urlscan.io logo urlscan.io
SecurityTrails logo

tracking.prmtracking.com Open in urlscan Pro
212.32.250.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://134.209.76.58:18001/in/vs2/?from=blog66#_BC%3D1
Effective URL: https://tracking.prmtracking.com/disabled.html
Submission: On February 26 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 9 domains to perform 9 HTTP transactions. The main IP is 212.32.250.2, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is tracking.prmtracking.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 27th 2019. Valid for: 2 years.
This is the only time tracking.prmtracking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 134.209.76.58 14061 (DIGITALOC...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 4 198.143.165.219 32475 (SINGLEHOP...)
1 35.157.125.133 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 4 99.198.108.198 32475 (SINGLEHOP...)
1 1 109.206.176.75 50245 (SERVEREL-AS)
1 1 212.32.250.1 60781 (LEASEWEB-...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 212.32.250.2 60781 (LEASEWEB-...)
9 5
2    134.209.76.58 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
134.209.76.58
1    2606:4700:3034::681b:82bf (United States)

ASN13335 (CLOUDFLARENET, US)
rovty.xyz
4    198.143.165.219 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
go.clickr.xyz
1    35.157.125.133 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-125-133.eu-central-1.compute.amazonaws.com
interated-citeven.com
1    2606:4700:3032::6818:780e (United States)

ASN13335 (CLOUDFLARENET, US)
you-should-watch-this.site
4    99.198.108.198 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
keloke.go-to.promo
1    109.206.176.75 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 75.176.serverel.net
trktrk.pro
1    212.32.250.1 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
push.adsconverts.com
1    2606:4700:3032::681c:806 (United States)

ASN13335 (CLOUDFLARENET, US)
affiliates.natifico112.com
2    212.32.250.2 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
tracking.prmtracking.com
Domain Requested by
4 keloke.go-to.promo 1 redirects you-should-watch-this.site
keloke.go-to.promo
4 go.clickr.xyz 1 redirects go.clickr.xyz
2 tracking.prmtracking.com 1 redirects keloke.go-to.promo
1 affiliates.natifico112.com 1 redirects
1 push.adsconverts.com 1 redirects
1 trktrk.pro 1 redirects
1 you-should-watch-this.site
1 interated-citeven.com go.clickr.xyz
1 rovty.xyz 1 redirects
9 9

This site contains no links.

Subject Issuer Validity Valid
go.clickr.xyz
Let's Encrypt Authority X3		 2020-01-20 -
2020-04-19		 3 months crt.sh
interated-citeven.com
Let's Encrypt Authority X3		 2020-01-20 -
2020-04-19		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-11-11 -
2020-10-09		 a year crt.sh
keloke.go-to.promo
Let's Encrypt Authority X3		 2020-01-31 -
2020-04-30		 3 months crt.sh
offers.primeroll.com
Go Daddy Secure Certificate Authority - G2		 2019-11-27 -
2021-11-27		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://tracking.prmtracking.com/disabled.html
Frame ID: 67A3FE7CC809996C218BD9BC86F161A4
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://134.209.76.58:18001/in/vs2/?from=blog66 HTTP 302
    http://134.209.76.58:18001/in/vs2/?from=blog66&_BC=1 HTTP 302
    http://rovty.xyz/filter.php HTTP 302
    https://go.clickr.xyz/?utm_medium=971d375bea7084fe2f51954d47f872dbb7e0a8d9&utm_campaign=Auto Page URL
  2. https://go.clickr.xyz/?utm_term=6797685820791717898&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
  3. https://go.clickr.xyz/proc.php?1446a6ef9b120dfa6eb5867dc6f1ed9a6b338f18 HTTP 302
    https://interated-citeven.com/454f579b-7d70-4071-a962-f734391f42fe?partner_id=12382&placement_id=12382-2ac... Page URL
  4. https://you-should-watch-this.site/ Page URL
  5. https://keloke.go-to.promo/?utm_medium=2773a7035df189c1f00c8fed2e15f7d4dd0641b4&utm_campaign=yswts Page URL
  6. https://keloke.go-to.promo/?utm_term=6797685825053130817&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
  7. https://keloke.go-to.promo/proc.php?2e9aa5e823c9f824a87b3f5032b7b1eb33f30ef3 HTTP 302
    https://trktrk.pro/trk.php?key=2isvfs2kuzj04sqnr1l9&sub=6797685825053130817&par_id=2153&pid=215... HTTP 302
    http://push.adsconverts.com/click?pid=58&offer_id=6363&ref_id=83e8e526jib2tvr31b&sub2=2153-4a43270z HTTP 302
    https://affiliates.natifico112.com/click?pid=580&offer_id=1949&ref_id=5e563b3e1a7e760001d0ec3e&sub1=2153-4a43270z HTTP 302
    https://tracking.prmtracking.com/click?pid=660&offer_id=2039766&sub1=5e563b3ea8dff2000124e8ef&sub2=2153-4a43270z HTTP 302
    https://tracking.prmtracking.com/disabled.html Page URL

