chick.cool Open in urlscan Pro
185.81.129.223 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://wpclk.net/cl/8156c1ff611ffafe
Effective URL:
https://chick.cool/soccer/?aff=affs-46&cid=63722ee99abb6d0001b849ba
Submission: On November 14 via api (November 14th 2022, 12:05:05 pm UTC) from JP — Scanned from JP

Summary HTTP 31 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 17 domains to perform 31 HTTP transactions. The main IP is 185.81.129.223, located in Latvia and belongs to NANO-AS, LV. The main domain is chick.cool.
TLS certificate: Issued by R3 on October 16th 2022. Valid for: 3 months.

This is the only time chick.cool was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::ac43:95f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2606:4700:303... 2606:4700:3035::6815:1e0e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	35.190.55.95 35.190.55.95	15169 (GOOGLE) (GOOGLE)
1 1	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
1 1	2606:4700:303... 2606:4700:3031::ac43:a80a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	185.81.129.223 185.81.129.223	43513 (NANO-AS) (NANO-AS)
2	2404:6800:400... 2404:6800:4004:810::200a	15169 (GOOGLE) (GOOGLE)
1 1	35.83.66.86 35.83.66.86	16509 (AMAZON-02) (AMAZON-02)
1 1	44.239.224.24 44.239.224.24	16509 (AMAZON-02) (AMAZON-02)
1 2	14.0.44.188 14.0.44.188	54994 (QUANTILNE...) (QUANTILNETWORKS)
11	207.120.40.9 207.120.40.9	3356 (LEVEL3) (LEVEL3)
2	117.18.232.200 117.18.232.200	15133 (EDGECAST) (EDGECAST)
1	2404:6800:400... 2404:6800:4004:811::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4004:821::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
2	162.247.241.14 162.247.241.14	() ()
31	11

1 2606:4700:3034::ac43:95f8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

wpclk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:1e0e (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

eu1.bvm2go.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.55.95 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 95.55.190.35.bc.googleusercontent.com

onclickperformance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.237 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

relkconka.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:a80a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

track.arcade.cash	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.81.129.223 (Latvia)

ASN43513 (NANO-AS, LV)
PTR: 40217domein.com

chick.cool	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:810::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.83.66.86 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-83-66-86.us-west-2.compute.amazonaws.com

rapidrtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.239.224.24 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-224-24.us-west-2.compute.amazonaws.com

fastlnd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 14.0.44.188 (Osaka, Japan) 1 redirects

ASN54994 (QUANTILNETWORKS, US)

secentr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geoip.enlistsecureup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 207.120.40.9 (United States)

ASN3356 (LEVEL3, US)

dvrtsng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 117.18.232.200 (Australia)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:811::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:821::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.241.14 (None, )

ASN- ()

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	dvrtsng.com dvrtsng.com	52 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1540 ka-p.fontawesome.com — Cisco Umbrella Rank: 3657	64 KB
4	chick.cool chick.cool	535 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 304 fonts.googleapis.com — Cisco Umbrella Rank: 43	65 KB
3	onclickperformance.com 2 redirects onclickperformance.com — Cisco Umbrella Rank: 144941	3 KB
2	nr-data.net bam.nr-data.net	1 KB
2	gstatic.com fonts.gstatic.com	136 KB
2	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 1109	37 KB
2	bvm2go.com 2 redirects eu1.bvm2go.com	973 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 334	18 KB
1	enlistsecureup.com geoip.enlistsecureup.com — Cisco Umbrella Rank: 501655	842 B
1	secentr.com 1 redirects secentr.com — Cisco Umbrella Rank: 489305	751 B
1	fastlnd.com 1 redirects fastlnd.com — Cisco Umbrella Rank: 847619	600 B
1	rapidrtr.com 1 redirects rapidrtr.com	661 B
1	arcade.cash 1 redirects track.arcade.cash	652 B
1	relkconka.com 1 redirects relkconka.com	775 B
1	wpclk.net 1 redirects wpclk.net	1 KB
31	17

	Domain	Requested by
11	dvrtsng.com	ajax.googleapis.com dvrtsng.com
4	chick.cool	onclickperformance.com chick.cool
3	ka-p.fontawesome.com	dvrtsng.com
3	onclickperformance.com	2 redirects
2	bam.nr-data.net	dvrtsng.com
2	fonts.gstatic.com	dvrtsng.com
2	ajax.aspnetcdn.com	dvrtsng.com
2	ajax.googleapis.com	chick.cool dvrtsng.com
2	eu1.bvm2go.com	2 redirects
1	js-agent.newrelic.com	dvrtsng.com
1	geoip.enlistsecureup.com	dvrtsng.com
1	kit.fontawesome.com	dvrtsng.com
1	fonts.googleapis.com	dvrtsng.com
1	secentr.com	1 redirects
1	fastlnd.com	1 redirects
1	rapidrtr.com	1 redirects
1	track.arcade.cash	1 redirects
1	relkconka.com	1 redirects
1	wpclk.net	1 redirects
31	19

This site contains links to these domains. Also see Links.

