urlscan.io logo urlscan.io
SecurityTrails logo

www5.getsecurybrowseapp.com Open in urlscan Pro
172.67.144.192  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://canad.ca/
Effective URL: https://www5.getsecurybrowseapp.com/view?src=hXxvqtXqT9p1lli73ZyviGUPJByMNnp01J47GE07WykmvsCYqQ-QvgQ7phLi0CNgQvLB-Ij9FLaCQ4uJXEfXXuc...
Submission: On October 23 via manual from IN — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 5 domains to perform 12 HTTP transactions. The main IP is 172.67.144.192, located in United States and belongs to CLOUDFLARENET, US. The main domain is www5.getsecurybrowseapp.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 31st 2023. Valid for: a year.
This is the only time www5.getsecurybrowseapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 69.16.230.226 32244 (LIQUIDWEB)
1 1 142.93.240.225 14061 (DIGITALOC...)
1 1 198.211.113.186 14061 (DIGITALOC...)
2 35.171.236.221 14618 (AMAZON-AES)
6 172.67.144.192 13335 (CLOUDFLAR...)
12 4
2    69.16.230.226 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb05.parklogic.com
canad.ca
1    142.93.240.225 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
www.toromclick.com
1    198.211.113.186 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
redir.blowingwind.xyz
2    35.171.236.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-236-221.compute-1.amazonaws.com
vibiu-dau.com
6    172.67.144.192 (United States)

ASN13335 (CLOUDFLARENET, US)
www5.getsecurybrowseapp.com
Apex Domain
Subdomains		 Transfer
6 getsecurybrowseapp.com
www5.getsecurybrowseapp.com
104 KB
2 vibiu-dau.com
vibiu-dau.com — Cisco Umbrella Rank: 157899
4 KB
2 canad.ca
canad.ca
17 KB
1 blowingwind.xyz
redir.blowingwind.xyz
481 B
1 toromclick.com
www.toromclick.com — Cisco Umbrella Rank: 120470
1 KB
12 5
Domain Requested by
6 www5.getsecurybrowseapp.com vibiu-dau.com
canad.ca
www5.getsecurybrowseapp.com
2 vibiu-dau.com canad.ca
vibiu-dau.com
2 canad.ca canad.ca
1 redir.blowingwind.xyz 1 redirects
1 www.toromclick.com 1 redirects
12 5

This site contains no links.

Subject Issuer Validity Valid
getsecurybrowseapp.com
Cloudflare Inc ECC CA-3		 2023-05-31 -
2024-05-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www5.getsecurybrowseapp.com/view?src=hXxvqtXqT9p1lli73ZyviGUPJByMNnp01J47GE07WykmvsCYqQ-QvgQ7phLi0CNgQvLB-Ij9FLaCQ4uJXEfXXuc4FaRlHwe8ykT2fs79czALxmBVrY3vhjhYCq6VxQfTK9h7IwB5h0ri_73kVAx3rPvyx33S-4EHtpy9xll-qZ5N6i_Aec-OHWwxaXWkSr43B3sY_BLv4sHUacYxKq4-WIJHzS4nl30sle5d1f1msirPefedpgaY0R3kVt7KDyRkupmiNkJRqIlCeU14Wz-L6WbKY-o9MxujYwW37grwvgfKupbu70Nt2lJMxO9pCXJirlenKyKoK5SCp2BJ78qOFXLsz44CA128dJ7GiOnpfTCeN4WdPJzAWABQlpum_Sxar0x00pKmx3n53HZ2CDJz5uvQHaVkUxs75K_Rmb28k2njKlWJBrDLH7cqF9iOba8-
Frame ID: C8A450D3155E36A2F9C3E4D2F9205B6B
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://canad.ca/ Page URL
  2. http://canad.ca/page/bouncy.php?&bpae=GbhGsbsGPNVm9ruvUf4%2BbAbe0HAko9xljl4EczYjSaWj%2FYs%2F... Page URL
  3. http://www.toromclick.com/feed/click/?t1=128&tid=760&uid=192&subid=canad.ca&id=8b138994fbe3cfc59112284... HTTP 302
    https://redir.blowingwind.xyz/feed/click/?t1=128&tid=88&uid=59&subid=760_canad.ca&id=de2358e7522a334b3cff5... HTTP 302
    http://vibiu-dau.com/zclkvisitor/0b449400-71bf-11ee-b802-0ac6c987bb83/cfcdab84-dabd-11ed-962d-0ad... Page URL
  4. http://vibiu-dau.com/zclkredirect?visitid=0b449400-71bf-11ee-b802-0ac6c987bb83&type=js&browserWid... Page URL
  5. https://www5.getsecurybrowseapp.com/view?src=hXxvqtXqT9p1lli73ZyviGUPJByMNnp01J47GE07WykmvsCYqQ-QvgQ7phLi0CNgQvL... Page URL

Page Statistics

12
Requests

50 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

1
Countries

125 kB
Transfer

335 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://canad.ca/ Page URL
  2. http://canad.ca/page/bouncy.php?&bpae=GbhGsbsGPNVm9ruvUf4%2BbAbe0HAko9xljl4EczYjSaWj%2FYs%2FOCWSdeJC3YSQSeKGaqYVpr9%2BLl3K3%2B7LEf6XxScMVpIFv6Rr19PmmJiytCidzoIZi%2BiOiL5Afay2oxqvgwrLpRPol4cogKGTj5kAGFBTwtGibHiBkhzKzEq6kfaqt%2BNq3Oqsbf1EzKsszYGTlJiCju2yqfi2NLP9z59rPwHFxYRKXr%2B9C5dEEja%2BrzvGWL7yg9y0AqZTvJ8eh5SgQ5hIh3%2FMMiUn4daw56TioKyORoH4v0MKxbYIA2YHL7acTofl6FTMfuhPOASE8oFNSi0sv%2BDb5NlP1B1zzCel8OjQ%2F%2FA1KzxEZeAj82QOysVOuHLCCVVo%2F0CDm%2FYW783%2FFfTeZQ%2Fw571eE9dXBKOHpP4Cz%2BufqaN5Hnx8jnWR2xiJtiJ%2FhuTyg4H4UvrRhtofiZ%2FCmiguDcbCDgRhIBN2nYTbEyed0rT%2FhvWJuW7VQlrkuPZlZyKv9nVlPXkTofOvoEQuVUjHSBesjCuCVBVqgOtcdKI%2FlJnZp24Z31sDOg2QqjuT8Fjq1rXxGxxQ5IAEEKR%2BmNeB2uTrX7GwyCn84f26%2BsGwoZVIWSruvgWMjgVVx9ymwQJkF0YndEzAZgOHu1tHlikQ4F0O7Epkh74%2B887Y%2BHEhvlEzaUSFByHay4D0Cf3PnkLylUi0Zo6LPUyw13lfuUQkFQubOWyMt3VbWP2CYeKc4Qlgc10NzE1LJmWcpYNma%2F4w04k2iivOhLCIdlhg1OU9y2%2BewdsF8ruE48EZm3SX4PvTh%2FOvRYzYLNlWJH1z16b6XNbEzi%2Bi50dAlbp7EGnMk7Zvk9z0vvuGGniWgg8vjBQAocLvuVZWRcs7lw4kVxPsMcCihFxJJmcWyz1mlp95CDoWaPPhX8fbrQlL1myqPOXGzBh7scJ4Pq8Cw049f9sh%2BE06Pim4uIRvQ%2Fsx6vv%2FRfxhaPi%2B4cG%2B7MWR0TI%2Baf4i%2BNW6utGWKlHkvQ1AFTEnZd96%2F0PtKaBDgsD1Lw937SmwA2zzKSHXQLli%2F2wQWFNxyoASVElYnwl%2BSQt1i%2BuooKwt47IydATCJgwbhwIRu7ZgxvPFRlRk8d%2Bd94r3Q9qk3tm8UW%2FLAqUAkhH4mFRkef0xe7cxJT3zz7ngDUewgMUj%2FabxQMu1y7ffZMuFew2JPBHpvLRqy2jXeW6FPF2Hu2ugc7QWJOFHP6xUAkZ0ChdPnTd8ekJI9k8eaoL4dvn1ZgJPWAJcNOCuzBkmSxjfCwJaQtR7WcShddYgVk9w4JvOBHUPBGBjRE3Dhx6FXeJgw2mU9gVfNJCMzJ%2B35yAqSKMjZoRuHzSzxr5Ym1d%2FBcxPydViSHAxBpIqYtX8n%2FJC%2F3hvg71VptDPC4YcFCVU5WVpqF1es3KYLTuHPWEERvKL9vEdhOgF9wUaJQKLP4teRo9gFRcAtDMcLi8PBbG1KKq%2FyHm%2FwnN4ph18IxF0LWc%2FfdXKzfY0VTD7rn0sNitVRxgDIAw%2FUBLyIPfXxun9hAuIbvgSRQcjuNTGwxH7o84KUEdsOvqR52JRuqcDKqiMSxZjuaaQNwargOAF3iIo3eZeckhKEnpFyh64sH2XYYXVAJGtoMjPrkR2WGzYU%2BXZkK6cb4MamhN1M7K7CXr75OswTfiB6lPVx2Ud%2BXlchNaXdDkCJrs0qVzCcdigfSLfcaYZVGlFYMH2ImZmiIvBNoWFe8HK3SazOUZLMNlcLrs%2BQ8g1cUF9lNh8LOXo%2Fw%2B15wjOETU12bmlMGEYViFOkRIny53k36VNhSnB14JD%2FtrzymA%2F8AFCdh7Yey3vsDavMTE2%2BgBTCPWJUC03i%2BSJpKDH2N05C5fv5LrYrHmT6H2QZthmUGqBJL6wfwuomNMcIh6Hs5qtV62lzAw%2FEoLMYcosNhLHdgAcs6p1c%2F%2B3I1txO0FSs3dUTXyrgYm0gbDrP0bCAR7mYg2J%2BGVLWvfb9AVzWwMXIuZdNGHgS1tzx6vHNgLeGPBky%2BpdH3iBv5TSr1SQ%2F%2BYXKK46jReBCO6qs9TosOHrG0o6xrEto3QCpB8HpgIwBWUzv0geUFs%2FmwgWA26GWHHjR2%2F0nblbdbBRYfXlYXMTmd5JC60n3v4b3gfFEigdt0K%2FTpaI9AGzXWEvZV5ChbQSf0SjiWx0By5NRJltyydPqOSUjNPKGxo5FhKrjY%2BAxpW7GI4ijNrfDTSD304cW3xn7jOEwljTm76%2FIZMlJFyQwgCNU0rOz9y%2BoVwN3vQnDbTZ4NjNxs9SxD%2BkjG0X1bxRFMhr8Tj8THdzx8T%2Bj6ZxfWwXpW%2FU3YuQgorARqq%2BKEIs0x9sqHN%2B21mok36aq5NWesURvBys0gvsmEdW0OKhy1rb9rWOaYy%2FbrzLmX%2BKU8pPdI3FYtT0GZsZzMuk%2FAvV09LTwbVxUqPZFSBMTUzJ31a1Jmr0J%2FFmLLgywrwEbKx9xZw7A7Fpl5hDT%2FkCuw%3D%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
  3. http://www.toromclick.com/feed/click/?t1=128&tid=760&uid=192&subid=canad.ca&id=8b138994fbe3cfc591122847cd65cf9f:61308f4d196a78851806f9a00b0e7aaf9adc77935c54543f7836c1904df82f24e8c4b911a9786ca706ce602886bd5f1e2770e25204926e56f1fd5fd269ad35386016bf1e9cb9afb54e7a123d2a238f97d0f07186823c084a614625b11e96608a96a4ee0b8ce4b1a574112014ad5fbb7a1c6ffeca8cdee69a5031d1c81755525706060dee3111e506a8941d1692a13bfa576bdfc9e51302fcb8e6e150ce61bdbb98ac168b196b21feb98a7dfdef28116ff15c76963d01773dbbf1d633b3ad49f20b26e73cfd470a76918ff4dd526b5b75a5992848e3ceccbfa18a18984a23759d53a73022a56cf2b1cdc3c4ef0e2a38f1f918e1eda1f013f168e6ff949bf11b516b7f835c072b0fd4ccecee6d191f227d0735f20b121c9a3e256ed1c41288932c66582ed5eaf0b9177f27a0f8bf81fe08d5470d42740a2e1bc18f3a1e3e8879bbe531487b36621a06874b4d226c47a0b9484f29cee065b68a6771b309ee94078905481210d0da042af7f7a117577285f4171d6465a95a5e3419a931f754efe7c35bcd14620a84bba12aba0b55ac98002068df180ed6a0a33352658d75f0f78a5edc111f5baf517dc7f6566bc7f88043686e00e53e8a1c0f252de0669a8af97a0a9eafb8f91274a5a7f1fc1ad435e9e0cd2111745cc838a23d7c20cc1b2928773f72758752061f02ae7a85dbd58b14ced93334aec06714bb04cb0c406baaed129ce27c6c2b62e3b0618fb5ae0175b5626a1265ffa6a44ce48b9723b1725750f97bd0b632f48062ec2b8685fad4801d6f1e17970bbb33b4beb80dfaa0806bea3d9d11148af4fe434638feebfa05419b5efa84f02daa57f858ecdf9e44fdfeaf2a2c2fd82c34eb10e60fc9c585a616785591ebf2dbb64766b3c0bfd749f6267bc2116f38e945d63fad8ec98d1a9dc438a76f524b205d024b3002d83455f0f0a5b82dc6c504376b3ac8af874720a8b3c1fbb89430777181490560a53879ddcd8d48bc9d6092c64c7e65cc84df3405de29d706e6ed2b7403e5b0cca86f156f86a523b6c8536c4a48355aa6b4061e7e8ad281de44150811cd94f748f5268153eee96a485075da618755a72037d26bca995bad03a6b35309bb9cd5f00513c780388b07f9ae286e4a4522fcaadc2e112944c6d5fcfaf0e43fe3ee45be906aecf15ee6d63c6d0a78d2862f6ef93f0e4d525f13fe1a10e067fca94d4b219ba1fd98815195aedf640574e8d74379e607138267fc24757729f746ee2b422a4eac7d4ccd2e0c2b608e7d3fd3dd6b16af9ad79fa24bbd664dab20c443bbb1a845bf31a12309add2549258175f1132c708ed98bf4a81c1e3037afb3d6bc137e9317597eab61666f2aa616001fbb55cfa5f8bb449e9d2451cb7417f0a83121c542c0540e65a01baf35f42c2777eefa0bf493b3c300446e693471c6679c687b9be4493075415aadbbb52b85244dde54d7c3f3be1c55446081688709ea8819a7f724a912e7f9cbd9a91876e6ed94fdf5c765a6c24b18a7c9a73ea8af2806d9ffc4de35c0ff112bf7d94d6dddc0450e172d8e6a3f2373fa6a40a0a545bf8e2e415f016f89af57db9df2c0f2cb3380a604a0e4fa2d1810f2b5c6b76bcb9254ece3780ea2321f51e293729bd6e2a25ffefd0ae588f0431193f2bc33b20ebec7c197260f9e636a5b6df38a51a3f2bd944a97257d5347d0a31569a6e12ac5ee80f80d94dadc818fa2da973f7a767aa678307d1068d45656b0f8784b20648abe9d26095cc6b64ea8e237db762dc2a0d520bde02411ec956e2ee0821e6 HTTP 302
