adzshield.net
Open in
urlscan Pro
2606:4700:3037::ac43:b9b2
Public Scan
Effective URL: https://adzshield.net/list.php?k=aukopWdmobXnet5&lv=55&r=6809&n=mem_m1_EChadshi_allg_16673729617272t48krhbXvp&m=ko
Submission: On November 02 via manual from SG — Scanned from DE
Summary
TLS certificate: Issued by E1 on October 8th 2022. Valid for: 3 months.
This is the only time adzshield.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2a07:5740:400... 2a07:5740:400:13::8 | 44901 (BELCLOUD) (BELCLOUD) | |
3 3 | 91.132.60.212 91.132.60.212 | 44901 (BELCLOUD) (BELCLOUD) | |
1 | 94.237.99.118 94.237.99.118 | 202053 (UPCLOUD) (UPCLOUD) | |
1 | 94.237.103.119 94.237.103.119 | 202053 (UPCLOUD) (UPCLOUD) | |
1 1 | 107.20.106.95 107.20.106.95 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 1 | 3.226.146.143 3.226.146.143 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 34.91.234.242 34.91.234.242 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 | 188.72.236.34 188.72.236.34 | 35415 (WEBZILLA) (WEBZILLA) | |
1 1 | 3.93.59.244 3.93.59.244 | 14618 (AMAZON-AES) (AMAZON-AES) | |
5 | 2606:4700:303... 2606:4700:3037::ac43:b9b2 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3037::6815:5d94 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 6 |
ASN202053 (UPCLOUD, FI)
PTR: 94-237-99-118.de-fra1.upcloud.host
1d6ce8f0ed3.tcompany-offer.com |
ASN202053 (UPCLOUD, FI)
PTR: 94-237-103-119.de-fra1.upcloud.host
1d6cf292bf3.traffic247links.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-106-95.compute-1.amazonaws.com
brko.admobe.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-146-143.compute-1.amazonaws.com
operateadvancedheavilyinfo-file.info |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 242.234.91.34.bc.googleusercontent.com
track.gositego.live |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-59-244.compute-1.amazonaws.com
update4soft.coolmethod2update.life |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
adzshield.net
adzshield.net |
58 KB |
4 |
srtrak.com
4 redirects
6sh234gf64.srtrak.com e218f3ff9.srtrak.com |
1 KB |
1 |
kd3dq.com
kd3dq.com — Cisco Umbrella Rank: 444331 |
1 KB |
1 |
coolmethod2update.life
1 redirects
update4soft.coolmethod2update.life |
563 B |
1 |
ti-files.org
ti-files.org — Cisco Umbrella Rank: 167915 |
8 KB |
1 |
gositego.live
track.gositego.live — Cisco Umbrella Rank: 273695 |
475 B |
1 |
operateadvancedheavilyinfo-file.info
1 redirects
operateadvancedheavilyinfo-file.info |
359 B |
1 |
admobe.com
1 redirects
brko.admobe.com — Cisco Umbrella Rank: 345580 |
344 B |
1 |
traffic247links.com
1d6cf292bf3.traffic247links.com |
1 KB |
1 |
tcompany-offer.com
1d6ce8f0ed3.tcompany-offer.com |
845 B |
10 | 10 |
Domain | Requested by | |
---|---|---|
5 | adzshield.net |
ti-files.org
adzshield.net |
3 | 6sh234gf64.srtrak.com | 3 redirects |
1 | kd3dq.com |
adzshield.net
|
1 | update4soft.coolmethod2update.life | 1 redirects |
1 | ti-files.org | |
1 | track.gositego.live | |
1 | operateadvancedheavilyinfo-file.info | 1 redirects |
1 | brko.admobe.com | 1 redirects |
1 | 1d6cf292bf3.traffic247links.com | |
1 | 1d6ce8f0ed3.tcompany-offer.com | |
1 | e218f3ff9.srtrak.com | 1 redirects |
10 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.privacypolicyonline.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.tcompany-offer.com R3 |
2022-10-14 - 2023-01-12 |
3 months | crt.sh |
*.traffic247links.com R3 |
2022-09-09 - 2022-12-08 |
3 months | crt.sh |
track.gositego.live Sectigo RSA Domain Validation Secure Server CA |
2022-05-31 - 2023-05-28 |
a year | crt.sh |
ti-files.org R3 |
2022-09-22 - 2022-12-21 |
3 months | crt.sh |
*.adzshield.net E1 |
2022-10-08 - 2023-01-06 |
3 months | crt.sh |
*.kd3dq.com E1 |
2022-10-06 - 2023-01-04 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://adzshield.net/list.php?k=aukopWdmobXnet5&lv=55&r=6809&n=mem_m1_EChadshi_allg_16673729617272t48krhbXvp&m=ko
Frame ID: 09CDB141FC7D51AC512EDEB200CB66ED
Requests: 9 HTTP requests in this frame
Frame:
https://kd3dq.com/a.php?id=0048&e=VPGCNBK0FG&c=aukopWdmobXnet5&r=ko&cid=mem_m1_EChadshi_allg_16673729617272t48krhbXvp&z=6809&v=1&dr=https%3A%2F%2Fti-files.org%2F&inw=1600&inh=1200
Frame ID: 7F65FE9580AC166A8599061D91468111
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Adz ShieldPage URL History Show full URLs
-
http://6sh234gf64.srtrak.com/106-706-3-2011?entity=60865
HTTP 301
https://6sh234gf64.srtrak.com/106-706-3-2011?entity=60865 HTTP 301
https://6sh234gf64.srtrak.com/promo.php?id=106&page=706&set=3&link=2011&entity=60865 HTTP 301
https://e218f3ff9.srtrak.com/promo-tools/direct-offers/mainstream/sweepstakes/win500cash/?idev_id=106&set... HTTP 302
https://1d6ce8f0ed3.tcompany-offer.com/?p=5221&plid=1&plid_hmac=8e4ba4d770c032b1b72f66f3beb1a9ac&wid=132902&wid_hma... Page URL
- https://1d6cf292bf3.traffic247links.com/?p=5221&wid=132902&wid_hmac=d0cd5a96a873328888c8f7fbeabd778d&pl_settings%5Bp... Page URL
-
https://brko.admobe.com/gsdagsdag/gsdagasd/?utm_source=1080&utm_campaign=11211032&clck=rkpl7kc9q9bmy...
HTTP 302
https://operateadvancedheavilyinfo-file.info/yqFMnD2msbUfLUB1u6aaOZ31oz7nLrjyWWyn3Kx3Ms4?clck=rkpl7kc9q9bmyrcvwc4cg44gk,1... HTTP 302
https://track.gositego.live/click?pid=3664&offer_id=17742&sub1=Yn6zPkbWZ2cyOG70bS9biSM1gSnMPASH&sub2=v66R Page URL
- https://ti-files.org/GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=&s1=3664_v66R&s3=636217a1028... Page URL
-
https://update4soft.coolmethod2update.life/hiuo?ftri=0AIrOBilNj0CeD22beTg5hxQJSTaJJDv3IhCwe78kgc.&sid=338447&cid=AKEXYm...
HTTP 302
https://adzshield.net/list.php?k=aukopWdmobXnet5&lv=55&r=6809&n=mem_m1_EChadshi_allg_1667372961727... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: "What Are Cookies"
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://6sh234gf64.srtrak.com/106-706-3-2011?entity=60865
HTTP 301
https://6sh234gf64.srtrak.com/106-706-3-2011?entity=60865 HTTP 301
https://6sh234gf64.srtrak.com/promo.php?id=106&page=706&set=3&link=2011&entity=60865 HTTP 301
https://e218f3ff9.srtrak.com/promo-tools/direct-offers/mainstream/sweepstakes/win500cash/?idev_id=106&set=3&link=2011&page=706&clickid=eb79633e7c8f84c916ff71afbb536463cb3ab2e8c0933e178fecf1c3517a0684 HTTP 302
https://1d6ce8f0ed3.tcompany-offer.com/?p=5221&plid=1&plid_hmac=8e4ba4d770c032b1b72f66f3beb1a9ac&wid=132902&wid_hmac=d0cd5a96a873328888c8f7fbeabd778d&pl_settings%5Bprize%5D=cash-500-usd&o_settings%5Bprize%5D=cash-500-usd&pi=106&click_id=eb79633e7c8f84c916ff71afbb536463cb3ab2e8c0933e178fecf1c3517a0684 Page URL
- https://1d6cf292bf3.traffic247links.com/?p=5221&wid=132902&wid_hmac=d0cd5a96a873328888c8f7fbeabd778d&pl_settings%5Bprize%5D=cash-500-usd&o_settings%5Bprize%5D=cash-500-usd&pi=106&click_id=eb79633e7c8f84c916ff71afbb536463cb3ab2e8c0933e178fecf1c3517a0684&co=1&noback=1 Page URL
-
https://brko.admobe.com/gsdagsdag/gsdagasd/?utm_source=1080&utm_campaign=11211032&clck=rkpl7kc9q9bmyrcvwc4cg44gk,16543664,5,5221&sid=5221
HTTP 302
https://operateadvancedheavilyinfo-file.info/yqFMnD2msbUfLUB1u6aaOZ31oz7nLrjyWWyn3Kx3Ms4?clck=rkpl7kc9q9bmyrcvwc4cg44gk,16543664,5,5221&sid=5221 HTTP 302
https://track.gositego.live/click?pid=3664&offer_id=17742&sub1=Yn6zPkbWZ2cyOG70bS9biSM1gSnMPASH&sub2=v66R Page URL
- https://ti-files.org/GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=&s1=3664_v66R&s3=636217a1028bcf00013f7130 Page URL
-
https://update4soft.coolmethod2update.life/hiuo?ftri=0AIrOBilNj0CeD22beTg5hxQJSTaJJDv3IhCwe78kgc.&sid=338447&cid=AKEXYmMPKgUA81UCAERFFwASAHOm5sgA
HTTP 302
https://adzshield.net/list.php?k=aukopWdmobXnet5&lv=55&r=6809&n=mem_m1_EChadshi_allg_16673729617272t48krhbXvp&m=ko Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://6sh234gf64.srtrak.com/106-706-3-2011?entity=60865 HTTP 301
- https://6sh234gf64.srtrak.com/106-706-3-2011?entity=60865 HTTP 301
- https://6sh234gf64.srtrak.com/promo.php?id=106&page=706&set=3&link=2011&entity=60865 HTTP 301
- https://e218f3ff9.srtrak.com/promo-tools/direct-offers/mainstream/sweepstakes/win500cash/?idev_id=106&set=3&link=2011&page=706&clickid=eb79633e7c8f84c916ff71afbb536463cb3ab2e8c0933e178fecf1c3517a0684 HTTP 302
- https://1d6ce8f0ed3.tcompany-offer.com/?p=5221&plid=1&plid_hmac=8e4ba4d770c032b1b72f66f3beb1a9ac&wid=132902&wid_hmac=d0cd5a96a873328888c8f7fbeabd778d&pl_settings%5Bprize%5D=cash-500-usd&o_settings%5Bprize%5D=cash-500-usd&pi=106&click_id=eb79633e7c8f84c916ff71afbb536463cb3ab2e8c0933e178fecf1c3517a0684
- https://brko.admobe.com/gsdagsdag/gsdagasd/?utm_source=1080&utm_campaign=11211032&clck=rkpl7kc9q9bmyrcvwc4cg44gk,16543664,5,5221&sid=5221 HTTP 302
- https://operateadvancedheavilyinfo-file.info/yqFMnD2msbUfLUB1u6aaOZ31oz7nLrjyWWyn3Kx3Ms4?clck=rkpl7kc9q9bmyrcvwc4cg44gk,16543664,5,5221&sid=5221 HTTP 302
- https://track.gositego.live/click?pid=3664&offer_id=17742&sub1=Yn6zPkbWZ2cyOG70bS9biSM1gSnMPASH&sub2=v66R
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
1d6ce8f0ed3.tcompany-offer.com/ Redirect Chain
|
1 KB 845 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
1d6cf292bf3.traffic247links.com/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
click
track.gositego.live/ Redirect Chain
|
248 B 475 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921
ti-files.org/ |
8 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
list.php
adzshield.net/ Redirect Chain
|
16 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.min.css
adzshield.net/css/ |
285 KB 39 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.png
adzshield.net/images/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
adzshield.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
store.png
adzshield.net/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a.php
kd3dq.com/ Frame 7F65 |
96 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| receiveMessage object| landing_iframe function| openNewWindow function| openNewTab function| openSameTab function| listenInstallCompleted function| openInstructions object| windowObjectReference21 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
6sh234gf64.srtrak.com/ | Name: _s Value: ndus4e000b8m9mf1sv5fpbk26s |
|
.srtrak.com/ | Name: sr Value: 106--3-2011-------https%3A%2F%2Fe218f3ff9.srtrak.com%2Fpromo-tools%2Fdirect-offers%2Fmainstream%2Fsweepstakes%2Fwin500cash%2F |
|
e218f3ff9.srtrak.com/ | Name: _s Value: av2mjuuugncpu2jdf924ugilvp |
|
.1d6cf292bf3.traffic247links.com/ | Name: rts-trck Value: 1 |
|
.traffic247links.com/ | Name: t-uuid Value: l9zat5vl3zjgarcnpvok80kcw |
|
.traffic247links.com/ | Name: traffic-back Value: ok |
|
operateadvancedheavilyinfo-file.info/ | Name: session Value: Yn6zPkbWZ2cyOG70bS9biSM1gSnMPASH |
|
track.gositego.live/ | Name: afclick Value: 636217a1028bcf00013f7130 |
|
track.gositego.live/ | Name: afoffers Value: {"17742":1667372961} |
|
ti-files.org/ | Name: bd_context Value: mV0L9G438Yfj2aYltCV7zfRmpglUDGXnbO7eMhYtllf2rpslNV4gsAzXq8xWXm2Up82CO9+6zEfnAYb9/KVzNaUWaQ3lhYxV63I7Kmcslr+XrtwR0Fqi2pc4wBkA1RgTD0lp9sua5ZtSYwiJZ2nl2JxByOIGCulyapMwjv38xQ1/cpPyry1fvvsc6e83M3kIAMWqmkTdAf0NppnmjHWhzfD9fH9wUKK+XXXo80shmVwWcURuIam2/8bk1eVxXJX6cQyauXHlMB+zFe1uBoaJpQx8MBvA4tHQlnDThrqfZBxnL1hlN6yL/NXXieRxm4Xc6Jw3BTIwo4ocsNih8jHBZTLo |
|
update4soft.coolmethod2update.life/ | Name: channel Value: m1_EChadshi_allg |
|
update4soft.coolmethod2update.life/ | Name: dist_id Value: 8854 |
|
update4soft.coolmethod2update.life/ | Name: lp_id Value: 3388 |
|
.adzshield.net/ | Name: r Value: 6809 |
|
.kd3dq.com/ | Name: c0048 Value: aukopWdmobXnet5 |
|
.kd3dq.com/ | Name: r0048 Value: ko |
|
.kd3dq.com/ | Name: cid0048 Value: mem_m1_EChadshi_allg_16673729617272t48krhbXvp |
|
.kd3dq.com/ | Name: z0048 Value: 6809 |
|
.kd3dq.com/ | Name: v0048aukopWdmobXnet5 Value: %7B%221%22%3A1%7D |
|
.kd3dq.com/ | Name: e0048 Value: VPGCNBK0FG |
|
.kd3dq.com/ | Name: _asd Value: 16673729626218910 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1d6ce8f0ed3.tcompany-offer.com
1d6cf292bf3.traffic247links.com
6sh234gf64.srtrak.com
adzshield.net
brko.admobe.com
e218f3ff9.srtrak.com
kd3dq.com
operateadvancedheavilyinfo-file.info
ti-files.org
track.gositego.live
update4soft.coolmethod2update.life
107.20.106.95
188.72.236.34
2606:4700:3037::6815:5d94
2606:4700:3037::ac43:b9b2
2a07:5740:400:13::8
3.226.146.143
3.93.59.244
34.91.234.242
91.132.60.212
94.237.103.119
94.237.99.118
18f2f68d4058dc4693e90c9f4a8cd24b74b23d8ffa8e2a98eac3b31c5bb22539
1f888aaaa63cc14bf6ab9d7d6b99fd9c5d2b83af0022082b835663e6a7fae3ff
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f
582fb8393ce4b6d11c4979937798ff97b3aa8f9b1b003d3e8eae0b68f7b048b5
839d79d121a1f9b066a6ce31cc990d914ef9985b5d921bfb25cad77762d05c59
8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6