eclickca.com Open in urlscan Pro
159.65.194.254 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Submission: On December 18 via automatic, source openphish (December 18th 2018, 8:14:52 am UTC)

Summary HTTP 57 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 16 domains to perform 57 HTTP transactions. The main IP is 159.65.194.254, located in Dallas, United States and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is eclickca.com.

This is the only time eclickca.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 2	159.65.194.254 159.65.194.254	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
14	196.2.128.7 196.2.128.7	12258 (OPTINET) (OPTINET)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.215.104.199 52.215.104.199	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:815::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
3 9	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.244.46.48 104.244.46.48	13414 (TWITTER) (TWITTER - Twitter Inc.)
5	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 2	216.58.207.38 216.58.207.38	15169 (GOOGLE) (GOOGLE - Google LLC)
1	34.254.1.162 34.254.1.162	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	199.16.156.75 199.16.156.75	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	199.16.156.11 199.16.156.11	13414 (TWITTER) (TWITTER - Twitter Inc.)
2 3	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
2 4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
8	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	199.16.156.200 199.16.156.200	13414 (TWITTER) (TWITTER - Twitter Inc.)
57	21

2 159.65.194.254 (Dallas, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
PTR: server2.nerdzpro.info

eclickca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 196.2.128.7 (South Africa)

ASN12258 (OPTINET, ZA)
PTR: myaccount.mweb.co.za

myaccount.mweb.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.98 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.104.199 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-215-104-199.eu-west-1.compute.amazonaws.com

za-cdn.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81c::200e (Ireland) 3 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f66.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.46.48 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.207.38 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f6.1e100.net

4905605.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.1.162 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-254-1-162.eu-west-1.compute.amazonaws.com

s.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.16.156.75 (San Francisco, United States) 1 redirects

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.16.156.11 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9c (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.16.156.200 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	mweb.co.za myaccount.mweb.co.za	362 KB
10	doubleclick.net 3 redirects securepubads.g.doubleclick.net 4905605.fls.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	89 KB
9	google-analytics.com 3 redirects www.google-analytics.com	20 KB
8	facebook.com www.facebook.com	1 KB
5	facebook.net connect.facebook.net	188 KB
5	google.de adservice.google.de www.google.de	614 B
4	google.com 2 redirects www.google.com	620 B
2	t.co 1 redirects t.co	512 B
2	effectivemeasure.net za-cdn.effectivemeasure.net s.effectivemeasure.net	6 KB
2	eclickca.com 1 redirects eclickca.com	10 KB
1	twitter.com analytics.twitter.com	261 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googleadservices.com www.googleadservices.com	9 KB
1	googlesyndication.com tpc.googlesyndication.com
1	googletagmanager.com www.googletagmanager.com	45 KB
1	googletagservices.com www.googletagservices.com	10 KB
57	16

	Domain	Requested by
14	myaccount.mweb.co.za	eclickca.com securepubads.g.doubleclick.net
9	www.google-analytics.com	3 redirects eclickca.com
8	www.facebook.com	eclickca.com
5	connect.facebook.net	eclickca.com connect.facebook.net
4	www.google.de	eclickca.com
4	www.google.com	2 redirects eclickca.com
3	stats.g.doubleclick.net	2 redirects eclickca.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	t.co	1 redirects eclickca.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	4905605.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	eclickca.com	1 redirects
1	analytics.twitter.com	static.ads-twitter.com
1	s.effectivemeasure.net	za-cdn.effectivemeasure.net
1	static.ads-twitter.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	tpc.googlesyndication.com	securepubads.g.doubleclick.net
1	www.googletagmanager.com	eclickca.com
1	za-cdn.effectivemeasure.net	eclickca.com
1	adservice.google.de	www.googletagservices.com
1	www.googletagservices.com	eclickca.com
57	21

This site contains links to these domains. Also see Links.

Domain
www.mweb.co.za
myaccount.ignite.co.za
myaccount.mweb.co.za
ispa.org.za
www.icode.org.za

Subject Issuer	Validity	Valid
myaccount.mweb.co.za Entrust Certification Authority - L1K	`2018-02-08` - `2020-02-08`	2 years	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2018-10-31` - `2019-11-05`	a year	crt.sh
www.google.de Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh
www.google.com Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2018-10-31` - `2020-02-12`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Frame ID: 94767B441BECF2AA72256E93F85CED07
Requests: 55 HTTP requests in this frame

Frame: http://4905605.fls.doubleclick.net/activityi;dc_pre=CNW9jOj3qN8CFZAu4AodpI0LPQ;src=4905605;type=mweb_0;cat=mweb-012;ord=7167523880065;gtm=2wgbc0;auiddc=1637011753.1545120877;u1=%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F;u2=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F;~oref=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F
Frame ID: 8FC3A03140100252BF5BCC47B33C75C4
Requests: 1 HTTP requests in this frame

Frame: http://s.effectivemeasure.net/html/frame_2.3.7.html
Frame ID: 49E5C973A0D3C79F13361A68FC92FC8E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef HTTP 301
http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/ Page URL

Detected technologies

Pure CSS (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+(?:([\d.])+\/)?pure(?:-min)?\.css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
env /^googletag$/i
env /^google_tag_manager$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i
script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery-ui.*\.js/i

Page Statistics

57
Requests

84 %
HTTPS

50 %
IPv6

16
Domains

21
Subdomains

21
IPs

3
Countries

742 kB
Transfer

1745 kB
Size

16
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://www.mweb.co.za/
Title:

Search URL Search Domain Scan URL

URL: https://myaccount.ignite.co.za/bus/portal/email/islogin.jsp
Title: Are you an Ignite customer?

Search URL Search Domain Scan URL

URL: https://myaccount.mweb.co.za/mwebcore/myaccount/login/passwordreminder/passwordReminder.jsp
Title: Forgotten Password?

