Submitted URL: http://www.wiibackupmanager.co.uk/ad/WiiBackupManager_Build78.html
Effective URL: http://adfoc.us/serve/?id=97132033772
Submission: On May 27 via manual from US

Summary

This website contacted 12 IPs in 3 countries across 12 domains to perform 27 HTTP transactions. The main IP is 2606:4700:20::6819:ae0f, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is adfoc.us.
This is the only time adfoc.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 6 2606:4700:20:... 13335 (CLOUDFLAR...)
5 88.85.66.229 35415 (WEBZILLA)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2 69.172.200.185 19324 (DOSARREST)
2 2 137.74.180.226 16276 (OVH)
1 18.220.227.150 16509 (AMAZON-02)
1 35.157.143.1 16509 (AMAZON-02)
5 88.85.66.230 35415 (WEBZILLA)
2 185.59.220.28 60068 (CDN77)
2 188.42.160.69 35415 (WEBZILLA)
1 188.72.206.19 35415 (WEBZILLA)
1 5.11.87.201 35415 (WEBZILLA)
27 12
Domain Requested by
10 lemitsuz.net adfoc.us
lemitsuz.net
gomtuchi.net
6 adfoc.us 1 redirects adfoc.us
ajax.googleapis.com
3 www.google-analytics.com adfoc.us
2 gomtuchi.net adfoc.us
2 my.rtmark.net lemitsuz.net
gomtuchi.net
2 cdn.adrunnr.com adrunnr.com
cdn.adrunnr.com
2 adv23.admedit.net 2 redirects
1 adrunnr.com adfoc.us
1 stub.yourworkingsystemnow.info adfoc.us
1 www.maxbounty.com 1 redirects
1 www.mb103.com 1 redirects
1 ajax.googleapis.com adfoc.us
1 www.wiibackupmanager.co.uk 1 redirects
27 13

This site contains links to these domains. Also see Links.

Domain
www.wiibackupmanager.co.uk
Subject Issuer Validity Valid
*.google-analytics.com
Google Internet Authority G3
2019-05-07 -
2019-07-30
3 months crt.sh
stub.yourworkingsystemnow.info
Let's Encrypt Authority X3
2019-05-21 -
2019-08-19
3 months crt.sh
lemitsuz.net
Let's Encrypt Authority X3
2019-05-11 -
2019-08-09
3 months crt.sh
my.rtmark.net
Let's Encrypt Authority X3
2019-04-22 -
2019-07-21
3 months crt.sh
gomtuchi.net
Let's Encrypt Authority X3
2019-05-11 -
2019-08-09
3 months crt.sh

This page contains 4 frames:

Primary Page: http://adfoc.us/serve/?id=97132033772
Frame ID: D294F2579EE3A3FE933DD96FBFF792FC
Requests: 26 HTTP requests in this frame

Frame: https://stub.yourworkingsystemnow.info/?b9zd1=JYRv3IvNElTb_8mffIhGmYC6yBnO6uc9Ujbi9-PLTvw.&cid=1411018968&sid=383086
Frame ID: 8FCF00E19B547768F3A176AEC0506EE8
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: B71459569B4F32211EE69A7E12B5CAF8
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: FEFAA402715B5227D78A87DD42198E69
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.wiibackupmanager.co.uk/ad/WiiBackupManager_Build78.html HTTP 302
    http://adfoc.us/serve/sitelinks/?id=9713&url=http://www.wiibackupmanager.co.uk/download/WiiB... HTTP 302
    http://adfoc.us/serve/?id=97132033772 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

27
Requests

63 %
HTTPS

29 %
IPv6

12
Domains

13
Subdomains

12
IPs

3
Countries

194 kB
Transfer

518 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.wiibackupmanager.co.uk/ad/WiiBackupManager_Build78.html HTTP 302
    http://adfoc.us/serve/sitelinks/?id=9713&url=http://www.wiibackupmanager.co.uk/download/WiiBackupManager_Build78.html HTTP 302
    http://adfoc.us/serve/?id=97132033772 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 6
  • https://www.mb103.com/lnk.asp?o=15108&c=918277&a=383086&k=6841B6EA1A00461BAD133C5A0D1ED0B3&l=15938&s2=9713 HTTP 302
  • https://www.maxbounty.com/lnk.asp?o=15108&c=918277&a=383086&k=6841B6EA1A00461BAD133C5A0D1ED0B3&l=15938&s2=9713 HTTP 302
  • https://adv23.admedit.net/advertise/?adown=901&cmp=4171&ctrack=1411018968&ptrack=383086 HTTP 302
  • https://adv23.admedit.net/advertise/refine.php?adown=901&ptrack=383086&ctrack=1411018968&cmp=4171&t=1558935082&rh=9&avs=avs3&utm_src=8&sids=4 HTTP 302
  • https://stub.yourworkingsystemnow.info/?b9zd1=JYRv3IvNElTb_8mffIhGmYC6yBnO6uc9Ujbi9-PLTvw.&cid=1411018968&sid=383086
Request Chain 9
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2038808193&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utmhid=749181981&utmr=-&utmp=%2Fserve%2F%3Fid%3D97132033772&utmht=1558935082318&utmac=UA-22601934-1&utmcc=__utma%3D88833355.44818597.1558935082.1558935082.1558935082.1%3B%2B__utmz%3D88833355.1558935082.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=369001581&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2038808193&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utmhid=749181981&utmr=-&utmp=%2Fserve%2F%3Fid%3D97132033772&utmht=1558935082318&utmac=UA-22601934-1&utmcc=__utma%3D88833355.44818597.1558935082.1558935082.1558935082.1%3B%2B__utmz%3D88833355.1558935082.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=369001581&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Request Chain 10
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=754615847&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utmhid=749181981&utmr=-&utmp=%2Fserve%2F%3Fid%3D97132033772&utmht=1558935082324&utmac=UA-12345-67&utmcc=__utma%3D88833355.44818597.1558935082.1558935082.1558935082.1%3B%2B__utmz%3D88833355.1558935082.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1185885269&utmredir=1&utmmt=1&utmu=qAAgAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=754615847&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utmhid=749181981&utmr=-&utmp=%2Fserve%2F%3Fid%3D97132033772&utmht=1558935082324&utmac=UA-12345-67&utmcc=__utma%3D88833355.44818597.1558935082.1558935082.1558935082.1%3B%2B__utmz%3D88833355.1558935082.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1185885269&utmredir=1&utmmt=1&utmu=qAAgAAAAAAAAAAAAAAAAAAAE~

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
adfoc.us/serve/
Redirect Chain
  • http://www.wiibackupmanager.co.uk/ad/WiiBackupManager_Build78.html
  • http://adfoc.us/serve/sitelinks/?id=9713&url=http://www.wiibackupmanager.co.uk/download/WiiBackupManager_Build78.html
  • http://adfoc.us/serve/?id=97132033772
58 KB
19 KB
Document
General
Full URL
http://adfoc.us/serve/?id=97132033772
Protocol
HTTP/1.1
Server
2606:4700:20::6819:ae0f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
90269a7c7574362d158e40b540bf1270eba20f9e9597ef0589eef0d6f6cc4801
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
adfoc.us
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Cookie
__cfduid=d2e1a08caab926beecefc7e73e5c582201558935082; phpsessionname=mmbqba13jf7v5sf1qinitjnno4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 05:31:22 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
X-Frame-Options
SAMEORIGIN
Server
cloudflare
CF-RAY
4dd59a278a8997ae-FRA
Content-Encoding
gzip

Redirect headers

Date
Mon, 27 May 2019 05:31:22 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d2e1a08caab926beecefc7e73e5c582201558935082; expires=Tue, 26-May-20 05:31:22 GMT; path=/; domain=.adfoc.us; HttpOnly phpsessionname=mmbqba13jf7v5sf1qinitjnno4; expires=Wed, 26-Jun-2019 05:31:22 GMT; Max-Age=2592000; path=/; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
/serve/?id=97132033772
X-Frame-Options
SAMEORIGIN
Server
cloudflare
CF-RAY
4dd59a276a5197ae-FRA
ntfc.php
lemitsuz.net/
13 KB
6 KB
Script
General
Full URL
http://lemitsuz.net/ntfc.php?p=2553388&tco=1
Requested by
Host: adfoc.us
URL: http://adfoc.us/serve/?id=97132033772
Protocol
HTTP/1.1
Server
88.85.66.229 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
88.85.66.229.webazilla.com
Software
nginx /
Resource Hash
e5c05b8ba2205e5942391153749d8a0345f42e0de30217b997207e1656ab7622

Request headers

Referer
http://adfoc.us/serve/?id=97132033772
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 May 2019 05:31:22 GMT
Content-Encoding
gzip
Content-Type
application/javascript; charset=utf-8
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Max-Age
86400
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Mon, 26 Jul 1997 05:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/
91 KB
33 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: adfoc.us
URL: http://adfoc.us/serve/?id=97132033772
Protocol
HTTP/1.1
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://adfoc.us/serve/?id=97132033772
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 20:16:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
6858921
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
33621
X-XSS-Protection
1; mode=block
Expires
Sat, 07 Mar 2020 20:16:01 GMT
logo.png
adfoc.us/images/serve/
13 KB
13 KB
Image
General
Full URL
http://adfoc.us/images/serve/logo.png
Requested by
Host: adfoc.us
URL: http://adfoc.us/serve/?id=97132033772
Protocol
HTTP/1.1
Server
2606:4700:20::6819:ae0f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d5655bda7e6d28855dbe5d87903b8ebe5355853f6c41af2f005372a7beb2306
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://adfoc.us/serve/?id=97132033772
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 05:31:22 GMT
Vary
Accept-Encoding
CF-Cache-Status
HIT
Last-Modified
Wed, 24 May 2017 10:24:45 GMT
Server
cloudflare
ETag
"59255f6d-32b3"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4dd59a27eaea97ae-FRA
Content-Length
12979
Expires
Mon, 27 May 2019 06:31:22 GMT
skip.png
adfoc.us/images/serve/
3 KB
4 KB
Image
General
Full URL
http://adfoc.us/images/serve/skip.png
Requested by
Host: adfoc.us
URL: http://adfoc.us/serve/?id=97132033772
Protocol
HTTP/1.1
Server
2606:4700:20::6819:ae0f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaa547b4ac42a36038579437f33f2b14a25830e5572972eca3a47e36472c06bc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://adfoc.us/serve/?id=97132033772
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 05:31:22 GMT
Vary
Accept-Encoding
CF-Cache-Status
HIT
Last-Modified
Wed, 24 May 2017 10:24:45 GMT
Server
cloudflare
ETag
"59255f6d-d14"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
4dd59a282b5097ae-FRA
Content-Length
3348
Expires
Mon, 27 May 2019 06:31:22 GMT
interstitial.js
adfoc.us/js/
4 KB
2 KB
Script
General
Full URL
http://adfoc.us/js/interstitial.js
Requested by
Host: adfoc.us
URL: http://adfoc.us/serve/?id=97132033772
Protocol
HTTP/1.1
Server
2606:4700:20::6819:ae0f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3acef614cf1fbd2dbeeb9629104c768719d383fcddf17a946433c2ac03c6847f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://adfoc.us/serve/?id=97132033772
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 05:31:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
CF-Cache-Status
HIT
Last-Modified
Wed, 01 May 2019 18:32:02 GMT
Server
cloudflare
ETag
W/"5cc9e622-1184"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
public, max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4dd59a280b2697ae-FRA
Expires
Mon, 27 May 2019 06:31:22 GMT
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: adfoc.us
URL: http://adfoc.us/serve/?id=97132033772
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://adfoc.us/serve/?id=97132033772
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 May 2019 01:33:03 GMT
server
Golfe2
age
3285
date
Mon, 27 May 2019 04:36:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17168
expires
Mon, 27 May 2019 06:36:37 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cookie set /
stub.yourworkingsystemnow.info/ Frame 8FCF
Redirect Chain
  • https://www.mb103.com/lnk.asp?o=15108&c=918277&a=383086&k=6841B6EA1A00461BAD133C5A0D1ED0B3&l=15938&s2=9713
  • https://www.maxbounty.com/lnk.asp?o=15108&c=918277&a=383086&k=6841B6EA1A00461BAD133C5A0D1ED0B3&l=15938&s2=9713
  • https://adv23.admedit.net/advertise/?adown=901&cmp=4171&ctrack=1411018968&ptrack=383086
  • https://adv23.admedit.net/advertise/refine.php?adown=901&ptrack=383086&ctrack=1411018968&cmp=4171&t=1558935082&rh=9&avs=avs3&utm_src=8&sids=4
  • https://stub.yourworkingsystemnow.info/?b9zd1=JYRv3IvNElTb_8mffIhGmYC6yBnO6uc9Ujbi9-PLTvw.&cid=1411018968&sid=383086
0
0
Document
General
Full URL
https://stub.yourworkingsystemnow.info/?b9zd1=JYRv3IvNElTb_8mffIhGmYC6yBnO6uc9Ujbi9-PLTvw.&cid=1411018968&sid=383086
Requested by
Host: adfoc.us
URL: http://adfoc.us/serve/?id=97132033772
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
18.220.227.150 Columbus, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-220-227-150.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Host
stub.yourworkingsystemnow.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://adfoc.us/serve/?id=97132033772
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://adfoc.us/serve/?id=97132033772

Response headers

Server
nginx
Date
Mon, 27 May 2019 05:31:23 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
channel=my_macs_de; expires=Mon, 27-May-2019 05:51:23 GMT; Max-Age=1200; path=/ dist_id=7440; expires=Mon, 27-May-2019 05:51:23 GMT; Max-Age=1200; path=/ lp_id=2889; expires=Mon, 27-May-2019 05:51:23 GMT; Max-Age=1200; path=/
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 27 May 2019 05:31:22 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://stub.yourworkingsystemnow.info/?b9zd1=JYRv3IvNElTb_8mffIhGmYC6yBnO6uc9Ujbi9-PLTvw.&cid=1411018968&sid=383086
/
adrunnr.com/
2 KB
2 KB
Script
General
Full URL
http://adrunnr.com/?placement=285281&async
Requested by
Host: adfoc.us
URL: http://adfoc.us/serve/?id=97132033772
Protocol
HTTP/1.1
Server
35.157.143.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-157-143-1.eu-central-1.compute.amazonaws.com
Software
Adrunnr /
Resource Hash
55dcb8d86b80b6051297f98ec37abfe5e85943e965a7df2560fe55e224f47ce7

Request headers

Referer
http://adfoc.us/serve/?id=97132033772
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 05:31:22 GMT
Server
Adrunnr
Connection
keep-alive
Content-Length
1874
Content-Type
application/javascript
credit
adfoc.us/serve/
0
397 B
XHR
General
Full URL
http://adfoc.us/serve/credit
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol
HTTP/1.1
Server
2606:4700:20::6819:ae0f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
http://adfoc.us/serve/?id=97132033772
Origin
http://adfoc.us
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 27 May 2019 05:31:22 GMT
Content-Encoding
gzip
Server
cloudflare
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4dd59a286b9b97ae-FRA
Expires
Thu, 19 Nov 1981 08:52:00 GMT
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2038808193&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utm...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2038808193&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&ut...
35 B
101 B
Image
General
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2038808193&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utmhid=749181981&utmr=-&utmp=%2Fserve%2F%3Fid%3D97132033772&utmht=1558935082318&utmac=UA-22601934-1&utmcc=__utma%3D88833355.44818597.1558935082.1558935082.1558935082.1%3B%2B__utmz%3D88833355.1558935082.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=369001581&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: adfoc.us
URL: http://adfoc.us/serve/?id=97132033772
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://adfoc.us/serve/?id=97132033772
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 May 2019 05:31:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2038808193&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utmhid=749181981&utmr=-&utmp=%2Fserve%2F%3Fid%3D97132033772&utmht=1558935082318&utmac=UA-22601934-1&utmcc=__utma%3D88833355.44818597.1558935082.1558935082.1558935082.1%3B%2B__utmz%3D88833355.1558935082.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=369001581&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=754615847&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utmh...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=754615847&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utm...
35 B
101 B
Image
General
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=754615847&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utmhid=749181981&utmr=-&utmp=%2Fserve%2F%3Fid%3D97132033772&utmht=1558935082324&utmac=UA-12345-67&utmcc=__utma%3D88833355.44818597.1558935082.1558935082.1558935082.1%3B%2B__utmz%3D88833355.1558935082.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1185885269&utmredir=1&utmmt=1&utmu=qAAgAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: adfoc.us
URL: http://adfoc.us/serve/?id=97132033772
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://adfoc.us/serve/?id=97132033772
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 May 2019 05:31:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=754615847&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utmhid=749181981&utmr=-&utmp=%2Fserve%2F%3Fid%3D97132033772&utmht=1558935082324&utmac=UA-12345-67&utmcc=__utma%3D88833355.44818597.1558935082.1558935082.1558935082.1%3B%2B__utmz%3D88833355.1558935082.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1185885269&utmredir=1&utmmt=1&utmu=qAAgAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
ntfc.php
lemitsuz.net/
91 KB
27 KB
Script
General
Full URL
https://lemitsuz.net/ntfc.php?p=2553388&r=ui&swver=3.1.40
Requested by
Host: lemitsuz.net
URL: http://lemitsuz.net/ntfc.php?p=2553388&tco=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
88.85.66.230 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
88.85.66.230.webazilla.com
Software
nginx /
Resource Hash
6452f08c76b852654bd6f348a7f0e39a4173580449db08ea09e680cbacc50530

Request headers

Referer
http://adfoc.us/serve/?id=97132033772
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 05:31:21 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Max-Age
86400
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
adtools.min.js
cdn.adrunnr.com/js/
16 KB
6 KB
Script
General
Full URL
http://cdn.adrunnr.com/js/adtools.min.js
Requested by
Host: adrunnr.com
URL: http://adrunnr.com/?placement=285281&async
Protocol
HTTP/1.1
Server
185.59.220.28 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
ce9d22cd0d6a754b5b20a98258c46bf332b39db81e914acb0e37347b6e2a5619

Request headers

Referer
http://adfoc.us/serve/?id=97132033772
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 05:31:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 May 2017 07:49:08 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
W/"591022f4-4164"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Edge-IP
185.59.220.20
Connection
keep-alive
X-Age
310754
popunder.min.js
cdn.adrunnr.com/js/pre_templates/
7 KB
3 KB
Script
General
Full URL
http://cdn.adrunnr.com/js/pre_templates/popunder.min.js
Requested by
Host: cdn.adrunnr.com
URL: http://cdn.adrunnr.com/js/adtools.min.js
Protocol
HTTP/1.1
Server
185.59.220.28 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
07d8f40a1c6139fca478cae9c1430b63080392b7a6038428febb3db405c8ce11

Request headers

Referer
http://adfoc.us/serve/?id=97132033772
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 27 May 2019 05:31:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 May 2017 07:49:08 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
W/"591022f4-1a61"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Edge-IP
185.59.220.20
Connection
keep-alive
X-Age
301817
custom
lemitsuz.net/
0
455 B
Fetch
General
Full URL
https://lemitsuz.net/custom
Requested by
Host: lemitsuz.net
URL: https://lemitsuz.net/ntfc.php?p=2553388&r=ui&swver=3.1.40
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
88.85.66.229 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
88.85.66.229.webazilla.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
http://adfoc.us
Referer
http://adfoc.us/serve/?id=97132033772
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Mon, 27 May 2019 05:31:22 GMT
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://adfoc.us
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
0
gid.js
my.rtmark.net/
65 B
742 B
Fetch
General
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&checkDuplicate=true
Requested by
Host: lemitsuz.net
URL: https://lemitsuz.net/ntfc.php?p=2553388&r=ui&swver=3.1.40
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.42.160.69 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
9ac48fcafcf4ceae0cc1203615564a8317e60f9d60ec0163f75131a835c2c07d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://adfoc.us/serve/?id=97132033772
Origin
http://adfoc.us

Response headers

Date
Mon, 27 May 2019 05:31:22 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://adfoc.us
Access-Control-Expose-Headers
Authorization
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length
65
custom
lemitsuz.net/
39 B
482 B
Fetch
General
Full URL
https://lemitsuz.net/custom
Requested by
Host: adfoc.us
URL: http://adfoc.us/serve/?id=97132033772
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
88.85.66.230 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
88.85.66.230.webazilla.com
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://adfoc.us/serve/?id=97132033772
Origin
http://adfoc.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
c1b1c1d1b84324dd21e371bc57e9d28c
Date
Mon, 27 May 2019 05:31:22 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://adfoc.us
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
jquery.SPServices.min.js
gomtuchi.net/ajax/jquery.SPServices/3.35.52/
67 KB
22 KB
Script
General
Full URL
https://gomtuchi.net/ajax/jquery.SPServices/3.35.52/jquery.SPServices.min.js
Requested by
Host: adfoc.us
URL: http://adfoc.us/serve/?id=97132033772
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.206.19 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
b3ce074cb96ed5224a5f9e05381d28ab82047782db8fe19d348b7697c5d2e6e0

Request headers

Referer
http://adfoc.us/serve/?id=97132033772
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 May 2019 05:31:22 GMT
Content-Encoding
gzip
Content-Type
application/javascript
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
custom
lemitsuz.net/
0
455 B
Fetch
General
Full URL
https://lemitsuz.net/custom
Requested by
Host: gomtuchi.net
URL: https://gomtuchi.net/ajax/jquery.SPServices/3.35.52/jquery.SPServices.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
88.85.66.229 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
88.85.66.229.webazilla.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
http://adfoc.us
Referer
http://adfoc.us/serve/?id=97132033772
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Mon, 27 May 2019 05:31:22 GMT
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://adfoc.us
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
0
gid.js
my.rtmark.net/
65 B
742 B
Fetch
General
Full URL
https://my.rtmark.net/gid.js?pub=undefined&userId=&checkDuplicate=true
Requested by
Host: gomtuchi.net
URL: https://gomtuchi.net/ajax/jquery.SPServices/3.35.52/jquery.SPServices.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.42.160.69 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
9ac48fcafcf4ceae0cc1203615564a8317e60f9d60ec0163f75131a835c2c07d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://adfoc.us/serve/?id=97132033772
Origin
http://adfoc.us

Response headers

Date
Mon, 27 May 2019 05:31:22 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://adfoc.us
Access-Control-Expose-Headers
Authorization
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length
65
corysimmons-selectivizr2.min.css
gomtuchi.net/static/corysimmons-selectivizr2/3.35.52/
104 KB
37 KB
Stylesheet
General
Full URL
https://gomtuchi.net/static/corysimmons-selectivizr2/3.35.52/corysimmons-selectivizr2.min.css
Requested by
Host: adfoc.us
URL: http://adfoc.us/serve/?id=97132033772
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
5.11.87.201 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
0a2ea6ae13973f9012dd2a177f28e67e84ab0466820835359e146c4d5f9473c3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://adfoc.us/serve/?id=97132033772
Origin
http://adfoc.us

Response headers

Pragma
no-cache
Date
Mon, 27 May 2019 05:31:23 GMT
Content-Encoding
gzip
Content-Type
text/css;charset=UTF-8
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://adfoc.us
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
custom
lemitsuz.net/
39 B
482 B
Fetch
General
Full URL
https://lemitsuz.net/custom
Requested by
Host: adfoc.us
URL: http://adfoc.us/serve/?id=97132033772
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
88.85.66.230 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
88.85.66.230.webazilla.com
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://adfoc.us/serve/?id=97132033772
Origin
http://adfoc.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
f6ffe9dc6b2470c67ab2ac564351d25d
Date
Mon, 27 May 2019 05:31:22 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://adfoc.us
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
truncated
/ Frame B714
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ad770f7303d5654daf4d143d7b1b3bb746700bc1333497c9744f4f03ce42b91

Request headers

Referer
http://adfoc.us/serve/?id=97132033772
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
custom
lemitsuz.net/
0
455 B
Fetch
General
Full URL
https://lemitsuz.net/custom
Requested by
Host: lemitsuz.net
URL: https://lemitsuz.net/ntfc.php?p=2553388&r=ui&swver=3.1.40
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
88.85.66.229 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
88.85.66.229.webazilla.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
http://adfoc.us
Referer
http://adfoc.us/serve/?id=97132033772
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Mon, 27 May 2019 05:31:23 GMT
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://adfoc.us
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
0
custom
lemitsuz.net/
39 B
482 B
Fetch
General
Full URL
https://lemitsuz.net/custom
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
88.85.66.230 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
88.85.66.230.webazilla.com
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://adfoc.us/serve/?id=97132033772
Origin
http://adfoc.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
b84db63096f388a588b8b5573a6e98ed
Date
Mon, 27 May 2019 05:31:23 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://adfoc.us
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
truncated
/ Frame FEFA
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ad770f7303d5654daf4d143d7b1b3bb746700bc1333497c9744f4f03ce42b91

Request headers

Referer
http://adfoc.us/serve/?id=97132033772
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
custom
lemitsuz.net/
0
455 B
Fetch
General
Full URL
https://lemitsuz.net/custom
Requested by
Host: gomtuchi.net
URL: https://gomtuchi.net/ajax/jquery.SPServices/3.35.52/jquery.SPServices.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
88.85.66.229 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
88.85.66.229.webazilla.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
http://adfoc.us
Referer
http://adfoc.us/serve/?id=97132033772
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Mon, 27 May 2019 05:31:23 GMT
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://adfoc.us
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
0
custom
lemitsuz.net/
39 B
482 B
Fetch
General
Full URL
https://lemitsuz.net/custom
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
88.85.66.230 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
88.85.66.230.webazilla.com
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://adfoc.us/serve/?id=97132033772
Origin
http://adfoc.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
d5589be9ce84c180ad7fe1553f4c6f8e
Date
Mon, 27 May 2019 05:31:23 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://adfoc.us
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| _0xe02f object| zfgformats function| setImmediate function| clearImmediate function| _pnxspi function| _ajirinyn undefined| $ function| jQuery object| _gaq string| ad_url string| ref_url string| payout_rate string| click_url boolean| preview number| count number| counter function| timer function| showClose function| $jQuery object| jQuery182048940115741369605 string| key object| _gat object| gaGlobal string| optionsAxXB324Fe string| laryAxXB324Fe boolean| zfgloadedpushopt function| ADTOOLS undefined| g367CB268B1094004A3689751E7AC568F object| _0x299b function| _0x6140 object| ntfcSDK boolean| installOnFly boolean| zfgloadedpush boolean| zfgloadedpushcode

11 Cookies

Domain/Path Name / Value
stub.yourworkingsystemnow.info/ Name: channel
Value: my_macs_de
.adfoc.us/ Name: __utmb
Value: 88833355.2.10.1558935082
.adfoc.us/ Name: __utmt_t2
Value: 1
.adfoc.us/ Name: __utma
Value: 88833355.44818597.1558935082.1558935082.1558935082.1
.adfoc.us/ Name: __utmz
Value: 88833355.1558935082.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
stub.yourworkingsystemnow.info/ Name: dist_id
Value: 7440
.adfoc.us/ Name: __utmc
Value: 88833355
stub.yourworkingsystemnow.info/ Name: lp_id
Value: 2889
adfoc.us/ Name: phpsessionname
Value: mmbqba13jf7v5sf1qinitjnno4
.adfoc.us/ Name: __utmt
Value: 1
.adfoc.us/ Name: __cfduid
Value: d2e1a08caab926beecefc7e73e5c582201558935082

4 Console Messages

Source Level URL
Text
console-api warning URL: https://lemitsuz.net/ntfc.php?p=2553388&r=ui&swver=3.1.40(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api warning URL: https://lemitsuz.net/ntfc.php?p=2553388&r=ui&swver=3.1.40(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api warning URL: https://gomtuchi.net/ajax/jquery.SPServices/3.35.52/jquery.SPServices.min.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null
console-api warning URL: https://gomtuchi.net/ajax/jquery.SPServices/3.35.52/jquery.SPServices.min.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adfoc.us
adrunnr.com
adv23.admedit.net
ajax.googleapis.com
cdn.adrunnr.com
gomtuchi.net
lemitsuz.net
my.rtmark.net
stub.yourworkingsystemnow.info
www.google-analytics.com
www.maxbounty.com
www.mb103.com
www.wiibackupmanager.co.uk
137.74.180.226
18.220.227.150
185.59.220.28
188.42.160.69
188.72.206.19
2606:4700:20::6819:ae0f
2606:4700:30::6818:628a
2a00:1450:4001:814::200e
2a00:1450:4001:81c::200a
35.157.143.1
5.11.87.201
69.172.200.185
88.85.66.229
88.85.66.230
07d8f40a1c6139fca478cae9c1430b63080392b7a6038428febb3db405c8ce11
0a2ea6ae13973f9012dd2a177f28e67e84ab0466820835359e146c4d5f9473c3
0ad770f7303d5654daf4d143d7b1b3bb746700bc1333497c9744f4f03ce42b91
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1d5655bda7e6d28855dbe5d87903b8ebe5355853f6c41af2f005372a7beb2306
3acef614cf1fbd2dbeeb9629104c768719d383fcddf17a946433c2ac03c6847f
55dcb8d86b80b6051297f98ec37abfe5e85943e965a7df2560fe55e224f47ce7
6452f08c76b852654bd6f348a7f0e39a4173580449db08ea09e680cbacc50530
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
90269a7c7574362d158e40b540bf1270eba20f9e9597ef0589eef0d6f6cc4801
9ac48fcafcf4ceae0cc1203615564a8317e60f9d60ec0163f75131a835c2c07d
aaa547b4ac42a36038579437f33f2b14a25830e5572972eca3a47e36472c06bc
b3ce074cb96ed5224a5f9e05381d28ab82047782db8fe19d348b7697c5d2e6e0
ce9d22cd0d6a754b5b20a98258c46bf332b39db81e914acb0e37347b6e2a5619
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c05b8ba2205e5942391153749d8a0345f42e0de30217b997207e1656ab7622
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881