urlscan.io logo urlscan.io
SecurityTrails logo

redirect-my-ads.com Open in urlscan Pro
2606:4700:3033::6815:364a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://viral481.com/srv.html?id=5481990&pub=866945
Effective URL: https://redirect-my-ads.com/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2WEdtRmJNcWhKK1BqQ2pJOVBVY1VxNVNNRXJx...
Submission Tags: falconsandbox
Submission: On January 30 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 8 domains to perform 6 HTTP transactions. The main IP is 2606:4700:3033::6815:364a, located in United States and belongs to CLOUDFLARENET, US. The main domain is redirect-my-ads.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 7th 2020. Valid for: a year.
This is the only time redirect-my-ads.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 172.67.173.168 13335 (CLOUDFLAR...)
1 151.101.14.110 54113 (FASTLY)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 79.171.200.160 34031 (JD-AS)
1 2a00:1450:400... 15169 (GOOGLE)
6 5
1    172.67.173.168 (United States)

ASN13335 (CLOUDFLARENET, US)
viral481.com
1    151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    2606:4700:3035::ac43:87cb (United States)

ASN13335 (CLOUDFLARENET, US)
simplejmp.com
2    2606:4700:3033::6815:364a (United States)

ASN13335 (CLOUDFLARENET, US)
redirect-my-ads.com
www.redirect-my-ads.com
2    79.171.200.160 (Germany)

ASN34031 (JD-AS, DE)
wequg.com
de.ovrwch.net
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
1 www.google.de redirect-my-ads.com
1 de.ovrwch.net 1 redirects
1 wequg.com 1 redirects
1 www.redirect-my-ads.com redirect-my-ads.com
1 redirect-my-ads.com
1 simplejmp.com 1 redirects
1 js-agent.newrelic.com viral481.com
1 viral481.com
0 bam-cell.nr-data.net Failed js-agent.newrelic.com
6 9

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-07 -
2021-08-07		 a year crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-12-28 -
2021-05-07		 4 months crt.sh
www.google.de
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://redirect-my-ads.com/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2WEdtRmJNcWhKK1BqQ2pJOVBVY1VxNVNNRXJxNmVxSnRyeUFJNENoQVlCeW0wVFlsZTdxUW5XRUhpcllEQUtzVlYvek9HL1lZVjNZR1pwSGpvOERlSENZSWw3amtlbXpXTUFvcDE4Znp3NDNBPT0
Frame ID: 266A39F7437FC301ADEFEDAA1C08CE88
Requests: 5 HTTP requests in this frame

Frame: https://www.google.de/?drc=MQ%3D%3D&x_forwarded_with=&ow_token=eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJvd19jbGlja19pZCI6IjNkMDEzM2EyLWE4NDQtNGVlNy05YmY2LWUyZTcwYmVlYjg0YiIsInJpc2siOiJoaWdoIiwiZXhwIjoxNjEyMDUwNDI3LCJpYXQiOjE2MTIwNTAzNjd9.Q4MXDVRZkrDr07UyFk04GT62oRnm29CBQhk5Q2mYZ2f82rF4P3YoWVjMsfUVSaqq_RunjRAbhZbCL4uU82JAU3G0q8UxwN-Z-GLxRjIIj0PKhfpjQHJVYyvmBxh-zp7kZOkJmPd591qcc_pXGnsxXzjGjkLEhzpLIzEPQy9kUGI&subid1=3d0133a2-a844-4ee7-9bf6-e2e70beeb84b
Frame ID: 97A18662DCA1664412306AEBD4474B93
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://viral481.com/srv.html?id=5481990&pub=866945 Page URL
  2. https://simplejmp.com/redirect/action/3JDxnO3FhLnFuJT81KXp7aHN4ag_eQ__eQ_Uyi?tsid=866945&uc=866945... HTTP 302
    https://redirect-my-ads.com/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2WEdtRmJNcWhKK1Bq... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

6
Requests

83 %
HTTPS

50 %
IPv6

8
Domains

9
Subdomains

5
IPs

2
Countries

22 kB
Transfer

53 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://viral481.com/srv.html?id=5481990&pub=866945 Page URL
  2. https://simplejmp.com/redirect/action/3JDxnO3FhLnFuJT81KXp7aHN4ag_eQ__eQ_Uyi?tsid=866945&uc=866945-793586513 HTTP 302
    https://redirect-my-ads.com/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2WEdtRmJNcWhKK1BqQ2pJOVBVY1VxNVNNRXJxNmVxSnRyeUFJNENoQVlCeW0wVFlsZTdxUW5XRUhpcllEQUtzVlYvek9HL1lZVjNZR1pwSGpvOERlSENZSWw3amtlbXpXTUFvcDE4Znp3NDNBPT0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://wequg.com/s/P2c?pubref=19013060_28_78_48_699f19_1900_80_6015efbe_2a0104f8019254140000000000000002_2939_0_0_64_64_0_2_2_0&affpubid=48:2939 HTTP 302
  • https://de.ovrwch.net/Gj?external_id=17755b081e10c8ao163784od5ad6a85bd56&partner_id=1724&campaign_id=1456004&traffic_id=1724&owt=https%3A%2F%2Fcs-de.ojom-mobile.de%2F1%2Fpub_run%2Flp%3Fproductid%3D16221922%26ydr_pid%3D1724%26ydr_cid%3D0%26pubref%3D19013060_28_78_48_699f19_1900_80_6015efbe_2a0104f8019254140000000000000002_2939_0_0_64_64_0_2_2_0%26affpubid%3D48%253A2939%26lpid%3D0%26tsp%3D1456004%26ydrid%3D17755b081e10c8ao163784od5ad6a85bd56&x_forwarded_with=&drc=MQ== HTTP 302
  • https://www.google.de/?drc=MQ%3D%3D&x_forwarded_with=&ow_token=eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJvd19jbGlja19pZCI6IjNkMDEzM2EyLWE4NDQtNGVlNy05YmY2LWUyZTcwYmVlYjg0YiIsInJpc2siOiJoaWdoIiwiZXhwIjoxNjEyMDUwNDI3LCJpYXQiOjE2MTIwNTAzNjd9.Q4MXDVRZkrDr07UyFk04GT62oRnm29CBQhk5Q2mYZ2f82rF4P3YoWVjMsfUVSaqq_RunjRAbhZbCL4uU82JAU3G0q8UxwN-Z-GLxRjIIj0PKhfpjQHJVYyvmBxh-zp7kZOkJmPd591qcc_pXGnsxXzjGjkLEhzpLIzEPQy9kUGI&subid1=3d0133a2-a844-4ee7-9bf6-e2e70beeb84b

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
srv.html
viral481.com/ 		20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://viral481.com/srv.html?id=5481990&pub=866945
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.173.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0850c180fd6bcbdb0c5efca0f17b72a4d151dc34e28f9d58242f5752244622e6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
viral481.com
:scheme
https
:path
/srv.html?id=5481990&pub=866945
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 23:46:06 GMT
content-type
text/html
set-cookie
__cfduid=d93d2b28b356c7491e79e305039f91f331612050365; expires=Mon, 01-Mar-21 23:46:05 GMT; path=/; domain=.viral481.com; HttpOnly; SameSite=Lax PHPSESSID=CfMoEZ22krT0iayEdggtink4K3e-TonKBwfCLtSUoJY7rbOk5ekb5g3bItnuYMOJ; path=/; HttpOnly SERVERID=web2; path=/
x-frame-options
SAMEORIGIN
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
x-xss-protection
1; mode=block
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
07f749960f00000b4787038000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yI03Q86oWF2HG8dlXd5aM1m2mkNzJuS3eyW1AJvNg7vUB012V4i5IoiT7inC9yHPsI24evRUySm3iStH8QuWvUriweEwF%2Bh1yGPiDog%3D"}]}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
619f12034dfc0b47-AMS
content-encoding
br
nr-1194.min.js
js-agent.newrelic.com/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1194.min.js
Requested by
Host: viral481.com
URL: https://viral481.com/srv.html?id=5481990&pub=866945
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://viral481.com/srv.html?id=5481990&pub=866945
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 23:46:06 GMT
content-encoding
gzip
x-amz-request-id
BDA33F0ADF8B446F
x-cache
HIT
content-length
10625
x-amz-id-2
ZBBsNmFVlqY4Vm3G5KmpGb7jgl6i6pF00oVNbFw842+Gtx5110FCeoI/pT6oqfqZzNVWEqpSjow=
x-served-by
cache-fra19176-FRA
last-modified
Wed, 06 Jan 2021 22:25:50 GMT
server
AmazonS3
x-timer
S1612050366.429180,VS0,VE0
etag
"4f5c23cba20072ede6a543efb2f986c3"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4017
Primary Request NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2WEdtRmJNcWhKK1BqQ2pJOVBVY1VxNVNNRXJxNmVxSnRyeUFJNENoQVlCeW0wVFlsZTdxUW5XRUhpcllEQUtzVlYvek9HL1lZVjNZR1pwSGpvOERlSENZSWw3amtlbXpXTUFvcDE4Znp3N...
redirect-my-ads.com/clk/
Redirect Chain
  • https://simplejmp.com/redirect/action/3JDxnO3FhLnFuJT81KXp7aHN4ag_eQ__eQ_Uyi?tsid=866945&uc=866945-793586513
  • https://redirect-my-ads.com/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2WEdtRmJNcWhKK1BqQ2pJOVBVY1VxNVNNRXJxNmVxSnRyeUFJNENoQVlCeW0wVFlsZTdxUW5XRUhpcllEQUtzVlYvek9HL1lZVjNZR1pwSGpvO...
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://redirect-my-ads.com/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2WEdtRmJNcWhKK1BqQ2pJOVBVY1VxNVNNRXJxNmVxSnRyeUFJNENoQVlCeW0wVFlsZTdxUW5XRUhpcllEQUtzVlYvek9HL1lZVjNZR1pwSGpvOERlSENZSWw3amtlbXpXTUFvcDE4Znp3NDNBPT0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:364a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a1af017cf6c85e9ef89b658776c16664f1ae5b1774a2dc358b2078a4220593b

Request headers

:method
GET
:authority
redirect-my-ads.com
:scheme
https
:path
/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2WEdtRmJNcWhKK1BqQ2pJOVBVY1VxNVNNRXJxNmVxSnRyeUFJNENoQVlCeW0wVFlsZTdxUW5XRUhpcllEQUtzVlYvek9HL1lZVjNZR1pwSGpvOERlSENZSWw3amtlbXpXTUFvcDE4Znp3NDNBPT0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://viral481.com/srv.html?id=5481990&pub=866945
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://viral481.com/srv.html?id=5481990&pub=866945

Response headers

date
Sat, 30 Jan 2021 23:46:06 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=df4cb3ea618dc9e4bb07d76edb9dfdc431612050366; expires=Mon, 01-Mar-21 23:46:06 GMT; path=/; domain=.redirect-my-ads.com; HttpOnly; SameSite=Lax; Secure GEO_6cac6683d43425e2cab7e055243dc466dd34fade=699f19; expires=Sun, 31-Jan-2021 00:46:06 GMT; Max-Age=3600 click-ec-699f19=19013060_28_78_48_699f19_1900_80_6015efbe_2a0104f8019254140000000000000002_2939_0_0_64_64_0_2_2_0; expires=Thu, 29-Jul-2021 23:46:06 GMT; Max-Age=15552000; path=/conversion msv-48-699f19-b7b-50-120-0=55832868898534104861030369468629385218; expires=Sun, 31-Jan-2021 23:46:06 GMT; Max-Age=86400
charset
UTF-8
content-encoding
UTF-8
p3p
CP="NOI CURa ADMa PSA OUR NOR OTC"
pragma
no-cache
cache-control
no-cache no-cache, must-revalidate, max-age=0
x-robots-tag
noindex, nofollow, nocache, noarchive
googlebot
noindex, nofollow, nocache, noarchive
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-request-id
07f749984400002ba16d195000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7J6DiDKa7aNdY9Xn18V43lISRT1H7iJBoBLhJ3yqXFoAzrFoagL5QBUkFYfm%2BT7GP5YYcrq9A%2FzPDMAfFD0bHoqwr8%2FgLtC7VRWoZHohvFooPKHRZmYlKOZDhWFAeUaD"}],"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
619f1206df7c2ba1-FRA

