www.imcoverd.com Open in urlscan Pro
54.235.212.68 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.imcoverd.com/wsecu
Submission Tags: falconsandbox
Submission: On November 30 via api (November 30th 2022, 6:45:08 pm UTC) from US — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 13 HTTP transactions. The main IP is 54.235.212.68, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.imcoverd.com.

This is the only time www.imcoverd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	54.235.212.68 54.235.212.68	14618 (AMAZON-AES) (AMAZON-AES)
1 1	103.224.182.251 103.224.182.251	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
3	75.2.11.242 75.2.11.242	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	185.53.178.30 185.53.178.30	() ()
2	2600:9000:211... 2600:9000:211e:5400:1d:4618:5c80:21	() ()
13	6

1 54.235.212.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-212-68.compute-1.amazonaws.com

www.imcoverd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.224.182.251 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-251.above.com

cpmstatsart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 75.2.11.242 (United States)

ASN16509 (AMAZON-02, US)
PTR: a31044b74f51d4d31.awsglobalaccelerator.com

ww38.cpmstatsart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.53.178.30 (None, )

ASN- ()

c.parkingcrew.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:5400:1d:4618:5c80:21 (None, )

ASN- ()

d38psrni17bvxu.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	cpmstatsart.com 1 redirects cpmstatsart.com ww38.cpmstatsart.com	8 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	109 KB
2	cloudfront.net d38psrni17bvxu.cloudfront.net	11 KB
1	parkingcrew.net c.parkingcrew.net	1005 B
1	imcoverd.com www.imcoverd.com	1 KB
0	googleusercontent.com Failed afs.googleusercontent.com Failed
13	6

	Domain	Requested by
3	www.google.com	ww38.cpmstatsart.com www.google.com
3	ww38.cpmstatsart.com	www.imcoverd.com d38psrni17bvxu.cloudfront.net ww38.cpmstatsart.com
2	d38psrni17bvxu.cloudfront.net	ww38.cpmstatsart.com
1	c.parkingcrew.net	ww38.cpmstatsart.com
1	cpmstatsart.com	1 redirects
1	www.imcoverd.com
0	afs.googleusercontent.com Failed	www.google.com
13	7

This site contains no links.

Subject Issuer	Validity	Valid
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 3 frames:

Primary Page: http://www.imcoverd.com/wsecu
Frame ID: F89B7E8738F59F7696654ED0947A5323
Requests: 1 HTTP requests in this frame

Frame: http://ww38.cpmstatsart.com/mnz/v1?placement=d52af548-a561-11e7-9ab5-02c1c5ed83e8&source=134&subid1=20221201-0545-071a-8b73-986085a526c5
Frame ID: A6061E994BFF1376128287E462E7D1F5
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket011&client=dp-teaminternet09_3ph&r=m&sc_status=0&hl=de&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2512606374143008&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r1%7Cs&nocache=9991669833908372&num=0&output=afd_ads&domain_name=ww38.cpmstatsart.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1669833908373&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1&ish=1&psw=1&psh=498&frm=2&cl=488417025&uio=--&cont=tc&jsid=caf&jsv=488417025&rurl=http%3A%2F%2Fww38.cpmstatsart.com%2Fmnz%2Fv1%3Fplacement%3Dd52af548-a561-11e7-9ab5-02c1c5ed83e8%26source%3D134%26subid1%3D20221201-0545-071a-8b73-986085a526c5&adbw=master-1%3A0
Frame ID: 33A4C1688647AD5B327C3DE34CC2895C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

13
Requests

15 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

130 kB
Transfer

318 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://cpmstatsart.com/mnz/v1?placement=d52af548-a561-11e7-9ab5-02c1c5ed83e8&source=134 HTTP 302
http://ww38.cpmstatsart.com/mnz/v1?placement=d52af548-a561-11e7-9ab5-02c1c5ed83e8&source=134&subid1=20221201-0545-071a-8b73-986085a526c5

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request wsecu Show response
www.imcoverd.com/ 840 B
1 KB 1635ms
110ms Document
text/html 54.235.212.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://www.imcoverd.com/wsecu
Protocol: HTTP/1.1
Server: 54.235.212.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-212-68.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0bd02386654cd06160a60762af5258fce307e59d300ff1752767f25295ea7608

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 30 Nov 2022 18:45:04 GMT
Expires: Mon, 31 Dec 2001 23:59:59 GMT
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1

200
OK

v1 Show response
ww38.cpmstatsart.com/mnz/ Frame A606
Redirect Chain

http://cpmstatsart.com/mnz/v1?placement=d52af548-a561-11e7-9ab5-02c1c5ed83e8&source=134
http://ww38.cpmstatsart.com/mnz/v1?placement=d52af548-a561-11e7-9ab5-02c1c5ed83e8&source=134&subid1=20221201-0545-071a-8b73-986085a526c5

13 KB
7 KB

752ms
159ms

Document
text/html

75.2.11.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww38.cpmstatsart.com/mnz/v1?placement=d52af548-a561-11e7-9ab5-02c1c5ed83e8&source=134&subid1=20221201-0545-071a-8b73-986085a526c5
Requested by: Host: www.imcoverd.com
URL: http://www.imcoverd.com/wsecu
Protocol: HTTP/1.1
Server: 75.2.11.242 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a31044b74f51d4d31.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 8d72f467b96610bf6537b159f4eb336cd68c72de7a9e527c13005ebbe6e58fe1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-CH: viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime: 30
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 30 Nov 2022 18:45:08 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Zsu+L6Xj7celQgOUa5LmEVLgz7C9zQ3EmR/SsNQMjH0NxjK8v++MQI0VHs2XK9iukm9nYoQsbPjK8p64Z0X/Rw==
X-Buckets: bucket011
X-Language: german
X-Template: tpl_CleanPeppermintBlack_twoclick

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 30 Nov 2022 18:45:07 GMT
Location: http://ww38.cpmstatsart.com/mnz/v1?placement=d52af548-a561-11e7-9ab5-02c1c5ed83e8&source=134&subid1=20221201-0545-071a-8b73-986085a526c5
Server: Apache/2.4.38 (Debian)

GET
H/1.1 200
OK caf.js Show response
www.google.com/adsense/domains/ Frame A606 144 KB
53 KB 22ms
16ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/adsense/domains/caf.js

Requested by

Host: ww38.cpmstatsart.com
URL: http://ww38.cpmstatsart.com/mnz/v1?placement=d52af548-a561-11e7-9ab5-02c1c5ed83e8&source=134&subid1=20221201-0545-071a-8b73-986085a526c5

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47bb2ce5f9670fa4b98955e60e2e1cea01cea3d8806bf809d029a6759455b23d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ww38.cpmstatsart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 18:45:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "4818219838129849631"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Accept-Ranges: bytes
Expires: Wed, 30 Nov 2022 18:45:08 GMT

GET
H/1.1 200
OK sale_form.js Show response
c.parkingcrew.net/scripts/ Frame A606 761 B
1005 B 44ms
24ms Script
application/javascript 185.53.178.30

General

Check archive.org

Show headers Download Go to

Full URL: http://c.parkingcrew.net/scripts/sale_form.js
Requested by: Host: ww38.cpmstatsart.com
URL: http://ww38.cpmstatsart.com/mnz/v1?placement=d52af548-a561-11e7-9ab5-02c1c5ed83e8&source=134&subid1=20221201-0545-071a-8b73-986085a526c5
Protocol: HTTP/1.1
Server: 185.53.178.30 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ww38.cpmstatsart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 18:45:08 GMT
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Server: nginx
ETag: "5ebab1f0-2f9"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 761

GET
H/1.1 200
OK maincaf.js Show response
d38psrni17bvxu.cloudfront.net/scripts/ Frame A606 7 KB
7 KB 41ms
6ms Script
application/javascript 2600:9000:211e:5400:1d:4618:5c80:21

General

Check archive.org

Show headers Download Go to

Full URL: http://d38psrni17bvxu.cloudfront.net/scripts/maincaf.js
Requested by: Host: ww38.cpmstatsart.com
URL: http://ww38.cpmstatsart.com/mnz/v1?placement=d52af548-a561-11e7-9ab5-02c1c5ed83e8&source=134&subid1=20221201-0545-071a-8b73-986085a526c5
Protocol: HTTP/1.1
Server: 2600:9000:211e:5400:1d:4618:5c80:21 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 0e32bca6b67dfdeed3f9b988ddcec1adf0502549a130a78c4ace64c318a7ea29

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ww38.cpmstatsart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 02:41:49 GMT
Via: 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
Last-Modified: Tue, 15 Nov 2022 15:10:24 GMT
Server: nginx
X-Amz-Cf-Pop: FRA56-C2
Age: 57799
ETag: "6373abe0-1b5e"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7006
X-Amz-Cf-Id: PrQlmbds8oN6UANJneLgdEwkW9iMKOHEfDRWk3tRkl-CrXfho0xucA==

