urlscan.io logo urlscan.io
SecurityTrails logo

10945-2.s.cdn15.com Open in urlscan Pro
185.18.187.77  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://crtv.wbidder.online/icon?url=https%3A%2F%2Fxml.fastdlr.com%2Fthumbnail%3Fi%3DoV0DrQj2HKI_0%26imgt%3Dicon&s=1015&a=bi...
Effective URL: https://10945-2.s.cdn15.com/creatives/73266/171603/385974_f5da7.png
Submission: On February 23 via manual from RO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 3 countries across 5 domains to perform 1 HTTP transactions. The main IP is 185.18.187.77, located in Frankfurt am Main, Germany and belongs to UCDN, CY. The main domain is 10945-2.s.cdn15.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 29th 2020. Valid for: a year.
This is the only time 10945-2.s.cdn15.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 213.227.145.136 60781 (LEASEWEB-...)
1 1 198.134.116.19 27257 (WEBAIR-IN...)
1 1 136.243.133.233 24940 (HETZNER-AS)
1 1 88.85.94.236 35415 (WEBZILLA)
1 185.18.187.77 61107 (UCDN)
1 1
1    213.227.145.136 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
crtv.wbidder.online
1    198.134.116.19 (Grapevine, United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.fastdlr.com
1    136.243.133.233 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.233.133.243.136.clients.your-server.de
icon20.flatpica.com
1    88.85.94.236 (Netherlands)

ASN35415 (WEBZILLA, NL)
kulewuglo.pro
1    185.18.187.77 (Frankfurt am Main, Germany)

ASN61107 (UCDN, CY)
10945-2.s.cdn15.com
Apex Domain
Subdomains		 Transfer
1 cdn15.com
10945-2.s.cdn15.com
64 KB
1 kulewuglo.pro
kulewuglo.pro
230 B
1 flatpica.com
icon20.flatpica.com
858 B
1 fastdlr.com
xml.fastdlr.com
1 KB
1 wbidder.online
crtv.wbidder.online
218 B
1 5
Domain Requested by
1 10945-2.s.cdn15.com
1 kulewuglo.pro 1 redirects
1 icon20.flatpica.com 1 redirects
1 xml.fastdlr.com 1 redirects
1 crtv.wbidder.online 1 redirects
1 5

This site contains no links.

Subject Issuer Validity Valid
*.s.cdn15.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-29 -
2021-10-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://10945-2.s.cdn15.com/creatives/73266/171603/385974_f5da7.png
Frame ID: A6D6E1F3965B53A1D0B08CE5966B8416
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://crtv.wbidder.online/icon?url=https%3A%2F%2Fxml.fastdlr.com%2Fthumbnail%3Fi%3DoV0DrQj2HKI_0%26img... HTTP 302
    https://xml.fastdlr.com/thumbnail?i=oV0DrQj2HKI_0&imgt=icon HTTP 302
    https://icon20.flatpica.com/ie?v=3&c=Ygj8yueIpj2H8C5Ay2fVDDs5eXaB11lfoB95ZWiVM5pk8GildFhxmqNySV_CaRuc7h0... HTTP 301
    https://kulewuglo.pro/rtb/pushimg?rsrc=rtb-eu_he&token=AnQRX9EeaK3bKBgxXNeFRF4GgH16JOULCT1A3uSHCht... HTTP 302
    https://10945-2.s.cdn15.com/creatives/73266/171603/385974_f5da7.png Page URL

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

1
IPs

3
Countries

64 kB
Transfer

64 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://crtv.wbidder.online/icon?url=https%3A%2F%2Fxml.fastdlr.com%2Fthumbnail%3Fi%3DoV0DrQj2HKI_0%26imgt%3Dicon&s=1015&a=bid_onw_500058&sub=33468&d=70&ic=0 HTTP 302
    https://xml.fastdlr.com/thumbnail?i=oV0DrQj2HKI_0&imgt=icon HTTP 302
    https://icon20.flatpica.com/ie?v=3&c=Ygj8yueIpj2H8C5Ay2fVDDs5eXaB11lfoB95ZWiVM5pk8GildFhxmqNySV_CaRuc7h0U0T3W_RpYC89mgDWsTQ48zX_DwC4o__8G0BEHBYXCiYgFACkbpnI9QxZ9nSLgSiSkzCUU6ZEuFP-BiQLIMt3ou2KaTUX7w5SZ8gkzNaoObPDsmwqcv9aXTG8FyqFwl11Ev6Mu93MvBHYr7eErIEz3WMhJA7XTWr3bgSfBB1vA_uBERK9vAL1SJQjzJjbeOkaL0jf6FxmRvUdIZGT0bE-LFZiO8wRi6iPpIIV_fINSLlSPTOGfxo3zE1r6VUneu55O-T5RK-rOoAbYkn8C1gCUhTj3C9y7LIO9DyVChtAPWa7x6AEWVU9dRWVmabMEXY7WuMBIoV9AvAWwjxVLRZzro3x6rj3PSYlYDE7GlhtIbKMbAXDH-cL51QgkIelzS9UxEoy46QY9zjY4LaRus0yaocs5PU5kGEpklOubU_3i3gpLQAYKmyvMDzmFxlZUiDMxf6BlGUFnqq0QdcgtFsH9Jz6nWXnQ5Wu5TU5uodVOuse_qZYbsVG05CejbihPwBlWt2D2rIV1xuMvXMqlZfyo-feoyh1Wdq9aoWZASDjaYRbL9EHUjcGa1j46TjLUngj7q5QMraACBOEPijuQW47TCQIV7hMfdne-1v5uvD0YsmB_9rIu_1f6k5RQ2MIcDex_dl6PTa75GQqu1C1DnLl60_Iw9Yl4BbGnMTIhVKvR6zNuGX5kcZCBhhe2MBt4TuNGv1iNFrnSU5UaPVL0-Frx_yIpmRG_m13BvfE0GCW9tH06245V5RwPm1uMOdQP-lOneZ4FqVWYIVkbAo2fVZuQbPO3FOwF0sJsrnboOLSf644ChnECeiKpz5wQPx4DPkCG6iC6f9ql1O-5dzN9lW6AgmgVD45kp2j_ks295a4uup98lFAafIkyO337551y30tcMPu1UYHqDAggElSXEZzBf8VCeaaeHe_Qm9_AL_bA9jshH_2VJpQPVg4T49v4kqtG1ZXszXe-VengTPXdfT8brjcJuJyEv1COYrrXi9YK23aR3w9CFspmUTCpy4ec5yXfHajmDr8rGsnAEaYIiWCQqyjSyd6zOhHjj39QcsJu3ke-qWMHXp8sdgVZkF-ojaeukFdaTdkmj0wiuL0VRZRsCO0ezrthR9jp--d18_jwEqJIhg02_vexhEen-V0Cay9Zmmxgp52BXc-5As_-eOnEE2_pfzr_Up3llqjN9b1q&v1=91&v2=310 HTTP 301
    https://kulewuglo.pro/rtb/pushimg?rsrc=rtb-eu_he&token=AnQRX9EeaK3bKBgxXNeFRF4GgH16JOULCT1A3uSHChtSh0qHBOAVzobfPCDEWCfSMxQ8fGr4IvOvXvF4vKvrGpvuXg6874QQHF.zput8ZFPFY2vTUc.HOtW_fzgU6x8mzwFoph_9MJFEOqZftjWukYSA0HY6ll6ZYrvz3aq5OuaCRln70xXq7RlmFJftvuElqw7AVTI8SG4nzoIZNhv0CjNo0eJ1LPVKyq2hGtMlK99U5GDcb.94SdKbSTEgCqCuU1xJJBAD3PjmDyf2ZGo0o7P__Mk3jGgThljKoRuscVcD.eTGG6U72M6fYOAd0tIRQkOdEdOP3W5LnbSc5o1NHjOrW8nO8GtQYr8yLXKtYH_oXhrcJMTShBzVJPvSUjpNk5SdNRtd0pX5VgEkClbQo3mE1bPRNTPUucJFw9bbLV3X2ZKGFmUla.dSnPMsm_btcstuaq_RcHA5blWt01rrDjYDFQlYMmXJWcFs2adYIsDKZgRcTcV6JJYuHcWLYlGToDgfEkqhn.VutvwMNlyu0aeBO2MPgl6CuhT38ggloJb1TdsgwAQ4vtq3jc4jTXLTaVA39flKzAUvPU85yWOIJpWSfTtqMjIuH1SS1DoWChc- HTTP 302
    https://10945-2.s.cdn15.com/creatives/73266/171603/385974_f5da7.png Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 385974_f5da7.png
10945-2.s.cdn15.com/creatives/73266/171603/
Redirect Chain
  • https://crtv.wbidder.online/icon?url=https%3A%2F%2Fxml.fastdlr.com%2Fthumbnail%3Fi%3DoV0DrQj2HKI_0%26imgt%3Dicon&s=1015&a=bid_onw_500058&sub=33468&d=70&ic=0
  • https://xml.fastdlr.com/thumbnail?i=oV0DrQj2HKI_0&imgt=icon
  • https://icon20.flatpica.com/ie?v=3&c=Ygj8yueIpj2H8C5Ay2fVDDs5eXaB11lfoB95ZWiVM5pk8GildFhxmqNySV_CaRuc7h0U0T3W_RpYC89mgDWsTQ48zX_DwC4o__8G0BEHBYXCiYgFACkbpnI9QxZ9nSLgSiSkzCUU6ZEuFP-BiQLIMt3ou2KaTUX7...
  • https://kulewuglo.pro/rtb/pushimg?rsrc=rtb-eu_he&token=AnQRX9EeaK3bKBgxXNeFRF4GgH16JOULCT1A3uSHChtSh0qHBOAVzobfPCDEWCfSMxQ8fGr4IvOvXvF4vKvrGpvuXg6874QQHF.zput8ZFPFY2vTUc.HOtW_fzgU6x8mzwFoph_9MJFEOq...
  • https://10945-2.s.cdn15.com/creatives/73266/171603/385974_f5da7.png
64 KB
64 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://10945-2.s.cdn15.com/creatives/73266/171603/385974_f5da7.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.18.187.77 Frankfurt am Main, Germany, ASN61107 (UCDN, CY),
Reverse DNS
Software
ucdn/1.18.0 /
Resource Hash
f5e2c34dbbadb3378400c53906ba8124b8772c7ea7c10955b791d0e114fd72fc

Request headers

:method
GET
:authority
10945-2.s.cdn15.com
:scheme
https
:path
/creatives/73266/171603/385974_f5da7.png
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

server
ucdn/1.18.0
date
Tue, 23 Feb 2021 22:54:51 GMT
content-type
image/png
content-length
65221
last-modified
Mon, 15 Feb 2021 14:44:08 GMT
etag
"11dd4d08072dbea004ffdb613e45d8f8"
x-timestamp
1613400247.97458
x-trans-id
tx7f3805ab18bf4fadb6a57-00602a88bb
expires
Wed, 28 Jul 2021 22:29:23 GMT
cache-control
max-age=13390472
x-ureq-id
PYMqMNZBGwvaY0ClvMof0M1BltNffhQC7Zuk0GLj7ybo5OSb9YzAsnb+LvPCC1LOE8E3KC76Ma6CW4RZ0hdtG4KFLTna6JAPGgOqE8o=
x-served-from
l1
access-control-allow-origin
*
access-control-allow-methods
HEAD, GET, OPTIONS
accept-ranges
bytes

Redirect headers

server
nginx
date
Tue, 23 Feb 2021 22:54:51 GMT
content-length
0
expires
Mon, 26 Jul 2011 05:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
location
https://10945-2.s.cdn15.com/creatives/73266/171603/385974_f5da7.png
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10945-2.s.cdn15.com
crtv.wbidder.online
icon20.flatpica.com
kulewuglo.pro
xml.fastdlr.com
136.243.133.233
185.18.187.77
198.134.116.19
213.227.145.136
88.85.94.236
f5e2c34dbbadb3378400c53906ba8124b8772c7ea7c10955b791d0e114fd72fc