urlscan.io logo urlscan.io
SecurityTrails logo

stream.slimtraf.com Open in urlscan Pro
167.114.254.98  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.ly/2msX7Na
Effective URL: https://stream.slimtraf.com/directclick/?pid=3OciuN5zVbpbhxVix2pMpOBU7Lc1&wsid=o8jRfucVLRuRahAZGhuONRumx522g0UK65ban4wzKfFkC...
Submission: On January 09 via manual from PT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 10 HTTP transactions. The main IP is 167.114.254.98, located in Roubaix, France and belongs to OVH, FR. The main domain is stream.slimtraf.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 4th 2019. Valid for: 3 months.
This is the only time stream.slimtraf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-PR...)
6 8 184.171.242.5 33182 (DIMENOC)
1 167.114.254.98 16276 (OVH)
1 6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 167.114.228.34 16276 (OVH)
10 5
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD - Google LLC, US)
PTR: bit.ly
bit.ly
8    184.171.242.5 (Orlando, United States)

ASN33182 (DIMENOC - HostDime.com, Inc., US)
PTR: single-4730.banahosting.com
tracking-all-traffic.offerdirecto.com
1    167.114.254.98 (Roubaix, France)

ASN16276 (OVH, FR)
PTR: 98.ip-167-114-254.eu
stream.slimtraf.com
6    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    167.114.228.34 (Roubaix, France)

ASN16276 (OVH, FR)
PTR: 34.ip-167-114-228.eu
go.123fastcdn.com
Domain Requested by
8 tracking-all-traffic.offerdirecto.com 6 redirects tracking-all-traffic.offerdirecto.com
6 www.google-analytics.com 1 redirects tracking-all-traffic.offerdirecto.com
1 go.123fastcdn.com stream.slimtraf.com
1 stats.g.doubleclick.net
1 stream.slimtraf.com tracking-all-traffic.offerdirecto.com
1 bit.ly 1 redirects
10 6

This site contains no links.

Subject Issuer Validity Valid
tracking-all-traffic.offerdirecto.com
Let's Encrypt Authority X3		 2020-01-08 -
2020-04-07		 3 months crt.sh
stream.slimtraf.com
Let's Encrypt Authority X3		 2019-11-04 -
2020-02-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-12-10 -
2020-03-03		 3 months crt.sh

This page contains 1 frames:

Frame: http://go.123fastcdn.com/l/?type=a&pre=netficks-intl-v1&dlang=en&url=https%3A%2F%2Fhello.fuckbook.xxx%2Flander%2Fml605_u_trial%2F%3Fofferit_code%3Dslimspots.38.38.241.0.0.0.0.0.0.0.0%26offerit_conversion_variables._ocid%3D20010901_01_250803_8e2c9a0af2225%26offerit_conversion_variables.subaff%3Da250803sVjmIjo9v0f%26affe%3Dgfno
Frame ID: DFC830C5ECCA1689681AD69514E53AA5
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bit.ly/2msX7Na HTTP 301
    https://tracking-all-traffic.offerdirecto.com/?id=VjmIjo9v0f&type=9&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={su... Page URL
  2. https://tracking-all-traffic.offerdirecto.com/control-user.php?id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9&sub1... HTTP 302
    https://tracking-all-traffic.offerdirecto.com/control-click_id.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9... HTTP 302
    https://tracking-all-traffic.offerdirecto.com/control-bloq-ofertas.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&ty... HTTP 302
    https://tracking-all-traffic.offerdirecto.com/pais.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9&sub1={sub1}... HTTP 302
    https://tracking-all-traffic.offerdirecto.com/control-ip.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9&sub1=... HTTP 302
    https://tracking-all-traffic.offerdirecto.com/9/click24.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&sub1={sub1}&s... HTTP 302
    https://stream.slimtraf.com/directclick/?pid=3OciuN5zVbpbhxVix2pMpOBU7Lc1&wsid=o8jRfucVLRuRahAZGhuONRumx... Page URL

