urlscan.io logo urlscan.io
SecurityTrails logo

smart-deals.club Open in urlscan Pro
2606:4700:3037::ac43:d189  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/Astrlia-gft-crd-pypl
Effective URL: https://smart-deals.club/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2VzhiY0NXUjZBYmk1UDQ4Zkptemx1eFJ2QkFY...
Submission: On July 20 via manual from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 10 domains to perform 9 HTTP transactions. The main IP is 2606:4700:3037::ac43:d189, located in United States and belongs to CLOUDFLARENET, US. The main domain is smart-deals.club.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 14th 2021. Valid for: a year.
This is the only time smart-deals.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-PR...)
1 104.21.40.81 13335 (CLOUDFLAR...)
1 151.101.13.27 54113 (FASTLY)
1 162.247.243.147 23467 (NEWRELIC-...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 212.32.252.129 60781 (LEASEWEB-...)
1 3 216.104.36.156 32475 (SINGLEHOP...)
1 2a00:1450:400... 15169 (GOOGLE)
9 7
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
1    104.21.40.81 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnflair.com
1    151.101.13.27 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.147 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam-cell.nr-data.net
1    2606:4700:3035::ac43:87cb (United States)

ASN13335 (CLOUDFLARENET, US)
simplejmp.com
2    2606:4700:3037::ac43:d189 (United States)

ASN13335 (CLOUDFLARENET, US)
smart-deals.club
www.smart-deals.club
2    212.32.252.129 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
go.rolltrafficroll.com
mish.bucksmein.com
3    216.104.36.156 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
jump.gettingyourcontent.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
3 jump.gettingyourcontent.com 1 redirects smart-deals.club
jump.gettingyourcontent.com
1 www.google.com jump.gettingyourcontent.com
1 mish.bucksmein.com 1 redirects
1 go.rolltrafficroll.com 1 redirects
1 www.smart-deals.club smart-deals.club
1 smart-deals.club
1 simplejmp.com 1 redirects
1 bam-cell.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com cdnflair.com
1 cdnflair.com
1 bit.ly 1 redirects
9 11

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-01-08 -
2022-01-07		 a year crt.sh
*.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-05 -
2022-06-06		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
jump.gettingyourcontent.com
R3		 2021-06-26 -
2021-09-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://smart-deals.club/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2VzhiY0NXUjZBYmk1UDQ4Zkptemx1eFJ2QkFYWkdCZUtvNUh1d2ZtZFg0R1VzZXpMUWEzN0l4Q2tnOGtLTUZpZ2tYcFRwQWNKM3FnQkNLN04vZkt2SmROZmdwTGpnUWZ6TGl3Z3hHYmg0djBRPT0
Frame ID: CFD122C6BCD03462E3180A2A14197EDD
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/
Frame ID: A749C206C09347981230C9724E76DF52
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/Astrlia-gft-crd-pypl HTTP 301
    https://cdnflair.com/srv.html?id=5504713&pub=1642722 Page URL
  2. https://simplejmp.com/redirect/action/3JGcxOXNhLnFuJT81KXp7aHN4ag_eQ__eQ_Uyi?tsid=1642722&uc=16427... HTTP 302
    https://smart-deals.club/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2VzhiY0NXUjZBYmk1... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

