urlscan.io logo urlscan.io
SecurityTrails logo

www.passeura.com Open in urlscan Pro
198.134.112.243  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://r.prdtlnk.com/1gmsNps
Effective URL: https://www.passeura.com/q8uj30ak?key=ebca8a02e41c5f80a25b71b8dd0cfba4
Submission: On February 19 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 9 HTTP transactions. The main IP is 198.134.112.243, located in Garden City, United States and belongs to WEBAIR-INTERNET, US. The main domain is www.passeura.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 8th 2020. Valid for: 3 months.
This is the only time www.passeura.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 149.210.250.61 20857 (TRANSIP-A...)
2 35.157.195.214 16509 (AMAZON-02)
1 3 198.143.165.219 32475 (SINGLEHOP...)
1 205.147.93.131 393676 (ZENEDGE)
1 2 3.225.101.55 14618 (AMAZON-AES)
1 91.99.98.180 60976 (POL)
1 198.134.112.243 27257 (WEBAIR-IN...)
9 7
1    149.210.250.61 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: cloudwik2.managedomainglobal.com
r.prdtlnk.com
2    35.157.195.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-195-214.eu-central-1.compute.amazonaws.com
secure.clcklink.com
modairy-datough.com
3    198.143.165.219 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
redirect.confirmance.com
1    205.147.93.131 (United States)

ASN393676 (ZENEDGE, US)
minently.com
2    3.225.101.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-101-55.compute-1.amazonaws.com
getad.xyz
1    91.99.98.180 (Iran, Islamic Republic Of)

ASN60976 (POL, IR)
PTR: 91.99.98.180.parsonline.net
www.musict.ir
1    198.134.112.243 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)
www.passeura.com
Domain Requested by
3 redirect.confirmance.com 1 redirects redirect.confirmance.com
2 getad.xyz minently.com
1 www.passeura.com www.musict.ir
1 www.musict.ir getad.xyz
1 minently.com redirect.confirmance.com
1 modairy-datough.com
1 secure.clcklink.com
1 r.prdtlnk.com 1 redirects
9 8

This site contains links to these domains. Also see Links.

Domain
terraclicks.com
Subject Issuer Validity Valid
secure.clcklink.com
Sectigo RSA Domain Validation Secure Server CA		 2019-05-30 -
2020-08-27		 a year crt.sh
modairy-datough.com
Sectigo RSA Domain Validation Secure Server CA		 2019-01-28 -
2020-04-27		 a year crt.sh
minently.com
Let's Encrypt Authority X3		 2019-12-11 -
2020-03-10		 3 months crt.sh
musict.ir
Let's Encrypt Authority X3		 2020-01-05 -
2020-04-04		 3 months crt.sh
passeura.com
Let's Encrypt Authority X3		 2020-01-08 -
2020-04-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.passeura.com/q8uj30ak?key=ebca8a02e41c5f80a25b71b8dd0cfba4
Frame ID: 7BEB5645A3D76E629A902C5B33C0E2AB
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://r.prdtlnk.com/1gmsNps HTTP 302
    https://secure.clcklink.com/16bba282-f7b6-43a2-838f-a2e1759845e8?click_id=1gmsNps&var2=C5BF1A390ACDDD&va... Page URL
  2. https://modairy-datough.com/redirect?target=BASE64aHR0cDovL3JlZGlyZWN0LmNvbmZpcm1hbmNlLmNvbS8_dXRtX21lZG... Page URL
  3. http://redirect.confirmance.com/?utm_medium=0583fab17333bbc7f8c83f0c2fb7985551824a59&utm_campaign=monetizer&... Page URL
  4. http://redirect.confirmance.com/?utm_term=6795164245475459273&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
  5. http://redirect.confirmance.com/proc.php?7541a8ed619c95d9afc39fd9f85b0fabaae9438f HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_... Page URL
  6. http://getad.xyz/go/216668/456926 Page URL
  7. http://getad.xyz/ad/ad?p=216668&w=456926&t=f7b540436976617a&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5... HTTP 303
    https://www.musict.ir/vido Page URL
  8. https://www.passeura.com/q8uj30ak?key=ebca8a02e41c5f80a25b71b8dd0cfba4 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

