click-now-on.me Open in urlscan Pro
213.227.145.147 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sendsongs.serveirc.com/t?LmYVszOq9R99=UF3i6wVGxXmEkEqxWtuXH8LO0/uyse917nHkG8VWG3PLX3627K6xgpo5xTn+/JxIMdq41hhG6p4hnargf...
Effective URL:
https://click-now-on.me/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&d...
Submission: On January 04 via api (January 4th 2020, 9:07:13 am UTC) from BE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 11 domains to perform 21 HTTP transactions. The main IP is 213.227.145.147, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is click-now-on.me.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on June 27th 2019. Valid for: a year.

This is the only time click-now-on.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	194.113.104.142 194.113.104.142	59504 (Hosting v...) (Hosting vpsville.ru)
4	23.90.15.235 23.90.15.235	62904 (EONIX-COM...) (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation)
2	2606:4700:30:... 2606:4700:30::6812:2e84	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2 2	2606:4700:30:... 2606:4700:30::681b:905f	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	185.181.10.57 185.181.10.57	47447 (TTM) (TTM)
1 2	35.201.103.0 35.201.103.0	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a03:b0c0:3:d... 2a03:b0c0:3:d0::d13:7001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
2	213.227.145.147 213.227.145.147	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
8	89.255.248.32 89.255.248.32	60626 (LEASEWEBCDN) (LEASEWEBCDN)
1 2	85.17.31.88 85.17.31.88	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 5	2606:4700::68... 2606:4700::6810:d43b	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
21	9

1 194.113.104.142 (Russian Federation) 1 redirects

ASN59504 (Hosting vpsville.ru, RU)
PTR: vps111013.vpsville.ru

sendsongs.serveirc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.90.15.235 (Las Vegas, United States)

ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US)

plumtrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::6812:2e84 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

offer-notavailable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::681b:905f (United States) 2 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

rapid-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.181.10.57 (Frankfurt am Main, Germany) 1 redirects

ASN47447 (TTM, DE)

go.varitybr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.103.0 (Ascension Island) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 0.103.201.35.bc.googleusercontent.com

www.greatdexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:b0c0:3:d0::d13:7001 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)

track.special-promotions.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.145.147 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

special-offers.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
click-now-on.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 89.255.248.32 (Netherlands)

ASN60626 (LEASEWEBCDN, NL)

cdn.special-offers.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.17.31.88 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

wbidder.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:d43b (United States) 2 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

pixel.runative-syndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.runative-syndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	special-offers.online special-offers.online cdn.special-offers.online	107 KB
5	runative-syndicate.com 2 redirects pixel.runative-syndicate.com cdn.runative-syndicate.com	75 KB
4	plumtrip.com plumtrip.com	10 KB
2	wbidder.online 1 redirects wbidder.online	15 KB
2	greatdexchange.com 1 redirects www.greatdexchange.com	2 KB
2	rapid-cdn.com 2 redirects rapid-cdn.com	2 KB
2	offer-notavailable.com offer-notavailable.com	94 KB
1	click-now-on.me click-now-on.me	28 KB
1	special-promotions.online 1 redirects track.special-promotions.online	806 B
1	varitybr.com 1 redirects go.varitybr.com	213 B
1	serveirc.com 1 redirects sendsongs.serveirc.com	591 B
21	11

	Domain	Requested by
8	cdn.special-offers.online	click-now-on.me
4	plumtrip.com	plumtrip.com
3	pixel.runative-syndicate.com	2 redirects cdn.special-offers.online
2	cdn.runative-syndicate.com
2	wbidder.online	1 redirects cdn.special-offers.online
2	www.greatdexchange.com	1 redirects offer-notavailable.com
2	rapid-cdn.com	2 redirects
2	offer-notavailable.com	plumtrip.com offer-notavailable.com
1	click-now-on.me	special-offers.online
1	special-offers.online	www.greatdexchange.com
1	track.special-promotions.online	1 redirects
1	go.varitybr.com	1 redirects
1	sendsongs.serveirc.com	1 redirects
21	13

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-06` - `2020-10-09`	a year	crt.sh
greatdexchange.com COMODO RSA Domain Validation Secure Server CA	`2018-03-08` - `2020-03-07`	2 years	crt.sh
*.special-offers.online AlphaSSL CA - SHA256 - G2	`2019-06-30` - `2020-07-30`	a year	crt.sh
*.click-now-on.me AlphaSSL CA - SHA256 - G2	`2019-06-27` - `2020-07-30`	a year	crt.sh
*.wbidder.online AlphaSSL CA - SHA256 - G2	`2019-07-05` - `2020-07-05`	a year	crt.sh
ssl403620.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-23` - `2020-02-29`	6 months	crt.sh

This page contains 2 frames:

Primary Page: https://click-now-on.me/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc
Frame ID: 6F48543FFD23E78F2C3DB8D41FD4DCC0
Requests: 22 HTTP requests in this frame

Frame: data://truncated
Frame ID: 39177BEBB802BBFE5A025A75F4ADC052
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://sendsongs.serveirc.com/t?LmYVszOq9R99=UF3i6wVGxXmEkEqxWtuXH8LO0/uyse917nHkG8VWG3PLX3627K6xgpo5xTn+/... HTTP 301
http://plumtrip.com/clicks?cid=25609&pub=108179&sid4=&sid3=hotmail.com&sid1=hotmail_us_new_1.fre... Page URL
http://plumtrip.com/clicks/?cid=4740&pub=108179&prevcid=25609&sid1=hotmail_us_new_1.fresh_us_st_... Page URL
https://offer-notavailable.com/bettercontent/?utm_source=108179&utm_medium= Page URL
http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=108179&vert=&cid= HTTP 307
http://go.varitybr.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=81124... HTTP 302
http://rapid-cdn.com/?flux_fts=ioxtozxqpptqqqxtlleioapoxtlxlazzpqzxt9ac89 HTTP 307
https://www.greatdexchange.com/jump/next.php?r=2406007 Page URL
https://www.greatdexchange.com/jump/next.php?stamat=m%7C%2C4o2djY2erB1dQK0dEdHP3xP.dc1%2CSfdcxrJCZrXVtTSVHE... HTTP 302
https://track.special-promotions.online/15GcqP?subid=2406007&country=NL&affid=999760&cost={payout}&external_id=15781... HTTP 302
https://special-offers.online/lp/common/arb/?url=/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=24... Page URL
https://click-now-on.me/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&ta... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

21
Requests

81 %
HTTPS

36 %
IPv6

11
Domains

13
Subdomains

9
IPs

5
Countries

330 kB
Transfer

449 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sendsongs.serveirc.com/t?LmYVszOq9R99=UF3i6wVGxXmEkEqxWtuXH8LO0/uyse917nHkG8VWG3PLX3627K6xgpo5xTn+/JxIMdq41hhG6p4hnargfV/j94gIrp4eAa7LqdZKk7FsZG3exnKep1Q/k9bGns3r3ALKHsQV+P2QbwsH9pyasB/ubxfmxn4H6sISKK/2GoZ1grWf8KY99C9zQL+5T/aIPd1uCp0qGutOg/m+YJDyrA7eM+aJGZ6fHRpef8icTsBlPs31JvqEcLtujRsLTcKpd90yWUE8HJpyObyFuFto1r9+aaKgzZTlxDLHPXqtAGdwnva5dZDWbTqnIdVkYQskepE8d/pMRVvctLIH3w0PPvZQNPLBNar4dUXeQkZdo51CGKoig8kSdZwTQJNniE9beb99 HTTP 301
http://plumtrip.com/clicks?cid=25609&pub=108179&sid4=&sid3=hotmail.com&sid1=hotmail_us_new_1.fresh_us_st_5_2571&sid2=12_77537_725u4wAnTv30vzdnYT0SNQqjRW/SUV2nAuBnNQgun/w=_MacOSX Page URL
http://plumtrip.com/clicks/?cid=4740&pub=108179&prevcid=25609&sid1=hotmail_us_new_1.fresh_us_st_5_2571&sid2=12_77537_725u4wAnTv30vzdnYT0SNQqjRW/SUV2nAuBnNQgun/w=_MacOSX&sid3=hotmail.com&sid4= Page URL
https://offer-notavailable.com/bettercontent/?utm_source=108179&utm_medium= Page URL
http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=108179&vert=&cid= HTTP 307
http://go.varitybr.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=811246283348520748 HTTP 302
http://rapid-cdn.com/?flux_fts=ioxtozxqpptqqqxtlleioapoxtlxlazzpqzxt9ac89 HTTP 307
https://www.greatdexchange.com/jump/next.php?r=2406007 Page URL
https://www.greatdexchange.com/jump/next.php?stamat=m%7C%2C4o2djY2erB1dQK0dEdHP3xP.dc1%2CSfdcxrJCZrXVtTSVHEdElA%2C%2C&cbrandom=0.9363492576444052&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
https://track.special-promotions.online/15GcqP?subid=2406007&country=NL&affid=999760&cost={payout}&external_id=15781288201844207125083595206561498&acsc=171512564 HTTP 302
https://special-offers.online/lp/common/arb/?url=/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc Page URL
https://click-now-on.me/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://sendsongs.serveirc.com/t?LmYVszOq9R99=UF3i6wVGxXmEkEqxWtuXH8LO0/uyse917nHkG8VWG3PLX3627K6xgpo5xTn+/JxIMdq41hhG6p4hnargfV/j94gIrp4eAa7LqdZKk7FsZG3exnKep1Q/k9bGns3r3ALKHsQV+P2QbwsH9pyasB/ubxfmxn4H6sISKK/2GoZ1grWf8KY99C9zQL+5T/aIPd1uCp0qGutOg/m+YJDyrA7eM+aJGZ6fHRpef8icTsBlPs31JvqEcLtujRsLTcKpd90yWUE8HJpyObyFuFto1r9+aaKgzZTlxDLHPXqtAGdwnva5dZDWbTqnIdVkYQskepE8d/pMRVvctLIH3w0PPvZQNPLBNar4dUXeQkZdo51CGKoig8kSdZwTQJNniE9beb99 HTTP 301
http://plumtrip.com/clicks?cid=25609&pub=108179&sid4=&sid3=hotmail.com&sid1=hotmail_us_new_1.fresh_us_st_5_2571&sid2=12_77537_725u4wAnTv30vzdnYT0SNQqjRW/SUV2nAuBnNQgun/w=_MacOSX

Request Chain 6

http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=108179&vert=&cid= HTTP 307
http://go.varitybr.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=811246283348520748 HTTP 302
http://rapid-cdn.com/?flux_fts=ioxtozxqpptqqqxtlleioapoxtlxlazzpqzxt9ac89 HTTP 307
https://www.greatdexchange.com/jump/next.php?r=2406007

Request Chain 7

https://www.greatdexchange.com/jump/next.php?stamat=m%7C%2C4o2djY2erB1dQK0dEdHP3xP.dc1%2CSfdcxrJCZrXVtTSVHEdElA%2C%2C&cbrandom=0.9363492576444052&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
https://track.special-promotions.online/15GcqP?subid=2406007&country=NL&affid=999760&cost={payout}&external_id=15781288201844207125083595206561498&acsc=171512564 HTTP 302
https://special-offers.online/lp/common/arb/?url=/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc

Request Chain 29

https://wbidder.online/icon?url=https%3A%2F%2Fpixel.runative-syndicate.com%2Fapi%2Fv1%2Fgo%2F%3Fp%3De0SEGUNHhI4YLETQOXNQxBgaZnDAqHGjTAsaM8LYwAhDDJkWYWCYMdOiBgwbOW7ACFMDBw0xYkQoHONmzsGKCsPUGeMwRkUcMWTgwCEjBo0cMIYOjTFThJg0ZHwCFUrUKFIYN2LAOOo0DBk7OGEEVQinjkyEN2rU0AkHzkEaN27YUDgHjkGEM3DYoJFRYRk8dL7Yxfs06pcciefC-CKDBkoYWZ2OafMW4dgZN3SSMXNQhkIxbtwc3JvDBl0RdeSwIY2jhkqFdWQ4REOHDpw5Ol68kEOGjpwxa2S4GPOmzYsaZMqUkaE3DA4zZG7MIBOZa5kaYcTIuPFjztkYPeLO5VInsgwb37f3KH8-_dkZPWLo5ZuxvdL3Ymj0GIJGjvEy7kNPvRp6KO00AW2QowwzvoiqBzygOMMIM9Z4oo0omJDhjC9iEAKOMZa4oog67ggiiCJyWOPEIGIKQogq3MjDRBZZHAIOK040ggqGajzCDf-OSMIpONo4KCERyDDOITgWnGOO_4yzIw04XHjDDTbScKOMycLAawsYuigLuINgcAGGGWgq8osme9LBTDTniyEHheSwwzIZYPhrjCLLPHOGHI6iM7U60nCoDjfWcOONO0ZTiEqfYMjBheZscCEHGihtKrYwHGriDT3SYIONMJA7EwQUmiBISzremAONHUBIwg06ymADBFXHAOGJKUDAAoStOqThixpSACEIt9go44oyxFgiDTqQy8yFGWxAdQkkqGiCCRZAyHKNMkA4oozg3jC2v__aKOOFGzI1MzMZJo0hJRCmCMOMMORIQ9obqLVhMjdFcIIJp9gIuAgnnCLjvyMVcvWgNEVYsDMdRKjtttx2a7KMJ6NsY8oqr8xyyxecgjKsiv-jw8s35FD44CqcosNIhKgaqqgY-lAgIA%253D%253D%26r%3D1%26redirect%3Dhttps%253A%252F%252Fcdn.runative-syndicate.com%252Fimages%252Fd%252Fa%252F74f0cc3ca8fb9079ef33bdbff77ca22e861d3c.png%26s%3Da7627070c5ecfc9fa857b9cf977f967b6c3e4f8daebcb164f617252e130f28fc1578128821%26w%3Dt&s=1039&a=bid_onw_999760&sub=2406007&d=1&ic=1 HTTP 302
https://pixel.runative-syndicate.com/api/v1/go/?p=e0SEGUNHhI4YLETQOXNQxBgaZnDAqHGjTAsaM8LYwAhDDJkWYWCYMdOiBgwbOW7ACFMDBw0xYkQoHONmzsGKCsPUGeMwRkUcMWTgwCEjBo0cMIYOjTFThJg0ZHwCFUrUKFIYN2LAOOo0DBk7OGEEVQinjkyEN2rU0AkHzkEaN27YUDgHjkGEM3DYoJFRYRk8dL7Yxfs06pcciefC-CKDBkoYWZ2OafMW4dgZN3SSMXNQhkIxbtwc3JvDBl0RdeSwIY2jhkqFdWQ4REOHDpw5Ol68kEOGjpwxa2S4GPOmzYsaZMqUkaE3DA4zZG7MIBOZa5kaYcTIuPFjztkYPeLO5VInsgwb37f3KH8-_dkZPWLo5ZuxvdL3Ymj0GIJGjvEy7kNPvRp6KO00AW2QowwzvoiqBzygOMMIM9Z4oo0omJDhjC9iEAKOMZa4oog67ggiiCJyWOPEIGIKQogq3MjDRBZZHAIOK040ggqGajzCDf-OSMIpONo4KCERyDDOITgWnGOO_4yzIw04XHjDDTbScKOMycLAawsYuigLuINgcAGGGWgq8osme9LBTDTniyEHheSwwzIZYPhrjCLLPHOGHI6iM7U60nCoDjfWcOONO0ZTiEqfYMjBheZscCEHGihtKrYwHGriDT3SYIONMJA7EwQUmiBISzremAONHUBIwg06ymADBFXHAOGJKUDAAoStOqThixpSACEIt9go44oyxFgiDTqQy8yFGWxAdQkkqGiCCRZAyHKNMkA4oozg3jC2v__aKOOFGzI1MzMZJo0hJRCmCMOMMORIQ9obqLVhMjdFcIIJp9gIuAgnnCLjvyMVcvWgNEVYsDMdRKjtttx2a7KMJ6NsY8oqr8xyyxecgjKsiv-jw8s35FD44CqcosNIhKgaqqgY-lAgIA%3D%3D&r=1&redirect=https%3A%2F%2Fcdn.runative-syndicate.com%2Fimages%2Fd%2Fa%2F74f0cc3ca8fb9079ef33bdbff77ca22e861d3c.png&s=a7627070c5ecfc9fa857b9cf977f967b6c3e4f8daebcb164f617252e130f28fc1578128821&w=t HTTP 302
https://cdn.runative-syndicate.com/images/d/a/74f0cc3ca8fb9079ef33bdbff77ca22e861d3c.png

Request Chain 30

https://pixel.runative-syndicate.com/api/v1/go/?p=e0SEGUNHhI4YLETQOXNQxBgaZnDAqHGjTAsaM8LYwAhDDJkWYWCYMdOiBgwbOW7ACFMDBw0xYkQoHONmzsGKCsPUGeMwRkUcMWTgwCEjBo0cMIYOjTFThJg0ZHwCFUrUKFIYN2LAOOo0DBk7OGEEVQinjkyEN2rU0AkHzkEaN27YUDgHjkGEM3DYoJFRYRk8dL7Yxfs06pcciefC-CKDBkoYWZ2OafMW4dgZN3SSMXNQhkIxbtwc3JvDBl0RdeSwIY2jhkqFdWQ4REOHDpw5Ol68kEOGjpwxa2S4GPOmzYsaZMqUkaE3DA4zZG7MIBOZa5kaYcTIuPFjztkYPeLO5VInsgwb37f3KH8-_dkZPWLo5ZuxvdL3Ymj0GIJGjvEy7kNPvRp6KO00AW2QowwzvoiqBzygOMMIM9Z4oo0omJDhjC9iEAKOMZa4oog67ggiiCJyWOPEIGIKQogq3MjDRBZZHAIOK040ggqGajzCDf-OSMIpONo4KCERyDDOITgWnGOO_4yzIw04XHjDDTbScKOMycLAawsYuigLuINgcAGGGWgq8osme9LBTDTniyEHheSwwzIZYPhrjCLLPHOGHI6iM7U60nCoDjfWcOONO0ZTiEqfYMjBheZscCEHGihtKrYwHGriDT3SYIONMJA7EwQUmiBISzremAONHUBIwg06ymADBFXHAOGJKUDAAoStOqThixpSACEIt9go44oyxFgiDTqQy8yFGWxAdQkkqGiCCRZAyHKNMkA4oozg3jC2v__aKOOFGzI1MzMZJo0hJRCmCMOMMORIQ9obqLVhMjdFcIIJp9gIuAgnnCLjvyMVcvWgNEVYsDMdRKjtttx2a7KMJ6NsY8oqr8xyyxecgjKsiv-jw8s35FD44CqcosNIhKgaqqgY-lAgIA%3D%3D&r=1&redirect=https%3A%2F%2Fcdn.runative-syndicate.com%2Fimages%2Fd%2Fa%2F74f0cc3ca8fb9079ef33bdbff77ca22e861d3c.png&s=a7627070c5ecfc9fa857b9cf977f967b6c3e4f8daebcb164f617252e130f28fc1578128821&w=t HTTP 302
https://cdn.runative-syndicate.com/images/d/a/74f0cc3ca8fb9079ef33bdbff77ca22e861d3c.png

21 HTTP transactions
11 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	clicks Show response plumtrip.com/ Redirect Chain http://sendsongs.serveirc.com/t?LmYVszOq9R99=UF3i6wVGxXmEkEqxWtuXH8LO0/uyse917nHkG8VWG3PLX3627K6xgpo5xTn+/JxIMdq41hhG6p4hnargfV/j94gIrp4eAa7LqdZKk7FsZG3exnKep1Q/k9bGns3r3ALKHsQV+P2QbwsH9pyasB/ubxfm... http://plumtrip.com/clicks?cid=25609&pub=108179&sid4=&sid3=hotmail.com&sid1=hotmail_us_new_1.fresh_us_st_5_2571&sid2=12_77537_725u4wAnTv30vzdnYT0SNQqjRW/SUV2nAuBnNQgun/w=_MacOSX	4 KB 5 KB	333ms 316ms	Document text/html	23.90.15.235 Eonix Corporation
General Check archive.org Show headers Download Go to Full URL http://plumtrip.com/clicks?cid=25609&pub=108179&sid4=&sid3=hotmail.com&sid1=hotmail_us_new_1.fresh_us_st_5_2571&sid2=12_77537_725u4wAnTv30vzdnYT0SNQqjRW/SUV2nAuBnNQgun/w=_MacOSX Protocol HTTP/1.1 Server 23.90.15.235 Las Vegas, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US), Reverse DNS Software nginx/1.10.3 / PHP/5.4.45 Resource Hash `f3459240ad61331a5748067c91aca713bdd2cc70724dc6707569122e539d5e9d` Request headers Host plumtrip.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx/1.10.3 Date Sat, 04 Jan 2020 09:06:55 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/5.4.45 Redirect headers Date Sat, 04 Jan 2020 07:04:13 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.5.38 Set-Cookie PHPSESSID=bv0ngag240g7ljlh3g4rtp7oi6; path=/ Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Location http://plumtrip.com/clicks?cid=25609&pub=108179&sid4=&sid3=hotmail.com&sid1=hotmail_us_new_1.fresh_us_st_5_2571&sid2=12_77537_725u4wAnTv30vzdnYT0SNQqjRW/SUV2nAuBnNQgun/w=_MacOSX Content-Length 0 Connection close Content-Type text/html; charset=UTF-8
POST H/1.1	200 OK	index.php plumtrip.com/	267 B 460 B	335ms 334ms	XHR text/html	23.90.15.235 Eonix Corporation
General Check archive.org Show headers Download Go to Full URL http://plumtrip.com/index.php Requested by Host: plumtrip.com URL: http://plumtrip.com/clicks?cid=25609&pub=108179&sid4=&sid3=hotmail.com&sid1=hotmail_us_new_1.fresh_us_st_5_2571&sid2=12_77537_725u4wAnTv30vzdnYT0SNQqjRW/SUV2nAuBnNQgun/w=_MacOSX Protocol HTTP/1.1 Server 23.90.15.235 Las Vegas, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US), Reverse DNS Software nginx/1.10.3 / PHP/5.4.45 Resource Hash Request headers Referer http://plumtrip.com/clicks?cid=25609&pub=108179&sid4=&sid3=hotmail.com&sid1=hotmail_us_new_1.fresh_us_st_5_2571&sid2=12_77537_725u4wAnTv30vzdnYT0SNQqjRW/SUV2nAuBnNQgun/w=_MacOSX Origin http://plumtrip.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers Date Sat, 04 Jan 2020 09:06:56 GMT Server nginx/1.10.3 Connection keep-alive X-Powered-By PHP/5.4.45 Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	/ Show response plumtrip.com/clicks/	4 KB 5 KB	184ms 184ms	Document text/html	23.90.15.235 Eonix Corporation
General Check archive.org Show headers Download Go to Full URL http://plumtrip.com/clicks/?cid=4740&pub=108179&prevcid=25609&sid1=hotmail_us_new_1.fresh_us_st_5_2571&sid2=12_77537_725u4wAnTv30vzdnYT0SNQqjRW/SUV2nAuBnNQgun/w=_MacOSX&sid3=hotmail.com&sid4= Requested by Host: plumtrip.com URL: http://plumtrip.com/clicks?cid=25609&pub=108179&sid4=&sid3=hotmail.com&sid1=hotmail_us_new_1.fresh_us_st_5_2571&sid2=12_77537_725u4wAnTv30vzdnYT0SNQqjRW/SUV2nAuBnNQgun/w=_MacOSX Protocol HTTP/1.1 Server 23.90.15.235 Las Vegas, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US), Reverse DNS Software nginx/1.10.3 / PHP/5.4.45 Resource Hash `de2531c4ed979d7860a7e800a60255e726311c816f4518b8028418ef5ca705f8` Request headers Host plumtrip.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer http://plumtrip.com/clicks?cid=25609&pub=108179&sid4=&sid3=hotmail.com&sid1=hotmail_us_new_1.fresh_us_st_5_2571&sid2=12_77537_725u4wAnTv30vzdnYT0SNQqjRW/SUV2nAuBnNQgun/w=_MacOSX Accept-Encoding gzip, deflate Cookie clkcheck25609=8fd6c10f27209b62b4c8778794287b04_108179 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://plumtrip.com/clicks?cid=25609&pub=108179&sid4=&sid3=hotmail.com&sid1=hotmail_us_new_1.fresh_us_st_5_2571&sid2=12_77537_725u4wAnTv30vzdnYT0SNQqjRW/SUV2nAuBnNQgun/w=_MacOSX Response headers Server nginx/1.10.3 Date Sat, 04 Jan 2020 09:06:56 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/5.4.45
POST H/1.1	200 OK	index.php plumtrip.com/	151 B 343 B	339ms 339ms	XHR text/html	23.90.15.235 Eonix Corporation
General Check archive.org Show headers Download Go to Full URL http://plumtrip.com/index.php Requested by Host: plumtrip.com URL: http://plumtrip.com/clicks/?cid=4740&pub=108179&prevcid=25609&sid1=hotmail_us_new_1.fresh_us_st_5_2571&sid2=12_77537_725u4wAnTv30vzdnYT0SNQqjRW/SUV2nAuBnNQgun/w=_MacOSX&sid3=hotmail.com&sid4= Protocol HTTP/1.1 Server 23.90.15.235 Las Vegas, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904 - Eonix Corporation, US), Reverse DNS Software nginx/1.10.3 / PHP/5.4.45 Resource Hash Request headers Referer http://plumtrip.com/clicks/?cid=4740&pub=108179&prevcid=25609&sid1=hotmail_us_new_1.fresh_us_st_5_2571&sid2=12_77537_725u4wAnTv30vzdnYT0SNQqjRW/SUV2nAuBnNQgun/w=_MacOSX&sid3=hotmail.com&sid4= Origin http://plumtrip.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers Date Sat, 04 Jan 2020 09:06:56 GMT Server nginx/1.10.3 Connection keep-alive X-Powered-By PHP/5.4.45 Transfer-Encoding chunked Content-Type text/html
GET H2	200	/ Show response offer-notavailable.com/bettercontent/	3 KB 1 KB	369ms 329ms	Document text/html	2606:4700:30::6812:2e84 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://offer-notavailable.com/bettercontent/?utm_source=108179&utm_medium= Requested by Host: plumtrip.com URL: http://plumtrip.com/clicks/?cid=4740&pub=108179&prevcid=25609&sid1=hotmail_us_new_1.fresh_us_st_5_2571&sid2=12_77537_725u4wAnTv30vzdnYT0SNQqjRW/SUV2nAuBnNQgun/w=_MacOSX&sid3=hotmail.com&sid4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6812:2e84 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `4fafa066109287312f10031bf88fe5d549af96cc1a2b4ac223c79469dec97d6b` Request headers :method GET :authority offer-notavailable.com :scheme https :path /bettercontent/?utm_source=108179&utm_medium= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site sec-fetch-mode navigate referer http://plumtrip.com/clicks/?cid=4740&pub=108179&prevcid=25609&sid1=hotmail_us_new_1.fresh_us_st_5_2571&sid2=12_77537_725u4wAnTv30vzdnYT0SNQqjRW/SUV2nAuBnNQgun/w=_MacOSX&sid3=hotmail.com&sid4= accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://plumtrip.com/clicks/?cid=4740&pub=108179&prevcid=25609&sid1=hotmail_us_new_1.fresh_us_st_5_2571&sid2=12_77537_725u4wAnTv30vzdnYT0SNQqjRW/SUV2nAuBnNQgun/w=_MacOSX&sid3=hotmail.com&sid4= Response headers status 200 date Sat, 04 Jan 2020 09:06:57 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=de6ed4c3f19e7a16dc50dfcb9cec2aed81578128816; expires=Mon, 03-Feb-20 09:06:56 GMT; path=/; domain=.offer-notavailable.com; HttpOnly; SameSite=Lax; Secure cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 54fc0f308b37d6bd-FRA content-encoding br
GET H2	200	desktop.png offer-notavailable.com/bettercontent/images/	92 KB 92 KB	10ms 10ms	Image image/png	2606:4700:30::6812:2e84 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://offer-notavailable.com/bettercontent/images/desktop.png Requested by Host: offer-notavailable.com URL: https://offer-notavailable.com/bettercontent/?utm_source=108179&utm_medium= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::6812:2e84 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `eaa36f72eb72b3aff2db9f718a8dd759386c865beb007d21521c120d4a1c1864` Request headers Referer https://offer-notavailable.com/bettercontent/?utm_source=108179&utm_medium= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 04 Jan 2020 09:06:57 GMT cf-cache-status HIT last-modified Wed, 06 Nov 2019 23:26:55 GMT server cloudflare age 2307210 etag "5dc356bf-1701d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=2592000 accept-ranges bytes cf-ray 54fc0f333b74d6bd-FRA content-length 94237 expires Tue, 07 Jan 2020 16:13:27 GMT
GET H2	200	next.php Show response www.greatdexchange.com/jump/ Redirect Chain http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=108179&vert=&cid= http://go.varitybr.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=811246283348520748 http://rapid-cdn.com/?flux_fts=ioxtozxqpptqqqxtlleioapoxtlxlazzpqzxt9ac89 https://www.greatdexchange.com/jump/next.php?r=2406007	5 KB 2 KB	186ms 145ms	Document text/html	35.201.103.0 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.greatdexchange.com/jump/next.php?r=2406007 Requested by Host: offer-notavailable.com URL: https://offer-notavailable.com/bettercontent/?utm_source=108179&utm_medium= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.201.103.0 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 0.103.201.35.bc.googleusercontent.com Software openresty / Resource Hash `ae7adff510f165a29d46c1a642eed73018d7a3052813addd5a4dc37a8e067c77` Request headers :method GET :authority www.greatdexchange.com :scheme https :path /jump/next.php?r=2406007 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site sec-fetch-mode navigate accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 server openresty date Sat, 04 Jan 2020 09:07:00 GMT content-type text/html; charset=utf-8 referrer-policy no-referrer link <//www.greatdexchange.com>; rel=dns-prefetch,<//www.greatdexchange.com>; rel=preconnect content-encoding gzip via 1.1 google alt-svc clear Redirect headers Date Sat, 04 Jan 2020 09:07:00 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/7.0.28 Set-Cookie PHPSESSID=qedjjvfs1pbgk86mr6umgvpbq7; expires=Sat, 11-Jan-2020 09:07:00 GMT; Max-Age=604800; path=/ Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache X-Robots-Tag noindex, noarchive, nofollow P3P CP="This is not a P3P policy" Location https://www.greatdexchange.com/jump/next.php?r=2406007 CF-Cache-Status DYNAMIC set-cookie csid2=qedjjvfs1pbgk86mr6umgvpbq7; expires=Sun, 03-Jan-2021 09:07:00 GMT; Max-Age=31536000; path=/ PHPSESSID=qedjjvfs1pbgk86mr6umgvpbq7; expires=Sun, 05-Jan-2020 09:07:00 GMT; Max-Age=86400; path=/ Server cloudflare CF-RAY 54fc0f483b039736-FRA
GET H/1.1	200 OK	/ Show response special-offers.online/lp/common/arb/ Redirect Chain https://www.greatdexchange.com/jump/next.php?stamat=m%7C%2C4o2djY2erB1dQK0dEdHP3xP.dc1%2CSfdcxrJCZrXVtTSVHEdElA%2C%2C&cbrandom=0.9363492576444052&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbde... https://track.special-promotions.online/15GcqP?subid=2406007&country=NL&affid=999760&cost={payout}&external_id=15781288201844207125083595206561498&acsc=171512564 https://special-offers.online/lp/common/arb/?url=/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=D...	369 B 514 B	70ms 26ms	Document text/html	213.227.145.147 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://special-offers.online/lp/common/arb/?url=/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc Requested by Host: www.greatdexchange.com URL: https://www.greatdexchange.com/jump/next.php?r=2406007 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx/1.15.9 / Resource Hash `3415dd81a1b9f70c4cdfbdae915170513f886981c2f848e2c0a686a16337b6f3` Request headers Host special-offers.online Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx/1.15.9 Date Sat, 04 Jan 2020 09:07:01 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Origin * Content-Encoding gzip Redirect headers X-Powered-By Express Set-Cookie 15GcqPo=20200104091578129552949; domain=.track.special-promotions.online; path=/;expires=Sun, 05 Jan 2020 09:07:01 GMT; httpOnly=true; peerclickcid=7ec7f64532d1e8c1df10756ecae668c9-4888-0104; domain=.track.special-promotions.online; path=/;expires=Sun, 05 Jan 2020 09:07:01 GMT; httpOnly=true; Location https://special-offers.online/lp/common/arb/?url=/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc Vary Accept Content-Type text/html; charset=utf-8 Content-Length 762 Date Sat, 04 Jan 2020 09:07:01 GMT Connection keep-alive
GET H/1.1	200 OK	Primary Request / Show response click-now-on.me/lp/edchargin/lp4/	44 KB 28 KB	79ms 39ms	Document text/html	213.227.145.147 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://click-now-on.me/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc Requested by Host: special-offers.online URL: https://special-offers.online/lp/common/arb/?url=/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.227.145.147 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx/1.15.9 / Resource Hash `5b64d4b6bdc5c9dad3fadd5addebc76894c756d6d14762b06df2161decb0a4e8` Request headers Host click-now-on.me Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Referer https://special-offers.online/lp/common/arb/?url=/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://special-offers.online/lp/common/arb/?url=/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc Response headers Server nginx/1.15.9 Date Sat, 04 Jan 2020 09:07:01 GMT Content-Type text/html Last-Modified Wed, 10 Jul 2019 14:45:52 GMT Transfer-Encoding chunked Connection keep-alive ETag W/"5d25fa20-b07d" Content-Encoding gzip
GET H/1.1	200 OK	style-new.css cdn.special-offers.online/lp/plugin/css/	38 KB 26 KB	91ms 18ms	Stylesheet text/css	89.255.248.32 LEASEWEBCDN
General Check archive.org Show headers Download Go to Full URL https://cdn.special-offers.online/lp/plugin/css/style-new.css Requested by Host: click-now-on.me URL: https://click-now-on.me/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.255.248.32 , Netherlands, ASN60626 (LEASEWEBCDN, NL), Reverse DNS Software leasewebcdn/5.4.2 / Resource Hash `16ce0f7d9635fcb57c2ce46a649d17c9cc7e32819161179f41eea29caf5d5223` Request headers Referer https://click-now-on.me/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 04 Jan 2020 09:07:01 GMT Content-Encoding gzip CDN-Cache-Hit 1 Last-Modified Fri, 28 Sep 2018 15:56:11 GMT Server leasewebcdn/5.4.2 ETag W/"5bae4f1b-9694" Transfer-Encoding chunked Content-Type text/css CDN-Cache HIT CDN-Node DIRECT, AMS1-EDGE01013
GET H/1.1	200 OK	pageTemplate.min.css cdn.special-offers.online/lp/plugin/css/	2 KB 970 B	92ms 19ms	Stylesheet text/css	89.255.248.32 LEASEWEBCDN
General Check archive.org Show headers Download Go to Full URL https://cdn.special-offers.online/lp/plugin/css/pageTemplate.min.css Requested by Host: click-now-on.me URL: https://click-now-on.me/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.255.248.32 , Netherlands, ASN60626 (LEASEWEBCDN, NL), Reverse DNS Software leasewebcdn/5.4.2 / Resource Hash `a44edde7abfe4086b29943ccf7c7443cfdda6b7a0460f54a2837ab889268d55c` Request headers Referer https://click-now-on.me/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 04 Jan 2020 09:07:01 GMT Content-Encoding gzip CDN-Cache-Hit 1 Last-Modified Wed, 10 Jul 2019 14:41:21 GMT Server leasewebcdn/5.4.2 ETag W/"5d25f911-66b" Transfer-Encoding chunked Content-Type text/css CDN-Cache HIT CDN-Node DIRECT, AMS1-EDGE01012
GET H/1.1	200 OK	pageTemplate.v2.js Show response cdn.special-offers.online/lp/plugin/js/	28 KB 16 KB	93ms 20ms	Script application/x-javascript	89.255.248.32 LEASEWEBCDN
General Check archive.org Show headers Download Go to Full URL https://cdn.special-offers.online/lp/plugin/js/pageTemplate.v2.js Requested by Host: click-now-on.me URL: https://click-now-on.me/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.255.248.32 , Netherlands, ASN60626 (LEASEWEBCDN, NL), Reverse DNS Software leasewebcdn/5.4.2 / Resource Hash `e4378bc6f63009d14bd17eac2fc11d4298fd9e416668a43a825ab15c511dcafc` Request headers Referer https://click-now-on.me/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 04 Jan 2020 09:07:01 GMT Content-Encoding gzip CDN-Cache-Hit 1 Last-Modified Sat, 03 Aug 2019 13:59:38 GMT Server leasewebcdn/5.4.2 ETag W/"5d45934a-6e25" Transfer-Encoding chunked Content-Type application/x-javascript CDN-Cache HIT CDN-Node DIRECT, AMS1-EDGE01013
GET H/1.1	200 OK	IndexedDb.js Show response cdn.special-offers.online/lp/plugin/js/	4 KB 1 KB	94ms 21ms	Script application/x-javascript	89.255.248.32 LEASEWEBCDN
General Check archive.org Show headers Download Go to Full URL https://cdn.special-offers.online/lp/plugin/js/IndexedDb.js Requested by Host: click-now-on.me URL: https://click-now-on.me/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.255.248.32 , Netherlands, ASN60626 (LEASEWEBCDN, NL), Reverse DNS Software leasewebcdn/5.4.2 / Resource Hash `d0eed316592f3e17da26565144e246fbefc0b599c06ca9f4754c84ffa0f9ac09` Request headers Referer https://click-now-on.me/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 04 Jan 2020 09:07:01 GMT Content-Encoding gzip CDN-Cache-Hit 1 Last-Modified Mon, 24 Sep 2018 09:04:57 GMT Server leasewebcdn/5.4.2 ETag W/"5ba8a8b9-fb2" Transfer-Encoding chunked Content-Type application/x-javascript CDN-Cache HIT CDN-Node DIRECT, AMS1-EDGE01012
GET H/1.1	200 OK	log.js Show response cdn.special-offers.online/lp/plugin/js/	1 KB 1 KB	96ms 22ms	Script application/x-javascript	89.255.248.32 LEASEWEBCDN
General Check archive.org Show headers Download Go to Full URL https://cdn.special-offers.online/lp/plugin/js/log.js Requested by Host: click-now-on.me URL: https://click-now-on.me/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.255.248.32 , Netherlands, ASN60626 (LEASEWEBCDN, NL), Reverse DNS Software leasewebcdn/5.4.2 / Resource Hash `b126582a2dc15643553ecc896192ffe2b58858c39571411ef548013a0be9d258` Request headers Referer https://click-now-on.me/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 04 Jan 2020 09:07:01 GMT Content-Encoding gzip CDN-Cache-Hit 1 Last-Modified Mon, 24 Sep 2018 09:04:57 GMT Server leasewebcdn/5.4.2 ETag W/"5ba8a8b9-5c3" Transfer-Encoding chunked Content-Type application/x-javascript CDN-Cache HIT CDN-Node DIRECT, AMS1-EDGE01012
GET H/1.1	200 OK	client.js Show response cdn.special-offers.online/lp/plugin/js/	99 KB 36 KB	97ms 21ms	Script application/x-javascript	89.255.248.32 LEASEWEBCDN
General Check archive.org Show headers Download Go to Full URL https://cdn.special-offers.online/lp/plugin/js/client.js Requested by Host: click-now-on.me URL: https://click-now-on.me/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.255.248.32 , Netherlands, ASN60626 (LEASEWEBCDN, NL), Reverse DNS Software leasewebcdn/5.4.2 / Resource Hash `725fde9f853414dca415f4e7bc8f6386564c7ed93ef6b7bb34cc1702978d1de8` Request headers Referer https://click-now-on.me/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 04 Jan 2020 09:07:01 GMT Content-Encoding gzip CDN-Cache-Hit 1 Last-Modified Mon, 30 Dec 2019 12:42:29 GMT Server leasewebcdn/5.4.2 ETag W/"5e09f0b5-18d4e" Transfer-Encoding chunked Content-Type application/x-javascript CDN-Cache HIT CDN-Node DIRECT, AMS1-EDGE01013
GET DATA	200 OK	truncated / Frame 3917	0 0		Document audio/mp3
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type audio/mp3
GET DATA	200 OK	truncated /	7 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated / Frame 3917	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 3917	715 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 3917	178 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 3917	243 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 3917	381 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	arrow-blue4.png cdn.special-offers.online/lp/plugin/img/	6 KB 7 KB	19ms 18ms	Image image/png	89.255.248.32 LEASEWEBCDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.special-offers.online/lp/plugin/img/arrow-blue4.png Requested by Host: click-now-on.me URL: https://click-now-on.me/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.255.248.32 , Netherlands, ASN60626 (LEASEWEBCDN, NL), Reverse DNS Software leasewebcdn/5.4.2 / Resource Hash `41173a98b0ae7b2001f183af16586aa6e6777195a5d100652f4365e310ae9372` Request headers Referer https://click-now-on.me/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 04 Jan 2020 09:07:01 GMT CDN-Cache-Hit 1 Last-Modified Fri, 28 Sep 2018 16:01:05 GMT Server leasewebcdn/5.4.2 ETag "5bae5041-194a" Content-Type image/png CDN-Cache HIT Accept-Ranges bytes Content-Length 6474 CDN-Node DIRECT, AMS1-EDGE01012
GET DATA	200 OK	truncated / Frame 3917	177 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6fead81d343f693107904c5577dfd9642bb6ec751e305860c940fdcb5e6c4ae8` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 3917	242 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `91eb7001a90f9178135eede72f1c8a5300cababa4a078cb59debaa50de4b1788` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 3917	364 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `223dbeaf95c21e29aad42c8656d9ad41dbe9497df36c95118158609625d95c53` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	206 Partial Content	onBack.mp3 cdn.special-offers.online/	18 KB 19 KB	18ms 18ms	Media audio/mpeg	89.255.248.32 LEASEWEBCDN
General Check archive.org Show headers Download Go to Full URL https://cdn.special-offers.online/onBack.mp3 Requested by Host: click-now-on.me URL: https://click-now-on.me/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.255.248.32 , Netherlands, ASN60626 (LEASEWEBCDN, NL), Reverse DNS Software leasewebcdn/5.4.2 / Resource Hash `130828dc2d3d11c2b4ad0c998dde0b660671963aaf610a2ad366e999ddfd2b5a` Request headers Referer https://click-now-on.me/lp/edchargin/lp4/?tag=999760&tag1=software_udate&tag2=2406007&tag3=999760&tag4=dating&clickid=&device=Desktop&brand=Desktop&model=Desktop&country=DE&affid=999760&subid=2406007&ln=&cid=NL&useragent=%7Bvar:useragent%7D&ip=&bv=Chrome%2074&as=pc Accept-Encoding identity;q=1, ;q=0 User-Agent* Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Range bytes=0- Response headers Date Sat, 04 Jan 2020 09:07:01 GMT CDN-Cache-Hit 1 Last-Modified Wed, 26 Apr 2017 17:44:10 GMT Server leasewebcdn/5.4.2 ETag "5900dc6a-4922" Content-Type audio/mpeg Content-Range bytes 0-18721/18722 CDN-Cache HIT Content-Length 18722 CDN-Node DIRECT, AMS1-EDGE01012
GET DATA	200 OK	truncated / Frame 3917	351 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4c131a74d2f424e29ffb16d2b03fec20e3f0cae46c4f0aff594cdc8ade80c3ca` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	client Show response wbidder.online/offer/	14 KB 14 KB	422ms 359ms	Fetch application/json	85.17.31.88 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://wbidder.online/offer/client?affid=onw_999760&subid=2406007&days=8&count=6 Requested by Host: cdn.special-offers.online URL: https://cdn.special-offers.online/lp/plugin/js/client.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 85.17.31.88 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Express Resource Hash `5f70e832402ad6c75139f5852b961ccbbe39ad43eed44562c0b7393f8d8724f5` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Origin https://click-now-on.me Response headers access-control-allow-origin * date Sat, 04 Jan 2020 09:07:01 GMT x-powered-by Express etag W/"3633-/mwh/ZgGvTtG9P7XZ19gQMTEif8" content-length 13875 content-type application/json; charset=utf-8
GET H2	200	win Show response pixel.runative-syndicate.com/api/v1/	0 296 B	246ms 202ms	Fetch application/octet-stream	2606:4700::6810:d43b Cloudflare
General Check archive.org Show headers Download Go to Full URL https://pixel.runative-syndicate.com/api/v1/win?p=e0SEGUNHhI4YLETQOXNQxBgaZnDAqHGjTAsaM8LYwAhDDJkWYWCYMdOiBgwbOW7ACFMDBw0xYkQoHONmzsGKCsPUGeMwRkUcMWTgwCEjBo0cMIYOjTFThJg0ZHwCFUrUKFIYN2LAOOo0DBk7OGEEVQinjkyEN2rU0AkHzkEaN27YUDgHjkGEM3DYoJFRYRk8dL7Yxfs06pcciefC-CKDBkoYWZ2OafMW4dgZN3SSMXNQhkIxbtwc3JvDBl0RdeSwIY2jhkqFdWQ4REOHDpw5Ol68kEOGjpwxa2S4GPOmzYsaZMqUkaE3DA4zZG7MIBOZa5kaYcTIuPFjztkYPeLO5VInsgwb37f3KH8-_dkZPWLo5ZuxvdL3Ymj0GIJGjvEy7kNPvRp6KO00AW2QowwzvoiqBzygOMMIM9Z4oo0omJDhjC9iEAKOMZa4oog67ggiiCJyWOPEIGIKQogq3MjDRBZZHAIOK040ggqGajzCDf-OSMIpONo4KCERyDDOITgWnGOO_4yzIw04XHjDDTbScKOMycLAawsYuigLuINgcAGGGWgq8osme9LBTDTniyEHheSwwzIZYPhrjCLLPHOGHI6iM7U60nCoDjfWcOONO0ZTiEqfYMjBheZscCEHGihtKrYwHGriDT3SYIONMJA7EwQUmiBISzremAONHUBIwg06ymADBFXHAOGJKUDAAoStOqThixpSACEIt9go44oyxFgiDTqQy8yFGWxAdQkkqGiCCRZAyHKNMkA4oozg3jC2v__aKOOFGzI1MzMZJo0hJRCmCMOMMORIQ9obqLVhMjdFcIIJp9gIuAgnnCLjvyMVcvWgNEVYsDMdRKjtttx2a7KMJ6NsY8oqr8xyyxecgjKsiv-jw8s35FD44CqcosNIhKgaqqgY-lAgIA%3D%3D&s=a7627070c5ecfc9fa857b9cf977f967b6c3e4f8daebcb164f617252e130f28fc1578128821 Requested by Host: cdn.special-offers.online URL: https://cdn.special-offers.online/lp/plugin/js/client.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:d43b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Origin https://click-now-on.me Response headers date Sat, 04 Jan 2020 09:07:02 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/octet-stream status 200 cf-ray 54fc0f50d8ad649d-FRA content-length 0
GET H2	200	74f0cc3ca8fb9079ef33bdbff77ca22e861d3c.png cdn.runative-syndicate.com/images/d/a/ Redirect Chain https://wbidder.online/icon?url=https%3A%2F%2Fpixel.runative-syndicate.com%2Fapi%2Fv1%2Fgo%2F%3Fp%3De0SEGUNHhI4YLETQOXNQxBgaZnDAqHGjTAsaM8LYwAhDDJkWYWCYMdOiBgwbOW7ACFMDBw0xYkQoHONmzsGKCsPUGeMwRkUcM... https://pixel.runative-syndicate.com/api/v1/go/?p=e0SEGUNHhI4YLETQOXNQxBgaZnDAqHGjTAsaM8LYwAhDDJkWYWCYMdOiBgwbOW7ACFMDBw0xYkQoHONmzsGKCsPUGeMwRkUcMWTgwCEjBo0cMIYOjTFThJg0ZHwCFUrUKFIYN2LAOOo0DBk7OGE... https://cdn.runative-syndicate.com/images/d/a/74f0cc3ca8fb9079ef33bdbff77ca22e861d3c.png	37 KB 37 KB	12ms 10ms	Image image/png	2606:4700::6810:d43b Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.runative-syndicate.com/images/d/a/74f0cc3ca8fb9079ef33bdbff77ca22e861d3c.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:d43b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `57769d6d141b96d4306a9b6f414e76e72760ceb09aa3461cece431c537ca03a4` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 04 Jan 2020 09:07:01 GMT cf-cache-status HIT age 3143 status 200 content-length 38146 x-robots-tag noindex, nofollow last-modified Mon, 09 Dec 2019 10:40:31 GMT server cloudflare etag "5dee249f-9502" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png cache-control public, max-age=7200 accept-ranges bytes cf-ray 54fc0f514bef640d-FRA expires Sat, 04 Jan 2020 11:07:01 GMT Redirect headers cf-ray 54fc0f512bd5640d-FRA date Sat, 04 Jan 2020 09:07:01 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" location https://cdn.runative-syndicate.com/images/d/a/74f0cc3ca8fb9079ef33bdbff77ca22e861d3c.png status 302 x-robots-tag noindex, nofollow content-length 0
GET H2	200	74f0cc3ca8fb9079ef33bdbff77ca22e861d3c.png cdn.runative-syndicate.com/images/d/a/ Redirect Chain https://pixel.runative-syndicate.com/api/v1/go/?p=e0SEGUNHhI4YLETQOXNQxBgaZnDAqHGjTAsaM8LYwAhDDJkWYWCYMdOiBgwbOW7ACFMDBw0xYkQoHONmzsGKCsPUGeMwRkUcMWTgwCEjBo0cMIYOjTFThJg0ZHwCFUrUKFIYN2LAOOo0DBk7OGE... https://cdn.runative-syndicate.com/images/d/a/74f0cc3ca8fb9079ef33bdbff77ca22e861d3c.png	37 KB 37 KB	19ms 15ms	Image image/png	2606:4700::6810:d43b Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.runative-syndicate.com/images/d/a/74f0cc3ca8fb9079ef33bdbff77ca22e861d3c.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:d43b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `57769d6d141b96d4306a9b6f414e76e72760ceb09aa3461cece431c537ca03a4` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 04 Jan 2020 09:07:01 GMT cf-cache-status HIT age 3143 status 200 content-length 38146 x-robots-tag noindex, nofollow last-modified Mon, 09 Dec 2019 10:40:31 GMT server cloudflare etag "5dee249f-9502" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png cache-control public, max-age=7200 accept-ranges bytes cf-ray 54fc0f510bc0640d-FRA expires Sat, 04 Jan 2020 11:07:01 GMT Redirect headers cf-ray 54fc0f50dba3640d-FRA date Sat, 04 Jan 2020 09:07:01 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" location https://cdn.runative-syndicate.com/images/d/a/74f0cc3ca8fb9079ef33bdbff77ca22e861d3c.png status 302 x-robots-tag noindex, nofollow content-length 0

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.runative-syndicate.com
cdn.special-offers.online
click-now-on.me
go.varitybr.com
offer-notavailable.com
pixel.runative-syndicate.com
plumtrip.com
rapid-cdn.com
sendsongs.serveirc.com
special-offers.online
track.special-promotions.online
wbidder.online
www.greatdexchange.com
185.181.10.57
194.113.104.142
213.227.145.147
23.90.15.235
2606:4700:30::6812:2e84
2606:4700:30::681b:905f
2606:4700::6810:d43b
2a03:b0c0:3:d0::d13:7001
35.201.103.0
85.17.31.88
89.255.248.32
130828dc2d3d11c2b4ad0c998dde0b660671963aaf610a2ad366e999ddfd2b5a
16ce0f7d9635fcb57c2ce46a649d17c9cc7e32819161179f41eea29caf5d5223
223dbeaf95c21e29aad42c8656d9ad41dbe9497df36c95118158609625d95c53
3415dd81a1b9f70c4cdfbdae915170513f886981c2f848e2c0a686a16337b6f3
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
41173a98b0ae7b2001f183af16586aa6e6777195a5d100652f4365e310ae9372
4c131a74d2f424e29ffb16d2b03fec20e3f0cae46c4f0aff594cdc8ade80c3ca
4fafa066109287312f10031bf88fe5d549af96cc1a2b4ac223c79469dec97d6b
57769d6d141b96d4306a9b6f414e76e72760ceb09aa3461cece431c537ca03a4
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5b64d4b6bdc5c9dad3fadd5addebc76894c756d6d14762b06df2161decb0a4e8
5f70e832402ad6c75139f5852b961ccbbe39ad43eed44562c0b7393f8d8724f5
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7
6fead81d343f693107904c5577dfd9642bb6ec751e305860c940fdcb5e6c4ae8
725fde9f853414dca415f4e7bc8f6386564c7ed93ef6b7bb34cc1702978d1de8
91eb7001a90f9178135eede72f1c8a5300cababa4a078cb59debaa50de4b1788
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
a44edde7abfe4086b29943ccf7c7443cfdda6b7a0460f54a2837ab889268d55c
ae7adff510f165a29d46c1a642eed73018d7a3052813addd5a4dc37a8e067c77
b126582a2dc15643553ecc896192ffe2b58858c39571411ef548013a0be9d258
d0eed316592f3e17da26565144e246fbefc0b599c06ca9f4754c84ffa0f9ac09
de2531c4ed979d7860a7e800a60255e726311c816f4518b8028418ef5ca705f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4378bc6f63009d14bd17eac2fc11d4298fd9e416668a43a825ab15c511dcafc
eaa36f72eb72b3aff2db9f718a8dd759386c865beb007d21521c120d4a1c1864
f3459240ad61331a5748067c91aca713bdd2cc70724dc6707569122e539d5e9d

click-now-on.me Open in urlscan Pro 213.227.145.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

81 %HTTPS

36 %IPv6

11 Domains

13 Subdomains

9 IPs

5 Countries

330 kBTransfer

449 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

click-now-on.me Open in urlscan Pro
213.227.145.147 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

81 %
HTTPS

36 %
IPv6

11
Domains

13
Subdomains

9
IPs

5
Countries

330 kB
Transfer

449 kB
Size

0
Cookies

21 HTTP transactions
11 data transactions