www.adworkmedia.com - urlscan.io

Summary

This website contacted 2 IPs in 3 countries across 7 domains to perform 2 HTTP transactions. The main IP is 67.227.230.76, located in United States and belongs to LIQUIDWEB, US. The main domain is www.adworkmedia.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 16th 2021. Valid for: 3 months.

This is the only time www.adworkmedia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	147.135.183.33 147.135.183.33	16276 (OVH) (OVH)
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 1	2606:4700:303... 2606:4700:3032::ac43:9c99	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	67.227.230.76 67.227.230.76	32244 (LIQUIDWEB) (LIQUIDWEB)
1 1	52.72.49.79 52.72.49.79	14618 (AMAZON-AES) (AMAZON-AES)
1 1	5.199.174.186 5.199.174.186	16125 (CHERRYSER...) (CHERRYSERVERS1-AS)
1	157.52.151.124 157.52.151.124	46573 (LAYER-HOST) (LAYER-HOST)
2	2

2 147.135.183.33 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: kiwicross.com

www.kiwicross.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:9c99 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

megafiles.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.227.230.76 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host2.adworkmedia.com

www.adworkmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.49.79 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: visit.rebrand.ly

t.clkitgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.199.174.186 (Vilnius, Lithuania) 1 redirects

ASN16125 (CHERRYSERVERS1-AS, LT)

go.laterundi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.52.151.124 (United States)

ASN46573 (LAYER-HOST, US)

juk.linkapplied.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	kiwicross.com 2 redirects www.kiwicross.com	1 KB
1	linkapplied.com juk.linkapplied.com — Cisco Umbrella Rank: 264181	372 B
1	laterundi.com 1 redirects go.laterundi.com	286 B
1	clkitgo.com 1 redirects t.clkitgo.com	299 B
1	adworkmedia.com www.adworkmedia.com	1 KB
1	megafiles.xyz 1 redirects megafiles.xyz	911 B
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 4034	283 B
2	7

	Domain	Requested by
2	www.kiwicross.com	2 redirects
1	juk.linkapplied.com
1	go.laterundi.com	1 redirects
1	t.clkitgo.com	1 redirects
1	www.adworkmedia.com
1	megafiles.xyz	1 redirects
1	bit.ly	1 redirects
2	7

This site contains no links.

Subject Issuer	Validity	Valid
adworkmedia.com cPanel, Inc. Certification Authority	`2021-11-16` - `2022-02-14`	3 months	crt.sh
linkapplied.com R3	`2021-12-31` - `2022-03-31`	3 months	crt.sh

This page contains 1 frames:

Frame: https://juk.linkapplied.com/?kw=ts3219-international-general&s1=ts3219-international-general&s2=1644575375.309158-92451887-0-&s3=92799&fallback=15
Frame ID: 6E186FC143557CD51790650A46D6D1B9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.kiwicross.com/index.php/campaigns/na058b7hgnc8c/track-url/kp906gvemhdbd/07f6c3b955efb4a59f... HTTP 301
http://www.kiwicross.com/go/ffp2masken HTTP 307
https://bit.ly/3GarBrc HTTP 301
http://megafiles.xyz/r/22U/ HTTP 301
https://www.adworkmedia.com/go.php?camp=6990&pub=92799&sid2=7868&sid3=GTmonetizer&GTM=true Page URL

Page Statistics

2
Requests

100 %
HTTPS

14 %
IPv6

7
Domains

7
Subdomains

2
IPs

3
Countries

2 kB
Transfer

2 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.kiwicross.com/index.php/campaigns/na058b7hgnc8c/track-url/kp906gvemhdbd/07f6c3b955efb4a59f89c91ef0c1f58c487a840c HTTP 301
http://www.kiwicross.com/go/ffp2masken HTTP 307
https://bit.ly/3GarBrc HTTP 301
http://megafiles.xyz/r/22U/ HTTP 301
https://www.adworkmedia.com/go.php?camp=6990&pub=92799&sid2=7868&sid3=GTmonetizer&GTM=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://t.clkitgo.com/clk?thru=92799 HTTP 301
http://go.laterundi.com/ts3219-international-general?thru=92799 HTTP 302
https://juk.linkapplied.com/?kw=ts3219-international-general&s1=ts3219-international-general&s2=1644575375.309158-92451887-0-&s3=92799&fallback=15

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request go.php Show response www.adworkmedia.com/ Redirect Chain http://www.kiwicross.com/index.php/campaigns/na058b7hgnc8c/track-url/kp906gvemhdbd/07f6c3b955efb4a59f89c91ef0c1f58c487a840c http://www.kiwicross.com/go/ffp2masken https://bit.ly/3GarBrc http://megafiles.xyz/r/22U/ https://www.adworkmedia.com/go.php?camp=6990&pub=92799&sid2=7868&sid3=GTmonetizer&GTM=true	2 KB 1 KB	663ms 188ms	Document text/html	67.227.230.76 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://www.adworkmedia.com/go.php?camp=6990&pub=92799&sid2=7868&sid3=GTmonetizer&GTM=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.227.230.76 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS host2.adworkmedia.com Software nginx/1.16.0 / PHP/5.3.29 Resource Hash `c8058ae828fbbf8c1c483d5dadbc32e9b443c9f360de7a0de1659b954c44ca79` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Response headers Server nginx/1.16.0 Date Fri, 11 Feb 2022 10:29:34 GMT Content-Type text/html Content-Length 797 Connection keep-alive Keep-Alive timeout=2 X-Powered-By PHP/5.3.29 Access-Control-Allow-Origin * Expires Sat, 26 Jul 1997 05:00:00 GMT Cache-Control pre-check=0, post-check=0, max-age=0 Pragma no-cache Etag 44e4a1908a45bf2a27e7471d54eda3752058b81d Vary Accept-Encoding Content-Encoding gzip Redirect headers Date Fri, 11 Feb 2022 10:29:34 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/5.3.29 Expires Sat, 26 Jul 1997 05:00:00 GMT Cache-Control pre-check=0, post-check=0, max-age=0 Access-Control-Allow-Origin * Pragma no-cache Location https://www.adworkmedia.com/go.php?camp=6990&pub=92799&sid2=7868&sid3=GTmonetizer&GTM=true Vary Accept-Encoding CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1MviLqxIpFngj4YpNphimU5Fg00%2FgBDZ%2F8SfAk1%2FqEnaQDsBrMenjJqZ5vW%2Fx3yVPXlM0nMz%2BmSgZoCyxAXYoXfoNHVIoKcXqbcxoQwEjeNx3Z3YPkX44EDnKvYnM00c2Xsufj0oGuZvgK37"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6dbce59639caede7-CDG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	/ Show response juk.linkapplied.com/ Redirect Chain https://t.clkitgo.com/clk?thru=92799 http://go.laterundi.com/ts3219-international-general?thru=92799 https://juk.linkapplied.com/?kw=ts3219-international-general&s1=ts3219-international-general&s2=1644575375.309158-92451887-0-&s3=92799&fallback=15	0 372 B	1341ms 437ms	Document text/html	157.52.151.124 LAYER-HOST
General Check archive.org Show headers Download Go to Full URL https://juk.linkapplied.com/?kw=ts3219-international-general&s1=ts3219-international-general&s2=1644575375.309158-92451887-0-&s3=92799&fallback=15 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 157.52.151.124 , United States, ASN46573 (LAYER-HOST, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer https://www.adworkmedia.com/go.php?camp=6990&pub=92799&sid2=7868&sid3=GTmonetizer&GTM=true Response headers 0 X-Reason 1 UNAVAILABLE Date Fri, 11 Feb 2022 10:29:36 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Cache-Control no-cache, private Access-Control-Allow-Origin * X-Redir true Content-Encoding gzip Redirect headers Server nginx/1.14.2 Date Fri, 11 Feb 2022 10:29:35 GMT Transfer-Encoding chunked Connection close Location https://juk.linkapplied.com/?kw=ts3219-international-general&s1=ts3219-international-general&s2=1644575375.309158-92451887-0-&s3=92799&fallback=15

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.kiwicross.com/	1970-01-20 01:32:47	Name: prli_click_85 Value: ffp2masken
www.kiwicross.com/	1970-01-20 09:35:11	Name: prli_visitor Value: 62063a5fa8022
.bit.ly/	1970-01-20 05:08:47	Name: _bit Value: m1batx-bf5e2e7df0e5263fde-00I

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://juk.linkapplied.com/?kw=ts3219-international-general&s1=ts3219-international-general&s2=1644575375.309158-92451887-0-&s3=92799&fallback=15 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
go.laterundi.com
juk.linkapplied.com
megafiles.xyz
t.clkitgo.com
www.adworkmedia.com
www.kiwicross.com
147.135.183.33
157.52.151.124
2606:4700:3032::ac43:9c99
5.199.174.186
52.72.49.79
67.199.248.10
67.227.230.76
c8058ae828fbbf8c1c483d5dadbc32e9b443c9f360de7a0de1659b954c44ca79
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.adworkmedia.com Open in urlscan Pro 67.227.230.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

2 Requests

100 %HTTPS

14 %IPv6

7 Domains

7 Subdomains

2 IPs

3 Countries

2 kBTransfer

2 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

www.adworkmedia.com Open in urlscan Pro
67.227.230.76 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

100 %
HTTPS

14 %
IPv6

7
Domains

7
Subdomains

2
IPs

3
Countries

2 kB
Transfer

2 kB
Size

3
Cookies

2 HTTP transactions
0 data transactions