9
Requests

56 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

7
IPs

4
Countries

12 kB
Transfer

18 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://r.prdtlnk.com/1gmsNps HTTP 302
    https://secure.clcklink.com/16bba282-f7b6-43a2-838f-a2e1759845e8?click_id=1gmsNps&var2=C5BF1A390ACDDD&var3=I5E4D1BFEAC967&var4=9894&var5=127&var6=M&var7=Simonetta&var8=Alessandro&var9=393351352761&var10=alessandro.simonetta%40gmail.com Page URL
  2. https://modairy-datough.com/redirect?target=BASE64aHR0cDovL3JlZGlyZWN0LmNvbmZpcm1hbmNlLmNvbS8_dXRtX21lZGl1bT0wNTgzZmFiMTczMzNiYmM3ZjhjODNmMGMyZmI3OTg1NTUxODI0YTU5JnV0bV9jYW1wYWlnbj1tb25ldGl6ZXImY2lkPXc5MGVuOGEwY2Nza3E2MnQxMTd1Z2VmYw&ts=1582122465401&hash=Nt8vub5OSVrhxwaGgEjOLvLkk5jmEwz6D0NqrepDuoE&rm=D Page URL
  3. http://redirect.confirmance.com/?utm_medium=0583fab17333bbc7f8c83f0c2fb7985551824a59&utm_campaign=monetizer&cid=w90en8a0ccskq62t117ugefc Page URL
  4. http://redirect.confirmance.com/?utm_term=6795164245475459273&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f Page URL
  5. http://redirect.confirmance.com/proc.php?7541a8ed619c95d9afc39fd9f85b0fabaae9438f HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6795164245475459273&ext1=1633 Page URL
  6. http://getad.xyz/go/216668/456926 Page URL
  7. http://getad.xyz/ad/ad?p=216668&w=456926&t=f7b540436976617a&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5jb20lMkY=&vw=1600&vh=1200 HTTP 303
    https://www.musict.ir/vido Page URL
  8. https://www.passeura.com/q8uj30ak?key=ebca8a02e41c5f80a25b71b8dd0cfba4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://r.prdtlnk.com/1gmsNps HTTP 302
  • https://secure.clcklink.com/16bba282-f7b6-43a2-838f-a2e1759845e8?click_id=1gmsNps&var2=C5BF1A390ACDDD&var3=I5E4D1BFEAC967&var4=9894&var5=127&var6=M&var7=Simonetta&var8=Alessandro&var9=393351352761&var10=alessandro.simonetta%40gmail.com
Request Chain 4
  • http://redirect.confirmance.com/proc.php?7541a8ed619c95d9afc39fd9f85b0fabaae9438f HTTP 302
  • https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6795164245475459273&ext1=1633
Request Chain 7
  • http://getad.xyz/ad/ad?p=216668&w=456926&t=f7b540436976617a&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5jb20lMkY=&vw=1600&vh=1200 HTTP 303
  • https://www.musict.ir/vido

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set 16bba282-f7b6-43a2-838f-a2e1759845e8
secure.clcklink.com/
Redirect Chain
  • https://r.prdtlnk.com/1gmsNps
  • https://secure.clcklink.com/16bba282-f7b6-43a2-838f-a2e1759845e8?click_id=1gmsNps&var2=C5BF1A390ACDDD&var3=I5E4D1BFEAC967&var4=9894&var5=127&var6=M&var7=Simonetta&var8=Alessandro&var9=393351352761&...
519 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.clcklink.com/16bba282-f7b6-43a2-838f-a2e1759845e8?click_id=1gmsNps&var2=C5BF1A390ACDDD&var3=I5E4D1BFEAC967&var4=9894&var5=127&var6=M&var7=Simonetta&var8=Alessandro&var9=393351352761&var10=alessandro.simonetta%40gmail.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.195.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-195-214.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
585082f1f9d4cda3fb164809b209eac417efead593b32751dcd8b3a8a05d0c6b

Request headers

Host
secure.clcklink.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Server
nginx
Date
Wed, 19 Feb 2020 14:27:45 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
519
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Set-Cookie
16bba282-f7b6-43a2-838f-a2e1759845e8-v4=16bba282-f7b6-43a2-838f-a2e1759845e8; Max-Age=86400; Expires=Thu, 20-Feb-2020 14:27:45 GMT; Domain=secure.clcklink.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=1%2FE1gtqS65f14bfrm5ExL46zh0mOVUyDzqH3f5VZfNPZkTmabjKqWLGIVKYB%2F2EJuAJncpc%2BGaTfMyHcKqUD0o7EgEUu%2BrCBebRK7IfuJ440qkcBxhx1fFxtqNOYEG%2BKCTfI40cklAGgd2xUfqG%2BpQ%3D%3D; Max-Age=31536000; Expires=Thu, 18-Feb-2021 14:27:45 GMT; Domain=secure.clcklink.com; Path=/; Secure; HttpOnly;SameSite=None

Redirect headers

Date
Wed, 19 Feb 2020 14:27:45 GMT
Server
Apache
Cache-Control
no-cache, private
Location
https://secure.clcklink.com/16bba282-f7b6-43a2-838f-a2e1759845e8?click_id=1gmsNps&var2=C5BF1A390ACDDD&var3=I5E4D1BFEAC967&var4=9894&var5=127&var6=M&var7=Simonetta&var8=Alessandro&var9=393351352761&var10=alessandro.simonetta%40gmail.com
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
redirect
modairy-datough.com/ 		348 B
621 B 		Document
General
Check archive.org
Download Go to
Full URL
https://modairy-datough.com/redirect?target=BASE64aHR0cDovL3JlZGlyZWN0LmNvbmZpcm1hbmNlLmNvbS8_dXRtX21lZGl1bT0wNTgzZmFiMTczMzNiYmM3ZjhjODNmMGMyZmI3OTg1NTUxODI0YTU5JnV0bV9jYW1wYWlnbj1tb25ldGl6ZXImY2lkPXc5MGVuOGEwY2Nza3E2MnQxMTd1Z2VmYw&ts=1582122465401&hash=Nt8vub5OSVrhxwaGgEjOLvLkk5jmEwz6D0NqrepDuoE&rm=D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.195.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-195-214.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
66cc0cc48408ef363a6cec9e67274d0940e59011b9ad5296ceb51e230305f175

Request headers

Host
modairy-datough.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://secure.clcklink.com/16bba282-f7b6-43a2-838f-a2e1759845e8?click_id=1gmsNps&var2=C5BF1A390ACDDD&var3=I5E4D1BFEAC967&var4=9894&var5=127&var6=M&var7=Simonetta&var8=Alessandro&var9=393351352761&var10=alessandro.simonetta%40gmail.com
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://secure.clcklink.com/16bba282-f7b6-43a2-838f-a2e1759845e8?click_id=1gmsNps&var2=C5BF1A390ACDDD&var3=I5E4D1BFEAC967&var4=9894&var5=127&var6=M&var7=Simonetta&var8=Alessandro&var9=393351352761&var10=alessandro.simonetta%40gmail.com

Response headers

Server
nginx
Date
Wed, 19 Feb 2020 14:27:45 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
348
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Cookie set /
redirect.confirmance.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://redirect.confirmance.com/?utm_medium=0583fab17333bbc7f8c83f0c2fb7985551824a59&utm_campaign=monetizer&cid=w90en8a0ccskq62t117ugefc
Protocol
HTTP/1.1
Server
198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
00190a1ea216ae45ee4bcfafafbbf6c350ef69556406341828fe4432b266361c

Request headers

Host
redirect.confirmance.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Wed, 19 Feb 2020 14:27:45 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie
u=0e1bb165eb5c5ac79661382c26f2d1d8; expires=Thu, 18-Feb-2021 14:27:45 GMT; Max-Age=31536000; path=/
Content-Encoding
gzip
/
redirect.confirmance.com/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://redirect.confirmance.com/?utm_term=6795164245475459273&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
Requested by
Host: redirect.confirmance.com
URL: http://redirect.confirmance.com/?utm_medium=0583fab17333bbc7f8c83f0c2fb7985551824a59&utm_campaign=monetizer&cid=w90en8a0ccskq62t117ugefc
Protocol
HTTP/1.1
Server
198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
83dc1b3f239e2f9fd34e7885a66323e7422e26c66baafd951d849461a841eb53

Request headers

Host
redirect.confirmance.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://redirect.confirmance.com/?utm_medium=0583fab17333bbc7f8c83f0c2fb7985551824a59&utm_campaign=monetizer&cid=w90en8a0ccskq62t117ugefc
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
u=0e1bb165eb5c5ac79661382c26f2d1d8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://redirect.confirmance.com/?utm_medium=0583fab17333bbc7f8c83f0c2fb7985551824a59&utm_campaign=monetizer&cid=w90en8a0ccskq62t117ugefc

Response headers

Server
nginx
Date
Wed, 19 Feb 2020 14:27:45 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.4
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding
gzip
-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP
minently.com/RnSda/rDN3/ojdn/
Redirect Chain
  • http://redirect.confirmance.com/proc.php?7541a8ed619c95d9afc39fd9f85b0fabaae9438f
  • https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6795164245475459273&ext1=1633
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6795164245475459273&ext1=1633
Requested by
Host: redirect.confirmance.com
URL: http://redirect.confirmance.com/?utm_term=6795164245475459273&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.147.93.131 , United States, ASN393676 (ZENEDGE, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
bf0c997b3f191b3234d523980f02fa5d8ecc6bb0668ae39815b49a1b5bc578ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

:method
GET
:authority
minently.com
:scheme
https
:path
/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6795164245475459273&ext1=1633
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://redirect.confirmance.com/?utm_term=6795164245475459273&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://redirect.confirmance.com/?utm_term=6795164245475459273&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f#

Response headers

status
200
content-type
text/html;charset=utf-8
expires
Sat, 26 Jul 1997 05:00:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
date
Wed, 19 Feb 2020 14:27:46 GMT
content-encoding
gzip
vary
Accept-Encoding Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
x-cache-status
NOTCACHED
x-zen-fury
06a5f858f217d50f6795985e115098b233a03a92
set-cookie
MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=0baf667ea25bdcf3c9e140e5d097a029_1582122466.2111; domain=minently.com; path=/; expires=Sat, 16-Feb-2030 14:27:46 UTC; Secure x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1582122466.2191; domain=minently.com; path=/; expires=Sat, 16-Feb-2030 14:27:46 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3VHl6cS9lZ1RUTFFMQi9kZ25iRGoybXV6ekVZYUN2SEZ4WE5aZ2RYdGJZZg%3D%3D; domain=minently.com; path=/; expires=Sat, 16-Feb-2030 14:27:46 UTC; Secure 0baf667ea25bdcf3c9e140e5d097a029_1582122466.2111_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bDFxSmdQaVRNRkJMVEpDZ01Cclk0UElIdkt6dGhLZjhqdjJ3bjFPUWl5VUVqaGJEVVZTNnhGb0owem54OTFpRkNTRjVMSCsyUzk2RFBKQnE2TExzT3pzU0lFNTBYSi9hSE50RURHeis5cS91MkduOUFpa1hJVGZKYTlKTFo4d21CblYrc1RrR3J1bHc5UkJxbGlCbEkzU3RDLzNsU1lkNHV3OUxQMURKVHdjcURRYTJJMy9ReXcxMjAvYmhMS05kTlhqMlBHdlpkcjEvR0hQTy83MGtGZ0tWVkJnNVFuVStIZk0xb0MvSFFRVHRVeVhuNE11NFNPM2MrTmxKVWxCaUhUS2xXRG9jNzVPNEFkcWVNdnFBTmc4bk1IRVUvTEVHb1RmYkxwcUI0Y1F0VVJ0b1ltMDhlU2lSN1p2aE5xaVZIVjQrQ0lmc3l2cGx0eGlUaXRYODg1RlEzMHNndDRGeS9MMWV6bWtCQmdIcU9wZVIvS2xJTWRsdytDcFFHMWZ5eXFQZlgzQ3BRcEtOcjBzWTlUTDI1L0pjTi9MQXRXYVRhUVB3OE5NRndiRjZDWHh6STkyRDAzYmcxdS93d3I2OWlSZzlHUXhJekdGcnp3akwzcDcwTGFNbXBsRUZGd0dKZ05ydUNtaWRLNUhDTnV6UVhmNm1lZmZKQ2w5dDVYZEJBdFV6R1cxRjBnaFE5cWoybzVSZks1a1hEWmpMU09ZZzBtRFNWZiszTHhwbmVUZUFVMzZqblc2cGlGdXhXYVZzN1YvYXdMdjQyYmxwcHpISzdmZThYUjRST3FzSGZEMm1HQXJ1b1ZBTHRlbmpTdkRESXY1eExsekZ6OW8zZUIxcHNiSXpZb0hSTllHZ1c0d1NJbzJGcVRJa1FxemxCaWg1UjJ1MzNOOVJxcGk0VXNTSzVSamFwN0ZrZjlDWHJtbmllNDZLRS84eEU5OFVCZENZZmVHLzRhOS96L1ZLK1BiZUtqbSs4SE10aFhuYmFXWUpmdUFFODR2SUtuQ1dlbDhGSmxPTHB3ZGRKQUljT2tFSUx6Y0VPaG00cWlwbE9WNmFGb1lWNVhySllwSDVVS3BkVVM2ZGFTU2RzTmZkbkNaTGFaQlRTcFdWVkVYQXBRZXVEUW9zeW5aWkQyRzlvNTNaUkZrR1l4QlNJYyt4MDdFaDFMSHNaL0QySlpORnduVUdHdyt3UGl0SlhjRW1OSmJ4aGZnREZseW1JaFNoQUV3VUNJSGlYWXVENlpnUGNMbU50RXE5cWc5bTVCNUI1TTVUUT09; domain=minently.com; path=/; expires=Sat, 16-Feb-2030 14:27:46 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=d2hZSHY4dDc0RTlIc24yWENPVUVFSm00U3grTmtEdDNEelNrWjJkd2xCN0dSQmhxcHZHWUtmcFp0Z2IwTHlGb29mY2tJeE82dXQ3N3BuTEY5bnlidGlFSHdsL1A3Y3pxR09rVHVsdllmUjQ9; domain=minently.com; path=/; expires=Wed, 19-Feb-2020 15:32:46 UTC; Secure SERVERID=sfc51; path=/
server
ZENEDGE
x-cdn
Served-By-Zenedge

Redirect headers

Server
nginx
Date
Wed, 19 Feb 2020 14:27:46 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.3.4
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6795164245475459273&ext1=1633
456926
getad.xyz/go/216668/ 		0
0
456926
getad.xyz/go/216668/ 		466 B
514 B 		Document
General
Check archive.org
Download Go to
Full URL
http://getad.xyz/go/216668/456926
Requested by
Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6795164245475459273&ext1=1633
Protocol
HTTP/1.1
Server
3.225.101.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-101-55.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5f550d8a2a3fa8a3fa3942bdb70d013bd684732c91cf172ebc593b63bc70e9a7

Request headers

Host
getad.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
https://minently.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://minently.com/

Response headers

Date
Wed, 19 Feb 2020 14:27:46 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Vary
Accept-Encoding
Content-Encoding
gzip
vido
www.musict.ir/
Redirect Chain
  • http://getad.xyz/ad/ad?p=216668&w=456926&t=f7b540436976617a&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5jb20lMkY=&vw=1600&vh=1200
  • https://www.musict.ir/vido
410 B
516 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.musict.ir/vido
Requested by
Host: getad.xyz
URL: http://getad.xyz/go/216668/456926
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.99.98.180 , Iran, Islamic Republic Of, ASN60976 (POL, IR),
Reverse DNS
91.99.98.180.parsonline.net
Software
nginx /
Resource Hash
e19980e5c1cd642a581cc8d172de7ab776d39591e5dc2bbe9d092622b56c82c7

Request headers

:method
GET
:authority
www.musict.ir
:scheme
https
:path
/vido
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://getad.xyz/go/216668/456926
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://getad.xyz/go/216668/456926

Response headers

status
200
server
nginx
date
Wed, 19 Feb 2020 14:27:47 GMT
content-length
289
vary
Accept-Encoding,User-Agent
x-accel-version
0.01
last-modified
Mon, 20 Jan 2020 10:54:47 GMT
accept-ranges
bytes
cache-control
max-age=2592000
expires
Fri, 20 Mar 2020 14:27:47 GMT
content-encoding
gzip

Redirect headers

Date
Wed, 19 Feb 2020 14:27:47 GMT
Content-Type
text/html; charset=utf-8
Content-Length
53
Connection
keep-alive
Server
nginx
Location
https://www.musict.ir/vido
Primary Request Cookie set q8uj30ak
www.passeura.com/ 		103 B
515 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.passeura.com/q8uj30ak?key=ebca8a02e41c5f80a25b71b8dd0cfba4
Requested by
Host: www.musict.ir
URL: https://www.musict.ir/vido
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.112.243 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
ab030a8588ef9530d38a74d9e14b36ccdd792323af6352d4d5da9d19b9b95341
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Host
www.passeura.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://www.musict.ir/vido
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://www.musict.ir/vido

Response headers

Server
nginx/1.17.6
Date
Wed, 19 Feb 2020 14:27:47 GMT
Content-Type
text/html
Content-Length
103
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
u_pl=15117471; expires=Thu, 20 Feb 2020 14:27:47 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=0; includeSubdomains

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
getad.xyz
URL
http://getad.xyz/go/216668/456926?

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

1 Cookies

Domain/Path Name / Value
www.passeura.com/ Name: u_pl
Value: 15117471