num.to Open in urlscan Pro
160.16.209.212 Public Scan

URL:
http://num.to/110007121663
Submission: On February 21 via api (February 21st 2020, 3:09:17 pm UTC) from US

Summary HTTP 15 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 15 HTTP transactions. The main IP is 160.16.209.212, located in Osaka, Japan and belongs to SAKURA-B SAKURA Internet Inc., JP. The main domain is num.to.

This is the only time num.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	160.16.209.212 160.16.209.212	9370 (SAKURA-B ...) (SAKURA-B SAKURA Internet Inc.)
4	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
1	34.212.109.37 34.212.109.37	16509 (AMAZON-02) (AMAZON-02)
2 4	192.0.77.33 192.0.77.33	2635 (AUTOMATTIC) (AUTOMATTIC)
15	9

1 160.16.209.212 (Osaka, Japan)

ASN9370 (SAKURA-B SAKURA Internet Inc., JP)
PTR: tk2-246-32958.vs.sakura.ne.jp

num.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.212.109.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-109-37.us-west-2.compute.amazonaws.com

api.mywot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.0.77.33 (San Francisco, United States) 2 redirects

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	102 B
4	wordpress.com 2 redirects s.wordpress.com	16 KB
2	google-analytics.com 1 redirects www.google-analytics.com	17 KB
2	googlesyndication.com pagead2.googlesyndication.com	122 KB
1	mywot.com api.mywot.com	440 B
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	323 B
1	google.de adservice.google.de	778 B
1	num.to num.to	8 KB
15	9

	Domain	Requested by
4	s.wordpress.com	2 redirects
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	1 redirects num.to
2	pagead2.googlesyndication.com	num.to pagead2.googlesyndication.com
1	api.mywot.com	num.to
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	num.to
1	num.to
15	10

This site contains links to these domains. Also see Links.

Domain
ouo.io
www.google.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.wordpress.com COMODO RSA Domain Validation Secure Server CA	`2018-09-06` - `2020-09-05`	2 years	crt.sh

This page contains 5 frames:

Primary Page: http://num.to/110007121663
Frame ID: 2D08B1E83093735858D0235EC95BD6DA
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200219/r20190131/zrt_lookup.html
Frame ID: 2E3862E837E73C027D6FAF7F4609505C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438158428688800&output=html&h=90&slotname=8652169634&adk=1884978644&adf=186307682&w=970&lmt=1582297741&psa=0&guci=1.2.0.0.2.2.0.0&format=970x90&url=http%3A%2F%2Fnum.to%2F110007121663&flash=0&wgl=1&adsid=NT&dt=1582297741284&bpp=16&bdt=66&fdt=83&idt=84&shv=r20200219&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6078035747415&frm=20&pv=2&ga_vid=1739405736.1582297741&ga_sid=1582297741&ga_hid=227231152&ga_fc=1&iag=0&icsg=2218&dssz=10&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=308&ady=29&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1430571227534715&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&xpc=et4TxpGj5w&p=http%3A//num.to&dtd=98
Frame ID: 9DFC8BD8C9F879B631F5342BB76822B9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438158428688800&output=html&h=280&slotname=4298957238&adk=507355&adf=2653041513&w=336&lmt=1582297741&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=http%3A%2F%2Fnum.to%2F110007121663&flash=0&wgl=1&adsid=NT&dt=1582297741300&bpp=6&bdt=83&fdt=107&idt=107&shv=r20200219&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=6078035747415&frm=20&pv=1&ga_vid=1739405736.1582297741&ga_sid=1582297741&ga_hid=227231152&ga_fc=1&iag=0&icsg=10410&dssz=11&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=398&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1430571227534715&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&xpc=ykVUSdOKGF&p=http%3A//num.to&dtd=110
Frame ID: 56DB1F59000D423398A34A8C407C0CFC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438158428688800&output=html&adk=1812271804&adf=3025194257&lmt=1582297741&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fnum.to%2F110007121663&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1582297741306&bpp=5&bdt=89&fdt=108&idt=108&shv=r20200219&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C336x280&nras=1&correlator=6078035747415&frm=20&pv=1&ga_vid=1739405736.1582297741&ga_sid=1582297741&ga_hid=227231152&ga_fc=1&iag=0&icsg=10410&dssz=11&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1430571227534715&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&dtd=113
Frame ID: B404A7D935483184F8704F7F73447D41
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