9
Requests

89 %
HTTPS

33 %
IPv6

10
Domains

11
Subdomains

7
IPs

3
Countries

27 kB
Transfer

60 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/Astrlia-gft-crd-pypl HTTP 301
    https://cdnflair.com/srv.html?id=5504713&pub=1642722 Page URL
  2. https://simplejmp.com/redirect/action/3JGcxOXNhLnFuJT81KXp7aHN4ag_eQ__eQ_Uyi?tsid=1642722&uc=1642722-800810136 HTTP 302
    https://smart-deals.club/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2VzhiY0NXUjZBYmk1UDQ4Zkptemx1eFJ2QkFYWkdCZUtvNUh1d2ZtZFg0R1VzZXpMUWEzN0l4Q2tnOGtLTUZpZ2tYcFRwQWNKM3FnQkNLN04vZkt2SmROZmdwTGpnUWZ6TGl3Z3hHYmg0djBRPT0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/Astrlia-gft-crd-pypl HTTP 301
  • https://cdnflair.com/srv.html?id=5504713&pub=1642722
Request Chain 5
  • https://go.rolltrafficroll.com/click?pid=1565&offer_id=65279&sub1=20072020_2d_78_48_6a7efe_1199_80_60f6abe0_2a0104f8019254140000000000000002_2939_0_0_64_64_0_2_2_0_0&sub5=48:2939 HTTP 302
  • https://mish.bucksmein.com/click?pid=1373&offer_id=55094&sub5=1565&sub3=65279&sub4=%2AIn-House%2A+%5BPIN%5D+DE+Fortnite+S6+Run+Wild+V3 HTTP 302
  • https://jump.gettingyourcontent.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472&utm_campaign=main&1=1565&cid=60f6abe1e98e930001d87071
Request Chain 7
  • https://jump.gettingyourcontent.com/proc.php?25567bb5c83b467d2c27b8ce4f1abf2515eb09c5 HTTP 302
  • https://www.google.com/

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
srv.html
cdnflair.com/
Redirect Chain
  • https://bit.ly/Astrlia-gft-crd-pypl
  • https://cdnflair.com/srv.html?id=5504713&pub=1642722
16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdnflair.com/srv.html?id=5504713&pub=1642722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.40.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2162a73981b990332e344fbc69497096ea1984c946fe8c0a592294405b4ba63e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
cdnflair.com
:scheme
https
:path
/srv.html?id=5504713&pub=1642722
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 10:56:28 GMT
content-type
text/html
x-frame-options
SAMEORIGIN
set-cookie
PHPSESSID=4bqrjr8VCCQNHixqD5hwrJ82HRpkhQI9Lk3s4nlAOnyG5Zf-hGW5j3lOKczuSu5d; path=/; HttpOnly SERVERID=web2; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
x-xss-protection
1; mode=block
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzPb%2FNSIWdTdtSgsHQzPu3VxlnnQZL1DrpN%2FT4fENb25jMEf5QvswtqLH84yIAMxzwRsFON4%2B79fTM7O5kQMqngo1HHTJzEoRC%2FxMUJX33OVN4qS1iJZC9v%2B2Axpu%2Fc%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
671ba9becd004c74-AMS
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

