urlscan.io logo urlscan.io
SecurityTrails logo

adsqnt.com Open in urlscan Pro
52.77.123.181  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gommanjo3.atwebpages.com/g.php?login=L2ZiMTQvP2lkPTEwMDQ2NDI=&id=MTAwNDY0Mg==&r=P5wU6
Effective URL: http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname...
Submission: On January 26 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 7 countries across 15 domains to perform 34 HTTP transactions. The main IP is 52.77.123.181, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is adsqnt.com.
This is the only time adsqnt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 185.176.43.84 44476 (ZETTA-AS)
2 3 185.66.200.217 201702 (SKHOSTING-EU)
1 7 185.66.200.218 201702 (SKHOSTING-EU)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 185.66.201.34 201702 (SKHOSTING-EU)
1 3 54.84.250.46 14618 (AMAZON-AES)
1 52.212.20.130 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 3.10.86.71 16509 (AMAZON-02)
11 52.77.123.181 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.0.16.135 16509 (AMAZON-02)
34 15
1    185.176.43.84 (Bulgaria)

ASN44476 (ZETTA-AS, BG)
gommanjo3.atwebpages.com
3    185.66.200.217 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.217.skhosting.eu
ylx-4.com
7    185.66.200.218 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.218.skhosting.eu
yx-tr-val.com
2    2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    185.66.201.34 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: at-public.skhosting.eu
namel.net
3    54.84.250.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-250-46.compute-1.amazonaws.com
valid2click.com
1    52.212.20.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-20-130.eu-west-1.compute.amazonaws.com
www.flyrlk.com
1    2606:4700:3035::681b:b27c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
1    3.10.86.71 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-86-71.eu-west-2.compute.amazonaws.com
offer.edigitaloffer.com
11    52.77.123.181 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-123-181.ap-southeast-1.compute.amazonaws.com
adsqnt.com
1    2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    3.0.16.135 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-16-135.ap-southeast-1.compute.amazonaws.com
ec2-3-0-16-135.ap-southeast-1.compute.amazonaws.com
Domain Requested by
11 adsqnt.com www.flyrlk.com
adsqnt.com
7 yx-tr-val.com 1 redirects ylx-4.com
yx-tr-val.com
3 valid2click.com 1 redirects namel.net
valid2click.com
3 ylx-4.com 2 redirects gommanjo3.atwebpages.com
2 www.google-analytics.com www.googletagmanager.com
adsqnt.com
2 fonts.googleapis.com yx-tr-val.com
adsqnt.com
2 www.google.com yx-tr-val.com
www.gstatic.com
1 ec2-3-0-16-135.ap-southeast-1.compute.amazonaws.com adsqnt.com
1 www.googletagmanager.com adsqnt.com
1 offer.edigitaloffer.com www.flyrlk.com
1 cdn.addlnk.com www.flyrlk.com
1 www.flyrlk.com valid2click.com
1 namel.net yx-tr-val.com
1 www.gstatic.com www.google.com
1 gommanjo3.atwebpages.com
34 15

This site contains links to these domains. Also see Links.

Domain
tnc.mobitechsolutions.net
www.payinfo.nl
Subject Issuer Validity Valid
yx-tr-val.com
Let's Encrypt Authority X3		 2019-11-29 -
2020-02-27		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
namel.net
Let's Encrypt Authority X3		 2020-01-15 -
2020-04-14		 3 months crt.sh
valid2click.com
Sectigo RSA Domain Validation Secure Server CA		 2019-07-18 -
2020-07-17		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
Frame ID: FEE963F4CBF1FBDBA625479F295AA4F8
Requests: 33 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-&co=aHR0cHM6Ly95eC10ci12YWwuY29tOjQ0Mw..&hl=en&v=RDiPdrU_gv1XhhWy6nqfMf9O&size=invisible&cb=x7qbn4cfzqdx
Frame ID: 2C0CB0DA39BA2EB49A47C831ADF38F57
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://gommanjo3.atwebpages.com/g.php?login=L2ZiMTQvP2lkPTEwMDQ2NDI=&id=MTAwNDY0Mg==&r=P5wU6 Page URL
  2. http://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=111289&ga=g HTTP 302
    https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20... Page URL
  3. https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbH... HTTP 302
    https://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=111289&ga=g&rr=aHR0cDovL... HTTP 302
    https://namel.net/799a0834dd/e0a1f499cb/?placementName=ROTATOR&type=n&cv=XrdiCiAAAriGikCiGkkjd... Page URL
  4. https://valid2click.com/view/hSalS8AlPtsMvGhG958iWohm1CWidogJ6z21G0ExLMaizXU?c=31888&pid=1224&tid=af... Page URL
  5. http://valid2click.com/hrfp?url=http%3A%2F%2Fwww.flyrlk.com%2Frc%2F39b1beea8b%3Faffclick%3Dclickid%... HTTP 301
    https://valid2click.com/hrfp?url=http%3A%2F%2Fwww.flyrlk.com%2Frc%2F39b1beea8b%3Faffclick%3Dclickid%... Page URL
  6. http://www.flyrlk.com/rc/39b1beea8b?affclick=clickid&pubid=pubid Page URL
  7. http://offer.edigitaloffer.com/aff/track?token=qhrlqb&offer=202&pub_id=37b20dc2&click_id=pub21bfc6764474498... HTTP 302
    http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