Domain
rapidrtr.com

Subject Issuer	Validity	Valid
onclickperformance.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-03` - `2023-01-03`	a year	crt.sh
chick.cool R3	`2022-10-16` - `2023-01-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
dvrtsng.com R3	`2022-10-13` - `2023-01-11`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
*.enlistsecureup.com AlphaSSL CA - SHA256 - G2	`2022-01-07` - `2023-02-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://chick.cool/soccer/?aff=affs-46&cid=63722ee99abb6d0001b849ba
Frame ID: 0C3D756FB098317890EE361C6CCA0E29
Requests: 6 HTTP requests in this frame

Frame: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
Frame ID: 73FDCA88B7151E7933AC61DD96BB0214
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Soccer

Page URL History Show full URLs

https://wpclk.net/cl/8156c1ff611ffafe HTTP 302
https://eu1.bvm2go.com/request/be46e2a7-1602-400e-ba26-3dfb50b8f0b9/?tb=gg-tb HTTP 301
https://eu1.bvm2go.com/request/be46e2a7-1602-400e-ba26-3dfb50b8f0b9?tb=gg-tb HTTP 302
https://onclickperformance.com/jump/next.php?r=5936582&pub_clickid=cdp2tplip8jlqae2fmeg&earnings=[payout]&s... Page URL
https://onclickperformance.com/jump/next.php?stamat=m%257CZj43LSYiaQdHkBH0dEdHP3xP.1c5%252CTwuhcE9ytvGl4nFR... HTTP 302
https://onclickperformance.com/script/i.php?stamat=m%257C%252C%252CgjM6I2O2oGU3BE-GH0dEdHP3xP.5e5%252CfgzwD... HTTP 302
https://relkconka.com/link?z=5524847&var=5936582-746650642-1414483044&ymid=166842749510000TJPTV436... HTTP 302
https://track.arcade.cash/click?pid=46&offer_id=113&sub1=615991850744164890&sub5=5524847_5936582-74665... HTTP 302
https://chick.cool/soccer/?aff=affs-46&cid=63722ee99abb6d0001b849ba Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

100 %
HTTPS

41 %
IPv6

17
Domains

19
Subdomains

11
IPs

5
Countries

912 kB
Transfer

1757 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://rapidrtr.com/cr.php?cid=501&ACT=68334&TRK=affs-46.63722ee99abb6d0001b849ba

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://wpclk.net/cl/8156c1ff611ffafe HTTP 302
https://eu1.bvm2go.com/request/be46e2a7-1602-400e-ba26-3dfb50b8f0b9/?tb=gg-tb HTTP 301
https://eu1.bvm2go.com/request/be46e2a7-1602-400e-ba26-3dfb50b8f0b9?tb=gg-tb HTTP 302
https://onclickperformance.com/jump/next.php?r=5936582&pub_clickid=cdp2tplip8jlqae2fmeg&earnings=[payout]&sub1=20f90d2c-6095-490a-996d-811213357ee8&sub2=be46e2a7-1602-400e-ba26-3dfb50b8f0b9 Page URL
https://onclickperformance.com/jump/next.php?stamat=m%257CZj43LSYiaQdHkBH0dEdHP3xP.1c5%252CTwuhcE9ytvGl4nFRHB_Ai2sp7yao2IgrkDg0b0fQ-Zkhk8qUejHw5QTkAIDQoe4g5mx1o3F6KFvu_MvQd0U7OXZqkcGzc5GqkE1Y_SQg-mQT5EKr2GNjceZsEKVxgm3-WOWlg83McNrVeqvF4vT-logzrZLBoF2OV5Hbqrfu5dYAg5XLKwWoUlFXf7yg-pw9Tk-1Txz3-Al1Q2HKLv_slQ%252C%252C&cbpage=https://onclickperformance.com/jump/next.php?r=5936582&pub_clickid=cdp2tplip8jlqae2fmeg&earnings=[payout]&sub1=20f90d2c-6095-490a-996d-811213357ee8&sub2=be46e2a7-1602-400e-ba26-3dfb50b8f0b9&cbur=0.20240444854620177&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
https://onclickperformance.com/script/i.php?stamat=m%257C%252C%252CgjM6I2O2oGU3BE-GH0dEdHP3xP.5e5%252CfgzwDLkrTKctrzYHgmNmmOUfmOi9xGYubXagVWxINRk424xdMFhzcehmMcBUc_WEeUzx9QBEGBUEmyx1oiqErFlifA6g03_c5h50v3hTMfwJ1dQcp8bMekfZHpFmaHRrh3KilE6W00t09Jp_nA2KYHFcQ8o4s-pyAhGRsParun0b2dl8ck6HiQ0CLbOHZHlE9qaJT1LXJG2_0_7MMqsLT-VEV6GA7_b3iOWwFgw91mZ-WjwDDccJPsgOaqdemmphZWdj34XJB89J-AsXBcSyYzBNqGV8VxyxUH3x-FB-tb8rPyjQIiY4xgM-INXnomwjCGR9kmXPWJcRwAGeRWpl4bCjg6gqaZ_N6dMCUwMr7zoUqOfGlputPR195ltF0-DPbQ2rnFDKVR3U4MqIat-KrSI6Q4eOsQ3N6TOt1eKSqwmMjKHrYtAKkiHWq1w-QOi68scnKu0DKh3AGkyGtQgBfVMcfsG_x-1ElGVs4alf6ialMVjRO-7mZ077sXWHNNygN7fna1xgrymJX6fnGPiuMYf2DCQHM6Dvjn75P7Zco6ZhpOKO0TNem7EZPLhztoXooD9dbMdDm_aspKhp0gMcaSAvcDDwBEdpGO8GKS31_AmeseIrNkXjFKJN-i_JYfsJAPKLCex-zR1t7n6X17Rs5tjZTvhtV5LOuCp9skwOdT4%252C HTTP 302
https://relkconka.com/link?z=5524847&var=5936582-746650642-1414483044&ymid=166842749510000TJPTV436497644104Va9 HTTP 302
https://track.arcade.cash/click?pid=46&offer_id=113&sub1=615991850744164890&sub5=5524847_5936582-746650642-1414483044 HTTP 302
https://chick.cool/soccer/?aff=affs-46&cid=63722ee99abb6d0001b849ba Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://wpclk.net/cl/8156c1ff611ffafe HTTP 302
https://eu1.bvm2go.com/request/be46e2a7-1602-400e-ba26-3dfb50b8f0b9/?tb=gg-tb HTTP 301
https://eu1.bvm2go.com/request/be46e2a7-1602-400e-ba26-3dfb50b8f0b9?tb=gg-tb HTTP 302
https://onclickperformance.com/jump/next.php?r=5936582&pub_clickid=cdp2tplip8jlqae2fmeg&earnings=[payout]&sub1=20f90d2c-6095-490a-996d-811213357ee8&sub2=be46e2a7-1602-400e-ba26-3dfb50b8f0b9

