ww25.gvero.qlitrk.com
Open in
urlscan Pro
199.59.243.223
Public Scan
Effective URL: http://ww25.gvero.qlitrk.com/l/push2exitlink/Cancel?subid1=20230420-1433-01cb-8c23-7efb229d0fea
Submission: On April 20 via api from US — Scanned from NL
Summary
This is the only time ww25.gvero.qlitrk.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 6 | 84.22.102.109 84.22.102.109 | 196752 (TILAA) (TILAA) | |
1 | 2a00:1450:400... 2a00:1450:4001:812::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:828::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 78.46.95.125 78.46.95.125 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 103.224.182.253 103.224.182.253 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
6 | 199.59.243.223 199.59.243.223 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2a00:1450:400... 2a00:1450:4001:813::2004 | () () | |
1 | 2a00:1450:400... 2a00:1450:4001:806::2002 | () () | |
2 | 2a00:1450:400... 2a00:1450:4001:82f::2001 | () () | |
23 | 9 |
ASN196752 (TILAA, NL)
PTR: vps-18934-5737.tilaa.cloud
giftclaimsite.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.125.95.46.78.clients.your-server.de
pushfire.io | |
21mpycjgt80j.pushfire.io |
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-253.above.com
gvero.qlitrk.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
qlitrk.com
1 redirects
gvero.qlitrk.com ww25.gvero.qlitrk.com |
27 KB |
6 |
giftclaimsite.com
1 redirects
giftclaimsite.com |
217 KB |
3 |
google.com
www.google.com |
109 KB |
3 |
pushfire.io
pushfire.io 21mpycjgt80j.pushfire.io |
12 KB |
2 |
googleusercontent.com
afs.googleusercontent.com |
1 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119 ajax.googleapis.com — Cisco Umbrella Rank: 607 |
31 KB |
1 |
googleadservices.com
partner.googleadservices.com |
590 B |
1 |
gstatic.com
fonts.gstatic.com |
44 KB |
23 | 8 |
Domain | Requested by | |
---|---|---|
6 | ww25.gvero.qlitrk.com |
pushfire.io
ww25.gvero.qlitrk.com |
6 | giftclaimsite.com |
1 redirects
giftclaimsite.com
pushfire.io |
3 | www.google.com |
ww25.gvero.qlitrk.com
www.google.com |
2 | afs.googleusercontent.com |
www.google.com
|
2 | 21mpycjgt80j.pushfire.io |
pushfire.io
|
1 | partner.googleadservices.com |
www.google.com
|
1 | gvero.qlitrk.com | 1 redirects |
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | pushfire.io |
giftclaimsite.com
|
1 | ajax.googleapis.com |
giftclaimsite.com
|
1 | fonts.googleapis.com |
giftclaimsite.com
|
23 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
giftclaimsite.com Sectigo RSA Domain Validation Secure Server CA |
2022-06-01 - 2023-06-01 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
*.pushfire.io GoGetSSL RSA DV CA |
2022-05-16 - 2023-05-16 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
*.googleadservices.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
*.googleusercontent.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://ww25.gvero.qlitrk.com/l/push2exitlink/Cancel?subid1=20230420-1433-01cb-8c23-7efb229d0fea
Frame ID: 401502C564186BAF94FF25BA150CDAF2
Requests: 19 HTTP requests in this frame
Frame:
https://www.google.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol130%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol304%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol418&client=dp-bodis30_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww25.gvero.qlitrk.com%3Fcaf%26subid1%3D20230420-1433-01cb-8c23-7efb229d0fea&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2168508906786538&oe=UTF-8&ie=UTF-8&fexp=21404&format=r3&nocache=3131681965183515&num=0&output=afd_ads&domain_name=ww25.gvero.qlitrk.com&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1681965183516&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=76&frm=0&cl=523105112&uio=-&cont=rs&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fww25.gvero.qlitrk.com%2Fl%2Fpush2exitlink%2FCancel%3Fsubid1%3D20230420-1433-01cb-8c23-7efb229d0fea&adbw=master-1%3A1584
Frame ID: 76426DB0A4E6E705EA1FC5C7127FACE9
Requests: 4 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://giftclaimsite.com/
HTTP 302
https://giftclaimsite.com/ Page URL
-
https://gvero.qlitrk.com/l/push2exitlink/Cancel
HTTP 302
http://ww25.gvero.qlitrk.com/l/push2exitlink/Cancel?subid1=20230420-1433-01cb-8c23-7efb229d0fea Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://giftclaimsite.com/
HTTP 302
https://giftclaimsite.com/ Page URL
-
https://gvero.qlitrk.com/l/push2exitlink/Cancel
HTTP 302
http://ww25.gvero.qlitrk.com/l/push2exitlink/Cancel?subid1=20230420-1433-01cb-8c23-7efb229d0fea Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://giftclaimsite.com/ HTTP 302
- https://giftclaimsite.com/
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
giftclaimsite.com/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style6.css
giftclaimsite.com/style/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pay-pal2.png
giftclaimsite.com/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
W-21mpycjgt80j.js
pushfire.io/pusherjs/ |
30 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
landing2-bg.jpg
giftclaimsite.com/images/ |
207 KB 208 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
http.css
21mpycjgt80j.pushfire.io/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
https-v4.css
21mpycjgt80j.pushfire.io/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pushfire-sw.js
giftclaimsite.com/ |
80 B 420 B |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cancel
ww25.gvero.qlitrk.com/l/push2exitlink/ Redirect Chain
|
1023 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
parking.2.104.3.js
ww25.gvero.qlitrk.com/js/ |
67 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
_fd
ww25.gvero.qlitrk.com/ |
4 KB 3 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
caf.js
www.google.com/adsense/domains/ |
145 KB 53 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
px.gif
ww25.gvero.qlitrk.com/ |
42 B 421 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
px.gif
ww25.gvero.qlitrk.com/ |
42 B 421 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ |
360 B 590 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
www.google.com/afs/ Frame 7642 |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
caf.js
www.google.com/adsense/domains/ Frame 7642 |
145 KB 53 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 7642 |
200 B 700 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
call_to_action_arrow.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 7642 |
444 B 393 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
_tr
ww25.gvero.qlitrk.com/ |
2 B 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless string| park object| regeneratorRuntime function| setImmediate function| clearImmediate2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
gvero.qlitrk.com/l/push2exitlink | Name: __tad Value: 1681965181.1119645 |
|
ww25.gvero.qlitrk.com/ | Name: parking_session Value: 5f5d11e7-840e-dc12-8a76-259eedba2297 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
21mpycjgt80j.pushfire.io
afs.googleusercontent.com
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
giftclaimsite.com
gvero.qlitrk.com
partner.googleadservices.com
pushfire.io
ww25.gvero.qlitrk.com
www.google.com
103.224.182.253
199.59.243.223
2a00:1450:4001:806::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2001
78.46.95.125
84.22.102.109
0495d831c9a6fda3fca7aad469fb9d43b31027dcb2f2035e6d2e7a70f8ebc2f5
163f292316ed47971ae43c8925b9e78aad5c227505271b58ff9f35890e18493a
4030ee673dec6c1c1d3bf68ec410b3e1d4ef6731d4cebaf01322a5fa417c7bb5
5455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e
5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6
73991d96f56e005c3f63f8945b13a0d66a05b72f9ea0974384aef6704d0cf972
7b3760d6b319ea9ce3cc7797e851d1ce200cc75372d47ea9e1ab139928a06fb3
7bfa4417f713260bd799675e925c895ee64802eb01583889d68f7090e0c403d2
85408eebc3fa565507a9642c0ddb10183cd093af1bb5faef7089a202dafc2326
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87ec6508905783cb2ef043a3d0c78ac73aee4c3ed88c37570a400b78b74d56a1
8aad4d256350048dd4e1037d081240ecacd5e7911e6f28cb956b79441cdad97a
a06fb5779711b7d21f632662b6c9db9c89a17766228cc577441455f4808fb69c
bbb29244697c7fbb71da96d1c301b738fd60a320c8205bf222d654fb67c40851
c90a35d3514e7b343bec97f73e62f57b061f2e0715121d9a7b3b4dd330b24125
d1d1088d95184cea96ea37cf4c6fcc005975823108e20de7c790098bb141e7a2
d6abd61b5a1aa6294a8519d736a83b1efda148725a28d55287be183018aaf1ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa35fffe97cdb9798e59d4101677350eb640a9f182d8fe6c213a8690f52b4f40