urlscan.io logo urlscan.io
SecurityTrails logo

adfoc.us Open in urlscan Pro
2606:4700:20::6819:ae0f  Public Scan

Go To Rescan Add Verdict Report
URL: http://adfoc.us/17867966750743
Submission: On September 11 via manual from SA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 11 domains to perform 20 HTTP transactions. The main IP is 2606:4700:20::6819:ae0f, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is adfoc.us.
This is the only time adfoc.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2606:4700:20:... 13335 (CLOUDFLAR...)
5 88.85.66.226 35415 (WEBZILLA)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 4 69.172.200.185 19324 (DOSARREST)
1 1 154.16.134.38 61317 (ASDETUK h...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.194.63.79 16509 (AMAZON-02)
2 89.187.165.7 60068 (CDN77)
1 194.187.98.236 35415 (WEBZILLA)
1 188.42.160.80 35415 (WEBZILLA)
20 10
5    2606:4700:20::6819:ae0f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
adfoc.us
5    88.85.66.226 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: 88.85.66.226.webazilla.com
loodoost.net
1    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
3    2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
4    69.172.200.185 (United States)

ASN19324 (DOSARREST - Dosarrest Internet Security LTD, US)
PTR: maxbounty.com
www.mb103.com
www.maxbounty.com
maxbounty.com
1    154.16.134.38 (Sioux Falls, United States)

ASN61317 (ASDETUK http://www.heficed.com, GB)
3xn.fastnetworkconnection.com
1    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
google.com
1    2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    18.194.63.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-194-63-79.eu-central-1.compute.amazonaws.com
adrunnr.com
2    89.187.165.7 (Zurich, Switzerland)

ASN60068 (CDN77, GB)
PTR: zurich-6.cdn77.com
cdn.adrunnr.com
1    194.187.98.236 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: 194.187.98.236.webazilla.com
pushwhy.com
1    188.42.160.80 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)
my.rtmark.net
Domain Requested by
5 loodoost.net adfoc.us
loodoost.net
5 adfoc.us adfoc.us
ajax.googleapis.com
3 www.google-analytics.com adfoc.us
2 cdn.adrunnr.com adrunnr.com
cdn.adrunnr.com
2 www.maxbounty.com 2 redirects
1 my.rtmark.net loodoost.net
1 pushwhy.com loodoost.net
1 adrunnr.com adfoc.us
1 www.google.com adfoc.us
1 google.com 1 redirects
1 3xn.fastnetworkconnection.com 1 redirects
1 maxbounty.com 1 redirects
1 www.mb103.com 1 redirects
1 ajax.googleapis.com adfoc.us
20 14

This site contains links to these domains. Also see Links.

Domain
www.guardsquare.com
Subject Issuer Validity Valid

1970-01-01 -
1970-01-01		 a few seconds crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
www.google.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
loodoost.net
Let's Encrypt Authority X3		 2019-07-30 -
2019-10-28		 3 months crt.sh
*.pushwhy.com
Let's Encrypt Authority X3		 2019-08-25 -
2019-11-23		 3 months crt.sh
my.rtmark.net
Let's Encrypt Authority X3		 2019-07-07 -
2019-10-05		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://adfoc.us/17867966750743
Frame ID: 88AE3DF1FEF98E82F1143802801B28A1
Requests: 19 HTTP requests in this frame

Frame: https://www.google.com/sorry/index?continue=https://google.com/%3F%26%253F%253Fs1%3D0kw%253D383086%26group_id%3D483%26cntrl%3D00000%26pid%3D357%26redid%3D81722%26gsid%3D483%26campaign_id%3D1228%26p_id%3D357%26id%3DXNSX.-r81722-t483%26impid%3Dba4d719c-d47f-11e9-96ba-cae258990218&q=EhAqAQT4AZJUFAAAAAAAAAACGLKb4-sFIhkA8aeDS5KmUT5jFn7L9LLjHD0y-mXOd6RgMgFy
Frame ID: 94B240BA79F30DD94C18C557ABCA0C16
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 70847432CCB96626F108D68B846F8E5E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

