urlscan.io logo urlscan.io
SecurityTrails logo

41.got-shield.com Open in urlscan Pro
23.106.248.15  Public Scan

Go To Rescan Add Verdict Report
URL: https://41.got-shield.com/2105-security-wh-agr-addon-us/?to=2105-security-wh-agr-addon-us&campid=cc7ab3e7-3fa1-4f06-a5a3-2...
Submission: On June 18 via manual from KR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 16 HTTP transactions. The main IP is 23.106.248.15, located in Atlanta, United States and belongs to LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG. The main domain is 41.got-shield.com.
TLS certificate: Issued by R3 on May 1st 2023. Valid for: 3 months.
This is the only time 41.got-shield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 23.106.248.15 59253 (LEASEWEB-...)
1 2a00:1450:400... 15169 (GOOGLE)
7 2600:9000:237... 16509 (AMAZON-02)
1 2a04:4e42::729 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
16 8
2    23.106.248.15 (Atlanta, United States)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
41.got-shield.com
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
7    2600:9000:237d:200:5:5907:a500:21 (United States)

ASN16509 (AMAZON-02, US)
d3rlh0lneatqqc.cloudfront.net
1    2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c03::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
7 cloudfront.net
d3rlh0lneatqqc.cloudfront.net
161 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 82
135 KB
2 got-shield.com
41.got-shield.com
12 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 4835
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 124
255 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2890
255 B
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4781
19 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1129
47 KB
16 8
Domain Requested by
7 d3rlh0lneatqqc.cloudfront.net 41.got-shield.com
2 www.googletagmanager.com 41.got-shield.com
www.googletagmanager.com
2 41.got-shield.com 41.got-shield.com
1 www.google.de 41.got-shield.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 browser.sentry-cdn.com 41.got-shield.com
1 www.googleoptimize.com 41.got-shield.com
16 8

This site contains links to these domains. Also see Links.

Domain
difice-milton.com
adtranquility.com
Subject Issuer Validity Valid
got-shield.com
R3		 2023-05-01 -
2023-07-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://41.got-shield.com/2105-security-wh-agr-addon-us/?to=2105-security-wh-agr-addon-us&campid=cc7ab3e7-3fa1-4f06-a5a3-24dfe5a1db7e&utm_source=TACO&landerid=76c246f4-9ab2-451e-871d-65de47a116e8&browser=Chrome%20Mobile&bv=Chrome%20Mobile%20114&lander=1305-intermediary-lander&pccid=dqn6lotdje4ns8hpikio7s3m&phone_brand=Samsung&model=Galaxy%20M53&zone_id=506594&supply_id=&camp_id=&source=0&ua=&creative=&pathid=a3922286-1784-a768-a3df-38184cef8d5d&brand=av&lang=en&geo=us
Frame ID: 5079843868020A71F8CEE723FD30B237
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Android - Incredible New App - INTL - IW2022 - Your Lifestyle

Detected technologies

Overall confidence: 100%
Detected patterns
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

16
Requests

100 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

375 kB
Transfer

744 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
41.got-shield.com/2105-security-wh-agr-addon-us/ 		22 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://41.got-shield.com/2105-security-wh-agr-addon-us/?to=2105-security-wh-agr-addon-us&campid=cc7ab3e7-3fa1-4f06-a5a3-24dfe5a1db7e&utm_source=TACO&landerid=76c246f4-9ab2-451e-871d-65de47a116e8&browser=Chrome%20Mobile&bv=Chrome%20Mobile%20114&lander=1305-intermediary-lander&pccid=dqn6lotdje4ns8hpikio7s3m&phone_brand=Samsung&model=Galaxy%20M53&zone_id=506594&supply_id=&camp_id=&source=0&ua=&creative=&pathid=a3922286-1784-a768-a3df-38184cef8d5d&brand=av&lang=en&geo=us
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.106.248.15 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
62e9ef80fab4519c5342185acbf6cbe8cd0fb69cfe3d6be39b1b599121b44187

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 18 Jun 2023 08:42:30 GMT
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
styles.min.css
41.got-shield.com/2105-security-wh-agr-addon-us/sp-assets/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://41.got-shield.com/2105-security-wh-agr-addon-us/sp-assets/styles.min.css
Requested by
Host: 41.got-shield.com
URL: https://41.got-shield.com/2105-security-wh-agr-addon-us/?to=2105-security-wh-agr-addon-us&campid=cc7ab3e7-3fa1-4f06-a5a3-24dfe5a1db7e&utm_source=TACO&landerid=76c246f4-9ab2-451e-871d-65de47a116e8&browser=Chrome%20Mobile&bv=Chrome%20Mobile%20114&lander=1305-intermediary-lander&pccid=dqn6lotdje4ns8hpikio7s3m&phone_brand=Samsung&model=Galaxy%20M53&zone_id=506594&supply_id=&camp_id=&source=0&ua=&creative=&pathid=a3922286-1784-a768-a3df-38184cef8d5d&brand=av&lang=en&geo=us
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.106.248.15 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d020ac3d977a861b6448a41c38f3f793ebcec58216c349b32b3e91f33697306b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://41.got-shield.com/2105-security-wh-agr-addon-us/?to=2105-security-wh-agr-addon-us&campid=cc7ab3e7-3fa1-4f06-a5a3-24dfe5a1db7e&utm_source=TACO&landerid=76c246f4-9ab2-451e-871d-65de47a116e8&browser=Chrome%20Mobile&bv=Chrome%20Mobile%20114&lander=1305-intermediary-lander&pccid=dqn6lotdje4ns8hpikio7s3m&phone_brand=Samsung&model=Galaxy%20M53&zone_id=506594&supply_id=&camp_id=&source=0&ua=&creative=&pathid=a3922286-1784-a768-a3df-38184cef8d5d&brand=av&lang=en&geo=us
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Sun, 18 Jun 2023 08:42:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Jun 2023 12:30:07 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"648c55cf-16e2"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
optimize.js
www.googleoptimize.com/ 		120 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-5J37CKF
Requested by
Host: 41.got-shield.com
URL: https://41.got-shield.com/2105-security-wh-agr-addon-us/?to=2105-security-wh-agr-addon-us&campid=cc7ab3e7-3fa1-4f06-a5a3-24dfe5a1db7e&utm_source=TACO&landerid=76c246f4-9ab2-451e-871d-65de47a116e8&browser=Chrome%20Mobile&bv=Chrome%20Mobile%20114&lander=1305-intermediary-lander&pccid=dqn6lotdje4ns8hpikio7s3m&phone_brand=Samsung&model=Galaxy%20M53&zone_id=506594&supply_id=&camp_id=&source=0&ua=&creative=&pathid=a3922286-1784-a768-a3df-38184cef8d5d&brand=av&lang=en&geo=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b425d6e85ae95dc58b4915fa753b3827a5d4e2001766a1d26c9f28c1475f0a06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://41.got-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 08:42:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47718
x-xss-protection
0
last-modified
Sun, 18 Jun 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 18 Jun 2023 08:42:30 GMT
515a30e8c5c604bc8d9488ae2b04ffc0.png
d3rlh0lneatqqc.cloudfront.net/sqp-assets/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/sqp-assets/515a30e8c5c604bc8d9488ae2b04ffc0.png
Requested by
Host: 41.got-shield.com
URL: https://41.got-shield.com/2105-security-wh-agr-addon-us/?to=2105-security-wh-agr-addon-us&campid=cc7ab3e7-3fa1-4f06-a5a3-24dfe5a1db7e&utm_source=TACO&landerid=76c246f4-9ab2-451e-871d-65de47a116e8&browser=Chrome%20Mobile&bv=Chrome%20Mobile%20114&lander=1305-intermediary-lander&pccid=dqn6lotdje4ns8hpikio7s3m&phone_brand=Samsung&model=Galaxy%20M53&zone_id=506594&supply_id=&camp_id=&source=0&ua=&creative=&pathid=a3922286-1784-a768-a3df-38184cef8d5d&brand=av&lang=en&geo=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:200:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9835cc2dfeee1f6854d99528f83612f758582172f2974473919c3735f9f7cab7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://41.got-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 10:08:03 GMT
x-amz-version-id
UWuOuQqH.zuq897xiZ0PC_ZBGr.3kQFR
via
1.1 fdeb2756d6789b370622d82fde82a532.cloudfront.net (CloudFront)
last-modified