GET
H/1.1 200
OK track.php Show response
ww38.cpmstatsart.com/ Frame A606 0
608 B 123ms
122ms XHR
text/html 75.2.11.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww38.cpmstatsart.com/track.php?domain=cpmstatsart.com&toggle=browserjs&uid=MTY2OTgzMzkwOC4xMzc3OjllOTE3MzNiMGRmMDg3MDU3YWZiMGMyYzk3ZDE2YmRkZjkzN2NjMTNiYzEzZjk2NTM3MDgwNmY4ZWJiNmQ0YTU6NjM4N2E0YjQyMTlmNg%3D%3D
Requested by: Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/maincaf.js
Protocol: HTTP/1.1
Server: 75.2.11.242 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a31044b74f51d4d31.awsglobalaccelerator.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ww38.cpmstatsart.com/mnz/v1?placement=d52af548-a561-11e7-9ab5-02c1c5ed83e8&source=134&subid1=20221201-0545-071a-8b73-986085a526c5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 18:45:08 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track: browserjs
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Accept-CH-Lifetime: 30
Connection: keep-alive

POST
H/1.1 201
Created ls.php Show response
ww38.cpmstatsart.com/ Frame A606 0
911 B 125ms
125ms XHR
text/javascript 75.2.11.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww38.cpmstatsart.com/ls.php
Requested by: Host: ww38.cpmstatsart.com
URL: http://ww38.cpmstatsart.com/mnz/v1?placement=d52af548-a561-11e7-9ab5-02c1c5ed83e8&source=134&subid1=20221201-0545-071a-8b73-986085a526c5
Protocol: HTTP/1.1
Server: 75.2.11.242 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a31044b74f51d4d31.awsglobalaccelerator.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ww38.cpmstatsart.com/mnz/v1?placement=d52af548-a561-11e7-9ab5-02c1c5ed83e8&source=134&subid1=20221201-0545-071a-8b73-986085a526c5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 30 Nov 2022 18:45:08 GMT
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding: chunked
Accept-CH-Lifetime: 30
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: http://ww38.cpmstatsart.com
Access-Control-Allow-Methods: POST, OPTIONS
Charset: utf-8
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_ik9mK+BMsqLUnZuvzqZyGW62J66OaRkA10031Y3PDpSXI3bs0aP81Mv5UfblBdvuQkFJYKuV32snkREYbifQqA==
Connection: keep-alive
X-Log-Success: 6387a4b4b58aeb3ee70a49fc

GET
H/1.1 200
OK bottom.png
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/ Frame A606 3 KB
4 KB 6ms
6ms Image
image/png 2600:9000:211e:5400:1d:4618:5c80:21

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/bottom.png
Requested by: Host: ww38.cpmstatsart.com
URL: http://ww38.cpmstatsart.com/mnz/v1?placement=d52af548-a561-11e7-9ab5-02c1c5ed83e8&source=134&subid1=20221201-0545-071a-8b73-986085a526c5
Protocol: HTTP/1.1
Server: 2600:9000:211e:5400:1d:4618:5c80:21 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ee13da8e8d4bd49a7fdd595de382a3c7dbfef6f8555aeca5292c8c80da75f355

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ww38.cpmstatsart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 18:03:40 GMT
Via: 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
Server: nginx
X-Amz-Cf-Pop: FRA56-C2
Age: 2488
ETag: "62b4441b-d1f"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3359
X-Amz-Cf-Id: Thhq9XuFme7hHC-Uyq170HF25CXr-jJbswE9iMMCA6r3UbCqi4Nuag==

GET
H2 200 ads Show response
www.google.com/afs/ Frame 33A4 6 KB
3 KB 246ms
113ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket011&client=dp-teaminternet09_3ph&r=m&sc_status=0&hl=de&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2512606374143008&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r1%7Cs&nocache=9991669833908372&num=0&output=afd_ads&domain_name=ww38.cpmstatsart.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1669833908373&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1&ish=1&psw=1&psh=498&frm=2&cl=488417025&uio=--&cont=tc&jsid=caf&jsv=488417025&rurl=http%3A%2F%2Fww38.cpmstatsart.com%2Fmnz%2Fv1%3Fplacement%3Dd52af548-a561-11e7-9ab5-02c1c5ed83e8%26source%3D134%26subid1%3D20221201-0545-071a-8b73-986085a526c5&adbw=master-1%3A0

Requested by

Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

afaba2a93959c04e9d3942fe73917ab89426c84a42d2e563091684a6ce46affe

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://ww38.cpmstatsart.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 2086
content-type: text/html; charset=UTF-8
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
date: Wed, 30 Nov 2022 18:45:08 GMT
expires: Wed, 30 Nov 2022 18:45:08 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-xss-protection: 0