34
Requests

50 %
HTTPS

40 %
IPv6

15
Domains

15
Subdomains

15
IPs

7
Countries

531 kB
Transfer

938 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gommanjo3.atwebpages.com/g.php?login=L2ZiMTQvP2lkPTEwMDQ2NDI=&id=MTAwNDY0Mg==&r=P5wU6 Page URL
  2. http://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=111289&ga=g HTTP 302
    https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0= Page URL
  3. https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0= HTTP 302
    https://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=111289&ga=g&rr=aHR0cDovL2dvbW1hbmpvMy5hdHdlYnBhZ2VzLmNvbS9nLnBocD9sb2dpbj1MMlppTVRRdlAybGtQVEV3TURRMk5EST0mYW1wO2lkPU1UQXdORFkwTWc9PSZhbXA7cj1QNXdVNg==&dom_id=33829132&yXcrs=1 HTTP 302
    https://namel.net/799a0834dd/e0a1f499cb/?placementName=ROTATOR&type=n&cv=XrdiCiAAAriGikCiGkkjdCpCjANrAkNZiGNdGCrCkjCrxCrixCGkCrCrGCxCpkkpir_87717&adApiR=loaded_string_732748b8170538a5ae6190045a4dde235d3b_2273992_1580062478.321_31715&refferer=4248685569_aHR0cDovL2dvbW1hbmpvMy5hdHdlYnBhZ2VzLmNvbQ==&randomA=yx&templateX348921892=direct&yxDom=eWx4LTQuY29t_bdfb2615848f0cdf110ba813b710123c Page URL
  4. https://valid2click.com/view/hSalS8AlPtsMvGhG958iWohm1CWidogJ6z21G0ExLMaizXU?c=31888&pid=1224&tid=affC1580062480affd18d4f3592628a107a393&site=23756240 Page URL
  5. http://valid2click.com/hrfp?url=http%3A%2F%2Fwww.flyrlk.com%2Frc%2F39b1beea8b%3Faffclick%3Dclickid%26pubid%3Dpubid&prot=2 HTTP 301
    https://valid2click.com/hrfp?url=http%3A%2F%2Fwww.flyrlk.com%2Frc%2F39b1beea8b%3Faffclick%3Dclickid%26pubid%3Dpubid&prot=2 Page URL
  6. http://www.flyrlk.com/rc/39b1beea8b?affclick=clickid&pubid=pubid Page URL
  7. http://offer.edigitaloffer.com/aff/track?token=qhrlqb&offer=202&pub_id=37b20dc2&click_id=pub21bfc6764474498c8d8df96d15c47610 HTTP 302
    http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=111289&ga=g HTTP 302
  • https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=
Request Chain 12
  • https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0= HTTP 302
  • https://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=111289&ga=g&rr=aHR0cDovL2dvbW1hbmpvMy5hdHdlYnBhZ2VzLmNvbS9nLnBocD9sb2dpbj1MMlppTVRRdlAybGtQVEV3TURRMk5EST0mYW1wO2lkPU1UQXdORFkwTWc9PSZhbXA7cj1QNXdVNg==&dom_id=33829132&yXcrs=1 HTTP 302
  • https://namel.net/799a0834dd/e0a1f499cb/?placementName=ROTATOR&type=n&cv=XrdiCiAAAriGikCiGkkjdCpCjANrAkNZiGNdGCrCkjCrxCrixCGkCrCrGCxCpkkpir_87717&adApiR=loaded_string_732748b8170538a5ae6190045a4dde235d3b_2273992_1580062478.321_31715&refferer=4248685569_aHR0cDovL2dvbW1hbmpvMy5hdHdlYnBhZ2VzLmNvbQ==&randomA=yx&templateX348921892=direct&yxDom=eWx4LTQuY29t_bdfb2615848f0cdf110ba813b710123c
Request Chain 14
  • http://valid2click.com/hrfp?url=http%3A%2F%2Fwww.flyrlk.com%2Frc%2F39b1beea8b%3Faffclick%3Dclickid%26pubid%3Dpubid&prot=2 HTTP 301
  • https://valid2click.com/hrfp?url=http%3A%2F%2Fwww.flyrlk.com%2Frc%2F39b1beea8b%3Faffclick%3Dclickid%26pubid%3Dpubid&prot=2

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
g.php
gommanjo3.atwebpages.com/ 		117 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
http://gommanjo3.atwebpages.com/g.php?login=L2ZiMTQvP2lkPTEwMDQ2NDI=&id=MTAwNDY0Mg==&r=P5wU6
Protocol
HTTP/1.1
Server
185.176.43.84 , Bulgaria, ASN44476 (ZETTA-AS, BG),
Reverse DNS
Software
Apache /
Resource Hash
3a4f700f8c4523aaf85677dbdea919bdfd0755b4cd4e7834cbb1e7d0e8c7ed88

Request headers

Host
gommanjo3.atwebpages.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 26 Jan 2020 18:14:36 GMT
Server
Apache
Content-Length
117
Keep-Alive
timeout=4, max=90
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
mobile_redir.php
ylx-4.com/ 		100 B
560 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ylx-4.com/mobile_redir.php?section=General&pub=111289&ga=g&desktop=1
Requested by
Host: gommanjo3.atwebpages.com
URL: http://gommanjo3.atwebpages.com/g.php?login=L2ZiMTQvP2lkPTEwMDQ2NDI=&id=MTAwNDY0Mg==&r=P5wU6
Protocol
HTTP/1.1
Server
185.66.200.217 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.217.skhosting.eu
Software
nginx /
Resource Hash
e5f0c7d2cee8da781de112a5cfc3fbde9bb0f7037570de74fa2b673d3202b849

Request headers

Referer
http://gommanjo3.atwebpages.com/g.php?login=L2ZiMTQvP2lkPTEwMDQ2NDI=&id=MTAwNDY0Mg==&r=P5wU6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 26 Jan 2020 18:14:37 GMT
Content-Encoding
gzip
Last-Modified
Sun, 26 Jan 2020 18:14:37 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
X-Robots-Tag
noindex, nofollow, noarchive, nosnippet
Expires
Sun, 26 Jan 2020 18:14:37 GMT
index_v3.php
yx-tr-val.com/crs/
Redirect Chain
  • http://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=111289&ga=g
  • https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG...
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=
Requested by
Host: ylx-4.com
URL: http://ylx-4.com/mobile_redir.php?section=General&pub=111289&ga=g&desktop=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.218 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.218.skhosting.eu
Software
nginx /
Resource Hash
e27acff138c3de7eb3faf7f69f90a007566ffd54853ce4ebf1ad5c1151478ac6

Request headers

:method
GET
:authority
yx-tr-val.com
:scheme
https
:path
/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://gommanjo3.atwebpages.com/g.php?login=L2ZiMTQvP2lkPTEwMDQ2NDI=&id=MTAwNDY0Mg==&r=P5wU6
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://gommanjo3.atwebpages.com/g.php?login=L2ZiMTQvP2lkPTEwMDQ2NDI=&id=MTAwNDY0Mg==&r=P5wU6

Response headers

status
200
server
nginx
date
Sun, 26 Jan 2020 18:14:37 GMT
content-type
text/html; charset=UTF-8
content-encoding
gzip

Redirect headers

Server
nginx
Date
Sun, 26 Jan 2020 18:14:37 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Expires
Sun, 26 Jan 2020 18:14:37 GMT
Last-Modified
Sun, 26 Jan 2020 18:14:37 GMT
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
X-Robots-Tag
noindex, nofollow, noarchive, nosnippet
Location
https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=
bootstrap.min.css
yx-tr-val.com/crs/css/ 		118 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yx-tr-val.com/crs/css/bootstrap.min.css
Requested by
Host: yx-tr-val.com
URL: https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.218 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.218.skhosting.eu
Software
nginx /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer
https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
date
Sun, 26 Jan 2020 18:14:37 GMT
content-encoding
gzip
last-modified
Fri, 13 Apr 2018 15:24:45 GMT
server
nginx
etag
W/"5ad0cbbd-1d970"
content-type
text/css
main.css
yx-tr-val.com/crs/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yx-tr-val.com/crs/css/main.css?v2
Requested by
Host: yx-tr-val.com
URL: https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.218 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.218.skhosting.eu
Software
nginx /
Resource Hash
2347125f250e16855d8229f8e941cc376dfe7a9d5caddc3206d20952b1f46c48

Request headers

Referer
https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 18:14:37 GMT
last-modified
Mon, 30 Apr 2018 06:33:38 GMT
server
nginx
etag
"5ae6b8c2-96e"
content-type
text/css
status
200
accept-ranges
bytes
content-length
2414
loading.gif
yx-tr-val.com/crs/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yx-tr-val.com/crs/img/loading.gif
Requested by
Host: yx-tr-val.com
URL: https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.218 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.218.skhosting.eu
Software
nginx /
Resource Hash
acccc31dbf746699a0d02ae545cf89a194d7158732cb5a88f4a514e04ea3fc1d

Request headers

Referer
https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 18:14:37 GMT
last-modified
Sat, 23 Nov 2019 00:21:28 GMT
server
nginx
etag
"5dd87b88-f6f"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
3951
api.js
www.google.com/recaptcha/ 		709 B
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-
Requested by
Host: yx-tr-val.com
URL: https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d9366b560b7fafbc12b796c3de330139ba687af2f8e395438effc27e573827cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 18:14:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
479
x-xss-protection
1; mode=block
expires
Sun, 26 Jan 2020 18:14:37 GMT
logo.png
yx-tr-val.com/crs/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yx-tr-val.com/crs/img/logo.png
Requested by
Host: yx-tr-val.com
URL: https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.218 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.218.skhosting.eu
Software
nginx /
Resource Hash
8b0c746b1dfbfd8429d32fcb994fb2223fb4724a5942e255bb4a4e96351579ef

Request headers

Referer
https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 18:14:37 GMT
last-modified
Fri, 13 Apr 2018 15:24:51 GMT
server
nginx
etag
"5ad0cbc3-188b"
content-type
image/png
status
200
accept-ranges
bytes
content-length
6283
main.js
yx-tr-val.com/crs/js/ 		255 B
394 B 		Script
General
Check archive.org
Download Go to
Full URL
https://yx-tr-val.com/crs/js/main.js
Requested by
Host: yx-tr-val.com
URL: https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.218 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.218.skhosting.eu
Software
nginx /
Resource Hash
c91d7242589722eec07910a5a5fe2b8855c57100fbfbdc93d6604823a9402458

Request headers

Referer
https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 18:14:37 GMT
last-modified
Fri, 13 Apr 2018 15:24:54 GMT
server
nginx
etag
"5ad0cbc6-ff"
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
255
css
fonts.googleapis.com/ 		3 KB
580 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,600,700,800
Requested by
Host: yx-tr-val.com
URL: https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
370338dd10fae1b5bea9c8848e01712c56a5ae411c218324051871fecc837521
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 26 Jan 2020 18:14:37 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 26 Jan 2020 18:14:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sun, 26 Jan 2020 18:14:37 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/RDiPdrU_gv1XhhWy6nqfMf9O/ 		257 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/RDiPdrU_gv1XhhWy6nqfMf9O/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07a651614bfef3f3a35d9a2ded0de50adaef4671abda32d38958ac4438b46cb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Tue, 21 Jan 2020 21:53:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 Jan 2020 18:54:09 GMT
server
sffe
age
418854
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94001
x-xss-protection
0
expires
Wed, 20 Jan 2021 21:53:43 GMT
anchor
www.google.com/recaptcha/api2/ Frame 2C0C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-&co=aHR0cHM6Ly95eC10ci12YWwuY29tOjQ0Mw..&hl=en&v=RDiPdrU_gv1XhhWy6nqfMf9O&size=invisible&cb=x7qbn4cfzqdx
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RDiPdrU_gv1XhhWy6nqfMf9O/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bGX9yL1D8/mZfYn17bWd0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-&co=aHR0cHM6Ly95eC10ci12YWwuY29tOjQ0Mw..&hl=en&v=RDiPdrU_gv1XhhWy6nqfMf9O&size=invisible&cb=x7qbn4cfzqdx
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 26 Jan 2020 18:14:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-bGX9yL1D8/mZfYn17bWd0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
8572
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
/
namel.net/799a0834dd/e0a1f499cb/
Redirect Chain
  • https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkd...
  • https://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=111289&ga=g&rr=aHR0cDovL2dvbW1hbmpvMy5hdHdlYnBhZ2VzLmNvbS9nLnBocD9sb2dpbj1MMlppTVRRdlAybGtQVEV3TURRMk5EST0mYW1wO2lkPU1UQXdORFkw...
  • https://namel.net/799a0834dd/e0a1f499cb/?placementName=ROTATOR&type=n&cv=XrdiCiAAAriGikCiGkkjdCpCjANrAkNZiGNdGCrCkjCrxCrixCGkCrCrGCxCpkkpir_87717&adApiR=loaded_string_732748b8170538a5ae6190045a4dde...
492 B
632 B 		Document
General
Check archive.org
Download Go to
Full URL
https://namel.net/799a0834dd/e0a1f499cb/?placementName=ROTATOR&type=n&cv=XrdiCiAAAriGikCiGkkjdCpCjANrAkNZiGNdGCrCkjCrxCrixCGkCrCrGCxCpkkpir_87717&adApiR=loaded_string_732748b8170538a5ae6190045a4dde235d3b_2273992_1580062478.321_31715&refferer=4248685569_aHR0cDovL2dvbW1hbmpvMy5hdHdlYnBhZ2VzLmNvbQ==&randomA=yx&templateX348921892=direct&yxDom=eWx4LTQuY29t_bdfb2615848f0cdf110ba813b710123c
Requested by
Host: yx-tr-val.com
URL: https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.66.201.34 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
at-public.skhosting.eu
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
namel.net
:scheme
https
:path
/799a0834dd/e0a1f499cb/?placementName=ROTATOR&type=n&cv=XrdiCiAAAriGikCiGkkjdCpCjANrAkNZiGNdGCrCkjCrxCrixCGkCrCrGCxCpkkpir_87717&adApiR=loaded_string_732748b8170538a5ae6190045a4dde235d3b_2273992_1580062478.321_31715&refferer=4248685569_aHR0cDovL2dvbW1hbmpvMy5hdHdlYnBhZ2VzLmNvbQ==&randomA=yx&templateX348921892=direct&yxDom=eWx4LTQuY29t_bdfb2615848f0cdf110ba813b710123c
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=
accept-encoding
gzip, deflate, br
Origin
https://yx-tr-val.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://yx-tr-val.com/crs/index_v3.php?d=33829132&f=popup&s=4&t=4&pr=500&u=aHR0cHM6Ly95bHgtNC5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTExMTI4OSZnYT1nJnJyPWFIUjBjRG92TDJkdmJXMWhibXB2TXk1aGRIZGxZbkJoWjJWekxtTnZiUzluTG5Cb2NEOXNiMmRwYmoxTU1scHBUVlJSZGxBeWJHdFFWRVYzVFVSUk1rNUVTVDBtWVcxd08ybGtQVTFVUVhkT1JGa3dUV2M5UFNaaGJYQTdjajFRTlhkVk5nPT0=

Response headers

status
200
server
nginx
date
Sun, 26 Jan 2020 18:14:40 GMT
content-type
text/html; charset=UTF-8
set-cookie
total_impressions=1; expires=Mon, 27-Jan-2020 04:59:59 GMT; Max-Age=38719 used_ad2273992=1; expires=Mon, 27-Jan-2020 04:59:59 GMT; Max-Age=38719; path=/
expires
Sun, 01 Jan 2014 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
x-robots-tag
noindex,nofollow
content-encoding
gzip

Redirect headers

status
302
server
nginx
date
Sun, 26 Jan 2020 18:14:38 GMT
content-type
text/html; charset=UTF-8
expires
Sun, 26 Jan 2020 18:14:38 GMT
last-modified
Sun, 26 Jan 2020 18:14:38 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
x-robots-tag
noindex, nofollow, noarchive, nosnippet
set-cookie
used_ad2273992=1; expires=Mon, 27-Jan-2020 05:00:00 GMT; Max-Age=38722; path=/ total_impressions=1; expires=Mon, 27-Jan-2020 05:00:00 GMT; Max-Age=38722; path=/ cpa_673873=popup_355513739_4; expires=Tue, 25-Feb-2020 18:14:38 GMT; Max-Age=2592000; path=/
location
https://namel.net/799a0834dd/e0a1f499cb/?placementName=ROTATOR&type=n&cv=XrdiCiAAAriGikCiGkkjdCpCjANrAkNZiGNdGCrCkjCrxCrixCGkCrCrGCxCpkkpir_87717&adApiR=loaded_string_732748b8170538a5ae6190045a4dde235d3b_2273992_1580062478.321_31715&refferer=4248685569_aHR0cDovL2dvbW1hbmpvMy5hdHdlYnBhZ2VzLmNvbQ==&randomA=yx&templateX348921892=direct&yxDom=eWx4LTQuY29t_bdfb2615848f0cdf110ba813b710123c
hSalS8AlPtsMvGhG958iWohm1CWidogJ6z21G0ExLMaizXU
valid2click.com/view/ 		274 B
934 B 		Document
General
Check archive.org
Download Go to
Full URL
https://valid2click.com/view/hSalS8AlPtsMvGhG958iWohm1CWidogJ6z21G0ExLMaizXU?c=31888&pid=1224&tid=affC1580062480affd18d4f3592628a107a393&site=23756240
Requested by
Host: namel.net
URL: https://namel.net/799a0834dd/e0a1f499cb/?placementName=ROTATOR&type=n&cv=XrdiCiAAAriGikCiGkkjdCpCjANrAkNZiGNdGCrCkjCrxCrixCGkCrCrGCxCpkkpir_87717&adApiR=loaded_string_732748b8170538a5ae6190045a4dde235d3b_2273992_1580062478.321_31715&refferer=4248685569_aHR0cDovL2dvbW1hbmpvMy5hdHdlYnBhZ2VzLmNvbQ==&randomA=yx&templateX348921892=direct&yxDom=eWx4LTQuY29t_bdfb2615848f0cdf110ba813b710123c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.250.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-250-46.compute-1.amazonaws.com
Software
nginx /
Resource Hash
eddc0fc536ec6090df6c6183e7417ae375209e820e0cf19971abbe51c99fd4c8

