec919b08c1d89c4a18a8251521602250; laravel_session=eyJpdiI6IkptRkREU3dBUkx0U01Hb2pCdkNvOFE9PSIsInZhbHVlIjoiemdBQndiNGp4N0tVNTMxd1Jyb0ErTmpNWGg4UVFXbEFNSXo0N081aGxmcXRVZkRTcHowakxSWE1YK1puXC9PVCtjbUhWN3RWTzhBMStJODNBWmhNMXNnPT0iLCJtYWMiOiIzY2I0MDcyYjkwNGM3ZDY5MDc0NjI5NjE4NTA0ODE1ZjI1Y2JjYTU4NjkyMzg4M2JkNTRhNGMwMWU2OTJiOWJlIn0%3D; b2ZmZXJXYWxs=%7B%22campaign%22%3A%227035%22%2C%22survey%22%3A%228083%22%2C%22source%22%3A%226209%22%2C%22subid%22%3A%22subid%3De%3AXgWvqZHgJrksr2prK1rC3g%26subid2%3Dblueadrenalin.com%22%2C%22firstSession%22%3A%22sciIoFLo44UV8rqte7S0LlMYZwHzGZDjTqDiy1Lw_7035%22%7D; survey_id_8083=true; cHJvZHVjdENvb27427=triggerON; cHJvZHVjdENQQQ7427=triggerON Connection keep-alive Content-Length 61 Accept application/json, text/javascript, /; q=0.01 Origin http://www.gagarinspointofview.com X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 21 Mar 2018 03:17:30 GMT Content-Encoding gzip Server cloudflare X-Powered-By PHP/5.6.33 Vary Accept-Encoding Connection keep-alive Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin Cache-Control no-cache Transfer-Encoding chunked Set-Cookie laravel_session=eyJpdiI6IjFKUW1jK3NqbksxZXNWZVQxaVwvcGtnPT0iLCJ2YWx1ZSI6ImtEMHFsZnFmUlprbEtcL25WaW53RTF1MGtoUXpDeGxWUUV5QlJkZ2xadTdqTE1cL1wvdjVcLzRcL2pqY0dDM3k1MWMzalhId1prNHZLUFJjN0luVmUwM1BMcFE9PSIsIm1hYyI6IjA0YTMxNDFlMjNlOGFkNzA0NjMxMTc1NWYyMGEwNmRlNjQ3NjY4NWJkZmM3ZTNlMzk5NjE5YjRkYThjYzMxNmUifQ%3D%3D; expires=Wed, 28-Mar-2018 00:56:30 GMT; Max-Age=596340; path=/; httponly CF-RAY 3fed4412f2e5977a-FRA
POST H/1.1	200 OK	Cookie set survey Show response www.gagarinspointofview.com/survey/	18 B 765 B	69ms 69ms	XHR text/html	104.24.99.149 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.gagarinspointofview.com/survey/survey Requested by Host: www.gagarinspointofview.com URL: http://www.gagarinspointofview.com/js/jquery.js Protocol HTTP/1.1 Server 104.24.99.149 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.6.33 Resource Hash `a69ea33bdaaa0d88072e69964ae80235cf96167d87b206aad76baa5d245d5360` Request headers Pragma no-cache Origin http://www.gagarinspointofview.com Accept-Encoding gzip, deflate Host www.gagarinspointofview.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept application/json, text/javascript, /; q=0.01 Cache-Control no-cache X-Requested-With XMLHttpRequest Cookie __cfduid=d6263b3bbc1ec919b08c1d89c4a18a8251521602250; laravel_session=eyJpdiI6IkptRkREU3dBUkx0U01Hb2pCdkNvOFE9PSIsInZhbHVlIjoiemdBQndiNGp4N0tVNTMxd1Jyb0ErTmpNWGg4UVFXbEFNSXo0N081aGxmcXRVZkRTcHowakxSWE1YK1puXC9PVCtjbUhWN3RWTzhBMStJODNBWmhNMXNnPT0iLCJtYWMiOiIzY2I0MDcyYjkwNGM3ZDY5MDc0NjI5NjE4NTA0ODE1ZjI1Y2JjYTU4NjkyMzg4M2JkNTRhNGMwMWU2OTJiOWJlIn0%3D; b2ZmZXJXYWxs=%7B%22campaign%22%3A%227035%22%2C%22survey%22%3A%228083%22%2C%22source%22%3A%226209%22%2C%22subid%22%3A%22subid%3De%3AXgWvqZHgJrksr2prK1rC3g%26subid2%3Dblueadrenalin.com%22%2C%22firstSession%22%3A%22sciIoFLo44UV8rqte7S0LlMYZwHzGZDjTqDiy1Lw_7035%22%7D; survey_id_8083=true; cHJvZHVjdENvb27427=triggerON; cHJvZHVjdENQQQ7427=triggerON Connection keep-alive Content-Length 182 Accept application/json, text/javascript, /; q=0.01 Origin http://www.gagarinspointofview.com X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 21 Mar 2018 03:17:30 GMT Content-Encoding gzip Server cloudflare X-Powered-By PHP/5.6.33 Vary Accept-Encoding Connection keep-alive Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin Cache-Control no-cache Transfer-Encoding chunked Set-Cookie laravel_session=eyJpdiI6IldwaGlrbkdxUlRyeEViXC9KSnNvRlpBPT0iLCJ2YWx1ZSI6Ikt3UmE1bUZCakgzVDM1STYrZk92V09EYm01MlJKOTlrQmVSVG1SUDhibmtyMk4yTXMwdGpzNkpjeFFNM0VKaFRHbUg3VkZ4bEFWRXlKcjVsN3dHZCtnPT0iLCJtYWMiOiI3NWQ2ZjQ3MDJlMzZjYmE0MWNkNWQ4Zjk5MDExZGMzMDMwM2EzNzBmNmEzNmZkZjljNTQ3MGQyODkzZmRmNGNiIn0%3D; expires=Wed, 28-Mar-2018 00:56:30 GMT; Max-Age=596340; path=/; httponly CF-RAY 3fed4412f5ec9798-FRA
GET H/1.1	200 OK	Cookie set / tackergy.com/197d674bbe1dfd7800/3phaZ/ Redirect Chain http://www.gagarinspointofview.com/urlshort_test/uid_long=7427&tracking_id=11878369&token=sciIoFLo44UV8rqte7S0LlMYZwHzGZDjTqDiy1Lw&preview=0&subid_json=eyJzdWJpZDEiOiJlOlhnV3ZxWkhnSnJrc3IycHJLMXJDM... http://tackergy.com/197d674bbe1dfd7800/3phaZ/	121 B 342 B	328ms 229ms	Document text/html	192.241.151.40 DigitalOcean
General Check archive.org Show headers Download Go to Full URL http://tackergy.com/197d674bbe1dfd7800/3phaZ/ Protocol HTTP/1.1 Server 192.241.151.40 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US), Reverse DNS ae574.com Software Apache / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host tackergy.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Cache-Control no-cache Connection keep-alive User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Wed, 21 Mar 2018 03:17:31 GMT Server Apache Set-Cookie uid3546=727339329-20180320221731-3b7028bef3f2a5134f69b26bee81c382-; path=/ Content-Length 121 Content-Type text/html; charset=UTF-8 Redirect headers Date Wed, 21 Mar 2018 03:17:31 GMT Server cloudflare X-Powered-By PHP/5.6.33 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Location http://tackergy.com/197d674bbe1dfd7800/3phaZ/ Set-Cookie laravel_session=eyJpdiI6IkxnVzlpcmZCU2k2R29ZU2tEM1NWVHc9PSIsInZhbHVlIjoicWw2RDh3QnNVYllvZkNBZ3huS21tQVwvaVdHQmtRRWd5RVA4dXU1OVRXbDFKUEc5WlV1S2ZlM1dObXc3SVlSenVhdXBENWpjQU56SUJSeVwvSUZQOXY2dz09IiwibWFjIjoiMWM1Y2Q0ZTQzNTlkMDFmMjgzYTUzZjNiY2QxYzk3NjFkMzk5NzlhY2E0YjExNjBlNDc4NGE4MWM2ZjY1ZTU2MiJ9; expires=Wed, 28-Mar-2018 00:56:31 GMT; Max-Age=596340; path=/; httponly Cache-Control no-cache Connection keep-alive CF-RAY 3fed4415f65a9798-FRA
GET H/1.1	200 OK	Primary Request Cookie set 1ec0179e4156568c Show response link.babi.gdn/c/ Redirect Chain http://o33lq.5155625.com/?s1=727339329&s2=470204&kw=470204 http://link.babi.gdn/c/1ec0179e4156568c?&%3F%3Fs1=727339329&group_id=483&email=email&cntrl=00000&pid=10044&redid=32313&gsid=483&campaign_id=165&p_id=10044&id=XNSX.%3A%3A470204-r32313-t483&impid=64d...	5 KB 2 KB	107ms 72ms	Document text/html	52.211.95.198 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://link.babi.gdn/c/1ec0179e4156568c?&%3F%3Fs1=727339329&group_id=483&email=email&cntrl=00000&pid=10044&redid=32313&gsid=483&campaign_id=165&p_id=10044&id=XNSX.%3A%3A470204-r32313-t483&impid=64dd1568-2cb6-11e8-a06e-fa245441bcee Protocol HTTP/1.1 Server 52.211.95.198 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-211-95-198.eu-west-1.compute.amazonaws.com Software nginx / PHP/7.0.26 Resource Hash `cd1124f99ab7f6961722bf64ec0de891c0e9cab4d69ae5786a45e3a2152c00e4` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host link.babi.gdn Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://tackergy.com/197d674bbe1dfd7800/3phaZ/ Connection keep-alive Cache-Control no-cache Referer http://tackergy.com/197d674bbe1dfd7800/3phaZ/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Wed, 21 Mar 2018 03:17:32 GMT Content-Encoding gzip Server nginx X-Powered-By PHP/7.0.26 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Set-Cookie unique_330207=unique_330207; expires=Thu, 22-Mar-2018 03:17:32 GMT; Max-Age=86400; path=/ unique_id=5ab1cecc9da57091405053; expires=Thu, 22-Mar-2018 03:17:32 GMT; Max-Age=86400; path=/ unique_330207=unique_330207; expires=Thu, 22-Mar-2018 03:17:32 GMT; Max-Age=86400; path=/ unique_id=5ab1cecc9da57091405053; expires=Thu, 22-Mar-2018 03:17:32 GMT; Max-Age=86400; path=/ Connection keep-alive Redirect headers X-ImpID 64dd1568-2cb6-11e8-a06e-fa245441bcee Date Wed, 21 Mar 2018 03:17:32 GMT Transfer-Encoding chunked Location http://link.babi.gdn/c/1ec0179e4156568c?&%3F%3Fs1=727339329&group_id=483&email=email&cntrl=00000&pid=10044&redid=32313&gsid=483&campaign_id=165&p_id=10044&id=XNSX.%3A%3A470204-r32313-t483&impid=64dd1568-2cb6-11e8-a06e-fa245441bcee Content-Type text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			link.babi.gdn/	1970-01-18 14:41:28	Name: unique_id Value: 5ab1cecc9da57091405053
			link.babi.gdn/	1970-01-18 14:41:28	Name: unique_330207 Value: unique_330207

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clicktime.symantec.com
link.babi.gdn
o33lq.5155625.com
sunshine.blueadrenalin.com
tackergy.com
www.gagarinspointofview.com
104.24.98.149
104.24.99.149
192.241.151.40
203.189.238.250
5.196.133.146
52.211.95.198
85.158.139.121
125a1fee5756d4067e3c3a3264462340e5ebe937c8ff1c66996a956f29fd60b1
2065aecca0fb9b0567358d352ed5f1ab72fce139bf449b4d09805f5d9c3725ed
377034300d692835b36c8a10e163fd64fb748ec150e0d1c880172de423dce811
a69ea33bdaaa0d88072e69964ae80235cf96167d87b206aad76baa5d245d5360
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
cd1124f99ab7f6961722bf64ec0de891c0e9cab4d69ae5786a45e3a2152c00e4
e69e632fd455bb94aa01816ae5530a7eb04e5ac5bc0a63d5f96d7d12f8a3f7b3
ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4

link.babi.gdn Open in urlscan Pro 52.211.95.198 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

0 %HTTPS

0 %IPv6

6 Domains

6 Subdomains

4 IPs

5 Countries

129 kBTransfer

358 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Indicators

link.babi.gdn Open in urlscan Pro
52.211.95.198 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

0 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

4
IPs

5
Countries

129 kB
Transfer

358 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions