1.quickeralerts.com Open in urlscan Pro
2a0b:4d07:102::1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://homings.info/sdefrtgghyujhgfdsfgo
Effective URL:
https://1.quickeralerts.com/?auto_redir=1&auto_redir_time=4&url_inactive=http%3A%2F%2Fgo.nanzerkalo.com%2Fts464-internationa...
Submission: On July 09 via api (July 9th 2021, 9:30:14 am UTC) from BE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 22 HTTP transactions. The main IP is 2a0b:4d07:102::1, located in Switzerland and belongs to PROINITY PROINITY, CH. The main domain is 1.quickeralerts.com.
TLS certificate: Issued by R3 on June 29th 2021. Valid for: 3 months.

This is the only time 1.quickeralerts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	78.141.216.103 78.141.216.103	20473 (AS-CHOOPA) (AS-CHOOPA)
4	23.250.22.59 23.250.22.59	55286 (SERVER-MANIA) (SERVER-MANIA)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21f... 2600:9000:21f3:2800:10:b308:84c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.225.87.37 13.225.87.37	16509 (AMAZON-02) (AMAZON-02)
5	54.166.108.68 54.166.108.68	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3030::6815:21e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3034::ac43:cb26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	52.34.30.73 52.34.30.73	16509 (AMAZON-02) (AMAZON-02)
22	10

2 78.141.216.103 (Amsterdam, Netherlands) 2 redirects

ASN20473 (AS-CHOOPA, US)
PTR: 78.141.216.103.vultr.com

homings.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.250.22.59 (Buffalo, United States)

ASN55286 (SERVER-MANIA, CA)

freshgreatest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:2800:10:b308:84c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.bouncepilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.87.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-37.fra2.r.cloudfront.net

static.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.166.108.68 (United States)

ASN14618 (AMAZON-AES, US)

api.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:21e4 (United States)

ASN13335 (CLOUDFLARENET, US)

offer-notavailable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:cb26 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rapid-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

1.quickeralerts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
impressure-c630.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.34.30.73 (Boardman, United States)

ASN16509 (AMAZON-02, US)

events.impressure.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	traversedlp.com static.traversedlp.com api.traversedlp.com	9 KB
4	freshgreatest.com freshgreatest.com	12 KB
2	kxcdn.com impressure-c630.kxcdn.com	110 KB
2	offer-notavailable.com offer-notavailable.com	94 KB
2	bouncepilot.com static.bouncepilot.com	67 KB
2	googletagmanager.com www.googletagmanager.com	64 KB
2	homings.info 2 redirects homings.info	560 B
1	impressure.io events.impressure.io	1 KB
1	quickeralerts.com 1.quickeralerts.com	7 KB
1	rapid-cdn.com 1 redirects rapid-cdn.com	1 KB
22	10

	Domain	Requested by
5	api.traversedlp.com	static.traversedlp.com
4	freshgreatest.com	freshgreatest.com
2	impressure-c630.kxcdn.com	1.quickeralerts.com
2	offer-notavailable.com	freshgreatest.com offer-notavailable.com
2	static.traversedlp.com	www.googletagmanager.com
2	static.bouncepilot.com	freshgreatest.com
2	www.googletagmanager.com	freshgreatest.com
2	homings.info	2 redirects
1	events.impressure.io	1.quickeralerts.com
1	1.quickeralerts.com	offer-notavailable.com
1	rapid-cdn.com	1 redirects
22	11

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.bouncepilot.com Amazon	`2021-06-23` - `2022-07-22`	a year	crt.sh
*.traversedlp.com Go Daddy Secure Certificate Authority - G2	`2020-12-29` - `2022-01-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh
1.quickeralerts.com R3	`2021-06-29` - `2021-09-27`	3 months	crt.sh
*.kxcdn.com Thawte RSA CA 2018	`2019-07-04` - `2021-09-01`	2 years	crt.sh
impressure.io Amazon	`2021-06-26` - `2022-07-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://1.quickeralerts.com/?auto_redir=1&auto_redir_time=4&url_inactive=http%3A%2F%2Fgo.nanzerkalo.com%2Fts464-internationalemail-general%3Fflux_txid%3D475075720557923304%26flux_hid%3D1288188080961154890
Frame ID: 5F868F79B620B2D08EA30755AC4480A7
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://homings.info/sdefrtgghyujhgfdsfgo HTTP 301
http://homings.info/sdefrtgghyujhgfdsfgo/ HTTP 302
http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?sid1=C8jly&sid2=&sid3=&sid4= Page URL
http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?newcid=4740&sid1=C8jly&sid2=&sid3=&sid4=&... Page URL
https://offer-notavailable.com/bettercontent/?utm_source=203645&utm_medium=27&utm_campaign=245&utm_content=230 Page URL
http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=203645&vert=&cid= HTTP 307
https://1.quickeralerts.com/?auto_redir=1&auto_redir_time=4&url_inactive=http%3A%2F%2Fgo.nanzerkalo.com%... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

22
Requests

77 %
HTTPS

55 %
IPv6

10
Domains

11
Subdomains

10
IPs

4
Countries

365 kB
Transfer

846 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://homings.info/sdefrtgghyujhgfdsfgo HTTP 301
http://homings.info/sdefrtgghyujhgfdsfgo/ HTTP 302
http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?sid1=C8jly&sid2=&sid3=&sid4= Page URL
http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?newcid=4740&sid1=C8jly&sid2=&sid3=&sid4=&dev_click= Page URL
https://offer-notavailable.com/bettercontent/?utm_source=203645&utm_medium=27&utm_campaign=245&utm_content=230 Page URL
http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=203645&vert=&cid= HTTP 307
https://1.quickeralerts.com/?auto_redir=1&auto_redir_time=4&url_inactive=http%3A%2F%2Fgo.nanzerkalo.com%2Fts464-internationalemail-general%3Fflux_txid%3D475075720557923304%26flux_hid%3D1288188080961154890 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://homings.info/sdefrtgghyujhgfdsfgo HTTP 301
http://homings.info/sdefrtgghyujhgfdsfgo/ HTTP 302
http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?sid1=C8jly&sid2=&sid3=&sid4=

22 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/
Redirect Chain

http://homings.info/sdefrtgghyujhgfdsfgo
http://homings.info/sdefrtgghyujhgfdsfgo/
http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?sid1=C8jly&sid2=&sid3=&sid4=

6 KB
6 KB

242ms
205ms

Document
text/html

23.250.22.59
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?sid1=C8jly&sid2=&sid3=&sid4=
Protocol: HTTP/1.1
Server: 23.250.22.59 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software: nginx / PHP/7.3.26
Resource Hash: b04804281ab6c39ee9cbf0123090745284022983e69c8af744f2626cd6e08fbd

Request headers

Host: freshgreatest.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Fri, 09 Jul 2021 09:38:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.26

Redirect headers

Date: Fri, 09 Jul 2021 09:29:55 GMT
Server: Apache
Location: http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?sid1=C8jly&sid2=&sid3=&sid4=
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 81 KB
32 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW

Requested by

Host: freshgreatest.com
URL: http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?sid1=C8jly&sid2=&sid3=&sid4=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c2f1b85f00a02d63a43fa368a56227120dbedd7f678207052d58f92e7675a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://freshgreatest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 09:29:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32854
x-xss-protection: 0
last-modified: Fri, 09 Jul 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Jul 2021 09:29:55 GMT

POST
H/1.1 200
OK fp.php
freshgreatest.com/ 258 B
459 B 453ms
453ms XHR
text/html 23.250.22.59
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://freshgreatest.com/fp.php
Requested by: Host: freshgreatest.com
URL: http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?sid1=C8jly&sid2=&sid3=&sid4=
Protocol: HTTP/1.1
Server: 23.250.22.59 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software: nginx / PHP/7.3.26
Resource Hash

