www.bestprofits-for-you-21.com Open in urlscan Pro
45.147.31.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%...
Effective URL:
http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
Submission: On February 12 via manual (February 12th 2020, 2:23:07 am UTC) from IN

Summary HTTP 61 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 8 countries across 21 domains to perform 61 HTTP transactions. The main IP is 45.147.31.15, located in Norway and belongs to DEDIPATH-LLC, US. The main domain is www.bestprofits-for-you-21.com.

This is the only time www.bestprofits-for-you-21.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a0b:7280:100... 2a0b:7280:100:0:4df:5cff:fe00:208e	48635 (ASTRALUS) (ASTRALUS)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:e000:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
11	2600:9000:20e... 2600:9000:20eb:5a00:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:7a00:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	18.184.190.145 18.184.190.145	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:816::200d	15169 (GOOGLE) (GOOGLE)
2	104.111.218.17 104.111.218.17	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 8	45.147.31.15 45.147.31.15	35913 (DEDIPATH-LLC) (DEDIPATH-LLC)
1	47.246.43.227 47.246.43.227	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	103.80.27.177 103.80.27.177	133115 (HKKFGL-AS...) (HKKFGL-AS-AP HK Kwaifong Group Limited)
2	103.235.46.191 103.235.46.191	55967 (CNNIC-BAI...) (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co.)
1	2600:9000:20e... 2600:9000:20eb:9600:0:e2b1:a380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	45.151.253.130 45.151.253.130	35913 (DEDIPATH-LLC) (DEDIPATH-LLC)
1	2600:9000:20e... 2600:9000:20eb:8400:11:1b7a:9b00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	180.163.251.231 180.163.251.231	4812 (CHINANET-...) (CHINANET-SH-AP China Telecom (Group))
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:815::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
61	25

2 2a0b:7280:100:0:4df:5cff:fe00:208e (Netherlands)

ASN48635 (ASTRALUS, NL)

ga.naaar.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:e000:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

w.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:20eb:5a00:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:7a00:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.184.190.145 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-190-145.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.218.17 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-17.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 45.147.31.15 (Norway) 1 redirects

ASN35913 (DEDIPATH-LLC, US)

bestprofits-for-you-21.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.bestprofits-for-you-21.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.43.227 (San Mateo, United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

cdn.staticfile.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.80.27.177 (China)

ASN133115 (HKKFGL-AS-AP HK Kwaifong Group Limited, HK)

manyjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:9600:0:e2b1:a380:93a1 (United States)

ASN16509 (AMAZON-02, US)

jspassport.ssl.qhimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.151.253.130 (Netherlands)

ASN35913 (DEDIPATH-LLC, US)

tj.yddashi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:8400:11:1b7a:9b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ssl.qhres.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.163.251.231 (China)

ASN4812 (CHINANET-SH-AP China Telecom (Group), CN)

s.360.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	sharethis.com 1 redirects w.sharethis.com ws.sharethis.com l.sharethis.com t.sharethis.com	55 KB
8	bestprofits-for-you-21.com 1 redirects bestprofits-for-you-21.com www.bestprofits-for-you-21.com	42 KB
7	google.com 1 redirects adservice.google.com apis.google.com accounts.google.com www.google.com	102 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	166 B
4	google-analytics.com 1 redirects www.google-analytics.com	35 KB
2	yddashi.com tj.yddashi.com cdn.yddashi.com Failed	26 KB
2	baidu.com push.zhanzhang.baidu.com Failed hm.baidu.com	14 KB
2	manyjs.com manyjs.com	2 KB
2	facebook.com www.facebook.com
2	facebook.net connect.facebook.net	61 KB
2	google.de adservice.google.de www.google.de	887 B
2	googlesyndication.com pagead2.googlesyndication.com	122 KB
2	naaar.nl ga.naaar.nl	11 KB
1	360.cn s.360.cn	234 B
1	qhres.com s.ssl.qhres.com	940 B
1	googletagmanager.com www.googletagmanager.com	28 KB
1	qhimg.com jspassport.ssl.qhimg.com	463 B
1	staticfile.org cdn.staticfile.org	33 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	consensu.org c.sharethis.mgr.consensu.org
0	globalkapitalpartners.com Failed js.globalkapitalpartners.com Failed
61	21

	Domain	Requested by
11	ws.sharethis.com	w.sharethis.com ws.sharethis.com ga.naaar.nl
7	www.bestprofits-for-you-21.com	www.bestprofits-for-you-21.com
4	apis.google.com	ws.sharethis.com apis.google.com
4	www.google-analytics.com	1 redirects ga.naaar.nl www.googletagmanager.com
3	l.sharethis.com	1 redirects ga.naaar.nl
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	tj.yddashi.com	manyjs.com www.bestprofits-for-you-21.com
2	hm.baidu.com	www.bestprofits-for-you-21.com
2	manyjs.com	www.bestprofits-for-you-21.com cdn.staticfile.org
2	www.facebook.com	connect.facebook.net
2	t.sharethis.com	w.sharethis.com t.sharethis.com
2	connect.facebook.net	ga.naaar.nl connect.facebook.net
2	pagead2.googlesyndication.com	ga.naaar.nl pagead2.googlesyndication.com
2	ga.naaar.nl	ga.naaar.nl
1	www.google.de	www.bestprofits-for-you-21.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	s.360.cn	www.bestprofits-for-you-21.com
1	s.ssl.qhres.com	jspassport.ssl.qhimg.com
1	www.googletagmanager.com	manyjs.com
1	jspassport.ssl.qhimg.com	manyjs.com
1	cdn.staticfile.org	www.bestprofits-for-you-21.com
1	bestprofits-for-you-21.com	1 redirects
1	accounts.google.com	apis.google.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	c.sharethis.mgr.consensu.org	w.sharethis.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	w.sharethis.com	ga.naaar.nl
0	cdn.yddashi.com Failed	www.bestprofits-for-you-21.com
0	push.zhanzhang.baidu.com Failed	www.bestprofits-for-you-21.com
0	js.globalkapitalpartners.com Failed	ga.naaar.nl
61	32

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
*.sharethis.com Go Daddy Secure Certificate Authority - G2	`2017-09-26` - `2020-09-29`	3 years	crt.sh
*.sharethis.mgr.consensu.org Go Daddy Secure Certificate Authority - G2	`2018-05-21` - `2020-05-21`	2 years	crt.sh
*.apis.google.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
cert1.a1.atm.aqfer.net Let's Encrypt Authority X3	`2019-12-26` - `2020-03-25`	3 months	crt.sh
*.staticfile.org GeoTrust RSA CA 2018	`2018-02-12` - `2020-09-19`	3 years	crt.sh
manyjs.com TrustAsia TLS RSA CA	`2019-11-10` - `2020-11-09`	a year	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-01-13` - `2020-06-25`	5 months	crt.sh
*.ssl.qhimg.com WoSign OV SSL CA	`2017-03-20` - `2020-03-18`	3 years	crt.sh
*.ssl.qhres.com WoSign OV SSL CA	`2017-03-20` - `2020-03-18`	3 years	crt.sh
www.google.de GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh

This page contains 11 frames:

Primary Page: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
Frame ID: BC1CF37E8A257338B91FDA2BDDC70D05
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200210/r20190131/zrt_lookup.html
Frame ID: 5C5B5BF47DA621F5DAAE58B741131DFE
Requests: 1 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal.html
Frame ID: AEDF7E4F6E8699F9AF5F0809FCF058CC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8928190816014764&output=html&h=280&slotname=5325820473&adk=3398756990&adf=2653041513&w=1200&fwrn=4&fwrnh=100&lmt=1581474169&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1581474169055&bpp=13&bdt=39&fdt=69&idt=70&shv=r20200210&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4250488197352&frm=20&pv=2&ga_vid=760389312.1581474169&ga_sid=1581474169&ga_hid=1053550215&ga_fc=0&iag=0&icsg=35360&dssz=15&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065534%2C44714237&oid=3&pvsid=750854026008280&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=144&bc=23&ifi=1&uci=a!1&fsb=1&xpc=2prJ7KYiJ5&p=http%3A//ga.naaar.nl&dtd=82
Frame ID: 9F4A201BB21C9DE3F75FCCAF1CFC1ACF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8928190816014764&output=html&adk=1812271804&adf=3025194257&lmt=1581474169&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1581474169075&bpp=3&bdt=58&fdt=88&idt=88&shv=r20200210&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=4250488197352&frm=20&pv=1&ga_vid=760389312.1581474169&ga_sid=1581474169&ga_hid=1053550215&ga_fc=0&iag=0&icsg=2132512&dssz=16&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065534%2C44714237&oid=3&pvsid=750854026008280&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&dtd=93
Frame ID: D79D267373B01CF9506A844108B7E7DA
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=large&count=false&origin=http%3A%2F%2Fga.naaar.nl&url=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sMn3oj1Y3cA.O%2Fam%3DwQc%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCN2dfVUHs4zuTf0kWyDefSg5_jNrA%2Fm%3D__features__
Frame ID: 3CED0679B7A3A06967DCE50FF423C010
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fga.naaar.nl&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sMn3oj1Y3cA.O%2Fam%3DwQc%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCN2dfVUHs4zuTf0kWyDefSg5_jNrA%2Fm%3D__features__
Frame ID: 358020887768DE125D22DF13E1503A31
Requests: 1 HTTP requests in this frame

Frame: http://t.sharethis.com/a/t_.htm?ver=0.366.18423&cid=c010
Frame ID: 74BBBEB959DF40B5743A8BBF7C4E4CA9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df11b90aa9830b%26domain%3Dga.naaar.nl%26origin%3Dhttp%253A%252F%252Fga.naaar.nl%252Ff369009d0f2e4e8%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
Frame ID: E25B004470F630626AA74364EC99B9B2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/like.php?action=recommend&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df44eb0687f637c%26domain%3Dga.naaar.nl%26origin%3Dhttp%253A%252F%252Fga.naaar.nl%252Ff369009d0f2e4e8%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
Frame ID: 54F6FBE234739DA62989F52B10F34B70
Requests: 1 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: 6D24E1F597D46C4F4A273DE15FC24DA3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h1... Page URL
http://bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3 HTTP 301
http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3 Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

61
Requests

70 %
HTTPS

69 %
IPv6

21
Domains

32
Subdomains

25
IPs

8
Countries

559 kB
Transfer

1504 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3 Page URL
http://bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3 HTTP 301
http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

http://connect.facebook.net/en_US/sdk.js HTTP 307
https://connect.facebook.net/en_US/sdk.js

Request Chain 24

https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&fpc=780c976-1703734c0f2-ea88212-1&sessionID=1581474169074.57968&hostname=ga.naaar.nl&location=%2Flink%2F&product=widget&stid=&fcmp=false&publisher=7e944658-6ed3-48e2-949c-2469b90f6622&refDomain=&refQuery=&consentDomain=.consensu.org&url=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&sharURL=&buttonType=ERROR&destination=ERROR&source=ERROR&title=&ts1581474169074.0=&sop=false HTTP 301
https://l.sharethis.com/sc?cm=CicACF5DYXkAAAATRyMuAw%3D%3D&uid=true&url=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&publisher=7e944658-6ed3-48e2-949c-2469b90f6622&sop=false

Request Chain 55

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=1014356628&t=pageview&_s=1&dl=http%3A%2F%2Fwww.bestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3&dr=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&ul=en-us&de=UTF-8&dt=%E5%BD%A9%E7%AB%8B%E6%96%B9%E5%BD%A9%E7%A5%A8-%E5%BD%A9%E7%AB%8B%E6%96%B9%E5%BD%A9%E7%A5%A8%E5%AE%98%E7%BD%91-%E5%BD%A9%E7%AB%8B%E6%96%B9%E5%BD%A9%E7%A5%A8app-%E5%BD%A9%E7%AB%8B%E6%96%B9%E5%BD%A9%E7%A5%A8%E4%B8%8B%E8%BD%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1688243334&gjid=1250432804&cid=1695453912.1581474181&tid=UA-154601088-1&_gid=324146069.1581474181&_r=1&gtm=2ou1t0&z=1538364340 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-154601088-1&cid=1695453912.1581474181&jid=1688243334&_gid=324146069.1581474181&gjid=1250432804&_v=j80&z=1538364340 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-154601088-1&cid=1695453912.1581474181&jid=1688243334&_v=j80&z=1538364340 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-154601088-1&cid=1695453912.1581474181&jid=1688243334&_v=j80&z=1538364340&slf_rd=1&random=2841999337

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
ga.naaar.nl/link/ 3 KB
1 KB 55ms
43ms Document
text/html 2a0b:7280:100:0:4df:5cff:fe00:208e
ASTRALUS

General

Check archive.org

Show headers Download Go to

Full URL: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
Protocol: HTTP/1.1
Server: 2a0b:7280:100:0:4df:5cff:fe00:208e , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software: Apache/2 /
Resource Hash: 22195bc7062e2c30188c204da6143e05471f7770a10489c50cb34eda6fb5c8ae

Request headers

Host: ga.naaar.nl
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 12 Feb 2020 02:22:48 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1258
Keep-Alive: timeout=2, max=100
Content-Type: text/html

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
38 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ga.naaar.nl
URL: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfc6cb0c3aa0913ea2023cebccf94e4b85a416ec4217133146ece249b549846a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 12 Feb 2020 02:22:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 9631487741222822069
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 38766
X-XSS-Protection: 0
Expires: Wed, 12 Feb 2020 02:22:49 GMT

GET
H/1.1 200
OK sharing.png
ga.naaar.nl/link/ 9 KB
9 KB 25ms
25ms Image
image/png 2a0b:7280:100:0:4df:5cff:fe00:208e
ASTRALUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ga.naaar.nl/link/sharing.png
Requested by: Host: ga.naaar.nl
URL: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
Protocol: HTTP/1.1
Server: 2a0b:7280:100:0:4df:5cff:fe00:208e , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software: Apache/2 /
Resource Hash: ff7ba2bb4a92157e2f6abfc662ef47e9a267d67bc7f3dc2838066019faaa2e51

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 12 Feb 2020 02:22:49 GMT
Last-Modified: Fri, 18 Aug 2017 11:06:58 GMT
Server: Apache/2
ETag: "237f-5570520b00b0e"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 9087

GET
H/1.1 200
OK buttons.js Show response
w.sharethis.com/button/ 55 KB
16 KB 29ms
6ms Script
application/javascript 2600:9000:20eb:e000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://w.sharethis.com/button/buttons.js
Requested by: Host: ga.naaar.nl
URL: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
Protocol: HTTP/1.1
Server: 2600:9000:20eb:e000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 011af481a6c21ebe9524e49d785ca76479a7f44c63e013848d2992cba4e12532

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Feb 2020 03:50:47 GMT
Content-Encoding: gzip
Age: 81122
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Server: nginx/1.12.2
ETag: "5d9e5f01-dd87"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
Cache-Control: max-age=259200
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: iJMjXyW1eaWO5PBMQNaGPfeSM56V4_uYnD4WPjSXX9LezKRU6qLcYg==
Expires: Fri, 14 Feb 2020 03:50:47 GMT

GET javascript.php
js.globalkapitalpartners.com/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ga.naaar.nl
URL: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 01:10:36 GMT
server: Golfe2
age: 6557
date: Wed, 12 Feb 2020 00:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17926
expires: Wed, 12 Feb 2020 02:33:32 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 13ms
13ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=1053550215&t=pageview&_s=1&dl=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&ul=en-us&de=windows-1252&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=519359484&gjid=671944976&cid=760389312.1581474169&tid=UA-77753337-2&_gid=1350528994.1581474169&_r=1&z=1783794873

Requested by

Host: ga.naaar.nl
URL: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 12 Feb 2020 02:22:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
778 B 28ms
15ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ga.naaar.nl

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 02:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
778 B 27ms
14ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ga.naaar.nl

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 02:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200210/r20190131/ 221 KB
83 KB 45ms
32ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200210/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c3b17ef96c6c0454d14fef9b869089718dc617d59cc4dd5e254d3699498cd74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 02:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84503
x-xss-protection: 0
server: cafe
etag: 16682327887642809919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Feb 2020 02:22:49 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200210/r20190131/ Frame 5C5B 0
0 18ms
6ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200210/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200210/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 10 Feb 2020 20:21:14 GMT
expires: Mon, 24 Feb 2020 20:21:14 GMT
content-type: text/html; charset=UTF-8
etag: 17772678075199185246
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4496
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 108095
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 22ms
7ms Script
application/javascript 2600:9000:20eb:5a00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/async-buttons.js
Requested by: Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 764262648df23049f6c23fe89dc20106a96c4624412a8ad20ec54bb7bbae6c6e

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 10 Feb 2020 12:36:30 GMT
content-encoding: gzip
server: nginx/1.12.2
age: 135979
etag: "5d9e5f50-162e8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=259200
x-amz-cf-pop: FRA2-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: D1umEB4dbdbTj6L22_UswUKoDBBfRMpT0-QIyMBc3Qcz4HcRSENYlg==
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
expires: Thu, 13 Feb 2020 12:36:30 GMT

GET
H2 200 portal.html
c.sharethis.mgr.consensu.org/ Frame AEDF 0
0 22ms
6ms Document
text/html 2600:9000:20eb:7a00:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal.html
Requested by: Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:7a00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3

Response headers

status: 200
content-type: text/html; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
accept-ranges: bytes
last-modified: Mon, 27 Jan 2020 20:26:17 GMT
content-encoding: gzip
date: Wed, 12 Feb 2020 02:20:22 GMT
cache-control: max-age=600, public
etag: W/"3802-16fe8aef228"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: DK-Mn04ePIDl2SPuMOv-G4rGCFPP5mnTA5lDgKlnIgFzqwEzwiaAXw==
age: 154

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 6ms
6ms Stylesheet
text/css 2600:9000:20eb:5a00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/css/buttons-secure.css
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 12 Feb 2020 01:59:29 GMT
content-encoding: gzip
last-modified: Wed, 09 Oct 2019 22:29:37 GMT
server: nginx/1.12.2
age: 49576
etag: W/"5d9e5f51-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA2-C1
x-robots-tag: noindex, nofollow
content-length: 3851
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
x-amz-cf-id: H_2GcDKVTYtEBP1wEnf_sbwdzV7I8hodIYZvZ0Pz9fQoOUhkxA7THA==

GET
H2 200 plusone.js Show response
apis.google.com/js/ 48 KB
18 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

719c8d254545fb9bab1e3f4c99d94f4209253521bf8600240caf19f0d57b26d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 02:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-SjJhnu924z6svjyncODyCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "cf1525a4f087763d14baa8e9f429e9e5"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Wed, 12 Feb 2020 02:22:49 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/sdk.js
https://connect.facebook.net/en_US/sdk.js

3 KB
2 KB

17ms
6ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: ga.naaar.nl
URL: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c217da5c0e1221b3cdff8d2e6ac15e53ebeb8d6f6db988578a93e7d78dbcdb74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 5b31nhXqEoIpKUOF9lZ08w==
status: 200
date: Wed, 12 Feb 2020 02:22:49 GMT, Wed, 12 Feb 2020 02:22:49 GMT
expires: Wed, 12 Feb 2020 02:31:37 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 1778
x-fb-debug: Hb1qfxlILBcMeRcZls4doYgLbLvbDKoU5Luc17Z6cF9LQ200N/uKf10NHi71pflkpdXIkaVNm9/Q5MPAd72T9Q==
x-fb-trip-id: 1850256238
x-fb-content-md5: 74746d3ad12a5c0c3686a7e67ba494de
etag: "77825d57527f8543d28ef9626499d0b0"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

Redirect headers

Location: https://connect.facebook.net/en_US/sdk.js
Non-Authoritative-Reason: HSTS

GET
H2 200 googleplus_32.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 8ms
6ms Image
image/png 2600:9000:20eb:5a00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/googleplus_32.png
Requested by: Host: ga.naaar.nl
URL: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: d0c8da105e3942965cf032c25db093698e244ee11cc23c52e52b506926083dfd

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Sep 2019 01:31:16 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
server: nginx/1.12.2
age: 12617493
etag: "5d82ad27-9a4"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2468
x-amz-cf-id: cebiJ9--8ycY86W34zjtXSr2uDgWdXAFDsBjRibp_QzPIxFd8g243w==
expires: Fri, 18 Sep 2020 01:31:16 GMT

GET
H2 200 facebook_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 9ms
8ms Image
image/png 2600:9000:20eb:5a00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/facebook_32.png
Requested by: Host: ga.naaar.nl
URL: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 732d3038cffc852adde57cc51509924b478a45c898cefbb6e46b04448feff7e5

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Sep 2019 18:18:31 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
server: nginx/1.12.2
age: 11606658
etag: "5d82ad27-497"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1175
x-amz-cf-id: JFJzsoD4eV8QP9CNbRi1r_pTryLB-iSTrX6SYA9YTi6pRgfEcuSHtw==
expires: Tue, 29 Sep 2020 18:18:31 GMT

GET
H2 200 twitter_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 10ms
8ms Image
image/png 2600:9000:20eb:5a00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/twitter_32.png
Requested by: Host: ga.naaar.nl
URL: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 39446b399dd1911651e5517b059c649de4a58c3d89ddafa594a6867a9b201564

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Sep 2019 18:05:26 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
server: nginx/1.12.2
age: 11607443
etag: "5d82ad27-53a"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1338
x-amz-cf-id: 9RTwT4UTOgXJT5B-WQ5sSpr4mb0WgBlRWih36Bgee0HeiPGqiZipVg==
expires: Tue, 29 Sep 2020 18:05:26 GMT

GET
H2 200 embed_ly_32.png
ws.sharethis.com/images/2017/ 157 B
516 B 10ms
9ms Image
image/png 2600:9000:20eb:5a00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/embed_ly_32.png
Requested by: Host: ga.naaar.nl
URL: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 61cdbb1281104e96a7c9da7c38770b61993db0129f1ba23067802c269d6208d3

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 30 Sep 2019 18:04:05 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
server: nginx/1.12.2
age: 11607524
etag: "5d82ad27-9d"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 157
x-amz-cf-id: dbpFLi97OeSue66d95LzESgnWxJ7zxkeLU5aPLW0X5nibmKnf7GsIg==
expires: Tue, 29 Sep 2020 18:04:05 GMT

GET
H2 200 linkedin_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 10ms
8ms Image
image/png 2600:9000:20eb:5a00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/linkedin_32.png
Requested by: Host: ga.naaar.nl
URL: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: e083ca305fe5020595b52c04499258219f69c8cb83ec0ffc1eb0f22815f5c60f

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Sep 2019 13:42:34 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
server: nginx/1.12.2
age: 12573615
etag: "5d82ad27-4c9"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1225
x-amz-cf-id: mn53UzDhubewBae7iJIf1Z57eGmg9v2w4i9jYFRKLs8ct7peHZ2LLQ==
expires: Fri, 18 Sep 2020 13:42:34 GMT

GET
H2 200 pinterest_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 10ms
9ms Image
image/png 2600:9000:20eb:5a00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/pinterest_32.png
Requested by: Host: ga.naaar.nl
URL: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 03f4f72d7090e82fbaf35259ac9dfea880d4874bf694cd6cbfc54a62a0023c4d

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Sep 2019 00:59:30 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
server: nginx/1.12.2
age: 12014599
etag: "5d82ad27-59b"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1435
x-amz-cf-id: 42kvKKER_Xq1sG5PBzcmLAqy_TEjjyZJETkPJgx9fxmm82sRyl3Zcw==
expires: Fri, 25 Sep 2020 00:59:30 GMT

GET
H2 200 sharethis_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 10ms
9ms Image
image/png 2600:9000:20eb:5a00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/sharethis_32.png
Requested by: Host: ga.naaar.nl
URL: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 1af0e0ca290a13faeabef7d1bde7ca8d96bb83b876f5d42e32c4b6095a5b0afb

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Sep 2019 08:02:31 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
server: nginx/1.12.2
age: 12507618
etag: "5d82ad27-539"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1337
x-amz-cf-id: FxQWDW47PiZNKjX9LkJEGDHfC1Gd6_lXbIT6hEW9IROSAh1CBhPZjQ==
expires: Sat, 19 Sep 2020 08:02:31 GMT

GET
H2 200 email_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 11ms
9ms Image
image/png 2600:9000:20eb:5a00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/email_32.png
Requested by: Host: ga.naaar.nl
URL: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: c3a537ae5d8020c10896418cb8658af444cbb3f89d3543c7db596b624e38690d

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Sep 2019 09:21:58 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
server: nginx/1.12.2
age: 12589251
etag: "5d82ad27-566"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1382
x-amz-cf-id: XDvC51eJucYmeoTfZKdoxJo-hrODNgg4QhWMIDyTxGoPm3imzQn1uw==
expires: Fri, 18 Sep 2020 09:21:58 GMT

GET
H/1.1

301
Moved Permanently

sc Show response
l.sharethis.com/
Redirect Chain

https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&fpc=780c976-1703734c0f2-ea88212-1&sessionID=1581474169074.57968&hostname=ga.naaar.nl&location=%2Flink%2F&product=widget&stid=&fc...
https://l.sharethis.com/sc?cm=CicACF5DYXkAAAATRyMuAw%3D%3D&uid=true&url=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h1...

0
-1 B

141ms
35ms

XHR
text/html

18.184.190.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/sc?cm=CicACF5DYXkAAAATRyMuAw%3D%3D&uid=true&url=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&publisher=7e944658-6ed3-48e2-949c-2469b90f6622&sop=false
Requested by: Host: ga.naaar.nl
URL: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.190.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-190-145.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 12 Feb 2020 02:22:49 GMT
Location: /sc?cm=CicACF5DYXkAAAATRyMuAw%3D%3D&uid=true&url=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&publisher=7e944658-6ed3-48e2-949c-2469b90f6622&sop=false
P3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Access-Control-Max-Age: 1728000
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: http://ga.naaar.nl
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 326
Stid: CicACF5DYXkAAAATRyMuAw==

Redirect headers

Date: Wed, 12 Feb 2020 02:22:49 GMT
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: http://ga.naaar.nl
Access-Control-Max-Age: 1728000
P3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Location: /sc?cm=CicACF5DYXkAAAATRyMuAw%3D%3D&uid=true&url=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&publisher=7e944658-6ed3-48e2-949c-2469b90f6622&sop=false
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 326
Stid: CicACF5DYXkAAAATRyMuAw==

GET
H2 403 ads
googleads.g.doubleclick.net/pagead/ Frame 9F4A 0
0 22ms
21ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8928190816014764&output=html&h=280&slotname=5325820473&adk=3398756990&adf=2653041513&w=1200&fwrn=4&fwrnh=100&lmt=1581474169&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1581474169055&bpp=13&bdt=39&fdt=69&idt=70&shv=r20200210&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4250488197352&frm=20&pv=2&ga_vid=760389312.1581474169&ga_sid=1581474169&ga_hid=1053550215&ga_fc=0&iag=0&icsg=35360&dssz=15&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065534%2C44714237&oid=3&pvsid=750854026008280&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=144&bc=23&ifi=1&uci=a!1&fsb=1&xpc=2prJ7KYiJ5&p=http%3A//ga.naaar.nl&dtd=82

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200210/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8928190816014764&output=html&h=280&slotname=5325820473&adk=3398756990&adf=2653041513&w=1200&fwrn=4&fwrnh=100&lmt=1581474169&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1581474169055&bpp=13&bdt=39&fdt=69&idt=70&shv=r20200210&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4250488197352&frm=20&pv=2&ga_vid=760389312.1581474169&ga_sid=1581474169&ga_hid=1053550215&ga_fc=0&iag=0&icsg=35360&dssz=15&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065534%2C44714237&oid=3&pvsid=750854026008280&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=144&bc=23&ifi=1&uci=a!1&fsb=1&xpc=2prJ7KYiJ5&p=http%3A//ga.naaar.nl&dtd=82
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 12 Feb 2020 02:22:49 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 12-Feb-2020 02:37:49 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 45ms
39ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200210/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 02:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Wed, 12 Feb 2020 02:22:49 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame D79D 0
0 15ms
15ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8928190816014764&output=html&adk=1812271804&adf=3025194257&lmt=1581474169&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1581474169075&bpp=3&bdt=58&fdt=88&idt=88&shv=r20200210&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=4250488197352&frm=20&pv=1&ga_vid=760389312.1581474169&ga_sid=1581474169&ga_hid=1053550215&ga_fc=0&iag=0&icsg=2132512&dssz=16&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065534%2C44714237&oid=3&pvsid=750854026008280&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&dtd=93

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200210/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8928190816014764&output=html&adk=1812271804&adf=3025194257&lmt=1581474169&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1581474169075&bpp=3&bdt=58&fdt=88&idt=88&shv=r20200210&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=4250488197352&frm=20&pv=1&ga_vid=760389312.1581474169&ga_sid=1581474169&ga_hid=1053550215&ga_fc=0&iag=0&icsg=2132512&dssz=16&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065534%2C44714237&oid=3&pvsid=750854026008280&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&dtd=93
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 12 Feb 2020 02:22:49 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 12-Feb-2020 02:37:49 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Wed, 12 Feb 2020 02:22:49 GMT
cache-control: private

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sMn3oj1Y3cA.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQc/rs=AGLTcCN2dfVUHs4zuTf0kWyDefSg5_jNrA/ 139 KB
49 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sMn3oj1Y3cA.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQc/rs=AGLTcCN2dfVUHs4zuTf0kWyDefSg5_jNrA/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3e3bd0c6249aec8fcbfc491ab635c3287b76e3206daa0c21fe2d63947f6f2f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 04 Feb 2020 10:36:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2019 23:42:29 GMT
server: sffe
age: 661580
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 49922
x-xss-protection: 0
expires: Wed, 03 Feb 2021 10:36:29 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sMn3oj1Y3cA.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQc/rs=AGLTcCN2dfVUHs4zuTf0kWyDefSg5_jNrA/ 96 KB
34 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sMn3oj1Y3cA.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQc/rs=AGLTcCN2dfVUHs4zuTf0kWyDefSg5_jNrA/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5997ba2e08136c680db336a47617ed816f1eb70c8e7a80ad47b22f9768999f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 04 Feb 2020 07:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2019 23:42:29 GMT
server: sffe
age: 673560
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 34376
x-xss-protection: 0
expires: Wed, 03 Feb 2021 07:16:49 GMT

GET
H2 404 fastbutton
apis.google.com/se/0/_/+1/ Frame 3CED 0
0 33ms
32ms Document
text/html 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=large&count=false&origin=http%3A%2F%2Fga.naaar.nl&url=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sMn3oj1Y3cA.O%2Fam%3DwQc%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCN2dfVUHs4zuTf0kWyDefSg5_jNrA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=large&count=false&origin=http%3A%2F%2Fga.naaar.nl&url=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sMn3oj1Y3cA.O%2Fam%3DwQc%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCN2dfVUHs4zuTf0kWyDefSg5_jNrA%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=197=HsnAkedkTS17hO3exr6OrBFd1HvHUjAPx92m-EfrrRVXUwbqJzYjzSRif63NdhAtGSfQeg4lMTuu_0w_3vZPgVhevrrLEasDswKNAXyP0Z-zXXZLyJnp2IPZR28sqNWrue-E5bc1ohWIgIfDqCcsenzwguOSFzedAS735yBpvCA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3

Response headers

status: 404
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 12 Feb 2020 02:22:49 GMT
content-security-policy-report-only: script-src 'report-sample' 'nonce-DTg++NrV//ATerwvOK37RQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 194 KB
59 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=d8dba2a3a9fcdd73bad6785fd63d6fea&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6b3055340fe39ede9f937cba17e1230bf8213ab44223324e7f8598a9e497581a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
Origin: http://ga.naaar.nl
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Rtp5kxW3YIqFaXq8I4Q+Xg==
status: 200
date: Wed, 12 Feb 2020 02:22:49 GMT, Wed, 12 Feb 2020 02:22:49 GMT
expires: Thu, 11 Feb 2021 01:57:25 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 59543
x-fb-debug: OljYeskVGfordMLc+mEStz267IiRsFCDrUkiBSsDNuO8LyZ9MVmeReuJdpiR0VQquKjdDS3ePQUMcEXp9mUiTQ==
x-fb-trip-id: 1850256238
x-fb-content-md5: 068fdfff94109935814d32c3f830d29f
etag: "740b7cdd8637c9cc96e59b7856fe8e64"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame 3580 0
0 29ms
16ms Document
text/html 2a00:1450:4001:816::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fga.naaar.nl&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sMn3oj1Y3cA.O%2Fam%3DwQc%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCN2dfVUHs4zuTf0kWyDefSg5_jNrA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sMn3oj1Y3cA.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQc/rs=AGLTcCN2dfVUHs4zuTf0kWyDefSg5_jNrA/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eMH78LRmYtGfTom2y1g+Yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fga.naaar.nl&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sMn3oj1Y3cA.O%2Fam%3DwQc%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCN2dfVUHs4zuTf0kWyDefSg5_jNrA%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=197=HsnAkedkTS17hO3exr6OrBFd1HvHUjAPx92m-EfrrRVXUwbqJzYjzSRif63NdhAtGSfQeg4lMTuu_0w_3vZPgVhevrrLEasDswKNAXyP0Z-zXXZLyJnp2IPZR28sqNWrue-E5bc1ohWIgIfDqCcsenzwguOSFzedAS735yBpvCA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 12 Feb 2020 02:22:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-eMH78LRmYtGfTom2y1g+Yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK sc Show response
l.sharethis.com/ 51 B
501 B 36ms
35ms XHR
text/plain 18.184.190.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/sc?cm=CicACF5DYXkAAAATRyMuAw%3D%3D&uid=true&url=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&publisher=7e944658-6ed3-48e2-949c-2469b90f6622&sop=false
Requested by: Host: ga.naaar.nl
URL: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.190.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-190-145.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 98b6545e91cac809a2479e79eacff209d481a13d587b041f7c3016081c477338

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
Origin: http://ga.naaar.nl
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 12 Feb 2020 02:22:49 GMT
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: http://ga.naaar.nl
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *
Content-Length: 51
Stid: CicACF5DYXkAAAATRyMuAw==

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
1 KB 116ms
39ms Script
application/javascript 104.111.218.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?rnd=1581474169313&cid=c010&dmn=ga.naaar.nl

Requested by

Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.218.17 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-17.deploy.static.akamaitechnologies.com

Software

Resource Hash

0c47c13c5aff23d84ec444a18433c3abda8e3a4b7945bd7744738a58c70fb28f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 12 Feb 2020 02:22:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="/w3c/p3p.xml", CP="DSP LAW NID OUR DEL SAM BUS UNI PUR COM NAV INT STA PRE LOC OTC"
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 958
Expires: Wed, 12 Feb 2020 03:22:49 GMT

GET
H/1.1 200
OK t_.htm
t.sharethis.com/a/ Frame 74BB 0
0 78ms
58ms Document
text/html 104.111.218.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://t.sharethis.com/a/t_.htm?ver=0.366.18423&cid=c010
Requested by: Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?rnd=1581474169313&cid=c010&dmn=ga.naaar.nl
Protocol: HTTP/1.1
Server: 104.111.218.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-218-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: t.sharethis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3

Response headers

Content-Length: 1084
Cache-Control: max-age=604800
Expires: Wed, 19 Feb 2020 02:22:49 GMT
Date: Wed, 12 Feb 2020 02:22:49 GMT
Connection: keep-alive
Content-Encoding: gzip
P3P: policyref="/w3c/p3p.xml", CP="DSP LAW NID OUR DEL SAM BUS UNI PUR COM NAV INT STA PRE LOC OTC"
Content-Type: text/html
X-Robots-Tag: noindex, nofollow

GET
H2 200 like.php
www.facebook.com/v2.0/plugins/ Frame E25B 0
0 79ms
67ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.0/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df11b90aa9830b%26domain%3Dga.naaar.nl%26origin%3Dhttp%253A%252F%252Fga.naaar.nl%252Ff369009d0f2e4e8%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d8dba2a3a9fcdd73bad6785fd63d6fea&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.0/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df11b90aa9830b%26domain%3Dga.naaar.nl%26origin%3Dhttp%253A%252F%252Fga.naaar.nl%252Ff369009d0f2e4e8%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
facebook-api-version: v2.12
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: 1ObKSP24SyYQTyhRd8ppANxPst3+oWKQAFIQXvJQHBEOyb4HXS7lTyqGlQ6wJUP2zB5i2UXK9M+93UYtSl3CXg==
date: Wed, 12 Feb 2020 02:22:49 GMT Wed, 12 Feb 2020 02:22:49 GMT
alt-svc: h3-24=":443"; ma=3600

GET
H2 200 like.php
www.facebook.com/v2.0/plugins/ Frame 54F6 0
0 81ms
72ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.0/plugins/like.php?action=recommend&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df44eb0687f637c%26domain%3Dga.naaar.nl%26origin%3Dhttp%253A%252F%252Fga.naaar.nl%252Ff369009d0f2e4e8%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d8dba2a3a9fcdd73bad6785fd63d6fea&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.0/plugins/like.php?action=recommend&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df44eb0687f637c%26domain%3Dga.naaar.nl%26origin%3Dhttp%253A%252F%252Fga.naaar.nl%252Ff369009d0f2e4e8%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
facebook-api-version: v2.12
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: RQdngHD1KFcNUtx1XMhBKj7GAqquM9C5KVKFOZckAa4bOFZs1Q8RPbVdORsoaJfTqmZk+02VO7CxHTSdLisSDQ==
date: Wed, 12 Feb 2020 02:22:49 GMT Wed, 12 Feb 2020 02:22:49 GMT
alt-svc: h3-24=":443"; ma=3600

GET
H2 200 index.html
ws.sharethis.com/secure5x/ Frame 6D24 0
0 8ms
6ms Document
text/html 2600:9000:20eb:5a00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure5x/index.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:5a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash

Request headers

:method: GET
:authority: ws.sharethis.com
:scheme: https
:path: /secure5x/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __stid=CicACF5DYXkAAAATRyMuAw==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3

Response headers

status: 200
content-type: text/html
content-length: 4081
content-encoding: gzip
last-modified: Wed, 09 Oct 2019 22:29:37 GMT
server: nginx/1.12.2
x-robots-tag: noindex, nofollow
date: Wed, 12 Feb 2020 02:00:15 GMT
etag: W/"5d9e5f51-390f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: ns10-IWJBBPDZiTqOi8WbvQyob7Y_Y_S3qkH5U_85x7CeofENfeVzQ==
age: 72560

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.bestprofits-for-you-21.com/
Redirect Chain

http://bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3

5 KB
3 KB

518ms
359ms

Document
text/html

45.147.31.15
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
Protocol: HTTP/1.1
Server: 45.147.31.15 , Norway, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 2440ba4dd75a66711d7686e9712a485e02802f2ee0f70228fd5dff77539c004a

Request headers

Host: www.bestprofits-for-you-21.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://ga.naaar.nl/link/?url=http%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3

Response headers

Server: nginx
Date: Wed, 12 Feb 2020 02:22:59 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=f3cmlc7su5fltrm7rfujlsntgp; expires=Fri, 14-Feb-2020 02:22:59 GMT; Max-Age=172800; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Wed, 12 Feb 2020 02:22:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3

GET
H/1.1 200
OK index.css
www.bestprofits-for-you-21.com/template/mipcms_theme_044_v1.0.0/main/css/ 24 KB
7 KB 153ms
153ms Stylesheet
text/css 45.147.31.15
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bestprofits-for-you-21.com/template/mipcms_theme_044_v1.0.0/main/css/index.css
Requested by: Host: www.bestprofits-for-you-21.com
URL: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
Protocol: HTTP/1.1
Server: 45.147.31.15 , Norway, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 05c9ee8b64de53fa788e5a219cb92f80bfaafc529d5d9b1e251aa96f507eeeb7

Request headers

Referer: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 12 Feb 2020 02:22:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Jul 2015 09:15:18 GMT
Server: nginx
ETag: W/"55a381a6-5f70"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 12 Feb 2020 14:22:59 GMT

GET
H/1.1 200
OK responsive.css
www.bestprofits-for-you-21.com/template/mipcms_theme_044_v1.0.0/main/css/ 15 KB
4 KB 305ms
284ms Stylesheet
text/css 45.147.31.15
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bestprofits-for-you-21.com/template/mipcms_theme_044_v1.0.0/main/css/responsive.css
Requested by: Host: www.bestprofits-for-you-21.com
URL: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
Protocol: HTTP/1.1
Server: 45.147.31.15 , Norway, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 289df79d85592d3af1a50255846bf37a0c3f96ac8a0dc249a14717ffa4786127

Request headers

Referer: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 12 Feb 2020 02:22:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Oct 2015 09:12:52 GMT
Server: nginx
ETag: W/"561e1c94-3a79"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 12 Feb 2020 14:22:59 GMT

GET
H/1.1 200
OK jquery.min.js Show response
cdn.staticfile.org/jquery/1.10.2/ 91 KB
33 KB 159ms
59ms Script
application/javascript 47.246.43.227
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js
Requested by: Host: www.bestprofits-for-you-21.com
URL: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.43.227 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Request headers

Referer: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Content-Encoding: gzip
Age: 126411
X-Swift-CacheTime: 86400
Content-Disposition: inline; filename="jquery.min.js"; filename*=utf-8' 'jquery.min.js
X-Swift-SaveTime: Tue, 11 Feb 2020 04:02:01 GMT
X-M-Reqid: riYAALeCg9hqE_IV
X-M-Log: QNM:xs454;QNM3:38/304
Etag: "FuLzYD4jcR9kRvJ4pBHZBWI9ZSAe.gz"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: s-maxage=86400, max-age=86400
X-Qiniu-Zone: 0
X-Qnm-Cache: Hit
EagleId: 2ff62b9915814741796427786e
Expires: Tue, 11 Feb 2020 15:16:08 GMT
X-Log: X-Log
Date: Mon, 10 Feb 2020 15:16:08 GMT
Via: cache22.l2de1[0,304-0,H], cache23.l2de1[1,0], cache5.de2[0,200-0,H], cache5.de2[0,0]
X-Svr: IO
X-Reqid: HkcAAACTmDEfh8gV
Connection: keep-alive
Content-Transfer-Encoding: binary
Content-Length: 32989
X-Cache: HIT TCP_MEM_HIT dirn:10:434018325
Last-Modified: Tue, 16 Feb 2016 04:22:54 GMT
Server: Tengine
Access-Control-Max-Age: 2592000
Ali-Swift-Global-Savetime: 1569676925
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 cp.js Show response
manyjs.com/365/ 3 KB
2 KB 689ms
233ms Script
application/javascript 103.80.27.177
HKKFGL-AS-AP HK K...

General

Check archive.org

Show headers Download Go to

Full URL: https://manyjs.com/365/cp.js
Requested by: Host: www.bestprofits-for-you-21.com
URL: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.80.27.177 , China, ASN133115 (HKKFGL-AS-AP HK Kwaifong Group Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: e935f0541eff89bb38f9a731673d6dc149de92246a4eca373e245c9c9143067b

Request headers

Referer: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 02:16:36 GMT
content-encoding: gzip
last-modified: Mon, 06 Jan 2020 10:17:35 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5e13093f-b5d"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=43200
expires: Wed, 12 Feb 2020 14:16:36 GMT

GET
H/1.1 404
Not Found style.css
www.bestprofits-for-you-21.com/template/mipcms_theme_044_v1.0.0/main/css/ 0
0 309ms
288ms Stylesheet
text/html 45.147.31.15
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bestprofits-for-you-21.com/template/mipcms_theme_044_v1.0.0/main/css/style.css
Requested by: Host: www.bestprofits-for-you-21.com
URL: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
Protocol: HTTP/1.1
Server: 45.147.31.15 , Norway, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 12 Feb 2020 02:22:59 GMT
Server: nginx
Connection: keep-alive
Content-Length: 548
Content-Type: text/html

GET
H/1.1 200
OK logo.png
www.bestprofits-for-you-21.com/template/mipcms_theme_044_v1.0.0/main/images/ 6 KB
6 KB 306ms
286ms Image
image/png 45.147.31.15
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.bestprofits-for-you-21.com/template/mipcms_theme_044_v1.0.0/main/images/logo.png
Requested by: Host: www.bestprofits-for-you-21.com
URL: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
Protocol: HTTP/1.1
Server: 45.147.31.15 , Norway, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: ff5a64d1e62d0935868692c9c83a9285bee03ccf8d7e578be931c7cc4940f59c

Request headers

Referer: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 12 Feb 2020 02:22:59 GMT
Last-Modified: Mon, 13 Jul 2015 09:04:58 GMT
Server: nginx
ETag: "55a37f3a-176a"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5994
Expires: Fri, 13 Mar 2020 02:22:59 GMT

GET
H/1.1 200
OK about_pic.jpg
www.bestprofits-for-you-21.com/template/mipcms_theme_044_v1.0.0/main/images/ 22 KB
23 KB 305ms
285ms Image
image/jpeg 45.147.31.15
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.bestprofits-for-you-21.com/template/mipcms_theme_044_v1.0.0/main/images/about_pic.jpg
Requested by: Host: www.bestprofits-for-you-21.com
URL: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
Protocol: HTTP/1.1
Server: 45.147.31.15 , Norway, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: e40a2eab86ceeef737fc6b73a07fb5e9e06b45022e48268c0add70e41e1ebfc1

Request headers

Referer: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 12 Feb 2020 02:22:59 GMT
Last-Modified: Mon, 13 Jul 2015 09:06:18 GMT
Server: nginx
ETag: "55a37f8a-58f2"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22770
Expires: Fri, 13 Mar 2020 02:22:59 GMT

GET push.js
push.zhanzhang.baidu.com/ 0
0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 37 KB
14 KB 779ms
332ms Script
application/javascript 103.235.46.191
CNNIC-BAIDU-AP Be...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?ab063a86e2e81caeb72d77f54ba935d8

Requested by

Host: www.bestprofits-for-you-21.com
URL: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

fd519783acde5751c27cbb7ce65deda904b3c64e0f43434c5bc30da0744051b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 12 Feb 2020 02:23:00 GMT
Content-Encoding: gzip
Server: apache
Etag: 33c76f76db34ece4e184208029e68f85
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 13507

GET
H2 200 11.0.1.js Show response
jspassport.ssl.qhimg.com/ 105 B
463 B 197ms
8ms Script
application/x-javascript 2600:9000:20eb:9600:0:e2b1:a380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
Requested by: Host: manyjs.com
URL: https://manyjs.com/365/cp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:9600:0:e2b1:a380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 777162062d8c9f706eb668fdb4872c8e97f4f6f57ccd8e3f963d29b9abdc03eb