Page Statistics

9
Requests

100 %
HTTPS

30 %
IPv6

9
Domains

9
Subdomains

5
IPs

3
Countries

38 kB
Transfer

60 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://134.209.76.58:18001/in/vs2/?from=blog66 HTTP 302
    http://134.209.76.58:18001/in/vs2/?from=blog66&_BC=1 HTTP 302
    http://rovty.xyz/filter.php HTTP 302
    https://go.clickr.xyz/?utm_medium=971d375bea7084fe2f51954d47f872dbb7e0a8d9&utm_campaign=Auto Page URL
  2. https://go.clickr.xyz/?utm_term=6797685820791717898&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e Page URL
  3. https://go.clickr.xyz/proc.php?1446a6ef9b120dfa6eb5867dc6f1ed9a6b338f18 HTTP 302
    https://interated-citeven.com/454f579b-7d70-4071-a962-f734391f42fe?partner_id=12382&placement_id=12382-2ac5d06z&subid=6797685820791717898&tp=2 Page URL
  4. https://you-should-watch-this.site/ Page URL
  5. https://keloke.go-to.promo/?utm_medium=2773a7035df189c1f00c8fed2e15f7d4dd0641b4&utm_campaign=yswts Page URL
  6. https://keloke.go-to.promo/?utm_term=6797685825053130817&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f Page URL
  7. https://keloke.go-to.promo/proc.php?2e9aa5e823c9f824a87b3f5032b7b1eb33f30ef3 HTTP 302
    https://trktrk.pro/trk.php?key=2isvfs2kuzj04sqnr1l9&sub=6797685825053130817&par_id=2153&pid=2153-4a43270z&cc=de HTTP 302
    http://push.adsconverts.com/click?pid=58&offer_id=6363&ref_id=83e8e526jib2tvr31b&sub2=2153-4a43270z HTTP 302
    https://affiliates.natifico112.com/click?pid=580&offer_id=1949&ref_id=5e563b3e1a7e760001d0ec3e&sub1=2153-4a43270z HTTP 302
    https://tracking.prmtracking.com/click?pid=660&offer_id=2039766&sub1=5e563b3ea8dff2000124e8ef&sub2=2153-4a43270z HTTP 302
    https://tracking.prmtracking.com/disabled.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://134.209.76.58:18001/in/vs2/?from=blog66 HTTP 302
  • http://134.209.76.58:18001/in/vs2/?from=blog66&_BC=1 HTTP 302
  • http://rovty.xyz/filter.php HTTP 302
  • https://go.clickr.xyz/?utm_medium=971d375bea7084fe2f51954d47f872dbb7e0a8d9&utm_campaign=Auto
Request Chain 3
  • https://go.clickr.xyz/proc.php?1446a6ef9b120dfa6eb5867dc6f1ed9a6b338f18 HTTP 302
  • https://interated-citeven.com/454f579b-7d70-4071-a962-f734391f42fe?partner_id=12382&placement_id=12382-2ac5d06z&subid=6797685820791717898&tp=2