Request headers

Pragma: no-cache
Origin: http://freshgreatest.com
Accept-Encoding: gzip, deflate
Host: freshgreatest.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: */*
Cache-Control: no-cache
Referer: http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?sid1=C8jly&sid2=&sid3=&sid4=
Connection: keep-alive
Content-Length: 822
Referer: http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?sid1=C8jly&sid2=&sid3=&sid4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Fri, 09 Jul 2021 09:38:41 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/7.3.26
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 29a38865-21e1-485f-8a85-c343bbbe30fb.js Show response
static.bouncepilot.com/ 33 KB
33 KB 42ms
8ms Script
application/javascript 2600:9000:21f3:2800:10:b308:84c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bouncepilot.com/29a38865-21e1-485f-8a85-c343bbbe30fb.js
Requested by: Host: freshgreatest.com
URL: http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?sid1=C8jly&sid2=&sid3=&sid4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2800:10:b308:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e61357f90c697f10c90ec9140ad77b04da9b8c38be42c958e1951ac3ece0c0c7

Request headers

Referer: http://freshgreatest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 00:31:45 GMT
via: 1.1 e5b747ffd1713cb17ddd7d55234a3301.cloudfront.net (CloudFront)
last-modified: Wed, 23 Jun 2021 11:19:14 GMT
server: AmazonS3
age: 65485
etag: "f6225316cfad721041627719cf1dfcfd"
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 33917
x-amz-cf-id: ld-Gk2r9pQHlqAE_p2MywfpIEFTgLuPD9u7ewgOEW-xOozKk2tPZOA==

GET
H/1.1 200
OK retargeting.js Show response
static.traversedlp.com/v1/ 11 KB
4 KB 74ms
18ms Script
application/javascript 13.225.87.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.traversedlp.com/v1/retargeting.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-37.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58

Request headers

Referer: http://freshgreatest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: F12F5DseUFay5ZveUw335ReTN1KGpJUZ
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 10 Jun 2021 05:37:15 GMT
Server: AmazonS3
Age: 4694
ETag: W/"c31ba40743566f87f00f822e3cefb390"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Fri, 09 Jul 2021 08:36:11 GMT
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: xiMWx1oaoazxQbb-gar6bZDXeJri2o02fDQr5t42CvCfmPkLylOtUA==

GET
H2 200 cookie Show response
api.traversedlp.com/retargeting/v1/ 18 B
409 B 343ms
116ms XHR
application/json 54.166.108.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargeting/v1/cookie
Requested by: Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.166.108.68 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: 306094011fa17d1eb215263299126f9f95f50a1c2235c991846ccfd1911a6dce

Request headers

Referer: http://freshgreatest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 09:29:55 GMT
server: nginx/1.20.0
etag: W/"12-86d81FY+WDtP4sdiTK7DKw"
vary: Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://freshgreatest.com
access-control-expose-headers
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 18

POST enqueue
api.traversedlp.com/retargetinginclusion/ 0
0

OPTIONS
H2 200 enqueue
api.traversedlp.com/retargetinginclusion/ 0
0 328ms
109ms Preflight
text/html 54.166.108.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargetinginclusion/enqueue
Protocol: H2
Server: 54.166.108.68 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://freshgreatest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 09 Jul 2021 09:29:56 GMT
content-type: text/html; charset=utf-8
content-length: 228
server: nginx/1.20.0
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://freshgreatest.com
access-control-allow-credentials: true
access-control-expose-headers
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers: content-type,authorization
allow: ACL,BIND,CHECKOUT,CONNECT,COPY,DELETE,GET,HEAD,LINK,LOCK,M-SEARCH,MERGE,MKACTIVITY,MKCALENDAR,MKCOL,MOVE,NOTIFY,PATCH,POST,PROPFIND,PROPPATCH,PURGE,PUT,REBIND,REPORT,SEARCH,SOURCE,SUBSCRIBE,TRACE,UNBIND,UNLINK,UNLOCK,UNSUBSCRIBE
etag: W/"e4-6lFXkgJZ15OAZuBnvvjMtg"
vary: Accept-Encoding

GET
H/1.1 200
OK / Show response
freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/ 6 KB
6 KB 111ms
110ms Document
text/html 23.250.22.59
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?newcid=4740&sid1=C8jly&sid2=&sid3=&sid4=&dev_click=
Requested by: Host: freshgreatest.com
URL: http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?sid1=C8jly&sid2=&sid3=&sid4=
Protocol: HTTP/1.1
Server: 23.250.22.59 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software: nginx / PHP/7.3.26
Resource Hash: 01e7f815bae8d706a9e42bb28828f0e2105c7337837dd3c9344105b543207abd

Request headers

Host: freshgreatest.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?sid1=C8jly&sid2=&sid3=&sid4=
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: clkcheck26966=f962d232975858096c6aa2b45c2c5a75_203645
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?sid1=C8jly&sid2=&sid3=&sid4=

Response headers

Server: nginx
Date: Fri, 09 Jul 2021 09:38:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.26

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 81 KB
32 KB 36ms
20ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW

Requested by

Host: freshgreatest.com
URL: http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?newcid=4740&sid1=C8jly&sid2=&sid3=&sid4=&dev_click=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f7acba7b6f932d9a6a2acb9a6cbfa43be2cf55842f97c32e988eba9c93cc243

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://freshgreatest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 09:29:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32855
x-xss-protection: 0
last-modified: Fri, 09 Jul 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Jul 2021 09:29:56 GMT

POST
H/1.1 200
OK fp.php
freshgreatest.com/ 233 B
433 B 323ms
323ms XHR
text/html 23.250.22.59
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: http://freshgreatest.com/fp.php
Requested by: Host: freshgreatest.com
URL: http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?newcid=4740&sid1=C8jly&sid2=&sid3=&sid4=&dev_click=
Protocol: HTTP/1.1
Server: 23.250.22.59 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software: nginx / PHP/7.3.26
Resource Hash

Request headers

Pragma: no-cache
Origin: http://freshgreatest.com
Accept-Encoding: gzip, deflate
Host: freshgreatest.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: */*
Cache-Control: no-cache
Referer: http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?newcid=4740&sid1=C8jly&sid2=&sid3=&sid4=&dev_click=
Cookie: clkcheck26966=f962d232975858096c6aa2b45c2c5a75_203645
Connection: keep-alive
Content-Length: 853
Referer: http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?newcid=4740&sid1=C8jly&sid2=&sid3=&sid4=&dev_click=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Fri, 09 Jul 2021 09:38:42 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/7.3.26
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 29a38865-21e1-485f-8a85-c343bbbe30fb.js Show response
static.bouncepilot.com/ 33 KB
33 KB 9ms
9ms Script
application/javascript 2600:9000:21f3:2800:10:b308:84c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bouncepilot.com/29a38865-21e1-485f-8a85-c343bbbe30fb.js
Requested by: Host: freshgreatest.com
URL: http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?sid1=C8jly&sid2=&sid3=&sid4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2800:10:b308:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e61357f90c697f10c90ec9140ad77b04da9b8c38be42c958e1951ac3ece0c0c7

Request headers

Referer: http://freshgreatest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 00:31:45 GMT
via: 1.1 e5b747ffd1713cb17ddd7d55234a3301.cloudfront.net (CloudFront)
last-modified: Wed, 23 Jun 2021 11:19:14 GMT
server: AmazonS3
age: 65486
etag: "f6225316cfad721041627719cf1dfcfd"
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 33917
x-amz-cf-id: DRjp6quhRfHn3OKynJ8SlnDkbzsI4MtEgcbjwoVIfKtv97AngklQTA==

GET
H/1.1 200
OK retargeting.js Show response
static.traversedlp.com/v1/ 11 KB
4 KB 21ms
21ms Script
application/javascript 13.225.87.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.traversedlp.com/v1/retargeting.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-37.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58