Request headers

Referer: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 12 Feb 2020 02:15:17 GMT
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
kcs-via: HIT from w-fc01.lato;EXPIRED from w-sc01.lato
last-modified: Tue, 01 Aug 2017 05:52:02 GMT
age: 467
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=600
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Znk0oxG4S2Bo49h0fqlQoeJ6Ur_lO97E3MxRU6Pzyvin8Ahl-Y42UQ==
expires: Wed, 12 Feb 2020 02:25:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-154601088-1

Requested by

Host: manyjs.com
URL: https://manyjs.com/365/cp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d313de2dc51ee6665981e3b1eb089ca992107c39a38f419e6928f8a7625aa778

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 12 Feb 2020 02:23:00 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28367
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Feb 2020 02:23:00 GMT

GET
H/1.1 200
OK matomo.js Show response
tj.yddashi.com/ 66 KB
25 KB 520ms
290ms Script
application/javascript 45.151.253.130
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://tj.yddashi.com/matomo.js
Requested by: Host: manyjs.com
URL: https://manyjs.com/365/cp.js
Protocol: HTTP/1.1
Server: 45.151.253.130 , Netherlands, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: ed1c11ae5ec52f01b21ccfd2d0dfe8fa32806d6e19f7bb9f987a8006a47c3b56

Request headers

Referer: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 12 Feb 2020 02:23:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Nov 2019 04:54:19 GMT
Server: nginx
ETag: W/"5dde017b-1093a"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 12 Feb 2020 14:23:01 GMT

GET
H2 200 ab77b6ea7f3fbf79.js Show response
s.ssl.qhres.com/ssl/ 478 B
940 B 317ms
6ms Script
application/javascript 2600:9000:20eb:8400:11:1b7a:9b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ssl.qhres.com/ssl/ab77b6ea7f3fbf79.js
Requested by: Host: jspassport.ssl.qhimg.com
URL: https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:8400:11:1b7a:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a

Request headers

Referer: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 17 Sep 2019 01:08:29 GMT
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
kcs-via: HIT from w-fc02.lato;MISS from w-sc03.shyc2
age: 12791670
x-qstatic-hit: 1
x-cache: Hit from cloudfront
status: 200
content-length: 478
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"6a5b3175a87e4950"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: iBJGZLXpukYC7fXSPNcbNQmS6WKOMFpHn1EJxDWzvgKcTGUGXjMHXA==
expires: Fri, 14 Sep 2029 01:08:29 GMT

GET
H/1.1 200
OK zz.gif
s.360.cn/so/ 0
234 B 701ms
490ms Image
image/gif 180.163.251.231
CHINANET-SH-AP Ch...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s.360.cn/so/zz.gif?url=http%3A%2F%2Fwww.bestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3&sid=d182b3f28525f2db83acfaaf6e696dba&token=d31f8r2rb33rff2r8=5d2i5cf&2fdrb3
Requested by: Host: www.bestprofits-for-you-21.com
URL: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
Protocol: HTTP/1.1
Server: 180.163.251.231 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 12 Feb 2020 02:23:01 GMT
Last-Modified: Thu, 01 Aug 2019 13:00:34 GMT
Server: nginx/1.14.2
ETag: "5d42e272-0"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0

GET
H/1.1 404
Not Found style.css
www.bestprofits-for-you-21.com/template/mipcms_theme_044_v1.0.0/main/css/ 0
0 152ms
152ms Stylesheet
text/html 45.147.31.15
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bestprofits-for-you-21.com/template/mipcms_theme_044_v1.0.0/main/css/style.css
Requested by: Host: www.bestprofits-for-you-21.com
URL: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
Protocol: HTTP/1.1
Server: 45.147.31.15 , Norway, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 12 Feb 2020 02:23:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 548
Content-Type: text/html

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-154601088-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 01:10:36 GMT
server: Golfe2
age: 6568
date: Wed, 12 Feb 2020 00:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17926
expires: Wed, 12 Feb 2020 02:33:32 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=1014356628&t=pageview&_s=1&dl=http%3A%2F%2Fwww.bestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3&dr=h...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-154601088-1&cid=1695453912.1581474181&jid=1688243334&_gid=324146069.1581474181&gjid=1250432804&_v=j80&z=1538364340
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-154601088-1&cid=1695453912.1581474181&jid=1688243334&_v=j80&z=1538364340
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-154601088-1&cid=1695453912.1581474181&jid=1688243334&_v=j80&z=1538364340&slf_rd=1&random=2841999337

42 B
109 B

16ms
16ms

Image
image/gif

2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-154601088-1&cid=1695453912.1581474181&jid=1688243334&_v=j80&z=1538364340&slf_rd=1&random=2841999337

Requested by

Host: www.bestprofits-for-you-21.com
URL: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Feb 2020 02:23:00 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Feb 2020 02:23:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-154601088-1&cid=1695453912.1581474181&jid=1688243334&_v=j80&z=1538364340&slf_rd=1&random=2841999337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cp.txt Show response
manyjs.com/jiankong/ 11 B
153 B 678ms
225ms XHR
text/plain 103.80.27.177
HKKFGL-AS-AP HK K...

General

Check archive.org

Show headers Download Go to

Full URL: https://manyjs.com/jiankong/cp.txt
Requested by: Host: cdn.staticfile.org
URL: https://cdn.staticfile.org/jquery/1.10.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.80.27.177 , China, ASN133115 (HKKFGL-AS-AP HK Kwaifong Group Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 31b3f69d2ec5f6a5d91e23c357d8c4c5976bbf4b63b05b1c29011c4077d2dfbf

Request headers

Accept: */*
Referer: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
Origin: http://www.bestprofits-for-you-21.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 12 Feb 2020 02:16:38 GMT
last-modified: Tue, 11 Feb 2020 04:36:20 GMT
server: nginx
etag: "5e422f44-b"
status: 200
content-type: text/plain
access-control-allow-origin: *
accept-ranges: bytes
content-length: 11

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
499 B 328ms
327ms Image
image/gif 103.235.46.191
CNNIC-BAIDU-AP Be...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=222105158&si=ab063a86e2e81caeb72d77f54ba935d8&su=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%253A%252F%252Fbestprofits-for-you-21.com%252F%253Fu%253Du348mwe%2526o%253D6h104vf%2526t%253D4er3r3rf%2526cid%253Drfr3rrf3&v=1.2.68&lv=1&sn=49096&ct=!!&tt=%E5%BD%A9%E7%AB%8B%E6%96%B9%E5%BD%A9%E7%A5%A8-%E5%BD%A9%E7%AB%8B%E6%96%B9%E5%BD%A9%E7%A5%A8%E5%AE%98%E7%BD%91-%E5%BD%A9%E7%AB%8B%E6%96%B9%E5%BD%A9%E7%A5%A8app-%E5%BD%A9%E7%AB%8B%E6%96%B9%E5%BD%A9%E7%A5%A8%E4%B8%8B%E8%BD%BD

Requested by

Host: www.bestprofits-for-you-21.com
URL: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Wed, 12 Feb 2020 02:23:01 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: private, max-age=0, no-cache
Content-Type: image/gif
Content-Length: 43

