urlscan.io logo urlscan.io
SecurityTrails logo

adzshield.net Open in urlscan Pro
2606:4700:3037::ac43:b9b2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://6sh234gf64.srtrak.com/106-706-3-2011?entity=60865
Effective URL: https://adzshield.net/list.php?k=aukopWdmobXnet5&lv=55&r=6809&n=mem_m1_EChadshi_allg_16673729617272t48krhbXvp&m=ko
Submission: On November 02 via manual from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 10 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3037::ac43:b9b2, located in United States and belongs to CLOUDFLARENET, US. The main domain is adzshield.net.
TLS certificate: Issued by E1 on October 8th 2022. Valid for: 3 months.
This is the only time adzshield.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a07:5740:400... 44901 (BELCLOUD)
3 3 91.132.60.212 44901 (BELCLOUD)
1 94.237.99.118 202053 (UPCLOUD)
1 94.237.103.119 202053 (UPCLOUD)
1 1 107.20.106.95 14618 (AMAZON-AES)
1 1 3.226.146.143 14618 (AMAZON-AES)
1 34.91.234.242 396982 (GOOGLE-CL...)
1 188.72.236.34 35415 (WEBZILLA)
1 1 3.93.59.244 14618 (AMAZON-AES)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
10 6
1    2a07:5740:400:13::8 (Bulgaria)

ASN44901 (BELCLOUD, BG)
6sh234gf64.srtrak.com
3    91.132.60.212 (Bulgaria)

ASN44901 (BELCLOUD, BG)
6sh234gf64.srtrak.com
e218f3ff9.srtrak.com
1    94.237.99.118 (Finland)

ASN202053 (UPCLOUD, FI)
PTR: 94-237-99-118.de-fra1.upcloud.host
1d6ce8f0ed3.tcompany-offer.com
1    94.237.103.119 (Finland)

ASN202053 (UPCLOUD, FI)
PTR: 94-237-103-119.de-fra1.upcloud.host
1d6cf292bf3.traffic247links.com
1    107.20.106.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-106-95.compute-1.amazonaws.com
brko.admobe.com
1    3.226.146.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-146-143.compute-1.amazonaws.com
operateadvancedheavilyinfo-file.info
1    34.91.234.242 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 242.234.91.34.bc.googleusercontent.com
track.gositego.live
1    188.72.236.34 (Netherlands)

ASN35415 (WEBZILLA, NL)
ti-files.org
1    3.93.59.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-59-244.compute-1.amazonaws.com
update4soft.coolmethod2update.life
5    2606:4700:3037::ac43:b9b2 (United States)

ASN13335 (CLOUDFLARENET, US)
adzshield.net
1    2606:4700:3037::6815:5d94 (United States)

ASN13335 (CLOUDFLARENET, US)
kd3dq.com
Apex Domain
Subdomains		 Transfer
5 adzshield.net
adzshield.net
58 KB
4 srtrak.com
6sh234gf64.srtrak.com
e218f3ff9.srtrak.com
1 KB
1 kd3dq.com
kd3dq.com — Cisco Umbrella Rank: 444331
1 KB
1 coolmethod2update.life
update4soft.coolmethod2update.life
563 B
1 ti-files.org
ti-files.org — Cisco Umbrella Rank: 167915
8 KB
1 gositego.live
track.gositego.live — Cisco Umbrella Rank: 273695
475 B
1 operateadvancedheavilyinfo-file.info
operateadvancedheavilyinfo-file.info
359 B
1 admobe.com
brko.admobe.com — Cisco Umbrella Rank: 345580
344 B
1 traffic247links.com
1d6cf292bf3.traffic247links.com
1 KB
1 tcompany-offer.com
1d6ce8f0ed3.tcompany-offer.com
845 B
10 10
Domain Requested by
5 adzshield.net ti-files.org
adzshield.net
3 6sh234gf64.srtrak.com 3 redirects
1 kd3dq.com adzshield.net
1 update4soft.coolmethod2update.life 1 redirects
1 ti-files.org
1 track.gositego.live
1 operateadvancedheavilyinfo-file.info 1 redirects
1 brko.admobe.com 1 redirects
1 1d6cf292bf3.traffic247links.com
1 1d6ce8f0ed3.tcompany-offer.com
1 e218f3ff9.srtrak.com 1 redirects
10 11

This site contains links to these domains. Also see Links.