Tue, 22 Mar 2022 08:00:57 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
10190068
etag
"2893423c3ee3c646d9221e0de94b2938"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
4384
x-amz-cf-id
jZXpMYyNWn5UkM8zXhPpP0Z_ZI_CvzwATOkhhVPSHi5yJCog0BMMbw==
6ac40f2b61bf8852327fbe3a1519ad30.png
d3rlh0lneatqqc.cloudfront.net/sqp-assets/ 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/sqp-assets/6ac40f2b61bf8852327fbe3a1519ad30.png
Requested by
Host: 41.got-shield.com
URL: https://41.got-shield.com/2105-security-wh-agr-addon-us/?to=2105-security-wh-agr-addon-us&campid=cc7ab3e7-3fa1-4f06-a5a3-24dfe5a1db7e&utm_source=TACO&landerid=76c246f4-9ab2-451e-871d-65de47a116e8&browser=Chrome%20Mobile&bv=Chrome%20Mobile%20114&lander=1305-intermediary-lander&pccid=dqn6lotdje4ns8hpikio7s3m&phone_brand=Samsung&model=Galaxy%20M53&zone_id=506594&supply_id=&camp_id=&source=0&ua=&creative=&pathid=a3922286-1784-a768-a3df-38184cef8d5d&brand=av&lang=en&geo=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:200:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19741b5ab90a719d60d1fc47c9bf451c92b86bbdf229cfc168db00c698db088e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://41.got-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 13:55:29 GMT
x-amz-version-id
Uom0P34sFLwgJvg8fEp0eGqJcRByFKZK
via
1.1 fdeb2756d6789b370622d82fde82a532.cloudfront.net (CloudFront)
last-modified
Tue, 22 Mar 2022 08:00:58 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
9658022
etag
"5927e7994083587c825ef06811b7b079"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
105738
x-amz-cf-id
v2oPA2_3nOO9tTRYQpWCpwdwfkLIzQJzRNAt8bD9I2j0CGvdFPP1_g==
4cd2be28a6b9623aa424ef9a3c818b87.jpg
d3rlh0lneatqqc.cloudfront.net/sqp-assets/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/sqp-assets/4cd2be28a6b9623aa424ef9a3c818b87.jpg
Requested by
Host: 41.got-shield.com
URL: https://41.got-shield.com/2105-security-wh-agr-addon-us/?to=2105-security-wh-agr-addon-us&campid=cc7ab3e7-3fa1-4f06-a5a3-24dfe5a1db7e&utm_source=TACO&landerid=76c246f4-9ab2-451e-871d-65de47a116e8&browser=Chrome%20Mobile&bv=Chrome%20Mobile%20114&lander=1305-intermediary-lander&pccid=dqn6lotdje4ns8hpikio7s3m&phone_brand=Samsung&model=Galaxy%20M53&zone_id=506594&supply_id=&camp_id=&source=0&ua=&creative=&pathid=a3922286-1784-a768-a3df-38184cef8d5d&brand=av&lang=en&geo=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:200:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4897467a0fc479f0a76d3deff636e4f1be950675a34a0e174c7ae5394c6003b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://41.got-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 10:08:11 GMT
x-amz-version-id
sejeTLhKpHa31Qo8LgjxgvOmT.ZM2DWp
via
1.1 fdeb2756d6789b370622d82fde82a532.cloudfront.net (CloudFront)
last-modified
Wed, 12 Oct 2022 14:28:41 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
10190060
etag
"5b33738ff8ba53be5516dc18c120f3d8"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
18121
x-amz-cf-id
3RWNCJQTpDmCpYiP-cU8ZWQ8Xq-WF4SfMvi720bEPIAS0I_FRNCvSw==
8f17525e4de1e9787be112d5ab1932a2.png
d3rlh0lneatqqc.cloudfront.net/sqp-assets/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/sqp-assets/8f17525e4de1e9787be112d5ab1932a2.png
Requested by
Host: 41.got-shield.com
URL: https://41.got-shield.com/2105-security-wh-agr-addon-us/?to=2105-security-wh-agr-addon-us&campid=cc7ab3e7-3fa1-4f06-a5a3-24dfe5a1db7e&utm_source=TACO&landerid=76c246f4-9ab2-451e-871d-65de47a116e8&browser=Chrome%20Mobile&bv=Chrome%20Mobile%20114&lander=1305-intermediary-lander&pccid=dqn6lotdje4ns8hpikio7s3m&phone_brand=Samsung&model=Galaxy%20M53&zone_id=506594&supply_id=&camp_id=&source=0&ua=&creative=&pathid=a3922286-1784-a768-a3df-38184cef8d5d&brand=av&lang=en&geo=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:200:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0311d1eade5942fb9a6e39a4cdf6593b2090e38e55428564e759bf0367221eb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://41.got-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 19:37:21 GMT
x-amz-version-id
FunacVfB7JSNuE06l5iBOWtkrzGPATVv
via
1.1 fdeb2756d6789b370622d82fde82a532.cloudfront.net (CloudFront)
last-modified
Tue, 22 Mar 2022 08:00:58 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
10847111
etag
"e2e9e38d0ecef5e6260553a9aeea0399"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
28019
x-amz-cf-id
PYhHXZwi-SCQdaYep_uBd561w-VLVNnBb8bCiME27pyUn9V1p4muew==
3a85ad0fa6d51b5ccb857f0999f444ef.png
d3rlh0lneatqqc.cloudfront.net/sqp-assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/sqp-assets/3a85ad0fa6d51b5ccb857f0999f444ef.png
Requested by
Host: 41.got-shield.com
URL: https://41.got-shield.com/2105-security-wh-agr-addon-us/?to=2105-security-wh-agr-addon-us&campid=cc7ab3e7-3fa1-4f06-a5a3-24dfe5a1db7e&utm_source=TACO&landerid=76c246f4-9ab2-451e-871d-65de47a116e8&browser=Chrome%20Mobile&bv=Chrome%20Mobile%20114&lander=1305-intermediary-lander&pccid=dqn6lotdje4ns8hpikio7s3m&phone_brand=Samsung&model=Galaxy%20M53&zone_id=506594&supply_id=&camp_id=&source=0&ua=&creative=&pathid=a3922286-1784-a768-a3df-38184cef8d5d&brand=av&lang=en&geo=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:200:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e9c0ae84aa36aca6505dc8d695ddfc353d9f416ec195076546004b4abe91f2e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://41.got-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 10:08:19 GMT
x-amz-version-id
AThyNv.bSOZb4Sqll4587qbRA1Fax454
via
1.1 fdeb2756d6789b370622d82fde82a532.cloudfront.net (CloudFront)
last-modified
Fri, 07 Oct 2022 05:59:24 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
10190053
etag
"71f892f935a93fcf2366d5b4715401d7"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1909
x-amz-cf-id
itldeCxteDCKKQy6OUt0Rq5V1aLlpInb-diUupKUo_o2C95nOjrA0w==
f26fce57db97b329574046ad4f88fb80.png
d3rlh0lneatqqc.cloudfront.net/sqp-assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rlh0lneatqqc.cloudfront.net/sqp-assets/f26fce57db97b329574046ad4f88fb80.png
Requested by
Host: 41.got-shield.com
URL: https://41.got-shield.com/2105-security-wh-agr-addon-us/?to=2105-security-wh-agr-addon-us&campid=cc7ab3e7-3fa1-4f06-a5a3-24dfe5a1db7e&utm_source=TACO&landerid=76c246f4-9ab2-451e-871d-65de47a116e8&browser=Chrome%20Mobile&bv=Chrome%20Mobile%20114&lander=1305-intermediary-lander&pccid=dqn6lotdje4ns8hpikio7s3m&phone_brand=Samsung&model=Galaxy%20M53&zone_id=506594&supply_id=&camp_id=&source=0&ua=&creative=&pathid=a3922286-1784-a768-a3df-38184cef8d5d&brand=av&lang=en&geo=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:200:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11a74bb9326199dc28f7baeed6c13daa7dba01bf6b91b9b249e5dad4b5418bd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://41.got-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 10:08:28 GMT
x-amz-version-id
zGuU5tkyJFbeSuWjLFqnPA9.j4CgQeLg
via
1.1 fdeb2756d6789b370622d82fde82a532.cloudfront.net (CloudFront)
last-modified
Fri, 07 Oct 2022 06:00:11 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
10190044
etag
"af1a2d442f421e5dfaf79719055c7b23"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1780
x-amz-cf-id
I_i9ZnBJLZN6LGxy5VO3b_iEFUWpkyp4RUnCGgeZPvkDZymjEexnPg==
functions.min.js
d3rlh0lneatqqc.cloudfront.net/sqp-functions/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3rlh0lneatqqc.cloudfront.net/sqp-functions/functions.min.js
Requested by
Host: 41.got-shield.com
URL: https://41.got-shield.com/2105-security-wh-agr-addon-us/?to=2105-security-wh-agr-addon-us&campid=cc7ab3e7-3fa1-4f06-a5a3-24dfe5a1db7e&utm_source=TACO&landerid=76c246f4-9ab2-451e-871d-65de47a116e8&browser=Chrome%20Mobile&bv=Chrome%20Mobile%20114&lander=1305-intermediary-lander&pccid=dqn6lotdje4ns8hpikio7s3m&phone_brand=Samsung&model=Galaxy%20M53&zone_id=506594&supply_id=&camp_id=&source=0&ua=&creative=&pathid=a3922286-1784-a768-a3df-38184cef8d5d&brand=av&lang=en&geo=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:200:5:5907:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa6ed485b6a96523683e4ecab5bfbceea52df1afc800d155393bdcc708016516

