ntmadz.com Open in urlscan Pro
2606:4700:3030::6815:1a35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e.url2share.co/n/23232?title=skyexsummer%20Videos%20-%20EroThots&description=
Effective URL:
https://ntmadz.com/WxNJNuChXSe8YkJXBkhdo6VyqFiU0WT28bQvLVfCSM0/?cid=cHj5h9gBhlIr&sid=100433744083-1851854982-0
Submission: On December 16 via manual (December 16th 2023, 5:10:03 pm UTC) from GU — Scanned from NL

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3030::6815:1a35, located in United States and belongs to CLOUDFLARENET, US. The main domain is ntmadz.com.
TLS certificate: Issued by GTS CA 1P5 on November 28th 2023. Valid for: 3 months.

This is the only time ntmadz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	3.125.239.17 3.125.239.17	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3030::6815:1a35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:7e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4809	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	5

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

e.url2share.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ocmtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

nessadexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.239.17 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-239-17.eu-central-1.compute.amazonaws.com

safe-surfers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:1a35 (United States)

ASN13335 (CLOUDFLARENET, US)

ntmadz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:7e4 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4809 (United States)

ASN13335 (CLOUDFLARENET, US)

t.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	ocmhood.com sdk.ocmhood.com — Cisco Umbrella Rank: 50150 t.ocmhood.com — Cisco Umbrella Rank: 11511	13 KB
2	ntmadz.com ntmadz.com	21 KB
2	nessadexchange.com 2 redirects nessadexchange.com — Cisco Umbrella Rank: 104085	1 KB
1	ocmtag.com cdn.ocmtag.com — Cisco Umbrella Rank: 52663	766 B
1	safe-surfers.com 1 redirects safe-surfers.com	2 KB
1	url2share.co e.url2share.co	3 KB
7	6

	Domain	Requested by
2	t.ocmhood.com	sdk.ocmhood.com
2	ntmadz.com	e.url2share.co ntmadz.com
2	nessadexchange.com	2 redirects
1	cdn.ocmtag.com	sdk.ocmhood.com
1	sdk.ocmhood.com	ntmadz.com
1	safe-surfers.com	1 redirects
1	e.url2share.co
7	7

This site contains no links.

Subject Issuer	Validity	Valid
url2share.co GTS CA 1P5	`2023-11-29` - `2024-02-27`	3 months	crt.sh
ntmadz.com GTS CA 1P5	`2023-11-28` - `2024-02-26`	3 months	crt.sh
ocmhood.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-25` - `2024-01-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ntmadz.com/WxNJNuChXSe8YkJXBkhdo6VyqFiU0WT28bQvLVfCSM0/?cid=cHj5h9gBhlIr&sid=100433744083-1851854982-0
Frame ID: ACCF3B698FFB8A58E780DA3696EF9A4B
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Click Allow

Page URL History Show full URLs

https://e.url2share.co/n/23232?title=skyexsummer%20Videos%20-%20EroThots&description= Page URL
https://nessadexchange.com/jump/next.php?stamat=m%257C%252Ck4iY_YiNqB1dwP0dEdHP3xP.5b3%252C2t5FkDDYpjxJ... HTTP 302
https://nessadexchange.com/script/i.php?t=1&stamat=m%257C%252C%252CQ3KuIhKqoGU3B0-GH0dEdHP3xP.2e6%252Cu... HTTP 302
https://safe-surfers.com/click?trvid=10043&extid=170274659710000TNLTV62a00R1630R2R1c03RR26V115ce&cost... HTTP 302
https://ntmadz.com/WxNJNuChXSe8YkJXBkhdo6VyqFiU0WT28bQvLVfCSM0/?cid=cHj5h9gBhlIr&sid=1004337440... Page URL

Page Statistics

7
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

7
Subdomains

5
IPs

2
Countries

38 kB
Transfer

87 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e.url2share.co/n/23232?title=skyexsummer%20Videos%20-%20EroThots&description= Page URL
https://nessadexchange.com/jump/next.php?stamat=m%257C%252Ck4iY_YiNqB1dwP0dEdHP3xP.5b3%252C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAVTJr4zz3X83h_ySXnjChDL&cbpage=https://bitonclick.com/jump/next.php?r=7819766&cbur=0.8462875037572977&cbtitle=skyexsummer%20Videos%20-%20EroThots&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
https://nessadexchange.com/script/i.php?t=1&stamat=m%257C%252C%252CQ3KuIhKqoGU3B0-GH0dEdHP3xP.2e6%252Cu_QyLVCe1fxTTeXzCgMzXO4KoIV-GKIC8CWgIcOiBTzkVLehLSdBAYBOuUWrZr7A9FnwhViFMpX1e0FMbBr8rIy2YYbC7OngjwxXjZyGFWiFqdmy70OpHaLMltfuOY0AdsfuGgrymUPerAacTcAghehNzCaKcj39GAjx01mKKbfwSxgkQd17Y7QtdGH15tRwAoUJm9ph8tVNZM_AMYSuf2POZtFjriIwhtsWC9Ww077xulZhTUmAPMGl9F_63gEb2a6KdgEfJXWGju2uIk0kt0bC8-qmB9LYxAyWcyc9saVeoGJ5_TeYYnDskxx63TCw_t2MnX1hwl5k3MO_ZzlebtVITmqEPo8mL1SMa2HAdgX_Kkt_X52KmMMruy2-1jtV__tL1qv36ak68qcUKTvzLikvBDMZin1xL6ItNTvvDxrI5EcVROhhFBPZ_Rn-PuymKQX5n6gCXCMcKP67yErDG1f4X4Eo-r9eQEZ3rP0VPP1QpnAdHhVjnC05dVWIFMeq-4JbaQ33WoUL9UbhYrLF7XEYU-MG4d93Euy7VxL6Oc6OgaCN76_MTD9UAXQaCwB7jUnaGC797YNCgnqAPnZkcKWROJTX14O59ZU-ZW7ml2A%252C HTTP 302
https://safe-surfers.com/click?trvid=10043&extid=170274659710000TNLTV62a00R1630R2R1c03RR26V115ce&cost=&campid=375443220&zoneid=3744083-1851854982-0&lang=nl&banid=23747836&form=1000 HTTP 302
https://ntmadz.com/WxNJNuChXSe8YkJXBkhdo6VyqFiU0WT28bQvLVfCSM0/?cid=cHj5h9gBhlIr&sid=100433744083-1851854982-0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	23232 e.url2share.co/n/	8 KB 3 KB	289ms 204ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://e.url2share.co/n/23232?title=skyexsummer%20Videos%20-%20EroThots&description= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 83688976bc7b66ec-AMS content-encoding br content-type text/html; charset=utf-8 date Sat, 16 Dec 2023 17:09:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LDQdxg4%2FV7AZeR4R7cPOk8pWKNNty0cfnoL%2FrYlkmuvADZNSdg%2B8VtY%2FJebhNGz1Q6PjFSbzTZjMR1Z51xR7iiqJX%2BbvwoT7iJXOWxHE%2Fmr9J4jUuIeEy94BVeHugDIM2yNXoLGv1PXmPrC6%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by Express x-robots-tag noindex, nofollow, noarchive, nosnippet, noimageindex
GET H2	200	Primary Request / Show response ntmadz.com/WxNJNuChXSe8YkJXBkhdo6VyqFiU0WT28bQvLVfCSM0/ Redirect Chain https://nessadexchange.com/jump/next.php?stamat=m%257C%252Ck4iY_YiNqB1dwP0dEdHP3xP.5b3%252C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAVTJr4zz3X83h_ySXnjChDL&cbpage=https://bitonclick.com/jump/next.p... https://nessadexchange.com/script/i.php?t=1&stamat=m%257C%252C%252CQ3KuIhKqoGU3B0-GH0dEdHP3xP.2e6%252Cu_QyLVCe1fxTTeXzCgMzXO4KoIV-GKIC8CWgIcOiBTzkVLehLSdBAYBOuUWrZr7A9FnwhViFMpX1e0FMbBr8rIy2YYbC7On... https://safe-surfers.com/click?trvid=10043&extid=170274659710000TNLTV62a00R1630R2R1c03RR26V115ce&cost=&campid=375443220&zoneid=3744083-1851854982-0&lang=nl&banid=23747836&form=1000 https://ntmadz.com/WxNJNuChXSe8YkJXBkhdo6VyqFiU0WT28bQvLVfCSM0/?cid=cHj5h9gBhlIr&sid=100433744083-1851854982-0	37 KB 21 KB	294ms 208ms	Document text/html	2606:4700:3030::6815:1a35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ntmadz.com/WxNJNuChXSe8YkJXBkhdo6VyqFiU0WT28bQvLVfCSM0/?cid=cHj5h9gBhlIr&sid=100433744083-1851854982-0 Requested by Host: e.url2share.co URL: https://e.url2share.co/n/23232?title=skyexsummer%20Videos%20-%20EroThots&description= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1a35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b35dcdcf4f13e5863780f33a043b5ef0008b43e5787552c1d48a543bc799af1d` Request headers Referer https://e.url2share.co/n/23232?title=skyexsummer%20Videos%20-%20EroThots&description= Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8368897c6d300ea4-AMS content-encoding br content-type text/html date Sat, 16 Dec 2023 17:09:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wn%2BoY7doB%2BNT3oFSLfMAYAoxY4I8uhfuD0929AKeFtpYexSW7QThkR11DVuW5Sd6a58mOyhEIH%2FWZsx3w18uIOoFuT73pvdcvwmC6ZECaewNJuwrA53FNfKXZz9bjm9FeSXNyekB5JgZ"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 content-length 137 content-type text/html; charset=utf-8 date Sat, 16 Dec 2023 17:09:57 GMT expires Thu, 01 Jan 1970 00:00:00 UTC location https://ntmadz.com/WxNJNuChXSe8YkJXBkhdo6VyqFiU0WT28bQvLVfCSM0/?cid=cHj5h9gBhlIr&sid=100433744083-1851854982-0 pragma no-cache server nginx
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
GET H2	200	conf.json Show response ntmadz.com/hood/bnRtYWR6LmNvbQ==/	49 B 400 B	119ms 118ms	Fetch application/json	2606:4700:3030::6815:1a35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ntmadz.com/hood/bnRtYWR6LmNvbQ==/conf.json Requested by Host: ntmadz.com URL: https://ntmadz.com/WxNJNuChXSe8YkJXBkhdo6VyqFiU0WT28bQvLVfCSM0/?cid=cHj5h9gBhlIr&sid=100433744083-1851854982-0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:1a35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ed7e933805d725747b2df3c0afda967f2155204a3d6918cbb6078ce707182282` Request headers accept-language nl-NL,nl;q=0.9 Referer https://ntmadz.com/WxNJNuChXSe8YkJXBkhdo6VyqFiU0WT28bQvLVfCSM0/?cid=cHj5h9gBhlIr&sid=100433744083-1851854982-0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 17:09:58 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Tue, 28 Nov 2023 13:26:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6565ea7d-31" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMTY4OI1iWG50gdOuBILqRI3RcdqpVmqqjxtlGbrTVb5a5wf3mBQR2nda%2Fov8hKjIOJjNvnnXL1OGl3u%2FoQkFR0GX6p%2FvCD8C9AtsbA1eDgN9YV%2BlahudQrLOGEHhHdHowAxSYZZLEMy"}],"group":"cf-nel","max_age":604800} content-type application/json cf-ray 8368897e1fcb0ea4-AMS alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	9 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `260b073c6af7b2e361f1ba7f05d23007587adbdd79de704fc1999c9d64cd737e` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/jpeg
GET H2	200	ht.js Show response sdk.ocmhood.com/sdk/	30 KB 12 KB	119ms 37ms	Script application/javascript	2606:4700:20::681a:7e4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2D8YxNDY4MjE0Ns7i Requested by Host: ntmadz.com URL: https://ntmadz.com/WxNJNuChXSe8YkJXBkhdo6VyqFiU0WT28bQvLVfCSM0/?cid=cHj5h9gBhlIr&sid=100433744083-1851854982-0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7e4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `76826516b4d37ab488d0163d4d43fa6f56199dae748fdfbabcd447c78528464e` Request headers Referer https://ntmadz.com/ Origin https://ntmadz.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 17:09:58 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4772 alt-svc h3=":443"; ma=86400 service-worker-allowed / last-modified Thu, 07 Dec 2023 11:01:57 GMT server cloudflare etag W/"6571a625-2ef3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jg%2B%2FE9fObe6J%2F9ktKsr%2BIIb6XF78uPRNZr4CTy8XRUAuQzh2uMcNeqiFIuwMDz19KyeTXku2fuemdcZc1wwwRNs7ZvoyD0FmyZrEXt9LzEhkWl1tKZAH09Wl9XVW84DAoM5tFf4%2BBGt6yOegDg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cf-ray 8368897f689266b2-AMS
GET H2	200	NjY4ZwSkNAFfmDQ2D8YxNDY4MjE0Ns7i.js Show response cdn.ocmtag.com/tag/	279 B 766 B	121ms 32ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.ocmtag.com/tag/NjY4ZwSkNAFfmDQ2D8YxNDY4MjE0Ns7i.js Requested by Host: sdk.ocmhood.com URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2D8YxNDY4MjE0Ns7i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `afa69b83da1a5152093ee091c89a07db7acffcaec30ba1e772207bb476226aad` Request headers accept-language nl-NL,nl;q=0.9 Referer https://ntmadz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 16 Dec 2023 17:09:58 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6809 alt-svc h3=":443"; ma=86400 service-worker-allowed / last-modified Tue, 28 Nov 2023 12:22:01 GMT server cloudflare etag W/"6565db69-117" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3rX9FMt%2FREX%2BehgvcT%2BfC0%2BxYySvA0mD%2FikC%2B670EDItUEuSWbOhVqg3nfOnO7O%2BkZpmtW8G9SP8k0uTl%2F0Sn1jcqJXDIL8Jl9UKlX53uUjgGzbTr3IEzuZ7ipIcyXVuxZQvPYb7anAlridPw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cf-ray 8368898048a1b89d-AMS
POST H2	201	activity t.ocmhood.com/v2/	0 441 B	109ms 35ms	Ping application/octet-stream	2606:4700:20::ac43:4809 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.ocmhood.com/v2/activity Requested by Host: sdk.ocmhood.com URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2D8YxNDY4MjE0Ns7i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4809 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://ntmadz.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 16 Dec 2023 17:09:58 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuZ3Oq2mjX2Iu4mQJMjhqZZ%2BuWO9ckAmnQzC%2Bl%2BabYu4J5iFV42RKjgqqlehyHkOX40uMHwJfLpxIwihdgb6e5yZugHq%2FlBaZXxM3AyAeHSd7uEn56MXDXiCYbe%2Fkf%2FBR%2BXXkn5aSIzKWgE%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control no-cache cf-ray 83688980f89db90e-AMS alt-svc h3=":443"; ma=86400
POST H2	201	activity t.ocmhood.com/v2/	0 267 B	109ms 37ms	Ping application/octet-stream	2606:4700:20::ac43:4809 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.ocmhood.com/v2/activity Requested by Host: sdk.ocmhood.com URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2D8YxNDY4MjE0Ns7i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4809 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://ntmadz.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 16 Dec 2023 17:09:58 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4aUdPH06MIKDlZfy6s0JhdP1QuNjijIjH%2BOYcVBqm8nFZTIyHEETk4aGxcCtrlu16cgbmgzIF%2FvQ7dNUllky7wJKkyXRcXq5Q%2FtRZl1gbLptv%2FZmQuDdO52m1pkqePb3TjxovzZZo8OdjaY%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control no-cache cf-ray 83688980f89ab90e-AMS alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
safe-surfers.com/	1970-01-20 17:42:18	Name: ClickDataNG Value: H4sIAAAAAAAA_5RUTY_bNhD9K8KcEkArU5-2FRjBroN2k3iN1vbaKdALTY4t1hSpkpSz3iT_vaCk3RpoL7mRb4aaNzPv6Ruc0VihFZQQRyQiEIK7NAglCcG2-83LmWl1RuOQQ3mg0mIITAp2-sihBHb_V15Nj3eV_GggBE4dQhmPSTLOinw6DoHRuqHiqHx2TEiWhiDs_LdbKJ1pMQSjHXVC9_FpCKaV6M8kBINcGGTuAV2lOZRJCFa3hnXxJARJFRfqOGQPt0cjoQQIQR8OaPqqSRHC3lDFqiG3i_WZlXONLUcj5WrKnyOm69Huaflp2c6rL2uc_HH69OXuVHFdbC9__yIeyW6TTPa_nxfbw3z9QEbvmeCz6yH82RKSFFbwWddtOs4yMklv4kkeT_JsOklu_JyZtm7o8Yyq7efc0ItuPRwVA8V5awwqdoESHtcfIITWiCvOlh7wxrbmgMZ2zLu9vHfm_FK-Z4NPzgOvW4kJIWSzXGy2RUIJWcVFSlbJKmYkXa2SYhvHOcP-qSc6G460bgSfpeM8y9IkIT36rBV26H_77BMkVceZkv1lT5XgsyQdZ-NJWvTYQZvas_VzEc0t5wathRLSOEpIFsU5ieIsvw4W_YZbi-b2iMpBCQ_6WUhJR3lEgjc7obj-aoPlJohJRN4FO6GK7F3wVGRvg9umkbjD_WfhRnk6jtIiePP5fvOwCAMpThj8iuyk3wbzyugaR3FCIhIVZDqNYjIN1vRAjRjegV_fAQ2ang_Hs2D4ahvtmxioeD3a7b92873ujf5qu7d9rdcv3Bmq-PUnHzRHeQ0saY39nfXlYK5No413n_dXAyWI9EOk0HVia5UzXkTLRcf52LNYLr5_X-vWVcG9lt4-Ple4yxBaaefQcFqDl6ZB5eZeXoO7jDgKtWiuIGeospT1ZrZQqlbKEFhrna6h_DZo3mfik0OjqOz-ID8pSwjhTLw6XmTogbgD_tdp5wRKUNKfUijhRXr-nnWbIAR-_PgnAAD__wACZCYMBQAA
safe-surfers.com/	1970-01-20 17:42:18	Name: ClickDataNgFall Value: H4sIAAAAAAAA_5RUTY_bNhD9K8KcEkArU5-2FRjBroN2k3iN1vbaKdALTY4t1hSpkpSz3iT_vaCk3RpoL7mRb4aaNzPv6Ruc0VihFZQQRyQiEIK7NAglCcG2-83LmWl1RuOQQ3mg0mIITAp2-sihBHb_V15Nj3eV_GggBE4dQhmPSTLOinw6DoHRuqHiqHx2TEiWhiDs_LdbKJ1pMQSjHXVC9_FpCKaV6M8kBINcGGTuAV2lOZRJCFa3hnXxJARJFRfqOGQPt0cjoQQIQR8OaPqqSRHC3lDFqiG3i_WZlXONLUcj5WrKnyOm69Huaflp2c6rL2uc_HH69OXuVHFdbC9__yIeyW6TTPa_nxfbw3z9QEbvmeCz6yH82RKSFFbwWddtOs4yMklv4kkeT_JsOklu_JyZtm7o8Yyq7efc0ItuPRwVA8V5awwqdoESHtcfIITWiCvOlh7wxrbmgMZ2zLu9vHfm_FK-Z4NPzgOvW4kJIWSzXGy2RUIJWcVFSlbJKmYkXa2SYhvHOcP-qSc6G460bgSfpeM8y9IkIT36rBV26H_77BMkVceZkv1lT5XgsyQdZ-NJWvTYQZvas_VzEc0t5wathRLSOEpIFsU5ieIsvw4W_YZbi-b2iMpBCQ_6WUhJR3lEgjc7obj-aoPlJohJRN4FO6GK7F3wVGRvg9umkbjD_WfhRnk6jtIiePP5fvOwCAMpThj8iuyk3wbzyugaR3FCIhIVZDqNYjIN1vRAjRjegV_fAQ2ang_Hs2D4ahvtmxioeD3a7b92873ujf5qu7d9rdcv3Bmq-PUnHzRHeQ0saY39nfXlYK5No413n_dXAyWI9EOk0HVia5UzXkTLRcf52LNYLr5_X-vWVcG9lt4-Ple4yxBaaefQcFqDl6ZB5eZeXoO7jDgKtWiuIGeospT1ZrZQqlbKEFhrna6h_DZo3mfik0OjqOz-ID8pSwjhTLw6XmTogbgD_tdp5wRKUNKfUijhRXr-nnWbIAR-_PgnAAD__wACZCYMBQAA
ntmadz.com/	1969-12-31 23:59:59	Name: session Value: d3PIdvPcZ63I6y0JoZRsUkLYL2SkiMVk
.ntmadz.com/	1970-01-21 01:44:42	Name: _ht_v Value: 1702746598.4312877689
.ntmadz.com/	1970-01-20 16:59:08	Name: _ht_s Value: 1702746598.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ocmtag.com
e.url2share.co
nessadexchange.com
ntmadz.com
safe-surfers.com
sdk.ocmhood.com
t.ocmhood.com
2606:4700:20::681a:7e4
2606:4700:20::ac43:4809
2606:4700:3030::6815:1a35
2a06:98c1:3120::3
2a06:98c1:3121::3
3.125.239.17
260b073c6af7b2e361f1ba7f05d23007587adbdd79de704fc1999c9d64cd737e
76826516b4d37ab488d0163d4d43fa6f56199dae748fdfbabcd447c78528464e
afa69b83da1a5152093ee091c89a07db7acffcaec30ba1e772207bb476226aad
b35dcdcf4f13e5863780f33a043b5ef0008b43e5787552c1d48a543bc799af1d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed7e933805d725747b2df3c0afda967f2155204a3d6918cbb6078ce707182282
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

ntmadz.com Open in urlscan Pro 2606:4700:3030::6815:1a35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

7 Requests

100 %HTTPS

83 %IPv6

6 Domains

7 Subdomains

5 IPs

2 Countries

38 kBTransfer

87 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

5 Cookies

Indicators

ntmadz.com Open in urlscan Pro
2606:4700:3030::6815:1a35 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

7
Subdomains

5
IPs

2
Countries

38 kB
Transfer

87 kB
Size

5
Cookies

7 HTTP transactions
2 data transactions