adz-skip.net Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://social-logins.com/
Effective URL:
https://adz-skip.net/addon.php?ah=bgcnMIEge8wl5&aq=LQ98FS40E9&l1=1&ao=54395_cFjo&ak=meF1Mi7kcAYE07T4mDpLK6kzdK2FQIwo&...
Submission: On December 16 via api (December 16th 2022, 1:03:26 pm UTC) from JP — Scanned from NL

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 16 domains to perform 18 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is adz-skip.net.
TLS certificate: Issued by E1 on November 12th 2022. Valid for: 3 months.

This is the only time adz-skip.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	199.188.200.94 199.188.200.94	22612 (NAMECHEAP...) (NAMECHEAP-NET)
3	216.104.36.157 216.104.36.157	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 3	51.68.85.158 51.68.85.158	16276 (OVH) (OVH)
4	2606:4700:303... 2606:4700:3031::ac43:92ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::6815:4a8d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	162.242.198.222 162.242.198.222	27357 (RACKSPACE) (RACKSPACE)
1	94.237.103.119 94.237.103.119	202053 (UPCLOUD) (UPCLOUD)
1 1	107.20.106.95 107.20.106.95	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.226.146.143 3.226.146.143	14618 (AMAZON-AES) (AMAZON-AES)
1	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:807::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::ac43:a829	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::6815:5395	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
18	12

2 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

social-logins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.bl-easycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.188.200.94 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server247-2.web-hosting.com

mido.ex4ads.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.104.36.157 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

pop.ex4ads.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.68.85.158 (France) 2 redirects

ASN16276 (OVH, FR)

www.turbotrck.art	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3031::ac43:92ee (United States)

ASN13335 (CLOUDFLARENET, US)

zring.jukminung.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:4a8d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.addlnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.242.198.222 (United States) 1 redirects

ASN27357 (RACKSPACE, US)

go.doblevialatam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.237.103.119 (Finland)

ASN202053 (UPCLOUD, FI)
PTR: 94-237-103-119.de-fra1.upcloud.host

1264178c7370.traffic247links.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.20.106.95 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-106-95.compute-1.amazonaws.com

brko.admobe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.226.146.143 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-146-143.compute-1.amazonaws.com

setupspeedyhighlyinfo-file.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

adz-skip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:a829 (United States)

ASN13335 (CLOUDFLARENET, US)

trk023.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:5395 (United States)

ASN13335 (CLOUDFLARENET, US)

skiptheadz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	jukminung.com zring.jukminung.com	27 KB
4	ex4ads.xyz 1 redirects mido.ex4ads.xyz pop.ex4ads.xyz	9 KB
3	turbotrck.art 2 redirects www.turbotrck.art — Cisco Umbrella Rank: 973305	8 KB
2	gstatic.com fonts.gstatic.com	32 KB
1	skiptheadz.com skiptheadz.com	570 B
1	trk023.com trk023.com	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	1 KB
1	adz-skip.net adz-skip.net	3 KB
1	setupspeedyhighlyinfo-file.info 1 redirects setupspeedyhighlyinfo-file.info	376 B
1	admobe.com 1 redirects brko.admobe.com — Cisco Umbrella Rank: 390549	339 B
1	traffic247links.com 1264178c7370.traffic247links.com	1 KB
1	doblevialatam.com 1 redirects go.doblevialatam.com	272 B
1	addlnk.com cdn.addlnk.com — Cisco Umbrella Rank: 547885	1 KB
1	bl-easycdn.com t.bl-easycdn.com	9 KB
1	social-logins.com 1 redirects social-logins.com	530 B
0	Failed function sub() { [native code] }. Failed
18	16

	Domain	Requested by
4	zring.jukminung.com	t.bl-easycdn.com pop.ex4ads.xyz zring.jukminung.com
3	www.turbotrck.art	2 redirects pop.ex4ads.xyz
3	pop.ex4ads.xyz	pop.ex4ads.xyz
2	fonts.gstatic.com	fonts.googleapis.com
1	skiptheadz.com	adz-skip.net
1	trk023.com	adz-skip.net
1	fonts.googleapis.com	adz-skip.net
1	adz-skip.net
1	setupspeedyhighlyinfo-file.info	1 redirects
1	brko.admobe.com	1 redirects
1	1264178c7370.traffic247links.com	zring.jukminung.com
1	go.doblevialatam.com	1 redirects
1	cdn.addlnk.com	zring.jukminung.com
1	t.bl-easycdn.com	www.turbotrck.art
1	mido.ex4ads.xyz	1 redirects
1	social-logins.com	1 redirects
0	cpljgiahieggmkgneoongakhhgmcjmhb Failed	adz-skip.net
18	17

This site contains no links.

Subject Issuer	Validity	Valid
pop.ex4ads.xyz R3	`2022-10-16` - `2023-01-14`	3 months	crt.sh
www.turbotrck.art R3	`2022-10-30` - `2023-01-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-19` - `2023-03-19`	a year	crt.sh
*.jukminung.com E1	`2022-11-17` - `2023-02-15`	3 months	crt.sh
*.traffic247links.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
*.adz-skip.net E1	`2022-11-12` - `2023-02-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.trk023.com E1	`2022-11-06` - `2023-02-04`	3 months	crt.sh
*.skiptheadz.com GTS CA 1P5	`2022-12-05` - `2023-03-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://adz-skip.net/addon.php?ah=bgcnMIEge8wl5&aq=LQ98FS40E9&l1=1&ao=54395_cFjo&ak=meF1Mi7kcAYE07T4mDpLK6kzdK2FQIwo&aj=cn
Frame ID: 66F69652D8D52F5DF8860A03069FC050
Requests: 13 HTTP requests in this frame

Frame: https://zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671192000
Frame ID: ACE0893FED59CF3C12FD0651EEE2D9D7
Requests: 3 HTTP requests in this frame

Frame: https://trk023.com/a.php?id=0055&e=LQ98FS40E9&c=bgcnMIEge8wl5&r=cn&cid=meF1Mi7kcAYE07T4mDpLK6kzdK2FQIwo&z=54395_cFjo&v=2&dr=https%3A%2F%2F1264178c7370.traffic247links.com%2F&inw=1600&inh=1200
Frame ID: AC8F18372ADBF2755E31138EF74C3309
Requests: 1 HTTP requests in this frame

Frame: https://skiptheadz.com/k.php
Frame ID: A5921752AF13FC4709B662E3EB4DEECA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Skip the Adz

Page URL History Show full URLs

https://social-logins.com/ HTTP 302
https://mido.ex4ads.xyz/ HTTP 301
https://pop.ex4ads.xyz/?utm_medium=acd44a6ba4502efcdd0c6c7584b70228f9a3c1fb&utm_campaign=Mido Page URL
https://pop.ex4ads.xyz/?utm_term=7177731306229334060&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
https://pop.ex4ads.xyz/proc.php?72bceac45cfa7baf6cc484e1518cfb341a48c1f7 Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7177731306229334060&website... Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7177731306229334060&website... HTTP 302
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7177731306229334060&website... HTTP 302
https://t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid= Page URL
https://zring.jukminung.com/rc/22e841bd3c?affclick=22121614_01_371812_e1fcc84d25f15&pubid=a371812s&affe=... Page URL
https://go.doblevialatam.com/1652519235?aff_token=pube06f910a051a483b8cc7af1bc6683478&aff_source=9f6cbb32 HTTP 307
https://1264178c7370.traffic247links.com/?p=8670&media_type=mainstream&click_id=&token=fab414f3595f096b82a8fc47 Page URL
https://brko.admobe.com/gasdgsdg/gsdagsdag/?utm_source=1080&utm_campaign=11640530&clck=5x9d8bisf8m8d... HTTP 302
https://setupspeedyhighlyinfo-file.info/FWWufu6m_hbhu4dGy2aFQSyNmhVwprJg2nD7NDOLE7g?clck=5x9d8bisf8m8ddkifm144wckc,1... HTTP 302
https://adz-skip.net/addon.php?ah=bgcnMIEge8wl5&aq=LQ98FS40E9&l1=1&ao=54395_cFjo&ak=meF1Mi7kcAYE0... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

