urlscan.io logo urlscan.io
SecurityTrails logo

tq.mpds-smart3.online Open in urlscan Pro
173.239.53.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://switchd.ch/
Effective URL: https://tq.mpds-smart3.online/filter?q=&i=*8HGMd*nKH4_0&ci=7377057517610958103&t=729939442&h=22
Submission: On June 27 via api from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 14 HTTP transactions. The main IP is 173.239.53.32, located in New York, United States and belongs to WEBAIR-INTERNET, US. The main domain is tq.mpds-smart3.online.
TLS certificate: Issued by R3 on May 16th 2024. Valid for: 3 months.
This is the only time tq.mpds-smart3.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 185.53.177.50 61969 (TEAMINTER...)
1 18.66.121.135 16509 (AMAZON-02)
2 3.212.240.227 14618 (AMAZON-AES)
1 4 173.239.53.32 27257 (WEBAIR-IN...)
1 130.211.29.114 396982 (GOOGLE-CL...)
2 35.241.15.240 396982 (GOOGLE-CL...)
14 7
4    185.53.177.50 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)
switchd.ch
1    18.66.121.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-121-135.fra60.r.cloudfront.net
d38psrni17bvxu.cloudfront.net
2    3.212.240.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-240-227.compute-1.amazonaws.com
iovia-pmj.com
4    173.239.53.32 (New York, United States)

ASN27257 (WEBAIR-INTERNET, US)
xml-v4.mpds-smart3.online
tq.mpds-smart3.online
1    130.211.29.114 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com
cdn.perfdrive.com
2    35.241.15.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.15.241.35.bc.googleusercontent.com
cas.avalon.perfdrive.com
Apex Domain
Subdomains		 Transfer
4 mpds-smart3.online
xml-v4.mpds-smart3.online
tq.mpds-smart3.online
10 KB
4 switchd.ch
switchd.ch
3 KB
3 perfdrive.com
cdn.perfdrive.com — Cisco Umbrella Rank: 33435
cas.avalon.perfdrive.com — Cisco Umbrella Rank: 12963
9 KB
2 iovia-pmj.com
iovia-pmj.com — Cisco Umbrella Rank: 313883
4 KB
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
1 KB
0 redbnm.com Failed
redbnm.com Failed
14 6
Domain Requested by
4 switchd.ch d38psrni17bvxu.cloudfront.net
switchd.ch
3 tq.mpds-smart3.online iovia-pmj.com
2 cas.avalon.perfdrive.com cdn.perfdrive.com
2 iovia-pmj.com switchd.ch
iovia-pmj.com
1 cdn.perfdrive.com tq.mpds-smart3.online
1 xml-v4.mpds-smart3.online 1 redirects
1 d38psrni17bvxu.cloudfront.net switchd.ch
0 redbnm.com Failed
14 8

This site contains links to these domains. Also see Links.

Domain
xml-v4.mpds-smart3.online
Subject Issuer Validity Valid
switchd.ch
R11		 2024-06-09 -
2024-09-07		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
iovia-pmj.com
Amazon RSA 2048 M02		 2024-05-31 -
2025-06-29		 a year crt.sh
mpds-smart3.online
R3		 2024-05-16 -
2024-08-14		 3 months crt.sh
*.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2023-09-21 -
2024-09-26		 a year crt.sh
cas.avalon.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2023-07-24 -
2024-08-05		 a year crt.sh

This page contains 1 frames:

Frame: https://redbnm.com/cvjvl2k.php?key=hrzhxgf8dpnqh0cqkfca&conversion=ZmCSuhjTfRc&bid=0.059&source_subid=14121266908&banner=5944748&carrier=Sunrise&IP=62.167.93.86&campaign=1118429&query=&state=vd
Frame ID: 9997712DDB791C9FBA8173AB33D3099A
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://switchd.ch/ Page URL
  2. http://iovia-pmj.com/zclkvisitor/7b728197-344e-11ef-8b18-12d371668f55/85aefdc2-9ed0-48aa-922d-60f... HTTP 307
    https://iovia-pmj.com/zclkvisitor/7b728197-344e-11ef-8b18-12d371668f55/85aefdc2-9ed0-48aa-922d-60f... Page URL
  3. https://iovia-pmj.com/zclkredirect?visitid=7b728197-344e-11ef-8b18-12d371668f55&type=js&browserWid... Page URL
  4. http://xml-v4.mpds-smart3.online/click?seat=2585065&i=*8HGMd*nKH4_0 HTTP 307
    https://xml-v4.mpds-smart3.online/click?seat=2585065&i=*8HGMd*nKH4_0 HTTP 302
    https://tq.mpds-smart3.online/filter?q=&i=*8HGMd*nKH4_0&ci=7377057517610958103&t=729939442&h=22 Page URL

Page Statistics

14
Requests

93 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

26 kB
Transfer

42 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://switchd.ch/ Page URL
  2. http://iovia-pmj.com/zclkvisitor/7b728197-344e-11ef-8b18-12d371668f55/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=7b82ae31-344e-11ef-8b18-12d371668f55 HTTP 307
    https://iovia-pmj.com/zclkvisitor/7b728197-344e-11ef-8b18-12d371668f55/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=7b82ae31-344e-11ef-8b18-12d371668f55 Page URL
  3. https://iovia-pmj.com/zclkredirect?visitid=7b728197-344e-11ef-8b18-12d371668f55&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FZurich Page URL
  4. http://xml-v4.mpds-smart3.online/click?seat=2585065&i=*8HGMd*nKH4_0 HTTP 307
    https://xml-v4.mpds-smart3.online/click?seat=2585065&i=*8HGMd*nKH4_0 HTTP 302
    https://tq.mpds-smart3.online/filter?q=&i=*8HGMd*nKH4_0&ci=7377057517610958103&t=729939442&h=22 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://iovia-pmj.com/zclkvisitor/7b728197-344e-11ef-8b18-12d371668f55/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=7b82ae31-344e-11ef-8b18-12d371668f55 HTTP 307
  • https://iovia-pmj.com/zclkvisitor/7b728197-344e-11ef-8b18-12d371668f55/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=7b82ae31-344e-11ef-8b18-12d371668f55
Request Chain 12
  • https://xml-v4.mpds-smart3.online/click2?i=*8HGMd*nKH4_0&ci=7377057517610958103&j=rv%3De%26ss%3D1600x1200%26ws%3D1600x1200%26wp%3D30x30%26ce%3D1%26ck%3Djc%26cv%3D5089%26cs%3D1%26fr%3D0%26hc%3D0%26fl%3Dnull%26tp%3D5130%26ct%3D1%26lc%3D0%26lh%3D0%26ms%3Dnull%26mf%3Dnull%26ml%3D0%26te%3D0%26fi%3Dnull%26pl%3DWin32%26ua%3DMozilla%252F5.0%2B%28Windows%2BNT%2B10.0%253B%2BWin64%253B%2Bx64%29%2BAppleWebKit%252F537.36%2B%28KHTML%252C%2Blike%2BGecko%29%2BChrome%252F126.0.0.0%2BSafari%252F537.36%26es%3D0%26shs%3D HTTP 302
  • https://redbnm.com/cvjvl2k.php?key=hrzhxgf8dpnqh0cqkfca&conversion=ZmCSuhjTfRc&bid=0.059&source_subid=14121266908&banner=5944748&carrier=Sunrise&IP=62.167.93.86&campaign=1118429&query=&state=vd

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
switchd.ch/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://switchd.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.177.50 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy nginx /
Resource Hash
5c5330f5ef761b52b3c3dece1220d99f6b277e0d2de9d1f568331329f5baa03a

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
accept-ch-lifetime
30
alt-svc
h3=":8443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 27 Jun 2024 06:28:35 GMT
host
{http.reverse_proxy.upstream.hostport}
server
Caddy nginx
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_lLtr9VK5s8Pgtv1Bl8uBVCUr/orc/9cyxvjF0+P6qd+FIRbHpPl+Zegr5DqNhQWZ5vMigaskMMW9tvqIrVAeGg==
x-buckets
bucket057
x-domain
switchd.ch
x-forwarded-host
switchd.ch
x-language
german
x-redirect
zeropark_zeroclick
x-ssl-c
v1
x-ssl-proxy
v2
x-subdomain
x-template
tpl_CleanPeppermintBlack_twoclick
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: switchd.ch
URL: https://switchd.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.121.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-121-135.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://switchd.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 04:34:58 GMT
via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
last-modified
Thu, 21 Mar 2024 11:48:11 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
age
6818
etag
"65fc1e7b-448"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1096
x-amz-cf-id
XgPRNfW6BYwT-0ktu2POiRWYxN-wS3Y0-we2mLn3qxPekZICzTZN5w==
track.php
switchd.ch/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://switchd.ch/track.php?domain=switchd.ch&toggle=browserjs&uid=MTcxOTQ2OTcxNS4zMzM0OjM1YzY3NDk0MWIzYzQ3NzQwMGQ0Y2UxNjBmZTBiYmMzNTcxYzJjMmRhYzIzNGE0MDM2YzJjYzc4OGViZjBkODA6NjY3ZDA2OTM1MTYzMg%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.177.50 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
device-memory
8
rtt
50
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width
1600
Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://switchd.ch/
dpr
1
downlink
10
ect
4g
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 06:28:36 GMT
content-encoding
gzip
x-ssl-proxy
v2
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
host
{http.reverse_proxy.upstream.hostport}
server
Caddy, nginx
x-custom-track
browserjs
vary
Accept-Encoding
accept-ch-lifetime
30
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
x-forwarded-host
switchd.ch
x-ssl-c
v1
alt-svc
h3=":8443"; ma=2592000
ls.php
switchd.ch/ 		16 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://switchd.ch/ls.php?t=667d0693&token=3cc3d1253931b07f52bae679acbc4bed2c7bff3f
Requested by
Host: switchd.ch
URL: https://switchd.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.177.50 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
device-memory
8
rtt
50
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width
1600
Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://switchd.ch/
dpr
1
downlink
10
ect
4g
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 06:28:36 GMT
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_BrRRj30j2Cs2SwSxJhjxrozbkXUcyH27g643J96Uc21SG3Q1wDg4za3S8k5y41t7BTS4RNK+Q7zNRV1VJUL3eg==
x-ssl-c
v1
alt-svc
h3=":8443"; ma=2592000
x-ssl-proxy
v2
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
host
{http.reverse_proxy.upstream.hostport}
server
Caddy, nginx
access-control-max-age
86400
access-control-allow-methods
POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
accept-ch-lifetime
30
charset
utf-8
x-forwarded-host
switchd.ch
x-log-success
667d0694ecc09b30480a949a
track.php
switchd.ch/ 		0
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://switchd.ch/track.php?click=be040c2a9818d4929be142d49a673c3cd7644887&domain=switchd.ch&uid=MTcxOTQ2OTcxNS4zMzM0OjM1YzY3NDk0MWIzYzQ3NzQwMGQ0Y2UxNjBmZTBiYmMzNTcxYzJjMmRhYzIzNGE0MDM2YzJjYzc4OGViZjBkODA6NjY3ZDA2OTM1MTYzMg%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwNTd8fHx8fHw2NjdkMDY5MzUxNWY5fHx8MTcxOTQ2OTcxNS42NjM0fDczNWZiOGNiOWQxYWE3MGZkYzEyYmVlZDE3YTMyNDYzOTc2ZjFmN2N8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXwzY2MzZDEyNTM5MzFiMDdmNTJiYWU2NzlhY2JjNGJlZDJjN2JmZjNmfDB8fDB8MHw3ODQwMzk2MDM3fHw%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.177.50 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
device-memory
8
rtt
50
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width
1600
Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://switchd.ch/
dpr
1
downlink
10
ect
4g
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 06:28:36 GMT
content-encoding
gzip
x-ssl-proxy
v2
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
host
{http.reverse_proxy.upstream.hostport}
server
Caddy, nginx
x-custom-track
none
vary
Accept-Encoding
accept-ch-lifetime
30
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
x-forwarded-host
switchd.ch
x-ssl-c
v1
alt-svc
h3=":8443"; ma=2592000
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
iovia-pmj.com/zclkvisitor/7b728197-344e-11ef-8b18-12d371668f55/
Redirect Chain
  • http://iovia-pmj.com/zclkvisitor/7b728197-344e-11ef-8b18-12d371668f55/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=7b82ae31-344e-11ef-8b18-12d371668f55
  • https://iovia-pmj.com/zclkvisitor/7b728197-344e-11ef-8b18-12d371668f55/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=7b82ae31-344e-11ef-8b18-12d371668f55
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://iovia-pmj.com/zclkvisitor/7b728197-344e-11ef-8b18-12d371668f55/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=7b82ae31-344e-11ef-8b18-12d371668f55
Requested by
Host: switchd.ch
URL: https://switchd.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.240.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-240-227.compute-1.amazonaws.com
Software
/
Resource Hash
289c1d571bbeeafccbf6fc949853daaa1ff2bccf53f3522875741aeaba7a9f7d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://switchd.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
2732
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Thu, 27 Jun 2024 06:28:36 GMT
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'

Redirect headers

Location
https://iovia-pmj.com/zclkvisitor/7b728197-344e-11ef-8b18-12d371668f55/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=7b82ae31-344e-11ef-8b18-12d371668f55
Non-Authoritative-Reason
HttpsUpgrades
zclkredirect
iovia-pmj.com/ 		316 B
779 B 		Document
General
Check archive.org
Download Go to
Full URL
https://iovia-pmj.com/zclkredirect?visitid=7b728197-344e-11ef-8b18-12d371668f55&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FZurich
Requested by
Host: iovia-pmj.com
URL: https://iovia-pmj.com/zclkvisitor/7b728197-344e-11ef-8b18-12d371668f55/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=7b82ae31-344e-11ef-8b18-12d371668f55
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.240.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-240-227.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://iovia-pmj.com/zclkvisitor/7b728197-344e-11ef-8b18-12d371668f55/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=7b82ae31-344e-11ef-8b18-12d371668f55
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
316
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Thu, 27 Jun 2024 06:28:36 GMT
redirected
JS
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'
Primary Request filter
tq.mpds-smart3.online/
Redirect Chain
  • http://xml-v4.mpds-smart3.online/click?seat=2585065&i=*8HGMd*nKH4_0
  • https://xml-v4.mpds-smart3.online/click?seat=2585065&i=*8HGMd*nKH4_0
  • https://tq.mpds-smart3.online/filter?q=&i=*8HGMd*nKH4_0&ci=7377057517610958103&t=729939442&h=22
9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tq.mpds-smart3.online/filter?q=&i=*8HGMd*nKH4_0&ci=7377057517610958103&t=729939442&h=22
Requested by
Host: iovia-pmj.com
URL: https://iovia-pmj.com/zclkredirect?visitid=7b728197-344e-11ef-8b18-12d371668f55&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FZurich
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.239.53.32 New York, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
709901c1e7cd8cab721bd48dab122403c840d55fe576c8835026c37c0d14c394

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://iovia-pmj.com/zclkredirect?visitid=7b728197-344e-11ef-8b18-12d371668f55&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FZurich
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
9134
Content-Type
text/html; charset=utf-8
Date
Thu, 27 Jun 2024 06:28:37 GMT
Referrer-Policy
unsafe-url
Server
nginx

Redirect headers

Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model
Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 27 Jun 2024 06:28:37 GMT
Location
https://tq.mpds-smart3.online/filter?q=&i=*8HGMd*nKH4_0&ci=7377057517610958103&t=729939442&h=22
Server
nginx
aperture.js
cdn.perfdrive.com/aperture/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.perfdrive.com/aperture/aperture.js
Requested by
Host: tq.mpds-smart3.online
URL: https://tq.mpds-smart3.online/filter?q=&i=*8HGMd*nKH4_0&ci=7377057517610958103&t=729939442&h=22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
114.29.211.130.bc.googleusercontent.com
Software
nginx/1.10.1 /
Resource Hash
9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tq.mpds-smart3.online/filter?q=&i=*8HGMd*nKH4_0&ci=7377057517610958103&t=729939442&h=22
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 06:26:27 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 18 Jun 2024 04:33:55 GMT
server
nginx/1.10.1
age
131
etag
W/"66710e33-6844"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7938
jsdata
cas.avalon.perfdrive.com/ 		316 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
b60014a347f09bf1514d37cc8075bf6f2396a1829e2a20fd6669c26701687fb0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://tq.mpds-smart3.online/filter?q=&i=*8HGMd*nKH4_0&ci=7377057517610958103&t=729939442&h=22
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
1ms
date
Thu, 27 Jun 2024 06:28:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316
content-type
text/plain; charset=UTF-8
jsdata
cas.avalon.perfdrive.com/ 		211 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
15a6e96f79560e2236105949b90cbdf40d7c22fdf49f5d62cefc00a523b43763

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://tq.mpds-smart3.online/filter?q=&i=*8HGMd*nKH4_0&ci=7377057517610958103&t=729939442&h=22
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
1ms
date
Thu, 27 Jun 2024 06:28:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
211
content-type
text/plain; charset=UTF-8
imagec
tq.mpds-smart3.online/ 		58 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tq.mpds-smart3.online/imagec?i=*8HGMd*nKH4_0&s=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.239.53.32 New York, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
c0223f90691a3eff0bf1c2f1737aab1779b6f1a533364c5305832dd63a618794

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tq.mpds-smart3.online/filter?q=&i=*8HGMd*nKH4_0&ci=7377057517610958103&t=729939442&h=22
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 06:28:38 GMT
Cache-Control
no-store
Server
nginx
Connection
keep-alive
Content-Length
58
Content-Type
image/bmp
imagec
tq.mpds-smart3.online/ 		62 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tq.mpds-smart3.online/imagec?i=*8HGMd*nKH4_0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.239.53.32 New York, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
dd9f61cf27813aa82408d80ce8eaf1f47e3ffe73deb5635f951b38d686463bfb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tq.mpds-smart3.online/filter?q=&i=*8HGMd*nKH4_0&ci=7377057517610958103&t=729939442&h=22
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 27 Jun 2024 06:28:38 GMT
Cache-Control
no-store
Server
nginx
Connection
keep-alive
Content-Length
62
Content-Type
image/bmp
cvjvl2k.php
redbnm.com/
Redirect Chain
  • https://xml-v4.mpds-smart3.online/click2?i=*8HGMd*nKH4_0&ci=7377057517610958103&j=rv%3De%26ss%3D1600x1200%26ws%3D1600x1200%26wp%3D30x30%26ce%3D1%26ck%3Djc%26cv%3D5089%26cs%3D1%26fr%3D0%26hc%3D0%26f...
  • https://redbnm.com/cvjvl2k.php?key=hrzhxgf8dpnqh0cqkfca&conversion=ZmCSuhjTfRc&bid=0.059&source_subid=14121266908&banner=5944748&carrier=Sunrise&IP=62.167.93.86&campaign=1118429&query=&state=vd
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
redbnm.com
URL
https://redbnm.com/cvjvl2k.php?key=hrzhxgf8dpnqh0cqkfca&conversion=ZmCSuhjTfRc&bid=0.059&source_subid=14121266908&banner=5944748&carrier=Sunrise&IP=62.167.93.86&campaign=1118429&query=&state=vd

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| tqs function| hc function| flashCall function| lc function| lh function| jsfload object| SSJSConnectorObj function| ssConf object| ssTimeLogs object| BrowserStyle string| j function| ssJSActionTaker function| ssJSConnWriteCookies

9 Cookies

Domain/Path Name / Value
.mpds-smart3.online/ Name: x3325799
Value: 190056352
tq.mpds-smart3.online/ Name: c-669665491
Value: 190056352
.mpds-smart3.online/ Name: __ssds
Value: 2
.mpds-smart3.online/ Name: __ssuzjsr2
Value: a9be0cd8e
.mpds-smart3.online/ Name: __uzmaj2
Value: 76174b2e-f02e-43d4-b557-fcd7f606d793
.mpds-smart3.online/ Name: __uzmbj2
Value: 1719469718
.mpds-smart3.online/ Name: __uzmcj2
Value: 706841074500
.mpds-smart3.online/ Name: __uzmdj2
Value: 1719469718
tq.mpds-smart3.online/ Name: ic715206259
Value: 1596779616