grabify.link Open in urlscan Pro
104.27.156.221 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://goo.gl/pjqXCi
Effective URL:
https://grabify.link/4CAO4E
Submission: On January 25 via manual (January 25th 2019, 6:30:53 pm UTC) from BR

Summary HTTP 8 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 8 domains to perform 8 HTTP transactions. The main IP is 104.27.156.221, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is grabify.link.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on January 23rd 2019. Valid for: 6 months.

This is the only time grabify.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a00:1450:400... 2a00:1450:4001:81e::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	104.28.24.237 104.28.24.237	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	104.27.156.221 104.27.156.221	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	108.161.189.78 108.161.189.78	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	178.128.41.241 178.128.41.241	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
1	94.31.29.32 94.31.29.32	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1 2	172.217.16.166 172.217.16.166	15169 (GOOGLE) (GOOGLE - Google LLC)
8	6

1 2a00:1450:4001:81e::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

goo.gl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.28.24.237 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

joinmy.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.27.156.221 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

grabify.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.161.189.78 (Los Angeles, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

m.servedby-buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.128.41.241 (Greece)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
PTR: srv-eu-ldn-7.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.32 (United Kingdom)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.166 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f166.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	grabify.link grabify.link	14 KB
2	doubleclick.net 1 redirects ad.doubleclick.net	696 B
1	buysellads.net cdn4.buysellads.net	9 KB
1	buysellads.com srv.buysellads.com	1 KB
1	servedby-buysellads.com m.servedby-buysellads.com	12 KB
1	joinmy.site 1 redirects joinmy.site	284 B
1	goo.gl 1 redirects goo.gl	627 B
0	convertro.com Failed slack.sp1.convertro.com Failed
8	8

	Domain	Requested by
3	grabify.link	grabify.link
2	ad.doubleclick.net	1 redirects grabify.link
1	cdn4.buysellads.net	grabify.link
1	srv.buysellads.com	m.servedby-buysellads.com
1	m.servedby-buysellads.com	grabify.link
1	joinmy.site	1 redirects
1	goo.gl	1 redirects
0	slack.sp1.convertro.com Failed	grabify.link
8	8

This site contains links to these domains. Also see Links.

Domain
srv.buysellads.com
www.buysellads.com

Subject Issuer	Validity	Valid
sni251565.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-01-23` - `2019-08-01`	6 months	crt.sh
*.servedby-buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2019-01-18` - `2021-01-17`	2 years	crt.sh
*.buysellads.com COMODO RSA Domain Validation Secure Server CA	`2017-04-20` - `2020-06-12`	3 years	crt.sh
cdn4.buysellads.net COMODO RSA Domain Validation Secure Server CA	`2018-08-27` - `2019-08-30`	a year	crt.sh
*.doubleclick.net Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://grabify.link/4CAO4E
Frame ID: 36CCBA2EDCDA9A446EE749B1C356A04E
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://goo.gl/pjqXCi HTTP 302
https://joinmy.site/4CAO4E HTTP 301
https://grabify.link/4CAO4E Page URL

Detected technologies

BuySellAds (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^_bsa/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Page Statistics

8
Requests

88 %
HTTPS

14 %
IPv6

8
Domains

8
Subdomains

6
IPs

4
Countries

37 kB
Transfer

110 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://srv.buysellads.com/ads/click/x/GTND42QWFTBDCKQUCKALYKQMCEADC2QICYBD4Z3JCWBDEK7LC6ADV27KC6BIV53WCKAI6K3EHJNCLSIZ?segment=placement:grabifylink;
Title: Sponsored by SlackBring your team together with Slack, the collaboration hub for work.Learn More

Search URL Search Domain Scan URL

URL: https://www.buysellads.com/?utm_source=grabify-link-flex-bar&utm_medium=ad_via_link&utm_campaign=in_unit&utm_term=flexbar
Title: Ad via BuySellAds

