gadr.com Open in urlscan Pro
64.98.135.32 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://gadr.com/
Submission: On March 04 via api (March 4th 2023, 4:17:16 am UTC) from US — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 10 HTTP transactions. The main IP is 64.98.135.32, located in Centennial, United States and belongs to TUCOWS-3, CA. The main domain is gadr.com.

This is the only time gadr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	64.98.135.32 64.98.135.32	32491 (TUCOWS-3) (TUCOWS-3)
1 1	95.211.219.66 95.211.219.66	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	52.116.53.155 52.116.53.155	36351 (SOFTLAYER) (SOFTLAYER)
2	2606:4700:303... 2606:4700:3031::6815:5e2e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.197.244 172.67.197.244	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::ac43:4809	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	6

1 64.98.135.32 (Centennial, United States)

ASN32491 (TUCOWS-3, CA)

gadr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.219.66 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

www.247webpro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.116.53.155 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 9b.35.7434.ip4.static.sl-reverse.com

mybettermb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p185689.mybettermb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::6815:5e2e (United States)

ASN13335 (CLOUDFLARENET, US)

goadszone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.197.244 (United States)

ASN13335 (CLOUDFLARENET, US)

feed.cn-rtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.cn-rtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:4809 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	ocmhood.com sdk.ocmhood.com — Cisco Umbrella Rank: 70660 cdn.ocmhood.com — Cisco Umbrella Rank: 21154 t.ocmhood.com — Cisco Umbrella Rank: 9053	14 KB
2	cn-rtb.com feed.cn-rtb.com — Cisco Umbrella Rank: 70643 t.cn-rtb.com — Cisco Umbrella Rank: 81248	844 B
2	goadszone.com goadszone.com	15 KB
2	mybettermb.com 1 redirects mybettermb.com — Cisco Umbrella Rank: 89242 p185689.mybettermb.com — Cisco Umbrella Rank: 515689	1 KB
1	247webpro.com 1 redirects www.247webpro.com	2 KB
1	gadr.com gadr.com	515 B
10	6

	Domain	Requested by
2	t.ocmhood.com	sdk.ocmhood.com
2	goadszone.com	p185689.mybettermb.com goadszone.com
1	t.cn-rtb.com	goadszone.com
1	cdn.ocmhood.com	sdk.ocmhood.com
1	sdk.ocmhood.com	goadszone.com
1	feed.cn-rtb.com	goadszone.com
1	p185689.mybettermb.com	gadr.com
1	mybettermb.com	1 redirects
1	www.247webpro.com	1 redirects
1	gadr.com
10	10

This site contains no links.

Subject Issuer	Validity	Valid
*.mybettermb.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-02` - `2023-11-02`	a year	crt.sh
*.goadszone.com E1	`2023-01-23` - `2023-04-23`	3 months	crt.sh
*.cn-rtb.com GTS CA 1P5	`2023-02-22` - `2023-05-23`	3 months	crt.sh
ocmhood.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://gadr.com/
Frame ID: 2B25796814384141EFC1F4022B40037F
Requests: 1 HTTP requests in this frame

Frame: https://goadszone.com/GQ32I6dZqg8CsD_IwcLs1FVyUOts79RMZaDfs4yevCw/?cid=90087945977&sid=62950386&s=0.0041
Frame ID: 72B3D1D54712F054651941891E54581E
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

