zm3.shop Open in urlscan Pro
195.245.113.130 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tracking.ptrack.shop/go/1ef59b4c-5b13-66e4-825a-265c7b50c63a?click_id=%7Bconversions_tracking%7D&cost=%7Bactual_cost%...
Effective URL:
https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
Submission: On August 18 via api (August 18th 2024, 5:56:27 pm UTC) from US — Scanned from DE

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 4 countries across 5 domains to perform 20 HTTP transactions. The main IP is 195.245.113.130, located in Dronten, Netherlands and belongs to ITLDC-EU, US. The main domain is zm3.shop.
TLS certificate: Issued by R10 on June 21st 2024. Valid for: 3 months.

This is the only time zm3.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.248.98.182 52.248.98.182	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
16	195.245.113.130 195.245.113.130	21100 (ITLDC-EU) (ITLDC-EU)
1	104.21.39.40 104.21.39.40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.20.211 104.21.20.211	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
20	4

1 52.248.98.182 (San Antonio, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tracking.ptrack.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 195.245.113.130 (Dronten, Netherlands)

ASN21100 (ITLDC-EU, US)
PTR: shsn681.vds

zm3.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.39.40 (None, )

ASN13335 (CLOUDFLARENET, US)

js.nextpsh.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.20.211 (None, )

ASN13335 (CLOUDFLARENET, US)

nxt-psh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	zm3.shop zm3.shop	622 KB
2	gstatic.com www.gstatic.com	19 KB
1	nxt-psh.com nxt-psh.com — Cisco Umbrella Rank: 113403	862 B
1	nextpsh.top js.nextpsh.top	14 KB
1	ptrack.shop 1 redirects tracking.ptrack.shop	893 B
20	5

	Domain	Requested by
16	zm3.shop	zm3.shop
2	www.gstatic.com	js.nextpsh.top
1	nxt-psh.com	js.nextpsh.top
1	js.nextpsh.top	zm3.shop
1	tracking.ptrack.shop	1 redirects
20	5

This site contains no links.

Subject Issuer	Validity	Valid
zm3.shop R10	`2024-06-21` - `2024-09-19`	3 months	crt.sh
nextpsh.top WE1	`2024-07-25` - `2024-10-23`	3 months	crt.sh
nxt-psh.com WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
Frame ID: C6338B7A71E815E7019B19DA6D5E304D
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hitman Erection - المنتج رقم 1 في العالم لزيادة حجم القضيب

Page URL History Show full URLs

http://tracking.ptrack.shop/go/1ef59b4c-5b13-66e4-825a-265c7b50c63a?click_id=%7Bconversions_tracking%7D&... HTTP 307
https://tracking.ptrack.shop/go/1ef59b4c-5b13-66e4-825a-265c7b50c63a?click_id=%7Bconversions_tracking%7D&... HTTP 302
https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

4
IPs

4
Countries

656 kB
Transfer

920 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tracking.ptrack.shop/go/1ef59b4c-5b13-66e4-825a-265c7b50c63a?click_id=%7Bconversions_tracking%7D&cost=%7Bactual_cost%7D&campid=%7Bcampaign_id%7D&varid=%7Bvariation_id%7D&source=%7Bsrc_hostname%7D&keyword=%7Bkeyword%7D&tags=%7Btags%7D&siteid=%7Bsite_id%7D&zoneid=%7Bzone_id%7D&catid=%7Bcategory_id%7D&country=%7Bcountry%7D&format=%7Bformat%7D HTTP 307
https://tracking.ptrack.shop/go/1ef59b4c-5b13-66e4-825a-265c7b50c63a?click_id=%7Bconversions_tracking%7D&cost=%7Bactual_cost%7D&campid=%7Bcampaign_id%7D&varid=%7Bvariation_id%7D&source=%7Bsrc_hostname%7D&keyword=%7Bkeyword%7D&tags=%7Btags%7D&siteid=%7Bsite_id%7D&zoneid=%7Bzone_id%7D&catid=%7Bcategory_id%7D&country=%7Bcountry%7D&format=%7Bformat%7D HTTP 302
https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
zm3.shop/ly/herection2/
Redirect Chain

http://tracking.ptrack.shop/go/1ef59b4c-5b13-66e4-825a-265c7b50c63a?click_id=%7Bconversions_tracking%7D&cost=%7Bactual_cost%7D&campid=%7Bcampaign_id%7D&varid=%7Bvariation_id%7D&source=%7Bsrc_hostna...
https://tracking.ptrack.shop/go/1ef59b4c-5b13-66e4-825a-265c7b50c63a?click_id=%7Bconversions_tracking%7D&cost=%7Bactual_cost%7D&campid=%7Bcampaign_id%7D&varid=%7Bvariation_id%7D&source=%7Bsrc_hostn...
https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a

4 KB
2 KB

611ms
53ms

Document
text/html

195.245.113.130
ITLDC-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.245.113.130 Dronten, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS: shsn681.vds
Software: nginx/1.22.0 /
Resource Hash: 6e2128941a26c2a875895d1e0e4270843eba25ff8182746acbf7bf2fbb8065c2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1619
Content-Type: text/html; charset=UTF-8
Date: Sun, 18 Aug 2024 17:56:22 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.22.0
Vary: Accept-Encoding

Redirect headers

cache-control: max-age=0, must-revalidate, private
content-type: text/html; charset=UTF-8
date: Sun, 18 Aug 2024 17:56:21 GMT
expires: Sun, 18 Aug 2024 17:56:21 GMT
location: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
strict-transport-security: max-age=15724800; includeSubDomains
x-powered-by: PHP/8.1.8

GET
H/1.1 200
OK style.css
zm3.shop/ly/herection2/index_files/ 8 KB
3 KB 46ms
43ms Stylesheet
text/css 195.245.113.130
ITLDC-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://zm3.shop/ly/herection2/index_files/style.css
Requested by: Host: zm3.shop
URL: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.245.113.130 Dronten, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS: shsn681.vds
Software: nginx/1.22.0 /
Resource Hash: 5ace8fbfaad24b6f25c90c48daedfbbca69dd410aa95fbf3d8221732d6f6876e

Request headers

Referer: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 17:56:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2024 11:18:47 GMT
Server: nginx/1.22.0
ETag: W/"66b20697-2017"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK elements-handlers.min.js
zm3.shop/ly/herection2/index_files/ 35 KB
10 KB 94ms
43ms Stylesheet
application/javascript 195.245.113.130
ITLDC-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://zm3.shop/ly/herection2/index_files/elements-handlers.min.js
Requested by: Host: zm3.shop
URL: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.245.113.130 Dronten, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS: shsn681.vds
Software: nginx/1.22.0 /
Resource Hash: 60a6db28503da0b2c2f4e39da485b7649425cd481da5dee9ff33f6c68e9cb480

Request headers

Referer: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 17:56:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2024 11:18:41 GMT
Server: nginx/1.22.0
ETag: W/"66b20691-8b5a"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK jquery.min.js Show response
zm3.shop/ly/herection2/index_files/ 86 KB
35 KB 177ms
92ms Script
application/javascript 195.245.113.130
ITLDC-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://zm3.shop/ly/herection2/index_files/jquery.min.js
Requested by: Host: zm3.shop
URL: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.245.113.130 Dronten, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS: shsn681.vds
Software: nginx/1.22.0 /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 17:56:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2024 11:18:44 GMT
Server: nginx/1.22.0
ETag: W/"66b20694-15851"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK snippet.min.js Show response
zm3.shop/ly/herection2/index_files/ 12 KB
5 KB 133ms
47ms Script
application/javascript 195.245.113.130
ITLDC-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://zm3.shop/ly/herection2/index_files/snippet.min.js
Requested by: Host: zm3.shop
URL: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.245.113.130 Dronten, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS: shsn681.vds
Software: nginx/1.22.0 /
Resource Hash: bf9c5edf0cdec76a298ac41b2c283176b992d9b324d8bf0e9606cdd30242971e

Request headers

Referer: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 17:56:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2024 11:18:46 GMT
Server: nginx/1.22.0
ETag: W/"66b20696-2e26"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK lead.min.js Show response
zm3.shop/ly/herection2/index_files/ 48 KB
20 KB 176ms
91ms Script
application/javascript 195.245.113.130
ITLDC-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://zm3.shop/ly/herection2/index_files/lead.min.js
Requested by: Host: zm3.shop
URL: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.245.113.130 Dronten, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS: shsn681.vds
Software: nginx/1.22.0 /
Resource Hash: f6c40581cc89e15add0126d029f220cb0863665f9c09f315909842a8cb4a9108

Request headers

Referer: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 17:56:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2024 11:18:44 GMT
Server: nginx/1.22.0
ETag: W/"66b20694-bf09"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK popState.min.js Show response
zm3.shop/ly/herection2/index_files/ 44 KB
19 KB 174ms
89ms Script
application/javascript 195.245.113.130
ITLDC-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://zm3.shop/ly/herection2/index_files/popState.min.js
Requested by: Host: zm3.shop
URL: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.245.113.130 Dronten, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS: shsn681.vds
Software: nginx/1.22.0 /
Resource Hash: f03cd5578bb05ed3259c8c96e5344ed03b2f98763554fa3669c8511056a26abd

Request headers

Referer: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 17:56:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2024 11:18:45 GMT
Server: nginx/1.22.0
ETag: W/"66b20695-aecd"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
zm3.shop/ly/herection2/cpa_js/ 87 KB
36 KB 175ms
90ms Script
application/javascript 195.245.113.130
ITLDC-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://zm3.shop/ly/herection2/cpa_js/jquery-3.5.1.min.js
Requested by: Host: zm3.shop
URL: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.245.113.130 Dronten, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS: shsn681.vds
Software: nginx/1.22.0 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 17:56:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2024 11:18:49 GMT
Server: nginx/1.22.0
ETag: W/"66b20699-15d84"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK app.js Show response
zm3.shop/ly/herection2/cpa_js/ 4 KB
1 KB 138ms
43ms Script
application/javascript 195.245.113.130
ITLDC-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://zm3.shop/ly/herection2/cpa_js/app.js
Requested by: Host: zm3.shop
URL: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.245.113.130 Dronten, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS: shsn681.vds
Software: nginx/1.22.0 /
Resource Hash: 1a132205aacd62ef3d4928a112ed28754e2af17e868fd1fe41255859a3ca6793

Request headers

Referer: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 17:56:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2024 11:18:48 GMT
Server: nginx/1.22.0
ETag: W/"66b20698-10c1"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK dtime.js Show response
zm3.shop/ly/herection2/cpa_js/ 876 B
654 B 181ms
41ms Script
application/javascript 195.245.113.130
ITLDC-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://zm3.shop/ly/herection2/cpa_js/dtime.js
Requested by: Host: zm3.shop
URL: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.245.113.130 Dronten, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS: shsn681.vds
Software: nginx/1.22.0 /
Resource Hash: a4d9c31618da6a76eea9ce68fab1331f5c971c6ea63ff0f6947ad157be6ebfc9

Request headers

Referer: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 17:56:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2024 11:18:48 GMT
Server: nginx/1.22.0
ETag: W/"66b20698-36c"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H3 200 ps.js Show response
js.nextpsh.top/ps/ 35 KB
14 KB 138ms
73ms Script
application/javascript 104.21.39.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.nextpsh.top/ps/ps.js?id=Nehh1R5KJkSECxLQfmKb9Q
Requested by: Host: zm3.shop
URL: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.39.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f434ddd8501d5fae2460b39cf87a67630098e45a07dde6e7ee46170e9ad01fff

Request headers

Referer: https://zm3.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 17:56:22 GMT
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TF9eXmimphzk3CIlJqhRa2ZbOd8T3T7EphXHyDZ6ds7qF4dqJY11n5%2B5MWHmuuDD4E2llJKQ2JIJjPXESe86xpwWX56dkFZst4L0OqNIg%2FgIYcGVp0IbwmgYZx9lCFCLTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 8b53c7b8cd734da2-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK star1.png
zm3.shop/ly/herection2/index_files/ 27 KB
27 KB 88ms
87ms Image
image/png 195.245.113.130
ITLDC-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zm3.shop/ly/herection2/index_files/star1.png
Requested by: Host: zm3.shop
URL: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.245.113.130 Dronten, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS: shsn681.vds
Software: nginx/1.22.0 /
Resource Hash: ef4ae6b6b3ce515c05697a8974a641e040adb8bcf1cd8f3b18ae10885692aa35

Request headers

Referer: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 17:56:22 GMT
Last-Modified: Tue, 06 Aug 2024 11:18:47 GMT
Server: nginx/1.22.0
ETag: "66b20697-6afa"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27386

GET
H/1.1 200
OK gif.gif
zm3.shop/ly/herection2/index_files/ 356 KB
356 KB 46ms
46ms Image
image/gif 195.245.113.130
ITLDC-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zm3.shop/ly/herection2/index_files/gif.gif
Requested by: Host: zm3.shop
URL: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.245.113.130 Dronten, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS: shsn681.vds
Software: nginx/1.22.0 /
Resource Hash: ce72fff9b803a21c1a27cf7cf6bc20c7e0bdc8245f078f4d1e374f142540daa0

Request headers

Referer: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 17:56:22 GMT
Last-Modified: Tue, 06 Aug 2024 11:18:43 GMT
Server: nginx/1.22.0
ETag: "66b20693-590b6"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 364726

GET
H/1.1 200
OK prod.png
zm3.shop/ly/herection2/index_files/ 66 KB
66 KB 46ms
45ms Image
image/png 195.245.113.130
ITLDC-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zm3.shop/ly/herection2/index_files/prod.png
Requested by: Host: zm3.shop
URL: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.245.113.130 Dronten, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS: shsn681.vds
Software: nginx/1.22.0 /
Resource Hash: 4070309bf979e4ce0b922f3ce7e62af855e9694250f348f6635b4b315b87c9f1

Request headers

Referer: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 17:56:22 GMT
Last-Modified: Tue, 06 Aug 2024 11:18:46 GMT
Server: nginx/1.22.0
ETag: "66b20696-10711"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67345

GET
H/1.1 200
OK post.jpg
zm3.shop/ly/herection2/index_files/ 41 KB
41 KB 46ms
45ms Image
image/jpeg 195.245.113.130
ITLDC-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zm3.shop/ly/herection2/index_files/post.jpg
Requested by: Host: zm3.shop
URL: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.245.113.130 Dronten, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS: shsn681.vds
Software: nginx/1.22.0 /
Resource Hash: 2feba0cc2b17db15424e5f253f8b6d1355daa4fbc917c451998705a1bc3c899b

Request headers

Referer: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 17:56:22 GMT
Last-Modified: Tue, 06 Aug 2024 11:18:46 GMT
Server: nginx/1.22.0
ETag: "66b20696-a2c3"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41667

GET
H/1.1 200
OK main.js Show response
zm3.shop/ly/herection2/index_files/ 943 B
691 B 46ms
45ms Script
application/javascript 195.245.113.130
ITLDC-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://zm3.shop/ly/herection2/index_files/main.js
Requested by: Host: zm3.shop
URL: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.245.113.130 Dronten, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS: shsn681.vds
Software: nginx/1.22.0 /
Resource Hash: e479d2fc929c3929e74bde53ff3bf52a55b0a302c9a5a5e239ce5c648761997b

Request headers

Referer: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 17:56:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2024 11:18:44 GMT
Server: nginx/1.22.0
ETag: W/"66b20694-3af"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H3 200 config.js Show response
nxt-psh.com/ps/ 356 B
862 B 161ms
81ms Script
application/javascript 104.21.20.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nxt-psh.com/ps/config.js?id=Nehh1R5KJkSECxLQfmKb9Q
Requested by: Host: js.nextpsh.top
URL: https://js.nextpsh.top/ps/ps.js?id=Nehh1R5KJkSECxLQfmKb9Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.20.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e84ab1f554da259f050609799989b36b79d3508ee5e869f8e42e300bb800272

Request headers

Referer: https://zm3.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 17:56:22 GMT
content-encoding: gzip
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ThKQUPwekY0ImzGjrjYuSrEwPEeqtTSvtNbzkJJh%2FMPturUjY3xG9tONZ71SVFXtnRB3MynKOXbe5WaRW0eR8ga7hr6vh9mEo2NRONn8W36xHc%2BwQ9njobmDpDbyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 8b53c7ba4d9c9bfb-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 firebase-app-compat.js Show response
www.gstatic.com/firebasejs/10.3.1/ 28 KB
10 KB 154ms
46ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js

Requested by

Host: js.nextpsh.top
URL: https://js.nextpsh.top/ps/ps.js?id=Nehh1R5KJkSECxLQfmKb9Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zm3.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 445702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9308
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Aug 2025 14:08:00 GMT

GET
H2 200 firebase-messaging-compat.js Show response
www.gstatic.com/firebasejs/10.3.1/ 37 KB
10 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

Requested by

Host: js.nextpsh.top
URL: https://js.nextpsh.top/ps/ps.js?id=Nehh1R5KJkSECxLQfmKb9Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zm3.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:07:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 445752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9934
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Aug 2025 14:07:11 GMT

GET
H/1.1 404
Not Found favicon.ico
zm3.shop/ 271 B
445 B 50ms
48ms Other
text/html 195.245.113.130
ITLDC-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://zm3.shop/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.245.113.130 Dronten, Netherlands, ASN21100 (ITLDC-EU, US),
Reverse DNS: shsn681.vds
Software: nginx/1.22.0 /
Resource Hash: 332b8f46ed152168c66d90fe8e63a17e8b492d430dad1af4b7589a59d8810150

Request headers

Referer: https://zm3.shop/ly/herection2/?sub_id_4=1ef5d8b2-d710-69f6-bc10-265c7b50c63a
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 17:56:23 GMT
Content-Encoding: gzip
Server: nginx/1.22.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tracking.ptrack.shop/	1969-12-31 23:59:59	Name: PHPSESSID Value: ec36e72cc52beb5a2209e21539929fe8
zm3.shop/	1969-12-31 23:59:59	Name: SESID Value: 9bm0b0fnid14cs83qdocrgut97
js.nextpsh.top/	1970-01-21 08:29:23	Name: __psu Value: a51eda31-9fc0-4e08-accb-4a3bf6f23721
nxt-psh.com/	1970-01-21 08:29:23	Name: __psu Value: 91893cd7-1529-4615-8aa6-e676ec543a57

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
network	error	URL: https://zm3.shop/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

js.nextpsh.top
nxt-psh.com
tracking.ptrack.shop
www.gstatic.com
zm3.shop
104.21.20.211
104.21.39.40
195.245.113.130
2a00:1450:4001:82f::2003
52.248.98.182
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1a132205aacd62ef3d4928a112ed28754e2af17e868fd1fe41255859a3ca6793
1e84ab1f554da259f050609799989b36b79d3508ee5e869f8e42e300bb800272
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
2feba0cc2b17db15424e5f253f8b6d1355daa4fbc917c451998705a1bc3c899b
332b8f46ed152168c66d90fe8e63a17e8b492d430dad1af4b7589a59d8810150
4070309bf979e4ce0b922f3ce7e62af855e9694250f348f6635b4b315b87c9f1
5ace8fbfaad24b6f25c90c48daedfbbca69dd410aa95fbf3d8221732d6f6876e
60a6db28503da0b2c2f4e39da485b7649425cd481da5dee9ff33f6c68e9cb480
6e2128941a26c2a875895d1e0e4270843eba25ff8182746acbf7bf2fbb8065c2
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
a4d9c31618da6a76eea9ce68fab1331f5c971c6ea63ff0f6947ad157be6ebfc9
bf9c5edf0cdec76a298ac41b2c283176b992d9b324d8bf0e9606cdd30242971e
ce72fff9b803a21c1a27cf7cf6bc20c7e0bdc8245f078f4d1e374f142540daa0
e479d2fc929c3929e74bde53ff3bf52a55b0a302c9a5a5e239ce5c648761997b
ef4ae6b6b3ce515c05697a8974a641e040adb8bcf1cd8f3b18ae10885692aa35
f03cd5578bb05ed3259c8c96e5344ed03b2f98763554fa3669c8511056a26abd
f434ddd8501d5fae2460b39cf87a67630098e45a07dde6e7ee46170e9ad01fff
f6c40581cc89e15add0126d029f220cb0863665f9c09f315909842a8cb4a9108
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

zm3.shop Open in urlscan Pro 195.245.113.130 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

20 %IPv6

5 Domains

5 Subdomains

4 IPs

4 Countries

656 kBTransfer

920 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

4 Cookies

2 Console Messages

Indicators

zm3.shop Open in urlscan Pro
195.245.113.130 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

4
IPs

4
Countries

656 kB
Transfer

920 kB
Size

4
Cookies

20 HTTP transactions
0 data transactions