Page Statistics

10
Requests

90 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

5
IPs

4
Countries

122 kB
Transfer

146 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.ly/2msX7Na HTTP 301
    https://tracking-all-traffic.offerdirecto.com/?id=VjmIjo9v0f&type=9&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3} Page URL
  2. https://tracking-all-traffic.offerdirecto.com/control-user.php?id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200 HTTP 302
    https://tracking-all-traffic.offerdirecto.com/control-click_id.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200 HTTP 302
    https://tracking-all-traffic.offerdirecto.com/control-bloq-ofertas.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200 HTTP 302
    https://tracking-all-traffic.offerdirecto.com/pais.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200 HTTP 302
    https://tracking-all-traffic.offerdirecto.com/control-ip.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200&pais=BE&b=M247%20Ltd%20Brussels&c=SI HTTP 302
    https://tracking-all-traffic.offerdirecto.com/9/click24.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200&b=M247%20Ltd%20Brussels&c=SI&pais=BE HTTP 302
    https://stream.slimtraf.com/directclick/?pid=3OciuN5zVbpbhxVix2pMpOBU7Lc1&wsid=o8jRfucVLRuRahAZGhuONRumx522g0UK65ban4wzKfFkCG0IotX2GdwATng&subid=VjmIjo9v0f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bit.ly/2msX7Na HTTP 301
  • https://tracking-all-traffic.offerdirecto.com/?id=VjmIjo9v0f&type=9&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
Request Chain 3
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=972428009&t=pageview&_s=1&dl=https%3A%2F%2Ftracking-all-traffic.offerdirecto.com%2F%3Fid%3DVjmIjo9v0f%26type%3D9%26idoffer%3D86350%26click_id%3D%7Bclick_id%7D%26sub1%3D%7Bsub1%7D%26sub2%3D%7Bsub2%7D%26sub3%3D%7Bsub3%7D&ul=en-us&de=UTF-8&dt=Redirected&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEHAAEAB~&jid=359403269&gjid=1819958657&cid=1862274097.1578528294&tid=UA-97406603-1&_gid=575000209.1578528294&_r=1&z=619335274 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-97406603-1&cid=1862274097.1578528294&jid=359403269&_gid=575000209.1578528294&gjid=1819958657&_v=j79&z=619335274

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
tracking-all-traffic.offerdirecto.com/
Redirect Chain
  • http://bit.ly/2msX7Na
  • https://tracking-all-traffic.offerdirecto.com/?id=VjmIjo9v0f&type=9&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tracking-all-traffic.offerdirecto.com/?id=VjmIjo9v0f&type=9&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.171.242.5 Orlando, United States, ASN33182 (DIMENOC - HostDime.com, Inc., US),
Reverse DNS
single-4730.banahosting.com
Software
/
Resource Hash
c42e65d6aee8d0ab0994af0ff0d3163d1bb1b0e2081e9bbce7d76e00ee321e31

Request headers

:method
GET
:authority
tracking-all-traffic.offerdirecto.com
:scheme
https
:path
/?id=VjmIjo9v0f&type=9&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
content-type
text/html; charset=UTF-8
content-length
961
content-encoding
br
vary
Accept-Encoding
date
Thu, 09 Jan 2020 00:04:51 GMT
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-Q039=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-23=":443"; ma=2592000, h3-24=":443"; ma=2592000

Redirect headers

Server
nginx
Date
Thu, 09 Jan 2020 00:04:53 GMT
Content-Type
text/html; charset=utf-8
Content-Length
248
Cache-Control
private, max-age=90
Location
https://tracking-all-traffic.offerdirecto.com/?id=VjmIjo9v0f&type=9&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
Set-Cookie
_bit=k0904R-7d4f734ea3e8731ed1-00D; Domain=bit.ly; Expires=Tue, 07 Jul 2020 00:04:53 GMT
Via
1.1 google
Primary Request Cookie set /
stream.slimtraf.com/directclick/
Redirect Chain
  • https://tracking-all-traffic.offerdirecto.com/control-user.php?id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200
  • https://tracking-all-traffic.offerdirecto.com/control-click_id.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200
  • https://tracking-all-traffic.offerdirecto.com/control-bloq-ofertas.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200
  • https://tracking-all-traffic.offerdirecto.com/pais.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200
  • https://tracking-all-traffic.offerdirecto.com/control-ip.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&type=9&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200&pais=BE&b=M247%20Ltd%20Brussels&...
  • https://tracking-all-traffic.offerdirecto.com/9/click24.php?&id=VjmIjo9v0f&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}&a=1600x1200&b=M247%20Ltd%20Brussels&c=SI&pais=BE
  • https://stream.slimtraf.com/directclick/?pid=3OciuN5zVbpbhxVix2pMpOBU7Lc1&wsid=o8jRfucVLRuRahAZGhuONRumx522g0UK65ban4wzKfFkCG0IotX2GdwATng&subid=VjmIjo9v0f
26 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stream.slimtraf.com/directclick/?pid=3OciuN5zVbpbhxVix2pMpOBU7Lc1&wsid=o8jRfucVLRuRahAZGhuONRumx522g0UK65ban4wzKfFkCG0IotX2GdwATng&subid=VjmIjo9v0f
Requested by
Host: tracking-all-traffic.offerdirecto.com
URL: https://tracking-all-traffic.offerdirecto.com/?id=VjmIjo9v0f&type=9&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.114.254.98 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
98.ip-167-114-254.eu
Software
nginx /
Resource Hash
cba52d24e85b76825c879261fd422f8c73d2dc233e2ff5ffc68e16d31a2a5a63

