urlscan.io logo urlscan.io
SecurityTrails logo

affsenseco.systeme.io Open in urlscan Pro
13.226.154.88  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/2Ync0Be
Effective URL: https://affsenseco.systeme.io/ca69d61c
Submission: On June 22 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 12 domains to perform 14 HTTP transactions. The main IP is 13.226.154.88, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is affsenseco.systeme.io.
TLS certificate: Issued by Amazon on March 25th 2020. Valid for: a year.
This is the only time affsenseco.systeme.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-PR...)
1 1 54.67.120.65 16509 (AMAZON-02)
1 52.40.5.154 16509 (AMAZON-02)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 52.35.194.171 16509 (AMAZON-02)
1 13.226.154.88 16509 (AMAZON-02)
3 2600:9000:218... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:1b:... 54113 (FASTLY)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
14 10
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
1    54.67.120.65 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ow.ly
ow.ly
1    52.40.5.154 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-5-154.us-west-2.compute.amazonaws.com
khalid.rurl.me
2    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    52.35.194.171 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-194-171.us-west-2.compute.amazonaws.com
affsense.trk.org
1    13.226.154.88 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-154-88.dus51.r.cloudfront.net
affsenseco.systeme.io
3    2600:9000:2182:be00:13:b2ca:a980:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2023aobtlf0rq.cloudfront.net
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.polyfill.io
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
3 d2023aobtlf0rq.cloudfront.net affsenseco.systeme.io
2 connect.facebook.net affsenseco.systeme.io
connect.facebook.net
2 maxcdn.bootstrapcdn.com khalid.rurl.me
1 fonts.gstatic.com affsenseco.systeme.io
1 cdnjs.cloudflare.com affsenseco.systeme.io
1 cdn.polyfill.io affsenseco.systeme.io
1 fonts.googleapis.com affsenseco.systeme.io
1 affsenseco.systeme.io khalid.rurl.me
1 affsense.trk.org 1 redirects
1 ajax.googleapis.com khalid.rurl.me
1 khalid.rurl.me
1 ow.ly 1 redirects
1 bit.ly 1 redirects
14 13

This site contains links to these domains. Also see Links.

Domain
systeme.io
Subject Issuer Validity Valid
systeme.io
Amazon		 2020-03-25 -
2021-04-25		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-06-08 -
2021-04-17		 10 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-05-14 -
2020-08-05		 3 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://affsenseco.systeme.io/ca69d61c
Frame ID: EE3E5025C64101A5C7BE695AE85EE79F
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/2Ync0Be HTTP 301
    http://ow.ly/VPOV30qSdja HTTP 301
    http://khalid.rurl.me/Has2ntrlk?platform=hootsuite Page URL
  2. http://affsense.trk.org/autofunnelkhalid HTTP 307
    https://affsenseco.systeme.io/ca69d61c Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /^https?:\/\/cdn\.polyfill\.io\//i
  • script /\/polyfill\.min\.js/i

Page Statistics

14
Requests

71 %
HTTPS

62 %
IPv6

12
Domains

13
Subdomains

10
IPs

5
Countries

582 kB
Transfer

2281 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/2Ync0Be HTTP 301
    http://ow.ly/VPOV30qSdja HTTP 301
    http://khalid.rurl.me/Has2ntrlk?platform=hootsuite Page URL
  2. http://affsense.trk.org/autofunnelkhalid HTTP 307
    https://affsenseco.systeme.io/ca69d61c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/2Ync0Be HTTP 301
  • http://ow.ly/VPOV30qSdja HTTP 301
  • http://khalid.rurl.me/Has2ntrlk?platform=hootsuite

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set Has2ntrlk
khalid.rurl.me/
Redirect Chain
  • https://bit.ly/2Ync0Be
  • http://ow.ly/VPOV30qSdja
  • http://khalid.rurl.me/Has2ntrlk?platform=hootsuite
2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://khalid.rurl.me/Has2ntrlk?platform=hootsuite
Protocol
HTTP/1.1
Server
52.40.5.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-5-154.us-west-2.compute.amazonaws.com
Software
nginx/1.13.5 / PHP/5.6.36
Resource Hash
a79d289d8b38c468b2829973f73c3202f2610f2e3dd40d7c89be38f7f4340b62

Request headers

Host
khalid.rurl.me
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 09:20:50 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
AWSALB=JNnfkpI93Zxv8QG5K608bte+3Vr0bA8jimocDk0a9m3dH6buhPtAih4TOUrib9OwdnnfwTbKF4F7sUHTtSB0ixvViSfAdhu60vTQ5CBO/hnc8hDIhZ6uzPzhabG9; Expires=Mon, 29 Jun 2020 09:20:49 GMT; Path=/ AWSALBCORS=JNnfkpI93Zxv8QG5K608bte+3Vr0bA8jimocDk0a9m3dH6buhPtAih4TOUrib9OwdnnfwTbKF4F7sUHTtSB0ixvViSfAdhu60vTQ5CBO/hnc8hDIhZ6uzPzhabG9; Expires=Mon, 29 Jun 2020 09:20:49 GMT; Path=/; SameSite=None awslinktrackr=ykBftNlatq1VyEi2a1MUofsjYetoqgwYmxj0UlQBInhY92tdp5W8DIpIF9DsnwPUd4wDBZDUIQ7UnLxPBkHiKRI4Mi1aRh2INHrxZTq89bomHrOQHGXqADwyq74PM0znrabmFzEHXj1p3m0KS%2FNTkb5tVFgYnmlM%2B8vb%2FpHfVKwXFiO4u6K9SrEFAZzHRo%2FN6fHIxmSqtUXSR7aRyXlIHCo3PAcjZvcZaAdmpByMcRnGGV7QNCZzLD3qYJvbKzWiIs%2B0XAVO7kNVwzi%2FdaRbWfrSLXSX4N41Qz%2BEu3p%2BCGqJYLDn5gYJblcblBAbf2m%2FeoJvUgtCOVfDGs4euchfXo8DaBLSP8BGrzaXUEhs%2B5MmNw%2Fy49eOnRzVRBmZqBBTc3nMz0FnRlaJI1laPSWTQylRTR8J4%2FodArWTvE%2FyPeOebLtPLZByyPvonWBdpbcqgldc4lcpwIZ1Yyvi7MKRpw%3D%3D; expires=Mon, 22-Jun-2020 11:20:49 GMT; Max-Age=7200; path=/; domain=.linktrackr.com lt_vi=5ef077f14caff3.34425919; expires=Thu, 20-Jun-2030 09:20:49 GMT; Max-Age=315360000 lt_vsi10193=5ef077f14f3414.92853883; expires=Mon, 22-Jun-2020 09:50:49 GMT; Max-Age=1800 ltn=d9PYN2s0rNDVJm0UBrUCr1LuOtXIZMNQZ7QbSxX216F9QlHzORhxfPScr6SP3Sj79%2B7tt%2B4iTe7FDmK9g6e99o167HgkDIGr0V%2FUn74dgAuhxHK%2F6tZu5uXizQP0TXcxviqCrsFWCtYEZY7g0EkAFJtV4p1vVOt0tmsZm2wKc%2FCnFKNBt0f%2F7qWkkf8nrgh9BvOQ1aaX8RthOOUx5lpXtKeWsLO7SPDeRSD5Oj2H%2BuoSmv1B8yMxJAxJeRbkuafXOfPjxadn1qRtGxvTXxjUHuyTvUL6QGxNBe%2Bu0Di9D1I%3D; expires=Thu, 23-Jul-2020 09:20:50 GMT; Max-Age=2678400; path=/
Server
nginx/1.13.5
X-Powered-By
PHP/5.6.36
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Location
http://khalid.rurl.me/Has2ntrlk?platform=hootsuite
Connection
close
Content-Length
0
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
Requested by
Host: khalid.rurl.me
URL: http://khalid.rurl.me/Has2ntrlk?platform=hootsuite
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 09:20:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 12 Dec 2018 18:34:07 GMT
ETag
"1544639647"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
cache-control
public, max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
Keep-Alive
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
19747
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: khalid.rurl.me
URL: http://khalid.rurl.me/Has2ntrlk?platform=hootsuite
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 09:20:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 12 Dec 2018 18:35:19 GMT
ETag
"1544639719"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
cache-control
public, max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
Keep-Alive
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
5442
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: khalid.rurl.me
URL: http://khalid.rurl.me/Has2ntrlk?platform=hootsuite
Protocol
HTTP/1.1
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 20:53:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Age
908870
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
33507
X-XSS-Protection
0
Expires
Fri, 11 Jun 2021 20:53:00 GMT
Primary Request ca69d61c
affsenseco.systeme.io/
Redirect Chain
  • http://affsense.trk.org/autofunnelkhalid
  • https://affsenseco.systeme.io/ca69d61c
46 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://affsenseco.systeme.io/ca69d61c
Requested by
Host: khalid.rurl.me
URL: http://khalid.rurl.me/Has2ntrlk?platform=hootsuite
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.154.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-154-88.dus51.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
191fe4faf03d6e271714df7416ab38f31c64fec9c2c1f2ff996213c37c6ae83b

Request headers

:method
GET
:authority
affsenseco.systeme.io
:scheme
https
:path
/ca69d61c
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://khalid.rurl.me/Has2ntrlk?platform=hootsuite

Response headers

status
200
content-type
text/html; charset=UTF-8
date
Mon, 22 Jun 2020 09:20:51 GMT
server
nginx/1.14.0 (Ubuntu)
cache-control
max-age=0, must-revalidate, private max-age=0, no-store, no-cache, must-revalidate
expires
Mon, 22 Jun 2020 09:20:51 GMT
set-cookie
visitor_cookie_828753=1; expires=Sun, 22-Jun-2025 09:20:51 GMT; Max-Age=157766400; path=/; httponly
x-cache
Miss from cloudfront
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
GQKJP9bHyF2sgD0XWcoiknhfwXXVughIInQRksStken8w76YkbPQgg==

Redirect headers

Date
Mon, 22 Jun 2020 09:20:51 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Server
Apache/2.4.37 (Unix) OpenSSL/1.1.0f
X-Powered-By
PHP/5.6.38
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
clickorg_session_id=6v3anbldnl8amtt4uu7e3r8ur1; path=/; domain=.click.org conversion_for_892404=53518625
Location
https://affsenseco.systeme.io/ca69d61c
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
flaticon.css
d2023aobtlf0rq.cloudfront.net/assets/css/flat-icon/ 		1 KB
735 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2023aobtlf0rq.cloudfront.net/assets/css/flat-icon/flaticon.css
Requested by
Host: affsenseco.systeme.io
URL: https://affsenseco.systeme.io/ca69d61c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:be00:13:b2ca:a980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4ccf33519df2c94f43c8dd528fc6560349d7742a74cc71f9612ec9a6403ed5c

Request headers

Referer
https://affsenseco.systeme.io/ca69d61c
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 08:26:47 GMT
content-encoding
gzip
last-modified
Tue, 18 Feb 2020 16:36:55 GMT
server
AmazonS3
age
348845
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
Gt9tplmdADOLg9pBWW1oUzsBfRYkvQZ0X7s6S0RTXGTMzSYlO60R6Q==
via
1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)
css
fonts.googleapis.com/ 		1 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Hind
Requested by
Host: affsenseco.systeme.io
URL: https://affsenseco.systeme.io/ca69d61c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5740666b44e1a8b08bc837088100fd26ed47d8af036f0ee9b987a4e154c2d4bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://affsenseco.systeme.io/ca69d61c
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 22 Jun 2020 09:16:45 GMT
server
ESF
date
Mon, 22 Jun 2020 09:20:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jun 2020 09:20:51 GMT
polyfill.min.js
cdn.polyfill.io/v2/ 		222 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.en%2CmatchMedia
Requested by
Host: affsenseco.systeme.io
URL: https://affsenseco.systeme.io/ca69d61c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://affsenseco.systeme.io/ca69d61c
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
3524651
detected-user-agent
Chrome/83.0.4103
status
200
request_came_from_shield
HHN
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
126
referrer-policy
origin-when-cross-origin
last-modified
Tue, 12 May 2020 13:13:16 GMT
date
Mon, 22 Jun 2020 09:20:51 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/83.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
sdk.js
connect.facebook.net/fr/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/fr/sdk.js
Requested by
Host: affsenseco.systeme.io
URL: https://affsenseco.systeme.io/ca69d61c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a2e34122b3cce662760fc1c404eff8c5b0aef30ba7731c720294c9b5fc7ac0fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://affsenseco.systeme.io/ca69d61c
Origin
https://affsenseco.systeme.io

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
jPudUSf0YjDoUErEMUGa0w==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
etag
"97fce2e661c3ff9753bc1d2da57047df"
x-fb-debug
hSafvEUwggOQgyJghhYMaFPN1bQACDBDyQbSlLVmJygH4d3FQZ26YbsZ+8kMOndsrRbdVjjNhNDDr7/aZOJ+OQ==
x-fb-trip-id
664085054
x-fb-content-md5
e00d69dc3b5fae90d6eaad3be1e3145c
x-frame-options
DENY
date
Mon, 22 Jun 2020 09:20:51 GMT, Mon, 22 Jun 2020 09:20:51 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 Jun 2020 09:32:01 GMT
affiliate_badge_logo.png
d2023aobtlf0rq.cloudfront.net/assets/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2023aobtlf0rq.cloudfront.net/assets/images/affiliate_badge_logo.png
Requested by
Host: affsenseco.systeme.io
URL: https://affsenseco.systeme.io/ca69d61c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:be00:13:b2ca:a980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49f976a389a13b1e9833c4e92fa4689f3857e712bd427dcf6475aabf374dc07a

Request headers

Referer
https://affsenseco.systeme.io/ca69d61c
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 08:27:32 GMT
via
1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)
last-modified
Tue, 18 Feb 2020 16:36:55 GMT
server
AmazonS3
age
348800
etag
"a51c99922932db0af2e93faf67f68c0f"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
10542
x-amz-cf-id
enLlyYT2ZAejXEptmaz7vjUUQ6C2iNZzchAz-sPiYS8I4t62QKyCNQ==
page.cd01c0c370644c022707.js
d2023aobtlf0rq.cloudfront.net/js/ 		2 MB
368 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2023aobtlf0rq.cloudfront.net/js/page.cd01c0c370644c022707.js
Requested by
Host: affsenseco.systeme.io
URL: https://affsenseco.systeme.io/ca69d61c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:be00:13:b2ca:a980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c7853bc8fbf4533b17a3cbfd9a15fe80fa5d603fa4eb27f2880d437a7407677

Request headers

Referer
https://affsenseco.systeme.io/ca69d61c
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Jun 2020 09:20:52 GMT
content-encoding
gzip
last-modified
Mon, 22 Jun 2020 09:20:49 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
status
200
x-amz-cf-id
0bHYhvjm5nXeSrZ7gVjrNNja9Fhag5QV_zajrRk3H9AqUSAnaxsoUA==
via
1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js
Requested by
Host: affsenseco.systeme.io
URL: https://affsenseco.systeme.io/ca69d61c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://affsenseco.systeme.io/ca69d61c
Origin
https://affsenseco.systeme.io