Search URL Search Domain Scan URL

URL: https://www.mweb.co.za/legalpolicies/
Title: Legal Notices

Search URL Search Domain Scan URL

URL: https://www.mweb.co.za/aboutus/home/
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.mweb.co.za/aboutus/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.mweb.co.za/help
Title: Help

Search URL Search Domain Scan URL

URL: http://ispa.org.za/code-of-conduct/

Search URL Search Domain Scan URL

URL: http://www.icode.org.za/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef HTTP 301
http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 26

http://4905605.fls.doubleclick.net/activityi;src=4905605;type=mweb_0;cat=mweb-012;ord=7167523880065;gtm=2wgbc0;auiddc=1637011753.1545120877;u1=%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F;u2=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F;~oref=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F HTTP 302
http://4905605.fls.doubleclick.net/activityi;dc_pre=CNW9jOj3qN8CFZAu4AodpI0LPQ;src=4905605;type=mweb_0;cat=mweb-012;ord=7167523880065;gtm=2wgbc0;auiddc=1637011753.1545120877;u1=%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F;u2=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F;~oref=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F

Request Chain 29

http://www.google-analytics.com/plugins/ua/linkid.js HTTP 307
https://www.google-analytics.com/plugins/ua/linkid.js

Request Chain 30

http://www.google-analytics.com/plugins/ua/ec.js HTTP 307
https://www.google-analytics.com/plugins/ua/ec.js

Request Chain 33

http://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxho2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0 HTTP 301
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxho2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Request Chain 34

http://www.google-analytics.com/r/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aChAAAAr~&jid=844862408&gjid=1932116189&cid=1021463339.1545120877&tid=UA-51279388-1&_gid=977045332.1545120877&_r=1&gtm=2wgbc0588RWD&z=2105540668 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aChAAAAr~&jid=844862408&gjid=1932116189&cid=1021463339.1545120877&tid=UA-51279388-1&_gid=977045332.1545120877&_r=1&gtm=2wgbc0588RWD&z=2105540668 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-51279388-1&cid=1021463339.1545120877&jid=844862408&_gid=977045332.1545120877&gjid=1932116189&_v=j72&z=2105540668 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-1&cid=1021463339.1545120877&jid=844862408&_v=j72&z=2105540668 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-1&cid=1021463339.1545120877&jid=844862408&_v=j72&z=2105540668&slf_rd=1&random=856221487

Request Chain 35

http://www.google-analytics.com/r/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=2015581298&gjid=833363573&cid=1021463339.1545120877&tid=UA-32716691-1&_gid=977045332.1545120877&_r=1&z=1972544581 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=2015581298&gjid=833363573&cid=1021463339.1545120877&tid=UA-32716691-1&_gid=977045332.1545120877&_r=1&z=1972544581

Request Chain 36

http://www.google-analytics.com/r/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=252450445&gjid=1945241754&cid=1021463339.1545120877&tid=UA-32389807-1&_gid=977045332.1545120877&_r=1&z=1737700423 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=252450445&gjid=1945241754&cid=1021463339.1545120877&tid=UA-32389807-1&_gid=977045332.1545120877&_r=1&z=1737700423 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32389807-1&cid=1021463339.1545120877&jid=252450445&_gid=977045332.1545120877&gjid=1945241754&_v=j72&z=1737700423

Request Chain 37

http://www.google-analytics.com/r/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&dp=%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=2125789956&gjid=1346774713&cid=1021463339.1545120877&tid=UA-51279388-5&_gid=977045332.1545120877&_r=1&gtm=2wgbc0588RWD&z=136085745 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&dp=%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=2125789956&gjid=1346774713&cid=1021463339.1545120877&tid=UA-51279388-5&_gid=977045332.1545120877&_r=1&gtm=2wgbc0588RWD&z=136085745 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-51279388-5&cid=1021463339.1545120877&jid=2125789956&_gid=977045332.1545120877&gjid=1346774713&_v=j72&z=136085745 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-5&cid=1021463339.1545120877&jid=2125789956&_v=j72&z=136085745 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-5&cid=1021463339.1545120877&jid=2125789956&_v=j72&z=136085745&slf_rd=1&random=3315170555

Request Chain 38

http://www.google-analytics.com/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1021463339.1545120877&tid=UA-51279388-5&_gid=977045332.1545120877&gtm=2wgbc0588RWD&z=1723046894 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1021463339.1545120877&tid=UA-51279388-5&_gid=977045332.1545120877&gtm=2wgbc0588RWD&z=1723046894

Request Chain 51

http://www.google-analytics.com/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1021463339.1545120877&tid=UA-51279388-1&_gid=977045332.1545120877&gtm=2wgbc0588RWD&z=673697246 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1021463339.1545120877&tid=UA-51279388-1&_gid=977045332.1545120877&gtm=2wgbc0588RWD&z=673697246

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Redirect Chain

http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef
http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/

10 KB
10 KB

77ms
76ms

Document
text/html

159.65.194.254
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Protocol: HTTP/1.1
Server: 159.65.194.254 Dallas, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS: server2.nerdzpro.info
Software: Apache /
Resource Hash: c90c676abfb92d38da509eff2fcca3ffec9caf00140c79d1542f006de2be976b

Request headers

Host: eclickca.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 08:14:35 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 18 Dec 2018 08:14:35 GMT
Server: Apache
Location: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Content-Length: 272
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK jquery-ui-1.8.20.custom.css
myaccount.mweb.co.za/mwebcore/myaccount/shared/external/jqueryui/css/smoothness/ 25 KB
25 KB 655ms
158ms Stylesheet
text/css 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/shared/external/jqueryui/css/smoothness/jquery-ui-1.8.20.custom.css
Requested by: Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: 834e67fcf50c34f6214fa0e520e73a8305db5e3b1ee23235eb065aba0b53a089

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 08:14:35 GMT
Last-Modified: Thu, 13 Dec 2018 15:41:50 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"25378-1544715710000"
Content-Length: 25378
Content-Type: text/css

GET
H/1.1 200
OK chosen.css
myaccount.mweb.co.za/mwebcore/myaccount/shared/external/chosen/ 14 KB
14 KB 654ms
158ms Stylesheet
text/css 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/shared/external/chosen/chosen.css
Requested by: Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: 6f83ebc7a31c0153f578a3407f43d2370c3a0ff271e86b33f1acf008c7356abd