Request headers

:method
GET
:authority
valid2click.com
:scheme
https
:path
/view/hSalS8AlPtsMvGhG958iWohm1CWidogJ6z21G0ExLMaizXU?c=31888&pid=1224&tid=affC1580062480affd18d4f3592628a107a393&site=23756240
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://namel.net/799a0834dd/e0a1f499cb/?placementName=ROTATOR&type=n&cv=XrdiCiAAAriGikCiGkkjdCpCjANrAkNZiGNdGCrCkjCrxCrixCGkCrCrGCxCpkkpir_87717&adApiR=loaded_string_732748b8170538a5ae6190045a4dde235d3b_2273992_1580062478.321_31715&refferer=4248685569_aHR0cDovL2dvbW1hbmpvMy5hdHdlYnBhZ2VzLmNvbQ==&randomA=yx&templateX348921892=direct&yxDom=eWx4LTQuY29t_bdfb2615848f0cdf110ba813b710123c
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://namel.net/799a0834dd/e0a1f499cb/?placementName=ROTATOR&type=n&cv=XrdiCiAAAriGikCiGkkjdCpCjANrAkNZiGNdGCrCkjCrxCrixCGkCrCrGCxCpkkpir_87717&adApiR=loaded_string_732748b8170538a5ae6190045a4dde235d3b_2273992_1580062478.321_31715&refferer=4248685569_aHR0cDovL2dvbW1hbmpvMy5hdHdlYnBhZ2VzLmNvbQ==&randomA=yx&templateX348921892=direct&yxDom=eWx4LTQuY29t_bdfb2615848f0cdf110ba813b710123c

Response headers

status
200
date
Sun, 26 Jan 2020 18:14:40 GMT
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=xIawyD9u4vBcX3RFsIvoBU9E33Bb+3fmPOqYqU9PxeFV0fgJoagxZSbzixtoW1J4gXDUdnRYvVjtOhVu4kGB8MFjPtVEgvlhka8F6wo5X/OfYhNP29y+GRUL8yE8; Expires=Sun, 02 Feb 2020 18:14:40 GMT; Path=/ AWSALBCORS=xIawyD9u4vBcX3RFsIvoBU9E33Bb+3fmPOqYqU9PxeFV0fgJoagxZSbzixtoW1J4gXDUdnRYvVjtOhVu4kGB8MFjPtVEgvlhka8F6wo5X/OfYhNP29y+GRUL8yE8; Expires=Sun, 02 Feb 2020 18:14:40 GMT; Path=/; SameSite=None; Secure PHPSESSID=bc7lktk7naant28o15fbjt5c8r; path=/ BP:22193:1224=http%3A%2F%2Ftrck.shop%2Fview%2FsrEBkwEHbo9TnnsKFzOiIofFChSalSyO7kxu5AuE5lqA44c%3Fc%3D11826%26pid%3D1886%26site%3Daff1224; expires=Sun, 26-Jan-2020 18:16:10 GMT; Max-Age=90; path=/
server
nginx
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-encoding
gzip
hrfp
valid2click.com/
Redirect Chain
  • http://valid2click.com/hrfp?url=http%3A%2F%2Fwww.flyrlk.com%2Frc%2F39b1beea8b%3Faffclick%3Dclickid%26pubid%3Dpubid&prot=2
  • https://valid2click.com/hrfp?url=http%3A%2F%2Fwww.flyrlk.com%2Frc%2F39b1beea8b%3Faffclick%3Dclickid%26pubid%3Dpubid&prot=2
114 B
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://valid2click.com/hrfp?url=http%3A%2F%2Fwww.flyrlk.com%2Frc%2F39b1beea8b%3Faffclick%3Dclickid%26pubid%3Dpubid&prot=2
Requested by
Host: valid2click.com
URL: https://valid2click.com/view/hSalS8AlPtsMvGhG958iWohm1CWidogJ6z21G0ExLMaizXU?c=31888&pid=1224&tid=affC1580062480affd18d4f3592628a107a393&site=23756240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.250.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-250-46.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ec3cfaf2a446d06a403cd1e076994e3584ed5d2e0cc120e85c0786993ad07653

Request headers

:method
GET
:authority
valid2click.com
:scheme
https
:path
/hrfp?url=http%3A%2F%2Fwww.flyrlk.com%2Frc%2F39b1beea8b%3Faffclick%3Dclickid%26pubid%3Dpubid&prot=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
cookie
AWSALBCORS=xIawyD9u4vBcX3RFsIvoBU9E33Bb+3fmPOqYqU9PxeFV0fgJoagxZSbzixtoW1J4gXDUdnRYvVjtOhVu4kGB8MFjPtVEgvlhka8F6wo5X/OfYhNP29y+GRUL8yE8; PHPSESSID=bc7lktk7naant28o15fbjt5c8r; BP:22193:1224=http%3A%2F%2Ftrck.shop%2Fview%2FsrEBkwEHbo9TnnsKFzOiIofFChSalSyO7kxu5AuE5lqA44c%3Fc%3D11826%26pid%3D1886%26site%3Daff1224; AWSALB=c//SJZKLnXQk1MCSEvxVuPiYY418T/+DNiZ4EigAQz9dG/oUCZfXnjzLm27ttai9oKY4iok+uPHLaQZbz9NSEF7Nn8FaSvz6nCmQcPZN2xbEtuhPUrOkxYxvCB3FhXLsuINU2h9AdLHE7ps2x907PxncP0GU6mogGZ8dWI+hWvXVABfvjOom5c+oNt+7oA==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
date
Sun, 26 Jan 2020 18:14:40 GMT
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=dBy/VEzlhr/2XgSjLDsujSYMAORKKP5Oo55ExrgGB5Ko0f1t31Ixst5fRzTi7x0y9lZgMPFVrNDa+lowD2NemeG4ajqjTO3T6MpFv5opckmQPtT9Q1o7a/r+mgrj; Expires=Sun, 02 Feb 2020 18:14:40 GMT; Path=/ AWSALBCORS=dBy/VEzlhr/2XgSjLDsujSYMAORKKP5Oo55ExrgGB5Ko0f1t31Ixst5fRzTi7x0y9lZgMPFVrNDa+lowD2NemeG4ajqjTO3T6MpFv5opckmQPtT9Q1o7a/r+mgrj; Expires=Sun, 02 Feb 2020 18:14:40 GMT; Path=/; SameSite=None; Secure
server
nginx
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-encoding
gzip

Redirect headers

Date
Sun, 26 Jan 2020 18:14:40 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Set-Cookie
AWSALB=c//SJZKLnXQk1MCSEvxVuPiYY418T/+DNiZ4EigAQz9dG/oUCZfXnjzLm27ttai9oKY4iok+uPHLaQZbz9NSEF7Nn8FaSvz6nCmQcPZN2xbEtuhPUrOkxYxvCB3FhXLsuINU2h9AdLHE7ps2x907PxncP0GU6mogGZ8dWI+hWvXVABfvjOom5c+oNt+7oA==; Expires=Sun, 02 Feb 2020 18:14:40 GMT; Path=/ AWSALBCORS=c//SJZKLnXQk1MCSEvxVuPiYY418T/+DNiZ4EigAQz9dG/oUCZfXnjzLm27ttai9oKY4iok+uPHLaQZbz9NSEF7Nn8FaSvz6nCmQcPZN2xbEtuhPUrOkxYxvCB3FhXLsuINU2h9AdLHE7ps2x907PxncP0GU6mogGZ8dWI+hWvXVABfvjOom5c+oNt+7oA==; Expires=Sun, 02 Feb 2020 18:14:40 GMT; Path=/; SameSite=None
Server
nginx
Location
https://valid2click.com/hrfp?url=http%3A%2F%2Fwww.flyrlk.com%2Frc%2F39b1beea8b%3Faffclick%3Dclickid%26pubid%3Dpubid&prot=2
Cookie set 39b1beea8b
www.flyrlk.com/rc/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.flyrlk.com/rc/39b1beea8b?affclick=clickid&pubid=pubid
Requested by
Host: valid2click.com
URL: https://valid2click.com/hrfp?url=http%3A%2F%2Fwww.flyrlk.com%2Frc%2F39b1beea8b%3Faffclick%3Dclickid%26pubid%3Dpubid&prot=2
Protocol
HTTP/1.1
Server
52.212.20.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-20-130.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Amazon) mod_wsgi/3.5 Python/3.6.8 /
Resource Hash
65983de7145671ddfc33f2cc46da0019ad7cd7f6930186173110348e5aca0aaa

Request headers

Host
www.flyrlk.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Cache-control
no-cache="set-cookie"
Content-Encoding
gzip
Content-Language
en-us
Content-Type
text/html; charset=utf-8
Date
Sun, 26 Jan 2020 18:14:41 GMT
Server
Apache/2.4.41 (Amazon) mod_wsgi/3.5 Python/3.6.8
Set-Cookie
AWSELB=C723C109122745B344257D865D5D1ACC183B61B7F1078E94C401017A6E2B0B47794A434735D87CBDA8CEEB1C5452D8ACDD68847421F0D353BB28AE07D33771A6BC338E4B87;PATH=/;MAX-AGE=360
Vary
Accept-Encoding,Accept-Language,Cookie
Content-Length
854
Connection
keep-alive
redirect.css
cdn.addlnk.com/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cdn.addlnk.com/redirect.css
Requested by
Host: www.flyrlk.com
URL: http://www.flyrlk.com/rc/39b1beea8b?affclick=clickid&pubid=pubid
Protocol
HTTP/1.1
Server
2606:4700:3035::681b:b27c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers
track
offer.edigitaloffer.com/aff/ 		0
0
Primary Request /
adsqnt.com/nl/healthland/hl2a/
Redirect Chain
  • http://offer.edigitaloffer.com/aff/track?token=qhrlqb&offer=202&pub_id=37b20dc2&click_id=pub21bfc6764474498c8d8df96d15c47610
  • http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
Requested by
Host: www.flyrlk.com
URL: http://www.flyrlk.com/rc/39b1beea8b?affclick=clickid&pubid=pubid
Protocol
HTTP/1.1
Server
52.77.123.181 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-123-181.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
46e55fa87eeb930718fddbdc490d0c98f21723538523ce397e667fb15c7fd64d

Request headers

Host
adsqnt.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 26 Jan 2020 18:14:41 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 26 Jan 2020 18:14:41 GMT
Content-Type
text/html; charset=utf-8
Content-Length
162
Connection
keep-alive
Location
http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
Set-Cookie
rmsbackusersessionid=0d4369f8332f0f81949a23e552eaf3e1; Path=/; HttpOnly uiid=W3sidHJhY2tfaWQiOiIzMjg1OTM2IiwiZGF0ZXRpbWUiOiIyMDIwLTAxLTI2IDE4OjE0OjQxIn1d; Expires=Wed, 04 Oct 2051 20:01:21 UTC; Max-Age=1000000000; Path=/
Cache-Control
no-cache
js
www.googletagmanager.com/gtag/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-147360504-1
Requested by
Host: adsqnt.com
URL: http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cdc0ff2307da65260d50a4bf9cf6c0f40aff0e78048c58370735bf658410c5d7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 26 Jan 2020 18:14:41 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
28306
x-xss-protection
0
expires
Sun, 26 Jan 2020 18:14:41 GMT
kzstyle.css
adsqnt.com/nl/healthland/hl2a/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://adsqnt.com/nl/healthland/hl2a/css/kzstyle.css
Requested by
Host: adsqnt.com
URL: http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
Protocol
HTTP/1.1
Server
52.77.123.181 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-123-181.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
53219debce20f1c8dd3db8683e8c68dfd040081983343eae6ec35db6aefda85f

Request headers

Referer
http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 26 Jan 2020 18:14:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Dec 2019 04:52:39 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"fa8-599f336d65676-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1225
jquery-3.2.1.min.js
adsqnt.com/resources/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://adsqnt.com/resources/js/jquery-3.2.1.min.js
Requested by
Host: adsqnt.com
URL: http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
Protocol
HTTP/1.1
Server
52.77.123.181 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-123-181.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
c3cd04df022573a3e832080be493d3aa6d38dc1b4d4d72e3a6704b8709984cc3

Request headers

Referer
http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 26 Jan 2020 18:14:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Dec 2017 17:13:43 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1528f-56155857f2ba7-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
30145
handler.js
adsqnt.com/resources/nl/netsmart/handler/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://adsqnt.com/resources/nl/netsmart/handler/handler.js?v=5
Requested by
Host: adsqnt.com
URL: http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
Protocol
HTTP/1.1
Server
52.77.123.181 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-123-181.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
ca4c25442a6cc522130317543da22ed5b51653d773c182fd771489f67c94d8a5

Request headers

Referer
http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 26 Jan 2020 18:14:42 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Jan 2020 12:20:40 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"21f5-59c189ecaf49e-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2202
image.png
adsqnt.com/nl/healthland/hl2a/assets/ 		105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://adsqnt.com/nl/healthland/hl2a/assets/image.png
Requested by
Host: adsqnt.com
URL: http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
Protocol
HTTP/1.1
Server
52.77.123.181 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-123-181.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
bf3b0533bcdcc5fed9a9dabfc9e2fa7c7dad3c6ace89fedc57259ee99780d661

Request headers

Referer
http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 26 Jan 2020 18:14:42 GMT
Last-Modified
Wed, 18 Dec 2019 04:52:39 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1a530-599f336d646d7"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
107824
iconSmall1.png
adsqnt.com/nl/healthland/hl2a/assets/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://adsqnt.com/nl/healthland/hl2a/assets/iconSmall1.png
Requested by
Host: adsqnt.com
URL: http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
Protocol
HTTP/1.1
Server
52.77.123.181 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-123-181.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
aae8655601784ba308f4e89f2f476ace558b24695e54410f1d640a00d592ecd8

Request headers

Referer
http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 26 Jan 2020 18:14:43 GMT
Last-Modified
Wed, 18 Dec 2019 04:52:39 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"28e2-599f336d646d7"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
10466
iconSmall2.png
adsqnt.com/nl/healthland/hl2a/assets/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://adsqnt.com/nl/healthland/hl2a/assets/iconSmall2.png
Requested by
Host: adsqnt.com
URL: http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
Protocol
HTTP/1.1
Server
52.77.123.181 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-123-181.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
d0ef238b0ede6401e965f5b31ead323283303185bd0d096ea59d100c5e6d7612

Request headers

Referer
http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 26 Jan 2020 18:14:42 GMT
Last-Modified
Wed, 18 Dec 2019 04:52:39 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1b83-599f336d646d7"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
7043
iconSmall3.png
adsqnt.com/nl/healthland/hl2a/assets/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://adsqnt.com/nl/healthland/hl2a/assets/iconSmall3.png
Requested by
Host: adsqnt.com
URL: http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
Protocol
HTTP/1.1
Server
52.77.123.181 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-123-181.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
7d9d04ac4d2775b8ee4de79508ada6ba4fa814905071e8a323eacfb1814e455d

Request headers

Referer
http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 26 Jan 2020 18:14:43 GMT
Last-Modified
Wed, 18 Dec 2019 04:52:39 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"26d1-599f336d646d7"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
9937
iconSmall4.png
adsqnt.com/nl/healthland/hl2a/assets/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://adsqnt.com/nl/healthland/hl2a/assets/iconSmall4.png
Requested by
Host: adsqnt.com
URL: http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
Protocol
HTTP/1.1
Server
52.77.123.181 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-123-181.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
585b161a7a07b1f3eb06209c0033eba6309815c2426bf3f692dd8460956decbc

Request headers

Referer
http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 26 Jan 2020 18:14:43 GMT
Last-Modified
Wed, 18 Dec 2019 04:52:39 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"23b1-599f336d646d7"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
9137
iconSmall5.png
adsqnt.com/nl/healthland/hl2a/assets/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://adsqnt.com/nl/healthland/hl2a/assets/iconSmall5.png
Requested by
Host: adsqnt.com
URL: http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
Protocol
HTTP/1.1
Server
52.77.123.181 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-123-181.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
d83affa8b80b0388b405d51a6b626fca8cb415198529685ca1be8667d3bcd92d

Request headers

Referer
http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 26 Jan 2020 18:14:43 GMT
Last-Modified
Wed, 18 Dec 2019 04:52:39 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1c9d-599f336d646d7"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
7325
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-147360504-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
6069
date
Sun, 26 Jan 2020 16:33:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Sun, 26 Jan 2020 18:33:33 GMT
css
fonts.googleapis.com/ 		5 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik:700|Ubuntu:400,700
Requested by
Host: adsqnt.com
URL: http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e98a41642823c5be645e48164d50d01b14f9a05b233bf2b851e3df855609a77e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 26 Jan 2020 18:14:41 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 26 Jan 2020 18:14:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sun, 26 Jan 2020 18:14:41 GMT
pattern.png
adsqnt.com/nl/healthland/hl2a/assets/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://adsqnt.com/nl/healthland/hl2a/assets/pattern.png
Requested by
Host: adsqnt.com
URL: http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
Protocol
HTTP/1.1
Server
52.77.123.181 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-123-181.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
702f166a262fbcb8cad68b53fe6251ec3c27c7ff9db5124043391438496c2124

Request headers

Referer
http://adsqnt.com/nl/healthland/hl2a/css/kzstyle.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 26 Jan 2020 18:14:42 GMT
Last-Modified
Wed, 18 Dec 2019 04:52:39 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"29679-599f336d65676"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
169593
save-view
ec2-3-0-16-135.ap-southeast-1.compute.amazonaws.com/api/view/ 		57 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ec2-3-0-16-135.ap-southeast-1.compute.amazonaws.com/api/view/save-view?view_code=b8eed0d0406711eab689021a8cb6e0cc&country_code=nl&landing_page=hl2a&affiliate_code=ELD&device=Desktop&os=MacOS&browser=Chrome
Requested by
Host: adsqnt.com
URL: http://adsqnt.com/resources/nl/netsmart/handler/handler.js?v=5
Protocol
HTTP/1.1
Server
3.0.16.135 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-16-135.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
27e666081eb1d45ced43747eec9a3906d447308774b95db1c7968427480582e3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
Origin
http://adsqnt.com

Response headers

Date
Sun, 26 Jan 2020 18:14:43 GMT
Server
Apache/2.4.29 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://adsqnt.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
57
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=834029318&t=pageview&_s=1&dl=http%3A%2F%2Fadsqnt.com%2Fnl%2Fhealthland%2Fhl2a%2F%3Faffiliate_code%3DELD%26id%3Dj3lgbqjovmy3oe-9xguz14oca%26pid%3D6969%26sid%3D%26cy%3DUSD%26advname%3DQNET&ul=en-us&de=UTF-8&dt=Healthland%20LP2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=273322967&gjid=1938708132&cid=1996219490.1580062483&tid=UA-147360504-1&_gid=1141104036.1580062483&_r=1&gtm=2ou1f1&z=151011260
Requested by
Host: adsqnt.com
URL: http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://adsqnt.com/nl/healthland/hl2a/?affiliate_code=ELD&id=j3lgbqjovmy3oe-9xguz14oca&pid=6969&sid=&cy=USD&advname=QNET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jan 2020 18:14:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
offer.edigitaloffer.com
URL
http://offer.edigitaloffer.com/aff/track?token=qhrlqb&offer=202&pub_id=37b20dc2&click_id=pub21bfc6764474498c8d8df96d15c47610

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| AFFILIATE_CODE string| VIEW_CODE string| CARRYOVER string| QHELPER_PATH function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga function| $ function| jQuery undefined| key string| USER_IP string| be_HOST string| aoc_redirect_url string| OPERATOR_CODE string| ENDPAGE string| KEYWORD string| SHORTCODE string| COUNTRY_CODE string| LANDING_PAGE string| GATEWAY_CODE function| redirect function| getUrlParameter function| isEmpty function| aocRedirect function| impression function| saveViewEvent function| saveLeadEvent function| getBrowser function| getOS function| getDevice string| $strGWURL string| RETURNURL object| google_tag_data object| gaplugins object| gaGlobal object| gaData

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log URL: http://adsqnt.com/resources/nl/netsmart/handler/handler.js?v=5(Line 133)
Message:
saveViewEvent - response
console-api log URL: http://adsqnt.com/resources/nl/netsmart/handler/handler.js?v=5(Line 134)
Message:
[object XMLHttpRequest]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsqnt.com
cdn.addlnk.com
ec2-3-0-16-135.ap-southeast-1.compute.amazonaws.com
fonts.googleapis.com
gommanjo3.atwebpages.com
namel.net
offer.edigitaloffer.com
valid2click.com
www.flyrlk.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
ylx-4.com
yx-tr-val.com
offer.edigitaloffer.com
185.176.43.84
185.66.200.217
185.66.200.218
185.66.201.34
2606:4700:3035::681b:b27c
2a00:1450:4001:814::200a
2a00:1450:4001:815::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:820::2008
2a00:1450:4001:824::2004
3.0.16.135
3.10.86.71
52.212.20.130
52.77.123.181
54.84.250.46
07a651614bfef3f3a35d9a2ded0de50adaef4671abda32d38958ac4438b46cb6
2347125f250e16855d8229f8e941cc376dfe7a9d5caddc3206d20952b1f46c48
27e666081eb1d45ced43747eec9a3906d447308774b95db1c7968427480582e3
370338dd10fae1b5bea9c8848e01712c56a5ae411c218324051871fecc837521
3a4f700f8c4523aaf85677dbdea919bdfd0755b4cd4e7834cbb1e7d0e8c7ed88
46e55fa87eeb930718fddbdc490d0c98f21723538523ce397e667fb15c7fd64d
53219debce20f1c8dd3db8683e8c68dfd040081983343eae6ec35db6aefda85f
585b161a7a07b1f3eb06209c0033eba6309815c2426bf3f692dd8460956decbc
65983de7145671ddfc33f2cc46da0019ad7cd7f6930186173110348e5aca0aaa
702f166a262fbcb8cad68b53fe6251ec3c27c7ff9db5124043391438496c2124
7d9d04ac4d2775b8ee4de79508ada6ba4fa814905071e8a323eacfb1814e455d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b0c746b1dfbfd8429d32fcb994fb2223fb4724a5942e255bb4a4e96351579ef
aae8655601784ba308f4e89f2f476ace558b24695e54410f1d640a00d592ecd8
acccc31dbf746699a0d02ae545cf89a194d7158732cb5a88f4a514e04ea3fc1d
bf3b0533bcdcc5fed9a9dabfc9e2fa7c7dad3c6ace89fedc57259ee99780d661
c3cd04df022573a3e832080be493d3aa6d38dc1b4d4d72e3a6704b8709984cc3
c91d7242589722eec07910a5a5fe2b8855c57100fbfbdc93d6604823a9402458
ca4c25442a6cc522130317543da22ed5b51653d773c182fd771489f67c94d8a5
cdc0ff2307da65260d50a4bf9cf6c0f40aff0e78048c58370735bf658410c5d7
d0ef238b0ede6401e965f5b31ead323283303185bd0d096ea59d100c5e6d7612
d83affa8b80b0388b405d51a6b626fca8cb415198529685ca1be8667d3bcd92d
d9366b560b7fafbc12b796c3de330139ba687af2f8e395438effc27e573827cc
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e27acff138c3de7eb3faf7f69f90a007566ffd54853ce4ebf1ad5c1151478ac6
e5f0c7d2cee8da781de112a5cfc3fbde9bb0f7037570de74fa2b673d3202b849
e98a41642823c5be645e48164d50d01b14f9a05b233bf2b851e3df855609a77e
ec3cfaf2a446d06a403cd1e076994e3584ed5d2e0cc120e85c0786993ad07653
eddc0fc536ec6090df6c6183e7417ae375209e820e0cf19971abbe51c99fd4c8
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c