Domain
www.privacypolicyonline.com
Subject Issuer Validity Valid
*.tcompany-offer.com
R3		 2022-10-14 -
2023-01-12		 3 months crt.sh
*.traffic247links.com
R3		 2022-09-09 -
2022-12-08		 3 months crt.sh
track.gositego.live
Sectigo RSA Domain Validation Secure Server CA		 2022-05-31 -
2023-05-28		 a year crt.sh
ti-files.org
R3		 2022-09-22 -
2022-12-21		 3 months crt.sh
*.adzshield.net
E1		 2022-10-08 -
2023-01-06		 3 months crt.sh
*.kd3dq.com
E1		 2022-10-06 -
2023-01-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://adzshield.net/list.php?k=aukopWdmobXnet5&lv=55&r=6809&n=mem_m1_EChadshi_allg_16673729617272t48krhbXvp&m=ko
Frame ID: 09CDB141FC7D51AC512EDEB200CB66ED
Requests: 9 HTTP requests in this frame

Frame: https://kd3dq.com/a.php?id=0048&e=VPGCNBK0FG&c=aukopWdmobXnet5&r=ko&cid=mem_m1_EChadshi_allg_16673729617272t48krhbXvp&z=6809&v=1&dr=https%3A%2F%2Fti-files.org%2F&inw=1600&inh=1200
Frame ID: 7F65FE9580AC166A8599061D91468111
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Adz Shield

Page URL History Show full URLs

  1. http://6sh234gf64.srtrak.com/106-706-3-2011?entity=60865 HTTP 301
    https://6sh234gf64.srtrak.com/106-706-3-2011?entity=60865 HTTP 301
    https://6sh234gf64.srtrak.com/promo.php?id=106&page=706&set=3&link=2011&entity=60865 HTTP 301
    https://e218f3ff9.srtrak.com/promo-tools/direct-offers/mainstream/sweepstakes/win500cash/?idev_id=106&set... HTTP 302
    https://1d6ce8f0ed3.tcompany-offer.com/?p=5221&plid=1&plid_hmac=8e4ba4d770c032b1b72f66f3beb1a9ac&wid=132902&wid_hma... Page URL
  2. https://1d6cf292bf3.traffic247links.com/?p=5221&wid=132902&wid_hmac=d0cd5a96a873328888c8f7fbeabd778d&pl_settings%5Bp... Page URL
  3. https://brko.admobe.com/gsdagsdag/gsdagasd/?utm_source=1080&utm_campaign=11211032&clck=rkpl7kc9q9bmy... HTTP 302
    https://operateadvancedheavilyinfo-file.info/yqFMnD2msbUfLUB1u6aaOZ31oz7nLrjyWWyn3Kx3Ms4?clck=rkpl7kc9q9bmyrcvwc4cg44gk,1... HTTP 302
    https://track.gositego.live/click?pid=3664&offer_id=17742&sub1=Yn6zPkbWZ2cyOG70bS9biSM1gSnMPASH&sub2=v66R Page URL
  4. https://ti-files.org/GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=&s1=3664_v66R&s3=636217a1028... Page URL
  5. https://update4soft.coolmethod2update.life/hiuo?ftri=0AIrOBilNj0CeD22beTg5hxQJSTaJJDv3IhCwe78kgc.&sid=338447&cid=AKEXYm... HTTP 302
    https://adzshield.net/list.php?k=aukopWdmobXnet5&lv=55&r=6809&n=mem_m1_EChadshi_allg_1667372961727... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

10
Requests

100 %
HTTPS

27 %
IPv6

10
Domains

11
Subdomains

6
IPs

4
Countries

70 kB
Transfer

325 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://6sh234gf64.srtrak.com/106-706-3-2011?entity=60865 HTTP 301
    https://6sh234gf64.srtrak.com/106-706-3-2011?entity=60865 HTTP 301
    https://6sh234gf64.srtrak.com/promo.php?id=106&page=706&set=3&link=2011&entity=60865 HTTP 301
    https://e218f3ff9.srtrak.com/promo-tools/direct-offers/mainstream/sweepstakes/win500cash/?idev_id=106&set=3&link=2011&page=706&clickid=eb79633e7c8f84c916ff71afbb536463cb3ab2e8c0933e178fecf1c3517a0684 HTTP 302
    https://1d6ce8f0ed3.tcompany-offer.com/?p=5221&plid=1&plid_hmac=8e4ba4d770c032b1b72f66f3beb1a9ac&wid=132902&wid_hmac=d0cd5a96a873328888c8f7fbeabd778d&pl_settings%5Bprize%5D=cash-500-usd&o_settings%5Bprize%5D=cash-500-usd&pi=106&click_id=eb79633e7c8f84c916ff71afbb536463cb3ab2e8c0933e178fecf1c3517a0684 Page URL
  2. https://1d6cf292bf3.traffic247links.com/?p=5221&wid=132902&wid_hmac=d0cd5a96a873328888c8f7fbeabd778d&pl_settings%5Bprize%5D=cash-500-usd&o_settings%5Bprize%5D=cash-500-usd&pi=106&click_id=eb79633e7c8f84c916ff71afbb536463cb3ab2e8c0933e178fecf1c3517a0684&co=1&noback=1 Page URL
  3. https://brko.admobe.com/gsdagsdag/gsdagasd/?utm_source=1080&utm_campaign=11211032&clck=rkpl7kc9q9bmyrcvwc4cg44gk,16543664,5,5221&sid=5221 HTTP 302
    https://operateadvancedheavilyinfo-file.info/yqFMnD2msbUfLUB1u6aaOZ31oz7nLrjyWWyn3Kx3Ms4?clck=rkpl7kc9q9bmyrcvwc4cg44gk,16543664,5,5221&sid=5221 HTTP 302
    https://track.gositego.live/click?pid=3664&offer_id=17742&sub1=Yn6zPkbWZ2cyOG70bS9biSM1gSnMPASH&sub2=v66R Page URL
  4. https://ti-files.org/GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=&s1=3664_v66R&s3=636217a1028bcf00013f7130 Page URL
  5. https://update4soft.coolmethod2update.life/hiuo?ftri=0AIrOBilNj0CeD22beTg5hxQJSTaJJDv3IhCwe78kgc.&sid=338447&cid=AKEXYmMPKgUA81UCAERFFwASAHOm5sgA HTTP 302
    https://adzshield.net/list.php?k=aukopWdmobXnet5&lv=55&r=6809&n=mem_m1_EChadshi_allg_16673729617272t48krhbXvp&m=ko Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://6sh234gf64.srtrak.com/106-706-3-2011?entity=60865 HTTP 301
  • https://6sh234gf64.srtrak.com/106-706-3-2011?entity=60865 HTTP 301
  • https://6sh234gf64.srtrak.com/promo.php?id=106&page=706&set=3&link=2011&entity=60865 HTTP 301
  • https://e218f3ff9.srtrak.com/promo-tools/direct-offers/mainstream/sweepstakes/win500cash/?idev_id=106&set=3&link=2011&page=706&clickid=eb79633e7c8f84c916ff71afbb536463cb3ab2e8c0933e178fecf1c3517a0684 HTTP 302
  • https://1d6ce8f0ed3.tcompany-offer.com/?p=5221&plid=1&plid_hmac=8e4ba4d770c032b1b72f66f3beb1a9ac&wid=132902&wid_hmac=d0cd5a96a873328888c8f7fbeabd778d&pl_settings%5Bprize%5D=cash-500-usd&o_settings%5Bprize%5D=cash-500-usd&pi=106&click_id=eb79633e7c8f84c916ff71afbb536463cb3ab2e8c0933e178fecf1c3517a0684
Request Chain 2
  • https://brko.admobe.com/gsdagsdag/gsdagasd/?utm_source=1080&utm_campaign=11211032&clck=rkpl7kc9q9bmyrcvwc4cg44gk,16543664,5,5221&sid=5221 HTTP 302
  • https://operateadvancedheavilyinfo-file.info/yqFMnD2msbUfLUB1u6aaOZ31oz7nLrjyWWyn3Kx3Ms4?clck=rkpl7kc9q9bmyrcvwc4cg44gk,16543664,5,5221&sid=5221 HTTP 302
  • https://track.gositego.live/click?pid=3664&offer_id=17742&sub1=Yn6zPkbWZ2cyOG70bS9biSM1gSnMPASH&sub2=v66R

