newadslab.com Open in urlscan Pro
2606:4700:3037::ac43:8142 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://enature.us/
Effective URL:
https://newadslab.com/wETu1k4URe_cDF_uPIKOpMOjjcYnu65pLb8SnrHETz0/?cid=89610581238&sid=444113322&s=0.0076
Submission: On November 11 via manual (November 11th 2022, 7:16:05 am UTC) from IN — Scanned from US

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3037::ac43:8142, located in United States and belongs to CLOUDFLARENET, US. The main domain is newadslab.com.
TLS certificate: Issued by E1 on September 27th 2022. Valid for: 3 months.

This is the only time newadslab.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	103.224.212.220 103.224.212.220	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 2	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 2	108.168.193.189 108.168.193.189	36351 (SOFTLAYER) (SOFTLAYER)
1	108.168.193.184 108.168.193.184	36351 (SOFTLAYER) (SOFTLAYER)
1	2606:4700:303... 2606:4700:3037::ac43:8142	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.21.21.106 104.21.21.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::681a:6e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	8

3 103.224.212.220 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-212-220.above.com

enature.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.224.182.206 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

0redire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.168.193.189 (Dallas, United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: bd.c1.a86c.ip4.static.sl-reverse.com

mybettermb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p249699.mybettermb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.168.193.184 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.c1.a86c.ip4.static.sl-reverse.com

clkdeals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8142 (United States)

ASN13335 (CLOUDFLARENET, US)

newadslab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.21.106 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

feed.cn-rtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.cn-rtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:6e4 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	ocmhood.com cdn.ocmhood.com — Cisco Umbrella Rank: 25517 t.ocmhood.com — Cisco Umbrella Rank: 9325	12 KB
3	enature.us 1 redirects enature.us	8 KB
2	cn-rtb.com feed.cn-rtb.com — Cisco Umbrella Rank: 95799 t.cn-rtb.com — Cisco Umbrella Rank: 117226	860 B
2	mybettermb.com 1 redirects mybettermb.com — Cisco Umbrella Rank: 61331 p249699.mybettermb.com	1 KB
2	0redire.com 1 redirects 0redire.com	2 KB
1	newadslab.com newadslab.com	53 KB
1	clkdeals.com clkdeals.com — Cisco Umbrella Rank: 197839	197 B
11	7

	Domain	Requested by
3	enature.us	1 redirects enature.us
2	t.ocmhood.com	cdn.ocmhood.com
2	0redire.com	1 redirects enature.us
1	t.cn-rtb.com	newadslab.com
1	cdn.ocmhood.com	newadslab.com
1	feed.cn-rtb.com	newadslab.com
1	newadslab.com	p249699.mybettermb.com
1	clkdeals.com	p249699.mybettermb.com
1	p249699.mybettermb.com	0redire.com
1	mybettermb.com	1 redirects
11	10

This site contains no links.

Subject Issuer	Validity	Valid
texasland.us R3	`2022-11-10` - `2023-02-08`	3 months	crt.sh
*.mybettermb.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-02` - `2023-11-02`	a year	crt.sh
www.clkdeals.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-16` - `2022-12-29`	a year	crt.sh
*.newadslab.com E1	`2022-09-27` - `2022-12-26`	3 months	crt.sh
*.cn-rtb.com E1	`2022-10-27` - `2023-01-25`	3 months	crt.sh
ocmhood.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://newadslab.com/wETu1k4URe_cDF_uPIKOpMOjjcYnu65pLb8SnrHETz0/?cid=89610581238&sid=444113322&s=0.0076
Frame ID: 5C7BF53C7B53AD654BEFC2D26ACA7EF7
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Click Allow

Page URL History Show full URLs

http://enature.us/ HTTP 302
https://enature.us/ Page URL
http://0redire.com/jr.php?gz=f7TctcY5hLjX4Eps23rwAn49fk85R2dBL0IzdzBwY2hQWXlaanRYOFdRdndBV0tUM1... HTTP 302
http://0redire.com/jr.php?gz=f7TctcY5hLjX4Eps23rwAn49fk85R2dBL0IzdzBwY2hQWXlaanRYOFdRdndBV0tUM1... Page URL
https://mybettermb.com/aS/sfclick?u=e5e84d56-4e88-4db1-b1c4-e5a57c02c347 HTTP 302
https://p249699.mybettermb.com/adServe/domainClick?ai=4uLj5WgHRR_Wo-yxIdkd5lwI3Ewq2LFE1umMKbsl2CJ0vi-9niZUy... Page URL
https://newadslab.com/wETu1k4URe_cDF_uPIKOpMOjjcYnu65pLb8SnrHETz0/?cid=89610581238&sid=444113322&s... Page URL

