urlscan.io logo urlscan.io
SecurityTrails logo

www.trckopt.net Open in urlscan Pro
54.217.181.197  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://maps.google.sk/url?q=https%3A%2F%2F%F0%9F%98%98%40alaiaritas.blogspot.com&sa=D&sntz=1&usg=AOvVaw0YQjItBryExMJKJ...
Effective URL: https://www.trckopt.net/optimiser/liveApi?uuid=4a96b956-eacf-11ee-8c85-0a58a9feac02
Submission: On March 25 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 11 domains to perform 17 HTTP transactions. The main IP is 54.217.181.197, located in and belongs to . The main domain is www.trckopt.net.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 17th 2023. Valid for: a year.
This is the only time www.trckopt.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 142.250.65.195 15169 (GOOGLE)
1 142.250.80.33 15169 (GOOGLE)
2 142.251.40.201 15169 (GOOGLE)
4 46.150.26.189 47513 (SKYLINE-U...)
1 142.251.32.106 15169 (GOOGLE)
1 4 172.67.198.96 13335 (CLOUDFLAR...)
2 151.101.2.217 54113 (FASTLY)
1 172.67.141.1 13335 (CLOUDFLAR...)
1 1 104.21.91.201 13335 (CLOUDFLAR...)
1 2 54.217.181.197 ()
17 10
1    142.250.65.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f3.1e100.net
maps.google.sk
1    142.250.80.33 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f1.1e100.net
alaiaritas.blogspot.com
2    142.251.40.201 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f9.1e100.net
www.blogger.com
4    46.150.26.189 (Kharkiv, Ukraine)

ASN47513 (SKYLINE-UA-AS ISP Skyline, UA)
ametras.space
1    142.251.32.106 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f10.1e100.net
ajax.googleapis.com
4    172.67.198.96 (United States)

ASN13335 (CLOUDFLARENET, US)
bi2.clicktocouple.online
www2-eu.clicktocouple.online
2    151.101.2.217 (United States)

ASN54113 (FASTLY, US)
js.sentry-cdn.com
browser.sentry-cdn.com
1    172.67.141.1 (United States)

ASN13335 (CLOUDFLARENET, US)
metatrckpixel.com
1    104.21.91.201 (None, )

ASN13335 (CLOUDFLARENET, US)
t0325.redirectsecure.com
2    54.217.181.197 (None, )

ASN- ()
trckopt.net
www.trckopt.net
Apex Domain
Subdomains		 Transfer
4 clicktocouple.online
bi2.clicktocouple.online
www2-eu.clicktocouple.online
8 KB
4 ametras.space
ametras.space
55 KB
2 trckopt.net
trckopt.net
www.trckopt.net
1 KB
2 sentry-cdn.com
js.sentry-cdn.com — Cisco Umbrella Rank: 8010
browser.sentry-cdn.com — Cisco Umbrella Rank: 5240
42 KB
2 blogger.com
www.blogger.com — Cisco Umbrella Rank: 10640
58 KB
1 redirectsecure.com
t0325.redirectsecure.com
458 B
1 metatrckpixel.com
metatrckpixel.com — Cisco Umbrella Rank: 315965
722 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 728
30 KB
1 blogspot.com
alaiaritas.blogspot.com
2 KB
1 google.sk
maps.google.sk — Cisco Umbrella Rank: 416596
1 KB
0 domesticmilfs.com Failed
www.domesticmilfs.com Failed
17 11
Domain Requested by
4 ametras.space alaiaritas.blogspot.com
ametras.space
ajax.googleapis.com
3 bi2.clicktocouple.online ametras.space
bi2.clicktocouple.online
2 www.blogger.com alaiaritas.blogspot.com
1 www.trckopt.net bi2.clicktocouple.online
1 trckopt.net 1 redirects
1 t0325.redirectsecure.com 1 redirects
1 www2-eu.clicktocouple.online 1 redirects
1 browser.sentry-cdn.com js.sentry-cdn.com
1 metatrckpixel.com bi2.clicktocouple.online
1 js.sentry-cdn.com bi2.clicktocouple.online
1 ajax.googleapis.com ametras.space
1 alaiaritas.blogspot.com maps.google.sk
1 maps.google.sk
0 www.domesticmilfs.com Failed www.trckopt.net
17 14

This site contains no links.

Subject Issuer Validity Valid
*.google.sk
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
ametras.space
R3		 2024-02-05 -
2024-05-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
clicktocouple.online
GTS CA 1P5		 2024-01-31 -
2024-04-30		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-01 -
2024-09-01		 a year crt.sh
metatrckpixel.com
GTS CA 1P5		 2024-02-13 -
2024-05-13		 3 months crt.sh
*.trckopt.net
Amazon RSA 2048 M02		 2023-05-17 -
2024-06-14		 a year crt.sh

This page contains 1 frames:

Frame: https://www.domesticmilfs.com/promo/affiliate/?campaign_id=374117&email=bevedk%40telus.net&affiliateId=6167&keyword=1489156144833601029&subid=TzhpVmYBt-s&fresh=1&visitId=1077554365&emailId=116323386
Frame ID: 0E0005CF0E49F453C0BE479FC339004E
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://maps.google.sk/url?q=https%3A%2F%2F%F0%9F%98%98%40alaiaritas.blogspot.com&sa=D&sntz=1&usg=A... Page URL
  2. https://alaiaritas.blogspot.com/ Page URL
  3. http://ametras.space/bepuffed/4133662750/adamantean/1706901002/carton/chartist HTTP 307
    https://ametras.space/bepuffed/4133662750/adamantean/1706901002/carton/chartist Page URL
  4. https://bi2.clicktocouple.online/AgAA?prid=tc4133662750_777695999&usid=3138&email=bevedk@telus.net&sub5=click... Page URL
  5. https://www2-eu.clicktocouple.online/AgAA?prid=tc4133662750_777695999&usid=3138&email=bevedk%40telus.net&sub5=cli... HTTP 302
    https://t0325.redirectsecure.com/track?data=eyJsaW5rIjoiaHR0cHM6XC9cL3RyY2tvcHQubmV0XC9vcHRpbWlzZXJcL2xpdmVBc... HTTP 302
    https://trckopt.net/optimiser/liveApi?uuid=4a96b956-eacf-11ee-8c85-0a58a9feac02 HTTP 302
    https://www.trckopt.net/optimiser/liveApi?uuid=4a96b956-eacf-11ee-8c85-0a58a9feac02 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

94 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

10
IPs

3
Countries

197 kB
Transfer

464 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://maps.google.sk/url?q=https%3A%2F%2F%F0%9F%98%98%40alaiaritas.blogspot.com&sa=D&sntz=1&usg=AOvVaw0YQjItBryExMJKJgAIF_Tr Page URL
  2. https://alaiaritas.blogspot.com/ Page URL
  3. http://ametras.space/bepuffed/4133662750/adamantean/1706901002/carton/chartist HTTP 307
    https://ametras.space/bepuffed/4133662750/adamantean/1706901002/carton/chartist Page URL
  4. https://bi2.clicktocouple.online/AgAA?prid=tc4133662750_777695999&usid=3138&email=bevedk@telus.net&sub5=clicktocouple&uum=198E1FBC-1711388649.7677 Page URL
  5. https://www2-eu.clicktocouple.online/AgAA?prid=tc4133662750_777695999&usid=3138&email=bevedk%40telus.net&sub5=clicktocouple&uum=198E1FBC-1711388649.7677&sub6=www2-eu&tbrid64=B8u9GGYBt-k&bdata=eyJkYXRhIjp7InZlbmRvciI6IkludGVsIEluYy4iLCJyZW5kZXJlciI6IkludGVsIElyaXMgT3BlbkdMIEVuZ2luZSIsInBsYXRmb3JtIjoiV2luMzIifSwiZXh0cmEiOnsiTmF2aWdhdG9yLmFwcENvZGVOYW1lIjpbImZhaWxlZCBvYmplY3QgdG9TdHJpbmcgZXJyb3IiLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci5hcHBOYW1lIjpbImZhaWxlZCBvYmplY3QgdG9TdHJpbmcgZXJyb3IiLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci5hcHBWZXJzaW9uIjpbImZhaWxlZCBvYmplY3QgdG9TdHJpbmcgZXJyb3IiLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci5jb25uZWN0aW9uIjpbImZhaWxlZCBvYmplY3QgdG9TdHJpbmcgZXJyb3IiLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci5kZXZpY2VNZW1vcnkiOlsiZmFpbGVkIG9iamVjdCB0b1N0cmluZyBlcnJvciIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLmhhcmR3YXJlQ29uY3VycmVuY3kiOlsiZmFpbGVkIG9iamVjdCB0b1N0cmluZyBlcnJvciIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLmxhbmd1YWdlIjpbImZhaWxlZCBvYmplY3QgdG9TdHJpbmcgZXJyb3IiLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci5sYW5ndWFnZXMiOlsiZmFpbGVkIG9iamVjdCB0b1N0cmluZyBlcnJvciIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiLCJmYWlsZWQgYXQgdG9vIG11Y2ggcmVjdXJzaW9uIGVycm9yIl0sIk5hdmlnYXRvci5tYXhUb3VjaFBvaW50cyI6WyJmYWlsZWQgb2JqZWN0IHRvU3RyaW5nIGVycm9yIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IubWltZVR5cGVzIjpbImZhaWxlZCBvYmplY3QgdG9TdHJpbmcgZXJyb3IiLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci5wbGF0Zm9ybSI6WyJmYWlsZWQgb2JqZWN0IHRvU3RyaW5nIGVycm9yIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IucGx1Z2lucyI6WyJmYWlsZWQgb2JqZWN0IHRvU3RyaW5nIGVycm9yIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IucHJvZHVjdCI6WyJmYWlsZWQgb2JqZWN0IHRvU3RyaW5nIGVycm9yIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IucHJvZHVjdFN1YiI6WyJmYWlsZWQgb2JqZWN0IHRvU3RyaW5nIGVycm9yIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3Iuc2VydmljZVdvcmtlciI6WyJmYWlsZWQgb2JqZWN0IHRvU3RyaW5nIGVycm9yIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdLCJOYXZpZ2F0b3IudXNlckFnZW50IjpbImZhaWxlZCBvYmplY3QgdG9TdHJpbmcgZXJyb3IiLCJmYWlsZWQgYXQgdG9TdHJpbmcgaW5jb21wYXRpYmxlIHByb3h5IGVycm9yIl0sIk5hdmlnYXRvci52ZW5kb3IiOlsiZmFpbGVkIG9iamVjdCB0b1N0cmluZyBlcnJvciIsImZhaWxlZCBhdCB0b1N0cmluZyBpbmNvbXBhdGlibGUgcHJveHkgZXJyb3IiXSwiTmF2aWdhdG9yLnZlbmRvclN1YiI6WyJmYWlsZWQgb2JqZWN0IHRvU3RyaW5nIGVycm9yIiwiZmFpbGVkIGF0IHRvU3RyaW5nIGluY29tcGF0aWJsZSBwcm94eSBlcnJvciJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJDYW5ub3QgcmVhZCBwcm9wZXJ0aWVzIG9mIG51bGwgKHJlYWRpbmcgJ2FwcGVuZENoaWxkJykiXX0sImJvdFNjb3JlIjoiNTAifQ%253D%253D&bt=1711388650&bth=2660594465&tbsession=4192503955147831274&c=1955061606&tags=%7B%7D HTTP 302
    https://t0325.redirectsecure.com/track?data=eyJsaW5rIjoiaHR0cHM6XC9cL3RyY2tvcHQubmV0XC9vcHRpbWlzZXJcL2xpdmVBcGk%2FdXVpZD00YTk2Yjk1Ni1lYWNmLTExZWUtOGM4NS0wYTU4YTlmZWFjMDIiLCJ2ZXJzaW9uIjoidjIiLCJjbGlja19pZCI6IlR6aHBWbVlCdC1zIiwidGltZSI6MTcxMTM4ODY1Mi42ODEzMDV9&cs=c42801d29b6ffcea5e3dfe5985f287e8 HTTP 302
    https://trckopt.net/optimiser/liveApi?uuid=4a96b956-eacf-11ee-8c85-0a58a9feac02 HTTP 302
    https://www.trckopt.net/optimiser/liveApi?uuid=4a96b956-eacf-11ee-8c85-0a58a9feac02 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://ametras.space/bepuffed/4133662750/adamantean/1706901002/carton/chartist HTTP 307
  • https://ametras.space/bepuffed/4133662750/adamantean/1706901002/carton/chartist
Request Chain 15
  • https://www.trckopt.net/?group_id=6015&email=bevedk%40telus.net&subid=TzhpVmYBt-s&keyword=1489156144833601029&live=4a96b956-eacf-11ee-8c85-0a58a9feac02&jsChecked=true HTTP 302
  • https://www.domesticmilfs.com/promo/affiliate/?campaign_id=374117&email=bevedk%40telus.net&affiliateId=6167&keyword=1489156144833601029&subid=TzhpVmYBt-s&fresh=1&visitId=1077554365&emailId=116323386

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
url
maps.google.sk/ 		388 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://maps.google.sk/url?q=https%3A%2F%2F%F0%9F%98%98%40alaiaritas.blogspot.com&sa=D&sntz=1&usg=AOvVaw0YQjItBryExMJKJgAIF_Tr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f3.1e100.net
Software
gws /
Resource Hash
0245b3c1c559afd4407cc5dbaadda10e87c8c12b3a8505a29bb97a9c26b20338
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-CA,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
388
content-type
text/html; charset=UTF-8
date
Mon, 25 Mar 2024 17:44:07 GMT
expires
Mon, 25 Mar 2024 17:44:07 GMT
location
https://%F0%9F%98%98@alaiaritas.blogspot.com
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
server
gws
x-xss-protection
0
/
alaiaritas.blogspot.com/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://%F0%9F%98%98@alaiaritas.blogspot.com/
Requested by
Host: maps.google.sk
URL: https://maps.google.sk/url?q=https%3A%2F%2F%F0%9F%98%98%40alaiaritas.blogspot.com&sa=D&sntz=1&usg=AOvVaw0YQjItBryExMJKJgAIF_Tr#aHR0cDovL2FtZXRyYXMuc3BhY2UvYmVwdWZmZWQvNDEzMzY2Mjc1MC9hZGFtYW50ZWFuLzE3MDY5MDEwMDIvY2FydG9uL2NoYXJ0aXN0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.33 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f1.1e100.net
Software
GSE /
Resource Hash
03145f3e0c104bf857ac9622066c0c1f3df219c3bbb08e0fd60f6c55260ca294
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://maps.google.sk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-CA,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
2115
content-type
text/html; charset=UTF-8
date
Mon, 25 Mar 2024 17:44:08 GMT
etag
W/"c7799780254b80f65cb85c922df6758b5cf77c73ebcc8b115edae05c3902bd58"
expires
Mon, 25 Mar 2024 17:44:08 GMT
last-modified
Fri, 08 Mar 2024 11:25:25 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
55013136-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
Requested by
Host: alaiaritas.blogspot.com
URL: https://%F0%9F%98%98@alaiaritas.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.201 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f9.1e100.net
Software
sffe /
Resource Hash
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://alaiaritas.blogspot.com/
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 20 Mar 2024 07:53:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
467462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6620
x-xss-protection
0
last-modified
Wed, 20 Mar 2024 05:55:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 20 Mar 2025 07:53:06 GMT
1794065108-widgets.js
www.blogger.com/static/v1/widgets/ 		142 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/1794065108-widgets.js
Requested by
Host: alaiaritas.blogspot.com
URL: https://%F0%9F%98%98@alaiaritas.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.201 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f9.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://alaiaritas.blogspot.com/
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 20 Mar 2024 08:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
466704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51775
x-xss-protection
0
last-modified
Tue, 19 Mar 2024 23:17:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 20 Mar 2025 08:05:44 GMT
chartist
ametras.space/bepuffed/4133662750/adamantean/1706901002/carton/
Redirect Chain
  • http://ametras.space/bepuffed/4133662750/adamantean/1706901002/carton/chartist
  • https://ametras.space/bepuffed/4133662750/adamantean/1706901002/carton/chartist
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ametras.space/bepuffed/4133662750/adamantean/1706901002/carton/chartist
Requested by
Host: alaiaritas.blogspot.com
URL: https://%F0%9F%98%98@alaiaritas.blogspot.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
46.150.26.189 Kharkiv, Ukraine, ASN47513 (SKYLINE-UA-AS ISP Skyline, UA),
Reverse DNS
Software
nginx /
Resource Hash
805e5e30b16b71a41b93682e82dfbdeb89b531a4ec7c092828565524c9ed8c19

Request headers

Referer
https://%F0%9F%98%98@alaiaritas.blogspot.com/#aHR0cDovL2FtZXRyYXMuc3BhY2UvYmVwdWZmZWQvNDEzMzY2Mjc1MC9hZGFtYW50ZWFuLzE3MDY5MDEwMDIvY2FydG9uL2NoYXJ0aXN0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 25 Mar 2024 17:44:08 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Location
https://ametras.space/bepuffed/4133662750/adamantean/1706901002/carton/chartist
Non-Authoritative-Reason
HttpsUpgrades
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: ametras.space
URL: https://ametras.space/bepuffed/4133662750/adamantean/1706901002/carton/chartist
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.106 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f10.1e100.net
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 20 Mar 2024 18:16:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
430080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Mar 2025 18:16:09 GMT
844889860.4696922656.2270160908.563343026
ametras.space/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ametras.space/844889860.4696922656.2270160908.563343026
Requested by
Host: ametras.space
URL: https://ametras.space/bepuffed/4133662750/adamantean/1706901002/carton/chartist
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
46.150.26.189 Kharkiv, Ukraine, ASN47513 (SKYLINE-UA-AS ISP Skyline, UA),
Reverse DNS
Software
nginx /
Resource Hash
8effef18a817c22d929eb3955cd32d2ffb4859b8d7035c8e2f4ade2bb41e77f6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Mon, 25 Mar 2024 17:44:08 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
14742
Expires
0
chartist&p=a
ametras.space/bepuffed/4133662750/adamantean/1706901002/carton/ 		146 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ametras.space/bepuffed/4133662750/adamantean/1706901002/carton/chartist&p=a
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
46.150.26.189 Kharkiv, Ukraine, ASN47513 (SKYLINE-UA-AS ISP Skyline, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
*/*
Referer
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 25 Mar 2024 17:44:08 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
dGE4YlhWMD0=
ametras.space/M1k4em1MSCs1dE1YOWk4ZFc5VUh5Vy8yS3NxNmgxMDU1N09v/ 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ametras.space/M1k4em1MSCs1dE1YOWk4ZFc5VUh5Vy8yS3NxNmgxMDU1N09v/dGE4YlhWMD0=
Requested by
Host: ametras.space
URL: https://ametras.space/bepuffed/4133662750/adamantean/1706901002/carton/chartist
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
46.150.26.189 Kharkiv, Ukraine, ASN47513 (SKYLINE-UA-AS ISP Skyline, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 25 Mar 2024 17:44:08 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
AgAA
bi2.clicktocouple.online/ 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bi2.clicktocouple.online/AgAA?prid=tc4133662750_777695999&usid=3138&email=bevedk@telus.net&sub5=clicktocouple&uum=198E1FBC-1711388649.7677
Requested by
Host: ametras.space
URL: https://ametras.space/bepuffed/4133662750/adamantean/1706901002/carton/chartist
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af06586191b2d837b524cc874ad61973d34ef913311ecfe03d17410333fcddfa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-CA,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
86a0b5164e5a39ea-YYZ
content-encoding
br
content-type
text/html
date
Mon, 25 Mar 2024 17:44:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rYr80KQhonEvNMk8D%2FQ8AQ0F5F5qoMGl%2BcsgRhaQ9Bz4W%2BVWexTVOsdZKTNtfqE5o3o8aXkCDQbCWzaHrs8W9MiJOXOAV95orHjBugbpBuVoZR077AB4X7WVTVC7kSUG0mE%2BqZ%2F%2FTOzcvMU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
8e586a14295f3544b7c3c55e6e25ea85.min.js
js.sentry-cdn.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.sentry-cdn.com/8e586a14295f3544b7c3c55e6e25ea85.min.js
Requested by
Host: bi2.clicktocouple.online
URL: https://bi2.clicktocouple.online/AgAA?prid=tc4133662750_777695999&usid=3138&email=bevedk@telus.net&sub5=clicktocouple&uum=198E1FBC-1711388649.7677
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36fe98741a6dd789d4605c81b6eb69d459110444dd2ed2e3139a4cdf99429343
Security Headers
Name Value
Content-Security-Policy worker-src blob:; object-src 'none'; base-uri 'none'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; media-src *; img-src blob: data: *; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; font-src * data:; default-src 'none'; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; frame-ancestors 'self' *.sentry.io; style-src 'unsafe-inline' *; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=99dee583fe210bf6f37476e9022194c386293d19
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bi2.clicktocouple.online/
Origin
https://bi2.clicktocouple.online
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
worker-src blob:; object-src 'none'; base-uri 'none'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; media-src *; img-src blob: data: *; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; font-src * data:; default-src 'none'; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; frame-ancestors 'self' *.sentry.io; style-src 'unsafe-inline' *; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=99dee583fe210bf6f37476e9022194c386293d19
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 25 Mar 2024 17:44:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
age
24
x-envoy-upstream-service-time
17
content-length
1280
x-xss-protection
1; mode=block
x-served-by
getsentry-web-default-common-production-79b68f556b-d664x, cache-chi-klot8100094-CHI, cache-yyz4540-YYZ
x-frame-options
deny
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count
1
accept-ranges
bytes
timing-allow-origin
*
pixel.js
metatrckpixel.com/ 		259 B
722 B 		Script
General
Check archive.org
Download Go to
Full URL
https://metatrckpixel.com/pixel.js?tbsession=
Requested by
Host: bi2.clicktocouple.online
URL: https://bi2.clicktocouple.online/AgAA?prid=tc4133662750_777695999&usid=3138&email=bevedk@telus.net&sub5=clicktocouple&uum=198E1FBC-1711388649.7677
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.141.1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecbc10014ad67af385347ee5ff1649e001ad505aadac11317ed97ab078a489a5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bi2.clicktocouple.online/
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 17:44:10 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gy0GYqqaZKcmK3v9HGJDziXqvaL4CRKz4WjAAcjf94Rh7RP68si05zNEM9NYs%2BkeqRXe2IIMe5fIGganVL3bkLZN3O%2BurdxEhxQbXaYJgVRn%2BOXfNLUZih4KCleGcxRSElEtGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=UTF-8
cf-ray
86a0b518c8cc7c8e-EWR
alt-svc
h3=":443"; ma=86400
bd.js
bi2.clicktocouple.online/static/js/build/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bi2.clicktocouple.online/static/js/build/bd.js
Requested by
Host: bi2.clicktocouple.online
URL: https://bi2.clicktocouple.online/AgAA?prid=tc4133662750_777695999&usid=3138&email=bevedk@telus.net&sub5=clicktocouple&uum=198E1FBC-1711388649.7677
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56f971147c45eee57e6c99f09f4cd65f7a1a47a87b9be4814708de41decb0cd5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bi2.clicktocouple.online/AgAA?prid=tc4133662750_777695999&usid=3138&email=bevedk@telus.net&sub5=clicktocouple&uum=198E1FBC-1711388649.7677
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 17:44:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
76392
etag
W/"static/js/build/bd.3ad9d77bdd.js"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OhmckXOItEoQqg8IALtaVnuA5nsXt%2FHogm%2BR%2Fzd9lzLtVZYHnJm79N1W0x1j%2B31NBItzZihOnmemqoX6CJ34xGRKUQhqyUVILUh11x8LQwVQCk3Vsn1UbRsd829dUh%2BS7obVVyyU2QRdocY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
86a0b51839e539ea-YYZ
alt-svc
h3=":443"; ma=86400
bundle.tracing.es5.min.js
browser.sentry-cdn.com/7.108.0/ 		127 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/7.108.0/bundle.tracing.es5.min.js
Requested by
Host: js.sentry-cdn.com
URL: https://js.sentry-cdn.com/8e586a14295f3544b7c3c55e6e25ea85.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
362c2d2168c5646de5b2426ec20c6c66de871ed1a3b90ccacb2013da098d6f40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bi2.clicktocouple.online/
Origin
https://bi2.clicktocouple.online
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 17:44:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 22 Mar 2024 08:50:10 GMT
server
Fastly
age
286709
etag
"d00bd11e222421765284f64392e258db"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
40358
expires
Sat, 22 Mar 2025 10:05:41 GMT
beacon
bi2.clicktocouple.online/ 		2 B
413 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bi2.clicktocouple.online/beacon
Requested by
Host: bi2.clicktocouple.online
URL: https://bi2.clicktocouple.online/AgAA?prid=tc4133662750_777695999&usid=3138&email=bevedk@telus.net&sub5=clicktocouple&uum=198E1FBC-1711388649.7677
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://bi2.clicktocouple.online/AgAA?prid=tc4133662750_777695999&usid=3138&email=bevedk@telus.net&sub5=clicktocouple&uum=198E1FBC-1711388649.7677
accept-language
en-CA,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryzJZdKHW6z0LtAAu4

Response headers

date
Mon, 25 Mar 2024 17:44:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uxScK%2BR9OV43BZYr8U6dr7EfzNmKWCVrg%2B%2BS4leZXdRWS5PQX7%2FAcTKtAkLMkNxjR8sG4ORqLZ3l%2F76l6qrZbI27UFneVqL8rhaiQttiFoNsGVRHRZld0%2FX43OpUtIHxTOrwG861YB8WTbw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
86a0b518aaa639ea-YYZ
alt-svc
h3=":443"; ma=86400
content-length
2
Primary Request liveApi
www.trckopt.net/optimiser/
Redirect Chain
  • https://www2-eu.clicktocouple.online/AgAA?prid=tc4133662750_777695999&usid=3138&email=bevedk%40telus.net&sub5=clicktocouple&uum=198E1FBC-1711388649.7677&sub6=www2-eu&tbrid64=B8u9GGYBt-k&bdata=eyJkY...
  • https://t0325.redirectsecure.com/track?data=eyJsaW5rIjoiaHR0cHM6XC9cL3RyY2tvcHQubmV0XC9vcHRpbWlzZXJcL2xpdmVBcGk%2FdXVpZD00YTk2Yjk1Ni1lYWNmLTExZWUtOGM4NS0wYTU4YTlmZWFjMDIiLCJ2ZXJzaW9uIjoidjIiLCJjbGl...
  • https://trckopt.net/optimiser/liveApi?uuid=4a96b956-eacf-11ee-8c85-0a58a9feac02
  • https://www.trckopt.net/optimiser/liveApi?uuid=4a96b956-eacf-11ee-8c85-0a58a9feac02
546 B
835 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.trckopt.net/optimiser/liveApi?uuid=4a96b956-eacf-11ee-8c85-0a58a9feac02
Requested by
Host: bi2.clicktocouple.online
URL: https://bi2.clicktocouple.online/AgAA?prid=tc4133662750_777695999&usid=3138&email=bevedk@telus.net&sub5=clicktocouple&uum=198E1FBC-1711388649.7677
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.181.197 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bi2.clicktocouple.online/AgAA?prid=tc4133662750_777695999&usid=3138&email=bevedk@telus.net&sub5=clicktocouple&uum=198E1FBC-1711388649.7677
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-CA,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 25 Mar 2024 17:44:14 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 25 Mar 2024 17:44:13 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
https://www.trckopt.net/optimiser/liveApi?uuid=4a96b956-eacf-11ee-8c85-0a58a9feac02
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
/
www.domesticmilfs.com/promo/affiliate/
Redirect Chain
  • https://www.trckopt.net/?group_id=6015&email=bevedk%40telus.net&subid=TzhpVmYBt-s&keyword=1489156144833601029&live=4a96b956-eacf-11ee-8c85-0a58a9feac02&jsChecked=true
  • https://www.domesticmilfs.com/promo/affiliate/?campaign_id=374117&email=bevedk%40telus.net&affiliateId=6167&keyword=1489156144833601029&subid=TzhpVmYBt-s&fresh=1&visitId=1077554365&emailId=116323386
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.domesticmilfs.com
URL
https://www.domesticmilfs.com/promo/affiliate/?campaign_id=374117&email=bevedk%40telus.net&affiliateId=6167&keyword=1489156144833601029&subid=TzhpVmYBt-s&fresh=1&visitId=1077554365&emailId=116323386

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal

4 Cookies

Domain/Path Name / Value
.google.sk/ Name: NID
Value: 512=Se_ADgy_2wMu4cRrFSL_zT69qG3NQssoHxhDCRB8EISKA4DbR4CdT8DVYIiwutijDfzaA3mCj_X_Q0LvWm3Zg32o8BkWXISbdsLMSCrP-VPwu9EJkFezZjiGuowBwBaM_xYnCecGV5iun3DgM7I6RprTcMi2xYjINwJS7MOZw1Q
.metatrckpixel.com/ Name: trbarid
Value: 4192503955147831274
www2-eu.clicktocouple.online/ Name: trbarid
Value: 3069c6ea308135c53960708a9430205d8498f0e66b8b24c2bfa1a2784f992ec7a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bs%3A19%3A%224192503955147831274%22%3B%7D
.clicktocouple.online/ Name: tbar_uc1
Value: 39a7916dba776d03c3794519374ab5ec9ee67b914d195de175d83be90a384f31a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22tbar_uc1%22%3Bi%3A1%3Bs%3A24%3A%22YmV2ZWRrQHRlbHVzLm5ldA%3D%3D%22%3B%7D

1 Console Messages

Source Level URL
Text
other warning URL: https://bi2.clicktocouple.online/AgAA?prid=tc4133662750_777695999&usid=3138&email=bevedk@telus.net&sub5=clicktocouple&uum=198E1FBC-1711388649.7677
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Xss-Protection 0