Request headers

Referer: http://freshgreatest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: F12F5DseUFay5ZveUw335ReTN1KGpJUZ
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 10 Jun 2021 05:37:15 GMT
Server: AmazonS3
Age: 4695
ETag: W/"c31ba40743566f87f00f822e3cefb390"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Fri, 09 Jul 2021 08:36:11 GMT
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: ofneNxkuXlia4mjICe9PsPdC3nAUheaWl7Kkc8lY-v2XWLFcUt3J9g==

GET
H2 200 cookie Show response
api.traversedlp.com/retargeting/v1/ 18 B
409 B 113ms
113ms XHR
application/json 54.166.108.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargeting/v1/cookie
Requested by: Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.166.108.68 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: 306094011fa17d1eb215263299126f9f95f50a1c2235c991846ccfd1911a6dce

Request headers

Referer: http://freshgreatest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 09:29:56 GMT
server: nginx/1.20.0
etag: W/"12-86d81FY+WDtP4sdiTK7DKw"
vary: Accept-Encoding
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://freshgreatest.com
access-control-expose-headers
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 18

POST
H2 200 enqueue
api.traversedlp.com/retargetinginclusion/ 0
325 B 110ms
110ms XHR
text/plain 54.166.108.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargetinginclusion/enqueue
Requested by: Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.166.108.68 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash

Request headers

Referer: http://freshgreatest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: http://freshgreatest.com
date: Fri, 09 Jul 2021 09:29:56 GMT
access-control-allow-credentials: true
server: nginx/1.20.0
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
vary: X-HTTP-Method-Override
access-control-expose-headers

OPTIONS
H2 200 enqueue
api.traversedlp.com/retargetinginclusion/ 0
0 107ms
107ms Preflight
text/html 54.166.108.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.traversedlp.com/retargetinginclusion/enqueue
Protocol: H2
Server: 54.166.108.68 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://freshgreatest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 09 Jul 2021 09:29:56 GMT
content-type: text/html; charset=utf-8
content-length: 228
server: nginx/1.20.0
p3p: CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin: http://freshgreatest.com
access-control-allow-credentials: true
access-control-expose-headers
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers: content-type,authorization
allow: ACL,BIND,CHECKOUT,CONNECT,COPY,DELETE,GET,HEAD,LINK,LOCK,M-SEARCH,MERGE,MKACTIVITY,MKCALENDAR,MKCOL,MOVE,NOTIFY,PATCH,POST,PROPFIND,PROPPATCH,PURGE,PUT,REBIND,REPORT,SEARCH,SOURCE,SUBSCRIBE,TRACE,UNBIND,UNLINK,UNLOCK,UNSUBSCRIBE
etag: W/"e4-6lFXkgJZ15OAZuBnvvjMtg"
vary: Accept-Encoding

GET
H2 200 / Show response
offer-notavailable.com/bettercontent/ 3 KB
1 KB 282ms
250ms Document
text/html 2606:4700:3030::6815:21e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offer-notavailable.com/bettercontent/?utm_source=203645&utm_medium=27&utm_campaign=245&utm_content=230
Requested by: Host: freshgreatest.com
URL: http://freshgreatest.com/a5c088f19c036c26c3443c18c6c677d7e/?newcid=4740&sid1=C8jly&sid2=&sid3=&sid4=&dev_click=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:21e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98d92366837e947ba10c5cc02b19100b05c2d519755fb0c649a5e54faea3b82b

Request headers

:method: GET
:authority: offer-notavailable.com
:scheme: https
:path: /bettercontent/?utm_source=203645&utm_medium=27&utm_campaign=245&utm_content=230
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://freshgreatest.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://freshgreatest.com/

