Submitted URL: https://l1t1.link/bRa9nk
Effective URL: https://www.user-shield.com/evp-stream/?pid=adsleading_int&af_siteid=1658&clickid=532acfa08278d0ab5bf63e8f19104b15&af_cost_c...
Submission: On February 25 via manual from FR — Scanned from FR

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 17 HTTP transactions. The main IP is 2606:4700:20::ac43:4a18, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.user-shield.com. The Cisco Umbrella rank of the primary domain is 291982.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 10th 2021. Valid for: a year.
This is the only time www.user-shield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 162.0.235.70 22612 (NAMECHEAP...)
1 1 64.227.23.114 14061 (DIGITALOC...)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 151.101.193.44 54113 (FASTLY)
1 141.226.228.48 200478 (TABOOLA-AS)
1 2a03:2880:f12... 32934 (FACEBOOK)
17 8
Apex Domain
Subdomains
Transfer
8 user-shield.com
www.user-shield.com — Cisco Umbrella Rank: 291982
113 KB
3 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 983
trc.taboola.com — Cisco Umbrella Rank: 571
trc-events.taboola.com — Cisco Umbrella Rank: 1715
19 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
115 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97 Failed
1 libcdn.xyz
www.libcdn.xyz — Cisco Umbrella Rank: 295696
2 KB
1 cloudflare.com
ajax.cloudflare.com — Cisco Umbrella Rank: 5441
12 KB
1 mytoolsgames.com
mt.mytoolsgames.com
377 B
1 l1t1.link
l1t1.link
549 B
17 8
Domain Requested by
8 www.user-shield.com www.user-shield.com
2 connect.facebook.net www.libcdn.xyz
connect.facebook.net
1 trc-events.taboola.com cdn.taboola.com
1 www.facebook.com
1 trc.taboola.com cdn.taboola.com
1 cdn.taboola.com www.libcdn.xyz
1 www.libcdn.xyz www.user-shield.com
1 ajax.cloudflare.com www.user-shield.com
1 mt.mytoolsgames.com 1 redirects
1 l1t1.link 1 redirects
17 10

This site contains links to these domains. Also see Links.

Domain
app.appsflyer.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-10 -
2022-06-09
a year crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA
2020-08-11 -
2022-08-16
2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-12-05 -
2022-03-05
3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.user-shield.com/evp-stream/?pid=adsleading_int&af_siteid=1658&clickid=532acfa08278d0ab5bf63e8f19104b15&af_cost_currency=USD&af_cost_model=CPI&af_cost_value=1.1&af_click_lookback=7d
Frame ID: 38333BCE0421606FE836043143457494
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

(1) Notification

Page URL History Show full URLs

  1. https://l1t1.link/bRa9nk HTTP 302
    https://mt.mytoolsgames.com/?k=6d693537584456d56cecd5b1b43e5eff&type=mainstream&subtype=global HTTP 302
    https://www.user-shield.com/evp-stream/?pid=adsleading_int&af_siteid=1658&clickid=532acfa08278d0ab5bf63e... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

17
Requests

94 %
HTTPS

56 %
IPv6

8
Domains

10
Subdomains

8
IPs

3
Countries

261 kB
Transfer

819 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://l1t1.link/bRa9nk HTTP 302
    https://mt.mytoolsgames.com/?k=6d693537584456d56cecd5b1b43e5eff&type=mainstream&subtype=global HTTP 302
    https://www.user-shield.com/evp-stream/?pid=adsleading_int&af_siteid=1658&clickid=532acfa08278d0ab5bf63e8f19104b15&af_cost_currency=USD&af_cost_model=CPI&af_cost_value=1.1&af_click_lookback=7d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://www.facebook.com/tr/?id=262165081659310&ev=PageView&dl=https%3A%2F%2Fwww.user-shield.com%2Fevp-stream%2F%3Fpid%3Dadsleading_int%26af_siteid%3D1658%26clickid%3D532acfa08278d0ab5bf63e8f19104b15%26af_cost_currency%3DUSD%26af_cost_model%3DCPI%26af_cost_value%3D1.1%26af_click_lookback%3D7d&rl=&if=false&ts=1645822747302&sw=1600&sh=1200&is_pcm=true&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1645822747302.1613504139&it=1645822747230&coo=false&exp=p1&rqm=GET HTTP 302
  • https://www.facebook.com/.well-known/private-click-measurement/trigger-attribution/-1/-1

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.user-shield.com/evp-stream/
Redirect Chain
  • https://l1t1.link/bRa9nk
  • https://mt.mytoolsgames.com/?k=6d693537584456d56cecd5b1b43e5eff&type=mainstream&subtype=global
  • https://www.user-shield.com/evp-stream/?pid=adsleading_int&af_siteid=1658&clickid=532acfa08278d0ab5bf63e8f19104b15&af_cost_currency=USD&af_cost_model=CPI&af_cost_value=1.1&af_click_lookback=7d
19 KB
5 KB
Document
General
Full URL
https://www.user-shield.com/evp-stream/?pid=adsleading_int&af_siteid=1658&clickid=532acfa08278d0ab5bf63e8f19104b15&af_cost_currency=USD&af_cost_model=CPI&af_cost_value=1.1&af_click_lookback=7d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffbba16f9c6c2f29043809d6d2d7a2ad8e11a0b8cac1426d102d8d7ce5556cd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept-Language
fr-FR,fr;q=0.9

Response headers

date
Fri, 25 Feb 2022 20:59:06 GMT
content-type
text/html
x-amz-id-2
8Bsvarha9hCixhqcYivnN9ucpw1HY0JJmVF/qwLUBWP9zEnTFanHaR9uTGYRJJ/X9U8/AiV/QsM=
x-amz-request-id
FAZT1VMW7XFSW4N9
last-modified
Sun, 15 Nov 2020 06:59:58 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtJ2uhJ9u14bJXGh%2FpvakvvXgepCUV%2B9iwjUdkLRuD0osvD5Jy0EZaWLToUlaSN8pGEVeMMz%2BQqimj6efyjL%2F6gN6FlG3Hk%2BG0STD%2F4TXHpiRv8lecVeLxLdaG5RuhTolKRaYxDT3C3ltRmS%2BSrMooc%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e33db06ffd53b9d-CDG
content-encoding
br

Redirect headers

Server
nginx/1.16.1 (Ubuntu)
Date
Fri, 25 Feb 2022 20:59:06 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Location
https://www.user-shield.com/evp-stream/?pid=adsleading_int&af_siteid=1658&clickid=532acfa08278d0ab5bf63e8f19104b15&af_cost_currency=USD&af_cost_model=CPI&af_cost_value=1.1&af_click_lookback=7d
jquery-ui.css
www.user-shield.com/evp-stream/
32 KB
8 KB
Stylesheet
General
Full URL
https://www.user-shield.com/evp-stream/jquery-ui.css
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/evp-stream/?pid=adsleading_int&af_siteid=1658&clickid=532acfa08278d0ab5bf63e8f19104b15&af_cost_currency=USD&af_cost_model=CPI&af_cost_value=1.1&af_click_lookback=7d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e50b1d7c5b9b297524faf6c1e5fc95fa08d9ccb4453a417bfa795fbdb11bb4c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 25 Feb 2022 20:59:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1368
cf-polished
origSize=37795
x-amz-request-id
3Z7BM6DCH2PP0SR0
x-amz-id-2
ozVhkwgXE9b/SWHFWR0kucuvSBfU/dbGX+ByHgoc0KN+pIPrl5EAVwrAkiS919u0IwFsKK3hiuY=
last-modified
Sun, 15 Nov 2020 06:59:58 GMT
server
cloudflare
etag
W/"2b068b6e7555a93ad7cb8a611fda4724"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vixyQ7pU8OsqLQaaAj4ZwWa%2BzfVolcEe%2B6IglKt0eZ6oeSTpcLTVwnJglIHUOb2EVAz6Gix%2FstI8HO4%2BiqcBC1QgeaAzRozraDAOOWd9cMC4MeKwmLjiQMUTUVye0TCWZImndoUxf065K3yZMbwBEW0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=259200
cf-ray
6e33db07c9083b9d-CDG
cf-bgj
minify
mirage2.min.js
ajax.cloudflare.com/cdn-cgi/scripts/04b3eb47/cloudflare-static/
38 KB
12 KB
Script
General
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/04b3eb47/cloudflare-static/mirage2.min.js
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/evp-stream/?pid=adsleading_int&af_siteid=1658&clickid=532acfa08278d0ab5bf63e8f19104b15&af_cost_currency=USD&af_cost_model=CPI&af_cost_value=1.1&af_click_lookback=7d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:490e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b2e044c462b8b00dfb05d77740f8b8f2a90ce00e2e5ccf621eac288608c0649
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 25 Feb 2022 20:59:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
last-modified
Wed, 23 Feb 2022 21:07:44 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"6216a220-9688"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bUwETxMZRvWly0Pazxn8Bog%2BkV7II%2BhAqjB4w46N5RFinaSEDlBiMYlwAZU1TeYGQzx87AbUsWetFaliulm0Q1LIgBLOG%2FXMcxLLcK4CBtd3trO0nPY%2FOGo6gSh7665VUMHxlIj9uj%2FKb9h%2Fid3pDsU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6e33db080ef13bd4-CDG
expires
Sun, 27 Feb 2022 20:59:06 GMT
rocket-loader.min.js
www.user-shield.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://www.user-shield.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/evp-stream/?pid=adsleading_int&af_siteid=1658&clickid=532acfa08278d0ab5bf63e8f19104b15&af_cost_currency=USD&af_cost_model=CPI&af_cost_value=1.1&af_click_lookback=7d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 25 Feb 2022 20:59:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Feb 2022 21:08:07 GMT
server
cloudflare
etag
W/"6216a237-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kxtw%2FCAMOIzUmD7Cp%2BH%2FQw31JEph3zfwEjz57ho2p0OCNPpEXsqkngwNvHSXMWQxHUEVgasWOg%2Fm2rmtzWUmvnw5nJ%2BY041rxqPwfhNeYdXFib7QUFNLyBG%2Bi4pWV3X6ubM7n25P62E2X6e%2B5CvGD%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e33db07c9103b9d-CDG
vary
Accept-Encoding
expires
Sun, 27 Feb 2022 20:59:06 GMT
app.js
www.user-shield.com/evp-stream/
3 KB
2 KB
Script
General
Full URL
https://www.user-shield.com/evp-stream/app.js
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38ba6bac3b1a8ae17bbb45af20d0b6d333d51ecc6a8565f3240fa673f4ced18a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 25 Feb 2022 20:59:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1368
cf-polished
origSize=4083
x-amz-request-id
323F8BR2CV0YN798
x-amz-id-2
UbzcFx38oEN/AVPNdi0NKHf8SSl00JtaSpb2ccknaHPvAqjoCM0BVA/KbcoQUUce3qyZDMGYqxI=
last-modified
Sun, 15 Nov 2020 06:59:58 GMT
server
cloudflare
etag
W/"d83aab44b46155bd566687aacb7364f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWXUk37IQCun%2F1z8eM3i7Y0KSBr%2BJXOJxNRsspIRcvld2baNKJTmUp%2FMVByjTQbaP1csp7oB2HoKOemZPcQ0UIr7OBMsTAi0IAKBYMMRJfndIeqLkiawPYzMOnPsuuaJgsN3j3QMN%2BbH0TZLoU%2BZfzc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=259200
cf-ray
6e33db087a3e3b9d-CDG
cf-bgj
minify
common_h.js
www.user-shield.com/common/
2 KB
1 KB
Script
General
Full URL
https://www.user-shield.com/common/common_h.js
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08779815d0db2fb987fea58fda561875863bbd8097528bab17ba3a864fd29e57

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 25 Feb 2022 20:59:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1585
cf-polished
origSize=2128
x-amz-request-id
323DX7ZEDAK0J18R
x-amz-id-2
UZdQmC7lMTZ1wgM7tX1vEjrvQ7WyHXRu2C48rtbm/2XNqqKrUFHCeDqXDivb2dgJse85h+7ZhAo=
last-modified
Tue, 24 Aug 2021 16:47:34 GMT
server
cloudflare
etag
W/"e512fac3330354b4813254ce1019d89d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MiCT%2BfTHozWgOMJ8LOkbaRiuxuFUXLXypImdB59vdgoEdPy85g6fQumJRwd3NALgX0GbrSgl2Gzlg7V14BzwQJeML%2BpD7qq9KS9SBXtvdN2QbOGdbr%2BAWyXxOe8UXffym9Y3XfGk51SdKyHnhoD55WQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=259200
cf-ray
6e33db087a413b9d-CDG
cf-bgj
minify
jquery-3.4.1.js
www.user-shield.com/common/
140 KB
42 KB
Script
General
Full URL
https://www.user-shield.com/common/jquery-3.4.1.js
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d50d436889f46d5b9455690493e877e02ad30ea4dca963ffcaa3024c45c1d58c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 25 Feb 2022 20:59:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1585
cf-polished
origSize=290962
x-amz-request-id
3233QW000ZKYYD58
x-amz-id-2
ah5a+N/K49BrRw+QUaJCVYLOs0F1XjuzobctyWu3gLdcWs64SSCnPYvvGMfNrTuM24UT3WLd9x8=
last-modified
Sun, 22 Aug 2021 13:47:26 GMT
server
cloudflare
etag
W/"320fa28debd36316365bb42ed6964314"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=konVHVKQCXYVWjjV77atILLWcSjYCBgIkgcH1N4zGXpVaZjS69Yn599ohGDvqoBb1hWILg9qvG5Ae4b0Ea1uCneBpRg7xKbj2tCnaIYTDtQWPFW2Dsyqkw3aeIm5VRb17bTdvqAkttUmrYlAMxuE31Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=259200
cf-ray
6e33db087a433b9d-CDG
cf-bgj
minify
jquery.min.js
www.user-shield.com/evp-stream/
85 KB
31 KB
Script
General
Full URL
https://www.user-shield.com/evp-stream/jquery.min.js
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 25 Feb 2022 20:59:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1368
x-amz-request-id
3234GVG7PH9SS8AM
x-amz-id-2
ADTqzhy7OWpFz+CbAhj7ndPRYRDzyKjDUpL4L27Sr7FTUSN6MHWWBH2Ej150V6Uj1As5YzBHMH8=
last-modified
Sun, 15 Nov 2020 06:59:58 GMT
server
cloudflare
etag
W/"a09e13ee94d51c524b7e2a728c7d4039"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7QtXuEcCr4Aia2VPGnYFEdrSWA8KQg%2F5rQ6mGAuo9yab8GV4lJvh1%2F9WS5F4dKaNLZonTSpEHKp9gQstvL4DYPbPnANON%2FocLnFBzX1MLI%2FVTr1%2BAaHkd2N0pMLFvpFdeCXomV0fJoviDmo%2FU28JNSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=259200
cf-ray
6e33db087a443b9d-CDG
spinner.gif
www.user-shield.com/evp-stream/
19 KB
20 KB
Image
General
Full URL
https://www.user-shield.com/evp-stream/spinner.gif
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/evp-stream/?pid=adsleading_int&af_siteid=1658&clickid=532acfa08278d0ab5bf63e8f19104b15&af_cost_currency=USD&af_cost_model=CPI&af_cost_value=1.1&af_click_lookback=7d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6678fbb34f3ef18c5649c7cfc1302c671ff5b1c8e9f4365fb51f3d629dab2924

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 25 Feb 2022 20:59:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1366
cf-ray
6e33db087a463b9d-CDG
content-length
19889
x-amz-id-2
F0mEiDU+sW9rAEydUl9w7UlsbfHjEzrlCcpIoDGYhoPKKOUhTiOrnv7A/4ej6ZF54TP7w8i3TQw=
last-modified
Sun, 15 Nov 2020 06:59:58 GMT
server
cloudflare
etag
"5e47c12dca8da91748533fd68bb806ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJUkZGrN6UWPnt4fU0JPRbcTMPOyyVUbMUhZMGB%2FrvLMUxWmAikRBFlTzb1T%2BYbpvR4KxmRLY%2BcBkG76BZzJ3VljOn6aTs1Ptzn3LW%2B8AOiImBZ590No5EGeDwhIKevdWDkY3bRE9ikQ5UDhXNjBL6E%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
3236S4F0C5Y5HYM6
cache-control
max-age=259200
accept-ranges
bytes
content-type
image/gif
retargeting.js
www.libcdn.xyz/js/
5 KB
2 KB
Script
General
Full URL
https://www.libcdn.xyz/js/retargeting.js?_=1645822747007
Requested by
Host: www.user-shield.com
URL: https://www.user-shield.com/common/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:8d2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e9296f5e01b66de01b50d1ebe2b65f1fb81a383971410201b2916b708bebdb7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 25 Feb 2022 20:59:07 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
W8J2FH1Y123XXHP2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
CtP4p2kcsSZBYmXGzrYTUKCNKy2o45I/taKqub1YiLylRJq4YD2K4ojtLBIF6JBlrNB40ZfgYL8=
last-modified
Sun, 26 Jul 2020 10:08:04 GMT
server
cloudflare
etag
W/"e3b5de84e1a9a457c7755e77b2670fea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSrn4BtRUTD3vj4VJpC6rXXCVOzaV3uWu31GmL%2FV0oFftYyzN3hJGIYPHcltRRxrCstmwwW5sBHznJ8Pl4uHdQZ%2Fdi0UbHU9tll%2FD%2B1fJYOfFuTouZSV4Qyxy38L12612n9XUpzCqqVNeCe%2Bvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6e33db093b44edaf-CDG
fbevents.js
connect.facebook.net/en_US/
99 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.libcdn.xyz
URL: https://www.libcdn.xyz/js/retargeting.js?_=1645822747007
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
DyIfX9VTdOYS3NSCZWjGvsa1BgLFcKp2WXQSFTxE5F0DxILqYlB2MJed9yo5LyiFXrrhwo4rJtLXj2+w+P/aBg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 25 Feb 2022 20:59:07 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1260992/
55 KB
17 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/unip/1260992/tfa.js
Requested by
Host: www.libcdn.xyz
URL: https://www.libcdn.xyz/js/retargeting.js?_=1645822747007
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f56e7e6f38546fb8c5d2138ea75cc91f8fb29b2b2e184273235536986426f77f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
HMBb1WbkTGBTRSMfMaKcMMpuCyi8veVb
content-encoding
gzip
etag
"1343cfc21adcd44e484b9d5ae2c37755"
age
73
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
17362
x-amz-id-2
XFP5bThxAoQPW0uc3kj0jsvb/rtn5+ZI9/rgzQRIg29HnWZ6hQGnJ6O3X0Q1PA5PjkxBePbi2wU=
x-served-by
cache-cdg20767-CDG
last-modified
Sun, 20 Feb 2022 11:17:59 GMT
server
AmazonS3
x-timer
S1645822747.195477,VS0,VE1
date
Fri, 25 Feb 2022 20:59:07 GMT
vary
Accept-Encoding
x-amz-request-id
8MYYYPMYD952JNYE
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
33
x-cache-hits
1
json
trc.taboola.com/1260992/trc/3/
2 KB
1 KB
Script
General
Full URL
https://trc.taboola.com/1260992/trc/3/json?tim=1645822747222&data=%7B%22id%22%3A308%2C%22ii%22%3A%22%2Fevp-stream%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1645822747212%2C%22cv%22%3A%2220220220-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.user-shield.com%2Fevp-stream%2F%3Fpid%3Dadsleading_int%26af_siteid%3D1658%26clickid%3D532acfa08278d0ab5bf63e8f19104b15%26af_cost_currency%3DUSD%26af_cost_model%3DCPI%26af_cost_value%3D1.1%26af_click_lookback%3D7d%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fpid%3Dadsleading_int%26af_siteid%3D1658%26clickid%3D532acfa08278d0ab5bf63e8f19104b15%26af_cost_currency%3DUSD%26af_cost_model%3DCPI%26af_cost_value%3D1.1%26af_click_lookback%3D7d%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtakoomiltd2-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1645822747220%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.user-shield.com%2Fevp-stream%2F%3Fpid%3Dadsleading_int%26af_siteid%3D1658%26clickid%3D532acfa08278d0ab5bf63e8f19104b15%26af_cost_currency%3DUSD%26af_cost_model%3DCPI%26af_cost_value%3D1.1%26af_click_lookback%3D7d%22%2C%22tos%22%3A4%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1260992/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eaff98f6e91064b0d1adcc11521feb8a9facc28c425d98546e40c880a9cdb003

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vcl-time-ms
17
date
Fri, 25 Feb 2022 20:59:07 GMT
content-encoding
gzip
server
nginx
x-timer
S1645822747.243105,VS0,VE17
x-served-by
cache-cdg20767-CDG
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
262165081659310
connect.facebook.net/signals/config/
308 KB
88 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/262165081659310?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6053f25bb7192b32460ec20419a24d6425ed41fe58aa29a67cf4f765e3475c98
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
90104
x-xss-protection
0
pragma
public
x-fb-debug
9R3HVlj1X0sLV36Mz0j8xXkIzDgCfj2I+P3zPhUSr9dv8M/VgMOpUxiEY7rO1E4b0NeLtEngP0MNqkP8D/j/bA==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Fri, 25 Feb 2022 20:59:07 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
-1
www.facebook.com/.well-known/private-click-measurement/trigger-attribution/-1/
Redirect Chain
  • https://www.facebook.com/tr/?id=262165081659310&ev=PageView&dl=https%3A%2F%2Fwww.user-shield.com%2Fevp-stream%2F%3Fpid%3Dadsleading_int%26af_siteid%3D1658%26clickid%3D532acfa08278d0ab5bf63e8f19104b...
  • https://www.facebook.com/.well-known/private-click-measurement/trigger-attribution/-1/-1
0
0

unip
trc-events.taboola.com/1260992/log/3/
0
250 B
XHR
General
Full URL
https://trc-events.taboola.com/1260992/log/3/unip?en=pre_d_eng_tb&tos=1553&scd=100&ssd=1&est=1645822747217&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1645822748770&vi=1645822747212&ri=4ecffb1bf5f22dc14dd7a0794f9e5cd4&ref=null&cv=20220220-5-RELEASE&item-url=https%3A%2F%2Fwww.user-shield.com%2Fevp-stream%2F%3Fpid%3Dadsleading_int%26af_siteid%3D1658%26clickid%3D532acfa08278d0ab5bf63e8f19104b15%26af_cost_currency%3DUSD%26af_cost_model%3DCPI%26af_cost_value%3D1.1%26af_click_lookback%3D7d
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1260992/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
https://www.user-shield.com
pragma
no-cache
date
Fri, 25 Feb 2022 20:59:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
www.facebook.com/tr/
0
0
Image
General
Full URL
https://www.facebook.com/tr/?id=262165081659310&ev=Microdata&dl=https%3A%2F%2Fwww.user-shield.com%2Fevp-stream%2F%3Fpid%3Dadsleading_int%26af_siteid%3D1658%26clickid%3D532acfa08278d0ab5bf63e8f19104b15%26af_cost_currency%3DUSD%26af_cost_model%3DCPI%26af_cost_value%3D1.1%26af_click_lookback%3D7d&rl=&if=false&ts=1645822748806&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22(1)%20Notification%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&is_pcm=true&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1645822747302.1613504139&it=1645822747230&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/.well-known/private-click-measurement/trigger-attribution/-1/-1

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| __mirage2 object| mirage object| __cfQR function| $ function| jQuery string| pixelType object| text_lang object| lang_list boolean| __cfRLUnblockHandlers function| fbq function| _fbq object| _tfa function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError

1 Cookies

Domain/Path Name / Value
.user-shield.com/ Name: _fbp
Value: fb.1.1645822747302.1613504139

1 Console Messages

Source Level URL
Text
network error URL: https://www.facebook.com/.well-known/private-click-measurement/trigger-attribution/-1/-1
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
cdn.taboola.com
connect.facebook.net
l1t1.link
mt.mytoolsgames.com
trc-events.taboola.com
trc.taboola.com
www.facebook.com
www.libcdn.xyz
www.user-shield.com
www.facebook.com
141.226.228.48
151.101.193.44
162.0.235.70
2606:4700:20::ac43:4a18
2606:4700:3035::ac43:8d2b
2606:4700::6811:490e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
64.227.23.114
08779815d0db2fb987fea58fda561875863bbd8097528bab17ba3a864fd29e57
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
38ba6bac3b1a8ae17bbb45af20d0b6d333d51ecc6a8565f3240fa673f4ced18a
3e50b1d7c5b9b297524faf6c1e5fc95fa08d9ccb4453a417bfa795fbdb11bb4c
6053f25bb7192b32460ec20419a24d6425ed41fe58aa29a67cf4f765e3475c98
6678fbb34f3ef18c5649c7cfc1302c671ff5b1c8e9f4365fb51f3d629dab2924
6b2e044c462b8b00dfb05d77740f8b8f2a90ce00e2e5ccf621eac288608c0649
9e9296f5e01b66de01b50d1ebe2b65f1fb81a383971410201b2916b708bebdb7
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d50d436889f46d5b9455690493e877e02ad30ea4dca963ffcaa3024c45c1d58c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaff98f6e91064b0d1adcc11521feb8a9facc28c425d98546e40c880a9cdb003
f56e7e6f38546fb8c5d2138ea75cc91f8fb29b2b2e184273235536986426f77f
ffbba16f9c6c2f29043809d6d2d7a2ad8e11a0b8cac1426d102d8d7ce5556cd7