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://41.got-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
W3wxNtil1K_.gei7yBSH7CdvUSKRcpSX
content-encoding
gzip
via
1.1 fdeb2756d6789b370622d82fde82a532.cloudfront.net (CloudFront)
date
Sun, 18 Jun 2023 06:23:25 GMT
last-modified
Mon, 06 Mar 2023 14:05:42 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
8564
x-amz-server-side-encryption
AES256
etag
W/"9e23dcb3dd560d4e2e1ba0fb484fcaf9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
G2yItxXR8pLG_enNCFHpeKXFJ7fes_pJPnx9aOfUVgRMnmdUkbjzIA==
bundle.min.js
browser.sentry-cdn.com/7.32.1/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/7.32.1/bundle.min.js
Requested by
Host: 41.got-shield.com
URL: https://41.got-shield.com/2105-security-wh-agr-addon-us/?to=2105-security-wh-agr-addon-us&campid=cc7ab3e7-3fa1-4f06-a5a3-24dfe5a1db7e&utm_source=TACO&landerid=76c246f4-9ab2-451e-871d-65de47a116e8&browser=Chrome%20Mobile&bv=Chrome%20Mobile%20114&lander=1305-intermediary-lander&pccid=dqn6lotdje4ns8hpikio7s3m&phone_brand=Samsung&model=Galaxy%20M53&zone_id=506594&supply_id=&camp_id=&source=0&ua=&creative=&pathid=a3922286-1784-a768-a3df-38184cef8d5d&brand=av&lang=en&geo=us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
4c1a9cd1c9ef770ac1b438c9a283b30465144c1e95a840b202b9ebc9de0aadbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://41.got-shield.com/
Origin
https://41.got-shield.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 08:42:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 23 Jan 2023 15:48:23 GMT
server
Fastly
age
1050999
etag
"f030d6f0f6b9fc7c702b724d7c4c8431"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
19225
expires
Wed, 05 Jun 2024 04:45:51 GMT
gtm.js
www.googletagmanager.com/ 		123 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KPTKLD9
Requested by
Host: 41.got-shield.com
URL: https://41.got-shield.com/2105-security-wh-agr-addon-us/?to=2105-security-wh-agr-addon-us&campid=cc7ab3e7-3fa1-4f06-a5a3-24dfe5a1db7e&utm_source=TACO&landerid=76c246f4-9ab2-451e-871d-65de47a116e8&browser=Chrome%20Mobile&bv=Chrome%20Mobile%20114&lander=1305-intermediary-lander&pccid=dqn6lotdje4ns8hpikio7s3m&phone_brand=Samsung&model=Galaxy%20M53&zone_id=506594&supply_id=&camp_id=&source=0&ua=&creative=&pathid=a3922286-1784-a768-a3df-38184cef8d5d&brand=av&lang=en&geo=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a54f845558f35c42ab0f7dfe1957668280e639ebb610ead650b384bfbe63c1ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://41.got-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 08:42:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48216
x-xss-protection
0
last-modified
Sun, 18 Jun 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 18 Jun 2023 08:42:31 GMT
js
www.googletagmanager.com/gtag/ 		256 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LPE55SF63K&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KPTKLD9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
93aa60f251a04be934e647858d43895dea883f469b4d9d48c784267255dbee45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://41.got-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 08:42:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89117
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 18 Jun 2023 08:42:31 GMT
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-LPE55SF63K&gtm=45je36e0&_p=1099750246&_gaz=1&cid=1099371288.1687077751&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687077751&sct=1&seg=0&dl=https%3A%2F%2F41.got-shield.com%2F2105-security-wh-agr-addon-us%2F%3Fto%3D2105-security-wh-agr-addon-us%26campid%3Dcc7ab3e7-3fa1-4f06-a5a3-24dfe5a1db7e%26utm_source%3DTACO%26landerid%3D76c246f4-9ab2-451e-871d-65de47a116e8%26browser%3DChrome%2520Mobile%26bv%3DChrome%2520Mobile%2520114%26lander%3D1305-intermediary-lander%26pccid%3Ddqn6lotdje4ns8hpikio7s3m%26phone_brand%3DSamsung%26model%3DGalaxy%2520M53%26zone_id%3D506594%26supply_id%3D%26camp_id%3D%26source%3D0%26ua%3D%26creative%3D%26pathid%3Da3922286-1784-a768-a3df-38184cef8d5d%26brand%3Dav%26lang%3Den%26geo%3Dus&dt=Android%20-%20Incredible%20New%20App%20-%20INTL%20-%20IW2022%20-%20Your%20Lifestyle&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LPE55SF63K&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://41.got-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 08:42:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://41.got-shield.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LPE55SF63K&cid=1099371288.1687077751&gtm=45je36e0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LPE55SF63K&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://41.got-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 08:42:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://41.got-shield.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LPE55SF63K&cid=1099371288.1687077751&gtm=45je36e0&aip=1&z=991757430
Requested by
Host: 41.got-shield.com
URL: https://41.got-shield.com/2105-security-wh-agr-addon-us/?to=2105-security-wh-agr-addon-us&campid=cc7ab3e7-3fa1-4f06-a5a3-24dfe5a1db7e&utm_source=TACO&landerid=76c246f4-9ab2-451e-871d-65de47a116e8&browser=Chrome%20Mobile&bv=Chrome%20Mobile%20114&lander=1305-intermediary-lander&pccid=dqn6lotdje4ns8hpikio7s3m&phone_brand=Samsung&model=Galaxy%20M53&zone_id=506594&supply_id=&camp_id=&source=0&ua=&creative=&pathid=a3922286-1784-a768-a3df-38184cef8d5d&brand=av&lang=en&geo=us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://41.got-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 08:42:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| getURLParameter function| getLocationURL function| handleFunctionsError object| dataLayer object| domains function| arrayFromRange function| isolateUsedSubDomains function| getRandomArayItem function| getCurrentLanderName function| getLanderVisitsCounter function| increaseLanderVisitCounter function| getDefaultCookieParams function| redirectToDomainRedirectEndpoint function| redirectToDomainRoot function| redirectToURLWithQS function| redirectToSubdomainWithQS function| getNextURLWithQS function| parseCookieObject function| markDomainAsUsed function| getRootDomainHost function| getSubdomain function| getCookie function| mobileRedirect function| desktopRedirect function| setCookie function| getAndroidVersion function| displayEntryPopup function| getTrackingDomain function| redirectTo function| getRandomDomainByGeo function| overwriteDefaultEventHandlers function| isNotificationBlocked function| getSEPURL object| callbackProvider object| ctaElementsMap function| showNBlockedPopup object| fullSet object| domainsRecord object| availableSubDomains number| currentLanderVisitsCounter string| landerName number| currentSubdomain number| nextSubdomain string| next string| rootDomain object| domainConf boolean| isLocalEnv object| serviceWorkerSupport function| getNotificationPermission function| sendSubscription function| arrayFromBase64 function| subscribeWithServiceWorker object| Sentry object| __SENTRY__ object| google_tag_manager object| google_tag_data object| google_optimize function| onYouTubeIframeAPIReady object| gaGlobal

2 Cookies

Domain/Path Name / Value
.got-shield.com/ Name: _ga_LPE55SF63K
Value: GS1.1.1687077751.1.0.1687077751.60.0.0
.got-shield.com/ Name: _ga
Value: GA1.1.1099371288.1687077751

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

41.got-shield.com
browser.sentry-cdn.com
d3rlh0lneatqqc.cloudfront.net
region1.analytics.google.com
stats.g.doubleclick.net
www.google.de
www.googleoptimize.com
www.googletagmanager.com
2001:4860:4802:34::36
23.106.248.15
2600:9000:237d:200:5:5907:a500:21
2a00:1450:4001:806::200e
2a00:1450:4001:828::2008
2a00:1450:4001:830::2003
2a00:1450:400c:c03::9b
2a04:4e42::729
0311d1eade5942fb9a6e39a4cdf6593b2090e38e55428564e759bf0367221eb4
11a74bb9326199dc28f7baeed6c13daa7dba01bf6b91b9b249e5dad4b5418bd5
19741b5ab90a719d60d1fc47c9bf451c92b86bbdf229cfc168db00c698db088e
4c1a9cd1c9ef770ac1b438c9a283b30465144c1e95a840b202b9ebc9de0aadbd
62e9ef80fab4519c5342185acbf6cbe8cd0fb69cfe3d6be39b1b599121b44187
93aa60f251a04be934e647858d43895dea883f469b4d9d48c784267255dbee45
9835cc2dfeee1f6854d99528f83612f758582172f2974473919c3735f9f7cab7
a54f845558f35c42ab0f7dfe1957668280e639ebb610ead650b384bfbe63c1ac
aa6ed485b6a96523683e4ecab5bfbceea52df1afc800d155393bdcc708016516
b425d6e85ae95dc58b4915fa753b3827a5d4e2001766a1d26c9f28c1475f0a06
d020ac3d977a861b6448a41c38f3f793ebcec58216c349b32b3e91f33697306b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4897467a0fc479f0a76d3deff636e4f1be950675a34a0e174c7ae5394c6003b
e9c0ae84aa36aca6505dc8d695ddfc353d9f416ec195076546004b4abe91f2e7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629