popcash.net Open in urlscan Pro
34.194.42.106  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

• http://popcash.net/world/sgo/80824/299845/46a0e906fd53de19/aHR0cCUzQS8vbGFzdGhsLmNvbS8= HTTP 303
• http://www.onclickmax.com/script/preurl.php?r=1301617&sub1=299845

Request Chain 2

• http://www.onclickmax.com/script/preurl.php?stamat=m%7C%2Co4jf7dhEqB1dQO0dEdHP3xP.6b6%2Cyku6EnWmboeAC4m_nXcsgpn4SGPJ_Y8yfgAyvRLeDWJr49HVwMAnawXyvhwRkBTLbVq_lEdKdMto8ngqN2eutg%2C%2C&cbrandom=0.7580340811493309&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Fpopcash.net%2Fworld%2Fgo%2F80824%2F299845%2FaHR0cCUzQS8vbGFzdGhsLmNvbS8%3D%3Fcb%3D8080249345724912 HTTP 302
• http://www.bftrk.site/tl?a=2&o=3042&s1=1505136832249948927874882094736334&s2=1301617-511961381-0

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request aHR0cCUzQS8vbGFzdGhsLmNvbS8= Show response popcash.net/world/go/80824/299845/	207 B 207 B	198ms 99ms	Document text/html	34.194.42.106 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://popcash.net/world/go/80824/299845/aHR0cCUzQS8vbGFzdGhsLmNvbS8=?cb=8080249345724912 Protocol HTTP/1.1 Server 34.194.42.106 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-194-42-106.compute-1.amazonaws.com Software nginx/1.11.3 / Resource Hash 7e1d5ee03aabf116bba8dcd9cab6f240c41037a7d72b2acd9d5546582dc93452 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Mon, 11 Sep 2017 13:33:51 GMT Server nginx/1.11.3 Connection keep-alive Content-Length 207 Content-Type text/html
GET		preurl.php www.onclickmax.com/script/ Redirect Chain http://popcash.net/world/sgo/80824/299845/46a0e906fd53de19/aHR0cCUzQS8vbGFzdGhsLmNvbS8= http://www.onclickmax.com/script/preurl.php?r=1301617&sub1=299845	0 0
GET H/1.1	200 OK	preurl.php Show response www.onclickmax.com/script/ Frame 1940	4 KB 2 KB	750ms 635ms	Document text/html	173.255.119.88 Google Inc.
General Check archive.org Show headers Download Go to Full URL http://www.onclickmax.com/script/preurl.php?r=1301617&sub1=299845 Protocol HTTP/1.1 Server 173.255.119.88 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US), Reverse DNS 88.119.255.173.bc.googleusercontent.com Software openresty / Resource Hash 73300d3af26d3a352573a453f672d0c2910a75222e349ee4e7563b04e80591aa Request headers Upgrade-Insecure-Requests 1 Referer http://popcash.net/world/go/80824/299845/aHR0cCUzQS8vbGFzdGhsLmNvbS8=?cb=8080249345724912 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Mon, 11 Sep 2017 13:33:52 GMT Content-Encoding gzip Referrer-Policy no-referrer Server openresty Vary Accept-Encoding Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Link <//www.onclickmax.com>; rel=dns-prefetch,<//www.onclickmax.com>; rel=preconnect
GET		tl www.bftrk.site/ Frame 1940 Redirect Chain http://www.onclickmax.com/script/preurl.php?stamat=m%7C%2Co4jf7dhEqB1dQO0dEdHP3xP.6b6%2Cyku6EnWmboeAC4m_nXcsgpn4SGPJ_Y8yfgAyvRLeDWJr49HVwMAnawXyvhwRkBTLbVq_lEdKdMto8ngqN2eutg%2C%2C&cbrandom=0.75803... http://www.bftrk.site/tl?a=2&o=3042&s1=1505136832249948927874882094736334&s2=1301617-511961381-0	0 0
GET H/1.1	200 OK	tl Show response www.bftrk.site/ Frame 1941	554 B 554 B	169ms 7ms	Document text/html	35.156.249.118 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://www.bftrk.site/tl?a=2&o=3042&s1=1505136832249948927874882094736334&s2=1301617-511961381-0 Protocol HTTP/1.1 Server 35.156.249.118 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-35-156-249-118.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 06c6389f3757dc6144bf7390620eb9c20a44d578f6482133ba3a024c2a4210f8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Pragma no-cache Date Mon, 11 Sep 2017 13:33:53 GMT Content-Type text/html; charset=utf-8 Server nginx P3P CP="NOI CUR OUR NOR INT" Cache-Control no-cache, no-store, must-revalidate Connection keep-alive X-Robots-Tag noindex, nofollow Content-Length 554 Expires Sun, 06 Nov 1994 08:49:37 GMT
GET		signup.php chimeracompanygames.com/ Frame 1941	0 0
GET		signup.php chimeracompanygames.com/ Frame 1941	0 0
GET S	200	signup.php Show response chimeracompanygames.com/ Frame 1942	46 KB 12 KB	762ms 733ms	Document text/html	2400:cb00:2048:1::6814:1eb CloudFlare
General Check archive.org Show headers Download Go to Full URL https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::6814:1eb , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / PHP/5.5.30-1+deb.sury.org~precise+1 Resource Hash ebb82d8e9e422a83d698c30d1a475ec987310cdbfb75b56ed935f6de6f50af1b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers date Mon, 11 Sep 2017 13:33:53 GMT content-encoding gzip server cloudflare-nginx p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-powered-by PHP/5.5.30-1+deb.sury.org~precise+1 content-type text/html status 200 cf-ray 39cb0056f95b0f93-FRA
GET S	200	jquery-1.9.1.min.js Show response chimeracompanygames.com/portal/js/ Frame 1942	90 KB 32 KB	15ms 15ms	Script application/javascript	2400:cb00:2048:1::6814:1eb CloudFlare
General Check archive.org Show headers Download Go to Full URL https://chimeracompanygames.com/portal/js/jquery-1.9.1.min.js Requested by Host: chimeracompanygames.com URL: https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::6814:1eb , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Request headers Referer https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers date Mon, 11 Sep 2017 13:33:53 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 23 Oct 2014 01:44:24 GMT server cloudflare-nginx etag W/"690978002" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=86400 cf-ray 39cb005c4cfa0f93-FRA expires Tue, 12 Sep 2017 13:33:53 GMT
GET S	200	jquery-placeholder.js Show response chimeracompanygames.com/portal/js/ Frame 1942	2 KB 902 B	11ms 10ms	Script application/javascript	2400:cb00:2048:1::6814:1eb CloudFlare
General Check archive.org Show headers Download Go to Full URL https://chimeracompanygames.com/portal/js/jquery-placeholder.js Requested by Host: chimeracompanygames.com URL: https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::6814:1eb , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash 7fddbd240d76059918bb40198fde916921ab6c516be78c62c3df21f604d04cbf Request headers Referer https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers date Mon, 11 Sep 2017 13:33:53 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 23 Oct 2014 01:44:24 GMT server cloudflare-nginx etag W/"2033370122" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=86400 cf-ray 39cb005c4cfb0f93-FRA expires Tue, 12 Sep 2017 13:33:53 GMT
GET S	200	login.js Show response chimeracompanygames.com/portal/js/ Frame 1942	20 KB 4 KB	10ms 10ms	Script application/javascript	2400:cb00:2048:1::6814:1eb CloudFlare
General Check archive.org Show headers Download Go to Full URL https://chimeracompanygames.com/portal/js/login.js Requested by Host: chimeracompanygames.com URL: https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::6814:1eb , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash 632b60877dc889bb075c71175838f1935300c4aee873667571c2bde5f3fd3e0d Request headers Referer https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers date Mon, 11 Sep 2017 13:33:53 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 22 Feb 2016 01:13:12 GMT server cloudflare-nginx etag W/"3991579032" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=86400 cf-ray 39cb005c4cfc0f93-FRA expires Tue, 12 Sep 2017 13:33:53 GMT
GET S	200	facebook.js Show response chimeracompanygames.com/portal/js/ Frame 1942	1 KB 446 B	13ms 13ms	Script application/javascript	2400:cb00:2048:1::6814:1eb CloudFlare
General Check archive.org Show headers Download Go to Full URL https://chimeracompanygames.com/portal/js/facebook.js Requested by Host: chimeracompanygames.com URL: https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::6814:1eb , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash 2c88c12b31a24c8071bd22453377b38185bc6f341d8affc200a927f31e5018d2 Request headers Referer https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers date Mon, 11 Sep 2017 13:33:53 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 13 Nov 2014 14:38:00 GMT server cloudflare-nginx etag W/"4196224269" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=86400 cf-ray 39cb005c4cfe0f93-FRA expires Tue, 12 Sep 2017 13:33:53 GMT
GET S	200	bbb-logo.png chimeracompanygames.com/images/ Frame 1942	64 KB 64 KB	17ms 17ms	Image image/png	2400:cb00:2048:1::6814:1eb CloudFlare