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 08:14:35 GMT
Last-Modified: Thu, 13 Dec 2018 15:41:50 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"13898-1544715710000"
Content-Length: 13898
Content-Type: text/css

GET
H/1.1 200
OK pure-min.css
myaccount.mweb.co.za/mwebcore/shared/external/purecss/ 17 KB
17 KB 654ms
158ms Stylesheet
text/css 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.mweb.co.za/mwebcore/shared/external/purecss/pure-min.css
Requested by: Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: 00e83aa5f667c4ee219411f6cf6ba69a0746294f1753dba050f93259a48c2747

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 08:14:35 GMT
Last-Modified: Thu, 13 Dec 2018 15:41:50 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"17286-1544715710000"
Content-Length: 17286
Content-Type: text/css

GET
H/1.1 200
OK font-awesome.min.css
myaccount.mweb.co.za/mwebcore/myaccount/osu/assets/plugins/font-awesome/css/ 17 KB
18 KB 659ms
160ms Stylesheet
text/css 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/osu/assets/plugins/font-awesome/css/font-awesome.min.css
Requested by: Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 08:14:35 GMT
Last-Modified: Thu, 13 Dec 2018 15:41:50 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"17780-1544715710000"
Content-Length: 17780
Content-Type: text/css

GET
H/1.1 200
OK myaccount.css
myaccount.mweb.co.za/mwebcore/myaccount/styles/ 42 KB
43 KB 660ms
160ms Stylesheet
text/css 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/styles/myaccount.css
Requested by: Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: 6f6ff747d398937bbb894ee907858755b6a800a952993f8053197b9d5ca0a26a

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 08:14:35 GMT
Last-Modified: Thu, 13 Dec 2018 15:41:50 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"43316-1544715710000"
Content-Length: 43316
Content-Type: text/css

GET
H/1.1 200
OK myaccount-login.css
myaccount.mweb.co.za/mwebcore/myaccount/styles/ 1 KB
1 KB 661ms
161ms Stylesheet
text/css 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/styles/myaccount-login.css
Requested by: Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: febf051238d01475887907d23ce5eadb2179d9e573f099c50eb2e33de8392f3f

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 08:14:35 GMT
Last-Modified: Thu, 13 Dec 2018 15:41:50 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"1262-1544715710000"
Content-Length: 1262
Content-Type: text/css

GET
H/1.1 200
OK jquery-1.7.2.min.js Show response
myaccount.mweb.co.za/mwebcore/myaccount/scripts/ 93 KB
93 KB 822ms
161ms Script
application/javascript 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/scripts/jquery-1.7.2.min.js
Requested by: Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 08:14:35 GMT
Last-Modified: Thu, 13 Dec 2018 15:41:50 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"94840-1544715710000"
Content-Length: 94840
Content-Type: application/javascript

GET
H/1.1 200
OK jquery-ui-1.8.20.custom.min.js Show response
myaccount.mweb.co.za/mwebcore/myaccount/shared/external/jqueryui/js/ 97 KB
97 KB 970ms
158ms Script
application/javascript 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/shared/external/jqueryui/js/jquery-ui-1.8.20.custom.min.js
Requested by: Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: a7a6de426780a73e047727676e7c100b064eb8a233dbc3c7884466ba42db5bd3

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 08:14:35 GMT
Last-Modified: Thu, 13 Dec 2018 15:41:50 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"98858-1544715710000"
Content-Length: 98858
Content-Type: application/javascript

GET
H/1.1 200
OK chosen.jquery.min.js Show response
myaccount.mweb.co.za/mwebcore/myaccount/shared/external/chosen/ 21 KB
21 KB 970ms
158ms Script
application/javascript 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/shared/external/chosen/chosen.jquery.min.js
Requested by: Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: 75f39ab402b946f758c69c88a6e334554349c17f912180a9cae257353dcf2400

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 08:14:35 GMT
Last-Modified: Thu, 13 Dec 2018 15:41:50 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"21601-1544715710000"
Content-Length: 21601
Content-Type: application/javascript

GET
H/1.1 200
OK myaccount.js Show response
myaccount.mweb.co.za/mwebcore/myaccount/scripts/ 12 KB
13 KB 978ms
160ms Script
application/javascript 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/scripts/myaccount.js
Requested by: Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: b018a4f7294eaf5e5a1cabc070df53e2844ba7cc43e83123312389a6375b0bc4

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 08:14:35 GMT
Last-Modified: Thu, 13 Dec 2018 15:41:50 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"12789-1544715710000"
Content-Length: 12789
Content-Type: application/javascript

GET
H/1.1 200
OK scripts.js Show response
myaccount.mweb.co.za/mwebcore/portal/scripts/ 4 KB
4 KB 1127ms
158ms Script
application/javascript 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.mweb.co.za/mwebcore/portal/scripts/scripts.js
Requested by: Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: 3fb8c215a377fc82c8528fe8aaeb0f749f8f7cab75ba818480c5c42b9687c235

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 08:14:35 GMT
Last-Modified: Thu, 13 Dec 2018 15:41:50 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"4047-1544715710000"
Content-Length: 4047
Content-Type: application/javascript

GET
H/1.1 200
OK ispa.png
myaccount.mweb.co.za/mwebcore/myaccount/images/ 962 B
1 KB 159ms
158ms Image
image/png 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/images/ispa.png
Requested by: Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: af57e894c878a60dd459e64f88a9cf27752cbad2b341d06cf8afb6548c1e2bdd

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 08:14:35 GMT
Last-Modified: Thu, 13 Dec 2018 15:41:50 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"962-1544715710000"
Content-Length: 962
Content-Type: image/png

GET
H/1.1 200
OK icode.png
myaccount.mweb.co.za/mwebcore/myaccount/images/ 1 KB
1 KB 160ms
160ms Image
image/png 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/images/icode.png
Requested by: Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: 76fe6b3e689e9eae484b8a75d5408eed23cbbcb6b3f414e8ebfab826e128f23c

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 08:14:35 GMT
Last-Modified: Thu, 13 Dec 2018 15:41:50 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"1179-1544715710000"
Content-Length: 1179
Content-Type: image/png

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 28 KB
10 KB 70ms
43ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

749b279cb2f7e114ce87fad9d81ba9e6ed01e1c38f4733d60944a38b41ae5428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 18 Dec 2018 08:14:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "24 / 917 of 1000 / last-modified: 1544734874"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 9687
X-XSS-Protection: 1; mode=block
Expires: Tue, 18 Dec 2018 08:14:36 GMT

GET
H2 200 pubads_impl_285.js Show response
securepubads.g.doubleclick.net/gpt/ 185 KB
63 KB 43ms
42ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

1ac9fa9872f44a78a1ce3148d2e3b1c108514e8b3d27ab078463be54a1a5506f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 18 Dec 2018 08:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Dec 2018 19:48:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 64605
x-xss-protection: 1; mode=block
expires: Tue, 18 Dec 2018 08:14:36 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ 113 B
178 B 18ms
18ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=eclickca.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 08:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 108
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK em.js Show response
za-cdn.effectivemeasure.net/ 14 KB
6 KB 83ms
27ms Script
application/javascript 52.215.104.199
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://za-cdn.effectivemeasure.net/em.js
Requested by: Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Protocol: HTTP/1.1
Server: 52.215.104.199 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-215-104-199.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3ed550ab1858821546dbe82b9cf5668578ba8ac47234d9aaba39e143ca3734f7

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 08:14:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Jun 2017 05:48:19 GMT
Server: nginx
ETag: "593793a3-1518"
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 5400
Expires: Wed, 19 Dec 2018 08:14:36 GMT

GET
H/1.1 200
OK gtm.js Show response
www.googletagmanager.com/ 235 KB
45 KB 25ms
19ms Script
application/javascript 2a00:1450:4001:815::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagmanager.com/gtm.js?id=GTM-588RWD

Requested by

Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

763bbd5948089b37a59f8095fbfd6c8aa94650ee5e351a2dcba655150775e486

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 08:14:36 GMT
Content-Encoding: gzip
Server: Google Tag Manager (scaffolding)
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: http://www.googletagmanager.com
Cache-Control: private, max-age=900
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
Content-Length: 45500
X-XSS-Protection: 1; mode=block
Expires: Tue, 18 Dec 2018 08:14:36 GMT

GET
H/1.1 200
OK headerLogo.png
myaccount.mweb.co.za/mwebcore/myaccount/images/ 14 KB
14 KB 161ms
161ms Image
image/png 196.2.128.7
OPTINET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myaccount.mweb.co.za/mwebcore/myaccount/images/headerLogo.png
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 196.2.128.7 , South Africa, ASN12258 (OPTINET, ZA),
Reverse DNS: myaccount.mweb.co.za
Software: Apache-Coyote/1.1 /
Resource Hash: e6c0227b26bffe1d3ca83c9aba627d551351c33cd4085a05aea774b2279028ab

Request headers

Referer: https://myaccount.mweb.co.za/mwebcore/myaccount/styles/myaccount.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 08:14:36 GMT
Last-Modified: Thu, 13 Dec 2018 15:41:50 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"13973-1544715710000"
Content-Length: 13973
Content-Type: image/png

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
585 B 85ms
84ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=791520043565747&correlator=2869655807537985&output=json_html&callback=googletag.impl.pubads.setAdContentsBySlotForSync&impl=ss&adsid=NT&json_a=1&eid=21062288%2C21062453&vrg=285&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=0&sfv=1-0-31&iu_parts=8900%2CMWEB%2CWeb%2CSMI&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1000x1000%2C728x90%2C300x250%2C300x250%2C1x1&ists=1&prev_scp=%7C%7Cposno%3D1%7Cposno%3D2%7C&cookie_enabled=1&bc=7&abxe=1&lmt=1545120876&dt=1545120876905&dlt=1545120875398&idt=1483&frm=20&biw=1585&bih=1200&oid=3&adxs=1193%2C-9%2C-9%2C-9%2C-9&adys=70%2C-9%2C-9%2C-9%2C-9&adks=3473091005%2C1181912292%2C2566326130%2C2566326129%2C1051701767&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&dssz=18&icsg=42&std=0&csl=62&vis=1&scr_x=0&scr_y=0&psz=800x120%7C0x0%7C0x0%7C0x0%7C0x0&msz=0x120%7C0x0%7C0x0%7C0x0%7C0x0&ga_vid=1021463339.1545120877&ga_sid=1545120877&ga_hid=671125969&fws=0%2C2%2C2%2C2%2C2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e85816ce732593cffc5e0193ee34ea1bf32b2d7cfd3ae27ce7828400d48c8460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 18 Dec 2018 08:14:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 385
x-xss-protection: 1; mode=block
google-lineitem-id: -2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_285.js Show response
securepubads.g.doubleclick.net/gpt/ 57 KB
21 KB 42ms
42ms Script
text/javascript 172.217.18.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_285.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

c2e9508b71bc29948a47456789b208fccc0acfc27f105410d13f31967a1e15c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 18 Dec 2018 08:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Dec 2018 19:48:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 21933
x-xss-protection: 1; mode=block
expires: Tue, 18 Dec 2018 08:14:36 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ 0
0 20ms
5ms Other
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js
Protocol: HTTP/1.1
Server: 2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

43 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Nov 2018 21:10:09 GMT
server: Golfe2
age: 20
date: Tue, 18 Dec 2018 08:14:16 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17404
expires: Tue, 18 Dec 2018 10:14:16 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK conversion_async.js Show response
www.googleadservices.com/pagead/ 23 KB
9 KB 73ms
16ms Script
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-588RWD

Protocol

HTTP/1.1

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

9f7ec14b65196ecc6380422716725a5a5dcb4261f5988ef381905dd0f8fd031f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 08:14:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 14625954634965495121
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 8755
X-XSS-Protection: 1; mode=block
Expires: Tue, 18 Dec 2018 08:14:37 GMT