18
Requests

94 %
HTTPS

53 %
IPv6

16
Domains

17
Subdomains

12
IPs

5
Countries

91 kB
Transfer

153 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://social-logins.com/ HTTP 302
https://mido.ex4ads.xyz/ HTTP 301
https://pop.ex4ads.xyz/?utm_medium=acd44a6ba4502efcdd0c6c7584b70228f9a3c1fb&utm_campaign=Mido Page URL
https://pop.ex4ads.xyz/?utm_term=7177731306229334060&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673 Page URL
https://pop.ex4ads.xyz/proc.php?72bceac45cfa7baf6cc484e1518cfb341a48c1f7 Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7177731306229334060&website=20902-8f01339z&placement=20902&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673 Page URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7177731306229334060&website=20902-8f01339z&placement=20902&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673&eyeg=56279dbeb98b47b15c9dd0aa92f848fc&eyer=0.5546248802581364&eyei=0&eyew=1600&eyeh=1200&eyetd=222211114232&eyef=https%3A%2F%2Fpop.ex4ads.xyz%2F HTTP 302
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7177731306229334060&website=20902-8f01339z&placement=20902&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673&eyeg=3&eyer=0.5546248802581364&eyei=0&eyew=1600&eyeh=1200&eyetd=222211114232&eyef=https%3A%2F%2Fpop.ex4ads.xyz%2F HTTP 302
https://t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid= Page URL
https://zring.jukminung.com/rc/22e841bd3c?affclick=22121614_01_371812_e1fcc84d25f15&pubid=a371812s&affe=rdmfl Page URL
https://go.doblevialatam.com/1652519235?aff_token=pube06f910a051a483b8cc7af1bc6683478&aff_source=9f6cbb32 HTTP 307
https://1264178c7370.traffic247links.com/?p=8670&media_type=mainstream&click_id=&token=fab414f3595f096b82a8fc47 Page URL
https://brko.admobe.com/gasdgsdg/gsdagsdag/?utm_source=1080&utm_campaign=11640530&clck=5x9d8bisf8m8ddkifm144wckc,16575835,5,8670&sid=8670 HTTP 302
https://setupspeedyhighlyinfo-file.info/FWWufu6m_hbhu4dGy2aFQSyNmhVwprJg2nD7NDOLE7g?clck=5x9d8bisf8m8ddkifm144wckc,16575835,5,8670&sid=8670 HTTP 302
https://adz-skip.net/addon.php?ah=bgcnMIEge8wl5&aq=LQ98FS40E9&l1=1&ao=54395_cFjo&ak=meF1Mi7kcAYE07T4mDpLK6kzdK2FQIwo&aj=cn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://social-logins.com/ HTTP 302
https://mido.ex4ads.xyz/ HTTP 301
https://pop.ex4ads.xyz/?utm_medium=acd44a6ba4502efcdd0c6c7584b70228f9a3c1fb&utm_campaign=Mido

Request Chain 4

https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7177731306229334060&website=20902-8f01339z&placement=20902&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673&eyeg=56279dbeb98b47b15c9dd0aa92f848fc&eyer=0.5546248802581364&eyei=0&eyew=1600&eyeh=1200&eyetd=222211114232&eyef=https%3A%2F%2Fpop.ex4ads.xyz%2F HTTP 302
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7177731306229334060&website=20902-8f01339z&placement=20902&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673&eyeg=3&eyer=0.5546248802581364&eyei=0&eyew=1600&eyeh=1200&eyetd=222211114232&eyef=https%3A%2F%2Fpop.ex4ads.xyz%2F HTTP 302
https://t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=

Request Chain 8

https://go.doblevialatam.com/1652519235?aff_token=pube06f910a051a483b8cc7af1bc6683478&aff_source=9f6cbb32 HTTP 307
https://1264178c7370.traffic247links.com/?p=8670&media_type=mainstream&click_id=&token=fab414f3595f096b82a8fc47

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
pop.ex4ads.xyz/
Redirect Chain

https://social-logins.com/
https://mido.ex4ads.xyz/
https://pop.ex4ads.xyz/?utm_medium=acd44a6ba4502efcdd0c6c7584b70228f9a3c1fb&utm_campaign=Mido

3 KB
2 KB

365ms
120ms

Document
text/html

216.104.36.157
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pop.ex4ads.xyz/?utm_medium=acd44a6ba4502efcdd0c6c7584b70228f9a3c1fb&utm_campaign=Mido

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.104.36.157 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.2.0

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 16 Dec 2022 13:03:20 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://pop.ex4ads.xyz/?utm_term=7177731306229334060&ver=4viyaptcjo
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