Detected technologies

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Page Statistics

11
Requests

91 %
HTTPS

29 %
IPv6

7
Domains

10
Subdomains

8
IPs

3
Countries

75 kB
Transfer

177 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://enature.us/ HTTP 302
https://enature.us/ Page URL
http://0redire.com/jr.php?gz=f7TctcY5hLjX4Eps23rwAn49fk85R2dBL0IzdzBwY2hQWXlaanRYOFdRdndBV0tUM1kyV0hLdzNkamF5UTVpZCtDR2J6R0RKSUVnalhUSWlBMzFOcS9wa2s1Y2tmQS9FaWRxN2RaQWJOU2tHa09WSVVneFlGcXIyVG4rNlpXN2pla01ib0piUnJBVFVsYU1sRjZRT0hlR0RjWGtiR095L2dza1AzYkJseExhWTBGSXdhd00rbWFzeUV0UHdjem5BeGJwaTRlczFtR1VMWkFUSFNXalVUKzNKWEF0ODRWUTVDNWtneVEwLytycjhDT1UxWDA5UmcrRkFxdlgwYlRYenZ4S0VvRWdORmo1TWpUWjZubTM4czdndXlOTHFnbWgrUHlwSi9XVVM4UkRGOWhNSFNaQlJDYUErWTA5VUtqZ2dXWk5yQ05NL2cyY2g3OHFqMFdvd055RldwNVl2Q01PK2NTRWpJaHo5RXdhaFA2TWFmS1lreXlrSkdqT0VhUDZuaVNYeVBLQ3dNTjFweXdlZGRVWHRTSDdGYUozZmx1c0FPMDRBcE9MREJaeU85NDFvM3Q1ZmgrQjF1NzNDNU5ERFBnUVlFZUVTQUFMSG5BYlJNaDFLVUlXejhkSmhHSCtiU0hnYmxyT1hidFdVNVpsaEVXYUZTdDZ1dzMvaEY2SjZjbEZtbitVRWhFTU1YVjYwNUZZbkNRbVZVMGtxZHFDRjlLOStyTll4Z0ZTcFhVYzBKZ2wxbmJTQjZJVCtKQm1lSFNPMCt6NDFwK0Z6NnlTejBlbU51eGQ2dElxeHJ6RndtUEMvbUJlV295SXY2d0V3TlFqNzd1UmpRMEJXK1YyNzBCSUh0K1BkdkQ5WVVsc0JjZzFuZVVrdjN1Q0hEeDljMWpFblhHRnhFSXpXZjZtenhoaDNjbTN0bHFTeDBvOE5zMzhMTUU2b2ZHVnFOSWRXOCs5MXhuQnJDblEyejFjTDFYVnFtYXJOdz09&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res= HTTP 302
http://0redire.com/jr.php?gz=f7TctcY5hLjX4Eps23rwAn49fk85R2dBL0IzdzBwY2hQWXlaanRYOFdRdndBV0tUM1kyV0hLdzNkamF5UTVpZCtDR2J6R0RKSUVnalhUSWlBMzFOcS9wa2s1Y2tmQS9FaWRxN2RaQWJOU2tHa09WSVVneFlGcXIyVG4rNlpXN2pla01ib0piUnJBVFVsYU1sRjZRT0hlR0RjWGtiR095L2dza1AzYkJseExhWTBGSXdhd00rbWFzeUV0UHdjem5BeGJwaTRlczFtR1VMWkFUSFNXalVUKzNKWEF0ODRWUTVDNWtneVEwLytycjhDT1UxWDA5UmcrRkFxdlgwYlRYenZ4S0VvRWdORmo1TWpUWjZubTM4czdndXlOTHFnbWgrUHlwSi9XVVM4UkRGOWhNSFNaQlJDYUErWTA5VUtqZ2dXWk5yQ05NL2cyY2g3OHFqMFdvd055RldwNVl2Q01PK2NTRWpJaHo5RXdhaFA2TWFmS1lreXlrSkdqT0VhUDZuaVNYeVBLQ3dNTjFweXdlZGRVWHRTSDdGYUozZmx1c0FPMDRBcE9MREJaeU85NDFvM3Q1ZmgrQjF1NzNDNU5ERFBnUVlFZUVTQUFMSG5BYlJNaDFLVUlXejhkSmhHSCtiU0hnYmxyT1hidFdVNVpsaEVXYUZTdDZ1dzMvaEY2SjZjbEZtbitVRWhFTU1YVjYwNUZZbkNRbVZVMGtxZHFDRjlLOStyTll4Z0ZTcFhVYzBKZ2wxbmJTQjZJVCtKQm1lSFNPMCt6NDFwK0Z6NnlTejBlbU51eGQ2dElxeHJ6RndtUEMvbUJlV295SXY2d0V3TlFqNzd1UmpRMEJXK1YyNzBCSUh0K1BkdkQ5WVVsc0JjZzFuZVVrdjN1Q0hEeDljMWpFblhHRnhFSXpXZjZtenhoaDNjbTN0bHFTeDBvOE5zMzhMTUU2b2ZHVnFOSWRXOCs5MXhuQnJDblEyejFjTDFYVnFtYXJOdz09&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1668150960.8789188 Page URL
https://mybettermb.com/aS/sfclick?u=e5e84d56-4e88-4db1-b1c4-e5a57c02c347 HTTP 302
https://p249699.mybettermb.com/adServe/domainClick?ai=4uLj5WgHRR_Wo-yxIdkd5lwI3Ewq2LFE1umMKbsl2CJ0vi-9niZUyUmqB9w5RtdUdRePfirJtYMCozyvMhv4-LlU-hBqlV3wbM7TR-A6o2LlBNN73mi1m7emaxu4NctCN2aRlCqoFtTAkcubCupzN-ThLBWJMWW1saIc1RVJd0DrqNKnLYX0tYA-G3Pa-oPLjGdluVnwgAlbaMHjMW5FMVZ1q7sg30V1X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtp-eXJNXopazVo64vPAXoOmaJ1nv1bZfRrRSwvKTC7FAOUVA7kenMPKD39z6XTitIjTp7choiS1BOV50hu92FDi-mlknkRKkR&ui=ULvdn1uz3febt1xI3YONt_bWwvziNp_1xLgNeF8Zj-gVK3xsz8F8dId4TKMYh2cvqUfpWXpE4JIXRXD3BInR-DkzEwdUmTZzO-z40LwkniwimXzMmDpiag&si=1&oref=dc91583eac8a1584571c6a62171b70b0&optunit=iXU5FnpLhkPGiG2EOYzfcA&rb=qAhRA1HnC64&rr=1&abtg=0 Page URL
https://newadslab.com/wETu1k4URe_cDF_uPIKOpMOjjcYnu65pLb8SnrHETz0/?cid=89610581238&sid=444113322&s=0.0076 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://enature.us/ HTTP 302
https://enature.us/

Request Chain 2

http://0redire.com/jr.php?gz=f7TctcY5hLjX4Eps23rwAn49fk85R2dBL0IzdzBwY2hQWXlaanRYOFdRdndBV0tUM1kyV0hLdzNkamF5UTVpZCtDR2J6R0RKSUVnalhUSWlBMzFOcS9wa2s1Y2tmQS9FaWRxN2RaQWJOU2tHa09WSVVneFlGcXIyVG4rNlpXN2pla01ib0piUnJBVFVsYU1sRjZRT0hlR0RjWGtiR095L2dza1AzYkJseExhWTBGSXdhd00rbWFzeUV0UHdjem5BeGJwaTRlczFtR1VMWkFUSFNXalVUKzNKWEF0ODRWUTVDNWtneVEwLytycjhDT1UxWDA5UmcrRkFxdlgwYlRYenZ4S0VvRWdORmo1TWpUWjZubTM4czdndXlOTHFnbWgrUHlwSi9XVVM4UkRGOWhNSFNaQlJDYUErWTA5VUtqZ2dXWk5yQ05NL2cyY2g3OHFqMFdvd055RldwNVl2Q01PK2NTRWpJaHo5RXdhaFA2TWFmS1lreXlrSkdqT0VhUDZuaVNYeVBLQ3dNTjFweXdlZGRVWHRTSDdGYUozZmx1c0FPMDRBcE9MREJaeU85NDFvM3Q1ZmgrQjF1NzNDNU5ERFBnUVlFZUVTQUFMSG5BYlJNaDFLVUlXejhkSmhHSCtiU0hnYmxyT1hidFdVNVpsaEVXYUZTdDZ1dzMvaEY2SjZjbEZtbitVRWhFTU1YVjYwNUZZbkNRbVZVMGtxZHFDRjlLOStyTll4Z0ZTcFhVYzBKZ2wxbmJTQjZJVCtKQm1lSFNPMCt6NDFwK0Z6NnlTejBlbU51eGQ2dElxeHJ6RndtUEMvbUJlV295SXY2d0V3TlFqNzd1UmpRMEJXK1YyNzBCSUh0K1BkdkQ5WVVsc0JjZzFuZVVrdjN1Q0hEeDljMWpFblhHRnhFSXpXZjZtenhoaDNjbTN0bHFTeDBvOE5zMzhMTUU2b2ZHVnFOSWRXOCs5MXhuQnJDblEyejFjTDFYVnFtYXJOdz09&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res= HTTP 302
http://0redire.com/jr.php?gz=f7TctcY5hLjX4Eps23rwAn49fk85R2dBL0IzdzBwY2hQWXlaanRYOFdRdndBV0tUM1kyV0hLdzNkamF5UTVpZCtDR2J6R0RKSUVnalhUSWlBMzFOcS9wa2s1Y2tmQS9FaWRxN2RaQWJOU2tHa09WSVVneFlGcXIyVG4rNlpXN2pla01ib0piUnJBVFVsYU1sRjZRT0hlR0RjWGtiR095L2dza1AzYkJseExhWTBGSXdhd00rbWFzeUV0UHdjem5BeGJwaTRlczFtR1VMWkFUSFNXalVUKzNKWEF0ODRWUTVDNWtneVEwLytycjhDT1UxWDA5UmcrRkFxdlgwYlRYenZ4S0VvRWdORmo1TWpUWjZubTM4czdndXlOTHFnbWgrUHlwSi9XVVM4UkRGOWhNSFNaQlJDYUErWTA5VUtqZ2dXWk5yQ05NL2cyY2g3OHFqMFdvd055RldwNVl2Q01PK2NTRWpJaHo5RXdhaFA2TWFmS1lreXlrSkdqT0VhUDZuaVNYeVBLQ3dNTjFweXdlZGRVWHRTSDdGYUozZmx1c0FPMDRBcE9MREJaeU85NDFvM3Q1ZmgrQjF1NzNDNU5ERFBnUVlFZUVTQUFMSG5BYlJNaDFLVUlXejhkSmhHSCtiU0hnYmxyT1hidFdVNVpsaEVXYUZTdDZ1dzMvaEY2SjZjbEZtbitVRWhFTU1YVjYwNUZZbkNRbVZVMGtxZHFDRjlLOStyTll4Z0ZTcFhVYzBKZ2wxbmJTQjZJVCtKQm1lSFNPMCt6NDFwK0Z6NnlTejBlbU51eGQ2dElxeHJ6RndtUEMvbUJlV295SXY2d0V3TlFqNzd1UmpRMEJXK1YyNzBCSUh0K1BkdkQ5WVVsc0JjZzFuZVVrdjN1Q0hEeDljMWpFblhHRnhFSXpXZjZtenhoaDNjbTN0bHFTeDBvOE5zMzhMTUU2b2ZHVnFOSWRXOCs5MXhuQnJDblEyejFjTDFYVnFtYXJOdz09&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1668150960.8789188