GET
H/1.1 200
OK uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 62ms
18ms Script
application/javascript 104.244.46.48
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-588RWD
Protocol: HTTP/1.1
Server: 104.244.46.48 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 18 Dec 2018 08:14:37 GMT
Content-Encoding: gzip
Age: 29684
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 1954
X-Served-By: mtc-tw-lon2-5-TWLON2
Last-Modified: Tue, 23 Jan 2018 19:05:33 GMT
X-Timer: S1545120877.032986,VS0,VE0
Etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
Vary: Accept-Encoding,Host
Content-Type: application/javascript; charset=utf-8
Via: 1.1 varnish
Cache-Control: no-cache
Accept-Ranges: bytes

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 51 KB
15 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
x-fb-debug: oEIWRAsH4+PNavHjpVbNjCvyjVUH4sBWYURdSBBFMWSRxy7jddSAirMt3wj4Tm4nldMK8f8GMURVibPqBSjMgw==
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Dec 2018 08:14:36 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
strict-transport-security: max-age=31536000; preload; includeSubDomains
vary: Accept-Encoding
content-length: 14861
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set activityi;dc_pre=CNW9jOj3qN8CFZAu4AodpI0LPQ;src=4905605;type=mweb_0;cat=mweb-012;ord=7167523880065;gtm=2wgbc0;auiddc=1637011753.1545120877;u1=%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F;u...
4905605.fls.doubleclick.net/ Frame 8FC3
Redirect Chain

http://4905605.fls.doubleclick.net/activityi;src=4905605;type=mweb_0;cat=mweb-012;ord=7167523880065;gtm=2wgbc0;auiddc=1637011753.1545120877;u1=%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F;...
http://4905605.fls.doubleclick.net/activityi;dc_pre=CNW9jOj3qN8CFZAu4AodpI0LPQ;src=4905605;type=mweb_0;cat=mweb-012;ord=7167523880065;gtm=2wgbc0;auiddc=1637011753.1545120877;u1=%2Ffeeds%2Fmweb%2F5e...

0
0

34ms
34ms

Document
text/html

216.58.207.38
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://4905605.fls.doubleclick.net/activityi;dc_pre=CNW9jOj3qN8CFZAu4AodpI0LPQ;src=4905605;type=mweb_0;cat=mweb-012;ord=7167523880065;gtm=2wgbc0;auiddc=1637011753.1545120877;u1=%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F;u2=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F;~oref=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F?

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-588RWD

Protocol

HTTP/1.1

Server

216.58.207.38 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s24-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: 4905605.fls.doubleclick.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Accept-Encoding: gzip, deflate
Cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/

Response headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Tue, 18 Dec 2018 08:14:37 GMT
Expires: Tue, 18 Dec 2018 08:14:37 GMT
Cache-Control: private, max-age=0
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 377
X-XSS-Protection: 1; mode=block
Set-Cookie: IDE=AHWqTUniblGJMgSNMpkz2fEvL50Q9ehFk77v5f9wCNDrenfQA6r51uhLYLQUznwz; expires=Sun, 12-Jan-2020 08:14:37 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT

Redirect headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Tue, 18 Dec 2018 08:14:37 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Follow-Only-When-Prerender-Shown: 1
Strict-Transport-Security: max-age=21600
Location: http://4905605.fls.doubleclick.net/activityi;dc_pre=CNW9jOj3qN8CFZAu4AodpI0LPQ;src=4905605;type=mweb_0;cat=mweb-012;ord=7167523880065;gtm=2wgbc0;auiddc=1637011753.1545120877;u1=%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F;u2=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F;~oref=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F?
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Tue, 18-Dec-2018 08:29:37 GMT; path=/; domain=.doubleclick.net

GET
H/1.1 200
OK frame_2.3.7.html
s.effectivemeasure.net/html/ Frame 49E5 0
0 79ms
28ms Document
text/html 34.254.1.162
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://s.effectivemeasure.net/html/frame_2.3.7.html
Requested by: Host: za-cdn.effectivemeasure.net
URL: http://za-cdn.effectivemeasure.net/em.js
Protocol: HTTP/1.1
Server: 34.254.1.162 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-254-1-162.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Host: s.effectivemeasure.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/

Response headers

Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 18 Dec 2018 08:14:37 GMT
ETag: "593793a3-d5b"
Expires: Wed, 19 Dec 2018 08:14:37 GMT
Last-Modified: Wed, 07 Jun 2017 05:48:19 GMT
P3P: policyref="http://www.effectivemeasure.net/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
Server: nginx
Content-Length: 3419
Connection: keep-alive

GET
H2 200 1621298038114766 Show response
connect.facebook.net/signals/config/ 181 KB
43 KB 123ms
121ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1621298038114766?v=2.8.35&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

6e80f64fa1c1e027dfceb86f061153e0fb9ddbf9ff41b041c9d2324e899dfc5c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: rkBIfR+S5TlB4+zhUGiAo+T2nlTMXoimeQzNrQTd9BAkK7juTyxoxnfqPVMvzsC/HnL0BOtlbSKADjhrgsvVHQ==
date: Tue, 18 Dec 2018 08:14:37 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

linkid.js Show response
www.google-analytics.com/plugins/ua/
Redirect Chain

http://www.google-analytics.com/plugins/ua/linkid.js
https://www.google-analytics.com/plugins/ua/linkid.js

2 KB
925 B

10ms
9ms

Script
text/javascript

2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 08:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 41
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 856
x-xss-protection: 1; mode=block
expires: Tue, 18 Dec 2018 09:13:56 GMT

Redirect headers

Location: https://www.google-analytics.com/plugins/ua/linkid.js
Non-Authoritative-Reason: HSTS

GET
H2

200

ec.js Show response
www.google-analytics.com/plugins/ua/
Redirect Chain

http://www.google-analytics.com/plugins/ua/ec.js
https://www.google-analytics.com/plugins/ua/ec.js

3 KB
1 KB

10ms
9ms

Script
text/javascript

2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 07:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 1126
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1296
x-xss-protection: 1; mode=block
expires: Tue, 18 Dec 2018 08:55:51 GMT

Redirect headers

Location: https://www.google-analytics.com/plugins/ua/ec.js
Non-Authoritative-Reason: HSTS

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/966096362/ 2 KB
1 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966096362/?random=1545120877077&cv=9&fst=1545120877077&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbc0&sendb=1&frm=0&url=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&tiba=My%20Email%20Login&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

cc1397da76465a585d9c6f839e32a51b0381ad4a1e491df228ff4d82f453d8f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Dec 2018 08:14:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 977
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/850038554/ 2 KB
1 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/850038554/?random=1545120877080&cv=9&fst=1545120877080&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbc0&sendb=1&frm=0&url=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&tiba=My%20Email%20Login&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

c1a734ea7553ad0d3d702ed170eda245347aeff92e8fdfcea3d1188b1b51008b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Dec 2018 08:14:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 980
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

adsct
t.co/i/
Redirect Chain

http://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxho2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxho2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

43 B
167 B

127ms
126ms

Image
image/gif

199.16.156.11
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxho2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.16.156.11 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 08:14:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 8
pragma: no-cache
last-modified: Tue, 18 Dec 2018 08:14:37 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c26b1952cec73789c0decdc49f2e4211
x-transaction: 006692a600598fa5
expires: Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

location: https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxho2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
x-response-time: 4
date: Tue, 18 Dec 2018 08:14:37 GMT
server: tsa_b
x-connection-hash: acf67b9ecfe8585f6f93792c9625bc12
content-length: 0

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20...
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-51279388-1&cid=1021463339.1545120877&jid=844862408&_gid=977045332.1545120877&gjid=1932116189&_v=j72&z=2105540668
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-1&cid=1021463339.1545120877&jid=844862408&_v=j72&z=2105540668
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-1&cid=1021463339.1545120877&jid=844862408&_v=j72&z=2105540668&slf_rd=1&random=856221487

42 B
109 B

28ms
27ms

Image
image/gif

2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-1&cid=1021463339.1545120877&jid=844862408&_v=j72&z=2105540668&slf_rd=1&random=856221487

Requested by

Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Dec 2018 08:14:37 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Dec 2018 08:14:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-1&cid=1021463339.1545120877&jid=844862408&_v=j72&z=2105540668&slf_rd=1&random=856221487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20...
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%2...

35 B
101 B

20ms
18ms

Image
image/gif

2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=2015581298&gjid=833363573&cid=1021463339.1545120877&tid=UA-32716691-1&_gid=977045332.1545120877&_r=1&z=1972544581

Requested by

Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Dec 2018 08:14:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=2015581298&gjid=833363573&cid=1021463339.1545120877&tid=UA-32716691-1&_gid=977045332.1545120877&_r=1&z=1972544581
Non-Authoritative-Reason: HSTS

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20...
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32389807-1&cid=1021463339.1545120877&jid=252450445&_gid=977045332.1545120877&gjid=1945241754&_v=j72&z=1737700423

35 B
102 B

20ms
12ms

Image
image/gif

2a00:1450:400c:c08::9c
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32389807-1&cid=1021463339.1545120877&jid=252450445&_gid=977045332.1545120877&gjid=1945241754&_v=j72&z=1737700423

Requested by

Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:400c:c08::9c , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Tue, 18 Dec 2018 08:14:37 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Dec 2018 08:14:37 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-32389807-1&cid=1021463339.1545120877&jid=252450445&_gid=977045332.1545120877&gjid=1945241754&_v=j72&z=1737700423
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&dp=%2Ffeeds%2Fmweb%2F5ef2c179da6d8...
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&dp=%2Ffeeds%2Fmweb%2F5ef2c179da6d...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-51279388-5&cid=1021463339.1545120877&jid=2125789956&_gid=977045332.1545120877&gjid=1346774713&_v=j72&z=136085745
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-5&cid=1021463339.1545120877&jid=2125789956&_v=j72&z=136085745
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-5&cid=1021463339.1545120877&jid=2125789956&_v=j72&z=136085745&slf_rd=1&random=3315170555

42 B
109 B

28ms
27ms

Image
image/gif

2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-5&cid=1021463339.1545120877&jid=2125789956&_v=j72&z=136085745&slf_rd=1&random=3315170555

Requested by

Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Dec 2018 08:14:37 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Dec 2018 08:14:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-51279388-5&cid=1021463339.1545120877&jid=2125789956&_v=j72&z=136085745&slf_rd=1&random=3315170555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Lo...
https://www.google-analytics.com/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20L...

35 B
99 B

9ms
8ms

Image
image/gif

2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1021463339.1545120877&tid=UA-51279388-5&_gid=977045332.1545120877&gtm=2wgbc0588RWD&z=1723046894

Requested by

Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Dec 2018 11:22:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 507151
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1021463339.1545120877&tid=UA-51279388-5&_gid=977045332.1545120877&gtm=2wgbc0588RWD&z=1723046894
Non-Authoritative-Reason: HSTS

GET
H2 200 /
www.google.com/pagead/1p-user-list/850038554/ 42 B
129 B 25ms
24ms Image
image/gif 2a00:1450:4001:806::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/850038554/?random=1545120877080&cv=9&fst=1545120000000&num=1&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbc0&sendb=1&frm=0&url=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&tiba=My%20Email%20Login&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=1481860988&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Dec 2018 08:14:37 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/850038554/ 42 B
109 B 22ms
21ms Image
image/gif 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/850038554/?random=1545120877080&cv=9&fst=1545120000000&num=1&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbc0&sendb=1&frm=0&url=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&tiba=My%20Email%20Login&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=1481860988&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Dec 2018 08:14:37 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/966096362/ 42 B
116 B 34ms
18ms Image
image/gif 2a00:1450:4001:806::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/966096362/?random=1545120877077&cv=9&fst=1545120000000&num=1&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbc0&sendb=1&frm=0&url=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&tiba=My%20Email%20Login&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=3562662153&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Dec 2018 08:14:37 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/966096362/ 42 B
109 B 29ms
20ms Image
image/gif 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/966096362/?random=1545120877077&cv=9&fst=1545120000000&num=1&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbc0&sendb=1&frm=0&url=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&tiba=My%20Email%20Login&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=3562662153&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Dec 2018 08:14:37 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1554984301242335 Show response
connect.facebook.net/signals/config/ 181 KB
43 KB 116ms
114ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1554984301242335?v=2.8.35&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

2af6b1141bd2e6dec159c251b0f4d1ed9d65bdcc8640c53cfd4fc43c2f8a22e6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: 9Cj3ex6mfUVA805NpkZPamhpP8McXevQ/NfDxXqqBOibrbwfIUXJqPivpXj2RlJOYyw0bD1A0F3EKwgiDzXhuA==
date: Tue, 18 Dec 2018 08:14:37 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
250 B 8ms
5ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1621298038114766&ev=PageView&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&rl=&if=false&ts=1545120877204&sw=1600&sh=1200&v=2.8.35&r=stable&ec=0&o=30&fbp=fb.1.1545120877203.725624511&it=1545120877038&coo=false
Requested by: Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 08:14:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 18 Dec 2018 08:14:37 GMT

GET
H2 200 301918573597990 Show response
connect.facebook.net/signals/config/ 181 KB
43 KB 117ms
117ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/301918573597990?v=2.8.35&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

fc2b15773fc04f7e87a35a5f8a661cf4dd23c380c5e5b507c352102168684f63

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: aDY9v0+uQjCkA1+MxvpR84VRyLQh+EqEO68Ca0HwfP3/1ZKPGdcU30g0MhDTFlpmNJMH03LnrfMzPQlBWZqc+Q==
date: Tue, 18 Dec 2018 08:14:37 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
104 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1554984301242335&ev=PageView&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&rl=&if=false&ts=1545120877349&sw=1600&sh=1200&v=2.8.35&r=stable&ec=0&o=30&fbp=fb.1.1545120877203.725624511&it=1545120877038&coo=false
Requested by: Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 08:14:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 18 Dec 2018 08:14:37 GMT

GET
H2 200 831113413655530 Show response
connect.facebook.net/signals/config/ 181 KB
43 KB 116ms
115ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/831113413655530?v=2.8.35&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

7358067c578cff9f64c664cd59f58bd2c7974c33ad81eda8f4644faa6b6bce40

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: oE2xK5xDbI2Qb8EhcbXGqdge6Nfe8C5mpx8YFwBviilx/uJ7m9/EayLEVGKrFIRVxHnCBo4UbwfmZ/4AJL2ZFw==
date: Tue, 18 Dec 2018 08:14:37 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
104 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=301918573597990&ev=PageView&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&rl=&if=false&ts=1545120877481&sw=1600&sh=1200&v=2.8.35&r=stable&ec=0&o=30&fbp=fb.1.1545120877203.725624511&it=1545120877038&coo=false
Requested by: Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 08:14:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 18 Dec 2018 08:14:37 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
104 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=831113413655530&ev=PageView&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&rl=&if=false&ts=1545120877616&sw=1600&sh=1200&v=2.8.35&r=stable&ec=0&o=30&fbp=fb.1.1545120877203.725624511&it=1545120877038&coo=false
Requested by: Host: eclickca.com
URL: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 08:14:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 18 Dec 2018 08:14:37 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
261 B 127ms
126ms Script
application/javascript 199.16.156.200
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nxho2&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F

Requested by

Host: static.ads-twitter.com
URL: http://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.16.156.200 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_b /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 08:14:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 9
pragma: no-cache
last-modified: Tue, 18 Dec 2018 08:14:37 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 562fa874e4536671b2633ebdcfa718bb
x-transaction: 00267204007047a2
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Lo...
https://www.google-analytics.com/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20L...

35 B
93 B

6ms
6ms

Image
image/gif

2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1021463339.1545120877&tid=UA-51279388-1&_gid=977045332.1545120877&gtm=2wgbc0588RWD&z=673697246

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Dec 2018 11:22:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 507151
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j72&a=671125969&t=pageview&_s=1&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&ul=en-us&de=UTF-8&dt=My%20Email%20Login&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAAEAr~&jid=&gjid=&cid=1021463339.1545120877&tid=UA-51279388-1&_gid=977045332.1545120877&gtm=2wgbc0588RWD&z=673697246
Non-Authoritative-Reason: HSTS

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1621298038114766&ev=Microdata&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&rl=&if=false&ts=1545120878708&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22My%20Email%20Login%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.35&r=stable&ec=1&o=30&fbp=fb.1.1545120878707.632515213&it=1545120877038&coo=false&es=automatic
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 08:14:38 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 18 Dec 2018 08:14:38 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
104 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1554984301242335&ev=Microdata&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&rl=&if=false&ts=1545120878850&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22My%20Email%20Login%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.35&r=stable&ec=1&o=30&fbp=fb.1.1545120878707.632515213&it=1545120877038&coo=false&es=automatic
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 08:14:38 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 18 Dec 2018 08:14:38 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
104 B 7ms
5ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=301918573597990&ev=Microdata&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&rl=&if=false&ts=1545120878982&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22My%20Email%20Login%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.35&r=stable&ec=1&o=30&fbp=fb.1.1545120878707.632515213&it=1545120877038&coo=false&es=automatic
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 08:14:38 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 18 Dec 2018 08:14:38 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
150 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=831113413655530&ev=Microdata&dl=http%3A%2F%2Feclickca.com%2Ffeeds%2Fmweb%2F5ef2c179da6d82761710b9050e2dc6ef%2F&rl=&if=false&ts=1545120879118&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22My%20Email%20Login%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.35&r=stable&ec=1&o=30&fbp=fb.1.1545120878707.632515213&it=1545120877038&coo=false&es=automatic
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: http://eclickca.com/feeds/mweb/5ef2c179da6d82761710b9050e2dc6ef/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 08:14:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 18 Dec 2018 08:14:39 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.effectivemeasure.net/	1970-01-19 05:50:24	Name: vt Value: bcbff8aa6f2eadafc69556889aa85c18ac6da941d1-665412065c18ac6d
.effectivemeasure.net/	1970-01-19 05:57:36	Name: t Value: true
.eclickca.com/	1970-01-18 21:12:02	Name: _em_v Value: d50b2796577e6fb6c44f59a2e1a45c18ac6da941e1-719932365c18ac6d
.eclickca.com/	1970-01-18 21:12:00	Name: _gat_UA-51279388-5 Value: 1
.eclickca.com/	1970-01-18 21:12:08	Name: _fbp Value: fb.1.1545120877203.725624511
.eclickca.com/	1970-01-18 21:12:00	Name: _gat Value: 1
.eclickca.com/	1970-01-18 21:12:00	Name: _gat_UA-51279388-1 Value: 1
.eclickca.com/	1970-01-19 14:43:12	Name: __gads Value: ID=bdacc1c0ac37e8bf:T=1545120876:S=ALNI_MYXPbFOKoqQ01Y1ILQYWMgC1g2v_w
.eclickca.com/	1970-01-18 21:13:27	Name: _gid Value: GA1.2.977045332.1545120877
.eclickca.com/	1970-01-19 14:43:12	Name: _ga Value: GA1.2.1021463339.1545120877
.eclickca.com/	1970-01-19 05:50:24	Name: _em_vt Value: bcbff8aa6f2eadafc69556889aa85c18ac6da941d1-665412065c18ac6d
eclickca.com/	1970-01-18 21:12:00	Name: _em_t Value: true
.doubleclick.net/	1970-01-19 06:33:36	Name: IDE Value: AHWqTUnqic6UMAFx2Lp53pTenO6m5njchi_7Us0rjdYgjTIUP6GSrr5_xQKOJtR_
.eclickca.com/	1970-01-18 21:12:00	Name: _gat_overallTracker Value: 1
.effectivemeasure.net/	1970-01-18 21:12:02	Name: v Value: fbf573b45fe151d44cb59c170ae15c18ac6da941f7-724005905c18ac6d0_0
.eclickca.com/	1970-01-18 23:21:36	Name: _gcl_au Value: 1.1.1637011753.1545120877

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_285.js(Line 1) Message: Synchronous rendering is deprecated and will no longer work after April 2nd, 2019. To prepare for this change, we recommend you stop using the enableSyncRendering API.
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 25) Message: [Facebook Pixel] - Duplicate Pixel ID: 1554984301242335.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4905605.fls.doubleclick.net
adservice.google.de
analytics.twitter.com
connect.facebook.net
eclickca.com
googleads.g.doubleclick.net
myaccount.mweb.co.za
s.effectivemeasure.net
securepubads.g.doubleclick.net
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
za-cdn.effectivemeasure.net
104.244.46.48
159.65.194.254
172.217.18.98
172.217.22.66
196.2.128.7
199.16.156.11
199.16.156.200
199.16.156.75
216.58.207.38
2a00:1450:4001:806::2004
2a00:1450:4001:808::2002
2a00:1450:4001:815::2008
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2002
2a00:1450:4001:81f::2003
2a00:1450:4001:820::2002
2a00:1450:4001:825::2001
2a00:1450:400c:c08::9c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.254.1.162
52.215.104.199
00e83aa5f667c4ee219411f6cf6ba69a0746294f1753dba050f93259a48c2747
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1ac9fa9872f44a78a1ce3148d2e3b1c108514e8b3d27ab078463be54a1a5506f
2af6b1141bd2e6dec159c251b0f4d1ed9d65bdcc8640c53cfd4fc43c2f8a22e6
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
3ed550ab1858821546dbe82b9cf5668578ba8ac47234d9aaba39e143ca3734f7
3fb8c215a377fc82c8528fe8aaeb0f749f8f7cab75ba818480c5c42b9687c235
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775
6e80f64fa1c1e027dfceb86f061153e0fb9ddbf9ff41b041c9d2324e899dfc5c
6f6ff747d398937bbb894ee907858755b6a800a952993f8053197b9d5ca0a26a
6f83ebc7a31c0153f578a3407f43d2370c3a0ff271e86b33f1acf008c7356abd
7358067c578cff9f64c664cd59f58bd2c7974c33ad81eda8f4644faa6b6bce40
749b279cb2f7e114ce87fad9d81ba9e6ed01e1c38f4733d60944a38b41ae5428
75f39ab402b946f758c69c88a6e334554349c17f912180a9cae257353dcf2400
763bbd5948089b37a59f8095fbfd6c8aa94650ee5e351a2dcba655150775e486
76fe6b3e689e9eae484b8a75d5408eed23cbbcb6b3f414e8ebfab826e128f23c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834e67fcf50c34f6214fa0e520e73a8305db5e3b1ee23235eb065aba0b53a089
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9f7ec14b65196ecc6380422716725a5a5dcb4261f5988ef381905dd0f8fd031f
a7a6de426780a73e047727676e7c100b064eb8a233dbc3c7884466ba42db5bd3
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af57e894c878a60dd459e64f88a9cf27752cbad2b341d06cf8afb6548c1e2bdd
b018a4f7294eaf5e5a1cabc070df53e2844ba7cc43e83123312389a6375b0bc4
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
c1a734ea7553ad0d3d702ed170eda245347aeff92e8fdfcea3d1188b1b51008b
c2e9508b71bc29948a47456789b208fccc0acfc27f105410d13f31967a1e15c9
c90c676abfb92d38da509eff2fcca3ffec9caf00140c79d1542f006de2be976b
cc1397da76465a585d9c6f839e32a51b0381ad4a1e491df228ff4d82f453d8f7
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e6c0227b26bffe1d3ca83c9aba627d551351c33cd4085a05aea774b2279028ab
e85816ce732593cffc5e0193ee34ea1bf32b2d7cfd3ae27ce7828400d48c8460
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc2b15773fc04f7e87a35a5f8a661cf4dd23c380c5e5b507c352102168684f63
febf051238d01475887907d23ce5eadb2179d9e573f099c50eb2e33de8392f3f

eclickca.com Open in urlscan Pro 159.65.194.254 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

84 %HTTPS

50 %IPv6

16 Domains

21 Subdomains

21 IPs

3 Countries

742 kBTransfer

1745 kBSize

16 Cookies

9 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

eclickca.com Open in urlscan Pro
159.65.194.254 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

84 %
HTTPS

50 %
IPv6

16
Domains

21
Subdomains

21
IPs

3
Countries

742 kB
Transfer

1745 kB
Size

16
Cookies

57 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!