15
Requests

80 %
HTTPS

63 %
IPv6

9
Domains

10
Subdomains

9
IPs

4
Countries

191 kB
Transfer

481 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://ouo.io/sbpVHCp
Title: 110007121663

Search URL Search Domain Scan URL

URL: http://www.google.com/safebrowsing/diagnostic?site=https://ouo.io/sbpVHCp
Title: Google

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 4

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=373158926&utmhn=num.to&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Jump%20for%20110007121663&utmhid=227231152&utmr=-&utmp=%2F110007121663&utmht=1582297741255&utmac=UA-35986586-1&utmcc=__utma%3D138412844.1739405736.1582297741.1582297741.1582297741.1%3B%2B__utmz%3D138412844.1582297741.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=480251134&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=373158926&utmhn=num.to&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Jump%20for%20110007121663&utmhid=227231152&utmr=-&utmp=%2F110007121663&utmht=1582297741255&utmac=UA-35986586-1&utmcc=__utma%3D138412844.1739405736.1582297741.1582297741.1582297741.1%3B%2B__utmz%3D138412844.1582297741.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=480251134&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35986586-1&cid=1739405736.1582297741&jid=480251134&_v=5.7.2&z=373158926

Request Chain 14

http://s.wordpress.com/mshots/v1/https%3A%2F%2Fouo.io%2FsbpVHCp?w=200&1 HTTP 301
https://s.wordpress.com/mshots/v1/https%3A%2F%2Fouo.io%2FsbpVHCp?w=200&1

Request Chain 15

http://s.wordpress.com/mshots/v1/https%3A%2F%2Fouo.io%2FsbpVHCp?w=200&11 HTTP 301
https://s.wordpress.com/mshots/v1/https%3A%2F%2Fouo.io%2FsbpVHCp?w=200&11

15 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 110007121663 Show response
num.to/ 15 KB
8 KB 723ms
451ms Document
text/html 160.16.209.212
SAKURA-B SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: http://num.to/110007121663
Protocol: HTTP/1.1
Server: 160.16.209.212 Osaka, Japan, ASN9370 (SAKURA-B SAKURA Internet Inc., JP),
Reverse DNS: tk2-246-32958.vs.sakura.ne.jp
Software: Apache /
Resource Hash: 9042e8ce9406ba92ca8285201ac6da5bfe4f1693dd699d7d7149056c87319b57

Request headers

Host: num.to
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 15:09:00 GMT
Server: Apache
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 106 KB
38 KB 32ms
25ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: num.to
URL: http://num.to/110007121663

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f45f18d03a86160ad8d6ab087295590235d2febb9c0ad69f8617d74d60212db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://num.to/110007121663
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 15:09:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 13912970936825324044
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 38661
X-XSS-Protection: 0
Expires: Fri, 21 Feb 2020 15:09:01 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6695376172db53a24efbb3753e88abe1e08166ddc402fe5e2b9df08dad6fa3f5

Request headers

Referer: http://num.to/110007121663
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0eaed1b3f4b7539bd00bb35a01659769fdc20c0b86a94906c9021debf4de6b16

Request headers

Referer: http://num.to/110007121663
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: num.to
URL: http://num.to/110007121663

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://num.to/110007121663
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 2992
date: Fri, 21 Feb 2020 14:19:09 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17168
expires: Fri, 21 Feb 2020 16:19:09 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=373158926&utmhn=num.to&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Jump%20for%2011...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=373158926&utmhn=num.to&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Jump%20for%201...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35986586-1&cid=1739405736.1582297741&jid=480251134&_v=5.7.2&z=373158926

35 B
102 B

15ms
14ms

Image
image/gif

2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35986586-1&cid=1739405736.1582297741&jid=480251134&_v=5.7.2&z=373158926

Requested by

Host: num.to
URL: http://num.to/110007121663

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://num.to/110007121663
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Fri, 21 Feb 2020 15:09:01 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 15:09:01 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35986586-1&cid=1739405736.1582297741&jid=480251134&_v=5.7.2&z=373158926
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 369
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
778 B 44ms
19ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=num.to

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://num.to/110007121663
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 15:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
323 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=num.to

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://num.to/110007121663
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 15:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200219/r20190131/ 221 KB
83 KB 59ms
35ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200219/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a450a92da271041893a519c9b9e1050b2229f74eb83ca5346e76203456d3691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://num.to/110007121663
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 15:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84526
x-xss-protection: 0
server: cafe
etag: 16542440073614270090
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Feb 2020 15:09:01 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200219/r20190131/ Frame 2E38 0
0 11ms
6ms Document
text/html 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200219/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200219/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://num.to/110007121663
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://num.to/110007121663

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 20 Feb 2020 01:55:47 GMT
expires: Thu, 05 Mar 2020 01:55:47 GMT
content-type: text/html; charset=UTF-8
etag: 3560819023258359450
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4495
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 133994
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9DFC 0
0 164ms
163ms Document
text/html 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438158428688800&output=html&h=90&slotname=8652169634&adk=1884978644&adf=186307682&w=970&lmt=1582297741&psa=0&guci=1.2.0.0.2.2.0.0&format=970x90&url=http%3A%2F%2Fnum.to%2F110007121663&flash=0&wgl=1&adsid=NT&dt=1582297741284&bpp=16&bdt=66&fdt=83&idt=84&shv=r20200219&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6078035747415&frm=20&pv=2&ga_vid=1739405736.1582297741&ga_sid=1582297741&ga_hid=227231152&ga_fc=1&iag=0&icsg=2218&dssz=10&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=308&ady=29&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1430571227534715&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&xpc=et4TxpGj5w&p=http%3A//num.to&dtd=98

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200219/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4438158428688800&output=html&h=90&slotname=8652169634&adk=1884978644&adf=186307682&w=970&lmt=1582297741&psa=0&guci=1.2.0.0.2.2.0.0&format=970x90&url=http%3A%2F%2Fnum.to%2F110007121663&flash=0&wgl=1&adsid=NT&dt=1582297741284&bpp=16&bdt=66&fdt=83&idt=84&shv=r20200219&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6078035747415&frm=20&pv=2&ga_vid=1739405736.1582297741&ga_sid=1582297741&ga_hid=227231152&ga_fc=1&iag=0&icsg=2218&dssz=10&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=308&ady=29&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1430571227534715&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&xpc=et4TxpGj5w&p=http%3A//num.to&dtd=98
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://num.to/110007121663
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://num.to/110007121663

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 21 Feb 2020 15:09:01 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-Feb-2020 15:24:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Fri, 21 Feb 2020 15:09:01 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200219/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

753def12fae8722bef366a340b5ab7c34a15c8cd8432cdddb30d8f91ab987b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://num.to/110007121663
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 15:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582122122802407"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27674
x-xss-protection: 0
expires: Fri, 21 Feb 2020 15:09:01 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 56DB 0
0 148ms
148ms Document
text/html 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438158428688800&output=html&h=280&slotname=4298957238&adk=507355&adf=2653041513&w=336&lmt=1582297741&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=http%3A%2F%2Fnum.to%2F110007121663&flash=0&wgl=1&adsid=NT&dt=1582297741300&bpp=6&bdt=83&fdt=107&idt=107&shv=r20200219&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=6078035747415&frm=20&pv=1&ga_vid=1739405736.1582297741&ga_sid=1582297741&ga_hid=227231152&ga_fc=1&iag=0&icsg=10410&dssz=11&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=398&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1430571227534715&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&xpc=ykVUSdOKGF&p=http%3A//num.to&dtd=110

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200219/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4438158428688800&output=html&h=280&slotname=4298957238&adk=507355&adf=2653041513&w=336&lmt=1582297741&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=http%3A%2F%2Fnum.to%2F110007121663&flash=0&wgl=1&adsid=NT&dt=1582297741300&bpp=6&bdt=83&fdt=107&idt=107&shv=r20200219&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=6078035747415&frm=20&pv=1&ga_vid=1739405736.1582297741&ga_sid=1582297741&ga_hid=227231152&ga_fc=1&iag=0&icsg=10410&dssz=11&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=398&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1430571227534715&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&xpc=ykVUSdOKGF&p=http%3A//num.to&dtd=110
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://num.to/110007121663
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://num.to/110007121663

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 21 Feb 2020 15:09:01 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-Feb-2020 15:24:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Fri, 21 Feb 2020 15:09:01 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame B404 0
0 67ms
66ms Document
text/html 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4438158428688800&output=html&adk=1812271804&adf=3025194257&lmt=1582297741&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fnum.to%2F110007121663&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1582297741306&bpp=5&bdt=89&fdt=108&idt=108&shv=r20200219&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C336x280&nras=1&correlator=6078035747415&frm=20&pv=1&ga_vid=1739405736.1582297741&ga_sid=1582297741&ga_hid=227231152&ga_fc=1&iag=0&icsg=10410&dssz=11&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1430571227534715&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&dtd=113

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200219/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4438158428688800&output=html&adk=1812271804&adf=3025194257&lmt=1582297741&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fnum.to%2F110007121663&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1582297741306&bpp=5&bdt=89&fdt=108&idt=108&shv=r20200219&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C336x280&nras=1&correlator=6078035747415&frm=20&pv=1&ga_vid=1739405736.1582297741&ga_sid=1582297741&ga_hid=227231152&ga_fc=1&iag=0&icsg=10410&dssz=11&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1430571227534715&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&dtd=113
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://num.to/110007121663
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: http://num.to/110007121663

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 21 Feb 2020 15:09:01 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-Feb-2020 15:24:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Fri, 21 Feb 2020 15:09:01 GMT
cache-control: private

GET
H/1.1 200 public_link_json Show response
api.mywot.com/0.4/ 121 B
440 B 353ms
326ms Script
application/x-javascript 34.212.109.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://api.mywot.com/0.4/public_link_json?callback=get_Saftylevel&hosts=ouo.io/
Requested by: Host: num.to
URL: http://num.to/110007121663
Protocol: HTTP/1.1
Server: 34.212.109.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-212-109-37.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 5a8d6808f90f19c6b860fa2b7e978303e56258cfb789cc88b32ef719e61dfa8c

Request headers

Referer: http://num.to/110007121663
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Feb 2020 15:02:53 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-max-age: 2592000
cache-control: no-store, max-age=0
Connection: keep-alive
Content-Length: 121
expires: Fri, 21 Feb 2020 15:02:53 GMT

GET
H2

200

https%3A%2F%2Fouo.io%2FsbpVHCp
s.wordpress.com/mshots/v1/
Redirect Chain

http://s.wordpress.com/mshots/v1/https%3A%2F%2Fouo.io%2FsbpVHCp?w=200&1
https://s.wordpress.com/mshots/v1/https%3A%2F%2Fouo.io%2FsbpVHCp?w=200&1

9 KB
9 KB

288ms
243ms

Image
image/jpeg

192.0.77.33
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.wordpress.com/mshots/v1/https%3A%2F%2Fouo.io%2FsbpVHCp?w=200&1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8e78fa18b9311268bcaf8db29d689b06e00425f94ffad801c9550605d4418a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://num.to/110007121663
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: MISS lhr 2
date: Fri, 21 Feb 2020 15:09:02 GMT
x-ac: 4.lhr _dca
last-modified: Wed, 19 Feb 2020 23:57:40 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/jpeg
status: 200
cache-control: public, max-age=600
expires: Fri, 21 Feb 2020 15:19:01 GMT

