gurl.pw
Open in
urlscan Pro
2606:4700:3030::681f:43fb
Public Scan
Submission: On January 22 via manual from US
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 11th 2019. Valid for: a year.
This is the only time gurl.pw was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 2606:4700:303... 2606:4700:3030::681f:43fb | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
3 | 2a00:1450:400... 2a00:1450:4001:81b::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2600:9000:204... 2600:9000:2047:b800:1a:a6:7f00:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2606:4700:303... 2606:4700:3033::681c:909 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 185.66.200.58 185.66.200.58 | 201702 (SKHOSTING-EU) (SKHOSTING-EU) | |
1 | 2a00:1450:400... 2a00:1450:4001:81d::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.18.28.134 104.18.28.134 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 52.6.211.120 52.6.211.120 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 54.87.84.107 54.87.84.107 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 46.105.199.75 46.105.199.75 | 16276 (OVH) (OVH) | |
1 | 151.101.114.2 151.101.114.2 | 54113 (FASTLY) (FASTLY) | |
22 | 13 |
ASN16509 (AMAZON-02, US)
dc5k8fg5ioc8s.cloudfront.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-211-120.compute-1.amazonaws.com
speciativepickedly.info |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-84-107.compute-1.amazonaws.com
ordssuspicuousc.info |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
speciativepickedly.info
speciativepickedly.info |
440 B |
3 |
google.com
www.google.com |
536 B |
2 |
adx1.com
cdn.adx1.com |
49 KB |
2 |
ordssuspicuousc.info
ordssuspicuousc.info |
4 KB |
2 |
uprimp.com
uprimp.com |
547 B |
2 |
gurl.pw
gurl.pw |
35 KB |
1 |
taboola.com
images.taboola.com |
37 KB |
1 |
tabookbusines.info
tabookbusines.info |
29 KB |
1 |
gstatic.com
www.gstatic.com |
92 KB |
1 |
nuclearads.com
nuclearads.com |
15 KB |
1 |
cloudfront.net
dc5k8fg5ioc8s.cloudfront.net |
62 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
22 | 12 |
Domain | Requested by | |
---|---|---|
5 | speciativepickedly.info |
gurl.pw
dc5k8fg5ioc8s.cloudfront.net |
3 | www.google.com |
gurl.pw
www.gstatic.com |
2 | cdn.adx1.com |
dc5k8fg5ioc8s.cloudfront.net
|
2 | ordssuspicuousc.info |
dc5k8fg5ioc8s.cloudfront.net
|
2 | uprimp.com |
gurl.pw
uprimp.com |
2 | gurl.pw |
gurl.pw
|
1 | images.taboola.com | |
1 | tabookbusines.info |
gurl.pw
|
1 | www.gstatic.com |
www.google.com
|
1 | nuclearads.com |
gurl.pw
|
1 | dc5k8fg5ioc8s.cloudfront.net |
gurl.pw
|
1 | code.jquery.com |
gurl.pw
|
22 | 12 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-11-11 - 2020-10-09 |
a year | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
www.google.com GTS CA 1O1 |
2020-01-07 - 2020-03-31 |
3 months | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2019-07-17 - 2020-07-05 |
a year | crt.sh |
uprimp.com Let's Encrypt Authority X3 |
2019-12-16 - 2020-03-15 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2019-12-20 - 2020-03-13 |
3 months | crt.sh |
speciativepickedly.info Amazon |
2019-12-02 - 2021-01-02 |
a year | crt.sh |
ordssuspicuousc.info Amazon |
2019-12-01 - 2021-01-01 |
a year | crt.sh |
cdn.adx1.com Let's Encrypt Authority X3 |
2020-01-17 - 2020-04-16 |
3 months | crt.sh |
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2019-07-30 - 2020-07-25 |
a year | crt.sh |
This page contains 6 frames:
Primary Page:
https://gurl.pw/i6za
Frame ID: E1BAEE8299D3E8EDF47950FA40A758C7
Requests: 16 HTTP requests in this frame
Frame:
https://uprimp.com/bnr_xload.php?section=General&pub=988743&format=300x250&ga=g&xt=157970092173719&xtt=9737691
Frame ID: 2DA687AEF6D710742F5D851018174AF3
Requests: 1 HTTP requests in this frame
Frame:
https://ordssuspicuousc.info/TXhueWgsGg0UVyxFDF8dPxRTXFoLXVw/DC5NBUEOKk0HFgt1C0AaBCINCh8aIhYaVwYoDEtLLiEcKj9ZKCw7ITAlCwg6Dw8hKyw5AyoJHSoeHzwqPzohOS4fHDU+ExAMPSk3LAMTCj0OKiEsLhIIIC8oJh8rPzs8Cy4/GD4mEAgsKj0rPTwPGT44LDAfOSgqOhwtOSEDIT0pAVkcPQIeCgU+KCo6DyorLio5NCY7Phc+PCsgHQ8sGCkbOiI7PjUbKDsYLj8FLAkOFF8rKSccDTtYHyEpDlkcPywrIB4uCS89IToiOzo5Ozs8Gws8LCsgHik8PAomVTw3CSYxNywtPj4oLC0LPjg4LBs6DSowDDk7KxJ1OTwOMi8rCTc6DEg4KzAlACg+KhgpPBciHCsZLDEaOloaLQghLDwANS8mSF0uIC8dLRgQXjU/JRQ7LC05Aj8OAC8rPA0gDj0oNC99DyQsLT4+LEgpGT8rGgwLPQ1cWgs5KxovGkgBPT0mKidfAj4XAAlVBj0bHTp7NxxOJz4AADw
Frame ID: 2AC99E39AA654BB69D89047D5D2FD704
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfAgCQTAAAAAB0dG2BhEyQGTlaNJiMdCxL6mTta&co=aHR0cHM6Ly9ndXJsLnB3OjQ0Mw..&hl=en&v=RDiPdrU_gv1XhhWy6nqfMf9O&size=normal&cb=pp54dxa9yhqa
Frame ID: 7309502A1F769A2EE30AE867A96E3652
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/bframe?hl=en&v=RDiPdrU_gv1XhhWy6nqfMf9O&k=6LfAgCQTAAAAAB0dG2BhEyQGTlaNJiMdCxL6mTta&cb=g9ptrbclcq6k
Frame ID: 2B7E1DBD37095AA681BC3A0FF7AF880B
Requests: 1 HTTP requests in this frame
Frame:
https://cdn.adx1.com/f599b0c8640f21a0f38d576ba8be7691.png
Frame ID: DBA3D36DF537F918534F643294862C1E
Requests: 3 HTTP requests in this frame
Screenshot
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
reCAPTCHA (Captchas) Expand
Detected patterns
- html /<div[^>]+class="g-recaptcha"/i
- script /\/recaptcha\/api\.js/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
i6za
gurl.pw/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.4.1.min.js
code.jquery.com/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
675 B 536 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
glx_13835.js
gurl.pw/ |
93 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
dc5k8fg5ioc8s.cloudfront.net/ |
143 KB 62 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
134_1570788296.png
nuclearads.com/upload/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnr.php
uprimp.com/ |
374 B 547 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/RDiPdrU_gv1XhhWy6nqfMf9O/ |
257 KB 92 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Rm5UeXU9TCcOKjMcOFtPZAYgDQU1VHtWEjMcOFcFMUEzFQ0ZX2dBRnNAPgpXakwnFBNkVGVVVzIPMyYcIkxuW0J%2FVmdPRmRCdgoAJDE9HUdkVHZNESIMY00XJENgQUMnQ2BNF35DNkFAIkMwTBBzDWxORH8NZEpXOw
tabookbusines.info/ |
62 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cFNmUXVfbAUiSCYGUmMgJwkNNEQ9KjAGDUMGVAAxKmBSFy9BCQp3ARk3W2lHRmdVYFMAOgJsRkJ1FSUUBCYVbERWOgg3Gk11EGxFXmZIY0VeY0AlBRE0W2BTACcSPUhBZlFoQkBjX2NERmdR
speciativepickedly.info/ |
0 57 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popunder.gif
speciativepickedly.info/ |
35 B 212 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bnr_xload.php
uprimp.com/ Frame 2DA6 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JRQ7LC05Aj8OAC8rPA0gDj0oNC99DyQsLT4+LEgpGT8rGgwLPQ1cWgs5KxovGkgBPT0mKidfAj4XAAlVBj0bHTp7NxxOJz4AADw
ordssuspicuousc.info/TXhueWgsGg0UVyxFDF8dPxRTXFoLXVw/DC5NBUEOKk0HFgt1C0AaBCINCh8aIhYaVwYoDEtLLiEcKj9ZKCw7ITAlCwg6Dw8hKyw5AyoJHSoeHzwqPzohOS4fHDU+ExAMPSk3LAMTCj0OKiEsLhIIIC8oJh8rPzs8Cy4/GD4mEAgsKj0r... Frame 2AC9 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame 7309 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
push
ordssuspicuousc.info/ |
5 KB 4 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AwhpR35AXWNGe05WZUF+RA
speciativepickedly.info/VHZLd2R7SSgEWQIxEQM2ZTAnIhMzHRIaVTI1Az5UDhoREgcDMCBRED0Sdk9WYkJ4RkIkHy9KV2ZQOAMFIAM4SlJmUCIZAjtLbQFZZFh+WVZkWHtRECQXLEpVcgY/ |
0 57 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bframe
www.google.com/recaptcha/api2/ Frame 2B7E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
fHl9QHF3f3RJfA
speciativepickedly.info/cEhFTk1fdyY9cD15KRkaGh0GLAk9fQcpPRcFd3ccMR8pIi8xHQFoORkseHZ/Rnx2f2sAISFzfkJuNjosBD02c3lCbiwgKx91dn18Vj54fmNFZnd+Y0BuMT4sF3V0aD0EPClzfEV/ |
0 57 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
NB88XgxTMQBSBE13XwIKRGMZX11IdlsQSgEkHUNKSHReEFAbIwYLCkZwT0AERWtcGAtFa1kQTQUkDgsIUzUdQlVIdFwBAEJ1WQ8LR3VRDw
speciativepickedly.info/aTY5dUVGCVoGeDpifw8QWl4NNwcwQWpGBCBwVCwhDEF/ |
0 57 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f599b0c8640f21a0f38d576ba8be7691.png
cdn.adx1.com/ |
24 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f599b0c8640f21a0f38d576ba8be7691.png
cdn.adx1.com/ Frame DBA3 |
24 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame DBA3 |
795 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fe9930702cceded5fad3bd5b2c6daa285.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ Frame DBA3 |
37 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client function| s function| e1GG function| K1GG function| x5dd string| r6II number| _2800585153 number| qs object| recaptcha object| closure_lm_69803 function| z5AA function| K055 function| T055 string| K5DD8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
namel.net/ | Name: used_ad2241891 Value: 1 |
|
namel.net/148bcf03fc/bb6bac9292 | Name: total_impressions Value: 1 |
|
.gurl.pw/ | Name: __cfduid Value: de1bfc8a25633669444ca73296923f7ff1579700920 |
|
uprimp.com/ | Name: total_impressions Value: 1 |
|
uprimp.com/ | Name: used_ad2241891 Value: 1 |
|
uprimp.com/ | Name: cpa_673873 Value: 300x250_815864584_0 |
|
gurl.pw/ | Name: visitorid Value: a368054011984db4bd08771884a9427bb99f23ef |
|
gurl.pw/ | Name: PHPSESSID Value: faa7eefd534245726edf557ebb79280a |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.adx1.com
code.jquery.com
dc5k8fg5ioc8s.cloudfront.net
gurl.pw
images.taboola.com
nuclearads.com
ordssuspicuousc.info
speciativepickedly.info
tabookbusines.info
uprimp.com
www.google.com
www.gstatic.com
104.18.28.134
151.101.114.2
185.66.200.58
2001:4de0:ac19::1:b:1b
2600:9000:2047:b800:1a:a6:7f00:21
2606:4700:3030::681f:43fb
2606:4700:3033::681c:909
2a00:1450:4001:81b::2004
2a00:1450:4001:81d::2003
46.105.199.75
52.6.211.120
54.87.84.107
07a651614bfef3f3a35d9a2ded0de50adaef4671abda32d38958ac4438b46cb6
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
215b62c61c9764df8ecdfdc162b56e6c89ac8d97655d7db3b5925058aeb6e0bc
3004e846a3788759c9215486924a38565631abd9a05e96f3e7bd802aafedb06d
40e7369d802a6b6488557987b4889a1f918613b1589715fc2cc45a607d39e863
4c75bb44e22c4f147752b43baa5c4e9816190c4fb9468e1800c8625134a5cefe
53a0685eb67e01247f2855cd69d8af5e654a37b8ce2ee36607d363867056810b
67e71b89b0d09c69792d3a0fe87afd88e9fece8c67aa0bf7ee131a7b0a9c90eb
69cb70f413f1a434891f42eb0144e917fa28ac1cf2ce556d6a91ee2966c6c9d5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8fc22626a2c0d84180ce8ae5305edcb1dadc961d941e38619223d5889a7920cc
953af3432f28bd67985842da64bcf5ca6afd3a9adb7a6e34279ce9b84cd05064
c59cb650d60a89d54a8d74110d4baf044eb44bf6c935c29c41fd69b1abd32dc5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fdcb427a1ae12881b441a1136383bbde100dec2b0516cc97ed54382faf03071b