Response headers

date
Mon, 22 Jun 2020 09:20:51 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
18398113
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
037ceda8a800001f1515382200000001
served-in-seconds
0.002
timing-allow-origin
*
last-modified
Tue, 19 Nov 2019 20:03:42 GMT
server
cloudflare
etag
W/"5dd44a9e-112f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5a74e5544b3e1f15-FRA
expires
Sat, 12 Jun 2021 09:20:51 GMT
5aU69_a8oxmIdGl4BDGwgDI.woff2
fonts.gstatic.com/s/hind/v10/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/hind/v10/5aU69_a8oxmIdGl4BDGwgDI.woff2
Requested by
Host: affsenseco.systeme.io
URL: https://affsenseco.systeme.io/ca69d61c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42610841f3d39a01788c09d6a72b2f7e609cfb75b8e52eb4b031c12ad76f6ca3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Hind
Origin
https://affsenseco.systeme.io

Response headers

date
Wed, 10 Jun 2020 04:21:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:18:06 GMT
server
sffe
age
1054753
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8672
x-xss-protection
0
expires
Thu, 10 Jun 2021 04:21:38 GMT
sdk.js
connect.facebook.net/en_US/ 		199 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=b046bbb3904ac6ca2e22fb22563a27ba&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
062cb8a6086d8fb13d63810afe43f534084a4176b76bda15e85772c890a429df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://affsenseco.systeme.io/ca69d61c
Origin
https://affsenseco.systeme.io

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
GYd663opVRflSMgm9uysfw==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
61164
etag
"0355d42e33200f0957c729e4a6a036d4"
x-fb-debug
3ZPt9OTd7njCnO5QraXgQD6IDiqB0xGPxCAJJ1HjssVz/6xNSRIriZxyrmyB8RoVVbOnleE5Brvd3bNfGCfgPw==
x-fb-trip-id
664085054
x-fb-content-md5
2d36a12f95d9178272497de4ecf19dd3
x-frame-options
DENY
date
Mon, 22 Jun 2020 09:20:51 GMT, Mon, 22 Jun 2020 09:20:51 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Tue, 22 Jun 2021 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _rollbarConfig object| _rollbarShims object| _rollbarWrappedError object| Rollbar function| rollbar object| initialI18nStore string| initialLanguage object| FB number| _rollbarStartTime boolean| _rollbarDidLoad boolean| _rollbarInitialized object| scCGSHMRCache object| regeneratorRuntime function| setImmediate function| clearImmediate

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affsense.trk.org
affsenseco.systeme.io
ajax.googleapis.com
bit.ly
cdn.polyfill.io
cdnjs.cloudflare.com
connect.facebook.net
d2023aobtlf0rq.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
khalid.rurl.me
maxcdn.bootstrapcdn.com
ow.ly
13.226.154.88
2001:4de0:ac19::1:b:2a
2600:9000:2182:be00:13:b2ca:a980:93a1
2606:4700::6810:84e5
2a00:1450:4001:808::200a
2a00:1450:4001:81a::200a
2a00:1450:4001:821::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a04:4e42:1b::621
52.35.194.171
52.40.5.154
54.67.120.65
67.199.248.10
062cb8a6086d8fb13d63810afe43f534084a4176b76bda15e85772c890a429df
0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e
191fe4faf03d6e271714df7416ab38f31c64fec9c2c1f2ff996213c37c6ae83b
42610841f3d39a01788c09d6a72b2f7e609cfb75b8e52eb4b031c12ad76f6ca3
49f976a389a13b1e9833c4e92fa4689f3857e712bd427dcf6475aabf374dc07a
4c7853bc8fbf4533b17a3cbfd9a15fe80fa5d603fa4eb27f2880d437a7407677
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5740666b44e1a8b08bc837088100fd26ed47d8af036f0ee9b987a4e154c2d4bd
a2e34122b3cce662760fc1c404eff8c5b0aef30ba7731c720294c9b5fc7ac0fa
a79d289d8b38c468b2829973f73c3202f2610f2e3dd40d7c89be38f7f4340b62
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
e4ccf33519df2c94f43c8dd528fc6560349d7742a74cc71f9612ec9a6403ed5c
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c