10
Requests

90 %
HTTPS

33 %
IPv6

6
Domains

10
Subdomains

6
IPs

2
Countries

30 kB
Transfer

64 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.247webpro.com/CS.htm HTTP 302
https://mybettermb.com/aS/feedclick?s=7BsrmHcakyLVD9aYOCFaLY8uDhK_8R6jFVhaSuLbNhsp6KT5qjvayDZTiQMvAXg5dnQ3qd4H7z-pbTnNK1c9Rxz0pbUsp-ySLp7WzEZyY0OuJgxs4iewhIHdqoH80EYFgS41QDYTbhAEysjXg8JANJjEIILW_3V7XWOpnxryNlz2zsYF1LB_w_Brn5Ha6za-lrATtv16mVs6a88BEccRMIjm8a268b5N9B7mUcijhoZYC-XbL6snpT94NN6GS87QALhd7tz03CVYlpSvDkxDzUTjazYOTwTxb0fziQNcgUYkB2wU6TcB9k76sRDk4_JRuIvOrZubwpAqT0CEzt1a6tPG0Hep3ihaw6ezCOS2Rqc4rAd8G8YMc_KpbMZmf2514gMBR_OUGjJhGnS6gW4-stqtDdBR8bueacwImErK5ma1u4fjhAm3GHKR1CeJWu1oOmjXbT3hC-Hl4jO_t83-Tn8GKI58xGcYo4xs6MndBXT1WX4PZ-0_95dfGCPqZ74fB63wYUpY3JP9KXv_R-HZATVUjEDwRaburbweRRNTJ3S-z8DPXi8KzePxVmc_gIWPg92iTWeelNzLch9-T25gOUQdvgrz-IMc6x5QRqnenAaX7YsHoCgkB2HfISu3zZ-OBu2rA42tKlkKF-7wP1cicqBm19_IlnOkH72Vsm2EbcTDZKMx3ywBZm9wxlgLpUsPEs5uXCraA9dzyP57mn6dIMZ7cxrkSLNl0TYK73YvHq4dtJp2MaA7I0dX_RaW-NWRxnN7Q4_Ii-pnx68jUjt99i5xWQOr3DmXu-ywcPgFHbqa5d7pAOQ0FQyP_z-3TvujDsDzDB3vsXbTa9aaAxQXAIYeFm7VPGDyu6BzKX40EL4RxGFvSY6Jz7t8k9-mum5-SrMsOVSOrFIeiwedU8j0yZGP77xw4uLgr9ovdtizdqBgKwyrik1yFuYx7la1Xxm5Gzu6VpZcBnVRmV8YJoUdyDc_kFNLUHsY0tbI00g3b8Y05wRuii6IcMqle7RE0e3D_qNWt4B42WtRlVsrHllsCunO6Ig06cQ2kDncvirW3HfvmKrJF4pkQi-6HqhJkCym6vSGmOi2MSGVjHS4VWfm-cL7J3eOQ45Iv5WsQbgmSm9qMvpu48gcU07PspS4ce5I6D2YWJVQi2PRcUOGXp1glWGKtkyD3Tx46jV5vr11Oy7t9C1IwoKV_eNp_Ec35ImiReS7-XBmYVp1izU5c2Hh7mCa0Avj0U8NExk65oA4Rrozz51vd1NBUuDUs52fPzBcwR3yTe4l4FFPj4aC5d22PlWvKkxflwtTJXSL2AiplwCwCMoixrppYipnMItPxARf6erdg3_RkvMZphPyIrsX-cre3hXKBYW62IBu2n015Mg HTTP 302
https://p185689.mybettermb.com/adServe/domainClick?ai=8t_YSst-khSSu60-mubNxoyaG5GY6j-e2GutY2KvsC06mi1wmvbwUkmxnf8EFJnGFTnUs0OIQi9zN7Vo-sqtrgPzcZqOl8ueD3YRp9_wtT58zMU0lt9xPpZaYOBYWX8UGxoLxwGC_5lOL0EDoQ23yGU-IJPnlV1fCW3sEAs7Z1lKYsvBydXHszw9gQIiq1Y_Gdq5cJhezMQj1mEzY_2TQ-DUs52fPzBc9kPvC1D8G0u-wHSK4m9oDiX-MgTUZasXT5xISGsNs7ESRyc3Q7-jufs31EvJ1VNOHxXMSdErUoadrNP9-AgE1Lh2c3kkE4JMhb_2mUAuQOK-BQzncPOfLSJmznl89uGVx9LeQuH5pCJVkHRUwGVzse4_hxqmBidZHfpgbmtEYrOUPHMOz9xSWw&ui=7BsrmHcakyLVD9aYOCFaLfbWwvziNp_1xLgNeF8Zj-gg1Qs-sgDYnmonWIUMQFyG5HYiOT9TKV1WN_agd27qxlLphk6MnzPTneybwu1dH9JQ1jh1MVC_kw&si=1&oref=b7b05ab6ea4d7d9fff7e73b67b068c69&optunit=Pb3VFqTIwvR3T2WADPxh8w&rb=-sGOgWKI70w&rr=1&abtg=0

10 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response gadr.com/	502 B 515 B	405ms 121ms	Document text/html	64.98.135.32 TUCOWS-3
General Check archive.org Show headers Download Go to Full URL http://gadr.com/ Protocol HTTP/1.1 Server 64.98.135.32 Centennial, United States, ASN32491 (TUCOWS-3, CA), Reverse DNS Software nginx/1.14.2 / Resource Hash `9f25063749e65fc42e9687583a0bf4a6902f0963dfc33e216f4fd8caac737a5d` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sat, 04 Mar 2023 04:17:11 GMT Server nginx/1.14.2 Transfer-Encoding chunked
GET H2	200	domainClick Show response p185689.mybettermb.com/adServe/ Frame 72B3 Redirect Chain http://www.247webpro.com/CS.htm https://mybettermb.com/aS/feedclick?s=7BsrmHcakyLVD9aYOCFaLY8uDhK_8R6jFVhaSuLbNhsp6KT5qjvayDZTiQMvAXg5dnQ3qd4H7z-pbTnNK1c9Rxz0pbUsp-ySLp7WzEZyY0OuJgxs4iewhIHdqoH80EYFgS41QDYTbhAEysjXg8JANJjEIILW_3V... https://p185689.mybettermb.com/adServe/domainClick?ai=8t_YSst-khSSu60-mubNxoyaG5GY6j-e2GutY2KvsC06mi1wmvbwUkmxnf8EFJnGFTnUs0OIQi9zN7Vo-sqtrgPzcZqOl8ueD3YRp9_wtT58zMU0lt9xPpZaYOBYWX8UGxoLxwGC_5lOL0E...	300 B 616 B	191ms 151ms	Document text/html	52.116.53.155 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://p185689.mybettermb.com/adServe/domainClick?ai=8t_YSst-khSSu60-mubNxoyaG5GY6j-e2GutY2KvsC06mi1wmvbwUkmxnf8EFJnGFTnUs0OIQi9zN7Vo-sqtrgPzcZqOl8ueD3YRp9_wtT58zMU0lt9xPpZaYOBYWX8UGxoLxwGC_5lOL0EDoQ23yGU-IJPnlV1fCW3sEAs7Z1lKYsvBydXHszw9gQIiq1Y_Gdq5cJhezMQj1mEzY_2TQ-DUs52fPzBc9kPvC1D8G0u-wHSK4m9oDiX-MgTUZasXT5xISGsNs7ESRyc3Q7-jufs31EvJ1VNOHxXMSdErUoadrNP9-AgE1Lh2c3kkE4JMhb_2mUAuQOK-BQzncPOfLSJmznl89uGVx9LeQuH5pCJVkHRUwGVzse4_hxqmBidZHfpgbmtEYrOUPHMOz9xSWw&ui=7BsrmHcakyLVD9aYOCFaLfbWwvziNp_1xLgNeF8Zj-gg1Qs-sgDYnmonWIUMQFyG5HYiOT9TKV1WN_agd27qxlLphk6MnzPTneybwu1dH9JQ1jh1MVC_kw&si=1&oref=b7b05ab6ea4d7d9fff7e73b67b068c69&optunit=Pb3VFqTIwvR3T2WADPxh8w&rb=-sGOgWKI70w&rr=1&abtg=0 Requested by Host: gadr.com URL: http://gadr.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.116.53.155 , United States, ASN36351 (SOFTLAYER, US), Reverse DNS 9b.35.7434.ip4.static.sl-reverse.com Software nginx / Resource Hash `96d513bac382395084e048219668784d3cf58d175fe910a87458c4cfa9ad0fab` Request headers Referer http://gadr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html;charset=ISO-8859-1 date Sat, 04 Mar 2023 04:17:12 GMT server nginx vary Accept-Encoding Redirect headers content-length 0 date Sat, 04 Mar 2023 04:17:12 GMT location https://p185689.mybettermb.com/adServe/domainClick?ai=8t_YSst-khSSu60-mubNxoyaG5GY6j-e2GutY2KvsC06mi1wmvbwUkmxnf8EFJnGFTnUs0OIQi9zN7Vo-sqtrgPzcZqOl8ueD3YRp9_wtT58zMU0lt9xPpZaYOBYWX8UGxoLxwGC_5lOL0EDoQ23yGU-IJPnlV1fCW3sEAs7Z1lKYsvBydXHszw9gQIiq1Y_Gdq5cJhezMQj1mEzY_2TQ-DUs52fPzBc9kPvC1D8G0u-wHSK4m9oDiX-MgTUZasXT5xISGsNs7ESRyc3Q7-jufs31EvJ1VNOHxXMSdErUoadrNP9-AgE1Lh2c3kkE4JMhb_2mUAuQOK-BQzncPOfLSJmznl89uGVx9LeQuH5pCJVkHRUwGVzse4_hxqmBidZHfpgbmtEYrOUPHMOz9xSWw&ui=7BsrmHcakyLVD9aYOCFaLfbWwvziNp_1xLgNeF8Zj-gg1Qs-sgDYnmonWIUMQFyG5HYiOT9TKV1WN_agd27qxlLphk6MnzPTneybwu1dH9JQ1jh1MVC_kw&si=1&oref=b7b05ab6ea4d7d9fff7e73b67b068c69&optunit=Pb3VFqTIwvR3T2WADPxh8w&rb=-sGOgWKI70w&rr=1&abtg=0 server nginx
GET H2	200	/ Show response goadszone.com/GQ32I6dZqg8CsD_IwcLs1FVyUOts79RMZaDfs4yevCw/ Frame 72B3	29 KB 14 KB	245ms 195ms	Document text/html	2606:4700:3031::6815:5e2e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://goadszone.com/GQ32I6dZqg8CsD_IwcLs1FVyUOts79RMZaDfs4yevCw/?cid=90087945977&sid=62950386&s=0.0041 Requested by Host: p185689.mybettermb.com URL: https://p185689.mybettermb.com/adServe/domainClick?ai=8t_YSst-khSSu60-mubNxoyaG5GY6j-e2GutY2KvsC06mi1wmvbwUkmxnf8EFJnGFTnUs0OIQi9zN7Vo-sqtrgPzcZqOl8ueD3YRp9_wtT58zMU0lt9xPpZaYOBYWX8UGxoLxwGC_5lOL0EDoQ23yGU-IJPnlV1fCW3sEAs7Z1lKYsvBydXHszw9gQIiq1Y_Gdq5cJhezMQj1mEzY_2TQ-DUs52fPzBc9kPvC1D8G0u-wHSK4m9oDiX-MgTUZasXT5xISGsNs7ESRyc3Q7-jufs31EvJ1VNOHxXMSdErUoadrNP9-AgE1Lh2c3kkE4JMhb_2mUAuQOK-BQzncPOfLSJmznl89uGVx9LeQuH5pCJVkHRUwGVzse4_hxqmBidZHfpgbmtEYrOUPHMOz9xSWw&ui=7BsrmHcakyLVD9aYOCFaLfbWwvziNp_1xLgNeF8Zj-gg1Qs-sgDYnmonWIUMQFyG5HYiOT9TKV1WN_agd27qxlLphk6MnzPTneybwu1dH9JQ1jh1MVC_kw&si=1&oref=b7b05ab6ea4d7d9fff7e73b67b068c69&optunit=Pb3VFqTIwvR3T2WADPxh8w&rb=-sGOgWKI70w&rr=1&abtg=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:5e2e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cd5094050bf7834fdac29abf87e6e96e6fdbbf89e2be853409baebd58a017c1b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version access-control-allow-origin * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7a274ee75da5bb62-FRA content-encoding br content-type text/html date Sat, 04 Mar 2023 04:17:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MP3cnIG%2BKOxc89XdFOfe%2Fz0wqCQaKeNyuSlOYJMvvCYMwz80xI8WbhGgGXwBxgP4GnVQ8E3ffSf%2BqOVSicwIR7I3xL%2BpLt80u7X5kb0gzCu4MlnHKTwjMqYMUf3DtgfZEute7GgY4e%2Fqg9K"}],"group":"cf-nel","max_age":604800} server cloudflare
GET DATA	200 OK	truncated / Frame 72B3	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Content-Type image/png
GET H2	200	AFU1kAAPatM Show response feed.cn-rtb.com/v1/native/ Frame 72B3	640 B 844 B	538ms 501ms	Fetch application/json	172.67.197.244 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://feed.cn-rtb.com/v1/native/AFU1kAAPatM?subid=62930&uid=18710bad-19a8-4aad-9039-dee923b7e194&kw=download%20install Requested by Host: goadszone.com URL: https://goadszone.com/GQ32I6dZqg8CsD_IwcLs1FVyUOts79RMZaDfs4yevCw/?cid=90087945977&sid=62950386&s=0.0041 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.197.244 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7c0b532acf3409d25b04583660f3de04c5013e96828c9b549035e801dcc0c9b2` Request headers accept-language de-DE,de;q=0.9 Referer https://goadszone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sat, 04 Mar 2023 04:17:13 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare model report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsUKEBRE5VGjYLf69wtyN3OM%2BAdFZtTnbb%2BiktL9SllnRhBzD7WGO8F4hOT0MhZ7682vmvwe8aDrg8wRgIzCC8TuyO1c5NkxZsDE%2BM%2Fk%2BJZLGvsWPBFQWADbLatKmPMttfo%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-cache cf-ray 7a274ee8dbec3675-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	conf.json Show response goadszone.com/hood/Z29hZHN6b25lLmNvbQ==/ Frame 72B3	49 B 409 B	188ms 188ms	Fetch application/json	2606:4700:3031::6815:5e2e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://goadszone.com/hood/Z29hZHN6b25lLmNvbQ==/conf.json Requested by Host: goadszone.com URL: https://goadszone.com/GQ32I6dZqg8CsD_IwcLs1FVyUOts79RMZaDfs4yevCw/?cid=90087945977&sid=62950386&s=0.0041 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:5e2e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b2a8bfbdb86407809072fa664ba652957f4397d1c98ce2279b0dbb1359b7fb8f` Request headers accept-language de-DE,de;q=0.9 Referer https://goadszone.com/GQ32I6dZqg8CsD_IwcLs1FVyUOts79RMZaDfs4yevCw/?cid=90087945977&sid=62950386&s=0.0041 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sat, 04 Mar 2023 04:17:13 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Sat, 04 Mar 2023 04:10:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6402c49b-31" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wj7c3d%2BES5%2BnPDOCSlpbl34GmWaT78D611CWNqglJjs%2BQ7zp%2BYotfHl0RxShLmrE%2BdFjIysgjPpLh5X9wkPmBeNcaUDZQV61Tm2OSrH3M%2F%2BIzAf8fCGfJYNvGuvHVR1NBgoiA%2B5GAfWPpxSo"}],"group":"cf-nel","max_age":604800} content-type application/json cf-ray 7a274ee8ae87bb62-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET DATA	200 OK	truncated / Frame 72B3	748 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	ht.js Show response sdk.ocmhood.com/sdk/ Frame 72B3	30 KB 12 KB	45ms 15ms	Script application/javascript	2606:4700:20::ac43:4809 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl Requested by Host: goadszone.com URL: https://goadszone.com/GQ32I6dZqg8CsD_IwcLs1FVyUOts79RMZaDfs4yevCw/?cid=90087945977&sid=62950386&s=0.0041 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4809 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `70ca645441ebfae7bb9653172c781bd55e9bcf45e3c0d49fe2bbce6c8a83da25` Request headers Referer https://goadszone.com/ Origin https://goadszone.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sat, 04 Mar 2023 04:17:13 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1563 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 service-worker-allowed / last-modified Mon, 13 Feb 2023 09:58:42 GMT server cloudflare etag W/"63ea09d2-2e94" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rp%2FUbLKpbKDexiOGok4QZ6HbgK96oXdYIv%2F2B5xjsvOTcshL2WEKBOPrScu38MGKBi17uS%2FZGlGtWzkGvD0EUfgkkdcYJxj9YUPfnSBGhBLLOtroB6yrQyjA9BKn1%2Fb%2BM9M64lZKIo31UtvZQw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cf-ray 7a274eea0f582c55-FRA
GET H2	200	NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl.js Show response cdn.ocmhood.com/tag/ Frame 72B3	191 B 711 B	59ms 15ms	Script application/javascript	2606:4700:20::ac43:4809 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.ocmhood.com/tag/NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl.js Requested by Host: sdk.ocmhood.com URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4809 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `52ab4af643bc4aab5c955ce99d8779d3804217c85a695bfb5c41bb8f90a33036` Request headers accept-language de-DE,de;q=0.9 Referer https://goadszone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sat, 04 Mar 2023 04:17:13 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3344 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 service-worker-allowed / last-modified Tue, 13 Dec 2022 16:12:01 GMT server cloudflare etag W/"6398a451-bf" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7i55hCOqfIDsmJgJn1hciExU2uFEW9FXZRdRCcmpQeZkN4hpvsLxfuWCaSuSFkw6S9BNT81wBh4OUx27L3KhQswQ2NM%2BftjM1M01zsidDWN4aEb9IgDF1cFeZ3lZqQmxXJ03%2F6xrR%2BCICgm0A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=300 cf-ray 7a274eea6df19bb8-FRA
POST H2	201	activity t.ocmhood.com/v2/ Frame 72B3	0 301 B	36ms 21ms	Ping application/octet-stream	2606:4700:20::ac43:4809 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.ocmhood.com/v2/activity Requested by Host: sdk.ocmhood.com URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4809 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://goadszone.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 04 Mar 2023 04:17:13 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6j1fcHK62GgFtjZjFpCHZsGnaKMnGdq0QHedUSx8IIcIJvVzgKkH9poD7Z4JeKiNsDt%2BCtXfueAD9bBqn%2BVZ%2FABLV4fBNteRwf7Xx4b9rRAjuiZQlYkxVemv2nu0SyD2iQdbgeFyx%2B8n5bA%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control no-cache cf-ray 7a274eea9e209bb8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H2	201	activity t.ocmhood.com/v2/ Frame 72B3	0 262 B	38ms 24ms	Ping application/octet-stream	2606:4700:20::ac43:4809 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.ocmhood.com/v2/activity Requested by Host: sdk.ocmhood.com URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4809 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://goadszone.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 04 Mar 2023 04:17:13 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=07Ay0LCKM9luqHJ2UYe187QF92XuVFht2ZKPcVEUtk3F%2BB0zL59Wk%2BBOkipaRJxXKDx1xsexALCQ2FWsu9bkguPS5uSFbLc0e8fJasyKY8gMlhFOx2u9ZJioXtaQfwh7AhCaksTcXJt4LHw%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control no-cache cf-ray 7a274eea9e219bb8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	imp t.cn-rtb.com/ Frame 72B3	0 0	37ms 22ms	Fetch	172.67.197.244 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.cn-rtb.com/imp?l2=fYTB9dCUuXojgsg8WWEIQJl8eAQpfZCdCt98eX3EeqLG63gMZwKrE1LWr4NYs61tFs4Zai57ilJ5kTP7QI3AaPEjCkl0S0eN4_VkX2jH1Vv-FuT6W1hHu6imX72CgMb-5cxQssl87Ks2Gpj8TPETX5JVtYFmbIPXUZP9Zozaf0Nc9UgQuWIWf8iTYTy6YW-S Requested by Host: goadszone.com URL: https://goadszone.com/GQ32I6dZqg8CsD_IwcLs1FVyUOts79RMZaDfs4yevCw/?cid=90087945977&sid=62950386&s=0.0041 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.197.244 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://goadszone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sat, 04 Mar 2023 04:17:13 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cykfWIX3fFA2UtrTX3eoi0lidhXvH8amFmVrvHRqiSMXBgG%2BLSuwjZk85lXRPWaikvXQwbXAwJ2sMROqzJKaqmiWdDZld97Xx8bDhv7C4F%2BLUyT826CnHIyJqFJ%2B7kM%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cache-control no-cache cf-ray 7a274eec1e053675-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mybettermb.com/	1970-01-20 14:24:15	Name: rhid Value: 82937857610
			.mybettermb.com/	1970-01-20 10:05:07	Name: loi Value: ad_1429240_off_872129_aff_840_cid_185689-247WEBPRO.COM_ts_1677903432

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ocmhood.com
feed.cn-rtb.com
gadr.com
goadszone.com
mybettermb.com
p185689.mybettermb.com
sdk.ocmhood.com
t.cn-rtb.com
t.ocmhood.com
www.247webpro.com
172.67.197.244
2606:4700:20::ac43:4809
2606:4700:3031::6815:5e2e
52.116.53.155
64.98.135.32
95.211.219.66
52ab4af643bc4aab5c955ce99d8779d3804217c85a695bfb5c41bb8f90a33036
70ca645441ebfae7bb9653172c781bd55e9bcf45e3c0d49fe2bbce6c8a83da25
7c0b532acf3409d25b04583660f3de04c5013e96828c9b549035e801dcc0c9b2
96d513bac382395084e048219668784d3cf58d175fe910a87458c4cfa9ad0fab
9f25063749e65fc42e9687583a0bf4a6902f0963dfc33e216f4fd8caac737a5d
a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23
b2a8bfbdb86407809072fa664ba652957f4397d1c98ce2279b0dbb1359b7fb8f
cd5094050bf7834fdac29abf87e6e96e6fdbbf89e2be853409baebd58a017c1b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

gadr.com Open in urlscan Pro 64.98.135.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

10 Requests

90 %HTTPS

33 %IPv6

6 Domains

10 Subdomains

6 IPs

2 Countries

30 kBTransfer

64 kBSize

2 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

Indicators

gadr.com Open in urlscan Pro
64.98.135.32 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

90 %
HTTPS

33 %
IPv6

6
Domains

10
Subdomains

6
IPs

2
Countries

30 kB
Transfer

64 kB
Size

2
Cookies

10 HTTP transactions
2 data transactions