20
Requests

50 %
HTTPS

42 %
IPv6

11
Domains

14
Subdomains

10
IPs

4
Countries

139 kB
Transfer

362 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 6
  • https://www.mb103.com/lnk.asp?o=15108&c=918277&a=383086&k=6841B6EA1A00461BAD133C5A0D1ED0B3&l=15938&s2=178679 HTTP 302
  • https://www.maxbounty.com/lnk.asp?o=15108&c=918277&a=383086&k=6841B6EA1A00461BAD133C5A0D1ED0B3&l=15938&s2=178679 HTTP 302
  • https://maxbounty.com/def.cfm?i=383086&o=15108&c=NL&d=D&z=0 HTTP 301
  • https://www.maxbounty.com/def.cfm?i=383086&o=15108&c=NL&d=D&z=0 HTTP 302
  • https://3xn.fastnetworkconnection.com/?s1=0kw=383086 HTTP 302
  • https://google.com/?&%3F%3Fs1=0kw%3D383086&group_id=483&cntrl=00000&pid=357&redid=81722&gsid=483&campaign_id=1228&p_id=357&id=XNSX.-r81722-t483&impid=ba4d719c-d47f-11e9-96ba-cae258990218 HTTP 302
  • https://www.google.com/sorry/index?continue=https://google.com/%3F%26%253F%253Fs1%3D0kw%253D383086%26group_id%3D483%26cntrl%3D00000%26pid%3D357%26redid%3D81722%26gsid%3D483%26campaign_id%3D1228%26p_id%3D357%26id%3DXNSX.-r81722-t483%26impid%3Dba4d719c-d47f-11e9-96ba-cae258990218&q=EhAqAQT4AZJUFAAAAAAAAAACGLKb4-sFIhkA8aeDS5KmUT5jFn7L9LLjHD0y-mXOd6RgMgFy
Request Chain 10
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1704463017&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utmhid=872081093&utmr=-&utmp=%2F17867966750743&utmht=1568198065181&utmac=UA-22601934-1&utmcc=__utma%3D88833355.1489043603.1568198065.1568198065.1568198065.1%3B%2B__utmz%3D88833355.1568198065.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=57437376&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1704463017&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utmhid=872081093&utmr=-&utmp=%2F17867966750743&utmht=1568198065181&utmac=UA-22601934-1&utmcc=__utma%3D88833355.1489043603.1568198065.1568198065.1568198065.1%3B%2B__utmz%3D88833355.1568198065.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=57437376&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Request Chain 11
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=199220573&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utmhid=872081093&utmr=-&utmp=%2F17867966750743&utmht=1568198065186&utmac=x65351709&utmcc=__utma%3D88833355.1489043603.1568198065.1568198065.1568198065.1%3B%2B__utmz%3D88833355.1568198065.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1087562572&utmredir=1&utmmt=1&utmu=qAAgAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=199220573&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utmhid=872081093&utmr=-&utmp=%2F17867966750743&utmht=1568198065186&utmac=x65351709&utmcc=__utma%3D88833355.1489043603.1568198065.1568198065.1568198065.1%3B%2B__utmz%3D88833355.1568198065.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1087562572&utmredir=1&utmmt=1&utmu=qAAgAAAAAAAAAAAAAAAAAAAE~

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 17867966750743
adfoc.us/ 		50 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://adfoc.us/17867966750743
Protocol
HTTP/1.1
Server
2606:4700:20::6819:ae0f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
de77acc91d0ba4b4ee2631ff72fa8eb37e56da995ca983602ff44dc98cc9656a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
adfoc.us
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 10:34:25 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d1492458c7bad4410c9c607dfbf5625df1568198064; expires=Thu, 10-Sep-20 10:34:24 GMT; path=/; domain=.adfoc.us; HttpOnly phpsessionname=ns2nc94dqpllet7bllqo2bs1n7; expires=Fri, 11-Oct-2019 10:34:25 GMT; Max-Age=2592000; path=/; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
X-Frame-Options
SAMEORIGIN
Server
cloudflare
CF-RAY
5148fd321fafcbc4-VIE
Content-Encoding
gzip
ntfc.php
loodoost.net/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://loodoost.net/ntfc.php?p=2553388&tco=1
Requested by
Host: adfoc.us
URL: http://adfoc.us/17867966750743
Protocol
HTTP/1.1
Security
, ,
Server
88.85.66.226 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
88.85.66.226.webazilla.com
Software
nginx /
Resource Hash
9207f9327875f9c422f6008641eee817d40f6d65d83a2dc3cc11117ac47f4009

Request headers

Referer
http://adfoc.us/17867966750743
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Sep 2019 10:34:25 GMT
Content-Encoding
gzip
Server
nginx
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Max-Age
86400
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Mon, 26 Jul 1997 05:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: adfoc.us
URL: http://adfoc.us/17867966750743
Protocol
HTTP/1.1
Security
, ,
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://adfoc.us/17867966750743
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 22 Aug 2019 16:20:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
1707235
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
33621
X-XSS-Protection
0
Expires
Fri, 21 Aug 2020 16:20:30 GMT
logo.png
adfoc.us/images/serve/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://adfoc.us/images/serve/logo.png
Requested by
Host: adfoc.us
URL: http://adfoc.us/17867966750743
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:20::6819:ae0f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d5655bda7e6d28855dbe5d87903b8ebe5355853f6c41af2f005372a7beb2306
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://adfoc.us/17867966750743
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 10:34:25 GMT
CF-Cache-Status
HIT
Last-Modified
Fri, 28 Jun 2019 09:44:45 GMT
Server
cloudflare
Age
3343
X-Frame-Options
SAMEORIGIN
ETag
"5d15e18d-32b3"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
5148fd32a9a5cbc4-VIE
Content-Length
12979
Expires
Wed, 11 Sep 2019 11:34:25 GMT
skip.png
adfoc.us/images/serve/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://adfoc.us/images/serve/skip.png
Requested by
Host: adfoc.us
URL: http://adfoc.us/17867966750743
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:20::6819:ae0f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaa547b4ac42a36038579437f33f2b14a25830e5572972eca3a47e36472c06bc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://adfoc.us/17867966750743
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 10:34:25 GMT
CF-Cache-Status
HIT
Last-Modified
Fri, 28 Jun 2019 09:44:45 GMT
Server
cloudflare
Age
2687
X-Frame-Options
SAMEORIGIN
ETag
"5d15e18d-d14"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
5148fd334b6bcbc4-VIE
Content-Length
3348
Expires
Wed, 11 Sep 2019 11:34:25 GMT
interstitial.js
adfoc.us/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://adfoc.us/js/interstitial.js
Requested by
Host: adfoc.us
URL: http://adfoc.us/17867966750743
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:20::6819:ae0f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3acef614cf1fbd2dbeeb9629104c768719d383fcddf17a946433c2ac03c6847f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://adfoc.us/17867966750743
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 10:34:25 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 28 Jun 2019 09:44:43 GMT
Server
cloudflare
Age
3618
X-Frame-Options
SAMEORIGIN
ETag
W/"5d15e18b-1184"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5148fd333b1ecbc4-VIE
Expires
Wed, 11 Sep 2019 11:34:25 GMT
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: adfoc.us
URL: http://adfoc.us/17867966750743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://adfoc.us/17867966750743
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1405
date
Wed, 11 Sep 2019 10:11:00 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17168
expires
Wed, 11 Sep 2019 12:11:00 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
index
www.google.com/sorry/ Frame 94B2
Redirect Chain
  • https://www.mb103.com/lnk.asp?o=15108&c=918277&a=383086&k=6841B6EA1A00461BAD133C5A0D1ED0B3&l=15938&s2=178679
  • https://www.maxbounty.com/lnk.asp?o=15108&c=918277&a=383086&k=6841B6EA1A00461BAD133C5A0D1ED0B3&l=15938&s2=178679
  • https://maxbounty.com/def.cfm?i=383086&o=15108&c=NL&d=D&z=0
  • https://www.maxbounty.com/def.cfm?i=383086&o=15108&c=NL&d=D&z=0
  • https://3xn.fastnetworkconnection.com/?s1=0kw=383086
  • https://google.com/?&%3F%3Fs1=0kw%3D383086&group_id=483&cntrl=00000&pid=357&redid=81722&gsid=483&campaign_id=1228&p_id=357&id=XNSX.-r81722-t483&impid=ba4d719c-d47f-11e9-96ba-cae258990218
  • https://www.google.com/sorry/index?continue=https://google.com/%3F%26%253F%253Fs1%3D0kw%253D383086%26group_id%3D483%26cntrl%3D00000%26pid%3D357%26redid%3D81722%26gsid%3D483%26campaign_id%3D1228%26p...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/sorry/index?continue=https://google.com/%3F%26%253F%253Fs1%3D0kw%253D383086%26group_id%3D483%26cntrl%3D00000%26pid%3D357%26redid%3D81722%26gsid%3D483%26campaign_id%3D1228%26p_id%3D357%26id%3DXNSX.-r81722-t483%26impid%3Dba4d719c-d47f-11e9-96ba-cae258990218&q=EhAqAQT4AZJUFAAAAAAAAAACGLKb4-sFIhkA8aeDS5KmUT5jFn7L9LLjHD0y-mXOd6RgMgFy
Requested by
Host: adfoc.us
URL: http://adfoc.us/17867966750743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/sorry/index?continue=https://google.com/%3F%26%253F%253Fs1%3D0kw%253D383086%26group_id%3D483%26cntrl%3D00000%26pid%3D357%26redid%3D81722%26gsid%3D483%26campaign_id%3D1228%26p_id%3D357%26id%3DXNSX.-r81722-t483%26impid%3Dba4d719c-d47f-11e9-96ba-cae258990218&q=EhAqAQT4AZJUFAAAAAAAAAACGLKb4-sFIhkA8aeDS5KmUT5jFn7L9LLjHD0y-mXOd6RgMgFy
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://adfoc.us/17867966750743
accept-encoding
gzip, deflate, br
cookie
CONSENT=WP.27e19f
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://adfoc.us/17867966750743

Response headers

status
429
date
Wed, 11 Sep 2019 10:34:26 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
server
HTTP server (unknown)
content-length
3429
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,43,39"

Redirect headers

status
302
location
https://www.google.com/sorry/index?continue=https://google.com/%3F%26%253F%253Fs1%3D0kw%253D383086%26group_id%3D483%26cntrl%3D00000%26pid%3D357%26redid%3D81722%26gsid%3D483%26campaign_id%3D1228%26p_id%3D357%26id%3DXNSX.-r81722-t483%26impid%3Dba4d719c-d47f-11e9-96ba-cae258990218&q=EhAqAQT4AZJUFAAAAAAAAAACGLKb4-sFIhkA8aeDS5KmUT5jFn7L9LLjHD0y-mXOd6RgMgFy
date
Wed, 11 Sep 2019 10:34:26 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
554
x-xss-protection
0
set-cookie
CONSENT=WP.27e19f; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
ntfc.php
loodoost.net/ 		115 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loodoost.net/ntfc.php?p=2553388&r=ui&swver=3.1.108
Requested by
Host: loodoost.net
URL: http://loodoost.net/ntfc.php?p=2553388&tco=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
88.85.66.226 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
88.85.66.226.webazilla.com
Software
nginx /
Resource Hash
f58c831db566af7e02bf35e214de67f01d571ad4c1825a60f31ce973bee9bf78

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://adfoc.us/17867966750743
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 10:34:25 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Max-Age
86400
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
/
adrunnr.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://adrunnr.com/?placement=285281&async
Requested by
Host: adfoc.us
URL: http://adfoc.us/17867966750743
Protocol
HTTP/1.1
Security
, ,
Server
18.194.63.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-194-63-79.eu-central-1.compute.amazonaws.com
Software
Adrunnr /
Resource Hash
55dcb8d86b80b6051297f98ec37abfe5e85943e965a7df2560fe55e224f47ce7

Request headers

Referer
http://adfoc.us/17867966750743
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 10:34:25 GMT
Server
Adrunnr
Connection
keep-alive
Content-Length
1874
Content-Type
application/javascript
credit
adfoc.us/serve/ 		0
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adfoc.us/serve/credit
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol
HTTP/1.1
Security
, ,
Server
2606:4700:20::6819:ae0f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
http://adfoc.us/17867966750743
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 11 Sep 2019 10:34:25 GMT
Content-Encoding
gzip
Server
cloudflare
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5148fd335b82cba8-VIE
Expires
Thu, 19 Nov 1981 08:52:00 GMT
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1704463017&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utm...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1704463017&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&ut...
35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1704463017&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utmhid=872081093&utmr=-&utmp=%2F17867966750743&utmht=1568198065181&utmac=UA-22601934-1&utmcc=__utma%3D88833355.1489043603.1568198065.1568198065.1568198065.1%3B%2B__utmz%3D88833355.1568198065.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=57437376&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: adfoc.us
URL: http://adfoc.us/17867966750743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://adfoc.us/17867966750743
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Sep 2019 10:34:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1704463017&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utmhid=872081093&utmr=-&utmp=%2F17867966750743&utmht=1568198065181&utmac=UA-22601934-1&utmcc=__utma%3D88833355.1489043603.1568198065.1568198065.1568198065.1%3B%2B__utmz%3D88833355.1568198065.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=57437376&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=199220573&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utmh...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=199220573&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utm...
35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=199220573&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utmhid=872081093&utmr=-&utmp=%2F17867966750743&utmht=1568198065186&utmac=x65351709&utmcc=__utma%3D88833355.1489043603.1568198065.1568198065.1568198065.1%3B%2B__utmz%3D88833355.1568198065.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1087562572&utmredir=1&utmmt=1&utmu=qAAgAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: adfoc.us
URL: http://adfoc.us/17867966750743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://adfoc.us/17867966750743
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Sep 2019 10:34:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=199220573&utmhn=adfoc.us&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=AdFoc.us&utmhid=872081093&utmr=-&utmp=%2F17867966750743&utmht=1568198065186&utmac=x65351709&utmcc=__utma%3D88833355.1489043603.1568198065.1568198065.1568198065.1%3B%2B__utmz%3D88833355.1568198065.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1087562572&utmredir=1&utmmt=1&utmu=qAAgAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
adtools.min.js
cdn.adrunnr.com/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.adrunnr.com/js/adtools.min.js
Requested by
Host: adrunnr.com
URL: http://adrunnr.com/?placement=285281&async
Protocol
HTTP/1.1
Security
, ,
Server
89.187.165.7 Zurich, Switzerland, ASN60068 (CDN77, GB),
Reverse DNS
zurich-6.cdn77.com
Software
CDN77-Turbo /
Resource Hash
ce9d22cd0d6a754b5b20a98258c46bf332b39db81e914acb0e37347b6e2a5619

Request headers

Referer
http://adfoc.us/17867966750743
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 10:34:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 May 2017 07:49:08 GMT
Server
CDN77-Turbo
X-Edge-Location
zurichCH
ETag
W/"591022f4-4164"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Edge-IP
89.187.165.6
Connection
keep-alive
X-Age
841631
event
pushwhy.com/ 		94 B
537 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pushwhy.com/event
Requested by
Host: loodoost.net
URL: https://loodoost.net/ntfc.php?p=2553388&r=ui&swver=3.1.108
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
194.187.98.236 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
194.187.98.236.webazilla.com
Software
nginx /
Resource Hash
8082e190c988dd69737083373525e7a6b95e9245426ca2a7ca0e5efe003ac457
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
http://adfoc.us/17867966750743
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
7a8518ca1c0860583651d14d4144329d
Date
Wed, 11 Sep 2019 10:34:25 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://adfoc.us
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
94
popunder.min.js
cdn.adrunnr.com/js/pre_templates/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.adrunnr.com/js/pre_templates/popunder.min.js
Requested by
Host: cdn.adrunnr.com
URL: http://cdn.adrunnr.com/js/adtools.min.js
Protocol
HTTP/1.1
Security
, ,
Server
89.187.165.7 Zurich, Switzerland, ASN60068 (CDN77, GB),
Reverse DNS
zurich-6.cdn77.com
Software
CDN77-Turbo /
Resource Hash
07d8f40a1c6139fca478cae9c1430b63080392b7a6038428febb3db405c8ce11

Request headers

Referer
http://adfoc.us/17867966750743
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 10:34:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 May 2017 07:49:08 GMT
Server
CDN77-Turbo
X-Edge-Location
zurichCH
ETag
W/"591022f4-1a61"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Edge-IP
89.187.165.6
Connection
keep-alive
X-Age
833951
custom
loodoost.net/ 		39 B
482 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://loodoost.net/custom
Requested by
Host: loodoost.net
URL: https://loodoost.net/ntfc.php?p=2553388&r=ui&swver=3.1.108
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
88.85.66.226 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
88.85.66.226.webazilla.com
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
http://adfoc.us/17867966750743
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
1c0e780079f44ee822b58c424249d477
Date
Wed, 11 Sep 2019 10:34:25 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://adfoc.us
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
gid.js
my.rtmark.net/ 		65 B
742 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=2ad3c32934faacee7b22f5a255d293be&zoneId=2553389&checkDuplicate=true
Requested by
Host: loodoost.net
URL: https://loodoost.net/ntfc.php?p=2553388&r=ui&swver=3.1.108
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.42.160.80 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
f54baaf8b8bcc72ff95d3c0616b070f0d4a5e117bc96703905458cd95db6b50c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
http://adfoc.us/17867966750743
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 10:34:25 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://adfoc.us
Access-Control-Expose-Headers
Authorization
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length
65
truncated
/ Frame 7084 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ad770f7303d5654daf4d143d7b1b3bb746700bc1333497c9744f4f03ce42b91

Request headers

Referer
http://adfoc.us/17867966750743
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
custom
loodoost.net/ 		39 B
482 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://loodoost.net/custom
Requested by
Host: loodoost.net
URL: https://loodoost.net/ntfc.php?p=2553388&r=ui&swver=3.1.108
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
88.85.66.226 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
88.85.66.226.webazilla.com
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
http://adfoc.us/17867966750743
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
005ee3cb0a5594cdd42d63406f071e31
Date
Wed, 11 Sep 2019 10:34:26 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://adfoc.us
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
custom
loodoost.net/ 		39 B
482 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://loodoost.net/custom
Requested by
Host: loodoost.net
URL: https://loodoost.net/ntfc.php?p=2553388&r=ui&swver=3.1.108
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
88.85.66.226 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
88.85.66.226.webazilla.com
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
http://adfoc.us/17867966750743
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
ce7145b31f0a207efc230a731f5d4d07
Date
Wed, 11 Sep 2019 10:34:27 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://adfoc.us
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _0xa500 function| _c object| d string| k object| _zxbupf87xq9 object| zfgformats function| setImmediate function| clearImmediate function| _alqvpar function| _ljflkl undefined| $ function| jQuery object| _gaq string| ad_url string| ref_url string| payout_rate string| click_url boolean| preview string| optionsAxXB324Fe string| laryAxXB324Fe boolean| zfgloadedpushopt number| count number| counter function| timer function| showClose function| $jQuery object| jQuery18207099012122334352 string| key object| _gat object| gaGlobal object| _0x5f11 function| _0x43c1 object| ntfcSDK function| zfgproxyhttp function| ADTOOLS undefined| g367CB268B1094004A3689751E7AC568F boolean| installOnFly boolean| zfgloadedpush boolean| zfgloadedpushcode object| onClickExcludes

9 Cookies

Domain/Path Name / Value
.adfoc.us/ Name: __utmb
Value: 88833355.2.10.1568198065
.adfoc.us/ Name: __utmt_t2
Value: 1
.adfoc.us/ Name: __utma
Value: 88833355.1489043603.1568198065.1568198065.1568198065.1
.adfoc.us/ Name: __utmz
Value: 88833355.1568198065.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.google.com/ Name: CONSENT
Value: WP.27e19f
.adfoc.us/ Name: __utmc
Value: 88833355
adfoc.us/ Name: phpsessionname
Value: ns2nc94dqpllet7bllqo2bs1n7
.adfoc.us/ Name: __utmt
Value: 1
.adfoc.us/ Name: __cfduid
Value: d1492458c7bad4410c9c607dfbf5625df1568198064

2 Console Messages

Source Level URL
Text
console-api warning URL: https://loodoost.net/ntfc.php?p=2553388&r=ui&swver=3.1.108(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api warning URL: https://loodoost.net/ntfc.php?p=2553388&r=ui&swver=3.1.108(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3xn.fastnetworkconnection.com
adfoc.us
adrunnr.com
ajax.googleapis.com
cdn.adrunnr.com
google.com
loodoost.net
maxbounty.com
my.rtmark.net
pushwhy.com
www.google-analytics.com
www.google.com
www.maxbounty.com
www.mb103.com
154.16.134.38
18.194.63.79
188.42.160.80
194.187.98.236
2606:4700:20::6819:ae0f
2a00:1450:4001:819::200a
2a00:1450:4001:819::200e
2a00:1450:4001:81f::2004
2a00:1450:4001:825::200e
69.172.200.185
88.85.66.226
89.187.165.7
07d8f40a1c6139fca478cae9c1430b63080392b7a6038428febb3db405c8ce11
0ad770f7303d5654daf4d143d7b1b3bb746700bc1333497c9744f4f03ce42b91
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1d5655bda7e6d28855dbe5d87903b8ebe5355853f6c41af2f005372a7beb2306
3acef614cf1fbd2dbeeb9629104c768719d383fcddf17a946433c2ac03c6847f
55dcb8d86b80b6051297f98ec37abfe5e85943e965a7df2560fe55e224f47ce7
8082e190c988dd69737083373525e7a6b95e9245426ca2a7ca0e5efe003ac457
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9207f9327875f9c422f6008641eee817d40f6d65d83a2dc3cc11117ac47f4009
aaa547b4ac42a36038579437f33f2b14a25830e5572972eca3a47e36472c06bc
ce9d22cd0d6a754b5b20a98258c46bf332b39db81e914acb0e37347b6e2a5619
de77acc91d0ba4b4ee2631ff72fa8eb37e56da995ca983602ff44dc98cc9656a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f54baaf8b8bcc72ff95d3c0616b070f0d4a5e117bc96703905458cd95db6b50c
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f58c831db566af7e02bf35e214de67f01d571ad4c1825a60f31ce973bee9bf78
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881