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
1d6ce8f0ed3.tcompany-offer.com/
Redirect Chain
  • http://6sh234gf64.srtrak.com/106-706-3-2011?entity=60865
  • https://6sh234gf64.srtrak.com/106-706-3-2011?entity=60865
  • https://6sh234gf64.srtrak.com/promo.php?id=106&page=706&set=3&link=2011&entity=60865
  • https://e218f3ff9.srtrak.com/promo-tools/direct-offers/mainstream/sweepstakes/win500cash/?idev_id=106&set=3&link=2011&page=706&clickid=eb79633e7c8f84c916ff71afbb536463cb3ab2e8c0933e178fecf1c3517a0684
  • https://1d6ce8f0ed3.tcompany-offer.com/?p=5221&plid=1&plid_hmac=8e4ba4d770c032b1b72f66f3beb1a9ac&wid=132902&wid_hmac=d0cd5a96a873328888c8f7fbeabd778d&pl_settings%5Bprize%5D=cash-500-usd&o_settings%...
1 KB
845 B 		Document
General
Check archive.org
Download Go to
Full URL
https://1d6ce8f0ed3.tcompany-offer.com/?p=5221&plid=1&plid_hmac=8e4ba4d770c032b1b72f66f3beb1a9ac&wid=132902&wid_hmac=d0cd5a96a873328888c8f7fbeabd778d&pl_settings%5Bprize%5D=cash-500-usd&o_settings%5Bprize%5D=cash-500-usd&pi=106&click_id=eb79633e7c8f84c916ff71afbb536463cb3ab2e8c0933e178fecf1c3517a0684
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.99.118 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS
94-237-99-118.de-fra1.upcloud.host
Software
/
Resource Hash
582fb8393ce4b6d11c4979937798ff97b3aa8f9b1b003d3e8eae0b68f7b048b5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 02 Nov 2022 07:09:19 GMT
expires
Wed, 2 Nov 2022 07:09:19 GMT
last-modified
Wed, 2 Nov 2022 07:09:19 GMT
pragma
no-cache
vary
Accept-Encoding
x-robots-tag
noindex, nofollow

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Wed, 02 Nov 2022 07:09:19 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://1d6ce8f0ed3.tcompany-offer.com/?p=5221&plid=1&plid_hmac=8e4ba4d770c032b1b72f66f3beb1a9ac&wid=132902&wid_hmac=d0cd5a96a873328888c8f7fbeabd778d&pl_settings%5Bprize%5D=cash-500-usd&o_settings%5Bprize%5D=cash-500-usd&pi=106&click_id=eb79633e7c8f84c916ff71afbb536463cb3ab2e8c0933e178fecf1c3517a0684
pragma
no-cache
referrer-policy
no-referrer
server
nginx
x-robots-tag
noindex, nofollow, nosnippet, noarchive
/
1d6cf292bf3.traffic247links.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1d6cf292bf3.traffic247links.com/?p=5221&wid=132902&wid_hmac=d0cd5a96a873328888c8f7fbeabd778d&pl_settings%5Bprize%5D=cash-500-usd&o_settings%5Bprize%5D=cash-500-usd&pi=106&click_id=eb79633e7c8f84c916ff71afbb536463cb3ab2e8c0933e178fecf1c3517a0684&co=1&noback=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.103.119 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS
94-237-103-119.de-fra1.upcloud.host
Software
/
Resource Hash

Request headers

Referer
https://1d6ce8f0ed3.tcompany-offer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 02 Nov 2022 07:09:20 GMT
expires
Wed, 2 Nov 2022 07:09:20 GMT
last-modified
Wed, 2 Nov 2022 07:09:20 GMT
pragma
no-cache
vary
Accept-Encoding
x-robots-tag
noindex, nofollow
click
track.gositego.live/
Redirect Chain
  • https://brko.admobe.com/gsdagsdag/gsdagasd/?utm_source=1080&utm_campaign=11211032&clck=rkpl7kc9q9bmyrcvwc4cg44gk,16543664,5,5221&sid=5221
  • https://operateadvancedheavilyinfo-file.info/yqFMnD2msbUfLUB1u6aaOZ31oz7nLrjyWWyn3Kx3Ms4?clck=rkpl7kc9q9bmyrcvwc4cg44gk,16543664,5,5221&sid=5221
  • https://track.gositego.live/click?pid=3664&offer_id=17742&sub1=Yn6zPkbWZ2cyOG70bS9biSM1gSnMPASH&sub2=v66R
248 B
475 B 		Document
General
Check archive.org
Download Go to
Full URL
https://track.gositego.live/click?pid=3664&offer_id=17742&sub1=Yn6zPkbWZ2cyOG70bS9biSM1gSnMPASH&sub2=v66R
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.91.234.242 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
242.234.91.34.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Referer
https://1d6cf292bf3.traffic247links.com/?p=5221&wid=132902&wid_hmac=d0cd5a96a873328888c8f7fbeabd778d&pl_settings%5Bprize%5D=cash-500-usd&o_settings%5Bprize%5D=cash-500-usd&pi=106&click_id=eb79633e7c8f84c916ff71afbb536463cb3ab2e8c0933e178fecf1c3517a0684&co=1&noback=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 02 Nov 2022 07:09:21 GMT
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
142
Content-Type
text/html
Date
Wed, 02 Nov 2022 07:09:20 GMT
Location
https://track.gositego.live/click?pid=3664&offer_id=17742&sub1=Yn6zPkbWZ2cyOG70bS9biSM1gSnMPASH&sub2=v66R
Server
nginx
GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921
ti-files.org/ 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ti-files.org/GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=&s1=3664_v66R&s3=636217a1028bcf00013f7130
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.72.236.34 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Wed, 02 Nov 2022 07:09:21 GMT
Server
nginx
Transfer-Encoding
chunked
Primary Request list.php
adzshield.net/
Redirect Chain
  • https://update4soft.coolmethod2update.life/hiuo?ftri=0AIrOBilNj0CeD22beTg5hxQJSTaJJDv3IhCwe78kgc.&sid=338447&cid=AKEXYmMPKgUA81UCAERFFwASAHOm5sgA
  • https://adzshield.net/list.php?k=aukopWdmobXnet5&lv=55&r=6809&n=mem_m1_EChadshi_allg_16673729617272t48krhbXvp&m=ko
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adzshield.net/list.php?k=aukopWdmobXnet5&lv=55&r=6809&n=mem_m1_EChadshi_allg_16673729617272t48krhbXvp&m=ko
Requested by
Host: ti-files.org
URL: https://ti-files.org/GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=&s1=3664_v66R&s3=636217a1028bcf00013f7130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:b9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18f2f68d4058dc4693e90c9f4a8cd24b74b23d8ffa8e2a98eac3b31c5bb22539

Request headers

Referer
https://ti-files.org/GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=&s1=3664_v66R&s3=636217a1028bcf00013f7130
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
763b0b547db0bbbb-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 02 Nov 2022 07:09:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZ6QqzNFwKwtV28YCYQ9BejvHyHtWwDBQcfwiacgB%2BJfSy7fVyArN8d8CSG9fgzzy5wvk6vpYVwgBySSLqN%2FnmcxLPfTo5JZHG1OsCyaEyY2PEYwBwDZ6xh%2BGIuATaUvExFV7Ay0CcviHm9b"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 02 Nov 2022 07:09:21 GMT
Location
https://adzshield.net/list.php?k=aukopWdmobXnet5&lv=55&r=6809&n=mem_m1_EChadshi_allg_16673729617272t48krhbXvp&m=ko
Server
nginx
Transfer-Encoding
chunked
theme.min.css
adzshield.net/css/ 		285 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adzshield.net/css/theme.min.css
Requested by
Host: adzshield.net
URL: https://adzshield.net/list.php?k=aukopWdmobXnet5&lv=55&r=6809&n=mem_m1_EChadshi_allg_16673729617272t48krhbXvp&m=ko
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:b9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f888aaaa63cc14bf6ab9d7d6b99fd9c5d2b83af0022082b835663e6a7fae3ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adzshield.net/list.php?k=aukopWdmobXnet5&lv=55&r=6809&n=mem_m1_EChadshi_allg_16673729617272t48krhbXvp&m=ko
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 07:09:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Jan 2022 14:40:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1461
etag
W/"61dee878-4757f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYOuBh1QdOtpxvsa%2FAUOxnRoTvxa8ror0O5PUa0T1eLSrl3NcyuOVb0NEJCfgsyoz8kVPxJZCVOhRZRtAdiJyy7io9VhUc2hnKS%2BGaiyRisV2NNxm4jOz8Zz%2BZnjEeoqJgUC5sk4POWkmHVv"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1200
cf-ray
763b0b54ee7ebbbb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
favicon.png
adzshield.net/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adzshield.net/images/favicon.png
Requested by
Host: adzshield.net
URL: https://adzshield.net/list.php?k=aukopWdmobXnet5&lv=55&r=6809&n=mem_m1_EChadshi_allg_16673729617272t48krhbXvp&m=ko
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:b9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
839d79d121a1f9b066a6ce31cc990d914ef9985b5d921bfb25cad77762d05c59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adzshield.net/list.php?k=aukopWdmobXnet5&lv=55&r=6809&n=mem_m1_EChadshi_allg_16673729617272t48krhbXvp&m=ko
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 07:09:22 GMT
cf-cache-status
HIT
last-modified
Wed, 12 Jan 2022 14:40:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1461
etag
"61dee878-21f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQS2cZAVKXJeFasSaiSfDtCTW%2FC8wQGboKWRbLTJ5ADRO66LQ3m2X3fsxZ5Z1zdpwG6LT8Fk3e2A74xmSaGpwZTZ2b9cvmTzIZKC8%2FmYDWhmmz1Sdem0LtwgbkWKN4BSnrfuF%2FITI4XS0R0X"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1200
accept-ranges
bytes
cf-ray
763b0b54ee7fbbbb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8696
email-decode.min.js
adzshield.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adzshield.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: adzshield.net
URL: https://adzshield.net/list.php?k=aukopWdmobXnet5&lv=55&r=6809&n=mem_m1_EChadshi_allg_16673729617272t48krhbXvp&m=ko
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:b9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adzshield.net/list.php?k=aukopWdmobXnet5&lv=55&r=6809&n=mem_m1_EChadshi_allg_16673729617272t48krhbXvp&m=ko
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 07:09:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 28 Oct 2022 14:04:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"635be162-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJV3sdOCov8snMeEjjCjncMtBZMFbh2AEh2t%2Bs3AQDUhiOGTz2sdmr8hhe1qkCdZB7CDoA04UF4aVmHC67z5CATPYXXhvt7y5dXbiGeRzsgtwLPs9%2FEUVWIo8avJIzyopTy8z%2Bu6s88WNPtf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
763b0b54fe93bbbb-FRA
expires
Fri, 04 Nov 2022 07:09:22 GMT
store.png
adzshield.net/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adzshield.net/images/store.png
Requested by
Host: adzshield.net
URL: https://adzshield.net/list.php?k=aukopWdmobXnet5&lv=55&r=6809&n=mem_m1_EChadshi_allg_16673729617272t48krhbXvp&m=ko
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:b9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adzshield.net/list.php?k=aukopWdmobXnet5&lv=55&r=6809&n=mem_m1_EChadshi_allg_16673729617272t48krhbXvp&m=ko
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 07:09:22 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 13 Jan 2022 17:00:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"61e05aa7-d6b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8Ybb6W%2BhPOGNjG5Pl9zdvhnsh90pEHzvFRK1A%2BTeKio8tt4r0CIObW16V5vLSkk0pJin1zZQapO7MwGY%2FZYnc5aABEAE50ZAzQzcoMnIvGfFjNucU64jivVJQezx1HqkYclqilwb2IO5Bnm"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1200
accept-ranges
bytes
cf-ray
763b0b54fe96bbbb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3435
a.php
kd3dq.com/ Frame 7F65 		96 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kd3dq.com/a.php?id=0048&e=VPGCNBK0FG&c=aukopWdmobXnet5&r=ko&cid=mem_m1_EChadshi_allg_16673729617272t48krhbXvp&z=6809&v=1&dr=https%3A%2F%2Fti-files.org%2F&inw=1600&inh=1200
Requested by
Host: adzshield.net
URL: https://adzshield.net/list.php?k=aukopWdmobXnet5&lv=55&r=6809&n=mem_m1_EChadshi_allg_16673729617272t48krhbXvp&m=ko
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5d94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6

