www.onlineusershielder.com
Open in
urlscan Pro
2606:4700:3031::ac43:b355
Public Scan
Effective URL: https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Submission Tags: falconsandbox
Submission: On September 24 via api from US — Scanned from DE
Summary
TLS certificate: Issued by E1 on September 11th 2022. Valid for: 3 months.
This is the only time www.onlineusershielder.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 104.31.16.118 104.31.16.118 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
22 | 2606:4700:303... 2606:4700:3031::ac43:b355 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:829::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.201.194 142.250.201.194 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
2 | 2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:829::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400d:80e::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 37.48.65.182 37.48.65.182 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
32 | 9 |
ASN13335 (CLOUDFLARENET, US)
www.onlineusershielder.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net
www.googleadservices.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
extreme-ip-lookup.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
onlineusershielder.com
www.onlineusershielder.com |
1 MB |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 113 |
222 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152 |
111 KB |
1 |
extreme-ip-lookup.com
extreme-ip-lookup.com — Cisco Umbrella Rank: 18258 |
742 B |
1 |
google.de
www.google.de — Cisco Umbrella Rank: 6352 |
548 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
548 B |
1 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 |
2 KB |
1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 128 |
16 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62 |
47 KB |
1 |
1337x.to
1 redirects
1337x.to — Cisco Umbrella Rank: 94605 |
492 B |
32 | 10 |
Domain | Requested by | |
---|---|---|
22 | www.onlineusershielder.com |
www.onlineusershielder.com
|
2 | www.facebook.com |
www.onlineusershielder.com
|
2 | connect.facebook.net |
www.onlineusershielder.com
connect.facebook.net |
1 | extreme-ip-lookup.com |
www.onlineusershielder.com
|
1 | www.google.de |
www.onlineusershielder.com
|
1 | www.google.com |
www.onlineusershielder.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
www.onlineusershielder.com
|
1 | 1337x.to | 1 redirects |
32 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
hhrsecure.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.onlineusershielder.com E1 |
2022-09-11 - 2022-12-10 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-09-05 - 2022-11-28 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2022-09-05 - 2022-11-28 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-07-03 - 2022-10-01 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-09-05 - 2022-11-28 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-09-05 - 2022-11-28 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2022-09-05 - 2022-11-28 |
3 months | crt.sh |
t1.extreme-dm.com R3 |
2022-08-14 - 2022-11-12 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461
Frame ID: 7BF325DA3DFE4B4D1AAE6C7A0572523F
Requests: 31 HTTP requests in this frame
Frame:
https://www.onlineusershielder.com/common/common_b.html
Frame ID: 63912891144FA0EEE6E8FFB401C915A8
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Safety DownloadingPage URL History Show full URLs
-
https://1337x.to/anoydl9-Adobe+Acrobat+Pro+DC+v2022.001.20142+(x86/x64)+Multilingual+Pre-Acti...
HTTP 302
https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461 Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Hide My IP Now
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://1337x.to/anoydl9-Adobe+Acrobat+Pro+DC+v2022.001.20142+(x86/x64)+Multilingual+Pre-Activated
HTTP 302
https://www.onlineusershielder.com/download-guard/?hm=true&trvid=10834&var1=461 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.onlineusershielder.com/download-guard/ Redirect Chain
|
11 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
www.onlineusershielder.com/download-guard/assets/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.onlineusershielder.com/download-guard/assets/ |
19 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.min.js
www.onlineusershielder.com/common/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utils.js
www.onlineusershielder.com/common/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common_script.js
www.onlineusershielder.com/common/ |
541 B 758 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
img-laptop-torrent.png
www.onlineusershielder.com/download-guard/assets/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
shield.png
www.onlineusershielder.com/download-guard/assets/ |
35 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ic-no-logs.png
www.onlineusershielder.com/download-guard/assets/ |
663 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ic-kill-switch.png
www.onlineusershielder.com/download-guard/assets/ |
1002 B 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
spinner.gif
www.onlineusershielder.com/download-guard/assets/ |
659 KB 660 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
common_h.js
www.onlineusershielder.com/common/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style(1).css
www.onlineusershielder.com/download-guard/assets/ |
623 B 792 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-2.2.4.min.js
www.onlineusershielder.com/download-guard/assets/ |
83 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.js
www.onlineusershielder.com/download-guard/assets/ |
36 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
119 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
common_b.html
www.onlineusershielder.com/common/ Frame 6391 |
427 B 809 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
banner-download_desktop.jpg
www.onlineusershielder.com/download-guard/assets/ |
62 KB 62 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
img-cta-torrent.jpg
www.onlineusershielder.com/download-guard/assets/ |
34 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg-icon.png
www.onlineusershielder.com/download-guard/assets/ |
610 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ProximaNova-Regular.otf
www.onlineusershielder.com/download-guard/assets/font/ |
92 KB 93 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ProximaNova-Bold.otf
www.onlineusershielder.com/download-guard/assets/font/ |
94 KB 95 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ProximaNova-Semibold.otf
www.onlineusershielder.com/download-guard/assets/font/ |
90 KB 90 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
41 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
101 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2099375100220053
connect.facebook.net/signals/config/ |
293 KB 84 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 204 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10835118523/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/10835118523/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/10835118523/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
extreme-ip-lookup.com/json/ |
594 B 742 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
0 18 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| getBrowser function| getOS function| setCookie object| dataLayer function| addParams number| w undefined| click_outs function| getQueryParameters string| pixelType object| google_tag_manager object| google_tag_data function| fbq function| _fbq function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.onlineusershielder.com/download-guard | Name: ck Value: true |
|
.onlineusershielder.com/ | Name: _fbp Value: fb.1.1663999461500.367399060 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1337x.to
connect.facebook.net
extreme-ip-lookup.com
googleads.g.doubleclick.net
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.onlineusershielder.com
104.31.16.118
142.250.201.194
2606:4700:3031::ac43:b355
2a00:1450:4001:808::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:400d:80e::2003
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
37.48.65.182
001261c84f9c9755c62dce3fcb4d13f22d1abf272e81bf4289166b0efbe381e5
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0d118226eef5305cd848ff84e7a7d319a25a934517ee7b6161ebed7372ee4e34
118b198975d904ff023e0febbdbab27afc1a584abb15dccff6d3c1f0868e9e85
36b59421bdc34fd9869a7541c47d5f157ff19eb183032efff759c4d5be5d9cae
388be1fb84d1608325ba870797519fe52ad081852a47c66aef5e90eeaf2c425d
46a70632f59ba7e6a8086cdf3eb96f6a084c718519206063629c16b9330e86d1
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5a2c0d991d3d519c52176e55fe73d5b9d066f0b67c11480d988c00e32248cab6
5ad2012c62e6dc10892284a8874a06d47e7957ce58ad3bc6320b448f94c5eb3d
6f0b3bddaf52300556aecf3f085af1fcb9c465bb61e0a4e51b9f81fe2449a901
71b4d13762307641f096f5c3af8a0f6ea349af53b3def1e31c1d702f1dd0f4fe
73c07068fe600dbf2af6efa8becfc569ccfacd9e3531db83c524b51de513c9cd
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
7d4cd8278843c8d9ed9be89746d42028cf92b3f927fdf57119822e4f6542d2dc
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
9c1acca70ab8278c74cfdb2329a9321856550a95e80cbddd9dc36ddb1bb5e667
a4ec59180ccde83e3bf28fbe8f59cd91b27d39f05f971cd051fc744bb3027a8b
a53849598e1618bb12a01f0f3d4ea9f24c23bbec11452f0ce972945b92d90cc9
aa8d23a1972d8edcae27a68fb72c6d34d518b5fce6b3b517d1282b42686bb552
abc7fda2f83d80f5787b062a9cb748247fb0a98297333721f77605bba976e3a4
b0f7621b72b7557e441b44d5033a6a90446dbd6bec6761e140d807e572ed96ed
b3324f81daa7084d69d284488e4dfeef5bcead3d8bbfe28de5d2104aed0417fc
b9462c3d8fc4e698687d6fa7efdd3123606f6e235a179e7cb12cdb38f8ed7978
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6de53799ac7f249679a4f355e51f40144101b0b9d44d6f873f37a1384cc81e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb57697f52d12f3a6f807c8856bed3cb6e182c78b5d3d9bed4ef9069214012f
f1a42527a4275134de7e0742f0b3e90bd8fcd57f816d110e06fbc865b9d649f6
fa617e6195b48622cd13742f0a33f41bd0a3f8b5689424c90f6cba97d4679644