usa.cosmas-gau.com Open in urlscan Pro
34.193.227.251  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://poornhat.com/ Page URL
2. http://poornhat.com/ Page URL
3. http://usa.cosmas-gau.com/zcvisitor/852fbc07-cf42-11e9-81c8-0a5618ce307c?campaignid=018747f0-db5b-11e8-b3b6-0ebb138d3962 Page URL
4. http://usa.cosmas-gau.com/zcredirect?visitid=852fbc07-cf42-11e9-81c8-0a5618ce307c&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ poornhat.com/	638 B 629 B	5063ms 4036ms	Document text/html	213.247.47.190 Webair Internet D...
General Check archive.org Show headers Download Go to Full URL http://poornhat.com/ Protocol HTTP/1.1 Server 213.247.47.190 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US), Reverse DNS Software nginx/1.16.0 / Resource Hash Request headers Host poornhat.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx/1.16.0 Date Wed, 04 Sep 2019 18:33:38 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive Content-Encoding gzip
POST H/1.1	200 OK	Cookie set / Show response poornhat.com/	216 B 611 B	6026ms 6025ms	Document text/html	213.247.47.190 Webair Internet D...
General Check archive.org Show headers Download Go to Full URL http://poornhat.com/ Requested by Host: poornhat.com URL: http://poornhat.com/ Protocol HTTP/1.1 Server 213.247.47.190 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US), Reverse DNS Software nginx/1.16.0 / Resource Hash 530aeb6aa58c6364956cefe66582853f2067c59d919374daf8aef3970790e502 Request headers Host poornhat.com Connection keep-alive Content-Length 12 Pragma no-cache Cache-Control no-cache Origin http://poornhat.com Upgrade-Insecure-Requests 1 Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Referer http://poornhat.com/ Accept-Encoding gzip, deflate Origin http://poornhat.com Upgrade-Insecure-Requests 1 Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://poornhat.com/ Response headers Server nginx/1.16.0 Date Wed, 04 Sep 2019 18:33:42 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie ipc=eyJ2ZXJzaW9uIjoxLCJzdWJJZCI6MywiZm9sZGVySWQiOjI5MCwiZmVlZElkIjo2NCwidHMiOjE1Njc2MjIwMjIsImhhc2giOiJjYzNmY2I3OCJ9;Expires=Wed, 04-Sep-2019 19:33:42 GMT;Max-Age=3600 Expires Thu, 01 Jan 1970 00:00:00 GMT Content-Encoding gzip
GET H/1.1	200 OK	852fbc07-cf42-11e9-81c8-0a5618ce307c Show response usa.cosmas-gau.com/zcvisitor/	1006 B 2 KB	6050ms 4037ms	Document text/html	34.193.227.251 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://usa.cosmas-gau.com/zcvisitor/852fbc07-cf42-11e9-81c8-0a5618ce307c?campaignid=018747f0-db5b-11e8-b3b6-0ebb138d3962 Requested by Host: poornhat.com URL: http://poornhat.com/ Protocol HTTP/1.1 Server 34.193.227.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-193-227-251.compute-1.amazonaws.com Software ZeroPark-Traffic / Resource Hash 50980cc011aea7d82c3918b5d0405883fc21c665a228e79093409e5ca0685c48 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' Request headers Host usa.cosmas-gau.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Referer http://poornhat.com/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://poornhat.com/ Response headers Date Wed, 04 Sep 2019 18:33:50 GMT Content-Type text/html;charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Cache-Control no-store, no-cache, pre-check=0, post-check=0 content-security-policy default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP default-src 'self'; script-src 'self' 'unsafe-inline' Access-Control-Allow-Origin * Access-Control-Allow-Methods GET,POST,OPTIONS Access-Control-Allow-Headers X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag Server ZeroPark-Traffic
GET H/1.1	200 OK	Primary Request zcredirect usa.cosmas-gau.com/	3 KB 4 KB	6048ms 4041ms	Document text/html	34.193.227.251 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://usa.cosmas-gau.com/zcredirect?visitid=852fbc07-cf42-11e9-81c8-0a5618ce307c&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Requested by Host: usa.cosmas-gau.com URL: http://usa.cosmas-gau.com/zcvisitor/852fbc07-cf42-11e9-81c8-0a5618ce307c?campaignid=018747f0-db5b-11e8-b3b6-0ebb138d3962 Protocol HTTP/1.1 Server 34.193.227.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-193-227-251.compute-1.amazonaws.com Software ZeroPark-Traffic / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' Request headers Host usa.cosmas-gau.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Referer http://usa.cosmas-gau.com/zcvisitor/852fbc07-cf42-11e9-81c8-0a5618ce307c?campaignid=018747f0-db5b-11e8-b3b6-0ebb138d3962 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://usa.cosmas-gau.com/zcvisitor/852fbc07-cf42-11e9-81c8-0a5618ce307c?campaignid=018747f0-db5b-11e8-b3b6-0ebb138d3962 Response headers Date Wed, 04 Sep 2019 18:33:56 GMT Content-Type text/html;charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Cache-Control no-store, no-cache, pre-check=0, post-check=0 content-security-policy default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP default-src 'self'; script-src 'self' 'unsafe-inline' Access-Control-Allow-Origin * Access-Control-Allow-Methods GET,POST,OPTIONS Access-Control-Allow-Headers X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag redirected JS Server ZeroPark-Traffic
GET		zp-redirect tracking.marketing/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

tracking.marketing

URL

http://tracking.marketing/zp-redirect?target=http%3A%2F%2Fwww.apple.com-mac-optimizer.xyz%2Fredirect%2F%3Fip%3D212.8.240.143%26campid%3D7d2a330e-b271-4b51-a858-19fed1758b72%26zn%3Dromeo-rom-O1iWZLXa%26sc%3Df1be0f9b-24b9-4ef6-b115-1b6525e2d391%26browser%3DChrome%26browserversion%3DChrome%252074%26city%3DAmsterdam%26os%3DMacOS%26osv%3DMacOS%252010.14%2520Mojave%26model%3DDesktop%26td%3Dtracking.marketing%26ua%3DMozilla%252F5.0%2520%2528Macintosh%253B%2520Intel%2520Mac%2520OS%2520X%252010_14_5%2529%2520AppleWebKit%252F537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome%252F74.0.3729.169%2520Safari%252F537.36%26language%3DUnknown%26connection%3DBROADBAND%26isp%3DWorldstream%2520b.v.%26carrier%3D%26country%3DNL%26cep%3DfR0V_hNJry-c0CHuUw9bJdLFSNdL7ogFneAd7YiWglQZNh2uj0YIKKzVzRXoE6_AOaFx5z2y07d10YWGNCA2Cgr6Rj8lxP3AIuUwzPJhifM6N3PlSoAEAV33oYk1jbpWAHYUF93kc7SkB9c5WhBRGZPPnEBcMGBRP0rw2sR56DmYuX9qagYyF5HDhJnwB-ZzMDg13AbDVf1nkQ7tW-HZxRceKyVlm-XI_v8qmHkf64M3VI75xeBVHr0FEeImhmL-1kB-CuobeF8dPYtri_1dK5LBXblfXHqLX2RTZCe31GRAuRTEwYyEUxTJtqn3YY4TYmHB_rTwFJAfZBKCJiUgg-dJpV6_vKxdacJHO3p8d-T-hNoYslwf3nAMPBsNLL6IqJ7y3rQskHT_nz-dANf1LCl9KW-0WwoIyEgDpNLRXdUD5RqGQ9cKRYNJ8EpGFlVSA5kU48XD9ZXgVanetQpiW2CiU-L7bLM_OLwCD3bxfJi2iQ1LiILniUanqnIczF2G%26lptoken%3D156c67a1628938003612&caid=7d2a330e-b271-4b51-a858-19fed1758b72&zpid=852fbc07-cf42-11e9-81c8-0a5618ce307c&cid=&rt=D

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

poornhat.com
tracking.marketing
usa.cosmas-gau.com
tracking.marketing
213.247.47.190
34.193.227.251
50980cc011aea7d82c3918b5d0405883fc21c665a228e79093409e5ca0685c48
530aeb6aa58c6364956cefe66582853f2067c59d919374daf8aef3970790e502