Request Chain 5

https://rapidrtr.com/cr.php?cid=501&ACT=68334&TRK=affs-46.63722ee99abb6d0001b849ba HTTP 302
https://fastlnd.com/ep.php/prmagms:73163/68334:affs-46.63722ee99abb6d0001b849ba.mqmb111443500 HTTP 302
https://secentr.com/signup/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500 HTTP 302
https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

next.php
onclickperformance.com/jump/
Redirect Chain

https://wpclk.net/cl/8156c1ff611ffafe
https://eu1.bvm2go.com/request/be46e2a7-1602-400e-ba26-3dfb50b8f0b9/?tb=gg-tb
https://eu1.bvm2go.com/request/be46e2a7-1602-400e-ba26-3dfb50b8f0b9?tb=gg-tb
https://onclickperformance.com/jump/next.php?r=5936582&pub_clickid=cdp2tplip8jlqae2fmeg&earnings=[payout]&sub1=20f90d2c-6095-490a-996d-811213357ee8&sub2=be46e2a7-1602-400e-ba26-3dfb50b8f0b9

8 KB
3 KB

323ms
207ms

Document
text/html

35.190.55.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://onclickperformance.com/jump/next.php?r=5936582&pub_clickid=cdp2tplip8jlqae2fmeg&earnings=[payout]&sub1=20f90d2c-6095-490a-996d-811213357ee8&sub2=be46e2a7-1602-400e-ba26-3dfb50b8f0b9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.55.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.55.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 14 Nov 2022 12:04:55 GMT
server: openresty
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 769f9cc25acc3547-NRT
content-type: text/html; charset=utf-8
date: Mon, 14 Nov 2022 12:04:55 GMT
location: https://onclickperformance.com/jump/next.php?r=5936582&pub_clickid=cdp2tplip8jlqae2fmeg&earnings=[payout]&sub1=20f90d2c-6095-490a-996d-811213357ee8&sub2=be46e2a7-1602-400e-ba26-3dfb50b8f0b9
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HemqFldAjtbZsIxGPbIv1%2BrTWpahncFpUX%2FXkr2JMJPB%2Bgmb8I1RrdouKhq2L8b9j6g16%2FYT0rROV7ZVDsqZg2JTKpFH4K9B1EgVG6UF16EplWbtc8UkIfNJJDAzYVe15209lFEnost70dFqBg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1

200
OK

Primary Request / Show response
chick.cool/soccer/
Redirect Chain

https://onclickperformance.com/jump/next.php?stamat=m%257CZj43LSYiaQdHkBH0dEdHP3xP.1c5%252CTwuhcE9ytvGl4nFRHB_Ai2sp7yao2IgrkDg0b0fQ-Zkhk8qUejHw5QTkAIDQoe4g5mx1o3F6KFvu_MvQd0U7OXZqkcGzc5GqkE1Y_SQg-m...
https://onclickperformance.com/script/i.php?stamat=m%257C%252C%252CgjM6I2O2oGU3BE-GH0dEdHP3xP.5e5%252CfgzwDLkrTKctrzYHgmNmmOUfmOi9xGYubXagVWxINRk424xdMFhzcehmMcBUc_WEeUzx9QBEGBUEmyx1oiqErFlifA6g03_...
https://relkconka.com/link?z=5524847&var=5936582-746650642-1414483044&ymid=166842749510000TJPTV436497644104Va9
https://track.arcade.cash/click?pid=46&offer_id=113&sub1=615991850744164890&sub5=5524847_5936582-746650642-1414483044
https://chick.cool/soccer/?aff=affs-46&cid=63722ee99abb6d0001b849ba

861 B
1 KB

1785ms
298ms

Document
text/html

185.81.129.223
NANO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://chick.cool/soccer/?aff=affs-46&cid=63722ee99abb6d0001b849ba

Requested by

Host: onclickperformance.com
URL: https://onclickperformance.com/jump/next.php?r=5936582&pub_clickid=cdp2tplip8jlqae2fmeg&earnings=[payout]&sub1=20f90d2c-6095-490a-996d-811213357ee8&sub2=be46e2a7-1602-400e-ba26-3dfb50b8f0b9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.81.129.223 , Latvia, ASN43513 (NANO-AS, LV),