Request headers

Referer
https://adzshield.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
763b0b555d949a3f-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 02 Nov 2022 07:09:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqKdHGEIXWA8jLrUeReliuePL7xEQsOxB%2FYCK%2B3gzI5GKva%2FF0KfbZdOiXvuCh6xpw9rA1u8%2FSeImnfFuYV2WJtTNIZZnDi%2FuLl5jAHbggDpQIYmpXy7vnFxTwelYMEM0q%2Fw8Gv9Xic%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| receiveMessage object| landing_iframe function| openNewWindow function| openNewTab function| openSameTab function| listenInstallCompleted function| openInstructions object| windowObjectReference

21 Cookies

Domain/Path Name / Value
6sh234gf64.srtrak.com/ Name: _s
Value: ndus4e000b8m9mf1sv5fpbk26s
.srtrak.com/ Name: sr
Value: 106--3-2011-------https%3A%2F%2Fe218f3ff9.srtrak.com%2Fpromo-tools%2Fdirect-offers%2Fmainstream%2Fsweepstakes%2Fwin500cash%2F
e218f3ff9.srtrak.com/ Name: _s
Value: av2mjuuugncpu2jdf924ugilvp
.1d6cf292bf3.traffic247links.com/ Name: rts-trck
Value: 1
.traffic247links.com/ Name: t-uuid
Value: l9zat5vl3zjgarcnpvok80kcw
.traffic247links.com/ Name: traffic-back
Value: ok
operateadvancedheavilyinfo-file.info/ Name: session
Value: Yn6zPkbWZ2cyOG70bS9biSM1gSnMPASH
track.gositego.live/ Name: afclick
Value: 636217a1028bcf00013f7130
track.gositego.live/ Name: afoffers
Value: {"17742":1667372961}
ti-files.org/ Name: bd_context
Value: mV0L9G438Yfj2aYltCV7zfRmpglUDGXnbO7eMhYtllf2rpslNV4gsAzXq8xWXm2Up82CO9+6zEfnAYb9/KVzNaUWaQ3lhYxV63I7Kmcslr+XrtwR0Fqi2pc4wBkA1RgTD0lp9sua5ZtSYwiJZ2nl2JxByOIGCulyapMwjv38xQ1/cpPyry1fvvsc6e83M3kIAMWqmkTdAf0NppnmjHWhzfD9fH9wUKK+XXXo80shmVwWcURuIam2/8bk1eVxXJX6cQyauXHlMB+zFe1uBoaJpQx8MBvA4tHQlnDThrqfZBxnL1hlN6yL/NXXieRxm4Xc6Jw3BTIwo4ocsNih8jHBZTLo
update4soft.coolmethod2update.life/ Name: channel
Value: m1_EChadshi_allg
update4soft.coolmethod2update.life/ Name: dist_id
Value: 8854
update4soft.coolmethod2update.life/ Name: lp_id
Value: 3388
.adzshield.net/ Name: r
Value: 6809
.kd3dq.com/ Name: c0048
Value: aukopWdmobXnet5
.kd3dq.com/ Name: r0048
Value: ko
.kd3dq.com/ Name: cid0048
Value: mem_m1_EChadshi_allg_16673729617272t48krhbXvp
.kd3dq.com/ Name: z0048
Value: 6809
.kd3dq.com/ Name: v0048aukopWdmobXnet5
Value: %7B%221%22%3A1%7D
.kd3dq.com/ Name: e0048
Value: VPGCNBK0FG
.kd3dq.com/ Name: _asd
Value: 16673729626218910