urlscan.io logo urlscan.io
SecurityTrails logo

advertiserpages.com Open in urlscan Pro
2606:4700:3035::ac43:d576  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/2JFcpH6#fsgsfg.html?od=1syd5edbcbba3f4ce_vl_Active1vl_qc4.2qj0s90.U0000rfre8yxy1037_x1948.g31ccM...
Effective URL: http://advertiserpages.com/notfound/
Submission: On June 13 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 11 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3035::ac43:d576, located in United States and belongs to CLOUDFLARENET, US. The main domain is advertiserpages.com.
This is the only time advertiserpages.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-PR...)
1 2 176.99.4.126 49352 (LOGOL-AS)
4 23.90.57.132 62904 (EONIX-COM...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 35.160.63.126 16509 (AMAZON-02)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
13 9
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
2    176.99.4.126 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
PTR: joshurren.com
evenisms.com
4    23.90.57.132 (Las Vegas, United States)

ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904, US)
PTR: urethane.lendbreeze.com
prouddirect.com
2    2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700:3035::ac43:d576 (United States)

ASN13335 (CLOUDFLARENET, US)
advertiserpages.com
1    2606:4700:3032::ac43:b39c (United States)

ASN13335 (CLOUDFLARENET, US)
zer0.w4.com
1    35.160.63.126 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-63-126.us-west-2.compute.amazonaws.com
p.cpaoa.org
2    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
4 prouddirect.com evenisms.com
prouddirect.com
2 www.google-analytics.com 1 redirects advertiserpages.com
2 advertiserpages.com 1 redirects prouddirect.com
2 www.googletagmanager.com prouddirect.com
2 evenisms.com 1 redirects
1 www.google.de advertiserpages.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 p.cpaoa.org advertiserpages.com
1 zer0.w4.com advertiserpages.com
zer0.w4.com
1 bit.ly 1 redirects
13 11

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-01-30 -
2020-10-09		 8 months crt.sh
www.google.de
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://advertiserpages.com/notfound/
Frame ID: AD2DA807FDAF6EFE2DF277F936A01B96
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/2JFcpH6 HTTP 301
    http://evenisms.com/short/ Page URL
  2. http://evenisms.com/fsgsfg.html?od=1syd5edbcbba3f4ce_vl_Active1vl_qc4.2qj0s90.U0000rfre8yxy1037_... HTTP 302
    http://prouddirect.com/clicks?cid=26795&pub=202887&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydqc|M21unJj=|g... Page URL
  3. http://prouddirect.com/clicks?cid=404&pub=202887&prevcid=26795&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydq... Page URL
  4. http://advertiserpages.com/notfound HTTP 301
    http://advertiserpages.com/notfound/ Page URL

Page Statistics

13
Requests

38 %
HTTPS

64 %
IPv6

11
Domains

11
Subdomains

9
IPs

4
Countries

78 kB
Transfer

171 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/2JFcpH6 HTTP 301
    http://evenisms.com/short/ Page URL
  2. http://evenisms.com/fsgsfg.html?od=1syd5edbcbba3f4ce_vl_Active1vl_qc4.2qj0s90.U0000rfre8yxy1037_x1948.g31ccMWthdmIwLTI0OTFudTc0m4NPa HTTP 302
    http://prouddirect.com/clicks?cid=26795&pub=202887&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydqc|M21unJj=|g31cc|1kavb0|2491nu7|43993|0000rfre8y|U|nJ50MKWsozj=|PC|3166qb3&sid3=p3yxAJIxLzAvLzRmMwEwMI92oS9OL3EcqzHkqzkspJZ0 Page URL
  3. http://prouddirect.com/clicks?cid=404&pub=202887&prevcid=26795&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydqc|M21unJj=|g31cc|1kavb0|2491nu7|43993|0000rfre8y|U|nJ50MKWsozj=|PC|3166qb3&sid3=p3yxAJIxLzAvLzRmMwEwMI92oS9OL3EcqzHkqzkspJZ0&sid4=&dev_click= Page URL
  4. http://advertiserpages.com/notfound HTTP 301
    http://advertiserpages.com/notfound/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/2JFcpH6 HTTP 301
  • http://evenisms.com/short/
Request Chain 1
  • http://evenisms.com/fsgsfg.html?od=1syd5edbcbba3f4ce_vl_Active1vl_qc4.2qj0s90.U0000rfre8yxy1037_x1948.g31ccMWthdmIwLTI0OTFudTc0m4NPa HTTP 302
  • http://prouddirect.com/clicks?cid=26795&pub=202887&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydqc|M21unJj=|g31cc|1kavb0|2491nu7|43993|0000rfre8y|U|nJ50MKWsozj=|PC|3166qb3&sid3=p3yxAJIxLzAvLzRmMwEwMI92oS9OL3EcqzHkqzkspJZ0
Request Chain 11
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1129549879&t=pageview&_s=1&dl=http%3A%2F%2Fadvertiserpages.com%2Fnotfound%2F&dr=http%3A%2F%2Fprouddirect.com%2Fclicks%3Fcid%3D404%26pub%3D202887%26prevcid%3D26795%26sid1%3DCOVDDD_qc5edbcbba4c6cf%26sid2%3Dydqc%7CM21unJj%3D%7Cg31cc%7C1kavb0%7C2491nu7%7C43993%7C0000rfre8y%7CU%7CnJ50MKWsozj%3D%7CPC%7C3166qb3%26sid3%3Dp3yxAJIxLzAvLzRmMwEwMI92oS9OL3EcqzHkqzkspJZ0%26sid4%3D%26dev_click%3D&ul=en-us&de=UTF-8&dt=404&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1913991783&gjid=2036380815&cid=1449939774.1592074922&tid=UA-78676206-12&_gid=250728687.1592074922&_r=1&z=888573742 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-78676206-12&cid=1449939774.1592074922&jid=1913991783&_gid=250728687.1592074922&gjid=2036380815&_v=j82&z=888573742 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78676206-12&cid=1449939774.1592074922&jid=1913991783&_v=j82&z=888573742 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78676206-12&cid=1449939774.1592074922&jid=1913991783&_v=j82&z=888573742&slf_rd=1&random=197508925

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
evenisms.com/short/
Redirect Chain
  • https://bit.ly/2JFcpH6
  • http://evenisms.com/short/
578 B
908 B 		Document
General
Check archive.org
Download Go to
Full URL
http://evenisms.com/short/
Protocol
HTTP/1.1
Server
176.99.4.126 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
joshurren.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
f1ebb16c09e1401b3a2488f0648b7081471d7b73353feb53f2528d0bb9281bd4

Request headers

Host
evenisms.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Jun 2020 19:01:58 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified
Mon, 22 Jul 2019 15:07:57 GMT
ETag
"242-58e4670ed2d40"
Accept-Ranges
bytes
Content-Length
578
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

status
301
server
nginx
date
Sat, 13 Jun 2020 19:01:57 GMT
content-type
text/html; charset=utf-8
content-length
113
cache-control
private, max-age=90
content-security-policy
referrer always;
location
http://evenisms.com/short/
referrer-policy
unsafe-url
set-cookie
_bit=k5dj1V-a1a9a2e64b2f2598cc-000; Domain=bit.ly; Expires=Thu, 10 Dec 2020 19:01:57 GMT
via
1.1 google
alt-svc
clear
clicks
prouddirect.com/
Redirect Chain
  • http://evenisms.com/fsgsfg.html?od=1syd5edbcbba3f4ce_vl_Active1vl_qc4.2qj0s90.U0000rfre8yxy1037_x1948.g31ccMWthdmIwLTI0OTFudTc0m4NPa
  • http://prouddirect.com/clicks?cid=26795&pub=202887&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydqc|M21unJj=|g31cc|1kavb0|2491nu7|43993|0000rfre8y|U|nJ50MKWsozj=|PC|3166qb3&sid3=p3yxAJIxLzAvLzRmMwEwMI92oS9OL3...
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://prouddirect.com/clicks?cid=26795&pub=202887&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydqc|M21unJj=|g31cc|1kavb0|2491nu7|43993|0000rfre8y|U|nJ50MKWsozj=|PC|3166qb3&sid3=p3yxAJIxLzAvLzRmMwEwMI92oS9OL3EcqzHkqzkspJZ0
Requested by
Host: evenisms.com
URL: http://evenisms.com/short/
Protocol
HTTP/1.1
Server
23.90.57.132 Las Vegas, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904, US),
Reverse DNS
urethane.lendbreeze.com
Software
nginx/1.10.3 / PHP/5.4.45
Resource Hash
8d8d175ffd946f9d04225437e1be61ee86edcd0a6152b0896e2d1447c3da3e75

Request headers

Host
prouddirect.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://evenisms.com/short/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://evenisms.com/short/#fsgsfg.html?od=1syd5edbcbba3f4ce_vl_Active1vl_qc4.2qj0s90.U0000rfre8yxy1037_x1948.g31ccMWthdmIwLTI0OTFudTc0m4NPa

Response headers

Server
nginx/1.10.3
Date
Sat, 13 Jun 2020 19:02:00 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.4.45

Redirect headers

Date
Sat, 13 Jun 2020 19:01:58 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By
PHP/5.4.16
Location
http://prouddirect.com/clicks?cid=26795&pub=202887&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydqc|M21unJj=|g31cc|1kavb0|2491nu7|43993|0000rfre8y|U|nJ50MKWsozj=|PC|3166qb3&sid3=p3yxAJIxLzAvLzRmMwEwMI92oS9OL3EcqzHkqzkspJZ0
Content-Length
0
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
gtm.js
www.googletagmanager.com/ 		55 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Requested by
Host: prouddirect.com
URL: http://prouddirect.com/clicks?cid=26795&pub=202887&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydqc|M21unJj=|g31cc|1kavb0|2491nu7|43993|0000rfre8y|U|nJ50MKWsozj=|PC|3166qb3&sid3=p3yxAJIxLzAvLzRmMwEwMI92oS9OL3EcqzHkqzkspJZ0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
53933deea6f5ad8ee109ca281c7fcbd7f2301a4bc61cb768c369e1a282796cea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://prouddirect.com/clicks?cid=26795&pub=202887&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydqc|M21unJj=|g31cc|1kavb0|2491nu7|43993|0000rfre8y|U|nJ50MKWsozj=|PC|3166qb3&sid3=p3yxAJIxLzAvLzRmMwEwMI92oS9OL3EcqzHkqzkspJZ0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Jun 2020 19:02:00 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22232
x-xss-protection
0
last-modified
Sat, 13 Jun 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Jun 2020 19:02:00 GMT
index.php
prouddirect.com/ 		364 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://prouddirect.com/index.php
Requested by
Host: prouddirect.com
URL: http://prouddirect.com/clicks?cid=26795&pub=202887&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydqc|M21unJj=|g31cc|1kavb0|2491nu7|43993|0000rfre8y|U|nJ50MKWsozj=|PC|3166qb3&sid3=p3yxAJIxLzAvLzRmMwEwMI92oS9OL3EcqzHkqzkspJZ0
Protocol
HTTP/1.1
Server
23.90.57.132 Las Vegas, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904, US),
Reverse DNS
urethane.lendbreeze.com
Software
nginx/1.10.3 / PHP/5.4.45
Resource Hash

Request headers

Referer
http://prouddirect.com/clicks?cid=26795&pub=202887&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydqc|M21unJj=|g31cc|1kavb0|2491nu7|43993|0000rfre8y|U|nJ50MKWsozj=|PC|3166qb3&sid3=p3yxAJIxLzAvLzRmMwEwMI92oS9OL3EcqzHkqzkspJZ0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Sat, 13 Jun 2020 19:02:00 GMT
Server
nginx/1.10.3
Connection
keep-alive
X-Powered-By
PHP/5.4.45
Transfer-Encoding
chunked
Content-Type
text/html
clicks
prouddirect.com/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://prouddirect.com/clicks?cid=404&pub=202887&prevcid=26795&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydqc|M21unJj=|g31cc|1kavb0|2491nu7|43993|0000rfre8y|U|nJ50MKWsozj=|PC|3166qb3&sid3=p3yxAJIxLzAvLzRmMwEwMI92oS9OL3EcqzHkqzkspJZ0&sid4=&dev_click=
Requested by
Host: prouddirect.com
URL: http://prouddirect.com/clicks?cid=26795&pub=202887&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydqc|M21unJj=|g31cc|1kavb0|2491nu7|43993|0000rfre8y|U|nJ50MKWsozj=|PC|3166qb3&sid3=p3yxAJIxLzAvLzRmMwEwMI92oS9OL3EcqzHkqzkspJZ0
Protocol
HTTP/1.1
Server
23.90.57.132 Las Vegas, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904, US),
Reverse DNS
urethane.lendbreeze.com
Software
nginx/1.10.3 / PHP/5.4.45
Resource Hash
b9e71baad1308485f52fbc3dc647c08d12bf427abc8efd017aa021baebfcac91

Request headers

Host
prouddirect.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://prouddirect.com/clicks?cid=26795&pub=202887&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydqc|M21unJj=|g31cc|1kavb0|2491nu7|43993|0000rfre8y|U|nJ50MKWsozj=|PC|3166qb3&sid3=p3yxAJIxLzAvLzRmMwEwMI92oS9OL3EcqzHkqzkspJZ0
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
clkcheck26795=1a953a2f3a33026c71c5fc543025a25a_202887
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://prouddirect.com/clicks?cid=26795&pub=202887&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydqc|M21unJj=|g31cc|1kavb0|2491nu7|43993|0000rfre8y|U|nJ50MKWsozj=|PC|3166qb3&sid3=p3yxAJIxLzAvLzRmMwEwMI92oS9OL3EcqzHkqzkspJZ0

Response headers

Server
nginx/1.10.3
Date
Sat, 13 Jun 2020 19:02:00 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.4.45
gtm.js
www.googletagmanager.com/ 		55 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Requested by
Host: prouddirect.com
URL: http://prouddirect.com/clicks?cid=404&pub=202887&prevcid=26795&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydqc|M21unJj=|g31cc|1kavb0|2491nu7|43993|0000rfre8y|U|nJ50MKWsozj=|PC|3166qb3&sid3=p3yxAJIxLzAvLzRmMwEwMI92oS9OL3EcqzHkqzkspJZ0&sid4=&dev_click=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
53933deea6f5ad8ee109ca281c7fcbd7f2301a4bc61cb768c369e1a282796cea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://prouddirect.com/clicks?cid=404&pub=202887&prevcid=26795&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydqc|M21unJj=|g31cc|1kavb0|2491nu7|43993|0000rfre8y|U|nJ50MKWsozj=|PC|3166qb3&sid3=p3yxAJIxLzAvLzRmMwEwMI92oS9OL3EcqzHkqzkspJZ0&sid4=&dev_click=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Jun 2020 19:02:00 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22232
x-xss-protection
0
last-modified
Sat, 13 Jun 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Jun 2020 19:02:00 GMT
index.php
prouddirect.com/ 		157 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://prouddirect.com/index.php
Requested by
Host: prouddirect.com
URL: http://prouddirect.com/clicks?cid=404&pub=202887&prevcid=26795&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydqc|M21unJj=|g31cc|1kavb0|2491nu7|43993|0000rfre8y|U|nJ50MKWsozj=|PC|3166qb3&sid3=p3yxAJIxLzAvLzRmMwEwMI92oS9OL3EcqzHkqzkspJZ0&sid4=&dev_click=
Protocol
HTTP/1.1
Server
23.90.57.132 Las Vegas, United States, ASN62904 (EONIX-COMMUNICATIONS-ASBLOCK-62904, US),
Reverse DNS
urethane.lendbreeze.com
Software
nginx/1.10.3 / PHP/5.4.45
Resource Hash

Request headers

Referer
http://prouddirect.com/clicks?cid=404&pub=202887&prevcid=26795&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydqc|M21unJj=|g31cc|1kavb0|2491nu7|43993|0000rfre8y|U|nJ50MKWsozj=|PC|3166qb3&sid3=p3yxAJIxLzAvLzRmMwEwMI92oS9OL3EcqzHkqzkspJZ0&sid4=&dev_click=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Sat, 13 Jun 2020 19:02:01 GMT
Server
nginx/1.10.3
Connection
keep-alive
X-Powered-By
PHP/5.4.45
Transfer-Encoding
chunked
Content-Type
text/html
Primary Request /
advertiserpages.com/notfound/
Redirect Chain
  • http://advertiserpages.com/notfound
  • http://advertiserpages.com/notfound/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://advertiserpages.com/notfound/
Requested by
Host: prouddirect.com
URL: http://prouddirect.com/clicks?cid=404&pub=202887&prevcid=26795&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydqc|M21unJj=|g31cc|1kavb0|2491nu7|43993|0000rfre8y|U|nJ50MKWsozj=|PC|3166qb3&sid3=p3yxAJIxLzAvLzRmMwEwMI92oS9OL3EcqzHkqzkspJZ0&sid4=&dev_click=
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:d576 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc61dfe80124a8028a082d3d8872ed3acabe737a9f958be76fa7f80dd82586e2

Request headers

Host
advertiserpages.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://prouddirect.com/clicks?cid=404&pub=202887&prevcid=26795&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydqc|M21unJj=|g31cc|1kavb0|2491nu7|43993|0000rfre8y|U|nJ50MKWsozj=|PC|3166qb3&sid3=p3yxAJIxLzAvLzRmMwEwMI92oS9OL3EcqzHkqzkspJZ0&sid4=&dev_click=
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=d90f2c016993269d64f3deeb63bbad0eb1592074921
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://prouddirect.com/clicks?cid=404&pub=202887&prevcid=26795&sid1=COVDDD_qc5edbcbba4c6cf&sid2=ydqc|M21unJj=|g31cc|1kavb0|2491nu7|43993|0000rfre8y|U|nJ50MKWsozj=|PC|3166qb3&sid3=p3yxAJIxLzAvLzRmMwEwMI92oS9OL3EcqzHkqzkspJZ0&sid4=&dev_click=

Response headers

Date
Sat, 13 Jun 2020 19:02:01 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
CF-Cache-Status
DYNAMIC
cf-request-id
0350a87e660000d6e9a8a08200000001
Server
cloudflare
CF-RAY
5a2e1043dc4fd6e9-FRA
Content-Encoding
gzip

Redirect headers

Date
Sat, 13 Jun 2020 19:02:01 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d90f2c016993269d64f3deeb63bbad0eb1592074921; expires=Mon, 13-Jul-20 19:02:01 GMT; path=/; domain=.advertiserpages.com; HttpOnly; SameSite=Lax
Location
http://advertiserpages.com/notfound/
CF-Cache-Status
DYNAMIC
cf-request-id
0350a87d080000d6e9a89f7200000001
Server
cloudflare
CF-RAY
5a2e1041ae84d6e9-FRA
core.js
zer0.w4.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zer0.w4.com/core.js
Requested by
Host: advertiserpages.com
URL: http://advertiserpages.com/notfound/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:b39c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
755505b29e29418ca1c49b044381bdd4cd82905d59b43b8783aab33ae9ca79c6

Request headers

Referer
http://advertiserpages.com/notfound/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 13 Jun 2020 19:02:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 31 Mar 2017 17:12:31 GMT
server
cloudflare
age
10989
etag
W/"58de8dff-802"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
cf-ray
5a2e10467e86e007-FRA
cf-request-id
0350a880080000e007e5a5a200000001
expires
Mon, 13 Jul 2020 15:54:53 GMT
t.php
zer0.w4.com/ 		0
0
l.js
p.cpaoa.org/ 		161 B
488 B 		Script
General
Check archive.org
Download Go to
Full URL
http://p.cpaoa.org/l.js?partner_id=internal&_loc=http://advertiserpages.com/notfound/&_gid=372ba421
Requested by
Host: advertiserpages.com
URL: http://advertiserpages.com/notfound/
Protocol
HTTP/1.1
Server
35.160.63.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-63-126.us-west-2.compute.amazonaws.com
Software
nginx/1.8.1 /
Resource Hash
7aa01e86ea5f0f6bdeed40b5b91f26d0363a47338864aef91569dc78caba6712

Request headers

Referer
http://advertiserpages.com/notfound/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 13 Jun 2020 19:02:02 GMT
Server
nginx/1.8.1
Connection
keep-alive
Content-Length
161
Content-Type
application/javascript
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: advertiserpages.com
URL: http://advertiserpages.com/notfound/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://advertiserpages.com/notfound/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
343
date
Sat, 13 Jun 2020 18:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Sat, 13 Jun 2020 20:56:19 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1129549879&t=pageview&_s=1&dl=http%3A%2F%2Fadvertiserpages.com%2Fnotfound%2F&dr=http%3A%2F%2Fprouddirect.com%2Fclicks%3Fcid%3D404%26pub%3D202...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-78676206-12&cid=1449939774.1592074922&jid=1913991783&_gid=250728687.1592074922&gjid=2036380815&_v=j82&z=888573742
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78676206-12&cid=1449939774.1592074922&jid=1913991783&_v=j82&z=888573742
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78676206-12&cid=1449939774.1592074922&jid=1913991783&_v=j82&z=888573742&slf_rd=1&random=197508925
42 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78676206-12&cid=1449939774.1592074922&jid=1913991783&_v=j82&z=888573742&slf_rd=1&random=197508925
Requested by
Host: advertiserpages.com
URL: http://advertiserpages.com/notfound/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://advertiserpages.com/notfound/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jun 2020 19:02:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Jun 2020 19:02:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-78676206-12&cid=1449939774.1592074922&jid=1913991783&_v=j82&z=888573742&slf_rd=1&random=197508925
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
zer0.w4.com
URL
https://zer0.w4.com/t.php

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| tkr object| ptrk string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.advertiserpages.com/ Name: _gat
Value: 1
.advertiserpages.com/ Name: _gid
Value: GA1.2.250728687.1592074922
.advertiserpages.com/ Name: _ga
Value: GA1.2.1449939774.1592074922
.advertiserpages.com/ Name: __cfduid
Value: d90f2c016993269d64f3deeb63bbad0eb1592074921