Response headers

date: Fri, 09 Jul 2021 09:29:56 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=55EmTE4vWL9z%2FCblUYXXUqUTfNJdl2BeB67dRqP4a58thE7r9WFhdHuu5AKI7X02I%2FrZxCyMVvdihludXDrf1FkMQJFLEjS0F%2FYZkU8WhVGqbOn9Ur2TwkV0WFbg1AY2YhPX8jtl0pNXA8aKLbAUpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66c087e07d71c272-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 desktop.png
offer-notavailable.com/bettercontent/images/ 92 KB
93 KB 65ms
48ms Image
image/png 2606:4700:3030::6815:21e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer-notavailable.com/bettercontent/images/desktop.png
Requested by: Host: offer-notavailable.com
URL: https://offer-notavailable.com/bettercontent/?utm_source=203645&utm_medium=27&utm_campaign=245&utm_content=230
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:21e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaa36f72eb72b3aff2db9f718a8dd759386c865beb007d21521c120d4a1c1864

Request headers

:path: /bettercontent/images/desktop.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: offer-notavailable.com
referer: https://offer-notavailable.com/bettercontent/?utm_source=203645&utm_medium=27&utm_campaign=245&utm_content=230
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://offer-notavailable.com/bettercontent/?utm_source=203645&utm_medium=27&utm_campaign=245&utm_content=230
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 09:29:56 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1483326
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 94237
last-modified: Wed, 06 Nov 2019 23:26:55 GMT
server: cloudflare
etag: "5dc356bf-1701d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mvGgEXK9NFyteMREdjwiu6zWV1ZwtCJmH9hDLSgva7stx01L%2FTb%2B8KJnCY0RAPjzi931wPw7wBxEVkB2EUlaQVNKuJp22NM34qpqpqudghxnx7gZsbbyyEielpkBKSfzI989xnbMcCNLtITlqZu9ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 66c087e22f65c29a-FRA
expires: Thu, 22 Jul 2021 05:27:50 GMT

GET
H2

200

Primary Request / Show response
1.quickeralerts.com/
Redirect Chain

http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=203645&vert=&cid=
https://1.quickeralerts.com/?auto_redir=1&auto_redir_time=4&url_inactive=http%3A%2F%2Fgo.nanzerkalo.com%2Fts464-internationalemail-general%3Fflux_txid%3D475075720557923304%26flux_hid%3D128818808096...

50 KB
7 KB

35ms
6ms

Document
text/html

2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://1.quickeralerts.com/?auto_redir=1&auto_redir_time=4&url_inactive=http%3A%2F%2Fgo.nanzerkalo.com%2Fts464-internationalemail-general%3Fflux_txid%3D475075720557923304%26flux_hid%3D1288188080961154890
Requested by: Host: offer-notavailable.com
URL: https://offer-notavailable.com/bettercontent/?utm_source=203645&utm_medium=27&utm_campaign=245&utm_content=230
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 42cab712f9d94f3d7d5b7369b0ed1c6105de824488be92e88cb63ea17d24196e

Request headers

:method: GET
:authority: 1.quickeralerts.com
:scheme: https
:path: /?auto_redir=1&auto_redir_time=4&url_inactive=http%3A%2F%2Fgo.nanzerkalo.com%2Fts464-internationalemail-general%3Fflux_txid%3D475075720557923304%26flux_hid%3D1288188080961154890
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://offer-notavailable.com/bettercontent/?utm_source=203645&utm_medium=27&utm_campaign=245&utm_content=230

Response headers

server: keycdn-engine
date: Fri, 09 Jul 2021 09:30:00 GMT
content-type: text/html
content-length: 7115
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: br
etag: "83369c43772bdf822a97b8799f262dc1"
last-modified: Wed, 30 Jun 2021 05:51:37 GMT
x-amz-version-id: H5oV8BkSEyrE.snHYY8oukH2sLbi0r8B
x-cache-status: HIT
x-cache: HIT
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