General Check archive.org Show headers Download Go to Show image Full URL https://chimeracompanygames.com/images/bbb-logo.png Requested by Host: chimeracompanygames.com URL: https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::6814:1eb , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash e3ff652ea0d8de4ee4f6ad2866424a938e3c4d73dffffae5f19c2d259cfd5b43 Request headers Referer https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers date Mon, 11 Sep 2017 13:33:53 GMT cf-cache-status HIT last-modified Mon, 03 Jul 2017 17:51:39 GMT server cloudflare-nginx etag "428414055" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=86400 accept-ranges bytes cf-ray 39cb005c5d140f93-FRA content-length 65177 expires Tue, 12 Sep 2017 13:33:53 GMT
GET S	200	sdk.js Show response connect.facebook.net/en_US/ Frame 1942	201 KB 62 KB	7ms 6ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: chimeracompanygames.com URL: https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 3ae1b2a758981b2e3ff536a7e2c57e5c8823e3f9a09cd716296b94d5e178fa10 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=15552000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers strict-transport-security max-age=15552000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 LgbQPCoM1eZN2dpbKtZr6w== status 200 content-length 63759 x-xss-protection 0 x-fb-debug lX8DMxjRoY7GyaZH/a3oa+/OJGc+rwEEssIGj7wFA83xgqxMN2LlOazZy6v7D9okAmcDjfmyxR1QUC86sVa9FQ== x-fb-content-md5 1907213b122587a14b419fbc7d9aa197 x-frame-options DENY date Mon, 11 Sep 2017 13:33:54 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 etag "34aa52ce314971df951a4802126727ce" content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; timing-allow-origin * expires Mon, 11 Sep 2017 13:34:20 GMT
GET S	200	message.png chimeracompanygames.com/images/pixeltracker/ Frame 1942	21 KB 21 KB	44ms 43ms	Image image/png	2400:cb00:2048:1::6814:1eb CloudFlare
General Check archive.org Show headers Download Go to Show image Full URL https://chimeracompanygames.com/images/pixeltracker/message.png Requested by Host: chimeracompanygames.com URL: https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::6814:1eb , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash 2e979da95656437371040ed0222fac0ea14c755c9008a223d054730efbfbc51f Request headers Referer https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers date Mon, 11 Sep 2017 13:33:54 GMT cf-cache-status HIT last-modified Wed, 12 Jul 2017 03:08:58 GMT server cloudflare-nginx etag "4243527735" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=86400 accept-ranges bytes cf-ray 39cb005c8d2b0f93-FRA content-length 21822 expires Tue, 12 Sep 2017 13:33:54 GMT
GET S	200	landingpage1.jpg chimeracompanygames.com/images/pixeltracker/ Frame 1942	222 KB 222 KB	11ms 11ms	Image image/jpeg	2400:cb00:2048:1::6814:1eb CloudFlare
General Check archive.org Show headers Download Go to Show image Full URL https://chimeracompanygames.com/images/pixeltracker/landingpage1.jpg Requested by Host: chimeracompanygames.com URL: https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::6814:1eb , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash b5902cf19807bda807419e5e049c49e579ada9bb9a7f69fce616e6b9087d8516 Request headers Referer https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers date Mon, 11 Sep 2017 13:33:54 GMT cf-cache-status HIT last-modified Thu, 24 Aug 2017 21:45:29 GMT server cloudflare-nginx etag "109557762" vary Accept-Encoding content-type image/jpeg status 200 cache-control public, max-age=86400 accept-ranges bytes cf-ray 39cb005c8d2c0f93-FRA content-length 227562 expires Tue, 12 Sep 2017 13:33:54 GMT
GET S	200	largeform.png chimeracompanygames.com/images/pixeltracker/ Frame 1942	2 KB 2 KB	625ms 625ms	Image image/png	2400:cb00:2048:1::6814:1eb CloudFlare
General Check archive.org Show headers Download Go to Show image Full URL https://chimeracompanygames.com/images/pixeltracker/largeform.png Requested by Host: chimeracompanygames.com URL: https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::6814:1eb , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash b187aac9b50c6fb1133aba0a48fa2bf0437262befa2f1a25d9cdea8379489308 Request headers Referer https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers date Mon, 11 Sep 2017 13:33:54 GMT cf-cache-status HIT last-modified Wed, 12 Jul 2017 03:08:58 GMT server cloudflare-nginx etag "3191404587" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=86400 accept-ranges bytes cf-ray 39cb005c8d2d0f93-FRA content-length 1544 expires Tue, 12 Sep 2017 13:33:54 GMT
GET S	200	smallform.png chimeracompanygames.com/images/pixeltracker/ Frame 1942	1 KB 1 KB	8ms 8ms	Image image/png	2400:cb00:2048:1::6814:1eb CloudFlare
General Check archive.org Show headers Download Go to Show image Full URL https://chimeracompanygames.com/images/pixeltracker/smallform.png Requested by Host: chimeracompanygames.com URL: https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::6814:1eb , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash 84900211d993ed71d391579624b4462ab46319504293fe735066d91e6253ba80 Request headers Referer https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers date Mon, 11 Sep 2017 13:33:54 GMT cf-cache-status HIT last-modified Wed, 12 Jul 2017 03:08:58 GMT server cloudflare-nginx etag "4273797163" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=86400 accept-ranges bytes cf-ray 39cb005c8d2e0f93-FRA content-length 1505 expires Tue, 12 Sep 2017 13:33:54 GMT
GET S	200	playfree.png chimeracompanygames.com/images/pixeltracker/ Frame 1942	5 KB 5 KB	41ms 41ms	Image image/png	2400:cb00:2048:1::6814:1eb CloudFlare
General Check archive.org Show headers Download Go to Show image Full URL https://chimeracompanygames.com/images/pixeltracker/playfree.png Requested by Host: chimeracompanygames.com URL: https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::6814:1eb , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash 67e0dc7e3dae21efe6314bdbe6ff9ae0140783c8f1b27d1b4a230530c62a0292 Request headers Referer https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers date Mon, 11 Sep 2017 13:33:54 GMT cf-cache-status HIT last-modified Wed, 12 Jul 2017 03:08:58 GMT server cloudflare-nginx etag "4282317095" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=86400 accept-ranges bytes cf-ray 39cb005c8d300f93-FRA content-length 5306 expires Tue, 12 Sep 2017 13:33:54 GMT
GET S	200	blue_cloud_small.png chimeracompanygames.com/images/ Frame 1942	1 KB 1 KB	41ms 40ms	Image image/png	2400:cb00:2048:1::6814:1eb CloudFlare
General Check archive.org Show headers Download Go to Show image Full URL https://chimeracompanygames.com/images/blue_cloud_small.png Requested by Host: chimeracompanygames.com URL: https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::6814:1eb , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash 5b4a6636a61cef8ef4b69eb5507ddbfb8ff83d169f5527b7816774f83656de94 Request headers Referer https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers date Mon, 11 Sep 2017 13:33:54 GMT cf-cache-status HIT last-modified Thu, 23 Oct 2014 01:44:24 GMT server cloudflare-nginx etag "2578695361" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=86400 accept-ranges bytes cf-ray 39cb005c8d310f93-FRA content-length 1423 expires Tue, 12 Sep 2017 13:33:54 GMT
GET S	200	divider_line.png chimeracompanygames.com/images/ Frame 1942	938 B 956 B	36ms 36ms	Image image/png	2400:cb00:2048:1::6814:1eb CloudFlare
General Check archive.org Show headers Download Go to Show image Full URL https://chimeracompanygames.com/images/divider_line.png Requested by Host: chimeracompanygames.com URL: https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2400:cb00:2048:1::6814:1eb , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / Resource Hash b951bfedeb44d04d7f1103591804ce4dc7de82cd57c16c46a21ecfa2aeffd589 Request headers Referer https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers date Mon, 11 Sep 2017 13:33:54 GMT cf-cache-status HIT last-modified Thu, 23 Oct 2014 01:44:24 GMT server cloudflare-nginx etag "2442289948" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=86400 accept-ranges bytes cf-ray 39cb005c9d370f93-FRA content-length 938 expires Tue, 12 Sep 2017 13:33:54 GMT
GET S	200	/ www.facebook.com/impression.php/f318e5f181a3924/ Frame 1942	43 B 66 B	125ms 125ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/impression.php/f318e5f181a3924/?api_key=336485193189726&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D Requested by Host: chimeracompanygames.com URL: https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.com/csp.php Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;report-uri https://www.facebook.com/csp.php content-encoding gzip x-content-type-options nosniff status 200 vary Origin, Accept-Encoding x-xss-protection 0 pragma no-cache x-fb-debug mtfTDHKSwnxL2NpfpdtNrOUQ+XzTN03i/E0ohnY/SDLP1hWtBVzH3YdmtIu9cKyDA61GNOsJCZfOmBgQcsit3A== date Mon, 11 Sep 2017 13:33:54 GMT strict-transport-security max-age=15552000; preload public-key-pins-report-only max-age=500; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="q4PO2G2cbkZhZ82+JgmRUyGMoAeozA+BSXVXQWB8XWQ="; report-uri="http://reports.fb.com/hpkp/" access-control-allow-origin https://www.facebook.com access-control-expose-headers X-FB-Debug, X-Loader-Length cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true content-type image/gif access-control-allow-method OPTIONS expires Sat, 01 Jan 2000 00:00:00 GMT
GET S	200	/ www.facebook.com/impression.php/fe6a855ce8222c/ Frame 1942	43 B 66 B	125ms 125ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/impression.php/fe6a855ce8222c/?api_key=336485193189726&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D Requested by Host: chimeracompanygames.com URL: https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; content-encoding gzip x-content-type-options nosniff status 200 vary Origin, Accept-Encoding x-xss-protection 0 pragma no-cache x-fb-debug s/r5UqvA0o/82d0J3G1K3qZc1XwAFaDoqP1aH85KQyoajOvsYMgyto8C5zRIoiJZMQCjz9NbI0QUiwIxJwDxkg== date Mon, 11 Sep 2017 13:33:54 GMT strict-transport-security max-age=15552000; preload public-key-pins-report-only max-age=500; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="q4PO2G2cbkZhZ82+JgmRUyGMoAeozA+BSXVXQWB8XWQ="; report-uri="http://reports.fb.com/hpkp/" access-control-allow-origin https://www.facebook.com access-control-expose-headers X-FB-Debug, X-Loader-Length cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true content-type image/gif access-control-allow-method OPTIONS expires Sat, 01 Jan 2000 00:00:00 GMT
GET		0sTQzbapM8j.js staticxx.facebook.com/connect/xd_arbiter/r/ Frame 1942	0 0
GET S	200	nr-spa-1044.min.js Show response js-agent.newrelic.com/ Frame 1942	30 KB 12 KB	23ms 6ms	Script application/javascript	151.101.114.110 Fastly
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-spa-1044.min.js Requested by Host: chimeracompanygames.com URL: https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software AmazonS3 / Resource Hash 6fa0b93dcc79d1ef847f9bc6650fed0dae8fd91d138ad82b39e534e39391e004 Request headers Referer https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers date Mon, 11 Sep 2017 13:33:54 GMT content-encoding gzip x-amz-request-id C0A787F35D78D8FF x-cache HIT status 200 content-length 11929 x-amz-id-2 /cVY0KUYN0IMpWb21KMEfBj3gJy3fDpLIreVPtWPWnnTAyoez8ZAemPPDcsSAA390VIoPJl1OOw= x-served-by cache-hhn1541-HHN last-modified Fri, 30 Jun 2017 21:57:08 GMT server AmazonS3 x-timer S1505136835.648302,VS0,VE0 etag "ecc4d675754da137f5dacbc99541e133" vary Accept-Encoding content-type application/javascript via 1.1 varnish cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 22420
GET H/1.1	200 OK	31192ad1c7 Show response bam.nr-data.net/1/ Frame 1942	57 B 57 B	427ms 106ms	Script text/javascript	162.247.242.18 New Relic
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/1/31192ad1c7?a=13590294&v=1044.a6554e7&to=ZgYBMBAFC0oFUkBRCV9MNhYLSxZQA19BSEhBCxM%3D&rst=819&ref=https://chimeracompanygames.com/signup.php&be=125&fe=785&dc=168&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1505136833841,%22n%22:0,%22f%22:11,%22dn%22:-762,%22dne%22:-753,%22c%22:-753,%22s%22:-748,%22ce%22:-734,%22rq%22:-733,%22rp%22:0,%22rpe%22:120,%22dl%22:12,%22di%22:168,%22ds%22:168,%22de%22:175,%22dc%22:785,%22l%22:785,%22le%22:788%7D,%22navigation%22:%7B%7D%7D&at=SkECRlgfGEQ%3D&jsonp=NREUM.setToken Requested by Host: js-agent.newrelic.com URL: https://js-agent.newrelic.com/nr-spa-1044.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US), Reverse DNS bam-6.nr-data.net Software / Resource Hash f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23 Request headers Referer https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Expires Thu, 01 Jan 1970 00:00:00 GMT Content-Length 57 Content-Type text/javascript;charset=ISO-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.onclickmax.com

