methodology653.cf - urlscan.io

Summary

This website contacted 3 IPs in 5 countries across 6 domains to perform 4 HTTP transactions. The main IP is 2606:4700:3037::6815:19c9, located in United States and belongs to CLOUDFLARENET, US. The main domain is methodology653.cf.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 20th 2021. Valid for: a year.

This is the only time methodology653.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	45.158.37.146 45.158.37.146	29802 (HVC-AS) (HVC-AS)
1 2	78.46.81.228 78.46.81.228	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a0c:5c81:509... 2a0c:5c81:5097:0:225:90ff:fefa:fa53	55081 (24SHELLS) (24SHELLS)
1 1	2a02:b48:207:... 2a02:b48:207:1::6	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 4	2606:4700:303... 2606:4700:3037::6815:19c9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	3

2 45.158.37.146 (None, ) 1 redirects

ASN29802 (HVC-AS, US)
PTR: 45-158-37-146.static.hvvc.us

www.gamewear.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.81.228 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.228.81.46.78.clients.your-server.de

likeingclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lovedoubts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5097:0:225:90ff:fefa:fa53 (United Kingdom) 1 redirects

ASN55081 (24SHELLS, US)

abc38.feed-xml.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b48:207:1::6 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

tiodmw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::6815:19c9 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

methodology653.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	methodology653.cf 2 redirects methodology653.cf	3 KB
2	gamewear.xyz 1 redirects www.gamewear.xyz	5 KB
1	tiodmw.com 1 redirects tiodmw.com	121 B
1	feed-xml.com 1 redirects abc38.feed-xml.com	445 B
1	lovedoubts.com 1 redirects lovedoubts.com	618 B
1	likeingclick.com likeingclick.com	4 KB
4	6

	Domain	Requested by
4	methodology653.cf	2 redirects likeingclick.com methodology653.cf
2	www.gamewear.xyz	1 redirects
1	tiodmw.com	1 redirects
1	abc38.feed-xml.com	1 redirects
1	lovedoubts.com	1 redirects
1	likeingclick.com	www.gamewear.xyz
4	6

This site contains no links.

Subject Issuer	Validity	Valid
www.gamewear.xyz Gandi Standard SSL CA 2	`2020-08-06` - `2021-08-06`	a year	crt.sh
likeingclick.com Let's Encrypt Authority X3	`2020-11-27` - `2021-02-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-01-20` - `2022-01-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://methodology653.cf/JPfsdd-sdds0s0-2891.inf0b/thanks/
Frame ID: 80C3391CA16A6089128D0B0FC7D209B2
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.gamewear.xyz/adOk?a_cid=161120677448784&a_ppcId=18232&a_uid=2551&b_country=107&b_impid=16... HTTP 301
https://www.gamewear.xyz/adOk?a_cid=161120677448784&a_ppcId=18232&a_uid=2551&b_country=107&b_impid=16... Page URL
https://likeingclick.com/clicks.php?country=JP&subid=61_110_0&aff=61&adv=166&url=https%3A%2F%2Fabc38.... Page URL
https://lovedoubts.com/pop_clicks.php?&url=https%3A%2F%2Fabc38.feed-xml.com%2Ftracking%2Fpushclick%... HTTP 302
https://abc38.feed-xml.com/tracking/pushclick?adid=T1611206739U265BACC8DAD60AA2_417052_575026 HTTP 302
https://tiodmw.com/dsp/cu/clc?aid=15047524918436316126&t=1611206739&s=602770&sid=415 HTTP 302
https://methodology653.cf/JPfsdd-sdds0s0-2891.inf0b HTTP 301
http://methodology653.cf/JPfsdd-sdds0s0-2891.inf0b/ HTTP 301
https://methodology653.cf/JPfsdd-sdds0s0-2891.inf0b/ Page URL
https://methodology653.cf/JPfsdd-sdds0s0-2891.inf0b/thanks/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

4
Requests

100 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

3
IPs

5
Countries

10 kB
Transfer

23 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.gamewear.xyz/adOk?a_cid=161120677448784&a_ppcId=18232&a_uid=2551&b_country=107&b_impid=161120673990105&b_rkey=&b_sid=268278&ct=35&q=aHR0cHM6Ly9saWtlaW5nY2xpY2suY29tL2NsaWNrcy5waHA/Y291bnRyeT1KUCZzdWJpZD02MV8xMTBfMCZhZmY9NjEmYWR2PTE2NiZ1cmw9aHR0cHMlM0ElMkYlMkZhYmMzOC5mZWVkLXhtbC5jb20lMkZ0cmFja2luZyUyRnB1c2hjbGljayUzRmFkaWQlM0RUMTYxMTIwNjczOVUyNjVCQUNDOERBRDYwQUEyXzQxNzA1Ml81NzUwMjYmYmlkPTAuMDAwNDMxNTQ5OTk5OTk5OTk5OTUmYWR2X2JpZD0wLjAwMDY4NSZ0cmFuc2FjdGlvbklkPTd5NjF5MThlNjlmNjAtNWJhOS0xMWViLTg2MGItZGZlMTUxMjZkYjYxJmlwPTE1MC4yOS4xMjEuMTE5JnVhPU1vemlsbGElMkY1LjAlMjAoV2luZG93cyUyME5UJTIwMTAuMCUzQiUyMFdpbjY0JTNCJTIweDY0KSUyMEFwcGxlV2ViS2l0JTJGNTM3LjM2JTIwKEtIVE1MJTJDJTIwbGlrZSUyMEdlY2tvKSUyMENocm9tZSUyRjg3LjAuNDI4MC44OCUyMFNhZmFyaSUyRjUzNy4zNiUyMEVkZyUyRjg3LjAuNjY0LjY2Jmdyb3VwPTE4JnVzZXJhZ2U9JnJlZj1odHRwJTNBJTJGJTJGd3d3LmdhbWV3ZWFyLnh5eiZzdWJpZF9lbmM9NjFfMjU1MV8yNjgyNzg=&z_back=%20HTTP/1.1 HTTP 301
https://www.gamewear.xyz/adOk?a_cid=161120677448784&a_ppcId=18232&a_uid=2551&b_country=107&b_impid=161120673990105&b_rkey=&b_sid=268278&ct=35&q=aHR0cHM6Ly9saWtlaW5nY2xpY2suY29tL2NsaWNrcy5waHA/Y291bnRyeT1KUCZzdWJpZD02MV8xMTBfMCZhZmY9NjEmYWR2PTE2NiZ1cmw9aHR0cHMlM0ElMkYlMkZhYmMzOC5mZWVkLXhtbC5jb20lMkZ0cmFja2luZyUyRnB1c2hjbGljayUzRmFkaWQlM0RUMTYxMTIwNjczOVUyNjVCQUNDOERBRDYwQUEyXzQxNzA1Ml81NzUwMjYmYmlkPTAuMDAwNDMxNTQ5OTk5OTk5OTk5OTUmYWR2X2JpZD0wLjAwMDY4NSZ0cmFuc2FjdGlvbklkPTd5NjF5MThlNjlmNjAtNWJhOS0xMWViLTg2MGItZGZlMTUxMjZkYjYxJmlwPTE1MC4yOS4xMjEuMTE5JnVhPU1vemlsbGElMkY1LjAlMjAoV2luZG93cyUyME5UJTIwMTAuMCUzQiUyMFdpbjY0JTNCJTIweDY0KSUyMEFwcGxlV2ViS2l0JTJGNTM3LjM2JTIwKEtIVE1MJTJDJTIwbGlrZSUyMEdlY2tvKSUyMENocm9tZSUyRjg3LjAuNDI4MC44OCUyMFNhZmFyaSUyRjUzNy4zNiUyMEVkZyUyRjg3LjAuNjY0LjY2Jmdyb3VwPTE4JnVzZXJhZ2U9JnJlZj1odHRwJTNBJTJGJTJGd3d3LmdhbWV3ZWFyLnh5eiZzdWJpZF9lbmM9NjFfMjU1MV8yNjgyNzg=&z_back=%20HTTP/1.1 Page URL
https://likeingclick.com/clicks.php?country=JP&subid=61_110_0&aff=61&adv=166&url=https%3A%2F%2Fabc38.feed-xml.com%2Ftracking%2Fpushclick%3Fadid%3DT1611206739U265BACC8DAD60AA2_417052_575026&bid=0.00043154999999999995&adv_bid=0.000685&transactionId=7y61y18e69f60-5ba9-11eb-860b-dfe15126db61&ip=150.29.121.119&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F87.0.4280.88%20Safari%2F537.36%20Edg%2F87.0.664.66&group=18&userage=&ref=http%3A%2F%2Fwww.gamewear.xyz&subid_enc=61_2551_268278 Page URL
https://lovedoubts.com/pop_clicks.php?&url=https%3A%2F%2Fabc38.feed-xml.com%2Ftracking%2Fpushclick%3Fadid%3DT1611206739U265BACC8DAD60AA2_417052_575026&transactionId=7y61y18e69f60-5ba9-11eb-860b-dfe15126db61&ip=150.29.121.119&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/87.0.4280.88%20Safari/537.36%20Edg/87.0.664.66&aff=61&adv=166&bid=0.00043154999999999995&adv_bid=0.000685&subid=61_110_0&country=JP&userage=&group=18&subid_enc=61_2551_268278&ref=http://www.gamewear.xyz&timezone=Europe/Berlin&wind=false&heigth=undefined&width=undefined HTTP 302
https://abc38.feed-xml.com/tracking/pushclick?adid=T1611206739U265BACC8DAD60AA2_417052_575026 HTTP 302
https://tiodmw.com/dsp/cu/clc?aid=15047524918436316126&t=1611206739&s=602770&sid=415 HTTP 302
https://methodology653.cf/JPfsdd-sdds0s0-2891.inf0b HTTP 301
http://methodology653.cf/JPfsdd-sdds0s0-2891.inf0b/ HTTP 301
https://methodology653.cf/JPfsdd-sdds0s0-2891.inf0b/ Page URL
https://methodology653.cf/JPfsdd-sdds0s0-2891.inf0b/thanks/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.gamewear.xyz/adOk?a_cid=161120677448784&a_ppcId=18232&a_uid=2551&b_country=107&b_impid=161120673990105&b_rkey=&b_sid=268278&ct=35&q=aHR0cHM6Ly9saWtlaW5nY2xpY2suY29tL2NsaWNrcy5waHA/Y291bnRyeT1KUCZzdWJpZD02MV8xMTBfMCZhZmY9NjEmYWR2PTE2NiZ1cmw9aHR0cHMlM0ElMkYlMkZhYmMzOC5mZWVkLXhtbC5jb20lMkZ0cmFja2luZyUyRnB1c2hjbGljayUzRmFkaWQlM0RUMTYxMTIwNjczOVUyNjVCQUNDOERBRDYwQUEyXzQxNzA1Ml81NzUwMjYmYmlkPTAuMDAwNDMxNTQ5OTk5OTk5OTk5OTUmYWR2X2JpZD0wLjAwMDY4NSZ0cmFuc2FjdGlvbklkPTd5NjF5MThlNjlmNjAtNWJhOS0xMWViLTg2MGItZGZlMTUxMjZkYjYxJmlwPTE1MC4yOS4xMjEuMTE5JnVhPU1vemlsbGElMkY1LjAlMjAoV2luZG93cyUyME5UJTIwMTAuMCUzQiUyMFdpbjY0JTNCJTIweDY0KSUyMEFwcGxlV2ViS2l0JTJGNTM3LjM2JTIwKEtIVE1MJTJDJTIwbGlrZSUyMEdlY2tvKSUyMENocm9tZSUyRjg3LjAuNDI4MC44OCUyMFNhZmFyaSUyRjUzNy4zNiUyMEVkZyUyRjg3LjAuNjY0LjY2Jmdyb3VwPTE4JnVzZXJhZ2U9JnJlZj1odHRwJTNBJTJGJTJGd3d3LmdhbWV3ZWFyLnh5eiZzdWJpZF9lbmM9NjFfMjU1MV8yNjgyNzg=&z_back=%20HTTP/1.1 HTTP 301
https://www.gamewear.xyz/adOk?a_cid=161120677448784&a_ppcId=18232&a_uid=2551&b_country=107&b_impid=161120673990105&b_rkey=&b_sid=268278&ct=35&q=aHR0cHM6Ly9saWtlaW5nY2xpY2suY29tL2NsaWNrcy5waHA/Y291bnRyeT1KUCZzdWJpZD02MV8xMTBfMCZhZmY9NjEmYWR2PTE2NiZ1cmw9aHR0cHMlM0ElMkYlMkZhYmMzOC5mZWVkLXhtbC5jb20lMkZ0cmFja2luZyUyRnB1c2hjbGljayUzRmFkaWQlM0RUMTYxMTIwNjczOVUyNjVCQUNDOERBRDYwQUEyXzQxNzA1Ml81NzUwMjYmYmlkPTAuMDAwNDMxNTQ5OTk5OTk5OTk5OTUmYWR2X2JpZD0wLjAwMDY4NSZ0cmFuc2FjdGlvbklkPTd5NjF5MThlNjlmNjAtNWJhOS0xMWViLTg2MGItZGZlMTUxMjZkYjYxJmlwPTE1MC4yOS4xMjEuMTE5JnVhPU1vemlsbGElMkY1LjAlMjAoV2luZG93cyUyME5UJTIwMTAuMCUzQiUyMFdpbjY0JTNCJTIweDY0KSUyMEFwcGxlV2ViS2l0JTJGNTM3LjM2JTIwKEtIVE1MJTJDJTIwbGlrZSUyMEdlY2tvKSUyMENocm9tZSUyRjg3LjAuNDI4MC44OCUyMFNhZmFyaSUyRjUzNy4zNiUyMEVkZyUyRjg3LjAuNjY0LjY2Jmdyb3VwPTE4JnVzZXJhZ2U9JnJlZj1odHRwJTNBJTJGJTJGd3d3LmdhbWV3ZWFyLnh5eiZzdWJpZF9lbmM9NjFfMjU1MV8yNjgyNzg=&z_back=%20HTTP/1.1

Request Chain 2

https://lovedoubts.com/pop_clicks.php?&url=https%3A%2F%2Fabc38.feed-xml.com%2Ftracking%2Fpushclick%3Fadid%3DT1611206739U265BACC8DAD60AA2_417052_575026&transactionId=7y61y18e69f60-5ba9-11eb-860b-dfe15126db61&ip=150.29.121.119&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/87.0.4280.88%20Safari/537.36%20Edg/87.0.664.66&aff=61&adv=166&bid=0.00043154999999999995&adv_bid=0.000685&subid=61_110_0&country=JP&userage=&group=18&subid_enc=61_2551_268278&ref=http://www.gamewear.xyz&timezone=Europe/Berlin&wind=false&heigth=undefined&width=undefined HTTP 302
https://abc38.feed-xml.com/tracking/pushclick?adid=T1611206739U265BACC8DAD60AA2_417052_575026 HTTP 302
https://tiodmw.com/dsp/cu/clc?aid=15047524918436316126&t=1611206739&s=602770&sid=415 HTTP 302
https://methodology653.cf/JPfsdd-sdds0s0-2891.inf0b HTTP 301
http://methodology653.cf/JPfsdd-sdds0s0-2891.inf0b/ HTTP 301
https://methodology653.cf/JPfsdd-sdds0s0-2891.inf0b/

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	adOk Show response www.gamewear.xyz/ Redirect Chain http://www.gamewear.xyz/adOk?a_cid=161120677448784&a_ppcId=18232&a_uid=2551&b_country=107&b_impid=161120673990105&b_rkey=&b_sid=268278&ct=35&q=aHR0cHM6Ly9saWtlaW5nY2xpY2suY29tL2NsaWNrcy5waHA/Y291bn... https://www.gamewear.xyz/adOk?a_cid=161120677448784&a_ppcId=18232&a_uid=2551&b_country=107&b_impid=161120673990105&b_rkey=&b_sid=268278&ct=35&q=aHR0cHM6Ly9saWtlaW5nY2xpY2suY29tL2NsaWNrcy5waHA/Y291b...	17 KB 4 KB	56ms 14ms	Document text/html	45.158.37.146 HVC-AS
General Check archive.org Show headers Download Go to Full URL https://www.gamewear.xyz/adOk?a_cid=161120677448784&a_ppcId=18232&a_uid=2551&b_country=107&b_impid=161120673990105&b_rkey=&b_sid=268278&ct=35&q=aHR0cHM6Ly9saWtlaW5nY2xpY2suY29tL2NsaWNrcy5waHA/Y291bnRyeT1KUCZzdWJpZD02MV8xMTBfMCZhZmY9NjEmYWR2PTE2NiZ1cmw9aHR0cHMlM0ElMkYlMkZhYmMzOC5mZWVkLXhtbC5jb20lMkZ0cmFja2luZyUyRnB1c2hjbGljayUzRmFkaWQlM0RUMTYxMTIwNjczOVUyNjVCQUNDOERBRDYwQUEyXzQxNzA1Ml81NzUwMjYmYmlkPTAuMDAwNDMxNTQ5OTk5OTk5OTk5OTUmYWR2X2JpZD0wLjAwMDY4NSZ0cmFuc2FjdGlvbklkPTd5NjF5MThlNjlmNjAtNWJhOS0xMWViLTg2MGItZGZlMTUxMjZkYjYxJmlwPTE1MC4yOS4xMjEuMTE5JnVhPU1vemlsbGElMkY1LjAlMjAoV2luZG93cyUyME5UJTIwMTAuMCUzQiUyMFdpbjY0JTNCJTIweDY0KSUyMEFwcGxlV2ViS2l0JTJGNTM3LjM2JTIwKEtIVE1MJTJDJTIwbGlrZSUyMEdlY2tvKSUyMENocm9tZSUyRjg3LjAuNDI4MC44OCUyMFNhZmFyaSUyRjUzNy4zNiUyMEVkZyUyRjg3LjAuNjY0LjY2Jmdyb3VwPTE4JnVzZXJhZ2U9JnJlZj1odHRwJTNBJTJGJTJGd3d3LmdhbWV3ZWFyLnh5eiZzdWJpZF9lbmM9NjFfMjU1MV8yNjgyNzg=&z_back=%20HTTP/1.1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.158.37.146 -, , ASN29802 (HVC-AS, US), Reverse DNS 45-158-37-146.static.hvvc.us Software nginx / Resource Hash `ee48878e3d86dd4d1b8c254d42dabd0ffe20bd1b1281683cf949278220dd85b3` Request headers Host www.gamewear.xyz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server nginx Date Thu, 21 Jan 2021 05:34:51 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Content-Encoding gzip Redirect headers Server nginx Date Thu, 21 Jan 2021 05:34:51 GMT Content-Type text/html Content-Length 178 Connection keep-alive Location https://www.gamewear.xyz/adOk?a_cid=161120677448784&a_ppcId=18232&a_uid=2551&b_country=107&b_impid=161120673990105&b_rkey=&b_sid=268278&ct=35&q=aHR0cHM6Ly9saWtlaW5nY2xpY2suY29tL2NsaWNrcy5waHA/Y291bnRyeT1KUCZzdWJpZD02MV8xMTBfMCZhZmY9NjEmYWR2PTE2NiZ1cmw9aHR0cHMlM0ElMkYlMkZhYmMzOC5mZWVkLXhtbC5jb20lMkZ0cmFja2luZyUyRnB1c2hjbGljayUzRmFkaWQlM0RUMTYxMTIwNjczOVUyNjVCQUNDOERBRDYwQUEyXzQxNzA1Ml81NzUwMjYmYmlkPTAuMDAwNDMxNTQ5OTk5OTk5OTk5OTUmYWR2X2JpZD0wLjAwMDY4NSZ0cmFuc2FjdGlvbklkPTd5NjF5MThlNjlmNjAtNWJhOS0xMWViLTg2MGItZGZlMTUxMjZkYjYxJmlwPTE1MC4yOS4xMjEuMTE5JnVhPU1vemlsbGElMkY1LjAlMjAoV2luZG93cyUyME5UJTIwMTAuMCUzQiUyMFdpbjY0JTNCJTIweDY0KSUyMEFwcGxlV2ViS2l0JTJGNTM3LjM2JTIwKEtIVE1MJTJDJTIwbGlrZSUyMEdlY2tvKSUyMENocm9tZSUyRjg3LjAuNDI4MC44OCUyMFNhZmFyaSUyRjUzNy4zNiUyMEVkZyUyRjg3LjAuNjY0LjY2Jmdyb3VwPTE4JnVzZXJhZ2U9JnJlZj1odHRwJTNBJTJGJTJGd3d3LmdhbWV3ZWFyLnh5eiZzdWJpZF9lbmM9NjFfMjU1MV8yNjgyNzg=&z_back=%20HTTP/1.1
GET H/1.1	200 OK	clicks.php Show response likeingclick.com/	3 KB 4 KB	39ms 12ms	Document text/html	78.46.81.228 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://likeingclick.com/clicks.php?country=JP&subid=61_110_0&aff=61&adv=166&url=https%3A%2F%2Fabc38.feed-xml.com%2Ftracking%2Fpushclick%3Fadid%3DT1611206739U265BACC8DAD60AA2_417052_575026&bid=0.00043154999999999995&adv_bid=0.000685&transactionId=7y61y18e69f60-5ba9-11eb-860b-dfe15126db61&ip=150.29.121.119&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F87.0.4280.88%20Safari%2F537.36%20Edg%2F87.0.664.66&group=18&userage=&ref=http%3A%2F%2Fwww.gamewear.xyz&subid_enc=61_2551_268278 Requested by Host: www.gamewear.xyz URL: https://www.gamewear.xyz/adOk?a_cid=161120677448784&a_ppcId=18232&a_uid=2551&b_country=107&b_impid=161120673990105&b_rkey=&b_sid=268278&ct=35&q=aHR0cHM6Ly9saWtlaW5nY2xpY2suY29tL2NsaWNrcy5waHA/Y291bnRyeT1KUCZzdWJpZD02MV8xMTBfMCZhZmY9NjEmYWR2PTE2NiZ1cmw9aHR0cHMlM0ElMkYlMkZhYmMzOC5mZWVkLXhtbC5jb20lMkZ0cmFja2luZyUyRnB1c2hjbGljayUzRmFkaWQlM0RUMTYxMTIwNjczOVUyNjVCQUNDOERBRDYwQUEyXzQxNzA1Ml81NzUwMjYmYmlkPTAuMDAwNDMxNTQ5OTk5OTk5OTk5OTUmYWR2X2JpZD0wLjAwMDY4NSZ0cmFuc2FjdGlvbklkPTd5NjF5MThlNjlmNjAtNWJhOS0xMWViLTg2MGItZGZlMTUxMjZkYjYxJmlwPTE1MC4yOS4xMjEuMTE5JnVhPU1vemlsbGElMkY1LjAlMjAoV2luZG93cyUyME5UJTIwMTAuMCUzQiUyMFdpbjY0JTNCJTIweDY0KSUyMEFwcGxlV2ViS2l0JTJGNTM3LjM2JTIwKEtIVE1MJTJDJTIwbGlrZSUyMEdlY2tvKSUyMENocm9tZSUyRjg3LjAuNDI4MC44OCUyMFNhZmFyaSUyRjUzNy4zNiUyMEVkZyUyRjg3LjAuNjY0LjY2Jmdyb3VwPTE4JnVzZXJhZ2U9JnJlZj1odHRwJTNBJTJGJTJGd3d3LmdhbWV3ZWFyLnh5eiZzdWJpZF9lbmM9NjFfMjU1MV8yNjgyNzg=&z_back=%20HTTP/1.1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 78.46.81.228 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.228.81.46.78.clients.your-server.de Software nginx/1.16.1 (Ubuntu) / Resource Hash `93be480419c4b8ad5a98d0aa5e1416627b5a06beb3d9b9b6329906c1e4094c2a` Request headers Host likeingclick.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer https://www.gamewear.xyz/adOk?a_cid=161120677448784&a_ppcId=18232&a_uid=2551&b_country=107&b_impid=161120673990105&b_rkey=&b_sid=268278&ct=35&q=aHR0cHM6Ly9saWtlaW5nY2xpY2suY29tL2NsaWNrcy5waHA/Y291bnRyeT1KUCZzdWJpZD02MV8xMTBfMCZhZmY9NjEmYWR2PTE2NiZ1cmw9aHR0cHMlM0ElMkYlMkZhYmMzOC5mZWVkLXhtbC5jb20lMkZ0cmFja2luZyUyRnB1c2hjbGljayUzRmFkaWQlM0RUMTYxMTIwNjczOVUyNjVCQUNDOERBRDYwQUEyXzQxNzA1Ml81NzUwMjYmYmlkPTAuMDAwNDMxNTQ5OTk5OTk5OTk5OTUmYWR2X2JpZD0wLjAwMDY4NSZ0cmFuc2FjdGlvbklkPTd5NjF5MThlNjlmNjAtNWJhOS0xMWViLTg2MGItZGZlMTUxMjZkYjYxJmlwPTE1MC4yOS4xMjEuMTE5JnVhPU1vemlsbGElMkY1LjAlMjAoV2luZG93cyUyME5UJTIwMTAuMCUzQiUyMFdpbjY0JTNCJTIweDY0KSUyMEFwcGxlV2ViS2l0JTJGNTM3LjM2JTIwKEtIVE1MJTJDJTIwbGlrZSUyMEdlY2tvKSUyMENocm9tZSUyRjg3LjAuNDI4MC44OCUyMFNhZmFyaSUyRjUzNy4zNiUyMEVkZyUyRjg3LjAuNjY0LjY2Jmdyb3VwPTE4JnVzZXJhZ2U9JnJlZj1odHRwJTNBJTJGJTJGd3d3LmdhbWV3ZWFyLnh5eiZzdWJpZF9lbmM9NjFfMjU1MV8yNjgyNzg=&z_back=%20HTTP/1.1 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.gamewear.xyz/adOk?a_cid=161120677448784&a_ppcId=18232&a_uid=2551&b_country=107&b_impid=161120673990105&b_rkey=&b_sid=268278&ct=35&q=aHR0cHM6Ly9saWtlaW5nY2xpY2suY29tL2NsaWNrcy5waHA/Y291bnRyeT1KUCZzdWJpZD02MV8xMTBfMCZhZmY9NjEmYWR2PTE2NiZ1cmw9aHR0cHMlM0ElMkYlMkZhYmMzOC5mZWVkLXhtbC5jb20lMkZ0cmFja2luZyUyRnB1c2hjbGljayUzRmFkaWQlM0RUMTYxMTIwNjczOVUyNjVCQUNDOERBRDYwQUEyXzQxNzA1Ml81NzUwMjYmYmlkPTAuMDAwNDMxNTQ5OTk5OTk5OTk5OTUmYWR2X2JpZD0wLjAwMDY4NSZ0cmFuc2FjdGlvbklkPTd5NjF5MThlNjlmNjAtNWJhOS0xMWViLTg2MGItZGZlMTUxMjZkYjYxJmlwPTE1MC4yOS4xMjEuMTE5JnVhPU1vemlsbGElMkY1LjAlMjAoV2luZG93cyUyME5UJTIwMTAuMCUzQiUyMFdpbjY0JTNCJTIweDY0KSUyMEFwcGxlV2ViS2l0JTJGNTM3LjM2JTIwKEtIVE1MJTJDJTIwbGlrZSUyMEdlY2tvKSUyMENocm9tZSUyRjg3LjAuNDI4MC44OCUyMFNhZmFyaSUyRjUzNy4zNiUyMEVkZyUyRjg3LjAuNjY0LjY2Jmdyb3VwPTE4JnVzZXJhZ2U9JnJlZj1odHRwJTNBJTJGJTJGd3d3LmdhbWV3ZWFyLnh5eiZzdWJpZF9lbmM9NjFfMjU1MV8yNjgyNzg=&z_back=%20HTTP/1.1 Response headers Server nginx/1.16.1 (Ubuntu) Date Thu, 21 Jan 2021 05:34:51 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Access-Control-Expose-Headers Content-Length,Content-Range X-Upstream-Addr 116.202.83.69:80 X-Forwarded-By 89.249.64.171
GET H2	200	/ Show response methodology653.cf/JPfsdd-sdds0s0-2891.inf0b/ Redirect Chain https://lovedoubts.com/pop_clicks.php?&url=https%3A%2F%2Fabc38.feed-xml.com%2Ftracking%2Fpushclick%3Fadid%3DT1611206739U265BACC8DAD60AA2_417052_575026&transactionId=7y61y18e69f60-5ba9-11eb-860b-dfe... https://abc38.feed-xml.com/tracking/pushclick?adid=T1611206739U265BACC8DAD60AA2_417052_575026 https://tiodmw.com/dsp/cu/clc?aid=15047524918436316126&t=1611206739&s=602770&sid=415 https://methodology653.cf/JPfsdd-sdds0s0-2891.inf0b http://methodology653.cf/JPfsdd-sdds0s0-2891.inf0b/ https://methodology653.cf/JPfsdd-sdds0s0-2891.inf0b/	2 KB 786 B	45ms 45ms	Document text/html	2606:4700:3037::6815:19c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://methodology653.cf/JPfsdd-sdds0s0-2891.inf0b/ Requested by Host: likeingclick.com URL: https://likeingclick.com/clicks.php?country=JP&subid=61_110_0&aff=61&adv=166&url=https%3A%2F%2Fabc38.feed-xml.com%2Ftracking%2Fpushclick%3Fadid%3DT1611206739U265BACC8DAD60AA2_417052_575026&bid=0.00043154999999999995&adv_bid=0.000685&transactionId=7y61y18e69f60-5ba9-11eb-860b-dfe15126db61&ip=150.29.121.119&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F87.0.4280.88%20Safari%2F537.36%20Edg%2F87.0.664.66&group=18&userage=&ref=http%3A%2F%2Fwww.gamewear.xyz&subid_enc=61_2551_268278 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:19c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `965e85f4fa85cf14101cdf24af8411ed81855854941e96208be3d12cd0e67cab` Request headers :method GET :authority methodology653.cf :scheme https :path /JPfsdd-sdds0s0-2891.inf0b/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US cookie __cfduid=db8bdc513e1e9b81e1d54e3cb70a936bd1611207292 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://likeingclick.com/clicks.php?country=JP&subid=61_110_0&aff=61&adv=166&url=https%3A%2F%2Fabc38.feed-xml.com%2Ftracking%2Fpushclick%3Fadid%3DT1611206739U265BACC8DAD60AA2_417052_575026&bid=0.00043154999999999995&adv_bid=0.000685&transactionId=7y61y18e69f60-5ba9-11eb-860b-dfe15126db61&ip=150.29.121.119&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F87.0.4280.88%20Safari%2F537.36%20Edg%2F87.0.664.66&group=18&userage=&ref=http%3A%2F%2Fwww.gamewear.xyz&subid_enc=61_2551_268278 Response headers date Thu, 21 Jan 2021 05:34:52 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding cf-cache-status DYNAMIC cf-request-id 07c5094d2300000eb33e83a000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cWLU4F02JNIjUmZA94G8DGlRpvD7ja5HLPvVVWgrdT0tl6%2Fg0g4iL82mLrP23NPsRNnc4S6wuAW4aB2n2eSQqApIkOvjS%2B06s8wtPbAkqOrCV6eva1%2BkTQxYMfm0Sw%3D%3D"}]} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 614eab283c630eb3-FRA content-encoding br Redirect headers Date Thu, 21 Jan 2021 05:34:52 GMT Transfer-Encoding chunked Connection keep-alive Cache-Control max-age=3600 Expires Thu, 21 Jan 2021 06:34:52 GMT Location https://methodology653.cf/JPfsdd-sdds0s0-2891.inf0b/ cf-request-id 07c5094d1200002c4a481c3000000001 Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9BMvIDLjfzMANmDvlGjGlGE8pdEqXw8qau5jALa1EJw7pC66NXYWwBlYug8wPSb2%2FenPk3aRX0l4TIsPYklLF7FAWjMcb0mRs6DIQwXM7%2F%2F7e64Z7gJdshX1KbWVmQ%3D%3D"}],"max_age":604800} NEL {"report_to":"cf-nel","max_age":604800} Vary Accept-Encoding Server cloudflare CF-RAY 614eab281aad2c4a-FRA
GET H2	404	Primary Request / Show response methodology653.cf/JPfsdd-sdds0s0-2891.inf0b/thanks/	1 KB 800 B	37ms 37ms	Document text/html	2606:4700:3037::6815:19c9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://methodology653.cf/JPfsdd-sdds0s0-2891.inf0b/thanks/ Requested by Host: methodology653.cf URL: https://methodology653.cf/JPfsdd-sdds0s0-2891.inf0b/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:19c9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d665fc6e7640db2921aa0e552e06e9eab5f7f3804ee363864f0ab0848a8ed3a0` Request headers :method GET :authority methodology653.cf :scheme https :path /JPfsdd-sdds0s0-2891.inf0b/thanks/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest document referer https://methodology653.cf/JPfsdd-sdds0s0-2891.inf0b/ accept-encoding gzip, deflate, br accept-language en-US cookie __cfduid=db8bdc513e1e9b81e1d54e3cb70a936bd1611207292 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://methodology653.cf/JPfsdd-sdds0s0-2891.inf0b/ Response headers date Thu, 21 Jan 2021 05:34:52 GMT content-type text/html vary Accept-Encoding last-modified Wed, 20 Jan 2021 21:58:42 GMT cf-cache-status DYNAMIC cf-request-id 07c5094d5d00000eb31aa7c000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ODZG6MWbi%2BoytUJr%2Fn15Kk5m3bBSGja%2BwqDHb4N9Ui5NhIu3pyH5wiUqVxO1eThmwI1%2Fb%2BX0z8zA5aydnhe5XDJ%2F6jphk2iQALbPeFERBXub4jYGFLXbW9vhFjivgQ%3D%3D"}]} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 614eab289cd60eb3-FRA content-encoding br

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.methodology653.cf/	1970-01-19 16:16:39	Name: __cfduid Value: db8bdc513e1e9b81e1d54e3cb70a936bd1611207292

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abc38.feed-xml.com
likeingclick.com
lovedoubts.com
methodology653.cf
tiodmw.com
www.gamewear.xyz
2606:4700:3037::6815:19c9
2a02:b48:207:1::6
2a0c:5c81:5097:0:225:90ff:fefa:fa53
45.158.37.146
78.46.81.228
93be480419c4b8ad5a98d0aa5e1416627b5a06beb3d9b9b6329906c1e4094c2a
965e85f4fa85cf14101cdf24af8411ed81855854941e96208be3d12cd0e67cab
d665fc6e7640db2921aa0e552e06e9eab5f7f3804ee363864f0ab0848a8ed3a0
ee48878e3d86dd4d1b8c254d42dabd0ffe20bd1b1281683cf949278220dd85b3

methodology653.cf Open in urlscan Pro 2606:4700:3037::6815:19c9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

4 Requests

100 %HTTPS

60 %IPv6

6 Domains

6 Subdomains

3 IPs

5 Countries

10 kBTransfer

23 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

1 Cookies

Indicators

methodology653.cf Open in urlscan Pro
2606:4700:3037::6815:19c9 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

3
IPs

5
Countries

10 kB
Transfer

23 kB
Size

1
Cookies

4 HTTP transactions
0 data transactions