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://goo.gl/pjqXCi HTTP 302
https://joinmy.site/4CAO4E HTTP 301
https://grabify.link/4CAO4E Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://ad.doubleclick.net/ddm/trackimp/N32602.3091281BUYSELLADS/B21259774.231303266;dc_trk_aid=429131586;dc_trk_cid=107224923;ord=1548441036;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N32602.3091281BUYSELLADS/B21259774.231303266;dc_pre=CMmJ3a_IieACFVo64AodvwAD3g;dc_trk_aid=429131586;dc_trk_cid=107224923;ord=1548441036;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 4CAO4E Show response
grabify.link/
Redirect Chain

https://goo.gl/pjqXCi
https://joinmy.site/4CAO4E
https://grabify.link/4CAO4E

4 KB
2 KB

960ms
859ms

Document
text/html

104.27.156.221
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://grabify.link/4CAO4E
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.27.156.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55c860df8359261558f3c2917cb09799f94c3a6304e7ca5fb043e374f33b0d4f

Request headers

:method: GET
:authority: grabify.link
:scheme: https
:path: /4CAO4E
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 25 Jan 2019 18:30:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=db2eb17f907bb4a002148aa129052510d1548441034; expires=Sat, 25-Jan-20 18:30:34 GMT; path=/; domain=.grabify.link; HttpOnly XSRF-TOKEN=eyJpdiI6IllQVFwvWERHbWdSV0FXTFJqSitSeHN3PT0iLCJ2YWx1ZSI6IkpXMlZ2RjlPUU16VDh5NmFRbGpCSmJCRk1BWW5jZEVtM3J4WVFram81TTI5cXRaZjdXVnJmbURlT1BFXC9kcm9jIiwibWFjIjoiNmM2ZWMzMDM0YzM0MjQyNGYwZWJlOTQ3MjgwODhiYWVhNzdkMjJiNWFjYjNlMjJhM2YyZTgzOGFiZTE1YTU0MiJ9; expires=Fri, 25-Jan-2019 20:30:35 GMT; Max-Age=7200; path=/ grabify_ip_logger_session=eyJpdiI6IjQ4SWdrTDZETzNick5mMDlyZ0E1RGc9PSIsInZhbHVlIjoibnhGKytaSUMxb3E5V3ZzK0FCM3ZXOVwvaHVYU3c0MFJiVDgrb3Z5WFNuSmtcL0EyTU9CNzZNQjJnTUVZZ2xBdHNJIiwibWFjIjoiMWUwM2Q3YTYwZmEzMzg3NmVkZDNjZDQ5NGU0YWUzOGUyYTRhNjdkNjY4YzBlZTQxOTA5YWNiNWIzODc0NjdkMSJ9; expires=Fri, 25-Jan-2019 20:30:35 GMT; Max-Age=7200; path=/; httponly
cache-control: no-cache, private
x-ratelimit-limit: 10
x-ratelimit-remaining: 8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 49eccfd3c9d6c82d-AMS
content-encoding: br

Redirect headers

status: 301
date: Fri, 25 Jan 2019 18:30:34 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d4937447090992ebcd5e0e955f763dfef1548441034; expires=Sat, 25-Jan-20 18:30:34 GMT; path=/; domain=.joinmy.site; HttpOnly
location: https://grabify.link/4CAO4E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 49eccfcf9d019be7-AMS

GET
H/1.1 200
OK monetization.js Show response
m.servedby-buysellads.com/ 42 KB
12 KB 1085ms
15ms Script
application/javascript 108.161.189.78
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.servedby-buysellads.com/monetization.js
Requested by: Host: grabify.link
URL: https://grabify.link/4CAO4E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.189.78 Los Angeles, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1b3c387cb07e57baaf399723e49d98b39e4969dc03f24c1fe4e664c0506362d2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 25 Jan 2019 18:30:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Jan 2019 20:44:49 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: 651A5338C9475765
ETag: W/"73e5f18738e1503fc2e77d41337fa996"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
x-amz-id-2: FZeYMmHQfxPA+zc1iXRBgUzila7m15FOG/japyF+du/vnMQICO0+FqBuxEa6KHMQa/I9cnrNEmc=
Expires: Sat, 26 Jan 2019 18:30:36 GMT

GET
H2 200 jquery-2.5.1.min.js Show response
grabify.link/js/ 54 KB
11 KB 1144ms
1141ms Script
application/javascript 104.27.156.221
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://grabify.link/js/jquery-2.5.1.min.js
Requested by: Host: grabify.link
URL: https://grabify.link/4CAO4E
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.27.156.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0737aa02c77b0a98a4a13d27fa49356c825c45a1e8a12df32b942a3e580b9cb9

Request headers

:path: /js/jquery-2.5.1.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: grabify.link
cookie: __cfduid=db2eb17f907bb4a002148aa129052510d1548441034; XSRF-TOKEN=eyJpdiI6IllQVFwvWERHbWdSV0FXTFJqSitSeHN3PT0iLCJ2YWx1ZSI6IkpXMlZ2RjlPUU16VDh5NmFRbGpCSmJCRk1BWW5jZEVtM3J4WVFram81TTI5cXRaZjdXVnJmbURlT1BFXC9kcm9jIiwibWFjIjoiNmM2ZWMzMDM0YzM0MjQyNGYwZWJlOTQ3MjgwODhiYWVhNzdkMjJiNWFjYjNlMjJhM2YyZTgzOGFiZTE1YTU0MiJ9; grabify_ip_logger_session=eyJpdiI6IjQ4SWdrTDZETzNick5mMDlyZ0E1RGc9PSIsInZhbHVlIjoibnhGKytaSUMxb3E5V3ZzK0FCM3ZXOVwvaHVYU3c0MFJiVDgrb3Z5WFNuSmtcL0EyTU9CNzZNQjJnTUVZZ2xBdHNJIiwibWFjIjoiMWUwM2Q3YTYwZmEzMzg3NmVkZDNjZDQ5NGU0YWUzOGUyYTRhNjdkNjY4YzBlZTQxOTA5YWNiNWIzODc0NjdkMSJ9
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 25 Jan 2019 18:30:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Jan 2019 01:38:21 GMT
server: cloudflare
etag: W/"80243028f3b1d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: no-cache
cf-ray: 49eccfd93e10c82d-AMS

GET
H/1.1 200
OK CK7D5K7J.json Show response
srv.buysellads.com/ads/ 2 KB
1 KB 97ms
33ms Script
application/javascript 178.128.41.241
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CK7D5K7J.json?callback=_bsa_go&segment=placement:grabifylink
Requested by: Host: m.servedby-buysellads.com
URL: https://m.servedby-buysellads.com/monetization.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.128.41.241 , Greece, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS: srv-eu-ldn-7.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 8ac4e25f80c488499f5aee167150cad4a03719b948801eea3a55bcd1b67e995f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 25 Jan 2019 18:30:36 GMT
Content-Encoding: gzip
Server: //srv.buysellads.com
Content-Length: 1211
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8

POST
H2 200 js Show response
grabify.link/api/ 16 B
648 B 385ms
385ms XHR
application/json 104.27.156.221
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://grabify.link/api/js
Requested by: Host: grabify.link
URL: https://grabify.link/js/jquery-2.5.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.27.156.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25b030b2192bba7f61f1707c44f5cb875a6cd5bfb4867e548757392c30d693b3

Request headers

:path: /api/js
pragma: no-cache
origin: https://grabify.link
accept-encoding: gzip, deflate, br
x-csrf-token: AmICTc0MMh7aOeA7BLtz6y8abXyoCgwtCns5WXLb
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: grabify.link
cookie: __cfduid=db2eb17f907bb4a002148aa129052510d1548441034; XSRF-TOKEN=eyJpdiI6IllQVFwvWERHbWdSV0FXTFJqSitSeHN3PT0iLCJ2YWx1ZSI6IkpXMlZ2RjlPUU16VDh5NmFRbGpCSmJCRk1BWW5jZEVtM3J4WVFram81TTI5cXRaZjdXVnJmbURlT1BFXC9kcm9jIiwibWFjIjoiNmM2ZWMzMDM0YzM0MjQyNGYwZWJlOTQ3MjgwODhiYWVhNzdkMjJiNWFjYjNlMjJhM2YyZTgzOGFiZTE1YTU0MiJ9; grabify_ip_logger_session=eyJpdiI6IjQ4SWdrTDZETzNick5mMDlyZ0E1RGc9PSIsInZhbHVlIjoibnhGKytaSUMxb3E5V3ZzK0FCM3ZXOVwvaHVYU3c0MFJiVDgrb3Z5WFNuSmtcL0EyTU9CNzZNQjJnTUVZZ2xBdHNJIiwibWFjIjoiMWUwM2Q3YTYwZmEzMzg3NmVkZDNjZDQ5NGU0YWUzOGUyYTRhNjdkNjY4YzBlZTQxOTA5YWNiNWIzODc0NjdkMSJ9
:scheme: https
user-agents: QW1JQ1RjME1NaDdhT2VBN0JMdHo2eThhYlh5b0Nnd3RDbnM1V1hMYg==
content-length: 832
:method: POST
Origin: https://grabify.link
X-CSRF-TOKEN: AmICTc0MMh7aOeA7BLtz6y8abXyoCgwtCns5WXLb
User-Agents: QW1JQ1RjME1NaDdhT2VBN0JMdHo2eThhYlh5b0Nnd3RDbnM1V1hMYg==
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 25 Jan 2019 18:30:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining: 7
content-type: application/json
status: 200
cache-control: no-cache, private
x-ratelimit-limit: 10
set-cookie: XSRF-TOKEN=eyJpdiI6IklzN1FaWkp4TmtcL3FORkVJQ2tNWVdRPT0iLCJ2YWx1ZSI6IjZISjNwU1l1ekNYSU9HTW16SE9cLytwczNvODJQMkRrdDg0bzRxQUZ0K0tZbDA3RTlQS05uRkZReDY4NEtGODRaIiwibWFjIjoiNzFjMjRhZTc1NjgxYzc2NDMwYTA3ZjczYWI4ODdiZDJiMzYwZjgxZjQ1NTBmMGJkNzRlYmI1ZDM1OTY2YTNjNyJ9; expires=Fri, 25-Jan-2019 20:30:37 GMT; Max-Age=7200; path=/ grabify_ip_logger_session=eyJpdiI6Im9KUnNldkNXakdUbEZENGVWM2twVHc9PSIsInZhbHVlIjoiUytVRXBGWXVrVjB6Vmx0ck1KV1ltY0NSYzloN3VJazZ0VlhobFdVYWUxRE94N2I1NFRrR014c0lkZ0tBb3d3NCIsIm1hYyI6IjIyOWVmM2JmOTZlZjgxOGIyNmQ4ZGM2NmQ4Mzc3ZWViNzhjY2UzYTI4ZTBjOGY3ZTFhNDhiNDBmNDhkYmI3MjUifQ%3D%3D; expires=Fri, 25-Jan-2019 20:30:37 GMT; Max-Age=7200; path=/; httponly
cf-ray: 49eccfe08906c82d-AMS
content-length: 16

GET
H2 200 1547664122-slack-native-solid_2x.png
cdn4.buysellads.net/uu/1/41629/ 9 KB
9 KB 814ms
13ms Image
image/png 94.31.29.32
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/uu/1/41629/1547664122-slack-native-solid_2x.png
Requested by: Host: grabify.link
URL: https://grabify.link/4CAO4E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: f9e5afbfe649595ccf8d1a46732db21264ab71b4b1f81dc0357a7486bd9e2efd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 25 Jan 2019 18:30:37 GMT
last-modified: Wed, 16 Jan 2019 18:42:03 GMT
server: NetDNA-cache/2.2
x-amz-request-id: CB17231ED4CD0969
etag: "55a372c621213c602ba09e10a87b9626"
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 9152
x-amz-id-2: YHTtkcG6qyYZ7fQX1+dsp6TJ2JzFkIz8Xgr0RTFlMWqIKtb+UbJVFZlOlYiq5HRyy2Id+bp4AeM=
expires: Mon, 20 Jan 2020 18:30:37 GMT

GET
H2

200

B21259774.231303266;dc_pre=CMmJ3a_IieACFVo64AodvwAD3g;dc_trk_aid=429131586;dc_trk_cid=107224923;ord=1548441036;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N32602.3091281BUYSELLADS/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N32602.3091281BUYSELLADS/B21259774.231303266;dc_trk_aid=429131586;dc_trk_cid=107224923;ord=1548441036;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/trackimp/N32602.3091281BUYSELLADS/B21259774.231303266;dc_pre=CMmJ3a_IieACFVo64AodvwAD3g;dc_trk_aid=429131586;dc_trk_cid=107224923;ord=1548441036;dc_lat=;dc_rdid=;tag_...

42 B
120 B

27ms
27ms

Image
image/gif

172.217.16.166
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N32602.3091281BUYSELLADS/B21259774.231303266;dc_pre=CMmJ3a_IieACFVo64AodvwAD3g;dc_trk_aid=429131586;dc_trk_cid=107224923;ord=1548441036;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: grabify.link
URL: https://grabify.link/4CAO4E

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.16.166 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f166.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Jan 2019 18:30:37 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Jan 2019 18:30:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://ad.doubleclick.net/ddm/trackimp/N32602.3091281BUYSELLADS/B21259774.231303266;dc_pre=CMmJ3a_IieACFVo64AodvwAD3g;dc_trk_aid=429131586;dc_trk_cid=107224923;ord=1548441036;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET cvo.gif
slack.sp1.convertro.com/view/vt/v1/slack/0/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: slack.sp1.convertro.com
URL: https://slack.sp1.convertro.com/view/vt/v1/slack/0/cvo.gif?cvosrc=display.carbon.two%20cpc&utm_source=carbon&utm_medium=display&utm_campaign=two%20cpc

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
grabify.link/	1970-01-18 22:07:28	Name: grabify_ip_logger_session Value: eyJpdiI6Im9KUnNldkNXakdUbEZENGVWM2twVHc9PSIsInZhbHVlIjoiUytVRXBGWXVrVjB6Vmx0ck1KV1ltY0NSYzloN3VJazZ0VlhobFdVYWUxRE94N2I1NFRrR014c0lkZ0tBb3d3NCIsIm1hYyI6IjIyOWVmM2JmOTZlZjgxOGIyNmQ4ZGM2NmQ4Mzc3ZWViNzhjY2UzYTI4ZTBjOGY3ZTFhNDhiNDBmNDhkYmI3MjUifQ%3D%3D
grabify.link/	1970-01-18 22:07:28	Name: XSRF-TOKEN Value: eyJpdiI6IklzN1FaWkp4TmtcL3FORkVJQ2tNWVdRPT0iLCJ2YWx1ZSI6IjZISjNwU1l1ekNYSU9HTW16SE9cLytwczNvODJQMkRrdDg0bzRxQUZ0K0tZbDA3RTlQS05uRkZReDY4NEtGODRaIiwibWFjIjoiNzFjMjRhZTc1NjgxYzc2NDMwYTA3ZjczYWI4ODdiZDJiMzYwZjgxZjQ1NTBmMGJkNzRlYmI1ZDM1OTY2YTNjNyJ9
.grabify.link/	1970-01-19 06:52:57	Name: __cfduid Value: db2eb17f907bb4a002148aa129052510d1548441034

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cdn4.buysellads.net
goo.gl
grabify.link
joinmy.site
m.servedby-buysellads.com
slack.sp1.convertro.com
srv.buysellads.com
slack.sp1.convertro.com
104.27.156.221
104.28.24.237
108.161.189.78
172.217.16.166
178.128.41.241
2a00:1450:4001:81e::200e
94.31.29.32
0737aa02c77b0a98a4a13d27fa49356c825c45a1e8a12df32b942a3e580b9cb9
1b3c387cb07e57baaf399723e49d98b39e4969dc03f24c1fe4e664c0506362d2
25b030b2192bba7f61f1707c44f5cb875a6cd5bfb4867e548757392c30d693b3
55c860df8359261558f3c2917cb09799f94c3a6304e7ca5fb043e374f33b0d4f
8ac4e25f80c488499f5aee167150cad4a03719b948801eea3a55bcd1b67e995f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9e5afbfe649595ccf8d1a46732db21264ab71b4b1f81dc0357a7486bd9e2efd

grabify.link Open in urlscan Pro 104.27.156.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

88 %HTTPS

14 %IPv6

8 Domains

8 Subdomains

6 IPs

4 Countries

37 kBTransfer

110 kBSize

3 Cookies

2 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

3 Cookies

Indicators

grabify.link Open in urlscan Pro
104.27.156.221 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

14 %
IPv6

8
Domains

8
Subdomains

6
IPs

4
Countries

37 kB
Transfer

110 kB
Size

3
Cookies

8 HTTP transactions
0 data transactions