gooqlemgrteg.com Open in urlscan Pro
45.141.86.6  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.php Show response gooqlemgrteg.com/	223 B 401 B	196ms 63ms	Document text/html	45.141.86.6 MEDIALAND-AS
General Check archive.org Show headers Download Go to Full URL http://gooqlemgrteg.com/index.php Protocol HTTP/1.1 Server 45.141.86.6 , Russian Federation, ASN206728 (MEDIALAND-AS, RU), Reverse DNS Software nginx/1.16.1 / Resource Hash a48c48ac4b0fa743d3dc532200ba26bd0345dfa3c3bd4fcca5153b8688f2235b Request headers Host gooqlemgrteg.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers Server nginx/1.16.1 Date Fri, 22 Nov 2019 09:06:05 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Content-Encoding gzip
GET H2	200	display.js Show response cdn.ay.gy/js/	45 KB 16 KB	55ms 19ms	Script application/x-javascript	2606:4700:20::6818:42e Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdn.ay.gy/js/display.js Requested by Host: gooqlemgrteg.com URL: http://gooqlemgrteg.com/index.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6818:42e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash d2068988954553564035f2c78f1f764285b43ae875a2f1b6ab1f090bd4c979c8 Request headers Referer http://gooqlemgrteg.com/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Fri, 22 Nov 2019 09:06:05 GMT content-encoding br cf-cache-status HIT last-modified Sun, 02 Jun 2019 11:55:04 GMT server cloudflare age 211 etag W/"b205-5cf3b918-ac97a1d2586d80f4;gz" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript status 200 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 5399bed00c75599a-VIE expires Fri, 29 Nov 2019 09:02:34 GMT
GET H/1.1	200 OK	funcript1574413565477.php Show response adf.ly/	178 KB 63 KB	235ms 223ms	Script text/html	2606:4700:10::6814:13fe Cloudflare
General Check archive.org Show headers Download Go to Full URL http://adf.ly/funcript1574413565477.php?pub=22345503&v=N4iyANozSU0zhLU0TlU2wSsiIVG2xVplax2GUcgwRF2EVIjpaY2z8Xp0IEEzNXowcEmD9ItYZBSy8U3POBCy4YwhL1jEMI5sMVDGQduuOlTEcIg7Ug22FcmvYRXnJbppLNzWUYzNNhyC4IzwN4iSINsvIEnGVbksIljmoeyvM1jkMI06NITCUdwuMVy2wZihdJiXIZ6zMVinwIisYI2ysUiPONnWRYyNdJWiUOsiIMn3BbhfdBC3Ib60MtS2wcilaRGmFIzsaICyIb6OIJjiQO1iMMT3Mb4fYVzGNbjpNJD2gb1tYJmCQLwwNoWjUIwlZxjWdajiO9GWVbhiYwjCJMj6NI2CZalzOFDGkbymIJny0ez= Requested by Host: cdn.ay.gy URL: https://cdn.ay.gy/js/display.js Protocol HTTP/1.1 Server 2606:4700:10::6814:13fe , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.6.31 Resource Hash d1871b5fd47e764d752bfafd85f772d113d6cfe5d9cdcece9d710e7eb3dd6aaa Request headers Referer http://gooqlemgrteg.com/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers Pragma no-cache Date Fri, 22 Nov 2019 09:06:05 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC Server cloudflare X-Powered-By PHP/5.6.31 Vary Accept-Encoding P3P policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV" Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Transfer-Encoding chunked X-Turbo-Charged-By LiteSpeed Connection keep-alive CF-RAY 5399bed05aedcbc0-VIE Expires Thu, 19 Nov 1981 08:52:00 GMT

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate number| adfly_id number| popunder_frequency_delay boolean| adfly_google_compliant function| p4BB string| O6pp string| jmbdd function| sha1 function| FP undefined| $ undefined| jQuery boolean| z5wQ

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adf.ly
cdn.ay.gy
gooqlemgrteg.com
2606:4700:10::6814:13fe
2606:4700:20::6818:42e
45.141.86.6
a48c48ac4b0fa743d3dc532200ba26bd0345dfa3c3bd4fcca5153b8688f2235b
d1871b5fd47e764d752bfafd85f772d113d6cfe5d9cdcece9d710e7eb3dd6aaa
d2068988954553564035f2c78f1f764285b43ae875a2f1b6ab1f090bd4c979c8