Reverse DNS

40217domein.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/5.4.16

Resource Hash

05d9f7a65ad08df6165ab3d66492b0fd36bb536cce14d1538e5f2b51ea438bfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://onclickperformance.com/jump/next.php?r=5936582&pub_clickid=cdp2tplip8jlqae2fmeg&earnings=[payout]&sub1=20f90d2c-6095-490a-996d-811213357ee8&sub2=be46e2a7-1602-400e-ba26-3dfb50b8f0b9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 861
Content-Type: text/html
Date: Mon, 14 Nov 2022 12:04:59 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Strict-Transport-Security: max-age=31536000; preload
X-Powered-By: PHP/5.4.16

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 769f9cd0292f3408-NRT
content-length: 0
date: Mon, 14 Nov 2022 12:04:57 GMT
location: https://chick.cool/soccer/?aff=affs-46&cid=63722ee99abb6d0001b849ba
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gsGLgVvlKr1nCXblNWseYRpIxXEzzXZsWIcflQEh8dRh98TIHQQoJ5dzmBo4AGoI6ABtZIgD3mnPC2yMB29pffZn6dRF5JxGfbX9jWlcBR8ItpMqRdNhB%2BsoHxdyrODdS%2FcDn%2BJabeEsPlqVa9rX6w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-adjust-use-original-forwarded-for: 1

GET
H/1.1 200
OK styles.css
chick.cool/soccer/css/ 4 KB
4 KB 305ms
305ms Stylesheet
text/css 185.81.129.223
NANO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://chick.cool/soccer/css/styles.css

Requested by

Host: chick.cool
URL: https://chick.cool/soccer/?aff=affs-46&cid=63722ee99abb6d0001b849ba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.81.129.223 , Latvia, ASN43513 (NANO-AS, LV),

Reverse DNS

40217domein.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /

Resource Hash

6f660665f533f626043f096e732e1d5dcf735da6c79db157eb0575ed36563abb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://chick.cool/soccer/?aff=affs-46&cid=63722ee99abb6d0001b849ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 12:04:59 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Tue, 15 Jun 2021 04:34:48 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "e5b-5c4c67e794a00"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3675

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 82ms
14ms Script
text/javascript 2404:6800:4004:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: chick.cool
URL: https://chick.cool/soccer/?aff=affs-46&cid=63722ee99abb6d0001b849ba

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://chick.cool/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 01:03:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 01:03:43 GMT

GET
H/1.1 200
OK js.js Show response
chick.cool/soccer/js/ 177 B
574 B 304ms
304ms Script
application/javascript 185.81.129.223
NANO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://chick.cool/soccer/js/js.js

Requested by

Host: chick.cool
URL: https://chick.cool/soccer/?aff=affs-46&cid=63722ee99abb6d0001b849ba

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.81.129.223 , Latvia, ASN43513 (NANO-AS, LV),

Reverse DNS

40217domein.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /

Resource Hash

11682e3b77f62f75b683e70ed5b7b662e390db55e3af9ab504d9aea53635a5f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://chick.cool/soccer/?aff=affs-46&cid=63722ee99abb6d0001b849ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 12:04:59 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Tue, 15 Jun 2021 04:29:34 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "b1-5c4c66bc20780"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 177

GET
H/1.1 200
OK bg.jpg
chick.cool/soccer/images/ 528 KB
529 KB 334ms
334ms Image
image/jpeg 185.81.129.223
NANO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chick.cool/soccer/images/bg.jpg

Requested by

Host: chick.cool
URL: https://chick.cool/soccer/css/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.81.129.223 , Latvia, ASN43513 (NANO-AS, LV),

Reverse DNS

40217domein.com

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /

Resource Hash

77e3619c2c01561a910e5903c764e9712006d22e8f3854ad0bf45b9bd7653106

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://chick.cool/soccer/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 12:04:59 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Tue, 15 Jun 2021 04:20:16 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "841fa-5c4c64a7fa000"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 541178

GET
H2

200

/ Show response
dvrtsng.com/acct/epc68334/add/ Frame 73FD
Redirect Chain

https://rapidrtr.com/cr.php?cid=501&ACT=68334&TRK=affs-46.63722ee99abb6d0001b849ba
https://fastlnd.com/ep.php/prmagms:73163/68334:affs-46.63722ee99abb6d0001b849ba.mqmb111443500
https://secentr.com/signup/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500
https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wd...

58 KB
21 KB

624ms
459ms

Document
text/html

207.120.40.9
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.120.40.9 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: 3df377e3841b226d9bfeedb8cc490d2c8e53fdff1b9c26a1409454073ccedbac

Request headers

Referer: https://chick.cool/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 21044
content-type: text/html; charset=UTF-8
date: Mon, 14 Nov 2022 12:05:02 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
section-io-cache: Miss
section-io-id: 5a342c0581b842b4c297d4bc02e2bf2b
vary: Accept-Encoding
via: 1.1 varnish (Varnish/7.0)
x-varnish: 14049828

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Mon, 14 Nov 2022 12:05:01 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
server: PWS/8.3.1.0.8
via: 1.1 PSmglsjLAX2qg174:7 (W), 1.1 PSrbdjTYO3uj134:4 (W)
x-px: ms PSrbdjTYO3uj134HND,ms PSmglsjLAX2qg174LAX(origin)
x-ws-request-id: 63722eed_PSrbdjTYO3an135_47732-34988

GET
H2 200 bootstrap.min.css
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/ Frame 73FD 118 KB
27 KB 213ms
43ms Stylesheet
text/css 117.18.232.200
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: dvrtsng.com
URL: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.232.200 , Australia, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (tka/8922) /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dvrtsng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11122841
x-cache: HIT
content-length: 27676
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:10:18 GMT
server: ECAcc (tka/8922)
etag: "794840f2cb33d21:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 icon
fonts.googleapis.com/ Frame 73FD 569 B
869 B 215ms
86ms Stylesheet
text/css 2404:6800:4004:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dvrtsng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 12:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:05:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Nov 2022 12:05:02 GMT

GET
H2 200 pagstatic.css
dvrtsng.com/common_tpls/compactML/css/ Frame 73FD 44 KB
8 KB 44ms
43ms Stylesheet
text/css 207.120.40.9
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://dvrtsng.com/common_tpls/compactML/css/pagstatic.css
Requested by: Host: dvrtsng.com
URL: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.120.40.9 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: 99c453d2813a0112881d33205f871fe1d51d531f4168af366b80297eee22d8cd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:05:02 GMT
content-encoding: gzip
section-io-cache-id: 5fd3ecda6a2aeee49c9f8d77d5e3f6ed
last-modified: Thu, 10 Jun 2021 15:38:34 GMT
age: 15332
etag: W/"60c231fa-b185"
vary: Accept-Encoding
content-type: text/css
x-varnish: 2861210 12712353
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: a0f96e37f54c079c72127ea097c27869
content-length: 8248

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame 73FD 86 KB
30 KB 156ms
61ms Script
text/javascript 2404:6800:4004:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dvrtsng.com/
Origin: https://dvrtsng.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 00:50:04 GMT

GET
H2 200 bootstrap.min.js Show response
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/ Frame 73FD 36 KB
10 KB 211ms
42ms Script
application/javascript 117.18.232.200
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.232.200 , Australia, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (tka/897B) /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dvrtsng.com/
Origin: https://dvrtsng.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12853486
x-cache: HIT
content-length: 9839
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:09:59 GMT
server: ECAcc (tka/897B)
etag: "80bdc1e6cb33d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 b314bdf1b3.js Show response
kit.fontawesome.com/ Frame 73FD 11 KB
4 KB 177ms
79ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/b314bdf1b3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f407eed3de87bf0000c7d0673961f460c2b25348c80dd8fa239bfea6479d39c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://dvrtsng.com/
Origin: https://dvrtsng.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:05:02 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 769f9cf14f4ae3a7-NRT
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: FydPXgMEZfUbNgxynDth

GET
H2 200 form_support.js Show response
dvrtsng.com/common_tpls/js/ Frame 73FD 3 KB
1 KB 42ms
41ms Script
application/javascript 207.120.40.9
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://dvrtsng.com/common_tpls/js/form_support.js?v=1101202201
Requested by: Host: dvrtsng.com
URL: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.120.40.9 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: 004d8956fe7514382f7f52d73b4a018ffaa11a332eda42e59a8f3f14299a40d4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:05:02 GMT
via: 1.1 varnish (Varnish/7.0)
section-io-cache-id: 18298ed6f8d076ddfc85f42897059f27
last-modified: Tue, 01 Nov 2022 21:07:07 GMT
age: 9388
etag: W/"63618a7b-a70"
vary: Accept-Encoding
x-varnish: 13500212 13227274
content-type: application/javascript
content-encoding: gzip
section-io-cache: Hit
section-io-id: b9e0a5c0de0a6fcb3e86e39244c8468d

GET
H2 200 validate_form_v2.js Show response
dvrtsng.com/common_tpls/js/ Frame 73FD 24 KB
6 KB 45ms
44ms Script
application/javascript 207.120.40.9
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://dvrtsng.com/common_tpls/js/validate_form_v2.js?jsv=29
Requested by: Host: dvrtsng.com
URL: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.120.40.9 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: 9f1dd7e6654df9384fa10dc39fbadb13e844319400af27c73652362bfbed1e35

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:05:02 GMT
via: 1.1 varnish (Varnish/7.0)
section-io-cache-id: 3588afd5a6646500a6b3bd9a587c1692
last-modified: Tue, 01 Nov 2022 21:07:07 GMT
age: 353
etag: W/"63618a7b-614a"
vary: Accept-Encoding
x-varnish: 3033483 14225232
content-type: application/javascript
content-encoding: gzip
section-io-cache: Hit
section-io-id: 21bd42db8957ea57bb2dec7b5612bff5

GET
H2 200 / Show response
geoip.enlistsecureup.com/ Frame 73FD 391 B
842 B 400ms
206ms Script
application/javascript 14.0.44.188
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.enlistsecureup.com/?v=1
Requested by: Host: dvrtsng.com
URL: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 14.0.44.188 Osaka, Japan, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: waf/4.31.19-2.el6 /
Resource Hash: 8dc0dc1cf8cdc17f88d013ada9c5335657fd2ed7b906eb3412300a9a42c7924e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dvrtsng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 12:05:02 GMT
server: waf/4.31.19-2.el6
x-ws-request-id: 63722eee_PSrbdjTYO3an135_39709-51798
x-via: 1.1 PS-SJC-01Dpd180:0 (Cdn Cache Server V2.0), 1.1 PSrbdbOSA2sj134:1 (Cdn Cache Server V2.0), 1.1 PSrbdjTYO3tc137:14 (Cdn Cache Server V2.0)
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: 0

GET
H2 200 ajax-loader.gif
dvrtsng.com/common_tpls/images/ Frame 73FD 3 KB
3 KB 58ms
57ms Image
image/gif 207.120.40.9
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dvrtsng.com/common_tpls/images/ajax-loader.gif
Requested by: Host: dvrtsng.com
URL: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.120.40.9 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:05:02 GMT
via: 1.1 varnish (Varnish/7.0)
section-io-cache-id: a3d5bef1766a79e0748814f9f3f2f84c
last-modified: Mon, 07 Oct 2013 22:49:23 GMT
age: 6066
etag: "52533a73-c88"
x-varnish: 14655802 14590463
content-type: image/gif
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 7ff7b5e7b8e64bbb788c822ccd0965d0
content-length: 3208

GET
H2 200 email.png
dvrtsng.com/common_tpls/images/icons/ Frame 73FD 1 KB
1 KB 57ms
57ms Image
image/png 207.120.40.9
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dvrtsng.com/common_tpls/images/icons/email.png
Requested by: Host: dvrtsng.com
URL: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.120.40.9 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:05:02 GMT
via: 1.1 varnish (Varnish/7.0)
section-io-cache-id: 0b8764c274df82c6c196affc53489781
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
age: 4954
etag: "599b3535-4e6"
x-varnish: 14587056 14204527
content-type: image/png
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 5ad5a336666f252353eb62cd3c0cd602
content-length: 1254

GET
H2 200 password.png
dvrtsng.com/common_tpls/images/icons/ Frame 73FD 1 KB
2 KB 40ms
40ms Image
image/png 207.120.40.9
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dvrtsng.com/common_tpls/images/icons/password.png
Requested by: Host: dvrtsng.com
URL: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.120.40.9 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: 8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:05:02 GMT
via: 1.1 varnish (Varnish/7.0)
section-io-cache-id: 3370d5204d46616b34a1fb6e635e1a42
last-modified: Tue, 22 Aug 2017 16:34:59 GMT
age: 4954
etag: "599c5d33-5ac"
x-varnish: 13095702 2600926
content-type: image/png
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 11297071cb1aa3b75151e56a5ded8ddb
content-length: 1452

GET
H2 200 fname.png
dvrtsng.com/common_tpls/images/icons/ Frame 73FD 2 KB
2 KB 39ms
38ms Image
image/png 207.120.40.9
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dvrtsng.com/common_tpls/images/icons/fname.png
Requested by: Host: dvrtsng.com
URL: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.120.40.9 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: d43abf8c5665519a3fe3f7e90298fc17b62e06d8ada1b90a44ea9985a62abb4d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:05:02 GMT
via: 1.1 varnish (Varnish/7.0)
section-io-cache-id: 3c4860001816ba1684e4005e7e275c61
last-modified: Tue, 28 Nov 2017 20:52:02 GMT
age: 4026
etag: "5a1dcc72-671"
x-varnish: 14428977 13877160
content-type: image/png
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 05af585b6c51cd06030bf21de1a2fe35
content-length: 1649

GET
H2 200 address.png
dvrtsng.com/common_tpls/images/icons/ Frame 73FD 1 KB
1 KB 36ms
36ms Image
image/png 207.120.40.9
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dvrtsng.com/common_tpls/images/icons/address.png
Requested by: Host: dvrtsng.com
URL: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.120.40.9 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: 67756f8b542c7823bcdba421219c3b8e1ee472748d8c3463534f667271356dfb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:05:02 GMT
via: 1.1 varnish (Varnish/7.0)
section-io-cache-id: 854e71c00c323cbd670cf6810a03bb53
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
age: 9145
etag: "599b3535-48f"
x-varnish: 14689172 14521546
content-type: image/png
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 4925a82b2e66591ad3b7c10a674f263b
content-length: 1167

GET
H2 200 iframeResizer.contentWindow.min.js Show response
dvrtsng.com/common_tpls/js/ Frame 73FD 13 KB
5 KB 51ms
51ms Script
application/javascript 207.120.40.9
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://dvrtsng.com/common_tpls/js/iframeResizer.contentWindow.min.js
Requested by: Host: dvrtsng.com
URL: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.120.40.9 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: 7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:05:02 GMT
via: 1.1 varnish (Varnish/7.0)
section-io-cache-id: f77fb6a23c4b427a0e8eac3501bc0185
last-modified: Thu, 04 Feb 2016 15:06:03 GMT
age: 6066
etag: W/"56b368db-3445"
vary: Accept-Encoding
x-varnish: 14879125 2731546
content-type: application/javascript
content-encoding: gzip
section-io-cache: Hit
section-io-id: 88affb29195ca38cff0fd82ed0524300

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ Frame 73FD 315 KB
53 KB 72ms
65ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
Requested by: Host: dvrtsng.com
URL: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dvrtsng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:05:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 41036
etag: "610ae215-d3b2"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 769f9cf2288fe3a7-NRT
content-length: 54194

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ Frame 73FD 26 KB
4 KB 69ms
63ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
Requested by: Host: dvrtsng.com
URL: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dvrtsng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:05:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 41036
etag: "610ae215-1062"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 769f9cf2288be3a7-NRT
content-length: 4194

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ Frame 73FD 27 KB
3 KB 130ms
124ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
Requested by: Host: dvrtsng.com
URL: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dvrtsng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:05:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 41036
etag: "610ae215-a2b"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 769f9cf2288ee3a7-NRT
content-length: 2603

GET
H2 200 pxiByp8kv8JHgFVrLGT9V1s.ttf
fonts.gstatic.com/s/poppins/v15/ Frame 73FD 149 KB
67 KB 154ms
53ms Font
font/ttf 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9V1s.ttf

Requested by

Host: dvrtsng.com
URL: https://dvrtsng.com/common_tpls/compactML/css/pagstatic.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff15d6d64194fa82354d5ac1cda9fdbfebeefeb801796142fcc4cc14634c3b88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dvrtsng.com/
Origin: https://dvrtsng.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 11:04:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 522023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68933
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 11:04:39 GMT

GET
H2 200 pxiEyp8kv8JHgFVrFJA.ttf
fonts.gstatic.com/s/poppins/v15/ Frame 73FD 151 KB
69 KB 128ms
26ms Font
font/ttf 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrFJA.ttf

Requested by

Host: dvrtsng.com
URL: https://dvrtsng.com/common_tpls/compactML/css/pagstatic.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15c65d98b0f35d3bc057596a5a4b007f4a3f6a183aecffc38941d6c40b3c34da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dvrtsng.com/
Origin: https://dvrtsng.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 02:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69581
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Nov 2023 02:49:32 GMT

GET
H2 200 / Show response
dvrtsng.com/acct/trk/ Frame 73FD 21 B
331 B 202ms
202ms XHR
text/json 207.120.40.9
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://dvrtsng.com/acct/trk/?rtid=91082204129
Requested by: Host: dvrtsng.com
URL: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.120.40.9 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: 24c3ae94619ebe01dbff5d3d9acddc0d08b0a67592023731b538c4f58cde98d1

Request headers

X-NewRelic-ID: VwUCVFRWCBAJV1dSDwkPVV0=
tracestate: 3355250@nr=0-1-3355250-1103078842-ef8c198f57daecc3----1668427502607
traceparent: 00-f3c97390596f94cf436a56e7e867924b-ef8c198f57daecc3-01
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzNTUyNTAiLCJhcCI6IjExMDMwNzg4NDIiLCJpZCI6ImVmOGMxOThmNTdkYWVjYzMiLCJ0ciI6ImYzYzk3MzkwNTk2Zjk0Y2Y0MzZhNTZlN2U4Njc5MjRiIiwidGkiOjE2Njg0Mjc1MDI2MDd9fQ==
Accept: */*
Referer: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
X-Requested-With: XMLHttpRequest

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 12:05:02 GMT
via: 1.1 varnish (Varnish/7.0)
age: 0
content-type: text/json;charset=UTF-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish: 14428979
cache-control: no-store, no-cache, must-revalidate
section-io-cache: Miss
section-io-id: 482b5c0da978725780bc695dfd2d18c0
content-length: 21
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ Frame 73FD 49 KB
18 KB 115ms
37ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by: Host: dvrtsng.com
URL: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dvrtsng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding: gzip
via: 1.1 varnish
date: Mon, 14 Nov 2022 12:05:02 GMT
x-amz-request-id: 74FHZCD9B0RMVCZC
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 18216
x-amz-id-2: 5LAEJgPjrBgLuNRBxkbPeKRQcfYkMYO/V8pC9EsY4zEOyof5yPEcPf5YsCNzoQz2LYsdT6bOy/w=
x-served-by: cache-tyo11950-TYO
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1668427503.898019,VS0,VE0
etag: "63e2df852d15ab21d7ff8fc4363222e8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3221

GET
H/1.1 200
OK NRJS-53a3e8e5a523894a2ee Show response
bam.nr-data.net/1/ Frame 73FD 49 B
625 B 700ms
417ms Script
text/javascript 162.247.241.14

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=2982&ck=1&ref=https://dvrtsng.com/acct/epc68334/add/&ap=93&be=2213&fe=2852&dc=2649&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1668427499948,%22n%22:0,%22f%22:1538,%22dn%22:1539,%22dne%22:1546,%22c%22:1546,%22s%22:1617,%22ce%22:1703,%22rq%22:1703,%22rp%22:2163,%22rpe%22:2211,%22dl%22:2170,%22di%22:2649,%22ds%22:2649,%22de%22:2650,%22dc%22:2852,%22l%22:2852,%22le%22:2853%7D,%22navigation%22:%7B%7D%7D&fp=2647&fcp=2647&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
Requested by: Host: dvrtsng.com
URL: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dvrtsng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 12:05:03 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 769f9cf73b46e354-NRT

POST
H/1.1 200
OK NRJS-53a3e8e5a523894a2ee Show response
bam.nr-data.net/events/1/ Frame 73FD 24 B
399 B 414ms
414ms XHR
image/gif 162.247.241.14

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=3688&ck=1&ref=https://dvrtsng.com/acct/epc68334/add/
Requested by: Host: dvrtsng.com
URL: https://dvrtsng.com/acct/epc68334/add/?epcVIP=48.1066.g98&email=&password=&firstname=&lastname=&zip=&lang=en&act=epc68334.47336-160956.affs-46.63722ee99abb6d0001b849ba.mqmb111443500&epcCID=4ee5F8wdK2b2Ad41x9FauaC1Q6AcmdafT&rtid=91082204129
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://dvrtsng.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 14 Nov 2022 12:05:04 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://dvrtsng.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 769f9cf9eef2e354-NRT
Content-Length: 24