Date: Fri, 09 Jul 2021 09:30:00 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.14
Set-Cookie: PHPSESSID=999af12fb4548cc1a91e6e9a4a4672a2; expires=Fri, 16-Jul-2021 09:30:00 GMT; Max-Age=604800; path=/; secure; SameSite=None csid3=999af12fb4548cc1a91e6e9a4a4672a2; expires=Sat, 09-Jul-2022 09:30:00 GMT; Max-Age=31536000; path=/; secure; SameSite=None PHPSESSID=999af12fb4548cc1a91e6e9a4a4672a2; expires=Sat, 10-Jul-2021 09:30:00 GMT; Max-Age=86400; path=/; secure; SameSite=None
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Robots-Tag: noindex, noarchive, nofollow
P3P: CP="This is not a P3P policy"
Location: https://1.quickeralerts.com/?auto_redir=1&auto_redir_time=4&url_inactive=http%3A%2F%2Fgo.nanzerkalo.com%2Fts464-internationalemail-general%3Fflux_txid%3D475075720557923304%26flux_hid%3D1288188080961154890
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ebRsEPc3aC6CWPASGQXAI9YK25BHUeaIzWTPs9EukZF0Qy0ylxPSXwReG9jqfp79pr77Z5OQ1QhBj9FsCLE23bzKQzqJ7zBbQDzq1XHie0xvFoh2p4ZEGQxzt1O9mOae1AMZHw3qcw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 66c087f59bd9c2c7-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 presenter.4717d24.css
impressure-c630.kxcdn.com/ 19 KB
5 KB 24ms
7ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/presenter.4717d24.css
Requested by: Host: 1.quickeralerts.com
URL: https://1.quickeralerts.com/?auto_redir=1&auto_redir_time=4&url_inactive=http%3A%2F%2Fgo.nanzerkalo.com%2Fts464-internationalemail-general%3Fflux_txid%3D475075720557923304%26flux_hid%3D1288188080961154890
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: baacbac8ea102fe556f4d7d75f0ed28614f1c6712ef7c124df6ad7cfbc4cf744

Request headers

Referer: https://1.quickeralerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 09:30:00 GMT
content-encoding: br
x-amz-request-id: 1190EACD58GE51FW
x-edge-location: defr
x-cache: HIT
content-length: 4928
x-amz-id-2: ks/2bbKKURi5UceDiSy9h2jKuu4DC1MI795pBOpCk268reXWWCR+95tXQ9j/y37ed4PQ2xKb89Q=
last-modified: Wed, 09 Oct 2019 17:37:18 GMT
server: keycdn-engine
etag: "e39087b2545506688b40e35efb46751b"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Fri, 16 Jul 2021 09:30:00 GMT

GET
H2 200 presenter.473070e.js Show response
impressure-c630.kxcdn.com/ 394 KB
105 KB 19ms
6ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/presenter.473070e.js
Requested by: Host: 1.quickeralerts.com
URL: https://1.quickeralerts.com/?auto_redir=1&auto_redir_time=4&url_inactive=http%3A%2F%2Fgo.nanzerkalo.com%2Fts464-internationalemail-general%3Fflux_txid%3D475075720557923304%26flux_hid%3D1288188080961154890
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 61d209a38eb261fd73db6b21314a9fbe683582e8b2014568ab90e99338e722da

Request headers

Origin: https://1.quickeralerts.com
Referer: https://1.quickeralerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 09:30:00 GMT
content-encoding: br
x-amz-request-id: 0F8B068NEKNEYKJK
x-edge-location: defr
x-cache: HIT
content-length: 106778
x-amz-id-2: 7JLHEXG8dCFiBd/XMnpHa5RcI7OSvvANNH0WjrpqsRag1hNKwekf7phYSfEHwI0SCSl9yIUVt7A=
last-modified: Mon, 28 Sep 2020 04:36:37 GMT
server: keycdn-engine
etag: "399bc418707e540a42b4a31c42fa707b"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Fri, 16 Jul 2021 09:30:00 GMT

GET
H/1.1 200
OK info Show response
events.impressure.io/ 902 B
1 KB 733ms
175ms XHR
application/json 52.34.30.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.impressure.io/info?v=2&nonce=11257589639229528&userId=

