urlscan.io logo urlscan.io
SecurityTrails logo

minently.com Open in urlscan Pro
205.147.93.131  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fredagty.com/0--hggasasfalb?adTagId=ee795150-730c-11e8-800a-0ae8b840b174&cpm=0.01&fallbackUrl=http://getad.xy...
Effective URL: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=679...
Submission: On February 10 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 11 domains to perform 11 HTTP transactions. The main IP is 205.147.93.131, located in United States and belongs to ZENEDGE, US. The main domain is minently.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 11th 2019. Valid for: 3 months.
This is the only time minently.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.202.53.245 14618 (AMAZON-AES)
1 2 18.204.146.154 14618 (AMAZON-AES)
1 2 151.80.221.9 16276 (OVH)
1 1 107.22.106.170 14618 (AMAZON-AES)
2 3 198.143.165.222 32475 (SINGLEHOP...)
1 35.157.133.117 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 3 99.198.108.198 32475 (SINGLEHOP...)
1 205.147.93.131 393676 (ZENEDGE)
2 2 3.225.159.248 14618 (AMAZON-AES)
2 35.227.196.138 15169 (GOOGLE)
11 9
1    52.202.53.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-53-245.compute-1.amazonaws.com
fredagty.com
2    18.204.146.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-146-154.compute-1.amazonaws.com
getad.xyz
2    151.80.221.9 (Netherlands)

ASN16276 (OVH, FR)
PTR: core.royalads.net
core.royalads.net
1    107.22.106.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-106-170.compute-1.amazonaws.com
ps.popcash.net
3    198.143.165.222 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
mt.tryd.pro
1    35.157.133.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-133-117.eu-central-1.compute.amazonaws.com
interated-citeven.com
1    2606:4700:3032::6818:780e (United States)

ASN13335 (CLOUDFLARENET, US)
you-should-watch-this.site
3    99.198.108.198 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
keloke.go-to.promo
1    205.147.93.131 (United States)

ASN393676 (ZENEDGE, US)
minently.com
2    3.225.159.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-159-248.compute-1.amazonaws.com
send-news.net
2    35.227.196.138 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 138.196.227.35.bc.googleusercontent.com
www.performanceonclick.com
Domain Requested by
3 keloke.go-to.promo 1 redirects you-should-watch-this.site
keloke.go-to.promo
3 mt.tryd.pro 2 redirects core.royalads.net
2 www.performanceonclick.com minently.com
2 send-news.net minently.com
2 core.royalads.net 1 redirects getad.xyz
2 getad.xyz 1 redirects
1 minently.com keloke.go-to.promo
1 you-should-watch-this.site interated-citeven.com
1 interated-citeven.com mt.tryd.pro
1 ps.popcash.net 1 redirects
1 fredagty.com 1 redirects
11 11

This site contains links to these domains. Also see Links.

Domain
send-news.net
Subject Issuer Validity Valid
mt.tryd.pro
Let's Encrypt Authority X3		 2020-01-03 -
2020-04-02		 3 months crt.sh
interated-citeven.com
Let's Encrypt Authority X3		 2020-01-20 -
2020-04-19		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-11-11 -
2020-10-09		 a year crt.sh
keloke.go-to.promo
Let's Encrypt Authority X3		 2020-01-31 -
2020-04-30		 3 months crt.sh
minently.com
Let's Encrypt Authority X3		 2019-12-11 -
2020-03-10		 3 months crt.sh

This page contains 1 frames:

Frame: http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=-vF6jwwDJm-MkjQ5aS4MnRHIk_N3hPzkkHZ67_OicZ7TGEVT1VQudA4JF3osLfuWuKTwF7pLFnic-GakxJNz-CXCWQZjP0irIT8ytfT8FMEGDmVrP6Ixz37bLwcpO75XEOXp3ClAmH9h-G3ocxWQEkm-E8GNirGCytLvxxiOMNvOMqbfeTp_2fPQ30kD34XrOh7yXrTK7loYVUJ9hBMKVl7c07fIfsVHyR0vD0ZqitIerouwBiWurkFtEE7jije31DKp8tVLhLD8qETCl9OOlg&sub1=sid%3D157848-n3UJ5r9QgEy5a2L_c.LC
Frame ID: D4242466E0329432076DC6D03798143E
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://fredagty.com/0--hggasasfalb?adTagId=ee795150-730c-11e8-800a-0ae8b840b174&cpm=0.01&fallbac... HTTP 302
    http://getad.xyz/go/216668/498903?clickid=ed1ab72b-4bbb-11ea-8f6d-0ae0973de993 Page URL
  2. http://getad.xyz/ad/ad?p=216668&w=498903&t=e69b800fc5952a54&r=&vw=1600&vh=1200 HTTP 303
    http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903 Page URL
  3. http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903&ref=http%3A%2F%2Fge... HTTP 302
    http://ps.popcash.net/ad/ad?p=201730&w=488087&d=821f52f841fd93b97d45-1556198054488087 HTTP 303
    https://mt.tryd.pro/?utm_medium=8052e804469acf985bfee712b75b674629148b99&utm_campaign=Remnantnew... HTTP 302
    https://mt.tryd.pro/?utm_term=6791666617366348491&clickverify=1 Page URL
  4. https://mt.tryd.pro/proc.php?38623a5ccd61f52d23f5339c465e9f18db4a2aaa HTTP 302
    https://interated-citeven.com/f921be63-66f1-4499-b0ca-ab468c991e6d?partner_id=185&placement_id=185-6812489... Page URL
  5. https://you-should-watch-this.site/ Page URL
  6. https://keloke.go-to.promo/?utm_medium=2773a7035df189c1f00c8fed2e15f7d4dd0641b4&utm_campaign=yswts Page URL
  7. https://keloke.go-to.promo/?utm_term=6791666621661315804&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
  8. https://keloke.go-to.promo/proc.php?395c41fc4579beb0c2b6cae0a41256678b62cc4a HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

11
Requests

55 %
HTTPS

9 %
IPv6

11
Domains

11
Subdomains

9
IPs

3
Countries

16 kB
Transfer

30 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fredagty.com/0--hggasasfalb?adTagId=ee795150-730c-11e8-800a-0ae8b840b174&cpm=0.01&fallbackUrl=http://getad.xyz/go/216668/498903 HTTP 302
    http://getad.xyz/go/216668/498903?clickid=ed1ab72b-4bbb-11ea-8f6d-0ae0973de993 Page URL
  2. http://getad.xyz/ad/ad?p=216668&w=498903&t=e69b800fc5952a54&r=&vw=1600&vh=1200 HTTP 303
    http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903 Page URL
  3. http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903&ref=http%3A%2F%2Fgetad.xyz%2Fgo%2F216668%2F498903%3Fclickid%3Ded1ab72b-4bbb-11ea-8f6d-0ae0973de993&scrw=1600&scrh=1200&nlc=b041TnYR5n3Ab7UV&ven=&ver=&p=falsexundefined&iif=0 HTTP 302
    http://ps.popcash.net/ad/ad?p=201730&w=488087&d=821f52f841fd93b97d45-1556198054488087 HTTP 303
    https://mt.tryd.pro/?utm_medium=8052e804469acf985bfee712b75b674629148b99&utm_campaign=Remnantnewtest HTTP 302
    https://mt.tryd.pro/?utm_term=6791666617366348491&clickverify=1 Page URL
  4. https://mt.tryd.pro/proc.php?38623a5ccd61f52d23f5339c465e9f18db4a2aaa HTTP 302
    https://interated-citeven.com/f921be63-66f1-4499-b0ca-ab468c991e6d?partner_id=185&placement_id=185-6812489z&subid=6791666617366348491 Page URL
  5. https://you-should-watch-this.site/ Page URL
  6. https://keloke.go-to.promo/?utm_medium=2773a7035df189c1f00c8fed2e15f7d4dd0641b4&utm_campaign=yswts Page URL
  7. https://keloke.go-to.promo/?utm_term=6791666621661315804&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e Page URL
  8. https://keloke.go-to.promo/proc.php?395c41fc4579beb0c2b6cae0a41256678b62cc4a HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6791666621661315804&ext1=2153 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://fredagty.com/0--hggasasfalb?adTagId=ee795150-730c-11e8-800a-0ae8b840b174&cpm=0.01&fallbackUrl=http://getad.xyz/go/216668/498903 HTTP 302
  • http://getad.xyz/go/216668/498903?clickid=ed1ab72b-4bbb-11ea-8f6d-0ae0973de993
Request Chain 1
  • http://getad.xyz/ad/ad?p=216668&w=498903&t=e69b800fc5952a54&r=&vw=1600&vh=1200 HTTP 303
  • http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903
Request Chain 2
  • http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903&ref=http%3A%2F%2Fgetad.xyz%2Fgo%2F216668%2F498903%3Fclickid%3Ded1ab72b-4bbb-11ea-8f6d-0ae0973de993&scrw=1600&scrh=1200&nlc=b041TnYR5n3Ab7UV&ven=&ver=&p=falsexundefined&iif=0 HTTP 302
  • http://ps.popcash.net/ad/ad?p=201730&w=488087&d=821f52f841fd93b97d45-1556198054488087 HTTP 303
  • https://mt.tryd.pro/?utm_medium=8052e804469acf985bfee712b75b674629148b99&utm_campaign=Remnantnewtest HTTP 302
  • https://mt.tryd.pro/?utm_term=6791666617366348491&clickverify=1
Request Chain 3
  • https://mt.tryd.pro/proc.php?38623a5ccd61f52d23f5339c465e9f18db4a2aaa HTTP 302
  • https://interated-citeven.com/f921be63-66f1-4499-b0ca-ab468c991e6d?partner_id=185&placement_id=185-6812489z&subid=6791666617366348491
Request Chain 8
  • https://send-news.net/jj5l8KYdQ9Dsyu5qqI8t1JgcgHN_4pWo8cPcNfRAh3k?clck=lNL20CI8R090d2f00000A002MZ0ZGY003DSOGZ012003DSO00000000&sid=sid=157848-n3UJ5r9QgEy5a2L_c.LC&utm_campaign=NTY4ZwSkM49F49xha28xO3FaMjE0NhXV HTTP 302
  • http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=lisWTEFbdE7DFxtuFNh99i2I0B3kjFyw6OaTJjFfK--8jsnQDnzMvNZK00lGht4ionKwbg3ln_1DuFx17C3kmktGAZqEqtZEzQdIE_vWLEAG3c0IKCf3JLaZfQebVfViNzORf09QZcLASy7sAjt5bBA7hXimPsWtVAzJMbYBtRJMzUW2nJMvqBas9aTPBRhXunASin_8sniMaYSMSGnhiROlM_vVlL89FI4x31fqlvetyf4JZaSPMAAhy4XTz8TtrYZuhgDdjKoaAVAKg5_RqQ&sub1=sid%3D157848-n3UJ5r9QgEy5a2L_c.LC
Request Chain 9
  • https://send-news.net/jj5l8KYdQ9Dsyu5qqI8t1JgcgHN_4pWo8cPcNfRAh3k?clck=lNL20CI8R090d2f00000A002MZ0ZGY003DSOGZ012003DSO00000000&sid=sid=157848-n3UJ5r9QgEy5a2L_c.LC&utm_campaign=NTY4ZwSkM49F49xha28xO3FaMjE0NhXV HTTP 302
  • http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=-vF6jwwDJm-MkjQ5aS4MnRHIk_N3hPzkkHZ67_OicZ7TGEVT1VQudA4JF3osLfuWuKTwF7pLFnic-GakxJNz-CXCWQZjP0irIT8ytfT8FMEGDmVrP6Ixz37bLwcpO75XEOXp3ClAmH9h-G3ocxWQEkm-E8GNirGCytLvxxiOMNvOMqbfeTp_2fPQ30kD34XrOh7yXrTK7loYVUJ9hBMKVl7c07fIfsVHyR0vD0ZqitIerouwBiWurkFtEE7jije31DKp8tVLhLD8qETCl9OOlg&sub1=sid%3D157848-n3UJ5r9QgEy5a2L_c.LC

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
498903
getad.xyz/go/216668/
Redirect Chain
  • http://fredagty.com/0--hggasasfalb?adTagId=ee795150-730c-11e8-800a-0ae8b840b174&cpm=0.01&fallbackUrl=http://getad.xyz/go/216668/498903
  • http://getad.xyz/go/216668/498903?clickid=ed1ab72b-4bbb-11ea-8f6d-0ae0973de993
426 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
http://getad.xyz/go/216668/498903?clickid=ed1ab72b-4bbb-11ea-8f6d-0ae0973de993
Protocol
HTTP/1.1
Server
18.204.146.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-146-154.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2a5ad2fa801cefb386360eaa6d00359eac4954a52f6e1b0ab6b5f11497521346

Request headers

Host
getad.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 04:15:09 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Date
Mon, 10 Feb 2020 04:15:09 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Location
http://getad.xyz/go/216668/498903?clickid=ed1ab72b-4bbb-11ea-8f6d-0ae0973de993
Server
ZeroPark-Traffic
Cookie set /
core.royalads.net/click/
Redirect Chain
  • http://getad.xyz/ad/ad?p=216668&w=498903&t=e69b800fc5952a54&r=&vw=1600&vh=1200
  • http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903
996 B
908 B 		Document
General
Check archive.org
Download Go to
Full URL
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903
Requested by
Host: getad.xyz
URL: http://getad.xyz/go/216668/498903?clickid=ed1ab72b-4bbb-11ea-8f6d-0ae0973de993
Protocol
HTTP/1.1
Server
151.80.221.9 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
core.royalads.net
Software
nginx /
Resource Hash
f9004d794ad16747ee95b94ddebd5648f901d3313faf81c8a7ba70d89a0cc564

Request headers

Host
core.royalads.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://getad.xyz/go/216668/498903?clickid=ed1ab72b-4bbb-11ea-8f6d-0ae0973de993
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://getad.xyz/go/216668/498903?clickid=ed1ab72b-4bbb-11ea-8f6d-0ae0973de993

Response headers

Server
nginx
Date
Mon, 10 Feb 2020 04:15:10 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache
Set-Cookie
cflag=011;Domain=core.royalads.net;Path=/
Content-Encoding
gzip

Redirect headers

Date
Mon, 10 Feb 2020 04:15:10 GMT
Content-Type
text/html; charset=utf-8
Content-Length
115
Connection
keep-alive
Server
nginx
Location
http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903
/
mt.tryd.pro/
Redirect Chain
  • http://core.royalads.net/go/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903&ref=http%3A%2F%2Fgetad.xyz%2Fgo%2F216668%2F498903%3Fclickid%3Ded1ab72b-4bbb-11ea-8f6d-0ae0973de993&scrw=1600&scrh=1...
  • http://ps.popcash.net/ad/ad?p=201730&w=488087&d=821f52f841fd93b97d45-1556198054488087
  • https://mt.tryd.pro/?utm_medium=8052e804469acf985bfee712b75b674629148b99&utm_campaign=Remnantnewtest
  • https://mt.tryd.pro/?utm_term=6791666617366348491&clickverify=1
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mt.tryd.pro/?utm_term=6791666617366348491&clickverify=1
Requested by
Host: core.royalads.net
URL: http://core.royalads.net/click/?pub=668b66e2-62b7-461c-8a81-1988701f230f&site=498903
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.143.165.222 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
c5c7b5b408e60d987d40326ccc56208ea999b53372cc8ec140218616db38a55b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
mt.tryd.pro
:scheme
https
:path
/?utm_term=6791666617366348491&clickverify=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://core.royalads.net/
accept-encoding
gzip, deflate, br
cookie
u=a9a91b685083eb6ab39d79106f6cb07d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://core.royalads.net/

Response headers

status
200
server
nginx
date
Mon, 10 Feb 2020 04:15:10 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip

Redirect headers

status
302
server
nginx
date
Mon, 10 Feb 2020 04:15:10 GMT
content-type
text/html; charset=UTF-8
location
https://mt.tryd.pro/?utm_term=6791666617366348491&clickverify=1
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=a9a91b685083eb6ab39d79106f6cb07d; expires=Tue, 09-Feb-2021 04:15:10 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
Cookie set f921be63-66f1-4499-b0ca-ab468c991e6d
interated-citeven.com/
Redirect Chain
  • https://mt.tryd.pro/proc.php?38623a5ccd61f52d23f5339c465e9f18db4a2aaa
  • https://interated-citeven.com/f921be63-66f1-4499-b0ca-ab468c991e6d?partner_id=185&placement_id=185-6812489z&subid=6791666617366348491
362 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://interated-citeven.com/f921be63-66f1-4499-b0ca-ab468c991e6d?partner_id=185&placement_id=185-6812489z&subid=6791666617366348491
Requested by
Host: mt.tryd.pro
URL: https://mt.tryd.pro/?utm_term=6791666617366348491&clickverify=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.133.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-133-117.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
300b81924c41e49ed86f1ec18975a9709eebbe3428358b4472635e92b950d9a9

Request headers

Host
interated-citeven.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://mt.tryd.pro/?utm_term=6791666617366348491&clickverify=1
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://mt.tryd.pro/?utm_term=6791666617366348491&clickverify=1

Response headers

Server
nginx
Date
Mon, 10 Feb 2020 04:15:11 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
362
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Set-Cookie
f921be63-66f1-4499-b0ca-ab468c991e6d-v4=f921be63-66f1-4499-b0ca-ab468c991e6d; Max-Age=86400; Expires=Tue, 11-Feb-2020 04:15:11 GMT; Domain=interated-citeven.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=wNwiOnJrTY%2BXfVPH5TeU%2FFAvR%2BBLSvPaQQIBPOvvq696YNXrXyjOhvj%2BEoMo2IvI1aBehTXAkkkMHk6xGZv9BBV42ji1gKo6DWhi3UI17KGKtPI1j4IBSOVAavPouOj4Uwq2%2F46t6m5KPB4%2BFkgcUg%3D%3D; Max-Age=31536000; Expires=Tue, 09-Feb-2021 04:15:11 GMT; Domain=interated-citeven.com; Path=/; Secure; HttpOnly;SameSite=None

Redirect headers

status
302
server
nginx
date
Mon, 10 Feb 2020 04:15:11 GMT
content-type
text/html; charset=UTF-8
location
https://interated-citeven.com/f921be63-66f1-4499-b0ca-ab468c991e6d?partner_id=185&placement_id=185-6812489z&subid=6791666617366348491
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
/
you-should-watch-this.site/ 		543 B
652 B 		Document
General
Check archive.org
Download Go to
Full URL
https://you-should-watch-this.site/
Requested by
Host: interated-citeven.com
URL: https://interated-citeven.com/f921be63-66f1-4499-b0ca-ab468c991e6d?partner_id=185&placement_id=185-6812489z&subid=6791666617366348491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:780e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
174ce5a799bddf3a3a9a4425fd83266303eba56558b018dbe71132b76d39a167

Request headers

:method
GET
:authority
you-should-watch-this.site
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://interated-citeven.com/f921be63-66f1-4499-b0ca-ab468c991e6d?partner_id=185&placement_id=185-6812489z&subid=6791666617366348491
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://interated-citeven.com/f921be63-66f1-4499-b0ca-ab468c991e6d?partner_id=185&placement_id=185-6812489z&subid=6791666617366348491

Response headers

status
200
date
Mon, 10 Feb 2020 04:15:11 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dd977414d5e94e271442c97814f1053ad1581308111; expires=Wed, 11-Mar-20 04:15:11 GMT; path=/; domain=.you-should-watch-this.site; HttpOnly; SameSite=Lax
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
562b42af49342be6-AMS
content-encoding
br
/
keloke.go-to.promo/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://keloke.go-to.promo/?utm_medium=2773a7035df189c1f00c8fed2e15f7d4dd0641b4&utm_campaign=yswts
Requested by
Host: you-should-watch-this.site
URL: https://you-should-watch-this.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.108.198 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
957e4eea2e15c7651f2b031fd13455f48e8b573a643419d9e6a2de89ffca1c05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
keloke.go-to.promo
:scheme
https
:path
/?utm_medium=2773a7035df189c1f00c8fed2e15f7d4dd0641b4&utm_campaign=yswts
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://you-should-watch-this.site/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://you-should-watch-this.site/

Response headers

status
200
server
nginx
date
Mon, 10 Feb 2020 04:15:11 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=2e58e1979072ca682f8c150cba1ba4a6; expires=Tue, 09-Feb-2021 04:15:11 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
/
keloke.go-to.promo/ 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://keloke.go-to.promo/?utm_term=6791666621661315804&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
Requested by
Host: keloke.go-to.promo
URL: https://keloke.go-to.promo/?utm_medium=2773a7035df189c1f00c8fed2e15f7d4dd0641b4&utm_campaign=yswts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.108.198 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
9fbb345212c0d1ef64603f4e5d12fd6f74beb7da125dbd91adc5000abba69978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
keloke.go-to.promo
:scheme
https
:path
/?utm_term=6791666621661315804&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://keloke.go-to.promo/?utm_medium=2773a7035df189c1f00c8fed2e15f7d4dd0641b4&utm_campaign=yswts
accept-encoding
gzip, deflate, br
cookie
u=2e58e1979072ca682f8c150cba1ba4a6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://keloke.go-to.promo/?utm_medium=2773a7035df189c1f00c8fed2e15f7d4dd0641b4&utm_campaign=yswts

Response headers

status
200
server
nginx
date
Mon, 10 Feb 2020 04:15:11 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
Primary Request -nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP
minently.com/RnSda/rDN3/ojdn/
Redirect Chain
  • https://keloke.go-to.promo/proc.php?395c41fc4579beb0c2b6cae0a41256678b62cc4a
  • https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6791666621661315804&ext1=2153
6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6791666621661315804&ext1=2153
Requested by
Host: keloke.go-to.promo
URL: https://keloke.go-to.promo/?utm_term=6791666621661315804&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.147.93.131 , United States, ASN393676 (ZENEDGE, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
dd7e5aeaeee04ef7ac3934db1301f9a79c7c602940309005c7fa3113fe07d18c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

:method
GET
:authority
minently.com
:scheme
https
:path
/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6791666621661315804&ext1=2153
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://keloke.go-to.promo/?utm_term=6791666621661315804&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://keloke.go-to.promo/?utm_term=6791666621661315804&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e

Response headers

status
200
content-type
text/html;charset=utf-8
expires
Sat, 26 Jul 1997 05:00:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
date
Mon, 10 Feb 2020 04:15:12 GMT
content-encoding
gzip
vary
Accept-Encoding Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
x-cache-status
NOTCACHED
x-zen-fury
f434b8dc161b27c24c5edd6aca8a03c9cff75752
set-cookie
MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=98b3d44810d58848ccd85a09a3e449b7_1581308112.0969; domain=minently.com; path=/; expires=Thu, 07-Feb-2030 04:15:12 UTC; Secure x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1581308112.0997; domain=minently.com; path=/; expires=Thu, 07-Feb-2030 04:15:12 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3WE8wUCtXWnVzVHdTMkE0ZHk1TnRlVEs2TTN6a2JCWittc2lBUWV1VVRGLw%3D%3D; domain=minently.com; path=/; expires=Thu, 07-Feb-2030 04:15:12 UTC; Secure 98b3d44810d58848ccd85a09a3e449b7_1581308112.0969_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bGwza3U5VWdtZDNxV1dFdzd0M0xJNkc5T05zYkFZVGs2eE1CL0pQVlF5NnU5amRJdklpeVo5Z1hTOStIOTl5NFpZQjRDTFFXajZ4Ky8vL0F2RmN6Zks2dzRMNmRRUStZSGlUOTRtMDFqTGJCWHBrcm1vZEFxa2ViZlNEN2NXMktzdk1kOG1HdGNTVzR1UFlmOW45dGVXZWZ5R3dlKy9haFc5b1Fsa2VxamtGYUgrcTdwMEtXcWNwOHVhNS82UEwydGtuM3A3QzQwQ0VKSUJWRmV5dHk0N0JDcGNVbE9QcSthMUhlSjlOOEFENGZJdXZlYzNVbU5aM092TUJjVUorWks3R01xc1NKdGZtL3BSTVZEOEtFRzhkMkh2M0FRMnU4WkVVMFBIWXF3eVVqenpjdVJ1TzlQbkpaeS8waTBKWEZqdEdBMGdKOXNaN3VJeFplQlE3TUIxbzc1eWtlTTIzTWxWY2JXSEt0L2ZtZTlrS1lXR214Z2EwZ0Z2MFVSOVhmK01NaFpkNTYrcG41WGZidkZqMWx3N1RJZ0VDcE1US1o3L2tqWUVTcFJoOHMzWUtDdHkwcm82YjFqSHNQSFZqNDU0YnU2TmFRUEZUL1JDS0hEWFBJYjd0c0krclluNjNTOERBcm1mbURFUHVnbmpNaU1kUWNhNVFnSUpXb0JkV3psOW45bVYxOHo5dEFDL3Raa0JwWExFeHJWbEpZclNPQm1DMkNETm40N01xams3Qm85L0xIRjBiQnIwbU92WUg5bWlxcGdLbGFFbUx1cnJVYXZHTGVXRXpBL2lpOGN3aHhDVW5Hd1diMW8yQlBOTWpETVl4bGlXMGQ3ZzMyZ2pSM3RtM3ZrRFd1eWhONGhIakdXdWRETEo4VEhVajVackZZRCtXYWlqcTVYYjZhcEtHd2Q4bVdkZW9KQlJZRDBjOG1kKzBxTlpCcUhtdWVzdkpHOER3ZG40b1BFTW5qVGVMeUJ3M1RtVFVQVTZDOHk1TStnVXNlWHE1WkYzVzhOWFdoR1RLL1RBUVI4blJFVG5UVGdCWHlvVVQvL3RIdEhVdUE3S21GQ2NNdFJkV09LMkh1Rm4xS00vMDh4WG5kc2I2U1diQ0JIanRQOU41UmhSNjhDN0pyanZzZFI2di9lZy9SM2ZoNVhQU204OWQrM05CQnNOQnc4UzEzUGZnZWVlbGsvV0ZjSThiRW5JenY0TFZsNk5vaUhMQ1Fjam1DOVdKeUxPSEJFWWFKNXpK; domain=minently.com; path=/; expires=Thu, 07-Feb-2030 04:15:12 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=V1MwYzA4ekgwTEdreEgyWUVaZ3RFREJQV3AzYk5TSEJUUE9KNzMydE52cnZKZFBZdS94QlRyalpNTkRGYUd0RTRwRVJ4RGxlMnJadzcrL0lPOGJHSDF4NHkyRll1T0VFcGlTSVcxNE5BTnM9; domain=minently.com; path=/; expires=Mon, 10-Feb-2020 05:20:12 UTC; Secure SERVERID=sfc63; path=/
server
ZENEDGE
x-cdn
Served-By-Zenedge

Redirect headers

status
302
server
nginx
date
Mon, 10 Feb 2020 04:15:11 GMT
content-type
text/html; charset=UTF-8
location
https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6791666621661315804&ext1=2153
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
jj5l8KYdQ9Dsyu5qqI8t1JgcgHN_4pWo8cPcNfRAh3k
send-news.net/ 		0
0
next.php
www.performanceonclick.com/jump/
Redirect Chain
  • https://send-news.net/jj5l8KYdQ9Dsyu5qqI8t1JgcgHN_4pWo8cPcNfRAh3k?clck=lNL20CI8R090d2f00000A002MZ0ZGY003DSOGZ012003DSO00000000&sid=sid=157848-n3UJ5r9QgEy5a2L_c.LC&utm_campaign=NTY4ZwSkM49F49xha28xO...
  • http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=lisWTEFbdE7DFxtuFNh99i2I0B3kjFyw6OaTJjFfK--8jsnQDnzMvNZK00lGht4ionKwbg3ln_1DuFx17C3kmktGAZqEqtZEzQdIE_vWLEAG3c0IKCf3JLaZfQebVfV...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=lisWTEFbdE7DFxtuFNh99i2I0B3kjFyw6OaTJjFfK--8jsnQDnzMvNZK00lGht4ionKwbg3ln_1DuFx17C3kmktGAZqEqtZEzQdIE_vWLEAG3c0IKCf3JLaZfQebVfViNzORf09QZcLASy7sAjt5bBA7hXimPsWtVAzJMbYBtRJMzUW2nJMvqBas9aTPBRhXunASin_8sniMaYSMSGnhiROlM_vVlL89FI4x31fqlvetyf4JZaSPMAAhy4XTz8TtrYZuhgDdjKoaAVAKg5_RqQ&sub1=sid%3D157848-n3UJ5r9QgEy5a2L_c.LC
Requested by
Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6791666621661315804&ext1=2153
Protocol
HTTP/1.1
Server
35.227.196.138 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
138.196.227.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Host
www.performanceonclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://minently.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://minently.com/

Response headers

Server
openresty
Date
Mon, 10 Feb 2020 04:15:13 GMT
Access-Control-Allow-Origin
*
Referrer-Policy
no-referrer
Via
1.1 google

Redirect headers

Date
Mon, 10 Feb 2020 04:15:13 GMT
Content-Type
text/html
Content-Length
158
Connection
keep-alive
Location
http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=lisWTEFbdE7DFxtuFNh99i2I0B3kjFyw6OaTJjFfK--8jsnQDnzMvNZK00lGht4ionKwbg3ln_1DuFx17C3kmktGAZqEqtZEzQdIE_vWLEAG3c0IKCf3JLaZfQebVfViNzORf09QZcLASy7sAjt5bBA7hXimPsWtVAzJMbYBtRJMzUW2nJMvqBas9aTPBRhXunASin_8sniMaYSMSGnhiROlM_vVlL89FI4x31fqlvetyf4JZaSPMAAhy4XTz8TtrYZuhgDdjKoaAVAKg5_RqQ&sub1=sid%3D157848-n3UJ5r9QgEy5a2L_c.LC
Set-Cookie
session=054ffae3-9fe1-4782-9aa5-8b20665d5c5c
Server
nginx
next.php
www.performanceonclick.com/jump/
Redirect Chain
  • https://send-news.net/jj5l8KYdQ9Dsyu5qqI8t1JgcgHN_4pWo8cPcNfRAh3k?clck=lNL20CI8R090d2f00000A002MZ0ZGY003DSOGZ012003DSO00000000&sid=sid=157848-n3UJ5r9QgEy5a2L_c.LC&utm_campaign=NTY4ZwSkM49F49xha28xO...
  • http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=-vF6jwwDJm-MkjQ5aS4MnRHIk_N3hPzkkHZ67_OicZ7TGEVT1VQudA4JF3osLfuWuKTwF7pLFnic-GakxJNz-CXCWQZjP0irIT8ytfT8FMEGDmVrP6Ixz37bLwcpO75...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=-vF6jwwDJm-MkjQ5aS4MnRHIk_N3hPzkkHZ67_OicZ7TGEVT1VQudA4JF3osLfuWuKTwF7pLFnic-GakxJNz-CXCWQZjP0irIT8ytfT8FMEGDmVrP6Ixz37bLwcpO75XEOXp3ClAmH9h-G3ocxWQEkm-E8GNirGCytLvxxiOMNvOMqbfeTp_2fPQ30kD34XrOh7yXrTK7loYVUJ9hBMKVl7c07fIfsVHyR0vD0ZqitIerouwBiWurkFtEE7jije31DKp8tVLhLD8qETCl9OOlg&sub1=sid%3D157848-n3UJ5r9QgEy5a2L_c.LC
Requested by
Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy7qV12RbEJREofa-9SEFI3YukEcIdVCna0zeC8rcq89okAHvP?qDo=MS_WW_Desktop&subid=6791666621661315804&ext1=2153
Protocol
HTTP/1.1
Server
35.227.196.138 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
138.196.227.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Host
www.performanceonclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://minently.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://minently.com/

Response headers

Server
openresty
Date
Mon, 10 Feb 2020 04:15:18 GMT
Access-Control-Allow-Origin
*
Referrer-Policy
no-referrer
Via
1.1 google

Redirect headers

Date
Mon, 10 Feb 2020 04:15:18 GMT
Content-Type
text/html
Content-Length
158
Connection
keep-alive
Location
http://www.performanceonclick.com/jump/next.php?r=2575139&pub_clickid=-vF6jwwDJm-MkjQ5aS4MnRHIk_N3hPzkkHZ67_OicZ7TGEVT1VQudA4JF3osLfuWuKTwF7pLFnic-GakxJNz-CXCWQZjP0irIT8ytfT8FMEGDmVrP6Ixz37bLwcpO75XEOXp3ClAmH9h-G3ocxWQEkm-E8GNirGCytLvxxiOMNvOMqbfeTp_2fPQ30kD34XrOh7yXrTK7loYVUJ9hBMKVl7c07fIfsVHyR0vD0ZqitIerouwBiWurkFtEE7jije31DKp8tVLhLD8qETCl9OOlg&sub1=sid%3D157848-n3UJ5r9QgEy5a2L_c.LC
Server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
send-news.net
URL
https://send-news.net/jj5l8KYdQ9Dsyu5qqI8t1JgcgHN_4pWo8cPcNfRAh3k?clck=lNL20CI8R090d2f00000A002MZ0ZGY003DSOGZ012003DSO00000000&sid=sid=157848-n3UJ5r9QgEy5a2L_c.LC&utm_campaign=NTY4ZwSkM49F49xha28xO3FaMjE0NhXV&

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| subscriptionUrl string| url string| url_error string| url_a string| url_timer string| url_timer_link string| url_timer_second_link string| url_timer_third_link string| url_param function| getUrlCustomVariable object| foo function| unload

6 Cookies

Domain/Path Name / Value
minently.com/ Name: SERVERID
Value: sfc63
.minently.com/ Name: 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D
Value: V1MwYzA4ekgwTEdreEgyWUVaZ3RFREJQV3AzYk5TSEJUUE9KNzMydE52cnZKZFBZdS94QlRyalpNTkRGYUd0RTRwRVJ4RGxlMnJadzcrL0lPOGJHSDF4NHkyRll1T0VFcGlTSVcxNE5BTnM9
.minently.com/ Name: FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D
Value: WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3WE8wUCtXWnVzVHdTMkE0ZHk1TnRlVEs2TTN6a2JCWittc2lBUWV1VVRGLw%3D%3D
.minently.com/ Name: x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D
Value: 1581308112.0997
.minently.com/ Name: 98b3d44810d58848ccd85a09a3e449b7_1581308112.0969_ck
Value: ck1JbktjM2d5ZHdqZ0pMbmNTTC83bGwza3U5VWdtZDNxV1dFdzd0M0xJNkc5T05zYkFZVGs2eE1CL0pQVlF5NnU5amRJdklpeVo5Z1hTOStIOTl5NFpZQjRDTFFXajZ4Ky8vL0F2RmN6Zks2dzRMNmRRUStZSGlUOTRtMDFqTGJCWHBrcm1vZEFxa2ViZlNEN2NXMktzdk1kOG1HdGNTVzR1UFlmOW45dGVXZWZ5R3dlKy9haFc5b1Fsa2VxamtGYUgrcTdwMEtXcWNwOHVhNS82UEwydGtuM3A3QzQwQ0VKSUJWRmV5dHk0N0JDcGNVbE9QcSthMUhlSjlOOEFENGZJdXZlYzNVbU5aM092TUJjVUorWks3R01xc1NKdGZtL3BSTVZEOEtFRzhkMkh2M0FRMnU4WkVVMFBIWXF3eVVqenpjdVJ1TzlQbkpaeS8waTBKWEZqdEdBMGdKOXNaN3VJeFplQlE3TUIxbzc1eWtlTTIzTWxWY2JXSEt0L2ZtZTlrS1lXR214Z2EwZ0Z2MFVSOVhmK01NaFpkNTYrcG41WGZidkZqMWx3N1RJZ0VDcE1US1o3L2tqWUVTcFJoOHMzWUtDdHkwcm82YjFqSHNQSFZqNDU0YnU2TmFRUEZUL1JDS0hEWFBJYjd0c0krclluNjNTOERBcm1mbURFUHVnbmpNaU1kUWNhNVFnSUpXb0JkV3psOW45bVYxOHo5dEFDL3Raa0JwWExFeHJWbEpZclNPQm1DMkNETm40N01xams3Qm85L0xIRjBiQnIwbU92WUg5bWlxcGdLbGFFbUx1cnJVYXZHTGVXRXpBL2lpOGN3aHhDVW5Hd1diMW8yQlBOTWpETVl4bGlXMGQ3ZzMyZ2pSM3RtM3ZrRFd1eWhONGhIakdXdWRETEo4VEhVajVackZZRCtXYWlqcTVYYjZhcEtHd2Q4bVdkZW9KQlJZRDBjOG1kKzBxTlpCcUhtdWVzdkpHOER3ZG40b1BFTW5qVGVMeUJ3M1RtVFVQVTZDOHk1TStnVXNlWHE1WkYzVzhOWFdoR1RLL1RBUVI4blJFVG5UVGdCWHlvVVQvL3RIdEhVdUE3S21GQ2NNdFJkV09LMkh1Rm4xS00vMDh4WG5kc2I2U1diQ0JIanRQOU41UmhSNjhDN0pyanZzZFI2di9lZy9SM2ZoNVhQU204OWQrM05CQnNOQnc4UzEzUGZnZWVlbGsvV0ZjSThiRW5JenY0TFZsNk5vaUhMQ1Fjam1DOVdKeUxPSEJFWWFKNXpK
.minently.com/ Name: MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D
Value: 98b3d44810d58848ccd85a09a3e449b7_1581308112.0969