hal9000.redintelligence.net
Open in
urlscan Pro
136.243.49.88
Public Scan
Effective URL: https://hal9000.redintelligence.net/retarget?a=29767&version=1&redirected=1
Submission: On May 03 via manual from GR
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 22nd 2019. Valid for: a year.
This is the only time hal9000.redintelligence.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 136.243.54.220 136.243.54.220 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 136.243.49.88 136.243.49.88 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 6 | 2.18.233.201 2.18.233.201 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 3 | 37.157.6.247 37.157.6.247 | 198622 (ADFORM) (ADFORM) | |
1 2 | 216.58.206.6 216.58.206.6 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
8 | 4 |
ASN24940 (HETZNER-AS, DE)
PTR: static.220.54.243.136.clients.your-server.de
hal9000.redintelligence.net |
ASN24940 (HETZNER-AS, DE)
PTR: static.88.49.243.136.clients.your-server.de
hal9000.redintelligence.net |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f6.1e100.net
5994599.fls.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
mathtag.com
2 redirects
pixel.mathtag.com |
4 KB |
3 |
adform.net
1 redirects
track.adform.net |
31 KB |
2 |
doubleclick.net
1 redirects
5994599.fls.doubleclick.net |
635 B |
2 |
redintelligence.net
1 redirects
hal9000.redintelligence.net |
2 KB |
8 | 4 |
Domain | Requested by | |
---|---|---|
6 | pixel.mathtag.com |
2 redirects
hal9000.redintelligence.net
|
3 | track.adform.net |
1 redirects
hal9000.redintelligence.net
|
2 | 5994599.fls.doubleclick.net |
1 redirects
hal9000.redintelligence.net
|
2 | hal9000.redintelligence.net | 1 redirects |
8 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.redintelligence.net Go Daddy Secure Certificate Authority - G2 |
2019-03-22 - 2020-03-22 |
a year | crt.sh |
pixel.mathtag.com DigiCert SHA2 Secure Server CA |
2019-01-25 - 2020-04-25 |
a year | crt.sh |
track.adform.net DigiCert SHA2 Secure Server CA |
2018-02-02 - 2019-10-02 |
2 years | crt.sh |
*.doubleclick.net Google Internet Authority G3 |
2019-04-16 - 2019-07-09 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://hal9000.redintelligence.net/retarget?a=29767&version=1&redirected=1
Frame ID: AF5CFCDE7B2C276D44DC6CA9B4E49C8E
Requests: 7 HTTP requests in this frame
Frame:
https://5994599.fls.doubleclick.net/activityi;dc_pre=CN6Djr2C_-ECFRi-dwodS54Ldg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5925079133793.6045
Frame ID: BA68B4D63C437F5579B0D36FCDF2D3C2
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://hal9000.redintelligence.net/retarget?a=29767&version=1
HTTP 302
https://hal9000.redintelligence.net/retarget?a=29767&version=1&redirected=1 Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://hal9000.redintelligence.net/retarget?a=29767&version=1
HTTP 302
https://hal9000.redintelligence.net/retarget?a=29767&version=1&redirected=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://pixel.mathtag.com/event/js?mt_id=1393997&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1 HTTP 302
- https://pixel.mathtag.com/event/js?mt_id=1393997&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1&mm_bnc&mm_bct
- https://pixel.mathtag.com/event/js?mt_id=1406315&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1 HTTP 302
- https://pixel.mathtag.com/event/js?mt_id=1406315&mt_adid=216536&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1&mm_bnc&mm_bct
- https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5925079133793.6045 HTTP 302
- https://5994599.fls.doubleclick.net/activityi;dc_pre=CN6Djr2C_-ECFRi-dwodS54Ldg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5925079133793.6045
- https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=703794818218&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D29767%26version%3D1%26redirected%3D1 HTTP 302
- https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=703794818218&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D29767%26version%3D1%26redirected%3D1
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
retarget
hal9000.redintelligence.net/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js
pixel.mathtag.com/event/ Redirect Chain
|
597 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js
pixel.mathtag.com/event/ Redirect Chain
|
597 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
track.adform.net/serving/scripts/trackpoint/async/ |
76 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CN6Djr2C_-ECFRi-dwodS54Ldg;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5925079133793.6045
5994599.fls.doubleclick.net/ Frame BA68 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img
pixel.mathtag.com/misc/ |
43 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
track.adform.net/Serving/TrackPoint/ Redirect Chain
|
111 B 598 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img
pixel.mathtag.com/misc/ |
43 B 588 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| _adftrack string| axel number| a function| metric object| Adform object| KJUR object| adf2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.doubleclick.net/ | Name: IDE Value: AHWqTUlllx4IlrePT6-52dgSxZaswxesAqlDWUE2PPYU_rABzmGv5OU6Npc7TgDk |
|
.redintelligence.net/ | Name: 8lcfmzhxc8d6_uid Value: 9176a2bb09f82d34 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
5994599.fls.doubleclick.net
hal9000.redintelligence.net
pixel.mathtag.com
track.adform.net
136.243.49.88
136.243.54.220
2.18.233.201
216.58.206.6
37.157.6.247
3cf964d3c3eb85e761b0e6fe19253c2369792d81f7ee1d1dae5b2ed7ebbb4837
6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5
a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b