urlscan.io logo urlscan.io
SecurityTrails logo

www.poprof.com Open in urlscan Pro
2606:4700:3035::681f:4fa4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://655236b44.trccmpnlnk.com/
Effective URL: https://www.poprof.com/oc/bbc0b99a73?affclick=5ovjvvaikd5o3vwlfd7kkow88,15262117,5,&pubid=
Submission: On November 16 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3035::681f:4fa4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.poprof.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 17th 2020. Valid for: a year.
This is the only time www.poprof.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 178.63.30.126 24940 (HETZNER-AS)
12 178.63.30.222 24940 (HETZNER-AS)
1 5.9.127.225 24940 (HETZNER-AS)
8 2606:4700:303... 13335 (CLOUDFLAR...)
1 4 104.18.26.20 13335 (CLOUDFLAR...)
25 5
1    178.63.30.126 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.126.30.63.178.clients.your-server.de
655236b44.trccmpnlnk.com
12    178.63.30.222 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.222.30.63.178.clients.your-server.de
www.click-here-and.win
cdn.click-here-and.win
1    5.9.127.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.127.9.5.clients.your-server.de
www.clicks4tc.com
8    2606:4700:3035::681f:4fa4 (United States)

ASN13335 (CLOUDFLARENET, US)
www.poprof.com
4    104.18.26.20 (United States)

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
assets.hcaptcha.com
Domain Requested by
8 www.poprof.com www.poprof.com
7 cdn.click-here-and.win www.click-here-and.win
5 www.click-here-and.win www.click-here-and.win
3 assets.hcaptcha.com www.poprof.com
hcaptcha.com
1 hcaptcha.com 1 redirects
1 www.clicks4tc.com www.click-here-and.win
1 655236b44.trccmpnlnk.com
25 7

This site contains links to these domains. Also see Links.

Domain
sprengung.org
chrome.google.com
www.cloudflare.com
Subject Issuer Validity Valid
*.click-here-and.win
Let's Encrypt Authority X3		 2020-10-16 -
2021-01-14		 3 months crt.sh
*.clicks4tc.com
Let's Encrypt Authority X3		 2020-09-25 -
2020-12-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-17 -
2021-07-17		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.poprof.com/oc/bbc0b99a73?affclick=5ovjvvaikd5o3vwlfd7kkow88,15262117,5,&pubid=
Frame ID: 3E68802515ADA0FCBF65BE3670CAA7A4
Requests: 23 HTTP requests in this frame

Frame: https://assets.hcaptcha.com/captcha/v1/4ceee4f/static/hcaptcha-challenge.html
Frame ID: 12883FED0BFF0735DB7432DC0776F42E
Requests: 1 HTTP requests in this frame

Frame: https://assets.hcaptcha.com/captcha/v1/4ceee4f/static/hcaptcha-checkbox.html
Frame ID: B9353E9CCBE040646A15045E4D7D007E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://655236b44.trccmpnlnk.com/ Page URL
  2. https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753 Page URL
  3. https://www.clicks4tc.com/?tid=5ovjvv6v4aeitsyezycwskc4k%2C15239362%2C5%2C&ctrack=1605497210.294475753 Page URL
  4. https://www.poprof.com/oc/bbc0b99a73?affclick=5ovjvvaikd5o3vwlfd7kkow88,15262117,5,&pubid= Page URL

Page Statistics

25
Requests

96 %
HTTPS

20 %
IPv6

5
Domains

7
Subdomains

5
IPs

2
Countries

210 kB
Transfer

474 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://655236b44.trccmpnlnk.com/ Page URL
  2. https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753 Page URL
  3. https://www.clicks4tc.com/?tid=5ovjvv6v4aeitsyezycwskc4k%2C15239362%2C5%2C&ctrack=1605497210.294475753 Page URL
  4. https://www.poprof.com/oc/bbc0b99a73?affclick=5ovjvvaikd5o3vwlfd7kkow88,15262117,5,&pubid= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://hcaptcha.com/1/api.js?onload=_cf_chl_hload HTTP 302
  • https://assets.hcaptcha.com/captcha/v1/4ceee4f/hcaptcha.js

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
655236b44.trccmpnlnk.com/ 		793 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://655236b44.trccmpnlnk.com/
Protocol
HTTP/1.1
Server
178.63.30.126 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.126.30.63.178.clients.your-server.de
Software
/
Resource Hash
5a2328ae56cab0148fa760e72bd9108bf71c8978eb7a706319ea5a904a760f92

Request headers

Host
655236b44.trccmpnlnk.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 16 Nov 2020 03:26:50 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Vary
Accept-Encoding
Set-Cookie
t-uuid=5ovjvv6vj1k7wttunys1wc4sw; expires=Sat, 16-Nov-2030 03:26:50 GMT; Max-Age=315532800; path=/; domain=.trccmpnlnk.com traffic-visited-offers=%7C%7C155083%7Cunspecified; expires=Tue, 17-Nov-2020 03:26:50 GMT; Max-Age=86400; path=/; domain=.trccmpnlnk.com traffic-visited-domain=click-here-and.win; expires=Wed, 16-Dec-2020 03:26:50 GMT; Max-Age=2592000; path=/; domain=.trccmpnlnk.com traffic-back=ok; expires=Mon, 16-Nov-2020 03:27:20 GMT; Max-Age=30; path=/; domain=.trccmpnlnk.com rts-trck=1; expires=Mon, 16-Nov-2020 03:36:50 GMT; Max-Age=600; path=/; domain=655236b44.trccmpnlnk.com
Last-Modified
Mon, 16 Nov 2020 03:26:50 GMT
Expires
Mon, 16 Nov 2020 03:26:50 GMT
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
X-Robots-Tag
noindex, nofollow
Content-Encoding
gzip
notify
www.click-here-and.win/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.30.222 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.222.30.63.178.clients.your-server.de
Software
/
Resource Hash
0a53b7a08b6a5f22e928fb3d203848912679a970469fe4bdca44f6174c64a604

Request headers

:method
GET
:authority
www.click-here-and.win
:scheme
https
:path
/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://655236b44.trccmpnlnk.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://655236b44.trccmpnlnk.com/

Response headers

status
200
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
date
Mon, 16 Nov 2020 03:26:51 GMT
set-cookie
SESS_TRAF=eyJpdiI6InIxRloxNHA0OVZTTEVlMmx0cW5oYlE9PSIsInZhbHVlIjoibk5xUWloOVYwSGR0SDh4T0FpeWYzVUdhVGlJRjZRbmlraUlwZjdvQ2tZb0RTcytTRGVRKzR2SG9Sd2w0ei9TczNVVW5TSlFEb0ZKZEhVcDUrVmFVVW5iREpLS2xXcXB4WXBvc0NrVXp0RlpjaERzUzdKOXBlQURmWnFwbU83Ni9tWm4xTnp2OVNtL3ZBNUszTG9MMU5NUDhDSFh6TGp1MTV2UCtFRnRmSStrPSIsIm1hYyI6ImE4OTMzNjNkODRlNDkzYzFkMTRmYWIyNWNkMDg4NzdhNDAxZWFkMGUxMzRmMDkyNzU3NWIzZmI2YjM0MDBlYzgifQ%3D%3D; path=/; httponly
content-encoding
gzip
app.css
www.click-here-and.win/css/ 		61 B
315 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.click-here-and.win/css/app.css?id=35fbd113c7ce5477cee9
Requested by
Host: www.click-here-and.win
URL: https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.30.222 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.222.30.63.178.clients.your-server.de
Software
/
Resource Hash
5fb31ddee4c30df3ba2c129982e9411d7fc0c95adb942ca92f72b3a170dffd66

Request headers

Referer
https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 16 Nov 2020 03:26:51 GMT
content-encoding
gzip
last-modified
Thu, 12 Nov 2020 10:17:13 GMT
etag
W/"5fad0ba9-3d"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000, public
expires
Tue, 16 Nov 2021 03:26:51 GMT
app.css
www.click-here-and.win/css/landers/notify/ 		2 KB
934 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.click-here-and.win/css/landers/notify/app.css?id=3c8f1ef037ed99f7a665
Requested by
Host: www.click-here-and.win
URL: https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.30.222 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.222.30.63.178.clients.your-server.de
Software
/
Resource Hash
7857ef7681867f11cfe156fa5650b5aa458ed6c27fd03c860ffa531fa672e687

Request headers

Referer
https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 16 Nov 2020 03:26:51 GMT
content-encoding
gzip
last-modified
Thu, 12 Nov 2020 10:17:13 GMT
etag
W/"5fad0ba9-806"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000, public
expires
Tue, 16 Nov 2021 03:26:51 GMT
bell.png
cdn.click-here-and.win/img/landers/notify/ 		988 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.click-here-and.win/img/landers/notify/bell.png
Requested by
Host: www.click-here-and.win
URL: https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.30.222 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.222.30.63.178.clients.your-server.de
Software
/
Resource Hash
3a8a9fd9203c97f619c6e055dc09b3895496c8d236f934d10741cc579351aa19

Request headers

Referer
https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 16 Nov 2020 03:26:51 GMT
last-modified
Thu, 12 Nov 2020 10:17:13 GMT
etag
"5fad0ba9-3dc"
content-type
image/png
status
200
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
988
expires
Tue, 16 Nov 2021 03:26:51 GMT
default@0.25x.png
cdn.click-here-and.win/img/prizes/iphone-12-pro-max/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.click-here-and.win/img/prizes/iphone-12-pro-max/default@0.25x.png
Requested by
Host: www.click-here-and.win
URL: https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.30.222 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.222.30.63.178.clients.your-server.de
Software
/
Resource Hash
1c733398e9d114cecbff652ccc40440e32780b02219db2cb2d162cc7f4222712

Request headers

Referer
https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 16 Nov 2020 03:26:51 GMT
last-modified
Thu, 12 Nov 2020 10:15:38 GMT
etag
"5fad0b4a-2c28"
content-type
image/png
status
200
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
11304
expires
Tue, 16 Nov 2021 03:26:51 GMT
bell2.png
cdn.click-here-and.win/img/landers/notify/ 		549 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.click-here-and.win/img/landers/notify/bell2.png
Requested by
Host: www.click-here-and.win
URL: https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.30.222 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.222.30.63.178.clients.your-server.de
Software
/
Resource Hash
0533ba1d14eaec60ec5ca963f22c549bd7470ad9122efe54909d2c2aa148542a

Request headers

Referer
https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 16 Nov 2020 03:26:51 GMT
last-modified
Thu, 12 Nov 2020 10:17:13 GMT
etag
"5fad0ba9-225"
content-type
image/png
status
200
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
549
expires
Tue, 16 Nov 2021 03:26:51 GMT
app.js
www.click-here-and.win/js/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.click-here-and.win/js/app.js?id=84ac41dab13cdca8ec06
Requested by
Host: www.click-here-and.win
URL: https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.30.222 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.222.30.63.178.clients.your-server.de
Software
/
Resource Hash
0cba83367004e77c10250b94b6820c7fb6ee986ada796826f0d13dbe31b1a4e4

Request headers

Referer
https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 16 Nov 2020 03:26:51 GMT
content-encoding
gzip
last-modified
Thu, 12 Nov 2020 10:17:13 GMT
etag
W/"5fad0ba9-58ba"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
expires
Tue, 16 Nov 2021 03:26:51 GMT
app.js
www.click-here-and.win/js/landers/notify/ 		187 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.click-here-and.win/js/landers/notify/app.js?id=dbe89d32ed46528a5d29
Requested by
Host: www.click-here-and.win
URL: https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.30.222 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.222.30.63.178.clients.your-server.de
Software
/
Resource Hash
a045969a34be4079e39faadd7fbbda4526d898fd675f31dcc51d6bf5c5375e60

Request headers

Referer
https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 16 Nov 2020 03:26:51 GMT
content-encoding
gzip
last-modified
Thu, 12 Nov 2020 10:17:13 GMT
etag
W/"5fad0ba9-2ebf4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
expires
Tue, 16 Nov 2021 03:26:51 GMT
/
www.clicks4tc.com/ 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.clicks4tc.com/?tid=5ovjvv6v4aeitsyezycwskc4k%2C15239362%2C5%2C&ctrack=1605497210.294475753
Requested by
Host: www.click-here-and.win
URL: https://www.click-here-and.win/js/landers/notify/app.js?id=dbe89d32ed46528a5d29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.127.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.127.9.5.clients.your-server.de
Software
/
Resource Hash
7e35e05c3f54b3714a2ce003441bfdebe726420038f62d0e2dda1e2dca70c8ba

Request headers

:method
GET
:authority
www.clicks4tc.com
:scheme
https
:path
/?tid=5ovjvv6v4aeitsyezycwskc4k%2C15239362%2C5%2C&ctrack=1605497210.294475753
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753

Response headers

status
200
date
Mon, 16 Nov 2020 03:26:51 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
t-uuid=5ovjvvais76xrht32hi4g0c0k; expires=Sat, 16-Nov-2030 03:26:51 GMT; Max-Age=315532800; path=/; domain=.clicks4tc.com traffic-visited-offers=%7C%7C155334%7Cunspecified; expires=Tue, 17-Nov-2020 03:26:51 GMT; Max-Age=86400; path=/; domain=.clicks4tc.com traffic-back=ok; expires=Mon, 16-Nov-2020 03:27:21 GMT; Max-Age=30; path=/; domain=.clicks4tc.com rts-trck=1; expires=Mon, 16-Nov-2020 03:36:51 GMT; Max-Age=600; path=/; domain=www.clicks4tc.com
last-modified
Mon, 16 Nov 2020 03:26:51 GMT
expires
Mon, 16 Nov 2020 03:26:51 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
x-robots-tag
noindex, nofollow
content-encoding
gzip
bell.png
cdn.click-here-and.win/img/landers/notify/ 		988 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.click-here-and.win/img/landers/notify/bell.png
Requested by
Host: www.click-here-and.win
URL: https://www.click-here-and.win/js/landers/notify/app.js?id=dbe89d32ed46528a5d29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.30.222 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.222.30.63.178.clients.your-server.de
Software
/
Resource Hash

Request headers

Referer
https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 16 Nov 2020 03:26:51 GMT
last-modified
Thu, 12 Nov 2020 10:17:13 GMT
etag
"5fad0ba9-3dc"
content-type
image/png
status
200
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
988
expires
Tue, 16 Nov 2021 03:26:51 GMT
default@0.25x.png
cdn.click-here-and.win/img/prizes/iphone-12-pro-max/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.click-here-and.win/img/prizes/iphone-12-pro-max/default@0.25x.png
Requested by
Host: www.click-here-and.win
URL: https://www.click-here-and.win/js/landers/notify/app.js?id=dbe89d32ed46528a5d29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.30.222 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.222.30.63.178.clients.your-server.de
Software
/
Resource Hash

Request headers

Referer
https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 16 Nov 2020 03:26:51 GMT
last-modified
Thu, 12 Nov 2020 10:15:38 GMT
etag
"5fad0b4a-2c28"
content-type
image/png
status
200
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
11304
expires
Tue, 16 Nov 2021 03:26:51 GMT
bell2.png
cdn.click-here-and.win/img/landers/notify/ 		549 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.click-here-and.win/img/landers/notify/bell2.png
Requested by
Host: www.click-here-and.win
URL: https://www.click-here-and.win/js/landers/notify/app.js?id=dbe89d32ed46528a5d29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.30.222 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.222.30.63.178.clients.your-server.de
Software
/
Resource Hash

Request headers

Referer
https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 16 Nov 2020 03:26:51 GMT
last-modified
Thu, 12 Nov 2020 10:17:13 GMT
etag
"5fad0ba9-225"
content-type
image/png
status
200
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
549
expires
Tue, 16 Nov 2021 03:26:51 GMT
background.jpg
cdn.click-here-and.win/img/prizes/iphone-12-pro-max/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.click-here-and.win/img/prizes/iphone-12-pro-max/background.jpg
Requested by
Host: www.click-here-and.win
URL: https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.30.222 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.222.30.63.178.clients.your-server.de
Software
/
Resource Hash

Request headers

Referer
https://www.click-here-and.win/notify?tid=5ovjvv6v4aeitsyezycwskc4k,15239362,5,&ctrack=1605497210.294475753
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 16 Nov 2020 03:26:51 GMT
last-modified
Thu, 12 Nov 2020 10:15:38 GMT
etag
"5fad0b4a-baeb"
content-type
image/jpeg
status
200
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
47851
expires
Tue, 16 Nov 2021 03:26:51 GMT
Primary Request bbc0b99a73
www.poprof.com/oc/ 		13 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.poprof.com/oc/bbc0b99a73?affclick=5ovjvvaikd5o3vwlfd7kkow88,15262117,5,&pubid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681f:4fa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03bad1ae5063527504c6d7ad4ed3bb44d551f22343e0adbc4c3ce0b8ebaa2d9d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.poprof.com
:scheme
https
:path
/oc/bbc0b99a73?affclick=5ovjvvaikd5o3vwlfd7kkow88,15262117,5,&pubid=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.clicks4tc.com/?tid=5ovjvv6v4aeitsyezycwskc4k%2C15239362%2C5%2C&ctrack=1605497210.294475753
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.clicks4tc.com/?tid=5ovjvv6v4aeitsyezycwskc4k%2C15239362%2C5%2C&ctrack=1605497210.294475753

Response headers

status
403
date
Mon, 16 Nov 2020 03:26:51 GMT
content-type
text/html; charset=UTF-8
cf-chl-bypass
1
set-cookie
__cfduid=dc304d47d0adff184e1be42cc5a3e25801605497211; expires=Wed, 16-Dec-20 03:26:51 GMT; path=/; domain=.poprof.com; HttpOnly; SameSite=Lax
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options
SAMEORIGIN
cf-request-id
0670b0621c0000060508060000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fWU5OYcMroyhFdskCUsjGLK%2F6XXxuMyvqL8S3%2BFi3J0ZaEvWBJWTjoCsC%2BSRK8XWBD2KXYNY2G5%2BviRZzMRFwEN7yHvllhg7IONIxxKB61ovBP7sX5gHt4Z4yw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
5f2e1ce36f2f0605-FRA
content-encoding
br
cf.errors.css
www.poprof.com/cdn-cgi/styles/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.poprof.com/cdn-cgi/styles/cf.errors.css
Requested by
Host: www.poprof.com
URL: https://www.poprof.com/oc/bbc0b99a73?affclick=5ovjvvaikd5o3vwlfd7kkow88,15262117,5,&pubid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681f:4fa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16fd28061d42cf29268600418d5aa26b585435027ca599a42141cbc820f2547c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.poprof.com/oc/bbc0b99a73?affclick=5ovjvvaikd5o3vwlfd7kkow88,15262117,5,&pubid=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 03:26:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 Nov 2020 16:24:47 GMT
server
cloudflare
etag
W/"5fa96d4f-5c88"
x-frame-options
DENY
content-type
text/css
status
200
cache-control
max-age=7200, public
cf-ray
5f2e1ce38f590605-FRA
vary
Accept-Encoding
expires
Mon, 16 Nov 2020 05:26:51 GMT
v1
www.poprof.com/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.poprof.com/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1
Requested by
Host: www.poprof.com
URL: https://www.poprof.com/oc/bbc0b99a73?affclick=5ovjvvaikd5o3vwlfd7kkow88,15262117,5,&pubid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681f:4fa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cba0e0b56e762f7892af84a91e5fa23b52cf3b3e6d8b73b6d86a264d2ef5845a

Request headers

Referer
https://www.poprof.com/oc/bbc0b99a73?affclick=5ovjvvaikd5o3vwlfd7kkow88,15262117,5,&pubid=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 03:26:51 GMT
content-encoding
br
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yM%2FwPHTmPlBI9KjP7af4UXePBFs0O%2F%2F2amOrbZmd4ZLhVJBnkHmdmV%2Fj4EE7Xu%2FofC8sB6WnJ0ZpK%2FKcMJyEt%2BypA0CljsoAYpuF%2B%2BB%2Bb8S8knJcQMpHJjLZkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
status
200
cf-ray
5f2e1ce39f7c0605-FRA
cf-request-id
0670b0623f000006051b31b000000001
transparent.gif
www.poprof.com/cdn-cgi/images/trace/captcha/nojs/h/ 		42 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.poprof.com/cdn-cgi/images/trace/captcha/nojs/h/transparent.gif?ray=5f2e1ce36f2f0605
Requested by
Host: www.poprof.com
URL: https://www.poprof.com/oc/bbc0b99a73?affclick=5ovjvvaikd5o3vwlfd7kkow88,15262117,5,&pubid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681f:4fa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.poprof.com/oc/bbc0b99a73?affclick=5ovjvvaikd5o3vwlfd7kkow88,15262117,5,&pubid=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 03:26:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 09 Nov 2020 16:24:47 GMT
server
cloudflare
etag
"5fa96d4f-2a"
x-frame-options
DENY
content-type
image/gif
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
5f2e1ce39f810605-FRA
vary
Accept-Encoding
content-length
42
expires
Mon, 16 Nov 2020 05:26:51 GMT
browser-bar.png
www.poprof.com/cdn-cgi/images/ 		715 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.poprof.com/cdn-cgi/images/browser-bar.png?1376755637
Requested by
Host: www.poprof.com
URL: https://www.poprof.com/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681f:4fa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.poprof.com/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 03:26:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 09 Nov 2020 16:24:47 GMT
server
cloudflare
etag
"5fa96d4f-2cb"
x-frame-options
DENY
content-type
image/png
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
5f2e1ce39f830605-FRA
vary
Accept-Encoding
content-length
715
expires
Mon, 16 Nov 2020 05:26:51 GMT
cf-no-screenshot-warn.png
www.poprof.com/cdn-cgi/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.poprof.com/cdn-cgi/images/cf-no-screenshot-warn.png
Requested by
Host: www.poprof.com
URL: https://www.poprof.com/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681f:4fa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4eb829b9da3417d1cde6b2f3cbf24cd125fb6805adc22b37191e7a1bf0a543b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.poprof.com/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 03:26:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 09 Nov 2020 16:24:47 GMT
server
cloudflare
etag
"5fa96d4f-a20"
x-frame-options
DENY
content-type
image/png
status
200
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
5f2e1ce39f840605-FRA
vary
Accept-Encoding
content-length
2592
expires
Mon, 16 Nov 2020 05:26:51 GMT
hcaptcha.js
assets.hcaptcha.com/captcha/v1/4ceee4f/
Redirect Chain
  • https://hcaptcha.com/1/api.js?onload=_cf_chl_hload
  • https://assets.hcaptcha.com/captcha/v1/4ceee4f/hcaptcha.js
66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.hcaptcha.com/captcha/v1/4ceee4f/hcaptcha.js
Requested by
Host: www.poprof.com
URL: https://www.poprof.com/oc/bbc0b99a73?affclick=5ovjvvaikd5o3vwlfd7kkow88,15262117,5,&pubid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df8639133ac2a4a5c39840317224b71c7c8498b94e518c94dd12aed423d3cbba
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.poprof.com/oc/bbc0b99a73?affclick=5ovjvvaikd5o3vwlfd7kkow88,15262117,5,&pubid=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 03:26:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
18615
cf-polished
origSize=67525
status
200
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-amz-request-id
DBFD7C6A87C5148F
x-amz-id-2
bET1tYNgcY9uXo1nsYP3fmrudQAhK3Dy5A5ucywzgUpfYYElMA70MPxM4JQHlYaz8yK0BvdkR80=
last-modified
Fri, 13 Nov 2020 17:20:52 GMT
server
cloudflare
etag
W/"6c6f6882ac242e6fd55222d120c10d4b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600
cf-request-id
0670b06316000010f34e167000000001
cf-ray
5f2e1ce4efef10f3-CPH
cf-bgj
minify

Redirect headers

date
Mon, 16 Nov 2020 03:26:51 GMT
x-content-type-options
nosniff
server
cloudflare
status
302
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://assets.hcaptcha.com/captcha/v1/4ceee4f/hcaptcha.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-ray
5f2e1ce4cfdd10f3-CPH
cf-request-id
0670b062f8000010f39f140000000001
expires
Thu, 01 Jan 1970 00:00:01 GMT
703e786cc9f4f3f
www.poprof.com/cdn-cgi/challenge-platform/h/g/generate/ov1/0.5778275911076178:1605495904:b9a1912b6e1126bd90114d92f3afbd1b960122e241726d0a7265d6117bab1de2/5f2e1ce36f2f0605/ 		42 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.poprof.com/cdn-cgi/challenge-platform/h/g/generate/ov1/0.5778275911076178:1605495904:b9a1912b6e1126bd90114d92f3afbd1b960122e241726d0a7265d6117bab1de2/5f2e1ce36f2f0605/703e786cc9f4f3f
Requested by
Host: www.poprof.com
URL: https://www.poprof.com/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681f:4fa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36058d623495390bcf9cb5a5f05d3a579c02b99267cc2583d92a66c785814fc8

Request headers

Referer
https://www.poprof.com/oc/bbc0b99a73?affclick=5ovjvvaikd5o3vwlfd7kkow88,15262117,5,&pubid=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge
703e786cc9f4f3f
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 16 Nov 2020 03:26:51 GMT
content-encoding
br
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1dXXTx%2ByPoulScdc%2B934Tfo94HcEh3efX5L%2BD9FgR%2Bk33gnpBanhYgr7Lj%2Fnodcosp9ZKFD6EEOb68RG9HwY8PNz3RErn%2BO%2FaG8W%2Bnj3T5l9lFB%2BeE7ZeCs75Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
status
200
cf-ray
5f2e1ce498b40605-FRA
cf-request-id
0670b062e200000605f42c5000000001
703e786cc9f4f3f
www.poprof.com/cdn-cgi/challenge-platform/h/g/generate/ov1/0.5778275911076178:1605495904:b9a1912b6e1126bd90114d92f3afbd1b960122e241726d0a7265d6117bab1de2/5f2e1ce36f2f0605/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.poprof.com/cdn-cgi/challenge-platform/h/g/generate/ov1/0.5778275911076178:1605495904:b9a1912b6e1126bd90114d92f3afbd1b960122e241726d0a7265d6117bab1de2/5f2e1ce36f2f0605/703e786cc9f4f3f
Requested by
Host: www.poprof.com
URL: https://www.poprof.com/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681f:4fa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
866b4016a243844390e118c0a93f1522db01e319b9f3a54c5a43bd684b7b5984

Request headers

Referer
https://www.poprof.com/oc/bbc0b99a73?affclick=5ovjvvaikd5o3vwlfd7kkow88,15262117,5,&pubid=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge
703e786cc9f4f3f
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 16 Nov 2020 03:26:52 GMT
content-encoding
br
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JKEFroX2IQflStsRPJbq%2FzCY5%2BLM9%2BoXHVG1kCqIPBbFpQXQuRpPIJuXgZn%2B5Uw1t%2BqB5N9qRrZAaaHYeZvC2NNZzlHSlDFUQxiDnibmcSCis5xdoIP0DvdEBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
status
200
cf-ray
5f2e1ce89e5c0605-FRA
cf-request-id
0670b06561000006052e284000000001
hcaptcha-challenge.html
assets.hcaptcha.com/captcha/v1/4ceee4f/static/ Frame 1288 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.hcaptcha.com/captcha/v1/4ceee4f/static/hcaptcha-challenge.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=_cf_chl_hload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
assets.hcaptcha.com
:scheme
https
:path
/captcha/v1/4ceee4f/static/hcaptcha-challenge.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.poprof.com/oc/bbc0b99a73?affclick=5ovjvvaikd5o3vwlfd7kkow88,15262117,5,&pubid=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.poprof.com/oc/bbc0b99a73?affclick=5ovjvvaikd5o3vwlfd7kkow88,15262117,5,&pubid=

Response headers

status
200
date
Mon, 16 Nov 2020 03:26:52 GMT
content-type
text/html
set-cookie
__cfduid=de21e890dbe10061e40857ad974a145511605497212; expires=Wed, 16-Dec-20 03:26:52 GMT; path=/; domain=.hcaptcha.com; HttpOnly; SameSite=Lax; Secure
x-amz-id-2
eRIvmhXWjHGFeeo82zC1yUAy0y1WMKc3SvzkayoFWOCFsgk6jMo8eQ4f5K80J4wVfj5UZBxwU+g=
x-amz-request-id
2AA2AA190A8A6CA2
cache-control
max-age=1209600
last-modified
Fri, 13 Nov 2020 17:20:53 GMT
cf-cache-status
DYNAMIC
cf-request-id
0670b065e1000010f346865000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
5f2e1ce969c710f3-CPH
content-encoding
gzip
hcaptcha-checkbox.html
assets.hcaptcha.com/captcha/v1/4ceee4f/static/ Frame B935 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.hcaptcha.com/captcha/v1/4ceee4f/static/hcaptcha-checkbox.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=_cf_chl_hload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
assets.hcaptcha.com
:scheme
https
:path
/captcha/v1/4ceee4f/static/hcaptcha-checkbox.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.poprof.com/oc/bbc0b99a73?affclick=5ovjvvaikd5o3vwlfd7kkow88,15262117,5,&pubid=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.poprof.com/oc/bbc0b99a73?affclick=5ovjvvaikd5o3vwlfd7kkow88,15262117,5,&pubid=

Response headers

status
200
date
Mon, 16 Nov 2020 03:26:52 GMT
content-type
text/html
set-cookie
__cfduid=de21e890dbe10061e40857ad974a145511605497212; expires=Wed, 16-Dec-20 03:26:52 GMT; path=/; domain=.hcaptcha.com; HttpOnly; SameSite=Lax; Secure
x-amz-id-2
KtFC9vhEdnjCYvLFS1mQ/+oooiZ9SNzCQcm9V9qTH1GeDkAq9iAYvXgiroD9YHcpOgLkmrrbTrs=
x-amz-request-id
9ACBF6023A62804B
cache-control
max-age=1209600
last-modified
Fri, 13 Nov 2020 17:20:53 GMT
cf-cache-status
DYNAMIC
cf-request-id
0670b065e7000010f3788fc000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
5f2e1ce979e410f3-CPH
content-encoding
gzip

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| _cf_chl_opt function| _cf_chl_enter function| a function| b object| _cf_translation function| _cf_chl_hload boolean| _cf_chl_done_ran function| _cf_chl_done function| sendRequest function| SHA256 object| _cf_chl_ctx function| _ object| hcaptcha object| grecaptcha boolean| _cf_chl_hloaded

3 Cookies

Domain/Path Name / Value
www.poprof.com/ Name: cf_chl_prog
Value: a4
www.poprof.com/ Name: cf_chl_1
Value: 703e786cc9f4f3f
.poprof.com/ Name: __cfduid
Value: dc304d47d0adff184e1be42cc5a3e25801605497211

3 Console Messages

Source Level URL
Text
console-api log URL: https://www.click-here-and.win/js/app.js?id=84ac41dab13cdca8ec06(Line 1)
Message:
chrome
console-api error URL: https://www.click-here-and.win/js/landers/notify/app.js?id=dbe89d32ed46528a5d29(Line 2)
Message:
Service worker not supported
console-api log URL: https://www.click-here-and.win/js/landers/notify/app.js?id=dbe89d32ed46528a5d29(Line 2)
Message:
Redirecting...

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

655236b44.trccmpnlnk.com
assets.hcaptcha.com
cdn.click-here-and.win
hcaptcha.com
www.click-here-and.win
www.clicks4tc.com
www.poprof.com
104.18.26.20
178.63.30.126
178.63.30.222
2606:4700:3035::681f:4fa4
5.9.127.225
03bad1ae5063527504c6d7ad4ed3bb44d551f22343e0adbc4c3ce0b8ebaa2d9d
0533ba1d14eaec60ec5ca963f22c549bd7470ad9122efe54909d2c2aa148542a
0a53b7a08b6a5f22e928fb3d203848912679a970469fe4bdca44f6174c64a604
0cba83367004e77c10250b94b6820c7fb6ee986ada796826f0d13dbe31b1a4e4
16fd28061d42cf29268600418d5aa26b585435027ca599a42141cbc820f2547c
1c733398e9d114cecbff652ccc40440e32780b02219db2cb2d162cc7f4222712
36058d623495390bcf9cb5a5f05d3a579c02b99267cc2583d92a66c785814fc8
3a8a9fd9203c97f619c6e055dc09b3895496c8d236f934d10741cc579351aa19
5a2328ae56cab0148fa760e72bd9108bf71c8978eb7a706319ea5a904a760f92
5fb31ddee4c30df3ba2c129982e9411d7fc0c95adb942ca92f72b3a170dffd66
7857ef7681867f11cfe156fa5650b5aa458ed6c27fd03c860ffa531fa672e687
7e35e05c3f54b3714a2ce003441bfdebe726420038f62d0e2dda1e2dca70c8ba
866b4016a243844390e118c0a93f1522db01e319b9f3a54c5a43bd684b7b5984
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
a045969a34be4079e39faadd7fbbda4526d898fd675f31dcc51d6bf5c5375e60
cba0e0b56e762f7892af84a91e5fa23b52cf3b3e6d8b73b6d86a264d2ef5845a
d4eb829b9da3417d1cde6b2f3cbf24cd125fb6805adc22b37191e7a1bf0a543b
df8639133ac2a4a5c39840317224b71c7c8498b94e518c94dd12aed423d3cbba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629