adspredictiv.com Open in urlscan Pro
2606:4700:3035::ac43:99ee Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ynfvsczx-bl0-oce-iz9.naverywr.link/
Effective URL:
https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=4141b8a8eef444579f542ae486005dcc20999&sub1=32971&sub2=
Submission: On November 26 via api (November 26th 2023, 11:22:48 pm UTC) from US — Scanned from US

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 7 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3035::ac43:99ee, located in and belongs to . The main domain is adspredictiv.com.
TLS certificate: Issued by GTS CA 1P5 on November 2nd 2023. Valid for: 3 months.

This is the only time adspredictiv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3033::ac43:86a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	134.209.203.156 134.209.203.156	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 2	2606:4700:303... 2606:4700:3030::6815:55e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3037::ac43:ad2e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	88.99.165.85 88.99.165.85	() ()
1 1	2606:4700:303... 2606:4700:3035::ac43:a9a0	() ()
1	2606:4700:303... 2606:4700:3035::ac43:99ee	() ()
8	4

1 2606:4700:3033::ac43:86a2 (United States)

ASN13335 (CLOUDFLARENET, US)

ynfvsczx-bl0-oce-iz9.naverywr.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 134.209.203.156 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

znews16.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:55e (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

vprsplshd.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:ad2e (United States)

ASN13335 (CLOUDFLARENET, US)

opeyyuh.whuhgamef.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.165.85 (None, ) 1 redirects

ASN- ()

mobilesmon.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:a9a0 (None, ) 1 redirects

ASN- ()

cd.mobledat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:99ee (None, )

ASN- ()

adspredictiv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	znews16.com znews16.com	107 KB
2	whuhgamef.life opeyyuh.whuhgamef.life	4 KB
2	vprsplshd.life 2 redirects vprsplshd.life	1 KB
1	adspredictiv.com adspredictiv.com
1	mobledat.com 1 redirects cd.mobledat.com	4 KB
1	mobilesmon.org 1 redirects mobilesmon.org	378 B
1	naverywr.link ynfvsczx-bl0-oce-iz9.naverywr.link	937 B
8	7

	Domain	Requested by
4	znews16.com	znews16.com
2	opeyyuh.whuhgamef.life	ynfvsczx-bl0-oce-iz9.naverywr.link opeyyuh.whuhgamef.life
2	vprsplshd.life	2 redirects
1	adspredictiv.com	opeyyuh.whuhgamef.life
1	cd.mobledat.com	1 redirects
1	mobilesmon.org	1 redirects
1	ynfvsczx-bl0-oce-iz9.naverywr.link
8	7

This site contains no links.

Subject Issuer	Validity	Valid
naverywr.link GTS CA 1P5	`2023-11-23` - `2024-02-21`	3 months	crt.sh
2.znews16.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
whuhgamef.life GTS CA 1P5	`2023-11-09` - `2024-02-07`	3 months	crt.sh
adspredictiv.com GTS CA 1P5	`2023-11-02` - `2024-01-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=4141b8a8eef444579f542ae486005dcc20999&sub1=32971&sub2=
Frame ID: 70605A42DEA1157DD47A4E20BFB97256
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ynfvsczx-bl0-oce-iz9.naverywr.link/ Page URL
https://znews16.com/?p=gnstizjsmq5gi3bpgu3tkmi Page URL
https://vprsplshd.life/?s=14&t1=748&t2=noref HTTP 302
https://vprsplshd.life/?s=14&t1=748&t2=noref&bc_r=1701040965 HTTP 302
https://opeyyuh.whuhgamef.life/?utm_medium=195a7a84693f9dd6d1851d0f90faeef0e8a443c8&utm_campaign=smsep&1=74... Page URL
https://opeyyuh.whuhgamef.life/proc.php?16446bc29497520696b8116f41af1b3d738ecfd3 Page URL
https://mobilesmon.org/visit.php?key=vzaey6w3iw47ygo2cdq5&pl=23985-2bcb55b3-7ab6aa7a&pu=23985&br=Ch... HTTP 302
https://cd.mobledat.com/?a=32971&c=337952&s2=14a18d5fvocgmwj231&s3=23985-2bcb55b3-7ab6aa7a HTTP 302
https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=4141b8a8eef444579f542ae486005dcc20999&su... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

8
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

4
IPs

2
Countries

112 kB
Transfer

123 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ynfvsczx-bl0-oce-iz9.naverywr.link/ Page URL
https://znews16.com/?p=gnstizjsmq5gi3bpgu3tkmi Page URL
https://vprsplshd.life/?s=14&t1=748&t2=noref HTTP 302
https://vprsplshd.life/?s=14&t1=748&t2=noref&bc_r=1701040965 HTTP 302
https://opeyyuh.whuhgamef.life/?utm_medium=195a7a84693f9dd6d1851d0f90faeef0e8a443c8&utm_campaign=smsep&1=748&2=0602ea78bac390cf2619d84879f2f19103a5cb8d&cid=0602ea78bac390cf2619d84879f2f19103a5cb8d Page URL
https://opeyyuh.whuhgamef.life/proc.php?16446bc29497520696b8116f41af1b3d738ecfd3 Page URL
https://mobilesmon.org/visit.php?key=vzaey6w3iw47ygo2cdq5&pl=23985-2bcb55b3-7ab6aa7a&pu=23985&br=Chrome&sid=M7305915322437992457 HTTP 302
https://cd.mobledat.com/?a=32971&c=337952&s2=14a18d5fvocgmwj231&s3=23985-2bcb55b3-7ab6aa7a HTTP 302
https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=4141b8a8eef444579f542ae486005dcc20999&sub1=32971&sub2= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://vprsplshd.life/?s=14&t1=748&t2=noref HTTP 302
https://vprsplshd.life/?s=14&t1=748&t2=noref&bc_r=1701040965 HTTP 302
https://opeyyuh.whuhgamef.life/?utm_medium=195a7a84693f9dd6d1851d0f90faeef0e8a443c8&utm_campaign=smsep&1=748&2=0602ea78bac390cf2619d84879f2f19103a5cb8d&cid=0602ea78bac390cf2619d84879f2f19103a5cb8d

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
ynfvsczx-bl0-oce-iz9.naverywr.link/ 318 B
937 B 362ms
257ms Document
text/html 2606:4700:3033::ac43:86a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ynfvsczx-bl0-oce-iz9.naverywr.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:86a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e089f9dec9153a4d6ac69b28fcbe7bf1e76806b57c48171ceaa89c1a3216bcc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82c5e003ae895e6b-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 26 Nov 2023 23:22:43 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <https://antibotcloud.com/antibot7.php>; rel=dns-prefetch
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pl80KMR4ypU2kUV%2BUB06C6eacaQGKzSaxrtooAuKtlEZQTMGD4JiFnmZZr%2BoLflzGoV8lkn%2FgezITPV9ECKAfX3a2DN%2FvFS2d79aH0zQjvq8Db8GugL2ggp4WjH81bGtnp%2FBhddhUZ%2Fk5ALkKrL8wYdmbrzhXgH2hSMQHuM1L%2FI%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 / Show response
znews16.com/ 19 KB
19 KB 460ms
198ms Document
text/html 134.209.203.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://znews16.com/?p=gnstizjsmq5gi3bpgu3tkmi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

134.209.203.156 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3d16bd3da673f834a626f8a1b95a5d44cc28a0d0351d145a2d4531f0ed73d91e

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ynfvsczx-bl0-oce-iz9.naverywr.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
content-security-policy: img-src https: data:; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sun, 26 Nov 2023 23:22:43 GMT
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 img2.png
znews16.com/img/30/ 7 KB
7 KB 180ms
177ms Image
image/png 134.209.203.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znews16.com/img/30/img2.png

Requested by

Host: znews16.com
URL: https://znews16.com/?p=gnstizjsmq5gi3bpgu3tkmi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

134.209.203.156 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

425c631201d7d64c4f5a934c39e7857279d9cf148900cb1f79c39ed29eb8d04c

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://znews16.com/?p=gnstizjsmq5gi3bpgu3tkmi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 23:22:44 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
last-modified: Fri, 19 Mar 2021 09:02:31 GMT
server: nginx
etag: "605468a7-1a99"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6809
expires: Tue, 26 Dec 2023 23:22:44 GMT

GET
H2 200 img3.png
znews16.com/img/30/ 12 KB
12 KB 191ms
189ms Image
image/png 134.209.203.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znews16.com/img/30/img3.png

Requested by

Host: znews16.com
URL: https://znews16.com/?p=gnstizjsmq5gi3bpgu3tkmi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

134.209.203.156 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4a18771cdff256e1f2575bae3a68f5b3ddac3660c37cdbfcecf1254c5927f43c

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://znews16.com/?p=gnstizjsmq5gi3bpgu3tkmi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 23:22:44 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
last-modified: Fri, 19 Mar 2021 09:02:23 GMT
server: nginx
etag: "6054689f-3038"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12344
expires: Tue, 26 Dec 2023 23:22:44 GMT

GET
H2 200 img1.png
znews16.com/img/30/ 68 KB
68 KB 212ms
210ms Image
image/png 134.209.203.156
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://znews16.com/img/30/img1.png

Requested by

Host: znews16.com
URL: https://znews16.com/?p=gnstizjsmq5gi3bpgu3tkmi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

134.209.203.156 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9dc15e2892ca9f3acda5aa7987586f4511deb6279067615285c049e6986ae0a8

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://znews16.com/?p=gnstizjsmq5gi3bpgu3tkmi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 23:22:44 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
last-modified: Fri, 19 Mar 2021 09:02:15 GMT
server: nginx
etag: "60546897-10f6e"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 69486
expires: Tue, 26 Dec 2023 23:22:44 GMT

GET
H2

200

/ Show response
opeyyuh.whuhgamef.life/
Redirect Chain

https://vprsplshd.life/?s=14&t1=748&t2=noref
https://vprsplshd.life/?s=14&t1=748&t2=noref&bc_r=1701040965
https://opeyyuh.whuhgamef.life/?utm_medium=195a7a84693f9dd6d1851d0f90faeef0e8a443c8&utm_campaign=smsep&1=748&2=0602ea78bac390cf2619d84879f2f19103a5cb8d&cid=0602ea78bac390cf2619d84879f2f19103a5cb8d

9 KB
3 KB

301ms
111ms

Document
text/html

2606:4700:3037::ac43:ad2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://opeyyuh.whuhgamef.life/?utm_medium=195a7a84693f9dd6d1851d0f90faeef0e8a443c8&utm_campaign=smsep&1=748&2=0602ea78bac390cf2619d84879f2f19103a5cb8d&cid=0602ea78bac390cf2619d84879f2f19103a5cb8d
Requested by: Host: ynfvsczx-bl0-oce-iz9.naverywr.link
URL: https://ynfvsczx-bl0-oce-iz9.naverywr.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.12
Resource Hash: 9ccb2cc2003be98ed9f279be9ab321e03f3997fbd9ae91aa503a7998c78e3740

Request headers

Referer: https://znews16.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 82c5e01bb9bc0cc0-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 26 Nov 2023 23:22:47 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpecj9aY6eXGaKfyFgYV5qbtKYD3UQOPSj%2B3pinkYcqIjCxnU8ie1xmfL1T%2BASTv4bkj9pYCqNUTGD5ArvCeTa5j8Jr3ZNvNYIs%2Fj3keOsnGxQkIg7sKa%2Bs7TBkHI91%2BhrAV3rbWzKKE4VM2v3QCbdNCcNBA"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/8.2.12

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82c5e0154da87293-EWR
content-type: text/html; charset=UTF-8
date: Sun, 26 Nov 2023 23:22:46 GMT
location: https://opeyyuh.whuhgamef.life/?utm_medium=195a7a84693f9dd6d1851d0f90faeef0e8a443c8&utm_campaign=smsep&1=748&2=0602ea78bac390cf2619d84879f2f19103a5cb8d&cid=0602ea78bac390cf2619d84879f2f19103a5cb8d
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BjQqafhIl6P0GjouSRH%2FGtautIvC0kolqXKQ0lf%2FtfzaB3LZmO3J5aHMr2%2Bp1qLMgyPcHq%2BVTXl9SVIcRSq5OwDOP0wTUmOb9EKYJi56s4gv3cW7%2FEdxVY8pvWkR%2FBnmfJBJ0zOkJ0jiY648EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent

GET
H2 200 proc.php
opeyyuh.whuhgamef.life/ 1 KB
997 B 65ms
64ms Document
text/html 2606:4700:3037::ac43:ad2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://opeyyuh.whuhgamef.life/proc.php?16446bc29497520696b8116f41af1b3d738ecfd3
Requested by: Host: opeyyuh.whuhgamef.life
URL: https://opeyyuh.whuhgamef.life/?utm_medium=195a7a84693f9dd6d1851d0f90faeef0e8a443c8&utm_campaign=smsep&1=748&2=0602ea78bac390cf2619d84879f2f19103a5cb8d&cid=0602ea78bac390cf2619d84879f2f19103a5cb8d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.12
Resource Hash

Request headers

Referer: https://opeyyuh.whuhgamef.life/?utm_medium=195a7a84693f9dd6d1851d0f90faeef0e8a443c8&utm_campaign=smsep&1=748&2=0602ea78bac390cf2619d84879f2f19103a5cb8d&cid=0602ea78bac390cf2619d84879f2f19103a5cb8d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 82c5e01dac820cc0-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 26 Nov 2023 23:22:47 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://mobilesmon.org/visit.php?key=vzaey6w3iw47ygo2cdq5&pl=23985-2bcb55b3-7ab6aa7a&pu=23985&br=Chrome&sid=M7305915322437992457
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEnHPUY8C8AaF9%2B2KnqNvkdZfCz1ww6P%2BDAVG7lF7Mx9lw%2FDU%2Bxw6Tkg7rITJaWKe%2BUjR5B8NtZfrQ5tHqNSZrbx6KT7k3%2FLWHcE70JJ1N0xURRO4xh2052AfOD5crlnNfM%2BzJbR%2BllJTUPFTK8c1v5iehWy"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/8.2.12

GET
H2

200

Primary Request next.php
adspredictiv.com/jump/
Redirect Chain

https://mobilesmon.org/visit.php?key=vzaey6w3iw47ygo2cdq5&pl=23985-2bcb55b3-7ab6aa7a&pu=23985&br=Chrome&sid=M7305915322437992457
https://cd.mobledat.com/?a=32971&c=337952&s2=14a18d5fvocgmwj231&s3=23985-2bcb55b3-7ab6aa7a
https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=4141b8a8eef444579f542ae486005dcc20999&sub1=32971&sub2=

7 KB
0

317ms
81ms

Document
text/html

2606:4700:3035::ac43:99ee

General

Check archive.org

Show headers Download Go to

Full URL: https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=4141b8a8eef444579f542ae486005dcc20999&sub1=32971&sub2=
Requested by: Host: opeyyuh.whuhgamef.life
URL: https://opeyyuh.whuhgamef.life/proc.php?16446bc29497520696b8116f41af1b3d738ecfd3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:99ee -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://opeyyuh.whuhgamef.life/proc.php?16446bc29497520696b8116f41af1b3d738ecfd3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82c5e026a94cc32b-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 26 Nov 2023 23:22:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7DuZNMUnoSoBob5ZbreBC3NbmlZ4FUSI1waRYo%2FFrdQXlXnYkuI1lIQZnMM8z5OBLjWLBA4cgmkyxOeB47GZ5tTd48qjkRAYXarJ4iuQ6NzA8eiOxkNkUu0x9pYrCwR%2FLG%2FEEC59hR6DlO2DhXh"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82c5e022dd0d8cc8-EWR
content-language: en-US
content-type: text/html;charset=ISO-8859-1
date: Sun, 26 Nov 2023 23:22:48 GMT
location: https://adspredictiv.com/jump/next.php?r=6536598&pub_clickid=4141b8a8eef444579f542ae486005dcc20999&sub1=32971&sub2=
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2j%2BFe02BbvGrw41Y1QtsLaFvGZmqHPICvYVinItMe%2FsghIMxzwHS6Gncig%2Brjtzv9qaNehj6Rjs24fuCyup83CyIueBIbHk%2F5dv0uUvJsQxnptIgW2RBX1O9H5tu2hzQe7gf8iMdcmgy2qpZqxk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ynfvsczx-bl0-oce-iz9.naverywr.link/	1970-01-21 01:16:16	Name: antibot_uid Value: a461387c7c064b9c0084e86feb062281
ynfvsczx-bl0-oce-iz9.naverywr.link/	1970-01-20 16:45:04	Name: stop Value: 1
.znews16.com/	1970-01-20 17:13:52	Name: uuid Value: 7452ce4f-e383-4c08-98ff-0ea2c31b4eae
.vprsplshd.life/	1970-01-20 16:30:44	Name: 43bc418c2342fb666112ef3dd254a054 Value: 1
.vprsplshd.life/	1970-01-20 16:32:07	Name: b040d38f81d1049b600a55cc0cb01a6b Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adspredictiv.com
cd.mobledat.com
mobilesmon.org
opeyyuh.whuhgamef.life
vprsplshd.life
ynfvsczx-bl0-oce-iz9.naverywr.link
znews16.com
134.209.203.156
2606:4700:3030::6815:55e
2606:4700:3033::ac43:86a2
2606:4700:3035::ac43:99ee
2606:4700:3035::ac43:a9a0
2606:4700:3037::ac43:ad2e
88.99.165.85
3d16bd3da673f834a626f8a1b95a5d44cc28a0d0351d145a2d4531f0ed73d91e
425c631201d7d64c4f5a934c39e7857279d9cf148900cb1f79c39ed29eb8d04c
4a18771cdff256e1f2575bae3a68f5b3ddac3660c37cdbfcecf1254c5927f43c
5e089f9dec9153a4d6ac69b28fcbe7bf1e76806b57c48171ceaa89c1a3216bcc
9ccb2cc2003be98ed9f279be9ab321e03f3997fbd9ae91aa503a7998c78e3740
9dc15e2892ca9f3acda5aa7987586f4511deb6279067615285c049e6986ae0a8

adspredictiv.com Open in urlscan Pro 2606:4700:3035::ac43:99ee Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

71 %IPv6

7 Domains

7 Subdomains

4 IPs

2 Countries

112 kBTransfer

123 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

5 Cookies

Indicators

adspredictiv.com Open in urlscan Pro
2606:4700:3035::ac43:99ee Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

4
IPs

2
Countries

112 kB
Transfer

123 kB
Size

5
Cookies

8 HTTP transactions
0 data transactions