www.user-shield.com
Open in
urlscan Pro
2606:4700:20::ac43:4a18
Public Scan
Effective URL: https://www.user-shield.com/evp-stream/?pid=adsleading_int&af_siteid=1658&clickid=532acfa08278d0ab5bf63e8f19104b15&af_cost_c...
Submission: On February 25 via manual from FR — Scanned from FR
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 10th 2021. Valid for: a year.
This is the only time www.user-shield.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 162.0.235.70 162.0.235.70 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 1 | 64.227.23.114 64.227.23.114 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
8 | 2606:4700:20:... 2606:4700:20::ac43:4a18 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6811:490e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3035::ac43:8d2b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
2 | 151.101.193.44 151.101.193.44 | 54113 (FASTLY) (FASTLY) | |
1 | 141.226.228.48 141.226.228.48 | 200478 (TABOOLA-AS) (TABOOLA-AS) | |
1 | 2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
17 | 8 |
ASN22612 (NAMECHEAP-NET, US)
PTR: business83-2.web-hosting.com
l1t1.link |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
user-shield.com
www.user-shield.com — Cisco Umbrella Rank: 291982 |
113 KB |
3 |
taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 983 trc.taboola.com — Cisco Umbrella Rank: 571 trc-events.taboola.com — Cisco Umbrella Rank: 1715 |
19 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126 |
115 KB |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 97 Failed |
|
1 |
libcdn.xyz
www.libcdn.xyz — Cisco Umbrella Rank: 295696 |
2 KB |
1 |
cloudflare.com
ajax.cloudflare.com — Cisco Umbrella Rank: 5441 |
12 KB |
1 |
mytoolsgames.com
1 redirects
mt.mytoolsgames.com |
377 B |
1 |
l1t1.link
1 redirects
l1t1.link |
549 B |
17 | 8 |
Domain | Requested by | |
---|---|---|
8 | www.user-shield.com |
www.user-shield.com
|
2 | connect.facebook.net |
www.libcdn.xyz
connect.facebook.net |
1 | trc-events.taboola.com |
cdn.taboola.com
|
1 | www.facebook.com | |
1 | trc.taboola.com |
cdn.taboola.com
|
1 | cdn.taboola.com |
www.libcdn.xyz
|
1 | www.libcdn.xyz |
www.user-shield.com
|
1 | ajax.cloudflare.com |
www.user-shield.com
|
1 | mt.mytoolsgames.com | 1 redirects |
1 | l1t1.link | 1 redirects |
17 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
app.appsflyer.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-06-10 - 2022-06-09 |
a year | crt.sh |
ajax.cloudflare.com DigiCert ECC Secure Server CA |
2020-08-11 - 2022-08-16 |
2 years | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-12-05 - 2022-03-05 |
3 months | crt.sh |
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-11-28 - 2022-12-29 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.user-shield.com/evp-stream/?pid=adsleading_int&af_siteid=1658&clickid=532acfa08278d0ab5bf63e8f19104b15&af_cost_currency=USD&af_cost_model=CPI&af_cost_value=1.1&af_click_lookback=7d
Frame ID: 38333BCE0421606FE836043143457494
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
(1) NotificationPage URL History Show full URLs
-
https://l1t1.link/bRa9nk
HTTP 302
https://mt.mytoolsgames.com/?k=6d693537584456d56cecd5b1b43e5eff&type=mainstream&subtype=global HTTP 302
https://www.user-shield.com/evp-stream/?pid=adsleading_int&af_siteid=1658&clickid=532acfa08278d0ab5bf63e... Page URL
Detected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- jquery-ui.*\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://l1t1.link/bRa9nk
HTTP 302
https://mt.mytoolsgames.com/?k=6d693537584456d56cecd5b1b43e5eff&type=mainstream&subtype=global HTTP 302
https://www.user-shield.com/evp-stream/?pid=adsleading_int&af_siteid=1658&clickid=532acfa08278d0ab5bf63e8f19104b15&af_cost_currency=USD&af_cost_model=CPI&af_cost_value=1.1&af_click_lookback=7d Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 13- https://www.facebook.com/tr/?id=262165081659310&ev=PageView&dl=https%3A%2F%2Fwww.user-shield.com%2Fevp-stream%2F%3Fpid%3Dadsleading_int%26af_siteid%3D1658%26clickid%3D532acfa08278d0ab5bf63e8f19104b15%26af_cost_currency%3DUSD%26af_cost_model%3DCPI%26af_cost_value%3D1.1%26af_click_lookback%3D7d&rl=&if=false&ts=1645822747302&sw=1600&sh=1200&is_pcm=true&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1645822747302.1613504139&it=1645822747230&coo=false&exp=p1&rqm=GET HTTP 302
- https://www.facebook.com/.well-known/private-click-measurement/trigger-attribution/-1/-1
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.user-shield.com/evp-stream/ Redirect Chain
|
19 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.css
www.user-shield.com/evp-stream/ |
32 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mirage2.min.js
ajax.cloudflare.com/cdn-cgi/scripts/04b3eb47/cloudflare-static/ |
38 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rocket-loader.min.js
www.user-shield.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
www.user-shield.com/evp-stream/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common_h.js
www.user-shield.com/common/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.js
www.user-shield.com/common/ |
140 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www.user-shield.com/evp-stream/ |
85 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spinner.gif
www.user-shield.com/evp-stream/ |
19 KB 20 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
retargeting.js
www.libcdn.xyz/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tfa.js
cdn.taboola.com/libtrc/unip/1260992/ |
55 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
trc.taboola.com/1260992/trc/3/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
262165081659310
connect.facebook.net/signals/config/ |
308 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
-1
www.facebook.com/.well-known/private-click-measurement/trigger-attribution/-1/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unip
trc-events.taboola.com/1260992/log/3/ |
0 250 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.facebook.com
- URL
- https://www.facebook.com/.well-known/private-click-measurement/trigger-attribution/-1/-1
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| __mirage2 object| mirage object| __cfQR function| $ function| jQuery string| pixelType object| text_lang object| lang_list boolean| __cfRLUnblockHandlers function| fbq function| _fbq object| _tfa function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.user-shield.com/ | Name: _fbp Value: fb.1.1645822747302.1613504139 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.cloudflare.com
cdn.taboola.com
connect.facebook.net
l1t1.link
mt.mytoolsgames.com
trc-events.taboola.com
trc.taboola.com
www.facebook.com
www.libcdn.xyz
www.user-shield.com
www.facebook.com
141.226.228.48
151.101.193.44
162.0.235.70
2606:4700:20::ac43:4a18
2606:4700:3035::ac43:8d2b
2606:4700::6811:490e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
64.227.23.114
08779815d0db2fb987fea58fda561875863bbd8097528bab17ba3a864fd29e57
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
38ba6bac3b1a8ae17bbb45af20d0b6d333d51ecc6a8565f3240fa673f4ced18a
3e50b1d7c5b9b297524faf6c1e5fc95fa08d9ccb4453a417bfa795fbdb11bb4c
6053f25bb7192b32460ec20419a24d6425ed41fe58aa29a67cf4f765e3475c98
6678fbb34f3ef18c5649c7cfc1302c671ff5b1c8e9f4365fb51f3d629dab2924
6b2e044c462b8b00dfb05d77740f8b8f2a90ce00e2e5ccf621eac288608c0649
9e9296f5e01b66de01b50d1ebe2b65f1fb81a383971410201b2916b708bebdb7
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d50d436889f46d5b9455690493e877e02ad30ea4dca963ffcaa3024c45c1d58c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaff98f6e91064b0d1adcc11521feb8a9facc28c425d98546e40c880a9cdb003
f56e7e6f38546fb8c5d2138ea75cc91f8fb29b2b2e184273235536986426f77f
ffbba16f9c6c2f29043809d6d2d7a2ad8e11a0b8cac1426d102d8d7ce5556cd7