Request headers

Host
stream.slimtraf.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://tracking-all-traffic.offerdirecto.com/?id=VjmIjo9v0f&type=9&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://tracking-all-traffic.offerdirecto.com/?id=VjmIjo9v0f&type=9&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}

Response headers

Server
nginx
Date
Thu, 09 Jan 2020 00:04:56 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Set-Cookie
checkkeks=1; expires=Fri, 08-Jan-2021 00:04:56 GMT; Max-Age=31536000; path=/; domain=.slimtraf.com eTag=13108affad04530152245c15fed9da49; expires=Fri, 10-Jan-2020 00:04:56 GMT; Max-Age=86400; path=/; domain=.slimtraf.com eTag=13108affad04530152245c15fed9da49; expires=Fri, 10-Jan-2020 00:04:56 GMT; Max-Age=86400; path=/; domain=.slimspots.com ck_uniques=1578614695%3A10427-72186; expires=Fri, 08-Jan-2021 00:04:56 GMT; Max-Age=31536000; path=/; domain=.slimtraf.com ck_uniques=1578614695%3A10427-72186; expires=Fri, 08-Jan-2021 00:04:56 GMT; Max-Age=31536000; path=/; domain=.slimspots.com ck_uniquesPa=1578614695%3A86873; expires=Fri, 08-Jan-2021 00:04:56 GMT; Max-Age=31536000; path=/; domain=.slimtraf.com ck_uniquesPa=1578614695%3A86873; expires=Fri, 08-Jan-2021 00:04:56 GMT; Max-Age=31536000; path=/; domain=.slimspots.com ck_sys_uniques_3=1; expires=Fri, 10-Jan-2020 00:04:56 GMT; Max-Age=86400; path=/; domain=.slimtraf.com ck_sys_uniques_3=1; expires=Fri, 10-Jan-2020 00:04:56 GMT; Max-Age=86400; path=/; domain=.slimspots.com u_current_ads_view=86873----; expires=Fri, 10-Jan-2020 00:04:56 GMT; Max-Age=86400; path=/; domain=.slimtraf.com u_current_ads_view=86873----; expires=Fri, 10-Jan-2020 00:04:56 GMT; Max-Age=86400; path=/; domain=.slimspots.com
ETag
"13108affad04530152245c15fed9da49"
X-Track
20010901_01_250803_8e2c9a0af2225

Redirect headers

status
302
location
https://stream.slimtraf.com/directclick/?pid=3OciuN5zVbpbhxVix2pMpOBU7Lc1&wsid=o8jRfucVLRuRahAZGhuONRumx522g0UK65ban4wzKfFkCG0IotX2GdwATng&subid=VjmIjo9v0f
content-type
text/html; charset=UTF-8
content-length
6
content-encoding
br
vary
Accept-Encoding
date
Thu, 09 Jan 2020 00:04:54 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
1.gif
tracking-all-traffic.offerdirecto.com/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking-all-traffic.offerdirecto.com/1.gif
Requested by
Host: tracking-all-traffic.offerdirecto.com
URL: https://tracking-all-traffic.offerdirecto.com/?id=VjmIjo9v0f&type=9&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.171.242.5 Orlando, United States, ASN33182 (DIMENOC - HostDime.com, Inc., US),
Reverse DNS
single-4730.banahosting.com
Software
/
Resource Hash