Requested by

Host: 1.quickeralerts.com
URL: https://1.quickeralerts.com/?auto_redir=1&auto_redir_time=4&url_inactive=http%3A%2F%2Fgo.nanzerkalo.com%2Fts464-internationalemail-general%3Fflux_txid%3D475075720557923304%26flux_hid%3D1288188080961154890

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.34.30.73 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / Express

Resource Hash

893315243e5dd841a266c37daddc70e33944bd00a9bfd08d91150ee7ff9d7751

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1.quickeralerts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 09 Jul 2021 09:30:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Powered-By: Express
Vary: Accept-Encoding, Origin
P3P: CP="Impressure does not have a P3P policy."
Access-Control-Allow-Origin: https://1.quickeralerts.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 632
ETag: W/"386-tas2cCKcwUxbSA/sbK6enlYZiPw"

GET
DATA 200
OK truncated
/ 24 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 866a16ed24f1fa83115a250c8ef38f561e0850e499604cb8210d813de56708dc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.traversedlp.com
URL: https://api.traversedlp.com/retargetinginclusion/enqueue

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			1.quickeralerts.com/	1978-01-11 21:31:40	Name: _user_random Value: 0.8239937043405887
			.quickeralerts.com/	1978-01-11 21:31:40	Name: _user_time Value: 1625823000267\|1625823000267

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://impressure-c630.kxcdn.com/presenter.473070e.js(Line 1) Message: 🗂 [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.quickeralerts.com
api.traversedlp.com
events.impressure.io
freshgreatest.com
homings.info
impressure-c630.kxcdn.com
offer-notavailable.com
rapid-cdn.com
static.bouncepilot.com
static.traversedlp.com
www.googletagmanager.com
api.traversedlp.com
13.225.87.37
23.250.22.59
2600:9000:21f3:2800:10:b308:84c0:93a1
2606:4700:3030::6815:21e4
2606:4700:3034::ac43:cb26
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2008
2a0b:4d07:102::1
52.34.30.73
54.166.108.68
78.141.216.103
01e7f815bae8d706a9e42bb28828f0e2105c7337837dd3c9344105b543207abd
0f7acba7b6f932d9a6a2acb9a6cbfa43be2cf55842f97c32e988eba9c93cc243
306094011fa17d1eb215263299126f9f95f50a1c2235c991846ccfd1911a6dce
3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58
42cab712f9d94f3d7d5b7369b0ed1c6105de824488be92e88cb63ea17d24196e
61d209a38eb261fd73db6b21314a9fbe683582e8b2014568ab90e99338e722da
866a16ed24f1fa83115a250c8ef38f561e0850e499604cb8210d813de56708dc
893315243e5dd841a266c37daddc70e33944bd00a9bfd08d91150ee7ff9d7751
98d92366837e947ba10c5cc02b19100b05c2d519755fb0c649a5e54faea3b82b
9c2f1b85f00a02d63a43fa368a56227120dbedd7f678207052d58f92e7675a7f
b04804281ab6c39ee9cbf0123090745284022983e69c8af744f2626cd6e08fbd
baacbac8ea102fe556f4d7d75f0ed28614f1c6712ef7c124df6ad7cfbc4cf744
e61357f90c697f10c90ec9140ad77b04da9b8c38be42c958e1951ac3ece0c0c7
eaa36f72eb72b3aff2db9f718a8dd759386c865beb007d21521c120d4a1c1864

1.quickeralerts.com Open in urlscan Pro 2a0b:4d07:102::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

77 %HTTPS

55 %IPv6

10 Domains

11 Subdomains

10 IPs

4 Countries

365 kBTransfer

846 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

1.quickeralerts.com Open in urlscan Pro
2a0b:4d07:102::1 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

77 %
HTTPS

55 %
IPv6

10
Domains

11
Subdomains

10
IPs

4
Countries

365 kB
Transfer

846 kB
Size

2
Cookies

22 HTTP transactions
1 data transactions