cdn.takeprizenow.me Open in urlscan Pro
2606:4700:3036::ac43:aeb4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://groupme.takeprizenow.tk/95FnE?winner=81353556
Effective URL:
https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-us...
Submission Tags: falconsandbox
Submission: On May 27 via api (May 27th 2021, 6:07:03 pm UTC) from US

Summary HTTP 10 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3036::ac43:aeb4, located in United States and belongs to CLOUDFLARENET, US. The main domain is cdn.takeprizenow.me.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 5th 2021. Valid for: a year.

This is the only time cdn.takeprizenow.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	45.88.3.215 45.88.3.215	200313 (INTERNET-IT) (INTERNET-IT)
6	2606:4700:303... 2606:4700:3036::ac43:aeb4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:2404	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.243.119.183 54.243.119.183	14618 (AMAZON-AES) (AMAZON-AES)
10	4

4 45.88.3.215 (Seychelles) 2 redirects

ASN200313 (INTERNET-IT, SC)
PTR: admailer1.pr0ject.ptr1.ru

groupme.takeprizenow.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trk.adpblr.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trk.takeprizenow.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3036::ac43:aeb4 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.takeprizenow.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:2404 (United States)

ASN13335 (CLOUDFLARENET, US)

info.adpblr.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.243.119.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-119-183.compute-1.amazonaws.com

i.groupme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	takeprizenow.me cdn.takeprizenow.me trk.takeprizenow.me	65 KB
2	adpblr.cc 1 redirects trk.adpblr.cc info.adpblr.cc	1 KB
1	groupme.com i.groupme.com	351 KB
1	takeprizenow.tk 1 redirects groupme.takeprizenow.tk	300 B
10	4

	Domain	Requested by
6	cdn.takeprizenow.me	cdn.takeprizenow.me
2	trk.takeprizenow.me	cdn.takeprizenow.me
1	i.groupme.com	cdn.takeprizenow.me
1	info.adpblr.cc	cdn.takeprizenow.me
1	trk.adpblr.cc	1 redirects
1	groupme.takeprizenow.tk	1 redirects
10	6

This site contains links to these domains. Also see Links.

Domain
trk.takeprize.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-05` - `2022-05-04`	a year	crt.sh
trk.takeprizenow.me R3	`2021-05-06` - `2021-08-04`	3 months	crt.sh
*.groupme.com Microsoft RSA TLS CA 01	`2020-10-20` - `2021-10-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9
Frame ID: 5F0E0E95B712CB98C2BC2D5F49F49E7A
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://groupme.takeprizenow.tk/95FnE?winner=81353556 HTTP 302
https://trk.adpblr.cc/click.php?key=suspa01x0macmqu8faab&sub=groupme&domain=takeprizenow.tk&user_i... HTTP 302
https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

10
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

6
Subdomains

4
IPs

2
Countries

418 kB
Transfer

423 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://trk.takeprize.me/click.php?event4=1
Title: Lets go

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://groupme.takeprizenow.tk/95FnE?winner=81353556 HTTP 302
https://trk.adpblr.cc/click.php?key=suspa01x0macmqu8faab&sub=groupme&domain=takeprizenow.tk&user_id=81353556&task_id=95FnE HTTP 302
https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/
Redirect Chain

http://groupme.takeprizenow.tk/95FnE?winner=81353556
https://trk.adpblr.cc/click.php?key=suspa01x0macmqu8faab&sub=groupme&domain=takeprizenow.tk&user_id=81353556&task_id=95FnE
https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9

11 KB
4 KB

83ms
49ms

Document
text/html

2606:4700:3036::ac43:aeb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:aeb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efcc7d569508fd7f44aaa99c9e2f55325813390672866960ad6e3e062a9e904b