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
go.clickr.xyz/
Redirect Chain
  • http://134.209.76.58:18001/in/vs2/?from=blog66
  • http://134.209.76.58:18001/in/vs2/?from=blog66&_BC=1
  • http://rovty.xyz/filter.php
  • https://go.clickr.xyz/?utm_medium=971d375bea7084fe2f51954d47f872dbb7e0a8d9&utm_campaign=Auto
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.clickr.xyz/?utm_medium=971d375bea7084fe2f51954d47f872dbb7e0a8d9&utm_campaign=Auto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
890ba819d177b94402d2702faea05094d86e2b8b5d37dfb6a2d866d42e37a508
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
go.clickr.xyz
:scheme
https
:path
/?utm_medium=971d375bea7084fe2f51954d47f872dbb7e0a8d9&utm_campaign=Auto
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
nginx
date
Wed, 26 Feb 2020 09:32:45 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=abeac766c5f2776a192badf157dac92d; expires=Thu, 25-Feb-2021 09:32:45 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip

Redirect headers

Date
Wed, 26 Feb 2020 09:32:44 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d68c1f029990af1a5c2cbf9ab631622e01582709563; expires=Fri, 27-Mar-20 09:32:43 GMT; path=/; domain=.rovty.xyz; HttpOnly; SameSite=Lax
X-Powered-By
PHP/7.2.24
Location
https://go.clickr.xyz/?utm_medium=971d375bea7084fe2f51954d47f872dbb7e0a8d9&utm_campaign=Auto
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
56b0e9d68f94178a-FRA
/
go.clickr.xyz/ 		15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.clickr.xyz/?utm_term=6797685820791717898&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
Requested by
Host: go.clickr.xyz
URL: https://go.clickr.xyz/?utm_medium=971d375bea7084fe2f51954d47f872dbb7e0a8d9&utm_campaign=Auto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
0f0dc396094e35848c773d7949f832cc668bbf7b38ecf2cc59f12315bea7ab32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
go.clickr.xyz
:scheme
https
:path
/?utm_term=6797685820791717898&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://go.clickr.xyz/?utm_medium=971d375bea7084fe2f51954d47f872dbb7e0a8d9&utm_campaign=Auto
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
u=abeac766c5f2776a192badf157dac92d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://go.clickr.xyz/?utm_medium=971d375bea7084fe2f51954d47f872dbb7e0a8d9&utm_campaign=Auto

Response headers

status
200
server
nginx
date
Wed, 26 Feb 2020 09:32:45 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
skip-button.jpg
go.clickr.xyz/20190821/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.clickr.xyz/20190821/skip-button.jpg
Requested by
Host: go.clickr.xyz
URL: https://go.clickr.xyz/?utm_term=6797685820791717898&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.143.165.219 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
f0eb9ece706d722ccab204bd08b56af28d95666e63d514c908a034243ceafa01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://go.clickr.xyz/?utm_term=6797685820791717898&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 09:32:45 GMT
last-modified
Wed, 21 Aug 2019 12:57:11 GMT
server
nginx
etag
"5d5d3fa7-2e32"
strict-transport-security
max-age=31536000; includeSubdomains;
content-type
image/jpeg
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
11826
expires
Thu, 27 Feb 2020 09:32:45 GMT
Cookie set 454f579b-7d70-4071-a962-f734391f42fe
interated-citeven.com/
Redirect Chain
  • https://go.clickr.xyz/proc.php?1446a6ef9b120dfa6eb5867dc6f1ed9a6b338f18
  • https://interated-citeven.com/454f579b-7d70-4071-a962-f734391f42fe?partner_id=12382&placement_id=12382-2ac5d06z&subid=6797685820791717898&tp=2
247 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://interated-citeven.com/454f579b-7d70-4071-a962-f734391f42fe?partner_id=12382&placement_id=12382-2ac5d06z&subid=6797685820791717898&tp=2
Requested by
Host: go.clickr.xyz
URL: https://go.clickr.xyz/?utm_term=6797685820791717898&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.125.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-125-133.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
69dbf04eabc7b4e10b83ddc3c8f57a4e60e934c3e7f411269dc8671ffa0e1501

Request headers

Host
interated-citeven.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://go.clickr.xyz/?utm_term=6797685820791717898&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://go.clickr.xyz/?utm_term=6797685820791717898&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b68784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45e#

Response headers

Server
nginx
Date
Wed, 26 Feb 2020 09:32:45 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
247
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Set-Cookie
454f579b-7d70-4071-a962-f734391f42fe-v4=454f579b-7d70-4071-a962-f734391f42fe; Max-Age=86400; Expires=Thu, 27-Feb-2020 09:32:45 GMT; Domain=interated-citeven.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=3LGSv%2BkFCrzxQv7aC7TZOsoAtTcY4MNgOSRlCd2AWOUQ32VlGAhBNeGX%2F5i5GnyGyM8SHZCK6%2BggIBVLWF%2FfV5Qzqw8ydL2qy1bXgY1AuoWww9pVvgEXP94okGGG%2BQacllMXNd3iFG%2FPB4DK7%2B5tdw%3D%3D; Max-Age=31536000; Expires=Thu, 25-Feb-2021 09:32:45 GMT; Domain=interated-citeven.com; Path=/; Secure; HttpOnly;SameSite=None

Redirect headers

status
302
server
nginx
date
Wed, 26 Feb 2020 09:32:45 GMT
content-type
text/html; charset=UTF-8
location
https://interated-citeven.com/454f579b-7d70-4071-a962-f734391f42fe?partner_id=12382&placement_id=12382-2ac5d06z&subid=6797685820791717898&tp=2
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
/
you-should-watch-this.site/ 		543 B
653 B 		Document
General
Check archive.org
Download Go to
Full URL
https://you-should-watch-this.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:780e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
174ce5a799bddf3a3a9a4425fd83266303eba56558b018dbe71132b76d39a167

Request headers

:method
GET
:authority
you-should-watch-this.site
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://interated-citeven.com/454f579b-7d70-4071-a962-f734391f42fe?partner_id=12382&placement_id=12382-2ac5d06z&subid=6797685820791717898&tp=2
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://interated-citeven.com/454f579b-7d70-4071-a962-f734391f42fe?partner_id=12382&placement_id=12382-2ac5d06z&subid=6797685820791717898&tp=2

Response headers

status
200
date
Wed, 26 Feb 2020 09:32:45 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d41cb48dc13b36b25c1600b8d70de52501582709565; expires=Fri, 27-Mar-20 09:32:45 GMT; path=/; domain=.you-should-watch-this.site; HttpOnly; SameSite=Lax
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
56b0e9e14c173258-FRA
content-encoding
br
/
keloke.go-to.promo/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://keloke.go-to.promo/?utm_medium=2773a7035df189c1f00c8fed2e15f7d4dd0641b4&utm_campaign=yswts
Requested by
Host: you-should-watch-this.site
URL: https://you-should-watch-this.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.108.198 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
2ab84c0cbbfc46d5d96d8984f7be0c0b2d621f3844c69e69c098694faa7d3627
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
keloke.go-to.promo
:scheme
https
:path
/?utm_medium=2773a7035df189c1f00c8fed2e15f7d4dd0641b4&utm_campaign=yswts
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://you-should-watch-this.site/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://you-should-watch-this.site/

Response headers

status
200
server
nginx
date
Wed, 26 Feb 2020 09:32:46 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=aa1e667e9713f1b71d2ae6fdd1af7dae; expires=Thu, 25-Feb-2021 09:32:46 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
/
keloke.go-to.promo/ 		15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://keloke.go-to.promo/?utm_term=6797685825053130817&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
Requested by
Host: keloke.go-to.promo
URL: https://keloke.go-to.promo/?utm_medium=2773a7035df189c1f00c8fed2e15f7d4dd0641b4&utm_campaign=yswts
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.108.198 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
b329a0128aa569b92a93965f79756ff0b553bfd3b772fcfee94578fce3d823fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
keloke.go-to.promo
:scheme
https
:path
/?utm_term=6797685825053130817&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://keloke.go-to.promo/?utm_medium=2773a7035df189c1f00c8fed2e15f7d4dd0641b4&utm_campaign=yswts
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
u=aa1e667e9713f1b71d2ae6fdd1af7dae
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://keloke.go-to.promo/?utm_medium=2773a7035df189c1f00c8fed2e15f7d4dd0641b4&utm_campaign=yswts

Response headers

status
200
server
nginx
date
Wed, 26 Feb 2020 09:32:46 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
skip-button.jpg
keloke.go-to.promo/20190821/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://keloke.go-to.promo/20190821/skip-button.jpg
Requested by
Host: keloke.go-to.promo
URL: https://keloke.go-to.promo/?utm_term=6797685825053130817&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.108.198 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
f0eb9ece706d722ccab204bd08b56af28d95666e63d514c908a034243ceafa01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://keloke.go-to.promo/?utm_term=6797685825053130817&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 09:32:46 GMT
last-modified
Wed, 21 Aug 2019 12:57:11 GMT
server
nginx
etag
"5d5d3fa7-2e32"
strict-transport-security
max-age=31536000; includeSubdomains;
content-type
image/jpeg
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
11826
expires
Thu, 27 Feb 2020 09:32:46 GMT
Primary Request disabled.html
tracking.prmtracking.com/
Redirect Chain
  • https://keloke.go-to.promo/proc.php?2e9aa5e823c9f824a87b3f5032b7b1eb33f30ef3
  • https://trktrk.pro/trk.php?key=2isvfs2kuzj04sqnr1l9&sub=6797685825053130817&par_id=2153&pid=2153-4a43270z&cc=de
  • http://push.adsconverts.com/click?pid=58&offer_id=6363&ref_id=83e8e526jib2tvr31b&sub2=2153-4a43270z
  • https://affiliates.natifico112.com/click?pid=580&offer_id=1949&ref_id=5e563b3e1a7e760001d0ec3e&sub1=2153-4a43270z
  • https://tracking.prmtracking.com/click?pid=660&offer_id=2039766&sub1=5e563b3ea8dff2000124e8ef&sub2=2153-4a43270z
  • https://tracking.prmtracking.com/disabled.html
111 B
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tracking.prmtracking.com/disabled.html
Requested by
Host: keloke.go-to.promo
URL: https://keloke.go-to.promo/?utm_term=6797685825053130817&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.32.250.2 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
b7413baf6c8d815f06ac626010aa7c4eff83b4f3ab3fa3cfd4c50cb533b5cf08
Security Headers
Name Value
X-Frame-Options DENY

Request headers

:method
GET
:authority
tracking.prmtracking.com
:scheme
https
:path
/disabled.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://keloke.go-to.promo/?utm_term=6797685825053130817&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f#

Response headers

status
200
server
nginx
date
Wed, 26 Feb 2020 09:32:46 GMT
content-type
text/html
last-modified
Fri, 12 Jan 2018 11:09:22 GMT
etag
W/"5a589762-6f"
x-frame-options
DENY
content-encoding
gzip

Redirect headers

status
302
server
nginx
date
Wed, 26 Feb 2020 09:32:46 GMT
content-type
text/html; charset=utf-8
content-length
37
location
/disabled.html
x-frame-options
DENY

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;