server
nginx
date
Tue, 20 Jul 2021 10:56:27 GMT
content-type
text/html; charset=utf-8
content-length
143
cache-control
private, max-age=90
content-security-policy
referrer always;
location
https://cdnflair.com/srv.html?id=5504713&pub=1642722
referrer-policy
unsafe-url
set-cookie
_bit=l6kaUr-726cfd3dd1f01c89eb-00B; Domain=bit.ly; Expires=Sun, 16 Jan 2022 10:56:27 GMT
via
1.1 google
alt-svc
clear
nr-1210.min.js
js-agent.newrelic.com/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1210.min.js
Requested by
Host: cdnflair.com
URL: https://cdnflair.com/srv.html?id=5504713&pub=1642722
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Referer
https://cdnflair.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding
gzip
etag
"67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id
H89KM1RV4S7TFTBC
x-cache
HIT
content-length
11781
x-amz-id-2
2X4DcPAuUiE6Foymon7Mxx0ETD5vM2d6Ih31P/Gs/3u8xfRvjERnC1m/KQrm7GW45yv3YDNKCwU=
x-served-by
cache-fra19172-FRA
last-modified
Tue, 22 Jun 2021 22:47:07 GMT
server
AmazonS3
x-timer
S1626778588.436126,VS0,VE0
date
Tue, 20 Jul 2021 10:56:28 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1101
62915533ca
bam-cell.nr-data.net/1/ 		49 B
881 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/62915533ca?a=14035018&v=1210.e2a3f80&to=blEHMktWXkQABkRQDFcbMBRQGF9RBwBCFxNRRA%3D%3D&rst=837&ck=1&ref=https://cdnflair.com/srv.html&ap=132&be=724&fe=727&dc=726&perf=%7B%22timing%22:%7B%22of%22:1626778587626,%22n%22:0,%22f%22:258,%22dn%22:259,%22dne%22:268,%22c%22:268,%22s%22:281,%22ce%22:330,%22rq%22:330,%22rp%22:719,%22rpe%22:720,%22dl%22:721,%22di%22:726,%22ds%22:726,%22de%22:726,%22dc%22:727,%22l%22:727,%22le%22:727%7D,%22navigation%22:%7B%7D%7D&fp=736&fcp=736&at=QhYERANMTUo%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Referer
https://cdnflair.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 20 Jul 2021 10:56:29 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
X-NewRelic-App-Data
PxQGQlVRDwcAXFZTFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUChoDAFEPWHRMB05WAhtDVFENAAVSUgNRVwRXUAUOC0BKBQNcEV0/
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
671ba9c21b24cc5a-ZRH
Primary Request NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2VzhiY0NXUjZBYmk1UDQ4Zkptemx1eFJ2QkFYWkdCZUtvNUh1d2ZtZFg0R1VzZXpMUWEzN0l4Q2tnOGtLTUZpZ2tYcFRwQWNKM3FnQkNLN04vZkt2SmROZmdwTGpnUWZ6TGl3Z3hHYmg0d...
smart-deals.club/clk/
Redirect Chain
  • https://simplejmp.com/redirect/action/3JGcxOXNhLnFuJT81KXp7aHN4ag_eQ__eQ_Uyi?tsid=1642722&uc=1642722-800810136
  • https://smart-deals.club/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2VzhiY0NXUjZBYmk1UDQ4Zkptemx1eFJ2QkFYWkdCZUtvNUh1d2ZtZFg0R1VzZXpMUWEzN0l4Q2tnOGtLTUZpZ2tYcFRwQWNKM3FnQkNLN04vZkt2...
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://smart-deals.club/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2VzhiY0NXUjZBYmk1UDQ4Zkptemx1eFJ2QkFYWkdCZUtvNUh1d2ZtZFg0R1VzZXpMUWEzN0l4Q2tnOGtLTUZpZ2tYcFRwQWNKM3FnQkNLN04vZkt2SmROZmdwTGpnUWZ6TGl3Z3hHYmg0djBRPT0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:d189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ef2cc16491e3aba538348eb8640a7a1a30cf751b5364fb1f0f442d4cdf45bae

Request headers

:method
GET
:authority
smart-deals.club
:scheme
https
:path
/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2VzhiY0NXUjZBYmk1UDQ4Zkptemx1eFJ2QkFYWkdCZUtvNUh1d2ZtZFg0R1VzZXpMUWEzN0l4Q2tnOGtLTUZpZ2tYcFRwQWNKM3FnQkNLN04vZkt2SmROZmdwTGpnUWZ6TGl3Z3hHYmg0djBRPT0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://cdnflair.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdnflair.com/srv.html?id=5504713&pub=1642722

Response headers

date
Tue, 20 Jul 2021 10:56:32 GMT
content-type
text/html; charset=UTF-8
set-cookie
GEO_92b0aa94154457fd031678e55cd31eecee42fca0=6a7efe; expires=Tue, 20-Jul-2021 11:56:32 GMT; Max-Age=3600 msv-48-6a7efe-b7b-50-120-0=55832868898534104861030369468629385218; expires=Wed, 21-Jul-2021 10:56:32 GMT; Max-Age=86400 click-29d-6a7efe=20072020_2d_78_48_6a7efe_1199_80_60f6abe0_2a0104f8019254140000000000000002_2939_0_0_64_64_0_2_2_0_0; expires=Sun, 16-Jan-2022 10:56:32 GMT; Max-Age=15552000; path=/conversion
charset
UTF-8
content-encoding
UTF-8
p3p
CP="NOI CURa ADMa PSA OUR NOR OTC"
pragma
no-cache
cache-control
no-cache no-cache, must-revalidate, max-age=0
x-robots-tag
noindex, nofollow, nocache, noarchive
googlebot
noindex, nofollow, nocache, noarchive
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufBN6NZ3cCIbYqklthG%2BThCty88C455pEeShwvzGdqqOIM%2BXQiGnOLLj5g41qAo3Wg%2BpTFfIrWCaKst8iDpfhgRN2HMUs3TRX8qZxWeP3ckEPmyeVb%2F%2B93r96%2BXoiiOLw7iFZkG7ezlmb1QE9ME1"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
671ba9db6b1f05b3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Tue, 20 Jul 2021 10:56:32 GMT
content-type
text/html; charset=UTF-8
set-cookie
msv-ea7-6b50ad-0-50-0-0=55832868898534104861030369468629385218; expires=Wed, 21-Jul-2021 10:56:32 GMT; Max-Age=86400 click-e3-6b50ad=20072021_26_0_ea7_6b50ad_a73_80_60f6abe0_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2_0_0; expires=Sun, 16-Jan-2022 10:56:32 GMT; Max-Age=15552000; path=/conversion
location
https://smart-deals.club/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2VzhiY0NXUjZBYmk1UDQ4Zkptemx1eFJ2QkFYWkdCZUtvNUh1d2ZtZFg0R1VzZXpMUWEzN0l4Q2tnOGtLTUZpZ2tYcFRwQWNKM3FnQkNLN04vZkt2SmROZmdwTGpnUWZ6TGl3Z3hHYmg0djBRPT0
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lb1qDtsof5rU2bjOlnzh6TBF%2FBAc6M92grvt6puw7c%2Bzq2p9aLxxAEQ1yYovsIl0nKeeVqcqH81DdjbNkJfwXFzL%2FHg%2By8nGRnteyXdbYr5Cn6xYLf0ouExU0Teb3wn8JbELe8Lh3J3EJJIa"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
671ba9da78242c32-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
62915533ca
bam-cell.nr-data.net/events/1/ 		0
0
exittraffic.js
www.smart-deals.club/background_loader/getJS/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.smart-deals.club/background_loader/getJS/exittraffic.js
Requested by
Host: smart-deals.club
URL: https://smart-deals.club/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2VzhiY0NXUjZBYmk1UDQ4Zkptemx1eFJ2QkFYWkdCZUtvNUh1d2ZtZFg0R1VzZXpMUWEzN0l4Q2tnOGtLTUZpZ2tYcFRwQWNKM3FnQkNLN04vZkt2SmROZmdwTGpnUWZ6TGl3Z3hHYmg0djBRPT0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:d189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2aff07047d4795ce7f7feb5b64ec9ff981e7fb1c48cb4cd14910d558c18f439

Request headers

Referer
https://smart-deals.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
pragma
date
Tue, 20 Jul 2021 10:56:32 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkKIEbO1qkAsycXs5CEpvA3gNRl2cAVrzbIJMViTljN0DqXiOWslou6cmVQWmCv5%2FsejXoofWagi0yJPYrg6eeiGloTj4HtWQjha4xNke%2Fb%2FmOoaD7NX3X3zSjZWLPiDoPXeeG9cM65SMdWa9el1u0kyAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
671ba9dc3d0005b3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
/
jump.gettingyourcontent.com/ Frame A749
Redirect Chain
  • https://go.rolltrafficroll.com/click?pid=1565&offer_id=65279&sub1=20072020_2d_78_48_6a7efe_1199_80_60f6abe0_2a0104f8019254140000000000000002_2939_0_0_64_64_0_2_2_0_0&sub5=48:2939
  • https://mish.bucksmein.com/click?pid=1373&offer_id=55094&sub5=1565&sub3=65279&sub4=%2AIn-House%2A+%5BPIN%5D+DE+Fortnite+S6+Run+Wild+V3
  • https://jump.gettingyourcontent.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472&utm_campaign=main&1=1565&cid=60f6abe1e98e930001d87071
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jump.gettingyourcontent.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472&utm_campaign=main&1=1565&cid=60f6abe1e98e930001d87071
Requested by
Host: smart-deals.club
URL: https://smart-deals.club/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2VzhiY0NXUjZBYmk1UDQ4Zkptemx1eFJ2QkFYWkdCZUtvNUh1d2ZtZFg0R1VzZXpMUWEzN0l4Q2tnOGtLTUZpZ2tYcFRwQWNKM3FnQkNLN04vZkt2SmROZmdwTGpnUWZ6TGl3Z3hHYmg0djBRPT0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.104.36.156 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.4.10
Resource Hash
3fed67f510b4309f9b8bf4b675907b7f51651c27a0d61787b2b712c302d807d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
jump.gettingyourcontent.com
:scheme
https
:path
/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472&utm_campaign=main&1=1565&cid=60f6abe1e98e930001d87071
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Tue, 20 Jul 2021 10:56:33 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.4.10
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=10f114b58c96008085d05552c6cd46f9; expires=Wed, 20-Jul-2022 10:56:33 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip

Redirect headers

server
nginx
date
Tue, 20 Jul 2021 10:56:33 GMT
content-length
0
location
https://jump.gettingyourcontent.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472&utm_campaign=main&1=1565&cid=60f6abe1e98e930001d87071
referer
referrer-policy
no-referrer
set-cookie
afclick=60f6abe1e98e930001d87071; expires=Wed, 20 Jul 2022 10:56:33 GMT; secure; SameSite=None afoffers={"55094":1626778593}; expires=Wed, 20 Jul 2022 10:56:33 GMT; secure; SameSite=None
/
jump.gettingyourcontent.com/ Frame A749 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jump.gettingyourcontent.com/?utm_term=6986960854784671958&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f190969886afcbc8f8cefefafdf2c3f1f3f6f7c4c5daea24
Requested by
Host: jump.gettingyourcontent.com
URL: https://jump.gettingyourcontent.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472&utm_campaign=main&1=1565&cid=60f6abe1e98e930001d87071
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.104.36.156 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.4.10
Resource Hash
7a95a45c7d78599bd9853a400c363310cf65ff269cd877640a72e1145fe71f71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
jump.gettingyourcontent.com
:scheme
https
:path
/?utm_term=6986960854784671958&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f190969886afcbc8f8cefefafdf2c3f1f3f6f7c4c5daea24
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jump.gettingyourcontent.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472&utm_campaign=main&1=1565&cid=60f6abe1e98e930001d87071
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://jump.gettingyourcontent.com/?utm_medium=04a36d53033249cb443c0269cf7ee2c9c2143472&utm_campaign=main&1=1565&cid=60f6abe1e98e930001d87071

Response headers

server
nginx
date
Tue, 20 Jul 2021 10:56:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-powered-by
PHP/7.4.10
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=29b7ea9872afba054a856ba4ef6d875d; expires=Wed, 20-Jul-2022 10:56:33 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
/
www.google.com/ Frame A749
Redirect Chain
  • https://jump.gettingyourcontent.com/proc.php?25567bb5c83b467d2c27b8ce4f1abf2515eb09c5
  • https://www.google.com/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/
Requested by
Host: jump.gettingyourcontent.com
URL: https://jump.gettingyourcontent.com/?utm_term=6986960854784671958&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f190969886afcbc8f8cefefafdf2c3f1f3f6f7c4c5daea24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jump.gettingyourcontent.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://jump.gettingyourcontent.com/?utm_term=6986960854784671958&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f190969886afcbc8f8cefefafdf2c3f1f3f6f7c4c5daea24#

Response headers

date
Tue, 20 Jul 2021 10:56:33 GMT
expires
-1
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000
bfcache-opt-in
unload
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding
br
server
gws
content-length
52540
x-xss-protection
0
x-frame-options
SAMEORIGIN
set-cookie
CONSENT=PENDING+336; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

server
nginx
date
Tue, 20 Jul 2021 10:56:33 GMT
content-type
text/html; charset=UTF-8
location
https://www.google.com/
x-powered-by
PHP/7.4.10
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bam-cell.nr-data.net
URL
https://bam-cell.nr-data.net/events/1/62915533ca?a=14035018&v=1210.e2a3f80&to=blEHMktWXkQABkRQDFcbMBRQGF9RBwBCFxNRRA%3D%3D&rst=5030&ck=1&ref=https://cdnflair.com/srv.html

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated boolean| is_chrome function| DisableExitTraffic function| addLoadEvent function| addClickEvent boolean| PreventExitSplash boolean| LightwindowOpening function| DisplayExitSplash object| a function| exittraffic_change_url undefined| theBody function| disablelinksfunc function| disableformsfunc string| exittraffic_splashalertmessage string| exittraffic_RedirectUrl object| queryString object| _GET

2 Cookies

Domain/Path Name / Value
smart-deals.club/clk Name: msv-48-6a7efe-b7b-50-120-0
Value: 55832868898534104861030369468629385218
smart-deals.club/clk Name: GEO_92b0aa94154457fd031678e55cd31eecee42fca0
Value: 6a7efe

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block