GET
H/1.1 200
OK matomo.php
tj.yddashi.com/ 43 B
227 B 193ms
192ms Image
image/gif 45.151.253.130
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tj.yddashi.com/matomo.php?action_name=%E5%BD%A9%E7%AB%8B%E6%96%B9%E5%BD%A9%E7%A5%A8-%E5%BD%A9%E7%AB%8B%E6%96%B9%E5%BD%A9%E7%A5%A8%E5%AE%98%E7%BD%91-%E5%BD%A9%E7%AB%8B%E6%96%B9%E5%BD%A9%E7%A5%A8app-%E5%BD%A9%E7%AB%8B%E6%96%B9%E5%BD%A9%E7%A5%A8%E4%B8%8B%E8%BD%BD&idsite=1&rec=1&r=309606&h=3&m=23&s=1&url=http%3A%2F%2Fwww.bestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3&urlref=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3&_id=ab9f333e3b7cb6a1&_idts=1581474181&_idvc=1&_idn=0&_refts=1581474181&_viewts=1581474181&_ref=http%3A%2F%2Fga.naaar.nl%2Flink%2F%3Furl%3Dhttp%3A%2F%2Fbestprofits-for-you-21.com%2F%3Fu%3Du348mwe%26o%3D6h104vf%26t%3D4er3r3rf%26cid%3Drfr3rrf3&send_image=1&cookie=1&res=1600x1200&gt_ms=359&pv_id=MMT5f8
Requested by: Host: www.bestprofits-for-you-21.com
URL: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
Protocol: HTTP/1.1
Server: 45.151.253.130 , Netherlands, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://www.bestprofits-for-you-21.com/?u=u348mwe&o=6h104vf&t=4er3r3rf&cid=rfr3rrf3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 12 Feb 2020 02:23:01 GMT
Cache-Control: no-store
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET fhcppc.jpg
cdn.yddashi.com/365/image/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.globalkapitalpartners.com
URL: http://js.globalkapitalpartners.com/javascript.php?prefix=N9qwvIDuddkMJGdq9P6W22Nd7ZgqdRLk&media=312&campaign=1

Domain: push.zhanzhang.baidu.com
URL: http://push.zhanzhang.baidu.com/push.js

Domain: cdn.yddashi.com
URL: https://cdn.yddashi.com/365/image/fhcppc.jpg

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 11:41:25	Name: NID Value: 197=HsnAkedkTS17hO3exr6OrBFd1HvHUjAPx92m-EfrrRVXUwbqJzYjzSRif63NdhAtGSfQeg4lMTuu_0w_3vZPgVhevrrLEasDswKNAXyP0Z-zXXZLyJnp2IPZR28sqNWrue-E5bc1ohWIgIfDqCcsenzwguOSFzedAS735yBpvCA
.naaar.nl/	1970-01-19 13:52:15	Name: __unam Value: 780c976-1703734c0f2-ea88212-2
.naaar.nl/	1970-01-19 07:17:54	Name: _gat Value: 1
.doubleclick.net/	1970-01-19 07:17:55	Name: test_cookie Value: CheckForPermission
.naaar.nl/	1970-01-19 07:19:20	Name: _gid Value: GA1.2.1350528994.1581474169
.naaar.nl/	1970-01-20 00:49:06	Name: _ga Value: GA1.2.760389312.1581474169

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://manyjs.com/365/cp.js(Line 5) Message: fhccc15.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.de
apis.google.com
bestprofits-for-you-21.com
c.sharethis.mgr.consensu.org
cdn.staticfile.org
cdn.yddashi.com
connect.facebook.net
ga.naaar.nl
googleads.g.doubleclick.net
hm.baidu.com
js.globalkapitalpartners.com
jspassport.ssl.qhimg.com
l.sharethis.com
manyjs.com
pagead2.googlesyndication.com
push.zhanzhang.baidu.com
s.360.cn
s.ssl.qhres.com
stats.g.doubleclick.net
t.sharethis.com
tj.yddashi.com
w.sharethis.com
ws.sharethis.com
www.bestprofits-for-you-21.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
cdn.yddashi.com
js.globalkapitalpartners.com
push.zhanzhang.baidu.com
103.235.46.191
103.80.27.177
104.111.218.17
18.184.190.145
180.163.251.231
2600:9000:20eb:5a00:3:c04e:c780:93a1
2600:9000:20eb:7a00:c:a9b7:ddc0:93a1
2600:9000:20eb:8400:11:1b7a:9b00:93a1
2600:9000:20eb:9600:0:e2b1:a380:93a1
2600:9000:20eb:e000:3:c04e:c780:93a1
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:815::2004
2a00:1450:4001:816::200d
2a00:1450:4001:817::2003
2a00:1450:4001:818::2002
2a00:1450:4001:81b::200e
2a00:1450:4001:81f::2002
2a00:1450:400c:c00::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a0b:7280:100:0:4df:5cff:fe00:208e
45.147.31.15
45.151.253.130
47.246.43.227
011af481a6c21ebe9524e49d785ca76479a7f44c63e013848d2992cba4e12532
03f4f72d7090e82fbaf35259ac9dfea880d4874bf694cd6cbfc54a62a0023c4d
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05c9ee8b64de53fa788e5a219cb92f80bfaafc529d5d9b1e251aa96f507eeeb7
0c47c13c5aff23d84ec444a18433c3abda8e3a4b7945bd7744738a58c70fb28f
1af0e0ca290a13faeabef7d1bde7ca8d96bb83b876f5d42e32c4b6095a5b0afb
22195bc7062e2c30188c204da6143e05471f7770a10489c50cb34eda6fb5c8ae
2440ba4dd75a66711d7686e9712a485e02802f2ee0f70228fd5dff77539c004a
289df79d85592d3af1a50255846bf37a0c3f96ac8a0dc249a14717ffa4786127
31b3f69d2ec5f6a5d91e23c357d8c4c5976bbf4b63b05b1c29011c4077d2dfbf
39446b399dd1911651e5517b059c649de4a58c3d89ddafa594a6867a9b201564
4c3b17ef96c6c0454d14fef9b869089718dc617d59cc4dd5e254d3699498cd74
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5997ba2e08136c680db336a47617ed816f1eb70c8e7a80ad47b22f9768999f8c
61cdbb1281104e96a7c9da7c38770b61993db0129f1ba23067802c269d6208d3
6b3055340fe39ede9f937cba17e1230bf8213ab44223324e7f8598a9e497581a
719c8d254545fb9bab1e3f4c99d94f4209253521bf8600240caf19f0d57b26d5
732d3038cffc852adde57cc51509924b478a45c898cefbb6e46b04448feff7e5
764262648df23049f6c23fe89dc20106a96c4624412a8ad20ec54bb7bbae6c6e
777162062d8c9f706eb668fdb4872c8e97f4f6f57ccd8e3f963d29b9abdc03eb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3
98b6545e91cac809a2479e79eacff209d481a13d587b041f7c3016081c477338
a3e3bd0c6249aec8fcbfc491ab635c3287b76e3206daa0c21fe2d63947f6f2f0
c217da5c0e1221b3cdff8d2e6ac15e53ebeb8d6f6db988578a93e7d78dbcdb74
c3a537ae5d8020c10896418cb8658af444cbb3f89d3543c7db596b624e38690d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0c8da105e3942965cf032c25db093698e244ee11cc23c52e52b506926083dfd
d313de2dc51ee6665981e3b1eb089ca992107c39a38f419e6928f8a7625aa778
dfc6cb0c3aa0913ea2023cebccf94e4b85a416ec4217133146ece249b549846a
e083ca305fe5020595b52c04499258219f69c8cb83ec0ffc1eb0f22815f5c60f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40a2eab86ceeef737fc6b73a07fb5e9e06b45022e48268c0add70e41e1ebfc1
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
e935f0541eff89bb38f9a731673d6dc149de92246a4eca373e245c9c9143067b
ed1c11ae5ec52f01b21ccfd2d0dfe8fa32806d6e19f7bb9f987a8006a47c3b56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd519783acde5751c27cbb7ce65deda904b3c64e0f43434c5bc30da0744051b6
ff5a64d1e62d0935868692c9c83a9285bee03ccf8d7e578be931c7cc4940f59c
ff7ba2bb4a92157e2f6abfc662ef47e9a267d67bc7f3dc2838066019faaa2e51

www.bestprofits-for-you-21.com Open in urlscan Pro 45.147.31.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

70 %HTTPS

69 %IPv6

21 Domains

32 Subdomains

25 IPs

8 Countries

559 kBTransfer

1504 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bestprofits-for-you-21.com Open in urlscan Pro
45.147.31.15 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

70 %
HTTPS

69 %
IPv6

21
Domains

32
Subdomains

25
IPs

8
Countries

559 kB
Transfer

1504 kB
Size

6
Cookies

61 HTTP transactions
0 data transactions