    https://redir.blowingwind.xyz/feed/click/?t1=128&tid=88&uid=59&subid=760_canad.ca&id=de2358e7522a334b3cff5ac282450999:b7dad1b419d79cb81b8505088f1e88ee25eaedc233ea02ce21fa0dd1886e049baca960db3cbe1369ea9f24ef1c12911880c4a230602dc2e3c142c8666d25353fa7e8718687a4ffc4ea94f4f853fd728f65f89b97fa0b8f6a15015f97b2461ccaf48a12210e55e3815f4c0e74754349669e1b84968f19cdfed2f0a31529e3fedd5be121103ef0231ac87e9c18309670b7a31218088bcf1149695052778059186abb9bef123e756a324b98a7393ff1708eec7a35f48cc0399ea3a3f9452ea4dfc0fa337293653415696a97828519d0ec23b1615371bb216d3430dd752414ca9dbb9ed8e830a079ddbad2cc69397d43502ffc6c72e495573d642ac7016a7216f97e0f399db7ff60366140f16f1012e6146d33aed916b4bc28a3aea8229608b48027411893d7420f73296161c989d321fcc99a932018c62371107eac0028aa6dde0cdc9a57661b0e26b5dce24ce61df3729fdd0982c4368e7fc9664f905c7de59a9ba19e353ba62ca3980dc4529e059b573038f0307dd1369c3e0b1b6d21d2b8ec34442535f2e382722ddba6de0b1070d40814a4ab45b72a627b734f810cd8368fe59558836f2c7566f060970071b091c389 HTTP 302
    http://vibiu-dau.com/zclkvisitor/0b449400-71bf-11ee-b802-0ac6c987bb83/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=0b550ec2-71bf-11ee-b802-0ac6c987bb83 Page URL
  4. http://vibiu-dau.com/zclkredirect?visitid=0b449400-71bf-11ee-b802-0ac6c987bb83&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false Page URL
  5. https://www5.getsecurybrowseapp.com/view?src=hXxvqtXqT9p1lli73ZyviGUPJByMNnp01J47GE07WykmvsCYqQ-QvgQ7phLi0CNgQvLB-Ij9FLaCQ4uJXEfXXuc4FaRlHwe8ykT2fs79czALxmBVrY3vhjhYCq6VxQfTK9h7IwB5h0ri_73kVAx3rPvyx33S-4EHtpy9xll-qZ5N6i_Aec-OHWwxaXWkSr43B3sY_BLv4sHUacYxKq4-WIJHzS4nl30sle5d1f1msirPefedpgaY0R3kVt7KDyRkupmiNkJRqIlCeU14Wz-L6WbKY-o9MxujYwW37grwvgfKupbu70Nt2lJMxO9pCXJirlenKyKoK5SCp2BJ78qOFXLsz44CA128dJ7GiOnpfTCeN4WdPJzAWABQlpum_Sxar0x00pKmx3n53HZ2CDJz5uvQHaVkUxs75K_Rmb28k2njKlWJBrDLH7cqF9iOba8- Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://www.toromclick.com/feed/click/?t1=128&tid=760&uid=192&subid=canad.ca&id=8b138994fbe3cfc591122847cd65cf9f:61308f4d196a78851806f9a00b0e7aaf9adc77935c54543f7836c1904df82f24e8c4b911a9786ca706ce602886bd5f1e2770e25204926e56f1fd5fd269ad35386016bf1e9cb9afb54e7a123d2a238f97d0f07186823c084a614625b11e96608a96a4ee0b8ce4b1a574112014ad5fbb7a1c6ffeca8cdee69a5031d1c81755525706060dee3111e506a8941d1692a13bfa576bdfc9e51302fcb8e6e150ce61bdbb98ac168b196b21feb98a7dfdef28116ff15c76963d01773dbbf1d633b3ad49f20b26e73cfd470a76918ff4dd526b5b75a5992848e3ceccbfa18a18984a23759d53a73022a56cf2b1cdc3c4ef0e2a38f1f918e1eda1f013f168e6ff949bf11b516b7f835c072b0fd4ccecee6d191f227d0735f20b121c9a3e256ed1c41288932c66582ed5eaf0b9177f27a0f8bf81fe08d5470d42740a2e1bc18f3a1e3e8879bbe531487b36621a06874b4d226c47a0b9484f29cee065b68a6771b309ee94078905481210d0da042af7f7a117577285f4171d6465a95a5e3419a931f754efe7c35bcd14620a84bba12aba0b55ac98002068df180ed6a0a33352658d75f0f78a5edc111f5baf517dc7f6566bc7f88043686e00e53e8a1c0f252de0669a8af97a0a9eafb8f91274a5a7f1fc1ad435e9e0cd2111745cc838a23d7c20cc1b2928773f72758752061f02ae7a85dbd58b14ced93334aec06714bb04cb0c406baaed129ce27c6c2b62e3b0618fb5ae0175b5626a1265ffa6a44ce48b9723b1725750f97bd0b632f48062ec2b8685fad4801d6f1e17970bbb33b4beb80dfaa0806bea3d9d11148af4fe434638feebfa05419b5efa84f02daa57f858ecdf9e44fdfeaf2a2c2fd82c34eb10e60fc9c585a616785591ebf2dbb64766b3c0bfd749f6267bc2116f38e945d63fad8ec98d1a9dc438a76f524b205d024b3002d83455f0f0a5b82dc6c504376b3ac8af874720a8b3c1fbb89430777181490560a53879ddcd8d48bc9d6092c64c7e65cc84df3405de29d706e6ed2b7403e5b0cca86f156f86a523b6c8536c4a48355aa6b4061e7e8ad281de44150811cd94f748f5268153eee96a485075da618755a72037d26bca995bad03a6b35309bb9cd5f00513c780388b07f9ae286e4a4522fcaadc2e112944c6d5fcfaf0e43fe3ee45be906aecf15ee6d63c6d0a78d2862f6ef93f0e4d525f13fe1a10e067fca94d4b219ba1fd98815195aedf640574e8d74379e607138267fc24757729f746ee2b422a4eac7d4ccd2e0c2b608e7d3fd3dd6b16af9ad79fa24bbd664dab20c443bbb1a845bf31a12309add2549258175f1132c708ed98bf4a81c1e3037afb3d6bc137e9317597eab61666f2aa616001fbb55cfa5f8bb449e9d2451cb7417f0a83121c542c0540e65a01baf35f42c2777eefa0bf493b3c300446e693471c6679c687b9be4493075415aadbbb52b85244dde54d7c3f3be1c55446081688709ea8819a7f724a912e7f9cbd9a91876e6ed94fdf5c765a6c24b18a7c9a73ea8af2806d9ffc4de35c0ff112bf7d94d6dddc0450e172d8e6a3f2373fa6a40a0a545bf8e2e415f016f89af57db9df2c0f2cb3380a604a0e4fa2d1810f2b5c6b76bcb9254ece3780ea2321f51e293729bd6e2a25ffefd0ae588f0431193f2bc33b20ebec7c197260f9e636a5b6df38a51a3f2bd944a97257d5347d0a31569a6e12ac5ee80f80d94dadc818fa2da973f7a767aa678307d1068d45656b0f8784b20648abe9d26095cc6b64ea8e237db762dc2a0d520bde02411ec956e2ee0821e6 HTTP 302
  • https://redir.blowingwind.xyz/feed/click/?t1=128&tid=88&uid=59&subid=760_canad.ca&id=de2358e7522a334b3cff5ac282450999:b7dad1b419d79cb81b8505088f1e88ee25eaedc233ea02ce21fa0dd1886e049baca960db3cbe1369ea9f24ef1c12911880c4a230602dc2e3c142c8666d25353fa7e8718687a4ffc4ea94f4f853fd728f65f89b97fa0b8f6a15015f97b2461ccaf48a12210e55e3815f4c0e74754349669e1b84968f19cdfed2f0a31529e3fedd5be121103ef0231ac87e9c18309670b7a31218088bcf1149695052778059186abb9bef123e756a324b98a7393ff1708eec7a35f48cc0399ea3a3f9452ea4dfc0fa337293653415696a97828519d0ec23b1615371bb216d3430dd752414ca9dbb9ed8e830a079ddbad2cc69397d43502ffc6c72e495573d642ac7016a7216f97e0f399db7ff60366140f16f1012e6146d33aed916b4bc28a3aea8229608b48027411893d7420f73296161c989d321fcc99a932018c62371107eac0028aa6dde0cdc9a57661b0e26b5dce24ce61df3729fdd0982c4368e7fc9664f905c7de59a9ba19e353ba62ca3980dc4529e059b573038f0307dd1369c3e0b1b6d21d2b8ec34442535f2e382722ddba6de0b1070d40814a4ab45b72a627b734f810cd8368fe59558836f2c7566f060970071b091c389 HTTP 302
  • http://vibiu-dau.com/zclkvisitor/0b449400-71bf-11ee-b802-0ac6c987bb83/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=0b550ec2-71bf-11ee-b802-0ac6c987bb83

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
canad.ca/ 		8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://canad.ca/
Protocol
HTTP/1.1
Server
69.16.230.226 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb05.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 23 Oct 2023 16:13:03 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
bouncy.php
canad.ca/page/ 		8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://canad.ca/page/bouncy.php?&bpae=GbhGsbsGPNVm9ruvUf4%2BbAbe0HAko9xljl4EczYjSaWj%2FYs%2FOCWSdeJC3YSQSeKGaqYVpr9%2BLl3K3%2B7LEf6XxScMVpIFv6Rr19PmmJiytCidzoIZi%2BiOiL5Afay2oxqvgwrLpRPol4cogKGTj5kAGFBTwtGibHiBkhzKzEq6kfaqt%2BNq3Oqsbf1EzKsszYGTlJiCju2yqfi2NLP9z59rPwHFxYRKXr%2B9C5dEEja%2BrzvGWL7yg9y0AqZTvJ8eh5SgQ5hIh3%2FMMiUn4daw56TioKyORoH4v0MKxbYIA2YHL7acTofl6FTMfuhPOASE8oFNSi0sv%2BDb5NlP1B1zzCel8OjQ%2F%2FA1KzxEZeAj82QOysVOuHLCCVVo%2F0CDm%2FYW783%2FFfTeZQ%2Fw571eE9dXBKOHpP4Cz%2BufqaN5Hnx8jnWR2xiJtiJ%2FhuTyg4H4UvrRhtofiZ%2FCmiguDcbCDgRhIBN2nYTbEyed0rT%2FhvWJuW7VQlrkuPZlZyKv9nVlPXkTofOvoEQuVUjHSBesjCuCVBVqgOtcdKI%2FlJnZp24Z31sDOg2QqjuT8Fjq1rXxGxxQ5IAEEKR%2BmNeB2uTrX7GwyCn84f26%2BsGwoZVIWSruvgWMjgVVx9ymwQJkF0YndEzAZgOHu1tHlikQ4F0O7Epkh74%2B887Y%2BHEhvlEzaUSFByHay4D0Cf3PnkLylUi0Zo6LPUyw13lfuUQkFQubOWyMt3VbWP2CYeKc4Qlgc10NzE1LJmWcpYNma%2F4w04k2iivOhLCIdlhg1OU9y2%2BewdsF8ruE48EZm3SX4PvTh%2FOvRYzYLNlWJH1z16b6XNbEzi%2Bi50dAlbp7EGnMk7Zvk9z0vvuGGniWgg8vjBQAocLvuVZWRcs7lw4kVxPsMcCihFxJJmcWyz1mlp95CDoWaPPhX8fbrQlL1myqPOXGzBh7scJ4Pq8Cw049f9sh%2BE06Pim4uIRvQ%2Fsx6vv%2FRfxhaPi%2B4cG%2B7MWR0TI%2Baf4i%2BNW6utGWKlHkvQ1AFTEnZd96%2F0PtKaBDgsD1Lw937SmwA2zzKSHXQLli%2F2wQWFNxyoASVElYnwl%2BSQt1i%2BuooKwt47IydATCJgwbhwIRu7ZgxvPFRlRk8d%2Bd94r3Q9qk3tm8UW%2FLAqUAkhH4mFRkef0xe7cxJT3zz7ngDUewgMUj%2FabxQMu1y7ffZMuFew2JPBHpvLRqy2jXeW6FPF2Hu2ugc7QWJOFHP6xUAkZ0ChdPnTd8ekJI9k8eaoL4dvn1ZgJPWAJcNOCuzBkmSxjfCwJaQtR7WcShddYgVk9w4JvOBHUPBGBjRE3Dhx6FXeJgw2mU9gVfNJCMzJ%2B35yAqSKMjZoRuHzSzxr5Ym1d%2FBcxPydViSHAxBpIqYtX8n%2FJC%2F3hvg71VptDPC4YcFCVU5WVpqF1es3KYLTuHPWEERvKL9vEdhOgF9wUaJQKLP4teRo9gFRcAtDMcLi8PBbG1KKq%2FyHm%2FwnN4ph18IxF0LWc%2FfdXKzfY0VTD7rn0sNitVRxgDIAw%2FUBLyIPfXxun9hAuIbvgSRQcjuNTGwxH7o84KUEdsOvqR52JRuqcDKqiMSxZjuaaQNwargOAF3iIo3eZeckhKEnpFyh64sH2XYYXVAJGtoMjPrkR2WGzYU%2BXZkK6cb4MamhN1M7K7CXr75OswTfiB6lPVx2Ud%2BXlchNaXdDkCJrs0qVzCcdigfSLfcaYZVGlFYMH2ImZmiIvBNoWFe8HK3SazOUZLMNlcLrs%2BQ8g1cUF9lNh8LOXo%2Fw%2B15wjOETU12bmlMGEYViFOkRIny53k36VNhSnB14JD%2FtrzymA%2F8AFCdh7Yey3vsDavMTE2%2BgBTCPWJUC03i%2BSJpKDH2N05C5fv5LrYrHmT6H2QZthmUGqBJL6wfwuomNMcIh6Hs5qtV62lzAw%2FEoLMYcosNhLHdgAcs6p1c%2F%2B3I1txO0FSs3dUTXyrgYm0gbDrP0bCAR7mYg2J%2BGVLWvfb9AVzWwMXIuZdNGHgS1tzx6vHNgLeGPBky%2BpdH3iBv5TSr1SQ%2F%2BYXKK46jReBCO6qs9TosOHrG0o6xrEto3QCpB8HpgIwBWUzv0geUFs%2FmwgWA26GWHHjR2%2F0nblbdbBRYfXlYXMTmd5JC60n3v4b3gfFEigdt0K%2FTpaI9AGzXWEvZV5ChbQSf0SjiWx0By5NRJltyydPqOSUjNPKGxo5FhKrjY%2BAxpW7GI4ijNrfDTSD304cW3xn7jOEwljTm76%2FIZMlJFyQwgCNU0rOz9y%2BoVwN3vQnDbTZ4NjNxs9SxD%2BkjG0X1bxRFMhr8Tj8THdzx8T%2Bj6ZxfWwXpW%2FU3YuQgorARqq%2BKEIs0x9sqHN%2B21mok36aq5NWesURvBys0gvsmEdW0OKhy1rb9rWOaYy%2FbrzLmX%2BKU8pPdI3FYtT0GZsZzMuk%2FAvV09LTwbVxUqPZFSBMTUzJ31a1Jmr0J%2FFmLLgywrwEbKx9xZw7A7Fpl5hDT%2FkCuw%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: canad.ca
URL: http://canad.ca/
Protocol
HTTP/1.1
Server
69.16.230.226 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb05.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Referer
http://canad.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 23 Oct 2023 16:13:04 GMT
Keep-Alive
timeout=5, max=99
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
cfcdab84-dabd-11ed-962d-0ad412f815c1
vibiu-dau.com/zclkvisitor/0b449400-71bf-11ee-b802-0ac6c987bb83/
Redirect Chain
  • http://www.toromclick.com/feed/click/?t1=128&tid=760&uid=192&subid=canad.ca&id=8b138994fbe3cfc591122847cd65cf9f:61308f4d196a78851806f9a00b0e7aaf9adc77935c54543f7836c1904df82f24e8c4b911a9786ca706ce6...
  • https://redir.blowingwind.xyz/feed/click/?t1=128&tid=88&uid=59&subid=760_canad.ca&id=de2358e7522a334b3cff5ac282450999:b7dad1b419d79cb81b8505088f1e88ee25eaedc233ea02ce21fa0dd1886e049baca960db3cbe136...
  • http://vibiu-dau.com/zclkvisitor/0b449400-71bf-11ee-b802-0ac6c987bb83/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=0b550ec2-71bf-11ee-b802-0ac6c987bb83