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
wpclk.net/	1970-01-20 07:27:11	Name: sbc8156c1ff611ffafe Value: eyJpdiI6IlZmZU5KZ1VCa2RRTklMTW9hNDM0Mmc9PSIsInZhbHVlIjoiekVNOU9EUXVMTXU4bDBtYlgxdVAyZz09IiwibWFjIjoiMTQwMDBiMTQ4MTk5NjA2NGNjNmMyNTY1MjhlODk2ZTIyNTI0ZmQwOTQ0N2ZkMDdhMDQ3MjFiYWRiYWUzZjA5MSIsInRhZyI6IiJ9
wpclk.net/	1970-01-20 09:36:43	Name: vis Value: eyJpdiI6Ik80OFR2S1VERGludS9KdWYxL2NscFE9PSIsInZhbHVlIjoiR0xoci9GRmdEWkFzV2tRSFoyaE4rUT09IiwibWFjIjoiMjg1YTBiNmJjZDZjYWY0NjM1ODFhM2E3NzhhY2FjOTUxMjFlMTZhNjMyYmZhY2I5NjUwZDRjOGRkYzgxMDUyMiIsInRhZyI6IiJ9
eu1.bvm2go.com/	1970-01-20 07:28:33	Name: vrt-be46e2a7-1602-400e-ba26-3dfb50b8f0b9 Value: 1
relkconka.com/	1970-01-20 16:12:43	Name: OAID Value: 4f73e6c6fcb34767aa0b0e1209a52e2d
relkconka.com/	1970-01-20 16:12:43	Name: oaidts Value: 1668427496
relkconka.com/	1970-01-20 16:12:43	Name: OXCCLK Value: 6310441.1
relkconka.com/	1970-01-20 16:12:43	Name: allcnt Value: 1
track.arcade.cash/	1970-01-20 16:12:43	Name: afclick Value: 63722ee99abb6d0001b849ba
track.arcade.cash/	1970-01-20 16:12:43	Name: afoffers Value: {"113":1668427497}
rapidrtr.com/	1970-01-20 07:37:12	Name: AWSALBCORS Value: CGTgeIJh0UT4Pjr681+QCXoK9yEBOaEXz3Lop23gvklN2mn3o6cg8NAAy35dPhZP4KrBetCrnFt1cc5so+opc7EHhLW0DAF68VGQJIDn2BUMkvQ5/7S5ewEl1/pb
fastlnd.com/	1970-01-20 07:37:12	Name: AWSALBCORS Value: Db+rEoBtgydNku3VLWf3TYGU9MayOoq+K1mP8+OjCchN/AilMvJYt7abRyM+K/dn/LNH2dgkWpaLmbRGZa2PMAYXPKqYa9E411m2xnedROFoSuMSumPcNS/E/tp8
secentr.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 53403418252a3d1987cba08bd028d207
dvrtsng.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: a47b390ae1e091e129482fec11553b35

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
ajax.googleapis.com
bam.nr-data.net
chick.cool
dvrtsng.com
eu1.bvm2go.com
fastlnd.com
fonts.googleapis.com
fonts.gstatic.com
geoip.enlistsecureup.com
js-agent.newrelic.com
ka-p.fontawesome.com
kit.fontawesome.com
onclickperformance.com
rapidrtr.com
relkconka.com
secentr.com
track.arcade.cash
wpclk.net
117.18.232.200
139.45.197.237
14.0.44.188
151.101.2.137
162.247.241.14
185.81.129.223
207.120.40.9
2404:6800:4004:810::200a
2404:6800:4004:811::200a
2404:6800:4004:821::2003
2606:4700:3031::ac43:a80a
2606:4700:3034::ac43:95f8
2606:4700:3035::6815:1e0e
2606:4700::6812:1734
35.190.55.95
35.83.66.86
44.239.224.24
004d8956fe7514382f7f52d73b4a018ffaa11a332eda42e59a8f3f14299a40d4
05d9f7a65ad08df6165ab3d66492b0fd36bb536cce14d1538e5f2b51ea438bfc
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
11682e3b77f62f75b683e70ed5b7b662e390db55e3af9ab504d9aea53635a5f9
15c65d98b0f35d3bc057596a5a4b007f4a3f6a183aecffc38941d6c40b3c34da
24c3ae94619ebe01dbff5d3d9acddc0d08b0a67592023731b538c4f58cde98d1
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
3df377e3841b226d9bfeedb8cc490d2c8e53fdff1b9c26a1409454073ccedbac
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6
4f407eed3de87bf0000c7d0673961f460c2b25348c80dd8fa239bfea6479d39c
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67756f8b542c7823bcdba421219c3b8e1ee472748d8c3463534f667271356dfb
6f660665f533f626043f096e732e1d5dcf735da6c79db157eb0575ed36563abb
77e3619c2c01561a910e5903c764e9712006d22e8f3854ad0bf45b9bd7653106
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b
8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74
8dc0dc1cf8cdc17f88d013ada9c5335657fd2ed7b906eb3412300a9a42c7924e
99c453d2813a0112881d33205f871fe1d51d531f4168af366b80297eee22d8cd
9f1dd7e6654df9384fa10dc39fbadb13e844319400af27c73652362bfbed1e35
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60
d43abf8c5665519a3fe3f7e90298fc17b62e06d8ada1b90a44ea9985a62abb4d
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355
ff15d6d64194fa82354d5ac1cda9fdbfebeefeb801796142fcc4cc14634c3b88

chick.cool Open in urlscan Pro 185.81.129.223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

100 %HTTPS

41 %IPv6

17 Domains

19 Subdomains

11 IPs

5 Countries

912 kBTransfer

1757 kBSize

13 Cookies

1 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

chick.cool Open in urlscan Pro
185.81.129.223 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

100 %
HTTPS

41 %
IPv6

17
Domains

19
Subdomains

11
IPs

5
Countries

912 kB
Transfer

1757 kB
Size

13
Cookies

31 HTTP transactions
0 data transactions