URL

http://www.onclickmax.com/script/preurl.php?r=1301617&sub1=299845

Domain

www.bftrk.site

URL

http://www.bftrk.site/tl?a=2&o=3042&s1=1505136832249948927874882094736334&s2=1301617-511961381-0

Domain

chimeracompanygames.com

URL

https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2

Domain

chimeracompanygames.com

URL

https://chimeracompanygames.com/signup.php?id=1&tid=0013594FB2DFE1505136833050284&sc=2

Domain

staticxx.facebook.com

URL

https://staticxx.facebook.com/connect/xd_arbiter/r/0sTQzbapM8j.js?version=42

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.chimeracompanygames.com/	2018-09-11 13:33:53	Name: __cfduid Value: db5dc52a393101508633b1e76737d178f1505136833

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
chimeracompanygames.com
connect.facebook.net
js-agent.newrelic.com
popcash.net
staticxx.facebook.com
www.bftrk.site
www.facebook.com
www.onclickmax.com
chimeracompanygames.com
staticxx.facebook.com
www.bftrk.site
www.onclickmax.com
151.101.114.110
162.247.242.18
173.255.119.88
2400:cb00:2048:1::6814:1eb
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.194.42.106
35.156.249.118
06c6389f3757dc6144bf7390620eb9c20a44d578f6482133ba3a024c2a4210f8
2c88c12b31a24c8071bd22453377b38185bc6f341d8affc200a927f31e5018d2
2e979da95656437371040ed0222fac0ea14c755c9008a223d054730efbfbc51f
3ae1b2a758981b2e3ff536a7e2c57e5c8823e3f9a09cd716296b94d5e178fa10
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b4a6636a61cef8ef4b69eb5507ddbfb8ff83d169f5527b7816774f83656de94
632b60877dc889bb075c71175838f1935300c4aee873667571c2bde5f3fd3e0d
67e0dc7e3dae21efe6314bdbe6ff9ae0140783c8f1b27d1b4a230530c62a0292
6fa0b93dcc79d1ef847f9bc6650fed0dae8fd91d138ad82b39e534e39391e004
73300d3af26d3a352573a453f672d0c2910a75222e349ee4e7563b04e80591aa
7e1d5ee03aabf116bba8dcd9cab6f240c41037a7d72b2acd9d5546582dc93452
7fddbd240d76059918bb40198fde916921ab6c516be78c62c3df21f604d04cbf
84900211d993ed71d391579624b4462ab46319504293fe735066d91e6253ba80
b187aac9b50c6fb1133aba0a48fa2bf0437262befa2f1a25d9cdea8379489308
b5902cf19807bda807419e5e049c49e579ada9bb9a7f69fce616e6b9087d8516
b951bfedeb44d04d7f1103591804ce4dc7de82cd57c16c46a21ecfa2aeffd589
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
e3ff652ea0d8de4ee4f6ad2866424a938e3c4d73dffffae5f19c2d259cfd5b43
ebb82d8e9e422a83d698c30d1a475ec987310cdbfb75b56ed935f6de6f50af1b
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23