urlscan.io logo urlscan.io
SecurityTrails logo

adfoc.us Open in urlscan Pro
2606:4700:20::6819:ae0f  Public Scan

Go To Rescan Add Verdict Report
URL: http://adfoc.us/48924871953157
Submission: On July 19 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 18 HTTP transactions. The main IP is 2606:4700:20::6819:ae0f, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is adfoc.us.
This is the only time adfoc.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2606:4700:20:... 13335 (CLOUDFLAR...)
2 88.85.66.227 35415 (WEBZILLA)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.93.159.194 16509 (AMAZON-02)
2 188.72.202.187 35415 (WEBZILLA)
18 7
5    2606:4700:20::6819:ae0f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
adfoc.us
2    88.85.66.227 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: 88.85.66.227.webazilla.com
glerteeb.com
1    2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
2    2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    54.93.159.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-93-159-194.eu-central-1.compute.amazonaws.com
adrunnr.com
2    188.72.202.187 (Netherlands)

ASN35415 (WEBZILLA, NL)
pushwhy.com
Domain Requested by
5 adfoc.us adfoc.us
ajax.googleapis.com
2 pushwhy.com glerteeb.com
adfoc.us
2 www.google-analytics.com adfoc.us
2 glerteeb.com adfoc.us
glerteeb.com
1 adrunnr.com adfoc.us
1 ajax.googleapis.com adfoc.us
0 my.rtmark.net Failed glerteeb.com
0 cdn.adrunnr.com Failed adrunnr.com
0 maxbounty.com Failed adfoc.us
18 9

This site contains links to these domains. Also see Links.

Domain
youtu.be
Subject Issuer Validity Valid

1970-01-01 -
1970-01-01		 a few seconds crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
glerteeb.com
Let's Encrypt Authority X3		 2019-05-11 -
2019-08-09		 3 months crt.sh
*.pushwhy.com
Let's Encrypt Authority X3		 2019-06-02 -
2019-08-31		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://adfoc.us/48924871953157
Frame ID: 0B924C51EE7ABC6644108992A50D51B4
Requests: 17 HTTP requests in this frame

Frame: https://maxbounty.com/def.cfm?i=383086&o=15108&c=BE&d=D&z=0
Frame ID: A7BB299CABA128A3F787F0231B746922
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: D83EF8974D835416819D875D798A8370
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

18
Requests

28 %
HTTPS

50 %
IPv6

8
Domains

9
Subdomains

7
IPs

3
Countries

129 kB
Transfer

340 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 6
  • https://www.mb103.com/lnk.asp?o=15108&c=918277&a=383086&k=6841B6EA1A00461BAD133C5A0D1ED0B3&l=15938&s2=489248 HTTP 302
  • https://www.maxbounty.com/lnk.asp?o=15108&c=918277&a=383086&k=6841B6EA1A00461BAD133C5A0D1ED0B3&l=15938&s2=489248 HTTP 302
  • https://maxbounty.com/def.cfm?i=383086&o=15108&c=BE&d=D&z=0
Request Chain 9
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1075955994&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utmhid=353718448&utmr=-&utmp=%2F48924871953157&utmht=1563547500709&utmac=UA-22601934-1&utmcc=__utma%3D88833355.1810162325.1563547501.1563547501.1563547501.1%3B%2B__utmz%3D88833355.1563547501.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1479278173&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1075955994&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utmhid=353718448&utmr=-&utmp=%2F48924871953157&utmht=1563547500709&utmac=UA-22601934-1&utmcc=__utma%3D88833355.1810162325.1563547501.1563547501.1563547501.1%3B%2B__utmz%3D88833355.1563547501.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1479278173&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 48924871953157
adfoc.us/ 		57 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://adfoc.us/48924871953157
Protocol
HTTP/1.1
Server
2606:4700:20::6819:ae0f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f8d44b3a687897f824ab9965bdf5a888af066011824c2e802fe71c960d76199
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
adfoc.us
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 19 Jul 2019 14:45:00 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d5774960cda5720f330216b41c931aaf31563547500; expires=Sat, 18-Jul-20 14:45:00 GMT; path=/; domain=.adfoc.us; HttpOnly phpsessionname=6qgeb0me4hsi167cnf5372o8s7; expires=Sun, 18-Aug-2019 14:45:00 GMT; Max-Age=2592000; path=/; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
X-Frame-Options
SAMEORIGIN
Server
cloudflare
CF-RAY
4f8d7a06abadd6f5-FRA
Content-Encoding
gzip
ntfc.php
glerteeb.com/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://glerteeb.com/ntfc.php?p=2553388&tco=1
Requested by
Host: adfoc.us
URL: http://adfoc.us/48924871953157
Protocol
HTTP/1.1
Security
, ,
Server
88.85.66.227 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
88.85.66.227.webazilla.com
Software
nginx /
Resource Hash
95aa9121124e17c1ae14cd4ea47975ba3090ec9b1962b4dc509d495b56512343

Request headers

Referer
http://adfoc.us/48924871953157
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jul 2019 14:45:01 GMT
Content-Encoding
gzip
Content-Type
application/javascript; charset=utf-8
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Max-Age
86400
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Mon, 26 Jul 1997 05:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: adfoc.us
URL: http://adfoc.us/48924871953157
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://adfoc.us/48924871953157
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 09 Jul 2019 00:30:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
915266
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
33621
X-XSS-Protection
0
Expires
Wed, 08 Jul 2020 00:30:34 GMT
logo.png
adfoc.us/images/serve/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://adfoc.us/images/serve/logo.png
Requested by
Host: adfoc.us
URL: http://adfoc.us/48924871953157
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:20::6819:ae0f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d5655bda7e6d28855dbe5d87903b8ebe5355853f6c41af2f005372a7beb2306
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://adfoc.us/48924871953157
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 19 Jul 2019 14:45:00 GMT
Vary
Accept-Encoding
CF-Cache-Status
HIT
Last-Modified
Fri, 28 Jun 2019 09:44:45 GMT
Server
cloudflare
Age
654
ETag
"5d15e18d-32b3"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4f8d7a070ca8d6f5-FRA
Content-Length
12979
Expires
Fri, 19 Jul 2019 15:45:00 GMT
skip.png
adfoc.us/images/serve/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://adfoc.us/images/serve/skip.png
Requested by
Host: adfoc.us
URL: http://adfoc.us/48924871953157
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:20::6819:ae0f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaa547b4ac42a36038579437f33f2b14a25830e5572972eca3a47e36472c06bc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://adfoc.us/48924871953157
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 19 Jul 2019 14:45:00 GMT
Vary
Accept-Encoding
CF-Cache-Status
HIT
Last-Modified
Fri, 28 Jun 2019 09:44:45 GMT
Server
cloudflare
Age
642
ETag
"5d15e18d-d14"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4f8d7a074a35c303-FRA
Content-Length
3348
Expires
Fri, 19 Jul 2019 15:45:00 GMT
interstitial.js
adfoc.us/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://adfoc.us/js/interstitial.js
Requested by
Host: adfoc.us
URL: http://adfoc.us/48924871953157
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:20::6819:ae0f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3acef614cf1fbd2dbeeb9629104c768719d383fcddf17a946433c2ac03c6847f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://adfoc.us/48924871953157
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 19 Jul 2019 14:45:00 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
CF-Cache-Status
HIT
Last-Modified
Fri, 28 Jun 2019 09:44:43 GMT
Server
cloudflare
Age
665
ETag
W/"5d15e18b-1184"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
public, max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4f8d7a073d34d6f5-FRA
Expires
Fri, 19 Jul 2019 15:45:00 GMT
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: adfoc.us
URL: http://adfoc.us/48924871953157
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://adfoc.us/48924871953157
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 21:35:04 GMT
server
Golfe2
age
3984
date
Fri, 19 Jul 2019 13:38:36 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17168
expires
Fri, 19 Jul 2019 15:38:36 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
def.cfm
maxbounty.com/ Frame A7BB
Redirect Chain
  • https://www.mb103.com/lnk.asp?o=15108&c=918277&a=383086&k=6841B6EA1A00461BAD133C5A0D1ED0B3&l=15938&s2=489248
  • https://www.maxbounty.com/lnk.asp?o=15108&c=918277&a=383086&k=6841B6EA1A00461BAD133C5A0D1ED0B3&l=15938&s2=489248
  • https://maxbounty.com/def.cfm?i=383086&o=15108&c=BE&d=D&z=0
0
0
/
adrunnr.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://adrunnr.com/?placement=285281&async
Requested by
Host: adfoc.us
URL: http://adfoc.us/48924871953157
Protocol
HTTP/1.1
Security
, ,
Server
54.93.159.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-93-159-194.eu-central-1.compute.amazonaws.com
Software
Adrunnr /
Resource Hash
55dcb8d86b80b6051297f98ec37abfe5e85943e965a7df2560fe55e224f47ce7

Request headers

Referer
http://adfoc.us/48924871953157
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 19 Jul 2019 14:45:00 GMT
Server
Adrunnr
Connection
keep-alive
Content-Length
1874
Content-Type
application/javascript
credit
adfoc.us/serve/ 		0
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adfoc.us/serve/credit
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:20::6819:ae0f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
http://adfoc.us/48924871953157
Origin
http://adfoc.us
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 19 Jul 2019 14:45:00 GMT
Content-Encoding
gzip
Server
cloudflare
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4f8d7a075a70c303-FRA
Expires
Thu, 19 Nov 1981 08:52:00 GMT
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1075955994&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utm...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1075955994&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&ut...
35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1075955994&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utmhid=353718448&utmr=-&utmp=%2F48924871953157&utmht=1563547500709&utmac=UA-22601934-1&utmcc=__utma%3D88833355.1810162325.1563547501.1563547501.1563547501.1%3B%2B__utmz%3D88833355.1563547501.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1479278173&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: adfoc.us
URL: http://adfoc.us/48924871953157
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://adfoc.us/48924871953157
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jul 2019 14:45:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1075955994&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utmhid=353718448&utmr=-&utmp=%2F48924871953157&utmht=1563547500709&utmac=UA-22601934-1&utmcc=__utma%3D88833355.1810162325.1563547501.1563547501.1563547501.1%3B%2B__utmz%3D88833355.1563547501.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1479278173&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
adtools.min.js
cdn.adrunnr.com/js/ 		0
0
ntfc.php
glerteeb.com/ 		109 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://glerteeb.com/ntfc.php?p=2553388&r=ui&swver=3.1.90
Requested by
Host: glerteeb.com
URL: http://glerteeb.com/ntfc.php?p=2553388&tco=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
88.85.66.227 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
88.85.66.227.webazilla.com
Software
nginx /
Resource Hash
06bbe1e1c789d0d53c285566fbb65b029e61e7cf546ede919738481fa3cc19df

Request headers

Referer
http://adfoc.us/48924871953157
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 19 Jul 2019 14:45:05 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Max-Age
86400
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
event
pushwhy.com/ 		0
455 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushwhy.com/event
Requested by
Host: glerteeb.com
URL: https://glerteeb.com/ntfc.php?p=2553388&r=ui&swver=3.1.90
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.202.187 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
http://adfoc.us
Referer
http://adfoc.us/48924871953157
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Fri, 19 Jul 2019 14:44:59 GMT
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://adfoc.us
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
0
custom
glerteeb.com/ 		0
0
gid.js
my.rtmark.net/ 		0
0
event
pushwhy.com/ 		94 B
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushwhy.com/event
Requested by
Host: adfoc.us
URL: http://adfoc.us/48924871953157
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.202.187 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
4547b93844a74f750f1c1fcc190c58ba502efdcd97e58a9e9171cbcd2c271fb3
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://adfoc.us/48924871953157
Origin
http://adfoc.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
c43a6220a475fe413bf20c2e89092096
Date
Fri, 19 Jul 2019 14:45:07 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://adfoc.us
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
94
truncated
/ Frame D83E 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ad770f7303d5654daf4d143d7b1b3bb746700bc1333497c9744f4f03ce42b91

Request headers

Referer
http://adfoc.us/48924871953157
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
custom
glerteeb.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
maxbounty.com
URL
https://maxbounty.com/def.cfm?i=383086&o=15108&c=BE&d=D&z=0
Domain
cdn.adrunnr.com
URL
http://cdn.adrunnr.com/js/adtools.min.js
Domain
glerteeb.com
URL
https://glerteeb.com/custom
Domain
my.rtmark.net
URL
https://my.rtmark.net/gid.js?pub=0&userId=a9e115598f14f51a3ad9077d8f51ca77&zoneId=2553389&checkDuplicate=true
Domain
glerteeb.com
URL
https://glerteeb.com/custom

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| _0xbc13 object| zfgformats function| setImmediate function| clearImmediate function| _rzrqzmkg function| _mhysh undefined| $ function| jQuery object| _gaq string| ad_url string| ref_url string| payout_rate string| click_url boolean| preview number| count number| counter function| timer function| showClose function| $jQuery object| jQuery18209045715009785653 string| key object| _gat object| gaGlobal string| optionsAxXB324Fe string| laryAxXB324Fe boolean| zfgloadedpushopt object| _0x15dd function| _0x4f1a object| ntfcSDK function| zfgproxyhttp boolean| installOnFly boolean| zfgloadedpush boolean| zfgloadedpushcode object| onClickExcludes

0 Cookies

3 Console Messages

Source Level URL
Text
console-api warning URL: https://glerteeb.com/ntfc.php?p=2553388&r=ui&swver=3.1.90(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api warning URL: https://glerteeb.com/ntfc.php?p=2553388&r=ui&swver=3.1.90(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api log URL: https://glerteeb.com/ntfc.php?p=2553388&r=ui&swver=3.1.90(Line 1)
Message:
Error: TIMEOUT_ERROR

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN