urlscan.io logo urlscan.io
SecurityTrails logo

bnr.hyperadsdesign.com Open in urlscan Pro
23.20.97.59  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://omklefkior.com/c/s02mnvyvhc?t=0&ymid=727213547842703527
Effective URL: https://bnr.hyperadsdesign.com/get/bAxqvF1d45pWHW4v5AoorosX?connectionType=broadband&carrier=?&browserVersion=117&region=man&de...
Submission: On September 17 via manual — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 8 HTTP transactions. The main IP is 23.20.97.59, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is bnr.hyperadsdesign.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 23rd 2023. Valid for: a year.
This is the only time bnr.hyperadsdesign.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 139.45.197.167 9002 (RETN-AS)
1 2.21.20.196 20940 (AKAMAI-ASN1)
1 139.45.195.8 9002 (RETN-AS)
1 23.20.97.59 14618 (AMAZON-AES)
1 2600:9000:223... 16509 (AMAZON-02)
3 18.193.141.43 16509 (AMAZON-02)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
8 6
1    139.45.197.167 (United Kingdom)

ASN9002 (RETN-AS, GB)
omklefkior.com
1    2.21.20.196 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-196.deploy.static.akamaitechnologies.com
ak.psaltauw.net
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    23.20.97.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-97-59.compute-1.amazonaws.com
bnr.hyperadsdesign.com
1    2600:9000:223d:7200:c:cb59:380:21 (United States)

ASN16509 (AMAZON-02, US)
d38dxwbthvbuvi.cloudfront.net
3    18.193.141.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-141-43.eu-central-1.compute.amazonaws.com
lnk.gameclickads.net
1    2606:4700:20::681a:e8e (United States)

ASN13335 (CLOUDFLARENET, US)
link.joingekko.com
2    2606:4700:10::6816:3f5a (United States)

ASN13335 (CLOUDFLARENET, US)
www.sofasandstuff.com
sofasandstuff.com
Apex Domain
Subdomains		 Transfer
3 gameclickads.net
lnk.gameclickads.net
10 KB
2 sofasandstuff.com
www.sofasandstuff.com
sofasandstuff.com
185 B
1 joingekko.com
link.joingekko.com — Cisco Umbrella Rank: 545292
527 B
1 cloudfront.net
d38dxwbthvbuvi.cloudfront.net
571 KB
1 hyperadsdesign.com
bnr.hyperadsdesign.com
2 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 9998
507 B
1 psaltauw.net
ak.psaltauw.net — Cisco Umbrella Rank: 116496
2 KB
1 omklefkior.com
omklefkior.com
179 B
8 8
Domain Requested by
3 lnk.gameclickads.net bnr.hyperadsdesign.com
lnk.gameclickads.net
1 sofasandstuff.com lnk.gameclickads.net
1 www.sofasandstuff.com 1 redirects
1 link.joingekko.com 1 redirects
1 d38dxwbthvbuvi.cloudfront.net bnr.hyperadsdesign.com
1 bnr.hyperadsdesign.com ak.psaltauw.net
1 my.rtmark.net ak.psaltauw.net
1 ak.psaltauw.net
1 omklefkior.com 1 redirects
8 9

This site contains no links.

Subject Issuer Validity Valid
ak.hetaruwg.com
R3		 2023-09-08 -
2023-12-07		 3 months crt.sh
rtmark.net
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh
*.thekingtrack.com
Amazon RSA 2048 M02		 2023-02-23 -
2024-02-12		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.gameclickads.net
Amazon RSA 2048 M01		 2023-02-13 -
2024-02-12		 a year crt.sh
sofasandstuff.com
GTS CA 1P5		 2023-07-27 -
2023-10-25		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://bnr.hyperadsdesign.com/get/bAxqvF1d45pWHW4v5AoorosX?connectionType=broadband&carrier=?&browserVersion=117&region=man&device=desktop&operatingSystem=windows&osVersion=win10&country=GB&language=en&userAgent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/117.0.5938.62%20Safari/537.36&browser=chrome&zoneId=5967693&cost=0.000020&campaignId=7345864&paid=727222772392268724&subzone_id=0
Frame ID: C27B038612E99D252C325D289231C129
Requests: 4 HTTP requests in this frame

Frame: https://lnk.gameclickads.net/trk/bAxqvF1d45pWHW4v5AoorosX?browser=chrome&browserVersion=117&campaignId=7345864&carrier=%3F&connectionType=broadband&cost=0.000020&country=GB&device=desktop&language=en&operatingSystem=windows&osVersion=win10&paid=727222772392268724&region=man&subzone_id=0&userAgent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.62+Safari%2F537.36&zoneId=5967693&c2=true&vpw=1600&vph=1200
Frame ID: 9C30D8BFB13B255EA1AFD47A83A06C8C
Requests: 2 HTTP requests in this frame

Frame: https://sofasandstuff.com/
Frame ID: 4DC2C1AA785F30DEA728064550D1B17A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://omklefkior.com/c/s02mnvyvhc?t=0&ymid=727213547842703527 HTTP 302
    https://ak.psaltauw.net/4/5967693?t=0&ymid=727213547842703527 Page URL
  2. https://bnr.hyperadsdesign.com/get/bAxqvF1d45pWHW4v5AoorosX?connectionType=broadband&carrier=?&browserVersi... Page URL

Page Statistics

8
Requests

100 %
HTTPS

38 %
IPv6

8
Domains

9
Subdomains

6
IPs

3
Countries

585 kB
Transfer

583 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://omklefkior.com/c/s02mnvyvhc?t=0&ymid=727213547842703527 HTTP 302
    https://ak.psaltauw.net/4/5967693?t=0&ymid=727213547842703527 Page URL
  2. https://bnr.hyperadsdesign.com/get/bAxqvF1d45pWHW4v5AoorosX?connectionType=broadband&carrier=?&browserVersion=117&region=man&device=desktop&operatingSystem=windows&osVersion=win10&country=GB&language=en&userAgent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/117.0.5938.62%20Safari/537.36&browser=chrome&zoneId=5967693&cost=0.000020&campaignId=7345864&paid=727222772392268724&subzone_id=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://omklefkior.com/c/s02mnvyvhc?t=0&ymid=727213547842703527 HTTP 302
  • https://ak.psaltauw.net/4/5967693?t=0&ymid=727213547842703527
Request Chain 6
  • https://link.joingekko.com/deep-link?publisherkey=91a2764d-b811-4d30-ab1c-39028e193e54&propertyid=831073&url=https%3A%2F%2Fwww.sofasandstuff.com&geo=gb&merchantid=182261&clickid=6506d67d4ad48c43e3f7eeb5-RL-367142 HTTP 302
  • https://www.sofasandstuff.com/ HTTP 301
  • https://sofasandstuff.com/

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
5967693
ak.psaltauw.net/4/
Redirect Chain
  • https://omklefkior.com/c/s02mnvyvhc?t=0&ymid=727213547842703527
  • https://ak.psaltauw.net/4/5967693?t=0&ymid=727213547842703527
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ak.psaltauw.net/4/5967693?t=0&ymid=727213547842703527
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.196 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
1011
content-type
text/html; charset=utf8
date
Sun, 17 Sep 2023 10:35:40 GMT
expires
Sun, 17 Sep 2023 10:35:40 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://bnr.hyperadsdesign.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma
no-cache
timing-allow-origin
*
vary
Accept-Encoding
x-trace-id
be8096ad0e6760a8b3b371aa9c623a9a

Redirect headers

content-length
174
content-type
text/html; charset=utf-8
date
Sun, 17 Sep 2023 10:35:39 GMT
location
https://ak.psaltauw.net/4/5967693?t=0&ymid=727213547842703527
server
nginx
strict-transport-security
max-age=1
vary
Accept
x-content-type-options
nosniff
img.gif
my.rtmark.net/ 		43 B
507 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=1ba99a1f01be49f4bfc14f54a1e665c2
Requested by
Host: ak.psaltauw.net
URL: https://ak.psaltauw.net/4/5967693?t=0&ymid=727213547842703527
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 10:35:40 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://ak.psaltauw.net
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
Primary Request bAxqvF1d45pWHW4v5AoorosX
bnr.hyperadsdesign.com/get/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bnr.hyperadsdesign.com/get/bAxqvF1d45pWHW4v5AoorosX?connectionType=broadband&carrier=?&browserVersion=117&region=man&device=desktop&operatingSystem=windows&osVersion=win10&country=GB&language=en&userAgent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/117.0.5938.62%20Safari/537.36&browser=chrome&zoneId=5967693&cost=0.000020&campaignId=7345864&paid=727222772392268724&subzone_id=0
Requested by
Host: ak.psaltauw.net
URL: https://ak.psaltauw.net/4/5967693?t=0&ymid=727213547842703527
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.97.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-97-59.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
4271d9136880d9ff37370ce55f15ca040328f182628d93e184d17a679ef5103c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
1642
content-type
text/html
date
Sun, 17 Sep 2023 10:35:40 GMT
server
awselb/2.0
a3d3afe7577cccb9cc96364e66bb813d.png
d38dxwbthvbuvi.cloudfront.net/jcm-mm/ 		570 KB
571 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d38dxwbthvbuvi.cloudfront.net/jcm-mm/a3d3afe7577cccb9cc96364e66bb813d.png
Requested by
Host: bnr.hyperadsdesign.com
URL: https://bnr.hyperadsdesign.com/get/bAxqvF1d45pWHW4v5AoorosX?connectionType=broadband&carrier=?&browserVersion=117&region=man&device=desktop&operatingSystem=windows&osVersion=win10&country=GB&language=en&userAgent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/117.0.5938.62%20Safari/537.36&browser=chrome&zoneId=5967693&cost=0.000020&campaignId=7345864&paid=727222772392268724&subzone_id=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7200:c:cb59:380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5cfd3c225762e475b902bafa2569160aad910b0403721574f5d935eab86d9948

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://bnr.hyperadsdesign.com/get/bAxqvF1d45pWHW4v5AoorosX?connectionType=broadband&carrier=?&browserVersion=117&region=man&device=desktop&operatingSystem=windows&osVersion=win10&country=GB&language=en&userAgent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/117.0.5938.62%20Safari/537.36&browser=chrome&zoneId=5967693&cost=0.000020&campaignId=7345864&paid=727222772392268724&subzone_id=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 05:55:45 GMT
via
1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
last-modified
Thu, 18 May 2023 14:36:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
16796
etag
"89b85ec4fb75ee6cae061ab7d536aa9f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
583445
x-amz-cf-id
pSsgDsjdoTLyO4_04TdW2-LsUIj9qqqJSItpZjVh4YkNL1tYxTdSYw==
bAxqvF1d45pWHW4v5AoorosX
lnk.gameclickads.net/trk/ Frame 9C30 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lnk.gameclickads.net/trk/bAxqvF1d45pWHW4v5AoorosX?browser=chrome&browserVersion=117&campaignId=7345864&carrier=%3F&connectionType=broadband&cost=0.000020&country=GB&device=desktop&language=en&operatingSystem=windows&osVersion=win10&paid=727222772392268724&region=man&subzone_id=0&userAgent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.62+Safari%2F537.36&zoneId=5967693&c2=true&vpw=1600&vph=1200
Requested by
Host: bnr.hyperadsdesign.com
URL: https://bnr.hyperadsdesign.com/get/bAxqvF1d45pWHW4v5AoorosX?connectionType=broadband&carrier=?&browserVersion=117&region=man&device=desktop&operatingSystem=windows&osVersion=win10&country=GB&language=en&userAgent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/117.0.5938.62%20Safari/537.36&browser=chrome&zoneId=5967693&cost=0.000020&campaignId=7345864&paid=727222772392268724&subzone_id=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.141.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-141-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8d3fdf2491e4bfa920426223ea14119c69bdbb3906730aa4558edcf24afe64a9

Request headers

Referer
https://bnr.hyperadsdesign.com/get/bAxqvF1d45pWHW4v5AoorosX?connectionType=broadband&carrier=?&browserVersion=117&region=man&device=desktop&operatingSystem=windows&osVersion=win10&country=GB&language=en&userAgent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/117.0.5938.62%20Safari/537.36&browser=chrome&zoneId=5967693&cost=0.000020&campaignId=7345864&paid=727222772392268724&subzone_id=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-language
en-GB
content-type
text/html;charset=UTF-8
date
Sun, 17 Sep 2023 10:35:41 GMT
c.js
lnk.gameclickads.net/js/ Frame 9C30 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lnk.gameclickads.net/js/c.js
Requested by
Host: lnk.gameclickads.net
URL: https://lnk.gameclickads.net/trk/bAxqvF1d45pWHW4v5AoorosX?browser=chrome&browserVersion=117&campaignId=7345864&carrier=%3F&connectionType=broadband&cost=0.000020&country=GB&device=desktop&language=en&operatingSystem=windows&osVersion=win10&paid=727222772392268724&region=man&subzone_id=0&userAgent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.62+Safari%2F537.36&zoneId=5967693&c2=true&vpw=1600&vph=1200
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.141.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-141-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e762d6ca1ddd7dab2fa0db7702efdbd3bc10e6f7f3be7b0f8818d45d5bcb96d7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://lnk.gameclickads.net/trk/bAxqvF1d45pWHW4v5AoorosX?browser=chrome&browserVersion=117&campaignId=7345864&carrier=%3F&connectionType=broadband&cost=0.000020&country=GB&device=desktop&language=en&operatingSystem=windows&osVersion=win10&paid=727222772392268724&region=man&subzone_id=0&userAgent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.62+Safari%2F537.36&zoneId=5967693&c2=true&vpw=1600&vph=1200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 10:35:41 GMT
last-modified
Thu, 02 Mar 2023 20:34:37 GMT
accept-ranges
bytes
content-length
7804
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript
/
lnk.gameclickads.net/ Frame 4DC2 		812 B
923 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lnk.gameclickads.net/?bt=lnk.adtechcompany.com&ref=&friend=&u=link.joingekko.com%252Fdeep-link%253Fpublisherkey%253D91a2764d-b811-4d30-ab1c-39028e193e54%2526propertyid%253D831073%2526url%253Dhttps%25253A%25252F%25252Fwww.sofasandstuff.com%2526geo%253Dgb%2526merchantid%253D182261%2526clickid%253D6506d67d4ad48c43e3f7eeb5-RL-367142&log=false&type=ROTATOR_LINK&linkId=367142&clickId=6506d67d4ad48c43e3f7eeb5&br=true
Requested by
Host: lnk.gameclickads.net
URL: https://lnk.gameclickads.net/js/c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.141.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-141-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
fa63d1b55f88fa00d5cc6a67ea67ca52bee1d08cfac2349f8a0460bbf92f02d5

Request headers

Referer
https://lnk.gameclickads.net/trk/bAxqvF1d45pWHW4v5AoorosX?browser=chrome&browserVersion=117&campaignId=7345864&carrier=%3F&connectionType=broadband&cost=0.000020&country=GB&device=desktop&language=en&operatingSystem=windows&osVersion=win10&paid=727222772392268724&region=man&subzone_id=0&userAgent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F117.0.5938.62+Safari%2F537.36&zoneId=5967693&c2=true&vpw=1600&vph=1200
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-language
en-GB
content-type
text/html;charset=UTF-8
date
Sun, 17 Sep 2023 10:35:41 GMT
referrer-policy
no-referrer
/
sofasandstuff.com/ Frame 4DC2
Redirect Chain
  • https://link.joingekko.com/deep-link?publisherkey=91a2764d-b811-4d30-ab1c-39028e193e54&propertyid=831073&url=https%3A%2F%2Fwww.sofasandstuff.com&geo=gb&merchantid=182261&clickid=6506d67d4ad48c43e3f...
  • https://www.sofasandstuff.com/
  • https://sofasandstuff.com/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sofasandstuff.com/
Requested by
Host: lnk.gameclickads.net
URL: https://lnk.gameclickads.net/?bt=lnk.adtechcompany.com&ref=&friend=&u=link.joingekko.com%252Fdeep-link%253Fpublisherkey%253D91a2764d-b811-4d30-ab1c-39028e193e54%2526propertyid%253D831073%2526url%253Dhttps%25253A%25252F%25252Fwww.sofasandstuff.com%2526geo%253Dgb%2526merchantid%253D182261%2526clickid%253D6506d67d4ad48c43e3f7eeb5-RL-367142&log=false&type=ROTATOR_LINK&linkId=367142&clickId=6506d67d4ad48c43e3f7eeb5&br=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lnk.gameclickads.net/?bt=lnk.adtechcompany.com&ref=&friend=&u=link.joingekko.com%252Fdeep-link%253Fpublisherkey%253D91a2764d-b811-4d30-ab1c-39028e193e54%2526propertyid%253D831073%2526url%253Dhttps%25253A%25252F%25252Fwww.sofasandstuff.com%2526geo%253Dgb%2526merchantid%253D182261%2526clickid%253D6506d67d4ad48c43e3f7eeb5-RL-367142&log=false&type=ROTATOR_LINK&linkId=367142&clickId=6506d67d4ad48c43e3f7eeb5&br=true
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8080b4330c9b06fd-LHR
content-encoding
gzip
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-type
text/html; charset=utf-8
date
Sun, 17 Sep 2023 10:35:42 GMT
expires
-1
feature-policy
accelerometer 'none'; camera *; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone *; payment *; usb 'none'
pragma
no-cache
referrer-policy
same-origin
request-context
appId=cid-v1:8f72b79c-c273-435c-8fe4-f1694be7d507
server
cloudflare
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=3600
cf-ray
8080b4329c1306fd-LHR
date
Sun, 17 Sep 2023 10:35:41 GMT
expires
Sun, 17 Sep 2023 11:35:41 GMT
location
https://sofasandstuff.com/
server
cloudflare
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture number| vph number| vpw object| jcc

8 Cookies

Domain/Path Name / Value
ak.psaltauw.net/ Name: OAID
Value: 1ba99a1f01be49f4bfc14f54a1e665c2
ak.psaltauw.net/ Name: oaidts
Value: 1694946940
my.rtmark.net/ Name: ID
Value: 1ba99a1f01be49f4bfc14f54a1e665c2
.lnk.gameclickads.net/ Name: v
Value: t
.lnk.gameclickads.net/ Name: cas
Value: 3833:2085:2085:1
.lnk.gameclickads.net/ Name: rls
Value: 367142:2085:2085:1
.lnk.gameclickads.net/ Name: com
Value: 9925:199:GB:2085:2085:1
.sofasandstuff.com/ Name: ARRAffinitySameSite
Value: f402ed00886c6f0108d0d45475f30c4450fd71385d2cd70a4c2038470204e750

1 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://sofasandstuff.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.