redirect-my-ads.com
Open in
urlscan Pro
2606:4700:3033::6815:364a
Public Scan
Effective URL: https://redirect-my-ads.com/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2WEdtRmJNcWhKK1BqQ2pJOVBVY1VxNVNNRXJx...
Submission Tags: falconsandbox
Submission: On January 30 via api from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 7th 2020. Valid for: a year.
This is the only time redirect-my-ads.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 172.67.173.168 172.67.173.168 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 151.101.14.110 151.101.14.110 | 54113 (FASTLY) (FASTLY) | |
1 1 | 2606:4700:303... 2606:4700:3035::ac43:87cb | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700:303... 2606:4700:3033::6815:364a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 2 | 79.171.200.160 79.171.200.160 | 34031 (JD-AS) (JD-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:80e::2003 | 15169 (GOOGLE) (GOOGLE) | |
6 | 5 |
ASN13335 (CLOUDFLARENET, US)
redirect-my-ads.com | |
www.redirect-my-ads.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
redirect-my-ads.com
redirect-my-ads.com www.redirect-my-ads.com |
5 KB |
1 |
google.de
www.google.de |
|
1 |
ovrwch.net
1 redirects
de.ovrwch.net |
657 B |
1 |
wequg.com
1 redirects
wequg.com |
1 KB |
1 |
simplejmp.com
1 redirects
simplejmp.com |
1 KB |
1 |
newrelic.com
js-agent.newrelic.com |
11 KB |
1 |
viral481.com
viral481.com |
6 KB |
0 |
nr-data.net
Failed
bam-cell.nr-data.net Failed |
|
6 | 8 |
Domain | Requested by | |
---|---|---|
1 | www.google.de |
redirect-my-ads.com
|
1 | de.ovrwch.net | 1 redirects |
1 | wequg.com | 1 redirects |
1 | www.redirect-my-ads.com |
redirect-my-ads.com
|
1 | redirect-my-ads.com | |
1 | simplejmp.com | 1 redirects |
1 | js-agent.newrelic.com |
viral481.com
|
1 | viral481.com | |
0 | bam-cell.nr-data.net Failed |
js-agent.newrelic.com
|
6 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-07 - 2021-08-07 |
a year | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-12-28 - 2021-05-07 |
4 months | crt.sh |
www.google.de GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://redirect-my-ads.com/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2WEdtRmJNcWhKK1BqQ2pJOVBVY1VxNVNNRXJxNmVxSnRyeUFJNENoQVlCeW0wVFlsZTdxUW5XRUhpcllEQUtzVlYvek9HL1lZVjNZR1pwSGpvOERlSENZSWw3amtlbXpXTUFvcDE4Znp3NDNBPT0
Frame ID: 266A39F7437FC301ADEFEDAA1C08CE88
Requests: 5 HTTP requests in this frame
Frame:
https://www.google.de/?drc=MQ%3D%3D&x_forwarded_with=&ow_token=eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJvd19jbGlja19pZCI6IjNkMDEzM2EyLWE4NDQtNGVlNy05YmY2LWUyZTcwYmVlYjg0YiIsInJpc2siOiJoaWdoIiwiZXhwIjoxNjEyMDUwNDI3LCJpYXQiOjE2MTIwNTAzNjd9.Q4MXDVRZkrDr07UyFk04GT62oRnm29CBQhk5Q2mYZ2f82rF4P3YoWVjMsfUVSaqq_RunjRAbhZbCL4uU82JAU3G0q8UxwN-Z-GLxRjIIj0PKhfpjQHJVYyvmBxh-zp7kZOkJmPd591qcc_pXGnsxXzjGjkLEhzpLIzEPQy9kUGI&subid1=3d0133a2-a844-4ee7-9bf6-e2e70beeb84b
Frame ID: 97A18662DCA1664412306AEBD4474B93
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://viral481.com/srv.html?id=5481990&pub=866945 Page URL
-
https://simplejmp.com/redirect/action/3JDxnO3FhLnFuJT81KXp7aHN4ag_eQ__eQ_Uyi?tsid=866945&uc=866945...
HTTP 302
https://redirect-my-ads.com/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2WEdtRmJNcWhKK1Bq... Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://viral481.com/srv.html?id=5481990&pub=866945 Page URL
-
https://simplejmp.com/redirect/action/3JDxnO3FhLnFuJT81KXp7aHN4ag_eQ__eQ_Uyi?tsid=866945&uc=866945-793586513
HTTP 302
https://redirect-my-ads.com/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2WEdtRmJNcWhKK1BqQ2pJOVBVY1VxNVNNRXJxNmVxSnRyeUFJNENoQVlCeW0wVFlsZTdxUW5XRUhpcllEQUtzVlYvek9HL1lZVjNZR1pwSGpvOERlSENZSWw3amtlbXpXTUFvcDE4Znp3NDNBPT0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- https://wequg.com/s/P2c?pubref=19013060_28_78_48_699f19_1900_80_6015efbe_2a0104f8019254140000000000000002_2939_0_0_64_64_0_2_2_0&affpubid=48:2939 HTTP 302
- https://de.ovrwch.net/Gj?external_id=17755b081e10c8ao163784od5ad6a85bd56&partner_id=1724&campaign_id=1456004&traffic_id=1724&owt=https%3A%2F%2Fcs-de.ojom-mobile.de%2F1%2Fpub_run%2Flp%3Fproductid%3D16221922%26ydr_pid%3D1724%26ydr_cid%3D0%26pubref%3D19013060_28_78_48_699f19_1900_80_6015efbe_2a0104f8019254140000000000000002_2939_0_0_64_64_0_2_2_0%26affpubid%3D48%253A2939%26lpid%3D0%26tsp%3D1456004%26ydrid%3D17755b081e10c8ao163784od5ad6a85bd56&x_forwarded_with=&drc=MQ== HTTP 302
- https://www.google.de/?drc=MQ%3D%3D&x_forwarded_with=&ow_token=eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJvd19jbGlja19pZCI6IjNkMDEzM2EyLWE4NDQtNGVlNy05YmY2LWUyZTcwYmVlYjg0YiIsInJpc2siOiJoaWdoIiwiZXhwIjoxNjEyMDUwNDI3LCJpYXQiOjE2MTIwNTAzNjd9.Q4MXDVRZkrDr07UyFk04GT62oRnm29CBQhk5Q2mYZ2f82rF4P3YoWVjMsfUVSaqq_RunjRAbhZbCL4uU82JAU3G0q8UxwN-Z-GLxRjIIj0PKhfpjQHJVYyvmBxh-zp7kZOkJmPd591qcc_pXGnsxXzjGjkLEhzpLIzEPQy9kUGI&subid1=3d0133a2-a844-4ee7-9bf6-e2e70beeb84b
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
srv.html
viral481.com/ |
20 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1194.min.js
js-agent.newrelic.com/ |
27 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2WEdtRmJNcWhKK1BqQ2pJOVBVY1VxNVNNRXJxNmVxSnRyeUFJNENoQVlCeW0wVFlsZTdxUW5XRUhpcllEQUtzVlYvek9HL1lZVjNZR1pwSGpvOERlSENZSWw3amtlbXpXTUFvcDE4Znp3N...
redirect-my-ads.com/clk/ Redirect Chain
|
3 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
62915533ca
bam-cell.nr-data.net/1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
exittraffic.js
www.redirect-my-ads.com/background_loader/getJS/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/ Frame 97A1 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- bam-cell.nr-data.net
- URL
- https://bam-cell.nr-data.net/1/62915533ca?a=14035018&v=1194.94d5a62&to=blEHMktWXkQABkRQDFcbMBRQGF9RBwBCFxNRRA%3D%3D&rst=548&ck=1&ref=https://viral481.com/srv.html&ap=138&be=451&fe=455&dc=454&perf=%7B%22timing%22:%7B%22of%22:1612050365903,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:10,%22c%22:10,%22s%22:24,%22ce%22:54,%22rq%22:54,%22rp%22:444,%22rpe%22:445,%22dl%22:447,%22di%22:453,%22ds%22:453,%22de%22:453,%22dc%22:454,%22l%22:454,%22le%22:456%7D,%22navigation%22:%7B%7D%7D&fp=478&fcp=478&at=QhYERANMTUo%3D&jsonp=NREUM.setToken
Verdicts & Comments Add Verdict or Comment
26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated boolean| is_chrome function| DisableExitTraffic function| addLoadEvent function| addClickEvent boolean| PreventExitSplash boolean| LightwindowOpening function| DisplayExitSplash object| a function| exittraffic_change_url undefined| theBody function| disablelinksfunc function| disableformsfunc string| exittraffic_splashalertmessage string| exittraffic_RedirectUrl object| queryString object| _GET4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.redirect-my-ads.com/ | Name: __cfduid Value: df4cb3ea618dc9e4bb07d76edb9dfdc431612050366 |
|
.google.de/ | Name: NID Value: 208=kEqWisaU-y1bXlYgzlwbI8WOBYvS0qCR-iussmTPdTZ6c9_RHTzKBUl7yGKIcHPheiwD1b3e0pb9MSSlWepV1dmKSmLpifXMAEG4ePDsei7_TpbXo_EDEJxHqeK2yw93mEwrqnbkFsQ0lVROD7BiF9ASgpGg07Oy3hk5lM78HMM |
|
redirect-my-ads.com/clk | Name: msv-48-699f19-b7b-50-120-0 Value: 55832868898534104861030369468629385218 |
|
redirect-my-ads.com/clk | Name: GEO_6cac6683d43425e2cab7e055243dc466dd34fade Value: 699f19 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bam-cell.nr-data.net
de.ovrwch.net
js-agent.newrelic.com
redirect-my-ads.com
simplejmp.com
viral481.com
wequg.com
www.google.de
www.redirect-my-ads.com
bam-cell.nr-data.net
151.101.14.110
172.67.173.168
2606:4700:3033::6815:364a
2606:4700:3035::ac43:87cb
2a00:1450:4001:80e::2003
79.171.200.160
0850c180fd6bcbdb0c5efca0f17b72a4d151dc34e28f9d58242f5752244622e6
0a1af017cf6c85e9ef89b658776c16664f1ae5b1774a2dc358b2078a4220593b
a2aff07047d4795ce7f7feb5b64ec9ff981e7fb1c48cb4cd14910d558c18f439