Redirect headers

date
Sat, 30 Jan 2021 23:46:06 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dc1138301e2f9d8a8afaa6fbc084d3b291612050366; expires=Mon, 01-Mar-21 23:46:06 GMT; path=/; domain=.simplejmp.com; HttpOnly; SameSite=Lax; Secure click-20b-69c2cd=19013061_26_0_ea7_69c2cd_874_80_6015efbe_2a0104f8019254140000000000000002_0_0_0_64_64_0_2_2_0; expires=Thu, 29-Jul-2021 23:46:06 GMT; Max-Age=15552000; path=/conversion msv-ea7-69c2cd-0-50-0-0=55832868898534104861030369468629385218; expires=Sun, 31-Jan-2021 23:46:06 GMT; Max-Age=86400
location
https://redirect-my-ads.com/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2WEdtRmJNcWhKK1BqQ2pJOVBVY1VxNVNNRXJxNmVxSnRyeUFJNENoQVlCeW0wVFlsZTdxUW5XRUhpcllEQUtzVlYvek9HL1lZVjNZR1pwSGpvOERlSENZSWw3amtlbXpXTUFvcDE4Znp3NDNBPT0
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-request-id
07f74997d000002b12f80bd000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FXfmZuChQ3SZLxmFURT0%2BSzkZDNRS2mS5yTEbM4VgN3HhGQNez4aV%2FExhiAfRSaIXTqtgvYPSBtbvDTGM7aFLIP7tDG2HETjYhM7vsk%2FT7oEj8IiymMgfrzM"}],"max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
619f12061f992b12-FRA
62915533ca
bam-cell.nr-data.net/1/ 		0
0
exittraffic.js
www.redirect-my-ads.com/background_loader/getJS/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redirect-my-ads.com/background_loader/getJS/exittraffic.js
Requested by
Host: redirect-my-ads.com
URL: https://redirect-my-ads.com/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2WEdtRmJNcWhKK1BqQ2pJOVBVY1VxNVNNRXJxNmVxSnRyeUFJNENoQVlCeW0wVFlsZTdxUW5XRUhpcllEQUtzVlYvek9HL1lZVjNZR1pwSGpvOERlSENZSWw3amtlbXpXTUFvcDE4Znp3NDNBPT0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:364a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2aff07047d4795ce7f7feb5b64ec9ff981e7fb1c48cb4cd14910d558c18f439

Request headers

Referer
https://redirect-my-ads.com/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2WEdtRmJNcWhKK1BqQ2pJOVBVY1VxNVNNRXJxNmVxSnRyeUFJNENoQVlCeW0wVFlsZTdxUW5XRUhpcllEQUtzVlYvek9HL1lZVjNZR1pwSGpvOERlSENZSWw3amtlbXpXTUFvcDE4Znp3NDNBPT0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
pragma
date
Sat, 30 Jan 2021 23:46:06 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iJK8ZF2NhFvd0Ng7M0zuo2%2BPak8dpWw5%2BBh4%2FfdYy9GcOPcMjQWX26PtyC388SqS%2BUfsGG8vjBHlJFhnGVY%2FpnL73x8dcTQxGTSQ%2BrvXjTJR0Zznx2FtPf%2FvK%2BCmoJDqXVbfWQ%3D%3D"}],"group":"cf-nel"}
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
619f1207a88f2ba1-FRA
cf-request-id
07f74998c600002ba1671b4000000001
/
www.google.de/ Frame 97A1
Redirect Chain
  • https://wequg.com/s/P2c?pubref=19013060_28_78_48_699f19_1900_80_6015efbe_2a0104f8019254140000000000000002_2939_0_0_64_64_0_2_2_0&affpubid=48:2939
  • https://de.ovrwch.net/Gj?external_id=17755b081e10c8ao163784od5ad6a85bd56&partner_id=1724&campaign_id=1456004&traffic_id=1724&owt=https%3A%2F%2Fcs-de.ojom-mobile.de%2F1%2Fpub_run%2Flp%3Fproductid%3D...
  • https://www.google.de/?drc=MQ%3D%3D&x_forwarded_with=&ow_token=eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJvd19jbGlja19pZCI6IjNkMDEzM2EyLWE4NDQtNGVlNy05YmY2LWUyZTcwYmVlYjg0YiIsInJpc2siOiJoaWdoIiwiZXhwI...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.de/?drc=MQ%3D%3D&x_forwarded_with=&ow_token=eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJvd19jbGlja19pZCI6IjNkMDEzM2EyLWE4NDQtNGVlNy05YmY2LWUyZTcwYmVlYjg0YiIsInJpc2siOiJoaWdoIiwiZXhwIjoxNjEyMDUwNDI3LCJpYXQiOjE2MTIwNTAzNjd9.Q4MXDVRZkrDr07UyFk04GT62oRnm29CBQhk5Q2mYZ2f82rF4P3YoWVjMsfUVSaqq_RunjRAbhZbCL4uU82JAU3G0q8UxwN-Z-GLxRjIIj0PKhfpjQHJVYyvmBxh-zp7kZOkJmPd591qcc_pXGnsxXzjGjkLEhzpLIzEPQy9kUGI&subid1=3d0133a2-a844-4ee7-9bf6-e2e70beeb84b
Requested by
Host: redirect-my-ads.com
URL: https://redirect-my-ads.com/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2WEdtRmJNcWhKK1BqQ2pJOVBVY1VxNVNNRXJxNmVxSnRyeUFJNENoQVlCeW0wVFlsZTdxUW5XRUhpcllEQUtzVlYvek9HL1lZVjNZR1pwSGpvOERlSENZSWw3amtlbXpXTUFvcDE4Znp3NDNBPT0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.de
:scheme
https
:path
/?drc=MQ%3D%3D&x_forwarded_with=&ow_token=eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJvd19jbGlja19pZCI6IjNkMDEzM2EyLWE4NDQtNGVlNy05YmY2LWUyZTcwYmVlYjg0YiIsInJpc2siOiJoaWdoIiwiZXhwIjoxNjEyMDUwNDI3LCJpYXQiOjE2MTIwNTAzNjd9.Q4MXDVRZkrDr07UyFk04GT62oRnm29CBQhk5Q2mYZ2f82rF4P3YoWVjMsfUVSaqq_RunjRAbhZbCL4uU82JAU3G0q8UxwN-Z-GLxRjIIj0PKhfpjQHJVYyvmBxh-zp7kZOkJmPd591qcc_pXGnsxXzjGjkLEhzpLIzEPQy9kUGI&subid1=3d0133a2-a844-4ee7-9bf6-e2e70beeb84b
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://redirect-my-ads.com/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2WEdtRmJNcWhKK1BqQ2pJOVBVY1VxNVNNRXJxNmVxSnRyeUFJNENoQVlCeW0wVFlsZTdxUW5XRUhpcllEQUtzVlYvek9HL1lZVjNZR1pwSGpvOERlSENZSWw3amtlbXpXTUFvcDE4Znp3NDNBPT0
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://redirect-my-ads.com/clk/NUFRRVlrdElUOGVrMkFwVEhROVlGMFNoZDlydzcyak9FVWFvTkU2ZXR2WEdtRmJNcWhKK1BqQ2pJOVBVY1VxNVNNRXJxNmVxSnRyeUFJNENoQVlCeW0wVFlsZTdxUW5XRUhpcllEQUtzVlYvek9HL1lZVjNZR1pwSGpvOERlSENZSWw3amtlbXpXTUFvcDE4Znp3NDNBPT0

Response headers

date
Sat, 30 Jan 2021 23:46:07 GMT
expires
-1
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding
br
server
gws
content-length
43077
x-xss-protection
0
x-frame-options
SAMEORIGIN
set-cookie
NID=208=kEqWisaU-y1bXlYgzlwbI8WOBYvS0qCR-iussmTPdTZ6c9_RHTzKBUl7yGKIcHPheiwD1b3e0pb9MSSlWepV1dmKSmLpifXMAEG4ePDsei7_TpbXo_EDEJxHqeK2yw93mEwrqnbkFsQ0lVROD7BiF9ASgpGg07Oy3hk5lM78HMM; expires=Sun, 01-Aug-2021 23:46:07 GMT; path=/; domain=.google.de; Secure; HttpOnly; SameSite=none CONSENT=PENDING+165; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.de
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sat, 30 Jan 2021 23:46:07 GMT
Content-Length
0
Connection
keep-alive
location
https://www.google.de?drc=MQ%3D%3D&x_forwarded_with=&ow_token=eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJvd19jbGlja19pZCI6IjNkMDEzM2EyLWE4NDQtNGVlNy05YmY2LWUyZTcwYmVlYjg0YiIsInJpc2siOiJoaWdoIiwiZXhwIjoxNjEyMDUwNDI3LCJpYXQiOjE2MTIwNTAzNjd9.Q4MXDVRZkrDr07UyFk04GT62oRnm29CBQhk5Q2mYZ2f82rF4P3YoWVjMsfUVSaqq_RunjRAbhZbCL4uU82JAU3G0q8UxwN-Z-GLxRjIIj0PKhfpjQHJVYyvmBxh-zp7kZOkJmPd591qcc_pXGnsxXzjGjkLEhzpLIzEPQy9kUGI&subid1=3d0133a2-a844-4ee7-9bf6-e2e70beeb84b
content-language
en-US
x-envoy-upstream-service-time
431

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bam-cell.nr-data.net
URL
https://bam-cell.nr-data.net/1/62915533ca?a=14035018&v=1194.94d5a62&to=blEHMktWXkQABkRQDFcbMBRQGF9RBwBCFxNRRA%3D%3D&rst=548&ck=1&ref=https://viral481.com/srv.html&ap=138&be=451&fe=455&dc=454&perf=%7B%22timing%22:%7B%22of%22:1612050365903,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:10,%22c%22:10,%22s%22:24,%22ce%22:54,%22rq%22:54,%22rp%22:444,%22rpe%22:445,%22dl%22:447,%22di%22:453,%22ds%22:453,%22de%22:453,%22dc%22:454,%22l%22:454,%22le%22:456%7D,%22navigation%22:%7B%7D%7D&fp=478&fcp=478&at=QhYERANMTUo%3D&jsonp=NREUM.setToken

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated boolean| is_chrome function| DisableExitTraffic function| addLoadEvent function| addClickEvent boolean| PreventExitSplash boolean| LightwindowOpening function| DisplayExitSplash object| a function| exittraffic_change_url undefined| theBody function| disablelinksfunc function| disableformsfunc string| exittraffic_splashalertmessage string| exittraffic_RedirectUrl object| queryString object| _GET

4 Cookies

Domain/Path Name / Value
.redirect-my-ads.com/ Name: __cfduid
Value: df4cb3ea618dc9e4bb07d76edb9dfdc431612050366
.google.de/ Name: NID
Value: 208=kEqWisaU-y1bXlYgzlwbI8WOBYvS0qCR-iussmTPdTZ6c9_RHTzKBUl7yGKIcHPheiwD1b3e0pb9MSSlWepV1dmKSmLpifXMAEG4ePDsei7_TpbXo_EDEJxHqeK2yw93mEwrqnbkFsQ0lVROD7BiF9ASgpGg07Oy3hk5lM78HMM
redirect-my-ads.com/clk Name: msv-48-699f19-b7b-50-120-0
Value: 55832868898534104861030369468629385218
redirect-my-ads.com/clk Name: GEO_6cac6683d43425e2cab7e055243dc466dd34fade
Value: 699f19

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block