GET
H2 200 caf.js Show response
www.google.com/adsense/domains/ Frame 33A4 144 KB
53 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js?pac=0

Requested by

Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket011&client=dp-teaminternet09_3ph&r=m&sc_status=0&hl=de&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2512606374143008&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003&format=r1%7Cs&nocache=9991669833908372&num=0&output=afd_ads&domain_name=ww38.cpmstatsart.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1669833908373&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1&ish=1&psw=1&psh=498&frm=2&cl=488417025&uio=--&cont=tc&jsid=caf&jsv=488417025&rurl=http%3A%2F%2Fww38.cpmstatsart.com%2Fmnz%2Fv1%3Fplacement%3Dd52af548-a561-11e7-9ab5-02c1c5ed83e8%26source%3D134%26subid1%3D20221201-0545-071a-8b73-986085a526c5&adbw=master-1%3A0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1c44dea3b98adb8c68a1fe6e62bd1aec3953703ae6828e378dc27c1270bfe37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 18:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "14109559554599236104"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Wed, 30 Nov 2022 18:45:08 GMT

GET search.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 33A4 0
0

GET chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 33A4 0
0

GET track.php
ww38.cpmstatsart.com/ Frame A606 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: afs.googleusercontent.com
URL: https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff

Domain: afs.googleusercontent.com
URL: https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

Domain: ww38.cpmstatsart.com
URL: http://ww38.cpmstatsart.com/track.php?domain=cpmstatsart.com&caf=1&toggle=answercheck&answer=yes&uid=MTY2OTgzMzkwOC4xMzc3OjllOTE3MzNiMGRmMDg3MDU3YWZiMGMyYzk3ZDE2YmRkZjkzN2NjMTNiYzEzZjk2NTM3MDgwNmY4ZWJiNmQ0YTU6NjM4N2E0YjQyMTlmNg%3D%3D

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange number| z

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.imcoverd.com/	1970-01-20 08:33:45	Name: pql_geo Value: REV8R2VybWFueXxOb3JkcmhlaW4tV2VzdGZhbGVufE9iZXJoYXVzZW58fDUxLjQ2Njd8Ni44NXwwN3wyMDU4MHxNTTExfDE5My4yNy4%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://ww38.cpmstatsart.com/mnz/v1?placement=d52af548-a561-11e7-9ab5-02c1c5ed83e8&source=134&subid1=20221201-0545-071a-8b73-986085a526c5(Line 285) Message: Unsafe attempt to initiate navigation for frame with URL 'http://www.imcoverd.com/wsecu' from frame with URL 'http://ww38.cpmstatsart.com/mnz/v1?placement=d52af548-a561-11e7-9ab5-02c1c5ed83e8&source=134&subid1=20221201-0545-071a-8b73-986085a526c5'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afs.googleusercontent.com
c.parkingcrew.net
cpmstatsart.com
d38psrni17bvxu.cloudfront.net
ww38.cpmstatsart.com
www.google.com
www.imcoverd.com
afs.googleusercontent.com
ww38.cpmstatsart.com
103.224.182.251
185.53.178.30
2600:9000:211e:5400:1d:4618:5c80:21
2a00:1450:4001:806::2004
54.235.212.68
75.2.11.242
0bd02386654cd06160a60762af5258fce307e59d300ff1752767f25295ea7608
0e32bca6b67dfdeed3f9b988ddcec1adf0502549a130a78c4ace64c318a7ea29
47bb2ce5f9670fa4b98955e60e2e1cea01cea3d8806bf809d029a6759455b23d
8d72f467b96610bf6537b159f4eb336cd68c72de7a9e527c13005ebbe6e58fe1
afaba2a93959c04e9d3942fe73917ab89426c84a42d2e563091684a6ce46affe
b1c44dea3b98adb8c68a1fe6e62bd1aec3953703ae6828e378dc27c1270bfe37
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee13da8e8d4bd49a7fdd595de382a3c7dbfef6f8555aeca5292c8c80da75f355
f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3

www.imcoverd.com Open in urlscan Pro 54.235.212.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

13 Requests

15 %HTTPS

33 %IPv6

6 Domains

7 Subdomains

6 IPs

3 Countries

130 kBTransfer

318 kBSize

1 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

www.imcoverd.com Open in urlscan Pro
54.235.212.68 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

15 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

130 kB
Transfer

318 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions