urlscan.io logo urlscan.io
SecurityTrails logo

instasxt.safesecureentry.com Open in urlscan Pro
3.213.71.15  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cutt.us/VoteAndreafisher28gat
Effective URL: https://instasxt.safesecureentry.com/?page=land/501_reg_inline11.2&x_source=vip53630.46218-6859335.92719_1690-.596ec14156154ee3bede2e...
Submission: On December 20 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 12 HTTP transactions. The main IP is 3.213.71.15, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is instasxt.safesecureentry.com.
TLS certificate: Issued by Amazon on November 27th 2019. Valid for: a year.
This is the only time instasxt.safesecureentry.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 192.111.136.71 46562 (TOTAL-SER...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 216.58.207.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 18.196.112.117 16509 (AMAZON-02)
1 2 2a05:d018:483... 16509 (AMAZON-02)
1 2a05:d018:483... 16509 (AMAZON-02)
1 2 3.213.71.15 14618 (AMAZON-AES)
12 9
2    192.111.136.71 (Atlanta, United States)

ASN46562 (TOTAL-SERVER-SOLUTIONS - Total Server Solutions L.L.C., US)
cutt.us
2    2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
adservice.google.de
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
3    216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
2    18.196.112.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-112-117.eu-central-1.compute.amazonaws.com
go.clix-trak.com
2    2a05:d018:483:6110:92c9:a4e8:6d4b:b9e2 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
securecloud-dt.com
1    2a05:d018:483:6130:4906:f536:5d6d:1691 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
gdmconvtrck.com
2    3.213.71.15 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-213-71-15.compute-1.amazonaws.com
instasxt.safesecureentry.com
Domain Requested by
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 instasxt.safesecureentry.com 1 redirects gdmconvtrck.com
2 securecloud-dt.com 1 redirects go.clix-trak.com
2 go.clix-trak.com 1 redirects cutt.us
2 cutt.us 1 redirects
1 gdmconvtrck.com securecloud-dt.com
1 tpc.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 www.googletagservices.com cutt.us
12 10

This site contains no links.

Subject Issuer Validity Valid
www.cutt.us
Let's Encrypt Authority X3		 2019-12-02 -
2020-03-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
go.clix-trak.com
Amazon		 2019-10-08 -
2020-11-08		 a year crt.sh
securessl-fb.com
Amazon		 2019-04-20 -
2020-05-20		 a year crt.sh
gdmconvtrck.com
Amazon		 2019-04-19 -
2020-05-19		 a year crt.sh
safesecureentry.com
Amazon		 2019-11-27 -
2020-12-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://instasxt.safesecureentry.com/?page=land/501_reg_inline11.2&x_source=vip53630.46218-6859335.92719_1690-.596ec14156154ee3bede2ebb2ba90fb9ce88&cta=4&tnum=73000
Frame ID: 88687D5F1B78F1766EF6C18BDDAAEE0A
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://cutt.us/VoteAndreafisher28gat HTTP 301
    https://cutt.us/VoteAndreafisher28gat Page URL
  2. http://go.clix-trak.com/click?offer_id=103&affiliate_id=1690&sub_id1= HTTP 301
    https://go.clix-trak.com/click?offer_id=103&affiliate_id=1690&sub_id1= Page URL
  3. https://securecloud-dt.com/?a=92719&c=168724&s1=1690-&s2=f89b667318d048db8cf7d88ce536661d Page URL
  4. https://securecloud-dt.com/?a=92719&c=168724&oc=65175&sr=t&s1=1690-&s2=f89b667318d048db8cf7d88ce536661d... HTTP 302
    https://instasxt.safesecureentry.com/?in=instsxt1a:39989&x_source=vip53630:92719_1690-.596ec14156154ee3bede2ebb2b... HTTP 302
    https://instasxt.safesecureentry.com/?page=land/501_reg_inline11.2&x_source=vip53630.46218-6859335.92719_1690-.59... Page URL

Page Statistics

12
Requests

100 %
HTTPS

56 %
IPv6

10
Domains

10
Subdomains

9
IPs

3
Countries

117 kB
Transfer

300 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cutt.us/VoteAndreafisher28gat HTTP 301
    https://cutt.us/VoteAndreafisher28gat Page URL
  2. http://go.clix-trak.com/click?offer_id=103&affiliate_id=1690&sub_id1= HTTP 301
    https://go.clix-trak.com/click?offer_id=103&affiliate_id=1690&sub_id1= Page URL
  3. https://securecloud-dt.com/?a=92719&c=168724&s1=1690-&s2=f89b667318d048db8cf7d88ce536661d Page URL
  4. https://securecloud-dt.com/?a=92719&c=168724&oc=65175&sr=t&s1=1690-&s2=f89b667318d048db8cf7d88ce536661d&vt=1576821197057&h=492b0bb27084f4138c97eb6434f7cbef10b0673e&req=https%3A%2F%2Fsecurecloud-dt.com%2F%3Fa%3D92719%26c%3D168724%26s1%3D1690-%26s2%3Df89b667318d048db8cf7d88ce536661d&us=7ca8d542c8eb43bb91bfeb3c676e32f1 HTTP 302
    https://instasxt.safesecureentry.com/?in=instsxt1a:39989&x_source=vip53630:92719_1690-.596ec14156154ee3bede2ebb2ba90fb9ce88 HTTP 302
    https://instasxt.safesecureentry.com/?page=land/501_reg_inline11.2&x_source=vip53630.46218-6859335.92719_1690-.596ec14156154ee3bede2ebb2ba90fb9ce88&cta=4&tnum=73000 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://cutt.us/VoteAndreafisher28gat HTTP 301
  • https://cutt.us/VoteAndreafisher28gat
Request Chain 8
  • http://go.clix-trak.com/click?offer_id=103&affiliate_id=1690&sub_id1= HTTP 301
  • https://go.clix-trak.com/click?offer_id=103&affiliate_id=1690&sub_id1=

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VoteAndreafisher28gat
cutt.us/
Redirect Chain
  • http://cutt.us/VoteAndreafisher28gat
  • https://cutt.us/VoteAndreafisher28gat
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cutt.us/VoteAndreafisher28gat
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.111.136.71 Atlanta, United States, ASN46562 (TOTAL-SERVER-SOLUTIONS - Total Server Solutions L.L.C., US),
Reverse DNS
Software
Hotcores.com /
Resource Hash
4c05c5f4bd7e75f3b8f89978445f4b0f35620632cf50d4b44024fa99b8493a26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Host
cutt.us
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
Hotcores.com
Date
Fri, 20 Dec 2019 05:53:17 GMT
Content-Type
text/html; Charset=UTF-8;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-cache, must-revalidate, max-age=0
Pragma
no-cache
X-Robots-Tag
noindex, nofollow
I-AM
Beta
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Encoding
gzip

Redirect headers

Server
Hotcores.com
Date
Fri, 20 Dec 2019 05:53:15 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://cutt.us/VoteAndreafisher28gat
gpt.js
www.googletagservices.com/tag/js/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cutt.us
URL: https://cutt.us/VoteAndreafisher28gat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f213be31d540e30366635b474daedd9c0b46287d55429ec9ef7a4829361c6f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/VoteAndreafisher28gat
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 05:53:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"372 / 232 of 1000 / last-modified: 1576520981"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15827
x-xss-protection
0
expires
Fri, 20 Dec 2019 05:53:16 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cutt.us
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/VoteAndreafisher28gat
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 05:53:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cutt.us
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/VoteAndreafisher28gat
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 05:53:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2019121002.js
securepubads.g.doubleclick.net/gpt/ 		163 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
sffe /
Resource Hash
216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/VoteAndreafisher28gat
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 05:53:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
60922
x-xss-protection
0
expires
Fri, 20 Dec 2019 05:53:16 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		369 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4122613959732318&correlator=587153962431862&output=ldjh&impl=fif&adsid=NT&eid=21065238&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191220&iu=%2F5837603%2FCutt_360&sz=300x360&cookie_enabled=1&bc=31&abxe=1&lmt=1576821196&dt=1576821196538&dlt=1576821196289&idt=238&frm=20&biw=1600&bih=1200&oid=3&adx=-12245933&ady=-12245933&adk=1933368604&uci=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcutt.us%2FVoteAndreafisher28gat&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=344x423&msz=0x0&ga_vid=1967714358.1576821197&ga_sid=1576821197&ga_hid=449491625&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://cutt.us/VoteAndreafisher28gat
Origin
https://cutt.us

Response headers

date
Fri, 20 Dec 2019 05:53:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
187
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cutt.us
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019121002.js
securepubads.g.doubleclick.net/gpt/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
sffe /
Resource Hash
4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/VoteAndreafisher28gat
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Dec 2019 05:53:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24811
x-xss-protection
0
expires
Fri, 20 Dec 2019 05:53:16 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cutt.us/VoteAndreafisher28gat
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
click
go.clix-trak.com/
Redirect Chain
  • http://go.clix-trak.com/click?offer_id=103&affiliate_id=1690&sub_id1=
  • https://go.clix-trak.com/click?offer_id=103&affiliate_id=1690&sub_id1=
8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.clix-trak.com/click?offer_id=103&affiliate_id=1690&sub_id1=
Requested by
Host: cutt.us
URL: https://cutt.us/VoteAndreafisher28gat
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.112.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-196-112-117.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.3.11 / PHP/7.3.11
Resource Hash

Request headers

:method
GET
:authority
go.clix-trak.com
:scheme
https
:path
/click?offer_id=103&affiliate_id=1690&sub_id1=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
cookie
AWSALB=1ELeY+CUwIujxH+LTDI2N0V7A5dVV03g3pHCPkJOpLHxjZaT4gvXB9MoS2BwTViAoHdhGsNamAApnJfVhHxEZXMArXi/2okfnjLC5WHdFagjf4VZcShKFII4IWSz
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 20 Dec 2019 05:53:16 GMT
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=LUyF6FqTl/q+f8d7ZrM45kIyKucIWZA0Qj/bukZ8jKhof/RbBX/DiD4FgNLBkERTiGcIEW/tgw/Jz9FrnpnUPEK+HWit5eZ0iC9VhYWNctFOyUJYcFamk8cCnvUr; Expires=Fri, 27 Dec 2019 05:53:16 GMT; Path=/ o_6974ce5ac660610b44d9b9fed0ff9548=1760163; expires=Fri, 27-Dec-2019 05:53:16 GMT; Max-Age=604800; path=/ PHPSESSID=q6f5bt0e6dafkqv18fpidlmo7j; path=/; HttpOnly _csrf=ccad2a16dd2d0cf8894fb0d73d46ec3917a71187029bc07544a2164e1e78001fa%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22wTiQMt_0O7JIrEt61jtBpm0QIdb5uJfp%22%3B%7D; path=/; HttpOnly
server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.3.11
x-powered-by
PHP/7.3.11
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache

Redirect headers

Date
Fri, 20 Dec 2019 05:53:16 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Set-Cookie
AWSALB=1ELeY+CUwIujxH+LTDI2N0V7A5dVV03g3pHCPkJOpLHxjZaT4gvXB9MoS2BwTViAoHdhGsNamAApnJfVhHxEZXMArXi/2okfnjLC5WHdFagjf4VZcShKFII4IWSz; Expires=Fri, 27 Dec 2019 05:53:16 GMT; Path=/
Server
Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/7.3.11
X-Powered-By
PHP/7.3.11
Location
https://go.clix-trak.com/click?offer_id=103&affiliate_id=1690&sub_id1=
/
securecloud-dt.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securecloud-dt.com/?a=92719&c=168724&s1=1690-&s2=f89b667318d048db8cf7d88ce536661d
Requested by
Host: go.clix-trak.com
URL: https://go.clix-trak.com/click?offer_id=103&affiliate_id=1690&sub_id1=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:483:6110:92c9:a4e8:6d4b:b9e2 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
c4834448fbacfd8bc95910fbfeb91bb292425dcb0a4c543a240934ce72d53701

Request headers

:method
GET
:authority
securecloud-dt.com
:scheme
https
:path
/?a=92719&c=168724&s1=1690-&s2=f89b667318d048db8cf7d88ce536661d
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 20 Dec 2019 05:53:17 GMT
content-type
text/html;charset=utf-8
server
nginx
vary
Accept-Encoding
cache-control
no-cache, must-revalidate
pragma
no-cache
expires
Sat, 1 May 2020 12:00:00 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
content-encoding
gzip
trck
gdmconvtrck.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdmconvtrck.com/trck
Requested by
Host: securecloud-dt.com
URL: https://securecloud-dt.com/?a=92719&c=168724&s1=1690-&s2=f89b667318d048db8cf7d88ce536661d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:483:6130:4906:f536:5d6d:1691 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
06bd9c1020a056fe8788e40694646c9422c6ef9a0df8935054164e09f48b4421

Request headers

Referer
https://securecloud-dt.com/?a=92719&c=168724&s1=1690-&s2=f89b667318d048db8cf7d88ce536661d
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Dec 2019 05:53:17 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*, *
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript;charset=utf-8
status
200
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
expires
Sat, 1 May 2020 12:00:00 GMT
Primary Request /
instasxt.safesecureentry.com/
Redirect Chain
  • https://securecloud-dt.com/?a=92719&c=168724&oc=65175&sr=t&s1=1690-&s2=f89b667318d048db8cf7d88ce536661d&vt=1576821197057&h=492b0bb27084f4138c97eb6434f7cbef10b0673e&req=https%3A%2F%2Fsecurecloud-dt....
  • https://instasxt.safesecureentry.com/?in=instsxt1a:39989&x_source=vip53630:92719_1690-.596ec14156154ee3bede2ebb2ba90fb9ce88
  • https://instasxt.safesecureentry.com/?page=land/501_reg_inline11.2&x_source=vip53630.46218-6859335.92719_1690-.596ec14156154ee3bede2ebb2ba90fb9ce88&cta=4&tnum=73000
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://instasxt.safesecureentry.com/?page=land/501_reg_inline11.2&x_source=vip53630.46218-6859335.92719_1690-.596ec14156154ee3bede2ebb2ba90fb9ce88&cta=4&tnum=73000
Requested by
Host: gdmconvtrck.com
URL: https://gdmconvtrck.com/trck
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.71.15 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-213-71-15.compute-1.amazonaws.com
Software
Apache/2.4.6 (CentOS) PHP/7.1.19 / PHP/7.1.19
Resource Hash
6ff21e40e793822928445be1dc7c82ecd12be62baeef90869e9cd677a0e96b46

Request headers

:method
GET
:authority
instasxt.safesecureentry.com
:scheme
https
:path
/?page=land/501_reg_inline11.2&x_source=vip53630.46218-6859335.92719_1690-.596ec14156154ee3bede2ebb2ba90fb9ce88&cta=4&tnum=73000
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://securecloud-dt.com/?a=92719&c=168724&s1=1690-&s2=f89b667318d048db8cf7d88ce536661d
accept-encoding
gzip, deflate, br
cookie
PHPSESSID=406115d2c02410c1896e91dc0875f0e3; src=vip53630%3A92719_1690-.596ec14156154ee3bede2ebb2ba90fb9ce88
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://securecloud-dt.com/?a=92719&c=168724&s1=1690-&s2=f89b667318d048db8cf7d88ce536661d

Response headers

status
200
date
Fri, 20 Dec 2019 05:53:18 GMT
content-type
text/html; charset=UTF-8
content-length
2979
server
Apache/2.4.6 (CentOS) PHP/7.1.19
x-powered-by
PHP/7.1.19
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
src=vip53630.46218-6859335.92719_1690-.596ec14156154ee3bede2ebb2ba90fb9ce88; expires=Fri, 03-Jan-2020 05:53:18 GMT; Max-Age=1209600 inf109236=3073__4.5003__51.8933__Rotterdam__528__ZH
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

status
302
date
Fri, 20 Dec 2019 05:53:18 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
?page=land/501_reg_inline11.2&x_source=vip53630.46218-6859335.92719_1690-.596ec14156154ee3bede2ebb2ba90fb9ce88&cta=4&tnum=73000
server
Apache/2.4.6 (CentOS) PHP/7.1.19
x-powered-by
PHP/7.1.19
set-cookie
PHPSESSID=406115d2c02410c1896e91dc0875f0e3; path=/ src=vip53630%3A92719_1690-.596ec14156154ee3bede2ebb2ba90fb9ce88; expires=Fri, 03-Jan-2020 05:53:17 GMT; Max-Age=1209600
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| term_pop function| is_taken function| visual_is_taken function| is_all_empty

3 Cookies

Domain/Path Name / Value
instasxt.safesecureentry.com/ Name: inf109236
Value: 3073__4.5003__51.8933__Rotterdam__528__ZH
instasxt.safesecureentry.com/ Name: src
Value: vip53630.46218-6859335.92719_1690-.596ec14156154ee3bede2ebb2ba90fb9ce88
instasxt.safesecureentry.com/ Name: PHPSESSID
Value: 406115d2c02410c1896e91dc0875f0e3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;