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://vibiu-dau.com/zclkvisitor/0b449400-71bf-11ee-b802-0ac6c987bb83/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=0b550ec2-71bf-11ee-b802-0ac6c987bb83
Requested by
Host: canad.ca
URL: http://canad.ca/page/bouncy.php?&bpae=GbhGsbsGPNVm9ruvUf4%2BbAbe0HAko9xljl4EczYjSaWj%2FYs%2FOCWSdeJC3YSQSeKGaqYVpr9%2BLl3K3%2B7LEf6XxScMVpIFv6Rr19PmmJiytCidzoIZi%2BiOiL5Afay2oxqvgwrLpRPol4cogKGTj5kAGFBTwtGibHiBkhzKzEq6kfaqt%2BNq3Oqsbf1EzKsszYGTlJiCju2yqfi2NLP9z59rPwHFxYRKXr%2B9C5dEEja%2BrzvGWL7yg9y0AqZTvJ8eh5SgQ5hIh3%2FMMiUn4daw56TioKyORoH4v0MKxbYIA2YHL7acTofl6FTMfuhPOASE8oFNSi0sv%2BDb5NlP1B1zzCel8OjQ%2F%2FA1KzxEZeAj82QOysVOuHLCCVVo%2F0CDm%2FYW783%2FFfTeZQ%2Fw571eE9dXBKOHpP4Cz%2BufqaN5Hnx8jnWR2xiJtiJ%2FhuTyg4H4UvrRhtofiZ%2FCmiguDcbCDgRhIBN2nYTbEyed0rT%2FhvWJuW7VQlrkuPZlZyKv9nVlPXkTofOvoEQuVUjHSBesjCuCVBVqgOtcdKI%2FlJnZp24Z31sDOg2QqjuT8Fjq1rXxGxxQ5IAEEKR%2BmNeB2uTrX7GwyCn84f26%2BsGwoZVIWSruvgWMjgVVx9ymwQJkF0YndEzAZgOHu1tHlikQ4F0O7Epkh74%2B887Y%2BHEhvlEzaUSFByHay4D0Cf3PnkLylUi0Zo6LPUyw13lfuUQkFQubOWyMt3VbWP2CYeKc4Qlgc10NzE1LJmWcpYNma%2F4w04k2iivOhLCIdlhg1OU9y2%2BewdsF8ruE48EZm3SX4PvTh%2FOvRYzYLNlWJH1z16b6XNbEzi%2Bi50dAlbp7EGnMk7Zvk9z0vvuGGniWgg8vjBQAocLvuVZWRcs7lw4kVxPsMcCihFxJJmcWyz1mlp95CDoWaPPhX8fbrQlL1myqPOXGzBh7scJ4Pq8Cw049f9sh%2BE06Pim4uIRvQ%2Fsx6vv%2FRfxhaPi%2B4cG%2B7MWR0TI%2Baf4i%2BNW6utGWKlHkvQ1AFTEnZd96%2F0PtKaBDgsD1Lw937SmwA2zzKSHXQLli%2F2wQWFNxyoASVElYnwl%2BSQt1i%2BuooKwt47IydATCJgwbhwIRu7ZgxvPFRlRk8d%2Bd94r3Q9qk3tm8UW%2FLAqUAkhH4mFRkef0xe7cxJT3zz7ngDUewgMUj%2FabxQMu1y7ffZMuFew2JPBHpvLRqy2jXeW6FPF2Hu2ugc7QWJOFHP6xUAkZ0ChdPnTd8ekJI9k8eaoL4dvn1ZgJPWAJcNOCuzBkmSxjfCwJaQtR7WcShddYgVk9w4JvOBHUPBGBjRE3Dhx6FXeJgw2mU9gVfNJCMzJ%2B35yAqSKMjZoRuHzSzxr5Ym1d%2FBcxPydViSHAxBpIqYtX8n%2FJC%2F3hvg71VptDPC4YcFCVU5WVpqF1es3KYLTuHPWEERvKL9vEdhOgF9wUaJQKLP4teRo9gFRcAtDMcLi8PBbG1KKq%2FyHm%2FwnN4ph18IxF0LWc%2FfdXKzfY0VTD7rn0sNitVRxgDIAw%2FUBLyIPfXxun9hAuIbvgSRQcjuNTGwxH7o84KUEdsOvqR52JRuqcDKqiMSxZjuaaQNwargOAF3iIo3eZeckhKEnpFyh64sH2XYYXVAJGtoMjPrkR2WGzYU%2BXZkK6cb4MamhN1M7K7CXr75OswTfiB6lPVx2Ud%2BXlchNaXdDkCJrs0qVzCcdigfSLfcaYZVGlFYMH2ImZmiIvBNoWFe8HK3SazOUZLMNlcLrs%2BQ8g1cUF9lNh8LOXo%2Fw%2B15wjOETU12bmlMGEYViFOkRIny53k36VNhSnB14JD%2FtrzymA%2F8AFCdh7Yey3vsDavMTE2%2BgBTCPWJUC03i%2BSJpKDH2N05C5fv5LrYrHmT6H2QZthmUGqBJL6wfwuomNMcIh6Hs5qtV62lzAw%2FEoLMYcosNhLHdgAcs6p1c%2F%2B3I1txO0FSs3dUTXyrgYm0gbDrP0bCAR7mYg2J%2BGVLWvfb9AVzWwMXIuZdNGHgS1tzx6vHNgLeGPBky%2BpdH3iBv5TSr1SQ%2F%2BYXKK46jReBCO6qs9TosOHrG0o6xrEto3QCpB8HpgIwBWUzv0geUFs%2FmwgWA26GWHHjR2%2F0nblbdbBRYfXlYXMTmd5JC60n3v4b3gfFEigdt0K%2FTpaI9AGzXWEvZV5ChbQSf0SjiWx0By5NRJltyydPqOSUjNPKGxo5FhKrjY%2BAxpW7GI4ijNrfDTSD304cW3xn7jOEwljTm76%2FIZMlJFyQwgCNU0rOz9y%2BoVwN3vQnDbTZ4NjNxs9SxD%2BkjG0X1bxRFMhr8Tj8THdzx8T%2Bj6ZxfWwXpW%2FU3YuQgorARqq%2BKEIs0x9sqHN%2B21mok36aq5NWesURvBys0gvsmEdW0OKhy1rb9rWOaYy%2FbrzLmX%2BKU8pPdI3FYtT0GZsZzMuk%2FAvV09LTwbVxUqPZFSBMTUzJ31a1Jmr0J%2FFmLLgywrwEbKx9xZw7A7Fpl5hDT%2FkCuw%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol
HTTP/1.1
Server
35.171.236.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-236-221.compute-1.amazonaws.com
Software
DPuDUVbR /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://canad.ca/page/bouncy.php?&bpae=GbhGsbsGPNVm9ruvUf4%2BbAbe0HAko9xljl4EczYjSaWj%2FYs%2FOCWSdeJC3YSQSeKGaqYVpr9%2BLl3K3%2B7LEf6XxScMVpIFv6Rr19PmmJiytCidzoIZi%2BiOiL5Afay2oxqvgwrLpRPol4cogKGTj5kAGFBTwtGibHiBkhzKzEq6kfaqt%2BNq3Oqsbf1EzKsszYGTlJiCju2yqfi2NLP9z59rPwHFxYRKXr%2B9C5dEEja%2BrzvGWL7yg9y0AqZTvJ8eh5SgQ5hIh3%2FMMiUn4daw56TioKyORoH4v0MKxbYIA2YHL7acTofl6FTMfuhPOASE8oFNSi0sv%2BDb5NlP1B1zzCel8OjQ%2F%2FA1KzxEZeAj82QOysVOuHLCCVVo%2F0CDm%2FYW783%2FFfTeZQ%2Fw571eE9dXBKOHpP4Cz%2BufqaN5Hnx8jnWR2xiJtiJ%2FhuTyg4H4UvrRhtofiZ%2FCmiguDcbCDgRhIBN2nYTbEyed0rT%2FhvWJuW7VQlrkuPZlZyKv9nVlPXkTofOvoEQuVUjHSBesjCuCVBVqgOtcdKI%2FlJnZp24Z31sDOg2QqjuT8Fjq1rXxGxxQ5IAEEKR%2BmNeB2uTrX7GwyCn84f26%2BsGwoZVIWSruvgWMjgVVx9ymwQJkF0YndEzAZgOHu1tHlikQ4F0O7Epkh74%2B887Y%2BHEhvlEzaUSFByHay4D0Cf3PnkLylUi0Zo6LPUyw13lfuUQkFQubOWyMt3VbWP2CYeKc4Qlgc10NzE1LJmWcpYNma%2F4w04k2iivOhLCIdlhg1OU9y2%2BewdsF8ruE48EZm3SX4PvTh%2FOvRYzYLNlWJH1z16b6XNbEzi%2Bi50dAlbp7EGnMk7Zvk9z0vvuGGniWgg8vjBQAocLvuVZWRcs7lw4kVxPsMcCihFxJJmcWyz1mlp95CDoWaPPhX8fbrQlL1myqPOXGzBh7scJ4Pq8Cw049f9sh%2BE06Pim4uIRvQ%2Fsx6vv%2FRfxhaPi%2B4cG%2B7MWR0TI%2Baf4i%2BNW6utGWKlHkvQ1AFTEnZd96%2F0PtKaBDgsD1Lw937SmwA2zzKSHXQLli%2F2wQWFNxyoASVElYnwl%2BSQt1i%2BuooKwt47IydATCJgwbhwIRu7ZgxvPFRlRk8d%2Bd94r3Q9qk3tm8UW%2FLAqUAkhH4mFRkef0xe7cxJT3zz7ngDUewgMUj%2FabxQMu1y7ffZMuFew2JPBHpvLRqy2jXeW6FPF2Hu2ugc7QWJOFHP6xUAkZ0ChdPnTd8ekJI9k8eaoL4dvn1ZgJPWAJcNOCuzBkmSxjfCwJaQtR7WcShddYgVk9w4JvOBHUPBGBjRE3Dhx6FXeJgw2mU9gVfNJCMzJ%2B35yAqSKMjZoRuHzSzxr5Ym1d%2FBcxPydViSHAxBpIqYtX8n%2FJC%2F3hvg71VptDPC4YcFCVU5WVpqF1es3KYLTuHPWEERvKL9vEdhOgF9wUaJQKLP4teRo9gFRcAtDMcLi8PBbG1KKq%2FyHm%2FwnN4ph18IxF0LWc%2FfdXKzfY0VTD7rn0sNitVRxgDIAw%2FUBLyIPfXxun9hAuIbvgSRQcjuNTGwxH7o84KUEdsOvqR52JRuqcDKqiMSxZjuaaQNwargOAF3iIo3eZeckhKEnpFyh64sH2XYYXVAJGtoMjPrkR2WGzYU%2BXZkK6cb4MamhN1M7K7CXr75OswTfiB6lPVx2Ud%2BXlchNaXdDkCJrs0qVzCcdigfSLfcaYZVGlFYMH2ImZmiIvBNoWFe8HK3SazOUZLMNlcLrs%2BQ8g1cUF9lNh8LOXo%2Fw%2B15wjOETU12bmlMGEYViFOkRIny53k36VNhSnB14JD%2FtrzymA%2F8AFCdh7Yey3vsDavMTE2%2BgBTCPWJUC03i%2BSJpKDH2N05C5fv5LrYrHmT6H2QZthmUGqBJL6wfwuomNMcIh6Hs5qtV62lzAw%2FEoLMYcosNhLHdgAcs6p1c%2F%2B3I1txO0FSs3dUTXyrgYm0gbDrP0bCAR7mYg2J%2BGVLWvfb9AVzWwMXIuZdNGHgS1tzx6vHNgLeGPBky%2BpdH3iBv5TSr1SQ%2F%2BYXKK46jReBCO6qs9TosOHrG0o6xrEto3QCpB8HpgIwBWUzv0geUFs%2FmwgWA26GWHHjR2%2F0nblbdbBRYfXlYXMTmd5JC60n3v4b3gfFEigdt0K%2FTpaI9AGzXWEvZV5ChbQSf0SjiWx0By5NRJltyydPqOSUjNPKGxo5FhKrjY%2BAxpW7GI4ijNrfDTSD304cW3xn7jOEwljTm76%2FIZMlJFyQwgCNU0rOz9y%2BoVwN3vQnDbTZ4NjNxs9SxD%2BkjG0X1bxRFMhr8Tj8THdzx8T%2Bj6ZxfWwXpW%2FU3YuQgorARqq%2BKEIs0x9sqHN%2B21mok36aq5NWesURvBys0gvsmEdW0OKhy1rb9rWOaYy%2FbrzLmX%2BKU8pPdI3FYtT0GZsZzMuk%2FAvV09LTwbVxUqPZFSBMTUzJ31a1Jmr0J%2FFmLLgywrwEbKx9xZw7A7Fpl5hDT%2FkCuw%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Mon, 23 Oct 2023 16:13:12 GMT
Server
DPuDUVbR
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
352
Content-Type
text/html; charset=utf-8
Date
Mon, 23 Oct 2023 16:13:05 GMT
Expires
0
Keep-Alive
timeout=5
Location
http://vibiu-dau.com/zclkvisitor/0b449400-71bf-11ee-b802-0ac6c987bb83/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=0b550ec2-71bf-11ee-b802-0ac6c987bb83
Surrogate-Control
no-store
Vary
Accept
X-Powered-By
Express
zclkredirect
vibiu-dau.com/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://vibiu-dau.com/zclkredirect?visitid=0b449400-71bf-11ee-b802-0ac6c987bb83&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Requested by
Host: vibiu-dau.com
URL: http://vibiu-dau.com/zclkvisitor/0b449400-71bf-11ee-b802-0ac6c987bb83/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=0b550ec2-71bf-11ee-b802-0ac6c987bb83
Protocol
HTTP/1.1
Server
35.171.236.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-236-221.compute-1.amazonaws.com
Software
WhyqnEql /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://vibiu-dau.com/zclkvisitor/0b449400-71bf-11ee-b802-0ac6c987bb83/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=0b550ec2-71bf-11ee-b802-0ac6c987bb83
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Mon, 23 Oct 2023 16:13:12 GMT
Server
WhyqnEql
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
redirected
JS
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
Primary Request view
www5.getsecurybrowseapp.com/ 		61 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www5.getsecurybrowseapp.com/view?src=hXxvqtXqT9p1lli73ZyviGUPJByMNnp01J47GE07WykmvsCYqQ-QvgQ7phLi0CNgQvLB-Ij9FLaCQ4uJXEfXXuc4FaRlHwe8ykT2fs79czALxmBVrY3vhjhYCq6VxQfTK9h7IwB5h0ri_73kVAx3rPvyx33S-4EHtpy9xll-qZ5N6i_Aec-OHWwxaXWkSr43B3sY_BLv4sHUacYxKq4-WIJHzS4nl30sle5d1f1msirPefedpgaY0R3kVt7KDyRkupmiNkJRqIlCeU14Wz-L6WbKY-o9MxujYwW37grwvgfKupbu70Nt2lJMxO9pCXJirlenKyKoK5SCp2BJ78qOFXLsz44CA128dJ7GiOnpfTCeN4WdPJzAWABQlpum_Sxar0x00pKmx3n53HZ2CDJz5uvQHaVkUxs75K_Rmb28k2njKlWJBrDLH7cqF9iOba8-
Requested by
Host: vibiu-dau.com
URL: http://vibiu-dau.com/zclkredirect?visitid=0b449400-71bf-11ee-b802-0ac6c987bb83&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.144.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cb69bfa7dfa31550b34d99e9080daa5348b935b4dcd35f9b3cabdb5e5727863
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: blob: *.facebook.net *.facebook.com *.googlesyndication.com *.googletagmanager.com *.google-analytics.com *.google.com *.g.doubleclick.net *.googleadservices.com *.rtbrain.app *.onaudience.com *.adsrvr.org *.eyeota.net *.turn.com *.matchtag.com *.everesttech.net fullstory.com *.fullstory.com *.bing.com secure.adnxs.com fonts.gstatic.com use.fontawesome.com fonts.googleapis.com a0.muscache.com; img-src * data: blob:; report-uri /view/csp_report

Request headers

Referer
http://vibiu-dau.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
81ab441b388b36cc-YYZ
content-encoding
br
content-security-policy
default-src 'self' 'unsafe-inline' data: blob: *.facebook.net *.facebook.com *.googlesyndication.com *.googletagmanager.com *.google-analytics.com *.google.com *.g.doubleclick.net *.googleadservices.com *.rtbrain.app *.onaudience.com *.adsrvr.org *.eyeota.net *.turn.com *.matchtag.com *.everesttech.net fullstory.com *.fullstory.com *.bing.com secure.adnxs.com fonts.gstatic.com use.fontawesome.com fonts.googleapis.com a0.muscache.com; img-src * data: blob:; report-uri /view/csp_report
content-type
text/html; charset=UTF-8
date
Mon, 23 Oct 2023 16:13:13 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X448agcds%2BWpVDLYktM3poytr4LphM2zr2Wghi3sU1pvs5%2BR%2FlwilwnwsewIqbU3Th4kPHzTEt24oqNdHGGGBL1GZh%2BGXapPf4bAYyjZu5T%2FRc68V09r12s%2BqcgUbpNJKteAC3PZ31e%2FtfsvO0g%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
csp_report
www5.getsecurybrowseapp.com/view/ 		0
0
pixl
www5.getsecurybrowseapp.com/ 		0
297 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.getsecurybrowseapp.com/pixl?t=js
Requested by
Host: www5.getsecurybrowseapp.com
URL: https://www5.getsecurybrowseapp.com/view?src=hXxvqtXqT9p1lli73ZyviGUPJByMNnp01J47GE07WykmvsCYqQ-QvgQ7phLi0CNgQvLB-Ij9FLaCQ4uJXEfXXuc4FaRlHwe8ykT2fs79czALxmBVrY3vhjhYCq6VxQfTK9h7IwB5h0ri_73kVAx3rPvyx33S-4EHtpy9xll-qZ5N6i_Aec-OHWwxaXWkSr43B3sY_BLv4sHUacYxKq4-WIJHzS4nl30sle5d1f1msirPefedpgaY0R3kVt7KDyRkupmiNkJRqIlCeU14Wz-L6WbKY-o9MxujYwW37grwvgfKupbu70Nt2lJMxO9pCXJirlenKyKoK5SCp2BJ78qOFXLsz44CA128dJ7GiOnpfTCeN4WdPJzAWABQlpum_Sxar0x00pKmx3n53HZ2CDJz5uvQHaVkUxs75K_Rmb28k2njKlWJBrDLH7cqF9iOba8-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.144.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www5.getsecurybrowseapp.com/view?src=hXxvqtXqT9p1lli73ZyviGUPJByMNnp01J47GE07WykmvsCYqQ-QvgQ7phLi0CNgQvLB-Ij9FLaCQ4uJXEfXXuc4FaRlHwe8ykT2fs79czALxmBVrY3vhjhYCq6VxQfTK9h7IwB5h0ri_73kVAx3rPvyx33S-4EHtpy9xll-qZ5N6i_Aec-OHWwxaXWkSr43B3sY_BLv4sHUacYxKq4-WIJHzS4nl30sle5d1f1msirPefedpgaY0R3kVt7KDyRkupmiNkJRqIlCeU14Wz-L6WbKY-o9MxujYwW37grwvgfKupbu70Nt2lJMxO9pCXJirlenKyKoK5SCp2BJ78qOFXLsz44CA128dJ7GiOnpfTCeN4WdPJzAWABQlpum_Sxar0x00pKmx3n53HZ2CDJz5uvQHaVkUxs75K_Rmb28k2njKlWJBrDLH7cqF9iOba8-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 16:13:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QswBQoA34RKg4hyWMCyj%2FcPDKsT%2F%2Fhvm06ZcuwQ%2F28VqJij9r%2Fk7xTm%2FLApgqaecnnaDQ3WA%2Bw3yHBAMS4%2BH91D2CWL%2BouoZCRRvIrYMTEFOMV23YAHoYXdJSEC8rt916zyCHKjdyujcVgQ%2Fh1w%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
81ab441ddd6e36cc-YYZ
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires
0
webpack-runtime-d957367f6fecb919c536.js
www5.getsecurybrowseapp.com/view/rtb_cdn/heuristic-onix-0b9957/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.getsecurybrowseapp.com/view/rtb_cdn/heuristic-onix-0b9957/webpack-runtime-d957367f6fecb919c536.js
Requested by
Host: www5.getsecurybrowseapp.com
URL: https://www5.getsecurybrowseapp.com/view?src=hXxvqtXqT9p1lli73ZyviGUPJByMNnp01J47GE07WykmvsCYqQ-QvgQ7phLi0CNgQvLB-Ij9FLaCQ4uJXEfXXuc4FaRlHwe8ykT2fs79czALxmBVrY3vhjhYCq6VxQfTK9h7IwB5h0ri_73kVAx3rPvyx33S-4EHtpy9xll-qZ5N6i_Aec-OHWwxaXWkSr43B3sY_BLv4sHUacYxKq4-WIJHzS4nl30sle5d1f1msirPefedpgaY0R3kVt7KDyRkupmiNkJRqIlCeU14Wz-L6WbKY-o9MxujYwW37grwvgfKupbu70Nt2lJMxO9pCXJirlenKyKoK5SCp2BJ78qOFXLsz44CA128dJ7GiOnpfTCeN4WdPJzAWABQlpum_Sxar0x00pKmx3n53HZ2CDJz5uvQHaVkUxs75K_Rmb28k2njKlWJBrDLH7cqF9iOba8-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.144.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be813f4ef8ba917e8795a6fd0a5297f740eda5f623153a7a7ca0a9078cc7fe6c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www5.getsecurybrowseapp.com/view?src=hXxvqtXqT9p1lli73ZyviGUPJByMNnp01J47GE07WykmvsCYqQ-QvgQ7phLi0CNgQvLB-Ij9FLaCQ4uJXEfXXuc4FaRlHwe8ykT2fs79czALxmBVrY3vhjhYCq6VxQfTK9h7IwB5h0ri_73kVAx3rPvyx33S-4EHtpy9xll-qZ5N6i_Aec-OHWwxaXWkSr43B3sY_BLv4sHUacYxKq4-WIJHzS4nl30sle5d1f1msirPefedpgaY0R3kVt7KDyRkupmiNkJRqIlCeU14Wz-L6WbKY-o9MxujYwW37grwvgfKupbu70Nt2lJMxO9pCXJirlenKyKoK5SCp2BJ78qOFXLsz44CA128dJ7GiOnpfTCeN4WdPJzAWABQlpum_Sxar0x00pKmx3n53HZ2CDJz5uvQHaVkUxs75K_Rmb28k2njKlWJBrDLH7cqF9iOba8-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 16:13:13 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPDjiOvcRLwYA3Wl43%2B2iPt2GMuwslFYQGmDhuglTbarp6NZgayKvoRKqVJP0t5qVqic2trX99WMDGwIgf7%2F9i1NAA74m5tf2ABQC6Q%2BFMeSBrM1sCsJ09pKCinwMHBfRpE%2Fg0nz7VpSUYzyzPY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=60
access-control-allow-credentials
true
cf-ray
81ab441ded7836cc-YYZ
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
alt-svc
h3=":443"; ma=86400
app-3e39d2a11ecc073bde35.js
www5.getsecurybrowseapp.com/view/rtb_cdn/heuristic-onix-0b9957/ 		251 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.getsecurybrowseapp.com/view/rtb_cdn/heuristic-onix-0b9957/app-3e39d2a11ecc073bde35.js
Requested by
Host: www5.getsecurybrowseapp.com
URL: https://www5.getsecurybrowseapp.com/view?src=hXxvqtXqT9p1lli73ZyviGUPJByMNnp01J47GE07WykmvsCYqQ-QvgQ7phLi0CNgQvLB-Ij9FLaCQ4uJXEfXXuc4FaRlHwe8ykT2fs79czALxmBVrY3vhjhYCq6VxQfTK9h7IwB5h0ri_73kVAx3rPvyx33S-4EHtpy9xll-qZ5N6i_Aec-OHWwxaXWkSr43B3sY_BLv4sHUacYxKq4-WIJHzS4nl30sle5d1f1msirPefedpgaY0R3kVt7KDyRkupmiNkJRqIlCeU14Wz-L6WbKY-o9MxujYwW37grwvgfKupbu70Nt2lJMxO9pCXJirlenKyKoK5SCp2BJ78qOFXLsz44CA128dJ7GiOnpfTCeN4WdPJzAWABQlpum_Sxar0x00pKmx3n53HZ2CDJz5uvQHaVkUxs75K_Rmb28k2njKlWJBrDLH7cqF9iOba8-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.144.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3964b37c1ecae45d1a3b1c451f3f9bce4a218b2df7d34b74272917708f7d3b7c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www5.getsecurybrowseapp.com/view?src=hXxvqtXqT9p1lli73ZyviGUPJByMNnp01J47GE07WykmvsCYqQ-QvgQ7phLi0CNgQvLB-Ij9FLaCQ4uJXEfXXuc4FaRlHwe8ykT2fs79czALxmBVrY3vhjhYCq6VxQfTK9h7IwB5h0ri_73kVAx3rPvyx33S-4EHtpy9xll-qZ5N6i_Aec-OHWwxaXWkSr43B3sY_BLv4sHUacYxKq4-WIJHzS4nl30sle5d1f1msirPefedpgaY0R3kVt7KDyRkupmiNkJRqIlCeU14Wz-L6WbKY-o9MxujYwW37grwvgfKupbu70Nt2lJMxO9pCXJirlenKyKoK5SCp2BJ78qOFXLsz44CA128dJ7GiOnpfTCeN4WdPJzAWABQlpum_Sxar0x00pKmx3n53HZ2CDJz5uvQHaVkUxs75K_Rmb28k2njKlWJBrDLH7cqF9iOba8-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 16:13:13 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ime%2FlMs7g5lfU%2Bf6NSLQuQ2m83SjRafZw%2BPH3wEw5Q2ve91cswm4qehjrnyG6FzIegoKgBGlfzzHR4Uaezqf6nAcILR9XHYc%2BTJwD5B%2BvalHw6IEHHE8WJqgNJRY1gtjvHO%2BkKXuX4nuHz90nYs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=60
access-control-allow-credentials
true
cf-ray
81ab441ded7a36cc-YYZ
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
alt-svc
h3=":443"; ma=86400
styles-d1aa7de2146680ffd35e.js
www5.getsecurybrowseapp.com/view/rtb_cdn/heuristic-onix-0b9957/ 		622 B
460 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.getsecurybrowseapp.com/view/rtb_cdn/heuristic-onix-0b9957/styles-d1aa7de2146680ffd35e.js
Requested by
Host: www5.getsecurybrowseapp.com
URL: https://www5.getsecurybrowseapp.com/view?src=hXxvqtXqT9p1lli73ZyviGUPJByMNnp01J47GE07WykmvsCYqQ-QvgQ7phLi0CNgQvLB-Ij9FLaCQ4uJXEfXXuc4FaRlHwe8ykT2fs79czALxmBVrY3vhjhYCq6VxQfTK9h7IwB5h0ri_73kVAx3rPvyx33S-4EHtpy9xll-qZ5N6i_Aec-OHWwxaXWkSr43B3sY_BLv4sHUacYxKq4-WIJHzS4nl30sle5d1f1msirPefedpgaY0R3kVt7KDyRkupmiNkJRqIlCeU14Wz-L6WbKY-o9MxujYwW37grwvgfKupbu70Nt2lJMxO9pCXJirlenKyKoK5SCp2BJ78qOFXLsz44CA128dJ7GiOnpfTCeN4WdPJzAWABQlpum_Sxar0x00pKmx3n53HZ2CDJz5uvQHaVkUxs75K_Rmb28k2njKlWJBrDLH7cqF9iOba8-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.144.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84b09e2f6caef5cbf4aed93990dfeb504341bc008b46365cc5fc549e644570aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www5.getsecurybrowseapp.com/view?src=hXxvqtXqT9p1lli73ZyviGUPJByMNnp01J47GE07WykmvsCYqQ-QvgQ7phLi0CNgQvLB-Ij9FLaCQ4uJXEfXXuc4FaRlHwe8ykT2fs79czALxmBVrY3vhjhYCq6VxQfTK9h7IwB5h0ri_73kVAx3rPvyx33S-4EHtpy9xll-qZ5N6i_Aec-OHWwxaXWkSr43B3sY_BLv4sHUacYxKq4-WIJHzS4nl30sle5d1f1msirPefedpgaY0R3kVt7KDyRkupmiNkJRqIlCeU14Wz-L6WbKY-o9MxujYwW37grwvgfKupbu70Nt2lJMxO9pCXJirlenKyKoK5SCp2BJ78qOFXLsz44CA128dJ7GiOnpfTCeN4WdPJzAWABQlpum_Sxar0x00pKmx3n53HZ2CDJz5uvQHaVkUxs75K_Rmb28k2njKlWJBrDLH7cqF9iOba8-
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 16:13:13 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SP7vADMLZIJr94PYkDXjp39pNwhgSJsdmCH1GqZ0ES6mMVggIBIVeAcP5blCazJ4Sa%2F%2Fuk%2BX7v9nFa0K6J6S%2F8BT6gX5GV9WyoxdWID8tOUUdcpfa%2FZ1xMxGOQqvLA3PFwYdXnCMahDbgakb8Y%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=60
access-control-allow-credentials
true
cf-ray
81ab441ded7c36cc-YYZ
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
alt-svc
h3=":443"; ma=86400
component---src-pages-lp-tsx-eb8c393043cbc86a4f8b.js
www5.getsecurybrowseapp.com/view/rtb_cdn/heuristic-onix-0b9957/ 		0
0
page-data.json
www5.getsecurybrowseapp.com/view/rtb_cdn/heuristic-onix-0b9957/page-data/lp/ 		180 B
735 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www5.getsecurybrowseapp.com/view/rtb_cdn/heuristic-onix-0b9957/page-data/lp/page-data.json
Requested by
Host: www5.getsecurybrowseapp.com
URL: https://www5.getsecurybrowseapp.com/view?src=hXxvqtXqT9p1lli73ZyviGUPJByMNnp01J47GE07WykmvsCYqQ-QvgQ7phLi0CNgQvLB-Ij9FLaCQ4uJXEfXXuc4FaRlHwe8ykT2fs79czALxmBVrY3vhjhYCq6VxQfTK9h7IwB5h0ri_73kVAx3rPvyx33S-4EHtpy9xll-qZ5N6i_Aec-OHWwxaXWkSr43B3sY_BLv4sHUacYxKq4-WIJHzS4nl30sle5d1f1msirPefedpgaY0R3kVt7KDyRkupmiNkJRqIlCeU14Wz-L6WbKY-o9MxujYwW37grwvgfKupbu70Nt2lJMxO9pCXJirlenKyKoK5SCp2BJ78qOFXLsz44CA128dJ7GiOnpfTCeN4WdPJzAWABQlpum_Sxar0x00pKmx3n53HZ2CDJz5uvQHaVkUxs75K_Rmb28k2njKlWJBrDLH7cqF9iOba8-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.144.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b95a950fac06f3cb894d5115ecdaa36755260e59a0b1b7b37e8de07ff23fdb

Request headers

Referer
https://www5.getsecurybrowseapp.com/view?src=hXxvqtXqT9p1lli73ZyviGUPJByMNnp01J47GE07WykmvsCYqQ-QvgQ7phLi0CNgQvLB-Ij9FLaCQ4uJXEfXXuc4FaRlHwe8ykT2fs79czALxmBVrY3vhjhYCq6VxQfTK9h7IwB5h0ri_73kVAx3rPvyx33S-4EHtpy9xll-qZ5N6i_Aec-OHWwxaXWkSr43B3sY_BLv4sHUacYxKq4-WIJHzS4nl30sle5d1f1msirPefedpgaY0R3kVt7KDyRkupmiNkJRqIlCeU14Wz-L6WbKY-o9MxujYwW37grwvgfKupbu70Nt2lJMxO9pCXJirlenKyKoK5SCp2BJ78qOFXLsz44CA128dJ7GiOnpfTCeN4WdPJzAWABQlpum_Sxar0x00pKmx3n53HZ2CDJz5uvQHaVkUxs75K_Rmb28k2njKlWJBrDLH7cqF9iOba8-
Origin
https://www5.getsecurybrowseapp.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 16:13:13 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
content-type
text/html
access-control-allow-origin
https://www5.getsecurybrowseapp.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0kGUlIUbLpMShkCntPIPnM6tRHEHuuhs9SMKRTH2UlNwO5G53S85CZGUJVxntZwoRsXKskm%2BIv32upJ33MIFC3McIAwq4C7BVYP7tPNBdG7H3OzXYMTngolK8DL2QZShTxl2r2ASbeJ1WepsTs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=60
access-control-allow-credentials
true
cf-ray
81ab441ded8136cc-YYZ
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www5.getsecurybrowseapp.com
URL
https://www5.getsecurybrowseapp.com/view/csp_report
Domain
www5.getsecurybrowseapp.com
URL
https://www5.getsecurybrowseapp.com/view/rtb_cdn/heuristic-onix-0b9957/component---src-pages-lp-tsx-eb8c393043cbc86a4f8b.js

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| DL string| pagePath string| webpackCompilationHash object| ___chunkMapping object| webpackJsonp object| __core-js_shared__ object| core object| asyncRequires object| ___emitter object| ___loader string| ___webpackCompilationHash boolean| __navigatingToLink function| ___push function| ___replace function| ___navigate

6 Cookies

Domain/Path Name / Value
.getsecurybrowseapp.com/ Name: aff_thankyou_page
Value: (http|https).*kjincgipkjkimkcmolmajgcfpdjbckgc
.getsecurybrowseapp.com/ Name: b
Value: 1
.getsecurybrowseapp.com/ Name: uid
Value: 10be2496-71bf-11ee-88a2-1ebdef479265
.getsecurybrowseapp.com/ Name: mid
Value: 0b47daf2-71bf-11ee-85de-2edf6d9c2849
.getsecurybrowseapp.com/ Name: utm_source
Value: rtb_xpr_cr_ca
.getsecurybrowseapp.com/ Name: 86dfa8f2_sbmi
Value: 141506466