Redirect headers

content-length: 707
content-type: text/html
date: Fri, 16 Dec 2022 13:03:20 GMT
location: https://pop.ex4ads.xyz/?utm_medium=acd44a6ba4502efcdd0c6c7584b70228f9a3c1fb&utm_campaign=Mido
server: LiteSpeed
x-turbo-charged-by: LiteSpeed

GET
H2 200 / Show response
pop.ex4ads.xyz/ 11 KB
5 KB 128ms
127ms Document
text/html 216.104.36.157
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pop.ex4ads.xyz/?utm_term=7177731306229334060&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673

Requested by

Host: pop.ex4ads.xyz
URL: https://pop.ex4ads.xyz/?utm_medium=acd44a6ba4502efcdd0c6c7584b70228f9a3c1fb&utm_campaign=Mido

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.104.36.157 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.2.0

Resource Hash

d62845b9f5f0e145be59209d9c274e12741c8c46cc855510a7dbba4eb86a2d17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://pop.ex4ads.xyz/?utm_medium=acd44a6ba4502efcdd0c6c7584b70228f9a3c1fb&utm_campaign=Mido
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 16 Dec 2022 13:03:20 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

GET
H2 200 proc.php
pop.ex4ads.xyz/ 4 KB
2 KB 121ms
120ms Document
text/html 216.104.36.157
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pop.ex4ads.xyz/proc.php?72bceac45cfa7baf6cc484e1518cfb341a48c1f7

Requested by

Host: pop.ex4ads.xyz
URL: https://pop.ex4ads.xyz/?utm_term=7177731306229334060&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.104.36.157 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

server04.com-2.mobi

Software

nginx / PHP/8.2.0

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://pop.ex4ads.xyz/?utm_term=7177731306229334060&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 16 Dec 2022 13:03:20 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7177731306229334060&website=20902-8f01339z&placement=20902
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
x-powered-by: PHP/8.2.0

GET
H/1.1 200
OK /
www.turbotrck.art/ 7 KB
7 KB 156ms
37ms Document
text/html 51.68.85.158
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7177731306229334060&website=20902-8f01339z&placement=20902&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673
Requested by: Host: pop.ex4ads.xyz
URL: https://pop.ex4ads.xyz/proc.php?72bceac45cfa7baf6cc484e1518cfb341a48c1f7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.85.158 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://pop.ex4ads.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-CH: Sec-CH-UA-Platform-Version
Cache-Control: no-transform
Connection: keep-alive
Content-Type: text/html
Date: Fri, 16 Dec 2022 13:03:21 GMT
Transfer-Encoding: chunked

GET
H2

200

/ Show response
t.bl-easycdn.com/directclick/
Redirect Chain

https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7177731306229334060&website=20902-8f01339z&placement=20902&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd838...
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7177731306229334060&website=20902-8f01339z&placement=20902&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd838...
https://t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=

25 KB
9 KB

237ms
166ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=
Requested by: Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7177731306229334060&website=20902-8f01339z&placement=20902&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ccf1a41918ff14835dc492ff74cfcd1d75b3f485bf1ce33d7be8750cb9e5ea3

Request headers

Referer: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7177731306229334060&website=20902-8f01339z&placement=20902&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf7f1f2f4f3f2eaeaeaedefe6eae4e673
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77a79e5e5b5c0e5c-AMS
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 16 Dec 2022 13:03:21 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IjKL1wzj0OHrLw2fepV8VcJJvx%2BLAGCkofX8%2FR3aOuQnzzs80ZSl9ExFGNaUak1378Otthh0E1829dKpcqf%2Fi3NuTb2JHjs2dhdM5MSyb7Wb08zs%2Fp%2FYK3fIV0d56H6b2fUCz2%2BrbnDm%2BMH0mzUE"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

Cache-Control: no-transform
Connection: keep-alive
Content-Length: 0
Date: Fri, 16 Dec 2022 13:03:21 GMT
Location: https://t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=

GET
H2 200 22e841bd3c Show response
zring.jukminung.com/rc/ 3 KB
2 KB 270ms
135ms Document
text/html 2606:4700:3031::ac43:92ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zring.jukminung.com/rc/22e841bd3c?affclick=22121614_01_371812_e1fcc84d25f15&pubid=a371812s&affe=rdmfl
Requested by: Host: t.bl-easycdn.com
URL: https://t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 536f62a59a679dc288d43e47967f80c152d62c86cb31a5a941e034b867203fe5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77a79e6068cd6916-FRA
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
date: Fri, 16 Dec 2022 13:03:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I77AX%2FCZDeB%2FRaVzMW5Icsr7LD21TEMuEF0fUvSyPklFT2GvkWL4cWTRH0G2ED45KQYSD9jvzDPionySWWzF7yXfjt4HzKInnZCttar4gRGk%2FBW%2FkKYQng55G80JcQovYexPo%2FkTdlsPbpv2dm2jUD6h"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Language, Cookie

GET
H2 200 redirect.css
cdn.addlnk.com/ 1 KB
1 KB 167ms
57ms Stylesheet
text/css 2606:4700:3030::6815:4a8d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addlnk.com/redirect.css
Requested by: Host: zring.jukminung.com
URL: https://zring.jukminung.com/rc/22e841bd3c?affclick=22121614_01_371812_e1fcc84d25f15&pubid=a371812s&affe=rdmfl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4a8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:03:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KPYPMKR87WVDDR5G
age: 2308
cf-polished: origSize=1680
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: sdyeyOjO4qADE8twISrwU7928cky8WpEvqOoYxcGfmLM5QiMKH15++pL4Vm7UxnFSSwxMSTIZIo=
cf-bgj: minify
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
server: cloudflare
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqHguHo1XssUFxq%2FY6grkz%2F3e1DAAkJ458u6fs%2FFQRfCnG3b0zda49smdXs6Z38CFpbwiLOqVrMtAZtXe4lx0MFYePK%2Fc8EnKPGtbqA63wOUIgZ%2F2ysmbso2%2BOHNM3eodjbDdiO9Xa4qa1%2Fbsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 77a79e620c325c26-FRA

GET
H2 200 invisible.js
zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame ACE0 36 KB
16 KB 152ms
151ms Script
application/javascript 2606:4700:3031::ac43:92ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671192000
Requested by: Host: pop.ex4ads.xyz
URL: https://pop.ex4ads.xyz/?utm_medium=acd44a6ba4502efcdd0c6c7584b70228f9a3c1fb&utm_campaign=Mido
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:03:22 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQ%2F0LDT4hQyKho6yEOwMeb4wp2lWLEAzdbKMQDEPm%2B4jD5oj3htz6b8jv61yFOvLA3t14LtUObkjNaDXui%2FD7AHrrZVaQ%2FQvk5C%2Fzx6Gq4zglW0olcv52ZS42ZnUCi6%2BxU9sYX0iulQuvm0QWgsYH8m5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 77a79e628d9f6916-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

/ Show response
1264178c7370.traffic247links.com/
Redirect Chain

https://go.doblevialatam.com/1652519235?aff_token=pube06f910a051a483b8cc7af1bc6683478&aff_source=9f6cbb32
https://1264178c7370.traffic247links.com/?p=8670&media_type=mainstream&click_id=&token=fab414f3595f096b82a8fc47

970 B
1 KB

142ms
60ms

Document
text/html

94.237.103.119
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://1264178c7370.traffic247links.com/?p=8670&media_type=mainstream&click_id=&token=fab414f3595f096b82a8fc47
Requested by: Host: zring.jukminung.com
URL: https://zring.jukminung.com/rc/22e841bd3c?affclick=22121614_01_371812_e1fcc84d25f15&pubid=a371812s&affe=rdmfl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.237.103.119 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS: 94-237-103-119.de-fra1.upcloud.host
Software: /
Resource Hash: 182827b2e3634ade7358b0aa05d562f4abaade3586bddac74473a20ee8a08147

Request headers

Referer: https://zring.jukminung.com/rc/22e841bd3c?affclick=22121614_01_371812_e1fcc84d25f15&pubid=a371812s&affe=rdmfl
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 16 Dec 2022 13:03:22 GMT
expires: Fri, 16 Dec 2022 13:03:22 GMT
last-modified: Fri, 16 Dec 2022 13:03:22 GMT
pragma: no-cache
vary: Accept-Encoding
x-robots-tag: noindex, nofollow

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Fri, 16 Dec 2022 13:03:22 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://1264178c7370.traffic247links.com/?p=8670&media_type=mainstream&click_id=&token=fab414f3595f096b82a8fc47
pragma: no-cache
server: nginx/1.20.1
x-powered-by: PHP/7.3.33

GET
H3 200 pica.js
zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame ACE0 19 KB
9 KB 50ms
49ms Other
application/javascript 2606:4700:3031::ac43:92ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 13:03:22 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uuKPHCYuGEWGM1%2B0zjg36ZqYOj7vu1bqwMztGLck4zTAvNYUksn6pidsxQPz3HLPeX3bU%2FGdbPtokxwkisgOXFwQel3P9Xsc%2FDeftG1p300dgtem7YKO93Cuk%2FQ5cx7%2F5jl9peBYC0Gk3dQbx9PxK%2B0%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 77a79e6388be928f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 77a79e6068cd6916
zring.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame ACE0 2 B
679 B 66ms
65ms XHR
text/plain 2606:4700:3031::ac43:92ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zring.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/77a79e6068cd6916
Requested by: Host: zring.jukminung.com
URL: https://zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671192000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 16 Dec 2022 13:03:22 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K13ZkaH0BwgwuUeJvIgMk4FZ79InQwRcB%2FOR8Jk6PP1CBMdxFfVkc412IlndvFnMZynfaQYIkWM1nC4jdP7um%2BB5qqxuG9004%2FL8ybSW3tGXjZo%2BUJ%2FTmuGr%2BhdjXHH2KTUTkTr1LJ2Jtk6gunPpFJz4"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 77a79e668e23928f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

Primary Request addon.php Show response
adz-skip.net/
Redirect Chain

https://brko.admobe.com/gasdgsdg/gsdagsdag/?utm_source=1080&utm_campaign=11640530&clck=5x9d8bisf8m8ddkifm144wckc,16575835,5,8670&sid=8670
https://setupspeedyhighlyinfo-file.info/FWWufu6m_hbhu4dGy2aFQSyNmhVwprJg2nD7NDOLE7g?clck=5x9d8bisf8m8ddkifm144wckc,16575835,5,8670&sid=8670
https://adz-skip.net/addon.php?ah=bgcnMIEge8wl5&aq=LQ98FS40E9&l1=1&ao=54395_cFjo&ak=meF1Mi7kcAYE07T4mDpLK6kzdK2FQIwo&aj=cn

9 KB
3 KB

242ms
74ms

Document
text/html

2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adz-skip.net/addon.php?ah=bgcnMIEge8wl5&aq=LQ98FS40E9&l1=1&ao=54395_cFjo&ak=meF1Mi7kcAYE07T4mDpLK6kzdK2FQIwo&aj=cn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37f120349c8555c1eb83cd5bf1aa5d98b75555276da3a9db1aa94cc61e304219

Request headers

Referer: https://1264178c7370.traffic247links.com/?p=8670&media_type=mainstream&click_id=&token=fab414f3595f096b82a8fc47
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77a79e6dc98bb794-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 16 Dec 2022 13:03:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVIc%2Fesxz1%2F9IzkV3FJ1fVwQX207pyFcO9JE59gXHFJisxWL8p%2BKkH2LMAVZMxfpvi1O9Cs%2F8WO2LC1jJi4qCKq00twyd46BOO%2F9kYMwptq5%2FgltoxhFNL9RbpvD5yBHsim7ivNYPH5ju2s%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 142
Content-Type: text/html
Date: Fri, 16 Dec 2022 13:03:23 GMT
Location: https://adz-skip.net/addon.php?ah=bgcnMIEge8wl5&aq=LQ98FS40E9&l1=1&ao=54395_cFjo&ak=meF1Mi7kcAYE07T4mDpLK6kzdK2FQIwo&aj=cn
Server: nginx

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 186ms
69ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: adz-skip.net
URL: https://adz-skip.net/addon.php?ah=bgcnMIEge8wl5&aq=LQ98FS40E9&l1=1&ao=54395_cFjo&ak=meF1Mi7kcAYE07T4mDpLK6kzdK2FQIwo&aj=cn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://adz-skip.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Dec 2022 13:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 11:35:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Dec 2022 13:03:24 GMT

GET empty.jpg
cpljgiahieggmkgneoongakhhgmcjmhb/assets/ 0
0

GET
H2 200 a.php Show response
trk023.com/ Frame AC8F 96 B
1 KB 255ms
133ms Document
text/html 2606:4700:3034::ac43:a829
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk023.com/a.php?id=0055&e=LQ98FS40E9&c=bgcnMIEge8wl5&r=cn&cid=meF1Mi7kcAYE07T4mDpLK6kzdK2FQIwo&z=54395_cFjo&v=2&dr=https%3A%2F%2F1264178c7370.traffic247links.com%2F&inw=1600&inh=1200
Requested by: Host: adz-skip.net
URL: https://adz-skip.net/addon.php?ah=bgcnMIEge8wl5&aq=LQ98FS40E9&l1=1&ao=54395_cFjo&ak=meF1Mi7kcAYE07T4mDpLK6kzdK2FQIwo&aj=cn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a829 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6

Request headers

Referer: https://adz-skip.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77a79e6f2e0d915c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 16 Dec 2022 13:03:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6p0aezQjF8M6CBJfreyuK%2F2XIGpgA8HefbTXd0BCDCNvBp3vcKHQXuHiMDZqGr5hvZ9KzPQbb9BDW6gbTrBL5ZictzP7PzqSsBvIFTD%2FriY6v08J4cLXLvNjPONxfN3AbgG9Jt6fdo%2F"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 k.php Show response
skiptheadz.com/ Frame A592 0
570 B 547ms
65ms Document
text/html 2606:4700:3037::6815:5395
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://skiptheadz.com/k.php
Requested by: Host: adz-skip.net
URL: https://adz-skip.net/addon.php?ah=bgcnMIEge8wl5&aq=LQ98FS40E9&l1=1&ao=54395_cFjo&ak=meF1Mi7kcAYE07T4mDpLK6kzdK2FQIwo&aj=cn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5395 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://adz-skip.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77a79e7179a89bf2-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 16 Dec 2022 13:03:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPQWx%2BFLsDb%2B%2FlM9rV3aNsUAktp5MK82ZN4lODSMA%2BqBSMJeWL9CdIeVn89%2FmPQL7tex9LOQW%2F2n7id7R%2FIiK%2BEku4wo6ohP1%2Fmjn0I%2FH76BKBqSH8r9f23DJ3bdAaC9FLQEe2u%2FZaUXSiWmgg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 190ms
59ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://adz-skip.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 332312
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 205ms
73ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://adz-skip.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 62469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 19:42:15 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cpljgiahieggmkgneoongakhhgmcjmhb
URL: chrome-extension://cpljgiahieggmkgneoongakhhgmcjmhb/assets/empty.jpg

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pop.ex4ads.xyz/	1970-01-20 16:58:51	Name: u Value: 07036ea818220c61d458ae4e2502a85d
.bl-easycdn.com/	1970-01-20 16:58:51	Name: checkkeks Value: 1
.bl-easycdn.com/	1970-01-20 08:14:42	Name: eTag Value: 4a654e1755f68b2950aa4b699497ec60
.bl-easycdn.com/	1970-01-20 16:58:51	Name: ck_uniques Value: 1671282200%3A24589-115227
.bl-easycdn.com/	1970-01-20 16:58:51	Name: ck_uniquesPa Value: 1671282200%3A89322
.bl-easycdn.com/	1970-01-20 08:14:42	Name: ck_sys_uniques_3 Value: 1
.bl-easycdn.com/	1970-01-20 08:14:42	Name: u_current_ads_view Value: 89322----
zring.jukminung.com/	1970-01-20 08:23:20	Name: AWSALB Value: 13qMge8n04LH/aX7Zcc3lodFwkqMgjdW1+83LS6pUOkKqJkp4lVq7ul9AYN5M4w5yAYJPqpsdCBmPeY4oJIWmNSAxn8DNMYkbQmy7UmsBOhcrNDDfLAMTM2Pk6sn
.jukminung.com/	1970-01-20 08:13:17	Name: __cf_bm Value: lbJY.Dtd2snjLBbsHhjsub0bun1OqiXyLUIHBo4P0A8-1671195802-0-AT7UShbu6p+/PlmCA5H/AHO3y3G0ncs5NDJIG+Tq9I8W9zIVcoBa+Tm4XJ55sMqGZnn42d0Oco8LMyeAOXmv+ayKjPfwMOuBWh3yaExoOl8sEg/aWm6kKDwX1fVOFvpO32060fNa6E4W5q1bfdtjQPM=
go.doblevialatam.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: dr1kbb7sp9qitj66rn0fg41tnk
.1264178c7370.traffic247links.com/	1970-01-20 08:13:16	Name: rts-trck Value: 1
.traffic247links.com/	1970-01-20 17:49:15	Name: t-uuid Value: 5x9d8bisp4nfur3zzd06cksk0
.traffic247links.com/	1970-01-20 08:13:15	Name: traffic-back Value: ok
setupspeedyhighlyinfo-file.info/	1969-12-31 23:59:59	Name: session Value: meF1Mi7kcAYE07T4mDpLK6kzdK2FQIwo
.trk023.com/	1970-01-20 17:49:15	Name: c0055 Value: 99
.trk023.com/	1970-01-20 17:49:15	Name: r0055 Value: cn
.trk023.com/	1970-01-20 17:49:15	Name: cid0055 Value: meF1Mi7kcAYE07T4mDpLK6kzdK2FQIwo
.trk023.com/	1970-01-20 17:49:15	Name: z0055 Value: 54395_cFjo
.trk023.com/	1970-01-20 17:49:15	Name: v005599 Value: %7B%222%22%3A1%7D
.trk023.com/	1970-01-20 17:49:15	Name: e0055 Value: LQ98FS40E9
.trk023.com/	1970-01-20 16:58:51	Name: _asd Value: 16711958047789179

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://adz-skip.net/addon.php?ah=bgcnMIEge8wl5&aq=LQ98FS40E9&l1=1&ao=54395_cFjo&ak=meF1Mi7kcAYE07T4mDpLK6kzdK2FQIwo&aj=cn(Line 262) Message: Access to XMLHttpRequest at 'chrome-extension://cpljgiahieggmkgneoongakhhgmcjmhb/assets/empty.jpg' from origin 'https://adz-skip.net' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network	error	URL: chrome-extension://cpljgiahieggmkgneoongakhhgmcjmhb/assets/empty.jpg Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1264178c7370.traffic247links.com
adz-skip.net
brko.admobe.com
cdn.addlnk.com
cpljgiahieggmkgneoongakhhgmcjmhb
fonts.googleapis.com
fonts.gstatic.com
go.doblevialatam.com
mido.ex4ads.xyz
pop.ex4ads.xyz
setupspeedyhighlyinfo-file.info
skiptheadz.com
social-logins.com
t.bl-easycdn.com
trk023.com
www.turbotrck.art
zring.jukminung.com
cpljgiahieggmkgneoongakhhgmcjmhb
107.20.106.95
162.242.198.222
199.188.200.94
216.104.36.157
2606:4700:3030::6815:4a8d
2606:4700:3031::ac43:92ee
2606:4700:3034::ac43:a829
2606:4700:3037::6815:5395
2a00:1450:4001:828::2003
2a00:1450:400d:807::200a
2a06:98c1:3120::3
2a06:98c1:3120::c
3.226.146.143
51.68.85.158
94.237.103.119
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
182827b2e3634ade7358b0aa05d562f4abaade3586bddac74473a20ee8a08147
37f120349c8555c1eb83cd5bf1aa5d98b75555276da3a9db1aa94cc61e304219
536f62a59a679dc288d43e47967f80c152d62c86cb31a5a941e034b867203fe5
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
8d5f7d977f9b96d4f7abe30653ea52b3406938d5175ebb743bf839beab7f59f6
9ccf1a41918ff14835dc492ff74cfcd1d75b3f485bf1ce33d7be8750cb9e5ea3
d62845b9f5f0e145be59209d9c274e12741c8c46cc855510a7dbba4eb86a2d17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

adz-skip.net Open in urlscan Pro 2a06:98c1:3120::c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

94 %HTTPS

53 %IPv6

16 Domains

17 Subdomains

12 IPs

5 Countries

91 kBTransfer

153 kBSize

21 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

21 Cookies

2 Console Messages

Security Headers

Indicators

adz-skip.net Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

94 %
HTTPS

53 %
IPv6

16
Domains

17
Subdomains

12
IPs

5
Countries

91 kB
Transfer

153 kB
Size

21
Cookies

18 HTTP transactions
0 data transactions