Request headers

Referer
https://tracking-all-traffic.offerdirecto.com/?id=VjmIjo9v0f&type=9&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 09 Jan 2020 00:04:51 GMT
last-modified
Thu, 07 Feb 2019 07:06:46 GMT
content-type
image/gif
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
76610
expires
Thu, 16 Jan 2020 00:04:51 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tracking-all-traffic.offerdirecto.com
URL: https://tracking-all-traffic.offerdirecto.com/?id=VjmIjo9v0f&type=9&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tracking-all-traffic.offerdirecto.com/?id=VjmIjo9v0f&type=9&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
5479
date
Wed, 08 Jan 2020 22:33:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Thu, 09 Jan 2020 00:33:35 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=972428009&t=pageview&_s=1&dl=https%3A%2F%2Ftracking-all-traffic.offerdirecto.com%2F%3Fid%3DVjmIjo9v0f%26type%3D9%26idoffer%3D86350%26click_id...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-97406603-1&cid=1862274097.1578528294&jid=359403269&_gid=575000209.1578528294&gjid=1819958657&_v=j79&z=619335274
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-97406603-1&cid=1862274097.1578528294&jid=359403269&_gid=575000209.1578528294&gjid=1819958657&_v=j79&z=619335274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tracking-all-traffic.offerdirecto.com/?id=VjmIjo9v0f&type=9&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Thu, 09 Jan 2020 00:04:54 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 09 Jan 2020 00:04:54 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-97406603-1&cid=1862274097.1578528294&jid=359403269&_gid=575000209.1578528294&gjid=1819958657&_v=j79&z=619335274
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=972428009&t=pageview&_s=1&dl=https%3A%2F%2Ftracking-all-traffic.offerdirecto.com%2F%3Fid%3DVjmIjo9v0f%26type%3D9%26idoffer%3D86350%26click_id%3D%7Bclick_id%7D%26sub1%3D%7Bsub1%7D%26sub2%3D%7Bsub2%7D%26sub3%3D%7Bsub3%7D&ul=en-us&de=UTF-8&dt=Redirected&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEHAAEAB~&jid=832110225&gjid=765702112&cid=1862274097.1578528294&tid=UA-114317189-1&_gid=575000209.1578528294&_r=1&z=475408197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tracking-all-traffic.offerdirecto.com/?id=VjmIjo9v0f&type=9&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jan 2020 00:04:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=972428009&t=pageview&_s=1&dl=https%3A%2F%2Ftracking-all-traffic.offerdirecto.com%2F%3Fid%3DVjmIjo9v0f%26type%3D9%26idoffer%3D86350%26click_id%3D%7Bclick_id%7D%26sub1%3D%7Bsub1%7D%26sub2%3D%7Bsub2%7D%26sub3%3D%7Bsub3%7D&ul=en-us&de=UTF-8&dt=Redirected&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEHAAEAB~&jid=2128208325&gjid=593888992&cid=1862274097.1578528294&tid=0&_gid=575000209.1578528294&_r=1&z=1524852509
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tracking-all-traffic.offerdirecto.com/?id=VjmIjo9v0f&type=9&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jan 2020 00:04:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=972428009&t=pageview&_s=1&dl=https%3A%2F%2Ftracking-all-traffic.offerdirecto.com%2F%3Fid%3DVjmIjo9v0f%26type%3D9%26idoffer%3D86350%26click_id%3D%7Bclick_id%7D%26sub1%3D%7Bsub1%7D%26sub2%3D%7Bsub2%7D%26sub3%3D%7Bsub3%7D&ul=en-us&de=UTF-8&dt=Redirected&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEHAAEAB~&jid=1886866011&gjid=1722738027&cid=1862274097.1578528294&tid=0&_gid=575000209.1578528294&_r=1&z=1903212162
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tracking-all-traffic.offerdirecto.com/?id=VjmIjo9v0f&type=9&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jan 2020 00:04:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=972428009&t=pageview&_s=1&dl=https%3A%2F%2Ftracking-all-traffic.offerdirecto.com%2F%3Fid%3DVjmIjo9v0f%26type%3D9%26idoffer%3D86350%26click_id%3D%7Bclick_id%7D%26sub1%3D%7Bsub1%7D%26sub2%3D%7Bsub2%7D%26sub3%3D%7Bsub3%7D&ul=en-us&de=UTF-8&dt=Redirected&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEHAAEAB~&jid=650259040&gjid=1562708282&cid=1862274097.1578528294&tid=0&_gid=575000209.1578528294&_r=1&z=1375315074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tracking-all-traffic.offerdirecto.com/?id=VjmIjo9v0f&type=9&idoffer=86350&click_id={click_id}&sub1={sub1}&sub2={sub2}&sub3={sub3}
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Jan 2020 00:04:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
go.123fastcdn.com/l/ 		0
181 B 		Document
General
Check archive.org
Download Go to
Full URL
http://go.123fastcdn.com/l/?type=a&pre=netficks-intl-v1&dlang=en&url=https%3A%2F%2Fhello.fuckbook.xxx%2Flander%2Fml605_u_trial%2F%3Fofferit_code%3Dslimspots.38.38.241.0.0.0.0.0.0.0.0%26offerit_conversion_variables._ocid%3D20010901_01_250803_8e2c9a0af2225%26offerit_conversion_variables.subaff%3Da250803sVjmIjo9v0f%26affe%3Dgfno
Requested by
Host: stream.slimtraf.com
URL: https://stream.slimtraf.com/directclick/?pid=3OciuN5zVbpbhxVix2pMpOBU7Lc1&wsid=o8jRfucVLRuRahAZGhuONRumx522g0UK65ban4wzKfFkCG0IotX2GdwATng&subid=VjmIjo9v0f
Protocol
HTTP/1.1
Server
167.114.228.34 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
34.ip-167-114-228.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
go.123fastcdn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Server
nginx
Date
Thu, 09 Jan 2020 00:04:56 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
PRE-S
pre1

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies