track.adxmel.com Open in urlscan Pro
52.202.247.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://yytcgdip.gq/
Effective URL:
https://track.adxmel.com/aff_c?aid=1397001&oid=236772&source=23358&aff_sub=a_62f85fa51a5e26000165fbfe
Submission: On August 14 via api (August 14th 2022, 2:36:28 am UTC) from US — Scanned from NL

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 16 domains to perform 22 HTTP transactions. The main IP is 52.202.247.75, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is track.adxmel.com. The Cisco Umbrella rank of the primary domain is 56462.
TLS certificate: Issued by R3 on July 25th 2022. Valid for: 3 months.

This is the only time track.adxmel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	45.133.44.25 45.133.44.25	7018 (ATT-INTER...) (ATT-INTERNET4)
1 1	2606:4700:303... 2606:4700:3033::6815:4d02	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3031::ac43:a5ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.202.247.75 52.202.247.75	14618 (AMAZON-AES) (AMAZON-AES)
5	45.133.44.24 45.133.44.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	23.88.85.6 23.88.85.6	24940 (HETZNER-AS) (HETZNER-AS)
1	168.119.25.22 168.119.25.22	24940 (HETZNER-AS) (HETZNER-AS)
1	2a01:4f8:e0:1... 2a01:4f8:e0:19cb::1	24940 (HETZNER-AS) (HETZNER-AS)
4	188.34.134.78 188.34.134.78	24940 (HETZNER-AS) (HETZNER-AS)
22	10

1 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

yytcgdip.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

network-site.za.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.25 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

sw.wpush.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpshsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:4d02 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

transitgirls.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:a5ac (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

m.luvmenow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.247.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-247-75.compute-1.amazonaws.com

track.adxmel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.133.44.24 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bacd2a0353.7a6a4e9e27.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.jnkstff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.88.85.6 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.6.85.88.23.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.25.22 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.22.25.119.168.clients.your-server.de

nereserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:e0:19cb::1 (Germany)

ASN24940 (HETZNER-AS, DE)

5da64829e9.7a6a4e9e27.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.34.134.78 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.78.134.34.188.clients.your-server.de

gettine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
getels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	getels.com getels.com — Cisco Umbrella Rank: 139345	7 KB
2	gettine.com gettine.com — Cisco Umbrella Rank: 132156	148 B
2	jnkstff.com js.jnkstff.com — Cisco Umbrella Rank: 194115	599 B
2	wpushsdk.com js.wpushsdk.com — Cisco Umbrella Rank: 48759	78 KB
2	7a6a4e9e27.com bacd2a0353.7a6a4e9e27.com 5da64829e9.7a6a4e9e27.com Failed	207 B
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 31083	363 B
2	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 27223	31 KB
1	nereserv.com nereserv.com — Cisco Umbrella Rank: 40702	201 B
1	wpshsdk.com js.wpshsdk.com — Cisco Umbrella Rank: 13892	20 KB
1	adxmel.com track.adxmel.com — Cisco Umbrella Rank: 56462	600 B
1	luvmenow.com 1 redirects m.luvmenow.com	717 B
1	transitgirls.com 1 redirects transitgirls.com	1 KB
1	wpush.org sw.wpush.org — Cisco Umbrella Rank: 83953	9 KB
1	za.com network-site.za.com	4 KB
1	yytcgdip.gq yytcgdip.gq	11 KB
0	Failed function sub() { [native code] }. Failed
22	16

	Domain	Requested by
2	getels.com	js.wpushsdk.com
2	gettine.com	js.wpushsdk.com
2	js.jnkstff.com	js.wpushsdk.com
2	js.wpushsdk.com	js.wpadmngr.com
2	fp.metricswpsh.com	js.wpadmngr.com
2	js.wpadmngr.com	sw.wpush.org js.wpadmngr.com
1	5da64829e9.7a6a4e9e27.com	js.wpushsdk.com
1	nereserv.com	js.wpushsdk.com
1	js.wpshsdk.com	js.wpadmngr.com
1	bacd2a0353.7a6a4e9e27.com	js.wpadmngr.com
1	track.adxmel.com	yytcgdip.gq
1	m.luvmenow.com	1 redirects
1	transitgirls.com	1 redirects
1	sw.wpush.org	yytcgdip.gq
1	network-site.za.com	yytcgdip.gq
1	yytcgdip.gq
0	details Failed
22	17

This site contains no links.

Subject Issuer	Validity	Valid
*.network-site.za.com E1	`2022-08-01` - `2022-10-30`	3 months	crt.sh
sw.wpush.org R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
*.adxmel.com R3	`2022-07-25` - `2022-10-23`	3 months	crt.sh
js.wpadmngr.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
notification.tubecup.net R3	`2022-06-20` - `2022-09-18`	3 months	crt.sh
bacd2a0353.7a6a4e9e27.com R3	`2022-08-11` - `2022-11-09`	3 months	crt.sh
js.wpshsdk.com R3	`2022-07-25` - `2022-10-23`	3 months	crt.sh
js.wpushsdk.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
js.jnkstff.com R3	`2022-08-11` - `2022-11-09`	3 months	crt.sh
7a6a4e9e27.com R3	`2022-08-11` - `2022-11-09`	3 months	crt.sh
gettine.com R3	`2022-08-12` - `2022-11-10`	3 months	crt.sh
getels.com R3	`2022-08-11` - `2022-11-09`	3 months	crt.sh

This page contains 1 frames:

Frame: market://details?referrer=click_id%3D237384723gg64dc1gad3bbtqp51uUGN%26utm_source%3D237384723&id=com.alibaba.intl.android.apps.poseidon
Frame ID: 56FBEE6E30AD0C63BDDB5B9EF078FFD3
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://yytcgdip.gq/ Page URL
https://transitgirls.com/JftSRJNZ?tag=other&dir=cpi HTTP 302
https://m.luvmenow.com/click?offer_id=4316&pid=26208&ref_id=3a0asfj6d2lv7&sub1=23358&sub3=3a0asfj6d... HTTP 302
https://track.adxmel.com/aff_c?aid=1397001&oid=236772&source=23358&aff_sub=a_62f85fa51a5e26000165fbfe Page URL

Page Statistics

22
Requests

86 %
HTTPS

45 %
IPv6

16
Domains

17
Subdomains

10
IPs

3
Countries

163 kB
Transfer

494 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://yytcgdip.gq/ Page URL
https://transitgirls.com/JftSRJNZ?tag=other&dir=cpi HTTP 302
https://m.luvmenow.com/click?offer_id=4316&pid=26208&ref_id=3a0asfj6d2lv7&sub1=23358&sub3=3a0asfj6d2lv7&sub4=&sub5=&sub6=&sub7=cpi&sub8=other HTTP 302
https://track.adxmel.com/aff_c?aid=1397001&oid=236772&source=23358&aff_sub=a_62f85fa51a5e26000165fbfe Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://track.adxmel.com/v2/hr?s=AAdXJsPWh0dHAlM0ElMkYlMkZhdHJhY2tpbmctYXV0by5hcHBmbG9vZC5jb20lMkZ0cmFuc2FjdGlvbiUyRnBvc3RfY2xpY2slM0ZvZmZlcl9pZCUzRDE1OTQwNjExNyUyNmFmZl9pZCUzRDEwMzkyJTI2YWZmX3N1YiUzRDZlbThlMkFtdDRxQzVsUXVKb2xVQUg4eVdsOVFkak5rJTI2YWZmX3N1YjYlM0QxMzk3MDAxXzIzMzU4JTI2YWZmX3N1YjMlM0QmaGlkZV9yZWZlcj00&t=82229 HTTP 302
http://atracking-auto.appflood.com/transaction/post_click?offer_id=159406117&aff_id=10392&aff_sub=6em8e2Amt4qC5lQuJolUAH8yWl9QdjNk&aff_sub6=1397001_23358&aff_sub3= HTTP 302
https://3point14.g2afse.com/click?pid=481&offer_id=2284597&sub1=e8dbcbba816f70a0d08bb3251a60f958&sub2=10392_1397001_23358&sub3=&sub5= HTTP 302
https://t.9696.me/click?pid=645&offer_id=146210&sub4=62f85fa61315920001a8757c&sub1=645_481&sub2=645_481_10392_1397001_23358&sub3=&sub5=&sub6=&sub7=&sub8=nl-NL&ext3=31.204.150.151&ext1=2284597&ext2=481_10392_1397001_23358 HTTP 302
https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=&sub1=645_481&sub2=645_481_10392_1397001_23358 HTTP 302
https://offer.alibaba.com/cps/c4de77r2?tp1=62f85fa6b51e320001220fd2&adid=&pid=1 HTTP 302
http://click.alibaba.com/apprd/ngah3578?cps_sk=c4de77r2&tp1=62f85fa6b51e320001220fd2&adid=&pid=1&cpsAffId=958561276&ali_creative_id=activityCps__*__*__*__*__c4de77r2 HTTP 301
https://click.alibaba.com/apprd/ngah3578?cps_sk=c4de77r2&tp1=62f85fa6b51e320001220fd2&adid=&pid=1&cpsAffId=958561276&ali_creative_id=activityCps__*__*__*__*__c4de77r2 HTTP 302
market://details?referrer=click_id%3D237384723gg64dc1gad3bbtqp51uUGN%26utm_source%3D237384723&id=com.alibaba.intl.android.apps.poseidon

22 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response yytcgdip.gq/	20 KB 11 KB	316ms 105ms	Document text/html	2a06:98c1:3121::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://yytcgdip.gq/ Protocol HTTP/1.1 Server 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.8 Resource Hash `ecfa502ce511769f18b3be192f3c045045939d310f93f39bcf7e27545be46e3f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Access-Control-Allow-Origin * CF-Cache-Status DYNAMIC CF-RAY 73a64d630dd0b791-AMS Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sun, 14 Aug 2022 02:36:20 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJ%2B9XxW1MrsYJ7nBGZjtLbhELyhjX0AwZx9CaXQojQHdQZPuaV10sjtHtOv5ItDJyr6keOJ9zuY%2F%2FFGozQvvB5Xcc4poclDR7YOHxOvSAuph2bXPshISTCYBhea8%2FNfgFm2%2FWeIIUaW95Q%3D%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked X-Powered-By PHP/7.4.8 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	he4tkobvgi5ha3ddf4ytenrs Show response network-site.za.com/code/	13 KB 4 KB	108ms 41ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://network-site.za.com/code/he4tkobvgi5ha3ddf4ytenrs Requested by Host: yytcgdip.gq URL: http://yytcgdip.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `10ea56d2d13676e8ce8f90e435f65676b7ad03d5487c54688f2a5d1719dc237b` Request headers accept-language nl-NL,nl;q=0.9 Referer http://yytcgdip.gq/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Sun, 14 Aug 2022 02:36:20 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpCl74HK0k3k3trK4vUnbxZQ6aRrwJIOOVFEn3rM4GmCidOUVKWBdBNFK6ekd9MPM5Le1qkd%2BfFN%2FurajWGeBERVGcQnHVvfnh7I17liHhgcaSkcEA02Zb2xIIsVurFOONEmGrs1mIrBIdLTIPKExC7P"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cf-ray 73a64d641dcab89a-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	main.js sw.wpush.org/script/	23 KB 9 KB	93ms 30ms	Script application/javascript	45.133.44.25 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://sw.wpush.org/script/main.js?promo=24303&tcid=2833&src=1860236680 Requested by Host: yytcgdip.gq URL: http://yytcgdip.gq/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software nginx/1.18.0 / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://yytcgdip.gq/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Sun, 14 Aug 2022 02:36:20 GMT content-encoding gzip last-modified Thu, 30 Jun 2022 13:39:57 GMT server nginx/1.18.0 etag W/"62bda7ad-5a03" content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Sun, 14 Aug 2022 02:41:20 GMT cache-control max-age=300 x-proxy-cache HIT
GET H2	200	Primary Request aff_c Show response track.adxmel.com/ Redirect Chain https://transitgirls.com/JftSRJNZ?tag=other&dir=cpi https://m.luvmenow.com/click?offer_id=4316&pid=26208&ref_id=3a0asfj6d2lv7&sub1=23358&sub3=3a0asfj6d2lv7&sub4=&sub5=&sub6=&sub7=cpi&sub8=other https://track.adxmel.com/aff_c?aid=1397001&oid=236772&source=23358&aff_sub=a_62f85fa51a5e26000165fbfe	518 B 600 B	483ms 265ms	Document text/html	52.202.247.75 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://track.adxmel.com/aff_c?aid=1397001&oid=236772&source=23358&aff_sub=a_62f85fa51a5e26000165fbfe Requested by Host: yytcgdip.gq URL: http://yytcgdip.gq/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.202.247.75 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-247-75.compute-1.amazonaws.com Software openresty / Resource Hash `0b2ab51dea0492e8cb7950ac56a0f4bbc4dc62c34065cf4a42db8d81f1ff068a` Request headers Referer http://yytcgdip.gq/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers content-encoding gzip content-type text/html date Sun, 14 Aug 2022 02:36:22 GMT server openresty vary Accept-Encoding Accept-Encoding Accept-Encoding ym-accelerate-region Virginia Redirect headers access-control-allow-origin * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 73a64d65f8c79208-FRA content-length 0 date Sun, 14 Aug 2022 02:36:21 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" location https://track.adxmel.com/aff_c?aid=1397001&oid=236772&source=23358&aff_sub=a_62f85fa51a5e26000165fbfe nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZPC3BnOP0uTllSO99UOV570LhxMo%2Bg3lCK3U9wcPtmm2Tpm%2F8qLCxT94w5jPrp%2FwnUVt7MKJe5ahwQFUJBBJxa3CuQAsdYgFmFqguhzia9SjiYcE07ta108Ossymjb%2FhTaCbxUlD7EK9mrTLA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	adManager.m.js js.wpadmngr.com/static/	85 KB 31 KB	105ms 48ms	Script application/javascript	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.wpadmngr.com/static/adManager.m.js Requested by Host: sw.wpush.org URL: https://sw.wpush.org/script/main.js?promo=24303&tcid=2833&src=1860236680 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://yytcgdip.gq/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Sun, 14 Aug 2022 02:36:20 GMT content-encoding gzip last-modified Wed, 10 Aug 2022 09:37:00 GMT server nginx/1.18.0 etag W/"62f37c3c-1524f" content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Sun, 14 Aug 2022 02:41:20 GMT cache-control max-age=300 x-proxy-cache HIT
GET H2	200	wp-banners.js js.wpadmngr.com/npc/sdk/	0 237 B	24ms 24ms	Script application/javascript	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.wpadmngr.com/npc/sdk/wp-banners.js Requested by Host: js.wpadmngr.com URL: https://js.wpadmngr.com/static/adManager.m.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://yytcgdip.gq/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Sun, 14 Aug 2022 02:36:20 GMT last-modified Fri, 20 Aug 2021 15:14:31 GMT server nginx/1.18.0 etag "611fc6d7-0" content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Sun, 14 Aug 2022 02:41:20 GMT cache-control max-age=300 accept-ranges bytes content-length 0 x-proxy-cache HIT
OPTIONS H/1.1	204 No Content	fp fp.metricswpsh.com/	0 0	147ms 47ms	Preflight	23.88.85.6 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.88.85.6 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.6.85.88.23.clients.your-server.de Software nginx/1.20.1 / Resource Hash Request headers Accept / Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin http://yytcgdip.gq Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Origin http://yytcgdip.gq Connection keep-alive Date Sun, 14 Aug 2022 02:36:20 GMT Server nginx/1.20.1 Vary Origin Access-Control-Request-Method Access-Control-Request-Headers
POST H/1.1	200 OK	fp fp.metricswpsh.com/	0 363 B	170ms 85ms	XHR text/plain	23.88.85.6 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=0 Requested by Host: js.wpadmngr.com URL: https://js.wpadmngr.com/static/adManager.m.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.88.85.6 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.6.85.88.23.clients.your-server.de Software nginx/1.20.1 / Resource Hash Request headers Referer http://yytcgdip.gq/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers Date Sun, 14 Aug 2022 02:36:21 GMT Server nginx/1.20.1 Vary Origin Content-Type text/plain; charset=UTF-8 Access-Control-Allow-Origin http://yytcgdip.gq Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0
GET H2	200	track bacd2a0353.7a6a4e9e27.com/in/	0 207 B	257ms 66ms	XHR text/plain	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://bacd2a0353.7a6a4e9e27.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI4NjU3MzY3NDYyODYxMjEwMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMy4wIiwidGFnX2lkIjowLCJzY3JlZW5fcmVzb2x1dGlvbiI6IjE2MDB4MTIwMCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiRXRjL1Vua25vd24iLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4xLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJWaWRlbyUyMCJ9 Requested by Host: js.wpadmngr.com URL: https://js.wpadmngr.com/static/adManager.m.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://yytcgdip.gq/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers pragma no-cache date Sun, 14 Aug 2022 02:36:21 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
GET H2	200	push.m.js js.wpshsdk.com/npc/sdk/	51 KB 20 KB	117ms 53ms	Script application/javascript	45.133.44.25 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://js.wpshsdk.com/npc/sdk/push.m.js?v=1 Requested by Host: js.wpadmngr.com URL: https://js.wpadmngr.com/static/adManager.m.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software nginx/1.18.0 / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://yytcgdip.gq/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Sun, 14 Aug 2022 02:36:20 GMT content-encoding gzip last-modified Fri, 12 Aug 2022 09:19:54 GMT server nginx/1.18.0 etag W/"62f61b3a-cd9a" content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Sun, 14 Aug 2022 02:41:20 GMT cache-control max-age=300 x-proxy-cache HIT
GET H2	200	npush.m.js js.wpushsdk.com/npc/sdk/wpu/	243 KB 65 KB	127ms 25ms	Script application/javascript	45.133.44.25 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js Requested by Host: js.wpadmngr.com URL: https://js.wpadmngr.com/static/adManager.m.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software nginx/1.18.0 / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://yytcgdip.gq/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Sun, 14 Aug 2022 02:36:20 GMT content-encoding gzip last-modified Tue, 02 Aug 2022 14:03:09 GMT server nginx/1.18.0 etag W/"62e92e9d-3cb1c" content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Sun, 14 Aug 2022 02:41:20 GMT cache-control max-age=300 x-proxy-cache HIT
GET H2	200	csub.m.js js.wpushsdk.com/npc/sdk/wpu/	52 KB 13 KB	186ms 84ms	Script application/javascript	45.133.44.25 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://js.wpushsdk.com/npc/sdk/wpu/csub.m.js Requested by Host: js.wpadmngr.com URL: https://js.wpadmngr.com/static/adManager.m.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software nginx/1.18.0 / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://yytcgdip.gq/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Sun, 14 Aug 2022 02:36:20 GMT content-encoding gzip last-modified Thu, 04 Aug 2022 11:09:06 GMT server nginx/1.18.0 etag W/"62eba8d2-d0c6" content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Sun, 14 Aug 2022 02:41:20 GMT cache-control max-age=300 x-proxy-cache HIT
GET H2	200	2833.php js.jnkstff.com/npc/anpc/	130 B 339 B	114ms 24ms	XHR text/html	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.jnkstff.com/npc/anpc/2833.php Requested by Host: js.wpushsdk.com URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.16.1 / PHP/7.1.28 Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://yytcgdip.gq/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Sun, 14 Aug 2022 02:36:21 GMT content-encoding gzip server nginx/1.16.1 x-powered-by PHP/7.1.28 content-type text/html; charset=UTF-8 access-control-allow-origin * expires Sun, 14 Aug 2022 03:36:21 GMT cache-control max-age=3600 x-proxy-cache HIT
GET H2	200	2833.php js.jnkstff.com/npc/cpc/	36 B 260 B	113ms 25ms	Fetch text/html	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.jnkstff.com/npc/cpc/2833.php Requested by Host: js.wpushsdk.com URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.m.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.16.1 / PHP/7.1.28 Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://yytcgdip.gq/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Sun, 14 Aug 2022 02:36:21 GMT content-encoding gzip server nginx/1.16.1 x-powered-by PHP/7.1.28 content-type text/html; charset=UTF-8 access-control-allow-origin * expires Sun, 14 Aug 2022 03:36:21 GMT cache-control max-age=3600 x-proxy-cache HIT
GET H2	200	dip nereserv.com/in/	0 201 B	171ms 43ms	XHR text/plain	168.119.25.22 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://nereserv.com/in/dip?wl=1&event_id=00b07baf-79f1-4dc2-b53f-9934cb6dc9f6&subid=1860236680&sid=1025841996&spot_id=0&created_at=2022-08-14&timezone=0&ver=6.27.0&is_native=1&user_keywords=Video%2520 Requested by Host: js.wpushsdk.com URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 168.119.25.22 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.22.25.119.168.clients.your-server.de Software nginx/1.18.0 / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer http://yytcgdip.gq/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers pragma no-cache date Sun, 14 Aug 2022 02:36:21 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
POST		multy 5da64829e9.7a6a4e9e27.com/in/	0 0

OPTIONS H2	204	multy 5da64829e9.7a6a4e9e27.com/in/	0 0	298ms 34ms	Preflight	2a01:4f8:e0:19cb::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://5da64829e9.7a6a4e9e27.com/in/multy Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:e0:19cb::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash Request headers Accept / Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin http://yytcgdip.gq Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate date Sun, 14 Aug 2022 02:36:21 GMT pragma no-cache server nginx/1.18.0 vary Origin
POST H2	204	ads gettine.com/api/v1/prepare/	0 148 B	43ms 43ms	Fetch	188.34.134.78 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://gettine.com/api/v1/prepare/ads Requested by Host: js.wpushsdk.com URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.m.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.34.134.78 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.78.134.34.188.clients.your-server.de Software nginx/1.18.0 / Resource Hash Request headers Referer http://yytcgdip.gq/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Content-Type application/json Response headers access-control-allow-origin http://yytcgdip.gq date Sun, 14 Aug 2022 02:36:21 GMT access-control-allow-credentials true server nginx/1.18.0 vary Origin access-control-expose-headers Link
OPTIONS H2	200	ads gettine.com/api/v1/prepare/	0 0	241ms 45ms	Preflight	188.34.134.78 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://gettine.com/api/v1/prepare/ads Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.34.134.78 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.78.134.34.188.clients.your-server.de Software nginx/1.18.0 / Resource Hash Request headers Accept / Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin http://yytcgdip.gq Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type access-control-allow-methods POST access-control-allow-origin http://yytcgdip.gq access-control-max-age 300 content-length 0 date Sun, 14 Aug 2022 02:36:21 GMT server nginx/1.18.0 vary Origin Access-Control-Request-Method Access-Control-Request-Headers
POST H2	201	ads getels.com/api/v1/prepare/	7 KB 7 KB	219ms 218ms	Fetch text/plain	188.34.134.78 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://getels.com/api/v1/prepare/ads Requested by Host: js.wpushsdk.com URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.m.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.34.134.78 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.78.134.34.188.clients.your-server.de Software nginx/1.18.0 / Resource Hash Request headers Referer http://yytcgdip.gq/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Content-Type application/json Response headers access-control-allow-origin http://yytcgdip.gq date Sun, 14 Aug 2022 02:36:21 GMT access-control-allow-credentials true server nginx/1.18.0 content-type text/plain; charset=utf-8 vary Origin access-control-expose-headers Link
OPTIONS H2	200	ads getels.com/api/v1/prepare/	0 0	217ms 46ms	Preflight	188.34.134.78 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://getels.com/api/v1/prepare/ads Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.34.134.78 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.78.134.34.188.clients.your-server.de Software nginx/1.18.0 / Resource Hash Request headers Accept / Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin http://yytcgdip.gq Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type access-control-allow-methods POST access-control-allow-origin http://yytcgdip.gq access-control-max-age 300 content-length 0 date Sun, 14 Aug 2022 02:36:21 GMT server nginx/1.18.0 vary Origin Access-Control-Request-Method Access-Control-Request-Headers
GET		market://details?referrer=click_id%3D237384723gg64dc1gad3bbtqp51uUGN%26utm_source%3D237384723&id=com.alibaba.intl.android.apps.poseidon market://details?referrer=click_id%3D237384723gg64dc1gad3bbtqp51uUGN%26utm_source%3D237384723&id=com.alibaba.intl.android.apps.poseidon Redirect Chain https://track.adxmel.com/v2/hr?s=AAdXJsPWh0dHAlM0ElMkYlMkZhdHJhY2tpbmctYXV0by5hcHBmbG9vZC5jb20lMkZ0cmFuc2FjdGlvbiUyRnBvc3RfY2xpY2slM0ZvZmZlcl9pZCUzRDE1OTQwNjExNyUyNmFmZl9pZCUzRDEwMzkyJTI2YWZmX3N1Yi... http://atracking-auto.appflood.com/transaction/post_click?offer_id=159406117&aff_id=10392&aff_sub=6em8e2Amt4qC5lQuJolUAH8yWl9QdjNk&aff_sub6=1397001_23358&aff_sub3= https://3point14.g2afse.com/click?pid=481&offer_id=2284597&sub1=e8dbcbba816f70a0d08bb3251a60f958&sub2=10392_1397001_23358&sub3=&sub5= https://t.9696.me/click?pid=645&offer_id=146210&sub4=62f85fa61315920001a8757c&sub1=645_481&sub2=645_481_10392_1397001_23358&sub3=&sub5=&sub6=&sub7=&sub8=nl-NL&ext3=31.204.150.151&ext1=2284597&ext2=... https://t.9696.me/sl?id=5a3bb991105d348300000000&pid=1&sub3=&sub1=645_481&sub2=645_481_10392_1397001_23358 https://offer.alibaba.com/cps/c4de77r2?tp1=62f85fa6b51e320001220fd2&adid=&pid=1 http://click.alibaba.com/apprd/ngah3578?cps_sk=c4de77r2&tp1=62f85fa6b51e320001220fd2&adid=&pid=1&cpsAffId=958561276&ali_creative_id=activityCps__________c4de77r2 https://click.alibaba.com/apprd/ngah3578?cps_sk=c4de77r2&tp1=62f85fa6b51e320001220fd2&adid=&pid=1&cpsAffId=958561276&ali_creative_id=activityCps__________c4de77r2 market://details?referrer=click_id%3D237384723gg64dc1gad3bbtqp51uUGN%26utm_source%3D237384723&id=com.alibaba.intl.android.apps.poseidon	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 5da64829e9.7a6a4e9e27.com
URL: https://5da64829e9.7a6a4e9e27.com/in/multy

Domain: details
URL: market://details?referrer=click_id%3D237384723gg64dc1gad3bbtqp51uUGN%26utm_source%3D237384723&id=com.alibaba.intl.android.apps.poseidon

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.network-site.za.com/	1970-01-20 05:57:16	Name: uuid Value: 936283c0-ae40-496d-a3d6-f235ae2d2fd9
transitgirls.com/	1970-01-20 05:58:42	Name: _subid Value: 3a0asfj6d2lv7
transitgirls.com/	1970-01-20 14:50:04	Name: 9bf24 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjIzODQ5MFwiOjE2NjA0NDQ1ODAsXCIxODE2NTRcIjoxNjYwNDQ0NTgwfSxcImNhbXBhaWduc1wiOntcIjIzMzU4XCI6MTY2MDQ0NDU4MCxcIjQwNVwiOjE2NjA0NDQ1ODB9LFwidGltZVwiOjE2NjA0NDQ1ODB9In0.Wc9h-W0l6SMByp_BpImUePhtnPBVRxRkgBEcPYlvT_U
transitgirls.com/	1970-01-20 05:58:42	Name: _token Value: uuid_3a0asfj6d2lv7_3a0asfj6d2lv762f85fa4a3f593.32127517
fp.metricswpsh.com/	1970-01-20 13:59:40	Name: id Value: 6165312088017539445
m.luvmenow.com/	1970-01-20 13:59:40	Name: afclick Value: 62f85fa51a5e26000165fbfe
m.luvmenow.com/	1970-01-20 13:59:40	Name: afoffers Value: {"4316":1660444581}
.track.adxmel.com/	1970-01-20 05:15:30	Name: X-Adxmi-Session Value: CKa_4ZcG
3point14.g2afse.com/	1970-01-20 13:59:40	Name: afclick Value: 62f85fa61315920001a8757c
3point14.g2afse.com/	1970-01-20 13:59:40	Name: afoffers Value: {"2284597":1660444582}
t.9696.me/	1970-01-20 13:59:40	Name: afclick Value: 62f85fa6b51e320001220fd2
.alibaba.com/	1970-01-20 14:50:04	Name: ali_apache_id Value: 33.3.25.21.1660444583597.526836.3
offer.alibaba.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 2153496f-7d82-4f95-97d9-eafc292e03c6
.alibaba.com/	1970-01-20 14:50:04	Name: cna Value: p01/G2pMWz8CAS/2gMQn5NPX
.alibaba.com/	1970-01-20 14:50:04	Name: ali_apache_track Value: ""
.alibaba.com/	1969-12-31 23:59:59	Name: ali_apache_tracktmp Value: ""
.alibaba.com/	1969-12-31 23:59:59	Name: cookie2 Value: a6f6c5b9f4961daed8624fd149cc4fa9
.alibaba.com/	1970-01-20 14:50:04	Name: t Value: 6a87b5f3a84ccaed0a1381fae65a2be7
.alibaba.com/	1969-12-31 23:59:59	Name: _tb_token_ Value: ee383e8e9e0ee
click.alibaba.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 834f11cd-d805-46a5-bf75-17b8fb6c95f9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5da64829e9.7a6a4e9e27.com
bacd2a0353.7a6a4e9e27.com
details
fp.metricswpsh.com
getels.com
gettine.com
js.jnkstff.com
js.wpadmngr.com
js.wpshsdk.com
js.wpushsdk.com
m.luvmenow.com
nereserv.com
network-site.za.com
sw.wpush.org
track.adxmel.com
transitgirls.com
yytcgdip.gq
5da64829e9.7a6a4e9e27.com
details
168.119.25.22
188.34.134.78
23.88.85.6
2606:4700:3031::ac43:a5ac
2606:4700:3033::6815:4d02
2a01:4f8:e0:19cb::1
2a06:98c1:3121::3
2a06:98c1:3121::c
45.133.44.24
45.133.44.25
52.202.247.75
0b2ab51dea0492e8cb7950ac56a0f4bbc4dc62c34065cf4a42db8d81f1ff068a
10ea56d2d13676e8ce8f90e435f65676b7ad03d5487c54688f2a5d1719dc237b
ecfa502ce511769f18b3be192f3c045045939d310f93f39bcf7e27545be46e3f

track.adxmel.com Open in urlscan Pro 52.202.247.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

22 Requests

86 %HTTPS

45 %IPv6

16 Domains

17 Subdomains

10 IPs

3 Countries

163 kBTransfer

494 kBSize

20 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

20 Cookies

Indicators

track.adxmel.com Open in urlscan Pro
52.202.247.75 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

86 %
HTTPS

45 %
IPv6

16
Domains

17
Subdomains

10
IPs

3
Countries

163 kB
Transfer

494 kB
Size

20
Cookies

22 HTTP transactions
0 data transactions