Request Chain 3

https://mybettermb.com/aS/sfclick?u=e5e84d56-4e88-4db1-b1c4-e5a57c02c347 HTTP 302
https://p249699.mybettermb.com/adServe/domainClick?ai=4uLj5WgHRR_Wo-yxIdkd5lwI3Ewq2LFE1umMKbsl2CJ0vi-9niZUyUmqB9w5RtdUdRePfirJtYMCozyvMhv4-LlU-hBqlV3wbM7TR-A6o2LlBNN73mi1m7emaxu4NctCN2aRlCqoFtTAkcubCupzN-ThLBWJMWW1saIc1RVJd0DrqNKnLYX0tYA-G3Pa-oPLjGdluVnwgAlbaMHjMW5FMVZ1q7sg30V1X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtp-eXJNXopazVo64vPAXoOmaJ1nv1bZfRrRSwvKTC7FAOUVA7kenMPKD39z6XTitIjTp7choiS1BOV50hu92FDi-mlknkRKkR&ui=ULvdn1uz3febt1xI3YONt_bWwvziNp_1xLgNeF8Zj-gVK3xsz8F8dId4TKMYh2cvqUfpWXpE4JIXRXD3BInR-DkzEwdUmTZzO-z40LwkniwimXzMmDpiag&si=1&oref=dc91583eac8a1584571c6a62171b70b0&optunit=iXU5FnpLhkPGiG2EOYzfcA&rb=qAhRA1HnC64&rr=1&abtg=0

11 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response enature.us/ Redirect Chain http://enature.us/ https://enature.us/	7 KB 3 KB	923ms 689ms	Document text/html	103.224.212.220 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://enature.us/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 103.224.212.220 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS lb-212-220.above.com Software Apache/2.4.38 (Debian) / Resource Hash `e3cf9db8d5e508468671b4c3dc87083f16cb6f8df2aae79ac6d9c1a9930cc232` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection close Content-Encoding gzip Content-Length 3191 Content-Type text/html; charset=UTF-8 Date Fri, 11 Nov 2022 07:15:59 GMT Server Apache/2.4.38 (Debian) Vary Accept-Encoding Redirect headers Connection close Content-Length 0 Content-Type text/html; charset=UTF-8 Date Fri, 11 Nov 2022 07:15:59 GMT Location https://enature.us/ Server Apache/2.4.38 (Debian)
GET H/1.1	200 OK	swfobject.js Show response enature.us/js/	10 KB 4 KB	224ms 76ms	Script application/javascript	103.224.212.220 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://enature.us/js/swfobject.js Requested by Host: enature.us URL: https://enature.us/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 103.224.212.220 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS lb-212-220.above.com Software Apache/2.4.38 (Debian) / Resource Hash `a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed` Request headers accept-language en-US,en;q=0.9 Referer https://enature.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Fri, 11 Nov 2022 07:16:00 GMT Content-Encoding gzip Last-Modified Thu, 18 Aug 2022 00:50:56 GMT Server Apache/2.4.38 (Debian) ETag "27ef-5e6795fc91c00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 3949
GET H/1.1	200 OK	jr.php 0redire.com/ Redirect Chain http://0redire.com/jr.php?gz=f7TctcY5hLjX4Eps23rwAn49fk85R2dBL0IzdzBwY2hQWXlaanRYOFdRdndBV0tUM1kyV0hLdzNkamF5UTVpZCtDR2J6R0RKSUVnalhUSWlBMzFOcS9wa2s1Y2tmQS9FaWRxN2RaQWJOU2tHa09WSVVneFlGcXIyVG4rNlpX... http://0redire.com/jr.php?gz=f7TctcY5hLjX4Eps23rwAn49fk85R2dBL0IzdzBwY2hQWXlaanRYOFdRdndBV0tUM1kyV0hLdzNkamF5UTVpZCtDR2J6R0RKSUVnalhUSWlBMzFOcS9wa2s1Y2tmQS9FaWRxN2RaQWJOU2tHa09WSVVneFlGcXIyVG4rNlpX...	366 B 466 B	152ms 79ms	Document text/html	103.224.182.206 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL http://0redire.com/jr.php?gz=f7TctcY5hLjX4Eps23rwAn49fk85R2dBL0IzdzBwY2hQWXlaanRYOFdRdndBV0tUM1kyV0hLdzNkamF5UTVpZCtDR2J6R0RKSUVnalhUSWlBMzFOcS9wa2s1Y2tmQS9FaWRxN2RaQWJOU2tHa09WSVVneFlGcXIyVG4rNlpXN2pla01ib0piUnJBVFVsYU1sRjZRT0hlR0RjWGtiR095L2dza1AzYkJseExhWTBGSXdhd00rbWFzeUV0UHdjem5BeGJwaTRlczFtR1VMWkFUSFNXalVUKzNKWEF0ODRWUTVDNWtneVEwLytycjhDT1UxWDA5UmcrRkFxdlgwYlRYenZ4S0VvRWdORmo1TWpUWjZubTM4czdndXlOTHFnbWgrUHlwSi9XVVM4UkRGOWhNSFNaQlJDYUErWTA5VUtqZ2dXWk5yQ05NL2cyY2g3OHFqMFdvd055RldwNVl2Q01PK2NTRWpJaHo5RXdhaFA2TWFmS1lreXlrSkdqT0VhUDZuaVNYeVBLQ3dNTjFweXdlZGRVWHRTSDdGYUozZmx1c0FPMDRBcE9MREJaeU85NDFvM3Q1ZmgrQjF1NzNDNU5ERFBnUVlFZUVTQUFMSG5BYlJNaDFLVUlXejhkSmhHSCtiU0hnYmxyT1hidFdVNVpsaEVXYUZTdDZ1dzMvaEY2SjZjbEZtbitVRWhFTU1YVjYwNUZZbkNRbVZVMGtxZHFDRjlLOStyTll4Z0ZTcFhVYzBKZ2wxbmJTQjZJVCtKQm1lSFNPMCt6NDFwK0Z6NnlTejBlbU51eGQ2dElxeHJ6RndtUEMvbUJlV295SXY2d0V3TlFqNzd1UmpRMEJXK1YyNzBCSUh0K1BkdkQ5WVVsc0JjZzFuZVVrdjN1Q0hEeDljMWpFblhHRnhFSXpXZjZtenhoaDNjbTN0bHFTeDBvOE5zMzhMTUU2b2ZHVnFOSWRXOCs5MXhuQnJDblEyejFjTDFYVnFtYXJOdz09&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1668150960.8789188 Requested by Host: enature.us URL: https://enature.us/ Protocol HTTP/1.1 Server 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS bidr.trellian.com Software Apache/2.4.38 (Debian) / Resource Hash Request headers Referer https://enature.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection close Content-Encoding gzip Content-Length 237 Content-Type text/html; charset=UTF-8 Date Fri, 11 Nov 2022 07:16:01 GMT Server Apache/2.4.38 (Debian) Vary Accept-Encoding X-JR-Code s Redirect headers Connection close Content-Length 0 Content-Type text/html; charset=UTF-8 Date Fri, 11 Nov 2022 07:16:00 GMT Location jr.php?gz=f7TctcY5hLjX4Eps23rwAn49fk85R2dBL0IzdzBwY2hQWXlaanRYOFdRdndBV0tUM1kyV0hLdzNkamF5UTVpZCtDR2J6R0RKSUVnalhUSWlBMzFOcS9wa2s1Y2tmQS9FaWRxN2RaQWJOU2tHa09WSVVneFlGcXIyVG4rNlpXN2pla01ib0piUnJBVFVsYU1sRjZRT0hlR0RjWGtiR095L2dza1AzYkJseExhWTBGSXdhd00rbWFzeUV0UHdjem5BeGJwaTRlczFtR1VMWkFUSFNXalVUKzNKWEF0ODRWUTVDNWtneVEwLytycjhDT1UxWDA5UmcrRkFxdlgwYlRYenZ4S0VvRWdORmo1TWpUWjZubTM4czdndXlOTHFnbWgrUHlwSi9XVVM4UkRGOWhNSFNaQlJDYUErWTA5VUtqZ2dXWk5yQ05NL2cyY2g3OHFqMFdvd055RldwNVl2Q01PK2NTRWpJaHo5RXdhaFA2TWFmS1lreXlrSkdqT0VhUDZuaVNYeVBLQ3dNTjFweXdlZGRVWHRTSDdGYUozZmx1c0FPMDRBcE9MREJaeU85NDFvM3Q1ZmgrQjF1NzNDNU5ERFBnUVlFZUVTQUFMSG5BYlJNaDFLVUlXejhkSmhHSCtiU0hnYmxyT1hidFdVNVpsaEVXYUZTdDZ1dzMvaEY2SjZjbEZtbitVRWhFTU1YVjYwNUZZbkNRbVZVMGtxZHFDRjlLOStyTll4Z0ZTcFhVYzBKZ2wxbmJTQjZJVCtKQm1lSFNPMCt6NDFwK0Z6NnlTejBlbU51eGQ2dElxeHJ6RndtUEMvbUJlV295SXY2d0V3TlFqNzd1UmpRMEJXK1YyNzBCSUh0K1BkdkQ5WVVsc0JjZzFuZVVrdjN1Q0hEeDljMWpFblhHRnhFSXpXZjZtenhoaDNjbTN0bHFTeDBvOE5zMzhMTUU2b2ZHVnFOSWRXOCs5MXhuQnJDblEyejFjTDFYVnFtYXJOdz09&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1668150960.8789188 Server Apache/2.4.38 (Debian) X-JR-Code cr
GET H2	200	domainClick Show response p249699.mybettermb.com/adServe/ Redirect Chain https://mybettermb.com/aS/sfclick?u=e5e84d56-4e88-4db1-b1c4-e5a57c02c347 https://p249699.mybettermb.com/adServe/domainClick?ai=4uLj5WgHRR_Wo-yxIdkd5lwI3Ewq2LFE1umMKbsl2CJ0vi-9niZUyUmqB9w5RtdUdRePfirJtYMCozyvMhv4-LlU-hBqlV3wbM7TR-A6o2LlBNN73mi1m7emaxu4NctCN2aRlCqoFtTAkcu...	667 B 745 B	74ms 69ms	Document text/html	108.168.193.189 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://p249699.mybettermb.com/adServe/domainClick?ai=4uLj5WgHRR_Wo-yxIdkd5lwI3Ewq2LFE1umMKbsl2CJ0vi-9niZUyUmqB9w5RtdUdRePfirJtYMCozyvMhv4-LlU-hBqlV3wbM7TR-A6o2LlBNN73mi1m7emaxu4NctCN2aRlCqoFtTAkcubCupzN-ThLBWJMWW1saIc1RVJd0DrqNKnLYX0tYA-G3Pa-oPLjGdluVnwgAlbaMHjMW5FMVZ1q7sg30V1X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtp-eXJNXopazVo64vPAXoOmaJ1nv1bZfRrRSwvKTC7FAOUVA7kenMPKD39z6XTitIjTp7choiS1BOV50hu92FDi-mlknkRKkR&ui=ULvdn1uz3febt1xI3YONt_bWwvziNp_1xLgNeF8Zj-gVK3xsz8F8dId4TKMYh2cvqUfpWXpE4JIXRXD3BInR-DkzEwdUmTZzO-z40LwkniwimXzMmDpiag&si=1&oref=dc91583eac8a1584571c6a62171b70b0&optunit=iXU5FnpLhkPGiG2EOYzfcA&rb=qAhRA1HnC64&rr=1&abtg=0 Requested by Host: 0redire.com URL: http://0redire.com/jr.php?gz=f7TctcY5hLjX4Eps23rwAn49fk85R2dBL0IzdzBwY2hQWXlaanRYOFdRdndBV0tUM1kyV0hLdzNkamF5UTVpZCtDR2J6R0RKSUVnalhUSWlBMzFOcS9wa2s1Y2tmQS9FaWRxN2RaQWJOU2tHa09WSVVneFlGcXIyVG4rNlpXN2pla01ib0piUnJBVFVsYU1sRjZRT0hlR0RjWGtiR095L2dza1AzYkJseExhWTBGSXdhd00rbWFzeUV0UHdjem5BeGJwaTRlczFtR1VMWkFUSFNXalVUKzNKWEF0ODRWUTVDNWtneVEwLytycjhDT1UxWDA5UmcrRkFxdlgwYlRYenZ4S0VvRWdORmo1TWpUWjZubTM4czdndXlOTHFnbWgrUHlwSi9XVVM4UkRGOWhNSFNaQlJDYUErWTA5VUtqZ2dXWk5yQ05NL2cyY2g3OHFqMFdvd055RldwNVl2Q01PK2NTRWpJaHo5RXdhaFA2TWFmS1lreXlrSkdqT0VhUDZuaVNYeVBLQ3dNTjFweXdlZGRVWHRTSDdGYUozZmx1c0FPMDRBcE9MREJaeU85NDFvM3Q1ZmgrQjF1NzNDNU5ERFBnUVlFZUVTQUFMSG5BYlJNaDFLVUlXejhkSmhHSCtiU0hnYmxyT1hidFdVNVpsaEVXYUZTdDZ1dzMvaEY2SjZjbEZtbitVRWhFTU1YVjYwNUZZbkNRbVZVMGtxZHFDRjlLOStyTll4Z0ZTcFhVYzBKZ2wxbmJTQjZJVCtKQm1lSFNPMCt6NDFwK0Z6NnlTejBlbU51eGQ2dElxeHJ6RndtUEMvbUJlV295SXY2d0V3TlFqNzd1UmpRMEJXK1YyNzBCSUh0K1BkdkQ5WVVsc0JjZzFuZVVrdjN1Q0hEeDljMWpFblhHRnhFSXpXZjZtenhoaDNjbTN0bHFTeDBvOE5zMzhMTUU2b2ZHVnFOSWRXOCs5MXhuQnJDblEyejFjTDFYVnFtYXJOdz09&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1668150960.8789188 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER, US), Reverse DNS bd.c1.a86c.ip4.static.sl-reverse.com Software nginx / Resource Hash `c1a111fd7d6cb4492b8971322f2fa728266c992a4c643e042c78d709c570362c` Request headers Referer http://0redire.com/jr.php?gz=f7TctcY5hLjX4Eps23rwAn49fk85R2dBL0IzdzBwY2hQWXlaanRYOFdRdndBV0tUM1kyV0hLdzNkamF5UTVpZCtDR2J6R0RKSUVnalhUSWlBMzFOcS9wa2s1Y2tmQS9FaWRxN2RaQWJOU2tHa09WSVVneFlGcXIyVG4rNlpXN2pla01ib0piUnJBVFVsYU1sRjZRT0hlR0RjWGtiR095L2dza1AzYkJseExhWTBGSXdhd00rbWFzeUV0UHdjem5BeGJwaTRlczFtR1VMWkFUSFNXalVUKzNKWEF0ODRWUTVDNWtneVEwLytycjhDT1UxWDA5UmcrRkFxdlgwYlRYenZ4S0VvRWdORmo1TWpUWjZubTM4czdndXlOTHFnbWgrUHlwSi9XVVM4UkRGOWhNSFNaQlJDYUErWTA5VUtqZ2dXWk5yQ05NL2cyY2g3OHFqMFdvd055RldwNVl2Q01PK2NTRWpJaHo5RXdhaFA2TWFmS1lreXlrSkdqT0VhUDZuaVNYeVBLQ3dNTjFweXdlZGRVWHRTSDdGYUozZmx1c0FPMDRBcE9MREJaeU85NDFvM3Q1ZmgrQjF1NzNDNU5ERFBnUVlFZUVTQUFMSG5BYlJNaDFLVUlXejhkSmhHSCtiU0hnYmxyT1hidFdVNVpsaEVXYUZTdDZ1dzMvaEY2SjZjbEZtbitVRWhFTU1YVjYwNUZZbkNRbVZVMGtxZHFDRjlLOStyTll4Z0ZTcFhVYzBKZ2wxbmJTQjZJVCtKQm1lSFNPMCt6NDFwK0Z6NnlTejBlbU51eGQ2dElxeHJ6RndtUEMvbUJlV295SXY2d0V3TlFqNzd1UmpRMEJXK1YyNzBCSUh0K1BkdkQ5WVVsc0JjZzFuZVVrdjN1Q0hEeDljMWpFblhHRnhFSXpXZjZtenhoaDNjbTN0bHFTeDBvOE5zMzhMTUU2b2ZHVnFOSWRXOCs5MXhuQnJDblEyejFjTDFYVnFtYXJOdz09&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&ckReS=1668150960.8789188 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding gzip content-type text/html;charset=ISO-8859-1 date Fri, 11 Nov 2022 07:16:01 GMT server nginx vary Accept-Encoding Redirect headers content-length 0 date Fri, 11 Nov 2022 07:16:01 GMT location https://p249699.mybettermb.com/adServe/domainClick?ai=4uLj5WgHRR_Wo-yxIdkd5lwI3Ewq2LFE1umMKbsl2CJ0vi-9niZUyUmqB9w5RtdUdRePfirJtYMCozyvMhv4-LlU-hBqlV3wbM7TR-A6o2LlBNN73mi1m7emaxu4NctCN2aRlCqoFtTAkcubCupzN-ThLBWJMWW1saIc1RVJd0DrqNKnLYX0tYA-G3Pa-oPLjGdluVnwgAlbaMHjMW5FMVZ1q7sg30V1X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtp-eXJNXopazVo64vPAXoOmaJ1nv1bZfRrRSwvKTC7FAOUVA7kenMPKD39z6XTitIjTp7choiS1BOV50hu92FDi-mlknkRKkR&ui=ULvdn1uz3febt1xI3YONt_bWwvziNp_1xLgNeF8Zj-gVK3xsz8F8dId4TKMYh2cvqUfpWXpE4JIXRXD3BInR-DkzEwdUmTZzO-z40LwkniwimXzMmDpiag&si=1&oref=dc91583eac8a1584571c6a62171b70b0&optunit=iXU5FnpLhkPGiG2EOYzfcA&rb=qAhRA1HnC64&rr=1&abtg=0 server nginx
GET H2	200	track clkdeals.com/adServe/	49 B 197 B	163ms 57ms	Image image/gif	108.168.193.184 SOFTLAYER
General Check archive.org Show headers Download Go to Show image Full URL https://clkdeals.com/adServe/track?subid=89610581238&prdid=2750&price=0 Requested by Host: p249699.mybettermb.com URL: https://p249699.mybettermb.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.168.193.184 Dallas, United States, ASN36351 (SOFTLAYER, US), Reverse DNS b8.c1.a86c.ip4.static.sl-reverse.com Software nginx / Resource Hash `8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5` Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers pragma no-cache date Fri, 11 Nov 2022 07:16:01 GMT server nginx content-type image/gif access-control-allow-origin * cache-control no-cache content-length 49 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	Primary Request / Show response newadslab.com/wETu1k4URe_cDF_uPIKOpMOjjcYnu65pLb8SnrHETz0/	129 KB 53 KB	94ms 63ms	Document text/html	2606:4700:3037::ac43:8142 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newadslab.com/wETu1k4URe_cDF_uPIKOpMOjjcYnu65pLb8SnrHETz0/?cid=89610581238&sid=444113322&s=0.0076 Requested by Host: p249699.mybettermb.com URL: https://p249699.mybettermb.com/adServe/domainClick?ai=4uLj5WgHRR_Wo-yxIdkd5lwI3Ewq2LFE1umMKbsl2CJ0vi-9niZUyUmqB9w5RtdUdRePfirJtYMCozyvMhv4-LlU-hBqlV3wbM7TR-A6o2LlBNN73mi1m7emaxu4NctCN2aRlCqoFtTAkcubCupzN-ThLBWJMWW1saIc1RVJd0DrqNKnLYX0tYA-G3Pa-oPLjGdluVnwgAlbaMHjMW5FMVZ1q7sg30V1X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtp-eXJNXopazVo64vPAXoOmaJ1nv1bZfRrRSwvKTC7FAOUVA7kenMPKD39z6XTitIjTp7choiS1BOV50hu92FDi-mlknkRKkR&ui=ULvdn1uz3febt1xI3YONt_bWwvziNp_1xLgNeF8Zj-gVK3xsz8F8dId4TKMYh2cvqUfpWXpE4JIXRXD3BInR-DkzEwdUmTZzO-z40LwkniwimXzMmDpiag&si=1&oref=dc91583eac8a1584571c6a62171b70b0&optunit=iXU5FnpLhkPGiG2EOYzfcA&rb=qAhRA1HnC64&rr=1&abtg=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:8142 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ebaa05b39fb42591a9b8ab81322615c5f46f9270c48a03232802d8f60ed73f91` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 76853d759a35c332-EWR content-encoding br content-type text/html date Fri, 11 Nov 2022 07:16:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ms1gfr58UWOC0m5VZ0g6S167GB4jcVflt8GKWB9EW%2B2X4K7MLIPypcznyO35PaZlIdnPD3RYVlErZvPqFIF4kbrgwd%2FGffNdfkBdVzTDDJENZk7xV%2FgDj1OsorHVeIMelVGPSXHCQpPoqsDg"}],"group":"cf-nel","max_age":604800} server cloudflare
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2` Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Type image/png
GET H2	200	AFU1kAAPatM Show response feed.cn-rtb.com/v1/native/	674 B 860 B	696ms 668ms	Fetch application/json	104.21.21.106 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://feed.cn-rtb.com/v1/native/AFU1kAAPatM?subid=56979&uid=77feb6b0-bd5a-4b47-9ea6-7ac1cd2d6a29&kw=download%20install Requested by Host: newadslab.com URL: https://newadslab.com/wETu1k4URe_cDF_uPIKOpMOjjcYnu65pLb8SnrHETz0/?cid=89610581238&sid=444113322&s=0.0076 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.21.106 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c8f06d17fe09d3ab3059f2fa329f2b8e9e1184d3c3b6ebc5db59c7dffcef6ec6` Request headers accept-language en-US,en;q=0.9 Referer https://newadslab.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 11 Nov 2022 07:16:02 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare model report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwdggIQduCf0OcmGrnLlqjho5fYgRkRfAEt4M2jCfn9ZsPtt0Ai%2FVefPZ1CsWb1LTKRUcLbSxM2WiSyneoX4FY5OYMxu5Z2jaPLsL1uwsZRfUHYyABxRfTHvRhXezvDX6z8%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-cache cf-ray 76853d7639e80c99-EWR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	hood.js Show response cdn.ocmhood.com/sdk/	26 KB 11 KB	43ms 13ms	Script application/javascript	2606:4700:20::681a:6e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.ocmhood.com/sdk/hood.js?hf=Hood Requested by Host: newadslab.com URL: https://newadslab.com/wETu1k4URe_cDF_uPIKOpMOjjcYnu65pLb8SnrHETz0/?cid=89610581238&sid=444113322&s=0.0076 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b07204de33c5b1c9791b08b586edd2bef8f56639935ba764705adee5d67b5003` Request headers Referer https://newadslab.com/ Origin https://newadslab.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 11 Nov 2022 07:16:01 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1074 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 service-worker-allowed / last-modified Tue, 08 Nov 2022 13:43:48 GMT server cloudflare etag W/"636a5d14-2a3c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEpjGFsfBzCEmTbq5Q1vUAknbQ9AJxNrVJjNy0Z3DupEFMrG0Q6I0NMn9TelJqMvB%2FvxUFxK8r6kdIo4jLnQLgRYxsIpgdIKJdBNPs%2BD2up8WWChigHv0gaRvx1BEhNCvvf0NkmmHE3O3uqtGQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cf-ray 76853d764f1d3320-EWR
GET DATA	200 OK	truncated /	748 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23` Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Content-Type image/svg+xml
POST H2	201	activity t.ocmhood.com/v2/	0 455 B	40ms 20ms	Ping application/octet-stream	2606:4700:20::681a:6e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.ocmhood.com/v2/activity Requested by Host: cdn.ocmhood.com URL: https://cdn.ocmhood.com/sdk/hood.js?hf=Hood Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://newadslab.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 11 Nov 2022 07:16:01 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iu%2BVBpKy1MEsrJBdmMZSSF8vkxuibLz%2F8E%2FjqiceKiqrIFQ2Wm2nvwL9K2CrliLE3EeUT7phEUMWCkG%2B86fA4EXlUfcBMWSI1jvK13pCz81Fsgo4fA3M349Ug3xOq%2BakL4cnRBrrhCizyUg%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control no-cache cf-ray 76853d768fb9c337-EWR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H2	201	activity t.ocmhood.com/v2/	0 269 B	40ms 21ms	Ping application/octet-stream	2606:4700:20::681a:6e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.ocmhood.com/v2/activity Requested by Host: cdn.ocmhood.com URL: https://cdn.ocmhood.com/sdk/hood.js?hf=Hood Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://newadslab.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 11 Nov 2022 07:16:01 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0ugB8kwl7F4UUmwfTZH72LCUeWcP6P9%2BA0Q0G1Y5jlrhCPcMFP5c20t5BYMyKUaGVLP74ngqcCnPgIBa1J3Upq5hrFNyLyyRonIRRrtq8IKmqG%2FJCTr%2Fg3WtyC%2FwAOAk4Q%2BXeouvRNJNKA%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control no-cache cf-ray 76853d768fbdc337-EWR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	imp t.cn-rtb.com/	0 0	24ms 17ms	Fetch	104.21.21.106 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.cn-rtb.com/imp?l2=VfMddt1Muc3_afyVz3KIZDHrgR1bWHeS4nZT4Ev4sbGrEYbDa8AivwHNjFPbz1XKa1beauQO4lWp83zB_yU9Bd4WFJKGQAh6enDhUWC186PO-tlJ45hFNPBViygzebQFuIiG2HCqMDs6hlLpjmboOKmGZef2UIxG6-W1WcaSNx826AgcqYBNszCJS0J9ALp0 Requested by Host: newadslab.com URL: https://newadslab.com/wETu1k4URe_cDF_uPIKOpMOjjcYnu65pLb8SnrHETz0/?cid=89610581238&sid=444113322&s=0.0076 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.21.106 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://newadslab.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Fri, 11 Nov 2022 07:16:02 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUFQgUjh420%2B%2Fg%2BA1KLR5U3zVhWRWVvQ6%2FPeO0QC9wGzYBcBPMRbdz9wKUfHGN3mH7IgxgAf%2F7kOJoPC0%2FxNS3jq37vlYTd%2BkHJE0MMEwRFLktErPOLDC1kYI2vZqpk%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cache-control no-cache cf-ray 76853d7a7c8b0c99-EWR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
newadslab.com/wETu1k4URe_cDF_uPIKOpMOjjcYnu65pLb8SnrHETz0	1969-12-31 23:59:59	Name: session Value: Ommd3frXwRKxZl15kkscxJa0k3VGGJM6
enature.us/	1970-01-20 16:58:30	Name: __tad Value: 1668150959.2091546
0redire.com/	1970-01-20 16:58:30	Name: __tad Value: 1668150960.8789188
.mybettermb.com/	1970-01-20 11:41:42	Name: rhid Value: 82344576679
.mybettermb.com/	1970-01-20 07:22:34	Name: loi Value: ad_1273735_off_717425_aff_840_cid_249699-12173335_ts_1668150961

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0redire.com
cdn.ocmhood.com
clkdeals.com
enature.us
feed.cn-rtb.com
mybettermb.com
newadslab.com
p249699.mybettermb.com
t.cn-rtb.com
t.ocmhood.com
103.224.182.206
103.224.212.220
104.21.21.106
108.168.193.184
108.168.193.189
2606:4700:20::681a:6e4
2606:4700:3037::ac43:8142
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23
b07204de33c5b1c9791b08b586edd2bef8f56639935ba764705adee5d67b5003
c1a111fd7d6cb4492b8971322f2fa728266c992a4c643e042c78d709c570362c
c8f06d17fe09d3ab3059f2fa329f2b8e9e1184d3c3b6ebc5db59c7dffcef6ec6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cf9db8d5e508468671b4c3dc87083f16cb6f8df2aae79ac6d9c1a9930cc232
ebaa05b39fb42591a9b8ab81322615c5f46f9270c48a03232802d8f60ed73f91
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

newadslab.com Open in urlscan Pro 2606:4700:3037::ac43:8142 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

91 %HTTPS

29 %IPv6

7 Domains

10 Subdomains

8 IPs

3 Countries

75 kBTransfer

177 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

5 Cookies

Indicators

newadslab.com Open in urlscan Pro
2606:4700:3037::ac43:8142 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

29 %
IPv6

7
Domains

10
Subdomains

8
IPs

3
Countries

75 kB
Transfer

177 kB
Size

5
Cookies

11 HTTP transactions
2 data transactions