Request headers

:method: GET
:authority: cdn.takeprizenow.me
:scheme: https
:path: /gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 18:06:47 GMT
content-type: text/html
last-modified: Sat, 03 Apr 2021 21:43:02 GMT
cf-cache-status: DYNAMIC
cf-request-id: 0a509afad400004e86c2a7b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BC%2BrCBElaUFTEuokco35Xohd1lPWX4y1FuBKPjfmohZdV5UdIf2grvYYiWYFXpvX5WurZWoDs8ooLW1Y7u12Ghoy3BCVchpEa1GttIjTOMo%2BbkDbUxhyjK1zXtlFnBlyGgW28M2jtKJpzpZkvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 65612dd7b8884e86-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server: nginx/1.20.0
date: Thu, 27 May 2021 18:06:46 GMT
content-type: text/html; charset=UTF-8
location: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9
set-cookie: uclick=rn6jdz; expires=Fri, 28-May-2021 18:06:46 GMT; Max-Age=86400; path=/; secure; SameSite=none uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9; expires=Fri, 28-May-2021 18:06:46 GMT; Max-Age=86400; path=/; secure; SameSite=none
strict-transport-security: max-age=31536000

GET
H3-29 200 logo.png
cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/images/ 3 KB
4 KB 40ms
19ms Image
image/png 2606:4700:3036::ac43:aeb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/images/logo.png
Requested by: Host: cdn.takeprizenow.me
URL: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:aeb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4cedf0e26b0a43985524ee1828b078aaeeb52f4edd0e7a8a3e3481d5d388c01

Request headers

:path: /gm/en_ipad_gm-avatar-old/images/logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: cdn.takeprizenow.me
referer: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 18:06:47 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6514
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3371
cf-request-id: 0a509afb1d00004e6d88a65000000001
last-modified: Sat, 20 Mar 2021 16:37:08 GMT
server: cloudflare
etag: "605624b4-d2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dHCzk2P5GNcnuZ4IymsibryrrJbFVZszRBIbq5P8rznXPk2jQjZever2oHJOTw%2F93aQld2t7S9uk1b4tPEfayx%2BjAFkRtITthP53OPAQpywWMdsWRZDj1W0OVsdtjH8zu4lNVqjGIb7PPpZr4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65612dd828f24e6d-FRA

GET
H3-29 200 iPad.png
cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/images/ 36 KB
37 KB 34ms
14ms Image
image/png 2606:4700:3036::ac43:aeb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/images/iPad.png
Requested by: Host: cdn.takeprizenow.me
URL: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:aeb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b651e6ff5a596ddf5f0040f674d36e75edeeb2fc7184252794dc8ff9a05e2d7b

Request headers

:path: /gm/en_ipad_gm-avatar-old/images/iPad.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: cdn.takeprizenow.me
referer: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 18:06:47 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6514
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37261
cf-request-id: 0a509afb1d00004e6d520c3000000001
last-modified: Sat, 03 Apr 2021 21:37:54 GMT
server: cloudflare
etag: "6068e032-918d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=upbf7v5V7lT0lU6zryoEM6EbEp1AyGcd4R0MSTo4vC8jX3KX8nySyn9stqOGHJMW4L61X5nr1Tzi%2F%2FI14n%2BFlzhJQuvCXgt8yNhCnrcy9tZAubUZOqzPjm2nepKRthCrtVitDcydjfxZHI3vWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65612dd828ec4e6d-FRA

GET
H3-29 200 common.js Show response
cdn.takeprizenow.me/ 4 KB
2 KB 47ms
28ms Script
application/javascript 2606:4700:3036::ac43:aeb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.takeprizenow.me/common.js
Requested by: Host: cdn.takeprizenow.me
URL: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:aeb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6a9c84e02d5b5e58e5ab495f47b49080365ee122bebae0a8263491790561547

Request headers

:path: /common.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: cdn.takeprizenow.me
referer: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 18:06:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6514
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a509afb1d00004e6d428c7000000001
last-modified: Wed, 10 Mar 2021 17:16:30 GMT
server: cloudflare
etag: W/"6048feee-1055"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DQCJhIgA%2FDyVkLlugrdqocUmYWotqijyFXH7W%2FsLvZVG%2FER5W2tIZ9FLk3wXnWOubTu7kRyPowmIFUGfGr6ZMWKNHX2x9aNOU6KTkKwxwLaAzRCaKQIax4a9Zv3VdM25xY5H30YsQu%2BFU20yGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 65612dd828f04e6d-FRA

GET
H3-29 200 ODelI1aHBYDBqgeIAH2zlNV_2ngZ8dMf8fLgjYEouxg.woff2
cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/fonts/ 16 KB
16 KB 63ms
53ms Font
application/octet-stream 2606:4700:3036::ac43:aeb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/fonts/ODelI1aHBYDBqgeIAH2zlNV_2ngZ8dMf8fLgjYEouxg.woff2
Requested by: Host: cdn.takeprizenow.me
URL: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:aeb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2

Request headers

:path: /gm/en_ipad_gm-avatar-old/fonts/ODelI1aHBYDBqgeIAH2zlNV_2ngZ8dMf8fLgjYEouxg.woff2
pragma: no-cache
origin: https://cdn.takeprizenow.me
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: cdn.takeprizenow.me
referer: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://cdn.takeprizenow.me
Referer: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 18:06:47 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15908
cf-request-id: 0a509afb1e00004e6d4c32c000000001
last-modified: Sat, 20 Mar 2021 16:37:06 GMT
server: cloudflare
etag: "605624b2-3e24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=23Ylg8eoLnAosWNaOHJIgoIWOWf2vDiHZ1T3xFO282Yc0RER0dI7riivFtvylIvBDo8xFYNDVjfaAgnESLtcJFT5eiSWvdLDW3ghClUTG%2B0Vn3XA3Z4TWIX3f29wUEWIyxUlGG4RREj%2F42gfIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65612dd828e64e6d-FRA

GET
H2 200 click.php
trk.takeprizenow.me/ 0
144 B 138ms
50ms Image
text/html 45.88.3.215
INTERNET-IT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trk.takeprizenow.me/click.php?event1=1&event4=false&event3=1

Requested by

Host: cdn.takeprizenow.me
URL: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

45.88.3.215 , Seychelles, ASN200313 (INTERNET-IT, SC),

Reverse DNS

admailer1.pr0ject.ptr1.ru

Software

nginx/1.20.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://cdn.takeprizenow.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
server: nginx/1.20.0
date: Thu, 27 May 2021 18:06:47 GMT
content-type: text/html; charset=UTF-8

GET
H2 200 profile Show response
info.adpblr.cc/ 177 B
709 B 91ms
62ms XHR
application/json 2606:4700:3033::6815:2404
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.adpblr.cc/profile?uid=81353556&project=gm
Requested by: Host: cdn.takeprizenow.me
URL: https://cdn.takeprizenow.me/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2404 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51014b1b9c6b2a210c8610d6809fa32e0bf64562095411d03d2e0547f5b9949c

Request headers

Referer: https://cdn.takeprizenow.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 18:06:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vcMLXD2UlmQPSE6JrYLI3LUy6zJD0f4cIn6TOx8Rq1RnslBVErjOluwejmT%2BvRR3QK3VgifQQgDw3n3j1040WJ2c9N7hK6gGQf4oQeIfwNBA%2Fl4L6j5iOJ2A6sIl%2FpQDs0pthIwYkIk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 65612dd97fb60746-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a509afbec00000746918b2000000001

GET
H2 200 click.php
trk.takeprizenow.me/ 0
143 B 47ms
47ms Image
text/html 45.88.3.215
INTERNET-IT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trk.takeprizenow.me/click.php?event2=1

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

45.88.3.215 , Seychelles, ASN200313 (INTERNET-IT, SC),

Reverse DNS

admailer1.pr0ject.ptr1.ru

Software

nginx/1.20.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://cdn.takeprizenow.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
server: nginx/1.20.0
date: Thu, 27 May 2021 18:06:47 GMT
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK 623x693.jpeg.84101b2a2353427caa1cd3f547ee926b
i.groupme.com/ 351 KB
351 KB 1030ms
188ms Image
image/jpeg 54.243.119.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.groupme.com/623x693.jpeg.84101b2a2353427caa1cd3f547ee926b
Requested by: Host: cdn.takeprizenow.me
URL: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.119.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-119-183.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 690cb7623fc1e0fa30b856fc960d85327608a2f7b4d2ff7ef2fe6aa7aaea9f5b

Request headers

Referer: https://cdn.takeprizenow.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 18:06:49 GMT
Last-Modified: Wed, 08 Jan 2020 04:13:11 GMT
Server: AmazonS3
x-amz-request-id: MVHX04AVFC3FG549
ETag: "3206a5d534801b444e60cc3dfeb4b3be"
Content-Type: image/jpeg
x-amz-meta-user_id: 81353556
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 359460
x-amz-id-2: dcvPfmRJoF/Lhq7dGxw1oeItVcML4tTjQiursBJy1/UIUSnhsqWDBj3Pqk07q+6cbAA3F01J9dA=

GET
H3-29 200 avatar-default.png
cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/images/ 1 KB
2 KB 15ms
14ms Image
image/png 2606:4700:3036::ac43:aeb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/images/avatar-default.png
Requested by: Host: cdn.takeprizenow.me
URL: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:aeb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a4cd7ba2e7a0f785fe3746f2a66e59d9821d1fd6b4a005e6d8900cd4be14c8d

Request headers

:path: /gm/en_ipad_gm-avatar-old/images/avatar-default.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: cdn.takeprizenow.me
referer: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cdn.takeprizenow.me/gm/en_ipad_gm-avatar-old/?t5=81353556&uclick=rn6jdz&uclickhash=rn6jdz-rn6jdz-q5bl-0-vc6o-xsa3-usg6-ef09b9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 18:06:47 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6514
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1446
cf-request-id: 0a509afc2a00004e6d7b91d000000001
last-modified: Sat, 20 Mar 2021 16:37:08 GMT
server: cloudflare
etag: "605624b4-5a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QQC%2FpKTWFe6IclGgJrbO2OrrHGO6Gk%2BGEp7XJkwl4wZncjYUovYXIudskSXaLZ%2B5gkiiMfbU6MpsDz1e72eJI5VgtsQapxsGu2OOE3OmN%2By%2B%2FrNYPEToGUwqm%2FMtkTu8VgPKtc0qbSglQfDn0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65612dd9dd6f4e6d-FRA

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.takeprizenow.me/common.js(Line 56) Message: [EVENT] event1 1
console-api	log	URL: https://cdn.takeprizenow.me/common.js(Line 56) Message: [EVENT] event4 false
console-api	log	URL: https://cdn.takeprizenow.me/common.js(Line 56) Message: [EVENT] event3 1
console-api	log	URL: https://cdn.takeprizenow.me/common.js(Line 16) Message: track_link https://trk.takeprizenow.me/click.php
console-api	log	URL: https://cdn.takeprizenow.me/common.js(Line 56) Message: [EVENT] event2 1
console-api	log	URL: https://cdn.takeprizenow.me/common.js(Line 16) Message: track_link https://trk.takeprizenow.me/click.php
console-api	log	URL: https://cdn.takeprizenow.me/common.js(Line 122) Message: [REQUEST] //info.adpblr.cc/profile?uid=81353556&project=gm
console-api	log	URL: https://cdn.takeprizenow.me/common.js(Line 119) Message: [RESPONSE] {"response": {"uid": 81353556, "avatar_url": "https://i.groupme.com/623x693.jpeg.84101b2a2353427caa1cd3f547ee926b", "name": "chuck bates", "phone": "18016021937", "click": 163}}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.takeprizenow.me
groupme.takeprizenow.tk
i.groupme.com
info.adpblr.cc
trk.adpblr.cc
trk.takeprizenow.me
2606:4700:3033::6815:2404
2606:4700:3036::ac43:aeb4
45.88.3.215
54.243.119.183
4a4cd7ba2e7a0f785fe3746f2a66e59d9821d1fd6b4a005e6d8900cd4be14c8d
51014b1b9c6b2a210c8610d6809fa32e0bf64562095411d03d2e0547f5b9949c
690cb7623fc1e0fa30b856fc960d85327608a2f7b4d2ff7ef2fe6aa7aaea9f5b
b4cedf0e26b0a43985524ee1828b078aaeeb52f4edd0e7a8a3e3481d5d388c01
b651e6ff5a596ddf5f0040f674d36e75edeeb2fc7184252794dc8ff9a05e2d7b
b6a9c84e02d5b5e58e5ab495f47b49080365ee122bebae0a8263491790561547
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efcc7d569508fd7f44aaa99c9e2f55325813390672866960ad6e3e062a9e904b

cdn.takeprizenow.me Open in urlscan Pro 2606:4700:3036::ac43:aeb4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

50 %IPv6

4 Domains

6 Subdomains

4 IPs

2 Countries

418 kBTransfer

423 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

0 Cookies

8 Console Messages

Indicators

cdn.takeprizenow.me Open in urlscan Pro
2606:4700:3036::ac43:aeb4 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

6
Subdomains

4
IPs

2
Countries

418 kB
Transfer

423 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions