URL: https://pre.glotgrx.com/nflrc.gif?cb=1565642344718700&ver=1.2r75&qid=83530313f543630313f5835373&p=huaren.us&s=huaren.us&x=PubGalaxy%20&cid=758&od1=&od2=&adtg=/8095840/284.huaren.us_desktop_728x90_AdX2&nci=&nai=&si=62140800&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=yikdoxf3nozm&tps=21&ver1=2.2.2&ua=&os=&mm=&di=&ip=&ci=&pp=&bp=&w=728&h=90&pn=desktop&1=e41173e53849c99c532fbd6f440e4f81&2=-7.1&3=1080_1920_1040_1920_24_24_1.5&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=3&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=google_ads_iframe_/8095840/284.huaren.us_desktop_728x90_AdX2_1&dbgcid=758&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=2&icpl=28&icp=https%253A//forums.huaren.us&irfl=0&irf=&cty=4&fcs=0&flky=ver-fl-6-qid-fl-26-p-fl-9-s-fl-9-x-fl-12-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-42-nci-fl-0-nai-fl-0-si-fl-8-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-0-os-fl-0-mm-fl-0-di-fl-0-ip-fl-0-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-7-&spfp=0&spfnp=0&sp1=Chromefl_andWindows&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=1&adcd=i0_f1_o0_e0&vps=728x90&gpu=ANGLE%20(Intel(R)%20HD%20Graphics%20620%20Direct3D11%20vs_5_0%20ps_5_0)&ncf=4g_null_undefined_null_null_undefined_null&fli=&flerr=0&trim=&fio=51
Submission: On August 12 via manual from GB

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 2606:4700::6810:3f36, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is pre.glotgrx.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 13th 2018. Valid for: a year.
This is the only time pre.glotgrx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1
Domain
Subdomains
Transfer
1 glotgrx.com
529 B
1 1
Domain Requested by
1 pre.glotgrx.com
1 1

This site contains links to these domains. Also see Links.

Domain
Subject / Issuer Validity Valid
*.glotgrx.com
Go Daddy Secure Certificate Authority - G2
2018-11-13 -
2020-01-12
a year

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

1 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Adblocked forums.huaren.us&irfl=0&irf=&cty=4&fcs=0&flky=ver-fl-6-qid-fl-26-p-fl-9-s-fl-9-x-fl-12-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-42-nci-fl-0-nai-fl-0-si-fl-8-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0...
/nflrc.gif?cb=1565642344718700&ver=1.2r75&qid=83530313f543630313f5835373&p=huaren.us&s=huaren.us&x=PubGalaxy%20&cid=758&od1=&od2=&adtg=/8095840/284.huaren.us_desktop_728x90_AdX2&nci=&nai=&si=621408...
26 B
529 B
Document
General
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1565642344718700&ver=1.2r75&qid=83530313f543630313f5835373&p=huaren.us&s=huaren.us&x=PubGalaxy%20&cid=758&od1=&od2=&adtg=/8095840/284.huaren.us_desktop_728x90_AdX2&nci=&nai=&si=62140800&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=yikdoxf3nozm&tps=21&ver1=2.2.2&ua=&os=&mm=&di=&ip=&ci=&pp=&bp=&w=728&h=90&pn=desktop&1=e41173e53849c99c532fbd6f440e4f81&2=-7.1&3=1080_1920_1040_1920_24_24_1.5&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=3&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=google_ads_iframe_/8095840/284.huaren.us_desktop_728x90_AdX2_1&dbgcid=758&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=2&icpl=28&icp=https%253A//forums.huaren.us&irfl=0&irf=&cty=4&fcs=0&flky=ver-fl-6-qid-fl-26-p-fl-9-s-fl-9-x-fl-12-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-42-nci-fl-0-nai-fl-0-si-fl-8-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-0-os-fl-0-mm-fl-0-di-fl-0-ip-fl-0-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-7-&spfp=0&spfnp=0&sp1=Chromefl_andWindows&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=1&adcd=i0_f1_o0_e0&vps=728x90&gpu=ANGLE%20(Intel(R)%20HD%20Graphics%20620%20Direct3D11%20vs_5_0%20ps_5_0)&ncf=4g_null_undefined_null_null_undefined_null&fli=&flerr=0&trim=&fio=51
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

:method
GET
:authority
pre.glotgrx.com
:scheme
https
:path
/nflrc.gif?cb=1565642344718700&ver=1.2r75&qid=83530313f543630313f5835373&p=huaren.us&s=huaren.us&x=PubGalaxy%20&cid=758&od1=&od2=&adtg=/8095840/284.huaren.us_desktop_728x90_AdX2&nci=&nai=&si=62140800&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=yikdoxf3nozm&tps=21&ver1=2.2.2&ua=&os=&mm=&di=&ip=&ci=&pp=&bp=&w=728&h=90&pn=desktop&1=e41173e53849c99c532fbd6f440e4f81&2=-7.1&3=1080_1920_1040_1920_24_24_1.5&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=3&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=google_ads_iframe_/8095840/284.huaren.us_desktop_728x90_AdX2_1&dbgcid=758&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=2&icpl=28&icp=https%253A//forums.huaren.us&irfl=0&irf=&cty=4&fcs=0&flky=ver-fl-6-qid-fl-26-p-fl-9-s-fl-9-x-fl-12-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-42-nci-fl-0-nai-fl-0-si-fl-8-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-0-os-fl-0-mm-fl-0-di-fl-0-ip-fl-0-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-7-&spfp=0&spfnp=0&sp1=Chromefl_andWindows&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=1&adcd=i0_f1_o0_e0&vps=728x90&gpu=ANGLE%20(Intel(R)%20HD%20Graphics%20620%20Direct3D11%20vs_5_0%20ps_5_0)&ncf=4g_null_undefined_null_null_undefined_null&fli=&flerr=0&trim=&fio=51
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
date
Mon, 12 Aug 2019 22:56:24 GMT
content-type
image/gif
content-length
26
set-cookie
__cfduid=dae482fdc0397e3ca775b28a3901c03ac1565650584; expires=Tue, 11-Aug-20 22:56:24 GMT; path=/; domain=.glotgrx.com; HttpOnly
x-amz-id-2
x8nOgnxaexzDXPyoBAQ9iHZgl+Rp/Dp77pnE3swvgFNcZPRSFM3Vd634QY3vzBMz7TSGIA38kaw=
x-amz-request-id
6303696349E89FBF
last-modified
Thu, 12 Jan 2017 21:28:05 GMT
etag
"6a43099d5c8fe991a7aa7ebaca53069d"
cf-cache-status
HIT
age
3897
expires
Tue, 13 Aug 2019 00:56:24 GMT
cache-control
public, max-age=7200
accept-ranges
bytes
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
50560ad74975dfc7-FRA

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

1 Cookies

Domain/Path Name / Value
.glotgrx.com/ Name: __cfduid
Value: dae482fdc0397e3ca775b28a3901c03ac1565650584

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pre.glotgrx.com
2606:4700::6810:3f36
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1