Redirect headers

Location: https://s.wordpress.com/mshots/v1/https%3A%2F%2Fouo.io%2FsbpVHCp?w=200&1
Date: Fri, 21 Feb 2020 15:09:01 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

https%3A%2F%2Fouo.io%2FsbpVHCp
s.wordpress.com/mshots/v1/
Redirect Chain

http://s.wordpress.com/mshots/v1/https%3A%2F%2Fouo.io%2FsbpVHCp?w=200&11
https://s.wordpress.com/mshots/v1/https%3A%2F%2Fouo.io%2FsbpVHCp?w=200&11

7 KB
7 KB

233ms
233ms

Image
image/jpeg

192.0.77.33
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.wordpress.com/mshots/v1/https%3A%2F%2Fouo.io%2FsbpVHCp?w=200&11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e133f482d0d50683fb90ef33701182ff6bb5ad26e3b206c8ddd45e8e0dd75602

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://num.to/110007121663
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: MISS lhr 2
date: Fri, 21 Feb 2020 15:09:11 GMT
x-ac: 4.lhr _dca
last-modified: Fri, 21 Feb 2020 15:09:06 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: image/jpeg
status: 200
cache-control: public, max-age=43200
expires: Sat, 22 Feb 2020 03:09:11 GMT

Redirect headers

Location: https://s.wordpress.com/mshots/v1/https%3A%2F%2Fouo.io%2FsbpVHCp?w=200&11
Date: Fri, 21 Feb 2020 15:09:11 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 07:31:38	Name: test_cookie Value: CheckForPermission
.num.to/	1970-01-19 07:31:38	Name: __utmt Value: 1
.num.to/	1970-01-19 11:54:25	Name: __utmz Value: 138412844.1582297741.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.num.to/	1969-12-31 23:59:59	Name: __utmc Value: 138412844
.num.to/	1970-01-19 07:31:39	Name: __utmb Value: 138412844.1.10.1582297741
.num.to/	1970-01-20 01:02:49	Name: __utma Value: 138412844.1739405736.1582297741.1582297741.1582297741.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.mywot.com
googleads.g.doubleclick.net
num.to
pagead2.googlesyndication.com
s.wordpress.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagservices.com
160.16.209.212
192.0.77.33
2a00:1450:4001:815::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:821::2002
2a00:1450:4001:824::200e
2a00:1450:400c:c04::9b
34.212.109.37
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0a450a92da271041893a519c9b9e1050b2229f74eb83ca5346e76203456d3691
0eaed1b3f4b7539bd00bb35a01659769fdc20c0b86a94906c9021debf4de6b16
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
5a8d6808f90f19c6b860fa2b7e978303e56258cfb789cc88b32ef719e61dfa8c
6695376172db53a24efbb3753e88abe1e08166ddc402fe5e2b9df08dad6fa3f5
753def12fae8722bef366a340b5ab7c34a15c8cd8432cdddb30d8f91ab987b96
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e78fa18b9311268bcaf8db29d689b06e00425f94ffad801c9550605d4418a13
9042e8ce9406ba92ca8285201ac6da5bfe4f1693dd699d7d7149056c87319b57
e133f482d0d50683fb90ef33701182ff6bb5ad26e3b206c8ddd45e8e0dd75602
f45f18d03a86160ad8d6ab087295590235d2febb9c0ad69f8617d74d60212db4

num.to Open in urlscan Pro 160.16.209.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

15 Requests

80 %HTTPS

63 %IPv6

9 Domains

10 Subdomains

9 IPs

4 Countries

191 kBTransfer

481 kBSize

6 Cookies

2 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

6 Cookies

Indicators

num.to Open in urlscan Pro
160.16.209.212 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

80 %
HTTPS

63 %
IPv6

9
Domains

10
Subdomains

9
IPs

4
Countries

191 kB
Transfer

481 kB
Size

6
Cookies

15 HTTP transactions
2 data transactions