fraudshield.g2afse.com

Summary

This website contacted 1 IPs in 2 countries across 5 domains to perform 2 HTTP transactions. The main IP is 34.90.63.227, located in Groningen, Netherlands and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is fraudshield.g2afse.com.
TLS certificate: Issued by DigiCert Global G3 TLS ECC SHA384 202... on July 30th 2024. Valid for: a year.

This is the only time fraudshield.g2afse.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	198.74.51.34 198.74.51.34	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	45.56.88.170 45.56.88.170	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
4 4	35.204.59.16 35.204.59.16	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	34.90.63.227 34.90.63.227	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	1

1 198.74.51.34 (Fremont, United States) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 198-74-51-34.ip.linodeusercontent.com

m.bolomp06.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.56.88.170 (Fremont, United States) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li890-170.members.linode.com

m.bolomobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.204.59.16 (Groningen, Netherlands) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 16.59.204.35.bc.googleusercontent.com

track.grantoro.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.profit-click.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.90.63.227 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 227.63.90.34.bc.googleusercontent.com

fraudshield.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	g2afse.com 1 redirects fraudshield.g2afse.com	614 B
3	profit-click.com 3 redirects track.profit-click.com	625 B
1	grantoro.tech 1 redirects track.grantoro.tech	331 B
1	bolomobi.com 1 redirects m.bolomobi.com	400 B
1	bolomp06.click 1 redirects m.bolomp06.click	374 B
2	5

	Domain	Requested by
3	fraudshield.g2afse.com	1 redirects
3	track.profit-click.com	3 redirects
1	track.grantoro.tech	1 redirects
1	m.bolomobi.com	1 redirects
1	m.bolomp06.click	1 redirects
2	5

This site contains no links.

Subject Issuer	Validity	Valid
*.g2afse.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-30` - `2025-08-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://fraudshield.g2afse.com/disabled.html?final=1
Frame ID: 7CCBF09351ABCE9A3C80B91F792DE478
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Disabled

Page URL History Show full URLs

http://m.bolomp06.click/c/n/246064/1816?cid=1&sc=1 HTTP 307
https://m.bolomp06.click/c/n/246064/1816?cid=1&sc=1 HTTP 302
https://m.bolomobi.com/c/c/159/145?__m2888__=1&sc=246064_1816&__ot__=1&s1=1&s2=1 HTTP 302
https://track.grantoro.tech/click?pid=1515&offer_id=3879&sub2=SOURCEID&sub1=f4d98e4c2d104b349b1d2e3e8847... HTTP 302
https://track.profit-click.com/click?pid=14589&offer_id=12794&sub1=66d250a2ea0d3e00017f00ff&sub2=1515 HTTP 302
http://track.profit-click.com/disabled.html HTTP 307
https://track.profit-click.com/disabled.html HTTP 301
https://fraudshield.g2afse.com/click?pid=1&offer_id=46 HTTP 307
http://track.profit-click.com/disabled.html HTTP 301
https://fraudshield.g2afse.com/click?pid=1&offer_id=46 HTTP 302
https://fraudshield.g2afse.com/disabled.html?final=1 Page URL

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://m.bolomp06.click/c/n/246064/1816?cid=1&sc=1 HTTP 307
https://m.bolomp06.click/c/n/246064/1816?cid=1&sc=1 HTTP 302
https://m.bolomobi.com/c/c/159/145?__m2888__=1&sc=246064_1816&__ot__=1&s1=1&s2=1 HTTP 302
https://track.grantoro.tech/click?pid=1515&offer_id=3879&sub2=SOURCEID&sub1=f4d98e4c2d104b349b1d2e3e88476c12 HTTP 302
https://track.profit-click.com/click?pid=14589&offer_id=12794&sub1=66d250a2ea0d3e00017f00ff&sub2=1515 HTTP 302
http://track.profit-click.com/disabled.html HTTP 307
https://track.profit-click.com/disabled.html HTTP 301
https://fraudshield.g2afse.com/click?pid=1&offer_id=46 HTTP 307
http://track.profit-click.com/disabled.html HTTP 301
https://fraudshield.g2afse.com/click?pid=1&offer_id=46 HTTP 302
https://fraudshield.g2afse.com/disabled.html?final=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request disabled.html Show response fraudshield.g2afse.com/ Redirect Chain http://m.bolomp06.click/c/n/246064/1816?cid=1&sc=1 https://m.bolomp06.click/c/n/246064/1816?cid=1&sc=1 https://m.bolomobi.com/c/c/159/145?__m2888__=1&sc=246064_1816&__ot__=1&s1=1&s2=1 https://track.grantoro.tech/click?pid=1515&offer_id=3879&sub2=SOURCEID&sub1=f4d98e4c2d104b349b1d2e3e88476c12 https://track.profit-click.com/click?pid=14589&offer_id=12794&sub1=66d250a2ea0d3e00017f00ff&sub2=1515 http://track.profit-click.com/disabled.html https://track.profit-click.com/disabled.html https://fraudshield.g2afse.com/click?pid=1&offer_id=46 http://track.profit-click.com/disabled.html https://fraudshield.g2afse.com/click?pid=1&offer_id=46 https://fraudshield.g2afse.com/disabled.html?final=1	111 B 209 B	57ms 57ms	Document text/html	34.90.63.227 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://fraudshield.g2afse.com/disabled.html?final=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.90.63.227 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 227.63.90.34.bc.googleusercontent.com Software nginx / Resource Hash `b7413baf6c8d815f06ac626010aa7c4eff83b4f3ab3fa3cfd4c50cb533b5cf08` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers content-encoding gzip content-type text/html date Fri, 30 Aug 2024 23:07:15 GMT etag W/"628f9513-6f" last-modified Thu, 26 May 2022 14:56:19 GMT server nginx Redirect headers access-control-allow-origin * content-length 0 date Fri, 30 Aug 2024 23:07:15 GMT location https://fraudshield.g2afse.com/disabled.html?final=1 server nginx x-adjust-use-original-forwarded-for 1
GET H2	200	favicon.ico fraudshield.g2afse.com/	0 110 B	74ms 73ms	Other image/x-icon	34.90.63.227 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://fraudshield.g2afse.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.90.63.227 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 227.63.90.34.bc.googleusercontent.com Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://fraudshield.g2afse.com/disabled.html?final=1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 30 Aug 2024 23:07:15 GMT last-modified Thu, 26 May 2022 14:56:24 GMT server nginx accept-ranges bytes etag "628f9518-0" content-length 0 content-type image/x-icon

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bolomp06.click/	1970-01-21 08:46:59	Name: uk Value: d596d28539a24c37b5009c86f6186630
.bolomobi.com/	1970-01-21 08:46:59	Name: uk Value: 26b723dea80a48a7853e0766890e3cc2
track.grantoro.tech/	1970-01-21 07:56:35	Name: afclick Value: 66d250a2ea0d3e00017f00ff
track.grantoro.tech/	1970-01-21 07:56:35	Name: afoffers Value: {"3879":1725059234}
fraudshield.g2afse.com/	1970-01-21 07:56:35	Name: afclick Value: 66d250a3dad7e40001feb69d
fraudshield.g2afse.com/	1970-01-21 07:56:35	Name: afoffers Value: {"46":1725059235}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fraudshield.g2afse.com
m.bolomobi.com
m.bolomp06.click
track.grantoro.tech
track.profit-click.com
198.74.51.34
34.90.63.227
35.204.59.16
45.56.88.170
b7413baf6c8d815f06ac626010aa7c4eff83b4f3ab3fa3cfd4c50cb533b5cf08
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

fraudshield.g2afse.com Open in urlscan Pro 34.90.63.227 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

2 Requests

100 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

1 IPs

2 Countries

0 kBTransfer

0 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

6 Cookies

Indicators

fraudshield.g2afse.com Open in urlscan Pro
34.90.63.227 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

6
Cookies

2 HTTP transactions
0 data transactions