398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai Open in urlscan Pro Puny
398055711-01li80.строй-дверь.рф IDN
104.21.0.139  Public Scan

Submitted URL: https://www.thesamba.com/vw/bin/banner_click.php?redirect=398055711-01li80.%D1%81%D1%82%D1%80%D0%BE%D0%B9-%D0%B4%D0%B2%D0...
Effective URL: http://398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai/
Submission: On December 01 via manual from AT — Scanned from AT

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 9 HTTP transactions. The main IP is 104.21.0.139, located in and belongs to CLOUDFLARENET, US. The main domain is 398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai.
This is the only time 398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 172.67.18.15 13335 (CLOUDFLAR...)
1 143.204.215.65 16509 (AMAZON-02)
1 18.66.147.85 16509 (AMAZON-02)
2 104.21.0.139 13335 (CLOUDFLAR...)
1 2 88.212.201.204 39134 (UNITEDNET)
9 6
Apex Domain
Subdomains
Transfer
3 thesamba.com
www.thesamba.com — Cisco Umbrella Rank: 281542
9 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 12199
1 KB
2
function sub() { [native code] }.
5 KB
1 sovrn.com
comparisons.sovrn.com — Cisco Umbrella Rank: 19561
1 KB
1 viglink.com
cdn.viglink.com — Cisco Umbrella Rank: 11129
29 KB
0 corrc.com Failed
corrc.com Failed
9 6
Domain Requested by
3 www.thesamba.com www.thesamba.com
2 counter.yadro.ru 1 redirects 398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai
2 398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai 398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai
1 comparisons.sovrn.com cdn.viglink.com
1 cdn.viglink.com www.thesamba.com
0 corrc.com Failed 398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai
9 6

This site contains links to these domains. Also see Links.

Domain
antibot.cloud
www.liveinternet.ru
Subject Issuer Validity Valid
thesamba.com
GTS CA 1P5
2023-11-07 -
2024-02-05
3 months crt.sh
viglink.com
Amazon RSA 2048 M02
2023-09-13 -
2024-10-11
a year crt.sh
comparisons.sovrn.com
Amazon RSA 2048 M03
2023-11-21 -
2024-12-19
a year crt.sh

This page contains 1 frames:

Frame: https://corrc.com/?u=n7rwwwl&o=at5ruqf&t=62-11
Frame ID: 9AAE1790B1D9377EB0E39D62C3AE74C8
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://www.thesamba.com/vw/bin/banner_click.php?redirect=398055711-01li80.%D1%81%D1%82%D1%80%D0%BE%D... Page URL
  2. http://398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!--LiveInternet counter-->
  • <!--/LiveInternet-->


Page Statistics

9
Requests

56 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

45 kB
Transfer

112 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.thesamba.com/vw/bin/banner_click.php?redirect=398055711-01li80.%D1%81%D1%82%D1%80%D0%BE%D0%B9-%D0%B4%D0%B2%D0%B5%D1%80%D1%8C.%D1%80%D1%84 Page URL
  2. http://398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://counter.yadro.ru/hit;62new?t52.6;r;s1600*1200*24;uhttp%3A//398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai/;hJust%20a%20moment...;0.8677604984063487 HTTP 302
  • https://counter.yadro.ru/hit;62new?q;t52.6;r;s1600*1200*24;uhttp%3A//398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai/;hJust%20a%20moment...;0.8677604984063487
Request Chain 8
  • http://398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai/ HTTP 302
  • https://corrc.com/?u=n7rwwwl&o=at5ruqf&t=62-11

9 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
banner_click.php
www.thesamba.com/vw/bin/
1 KB
556 B
Document
General
Full URL
https://www.thesamba.com/vw/bin/banner_click.php?redirect=398055711-01li80.%D1%81%D1%82%D1%80%D0%BE%D0%B9-%D0%B4%D0%B2%D0%B5%D1%80%D1%8C.%D1%80%D1%84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.18.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9182db8fe27ac9dad84088f2e0170102571e5e83a8b3a5d835d6242d839ef889

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
82eb6ed77c605b01-VIE
content-encoding
gzip
content-type
text/html; charset=iso-8859-1
date
Fri, 01 Dec 2023 12:46:26 GMT
server
cloudflare
YMUXekqztbt-bxfYuiorHMj2cnw.js
www.thesamba.com/cdn-cgi/apps/head/
5 KB
2 KB
Script
General
Full URL
https://www.thesamba.com/cdn-cgi/apps/head/YMUXekqztbt-bxfYuiorHMj2cnw.js
Requested by
Host: www.thesamba.com
URL: https://www.thesamba.com/vw/bin/banner_click.php?redirect=398055711-01li80.%D1%81%D1%82%D1%80%D0%BE%D0%B9-%D0%B4%D0%B2%D0%B5%D1%80%D1%8C.%D1%80%D1%84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.18.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3641b33f177d735f7d9c95d5b6a758217015fabb7f74515910259fd1644cdeb5

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.thesamba.com/vw/bin/banner_click.php?redirect=398055711-01li80.%D1%81%D1%82%D1%80%D0%BE%D0%B9-%D0%B4%D0%B2%D0%B5%D1%80%D1%8C.%D1%80%D1%84
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:46:26 GMT
content-encoding
gzip
x-amz-version-id
NO3hWP3PD5Tcvf.gGUJZ0ZKAix5_vMqQ
cf-cache-status
HIT
x-amz-request-id
RQNHXW7GF0Z70QB7
age
194497
content-length
1580
x-amz-id-2
H4db3JixU0EOyNUSg5LREO3IzMtORpPfe/mvvPtSYR/TT2HaHkU4YhfAbodMfA8uVdlzxCxcSU4=
last-modified
Tue, 06 Aug 2019 23:38:06 GMT
server
cloudflare
etag
"befd1960b434f9108ec82cd2f325a3c3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82eb6ed9a8f45b01-VIE
webegmM7BnQ8wppiV8fokfV4IxY.js
www.thesamba.com/cdn-cgi/apps/body/
15 KB
7 KB
Script
General
Full URL
https://www.thesamba.com/cdn-cgi/apps/body/webegmM7BnQ8wppiV8fokfV4IxY.js
Requested by
Host: www.thesamba.com
URL: https://www.thesamba.com/cdn-cgi/apps/head/YMUXekqztbt-bxfYuiorHMj2cnw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.18.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f0a7c1bbcd06298865b2bb5ceedafb79eeaed3a66f334e787699b65cf560633

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.thesamba.com/vw/bin/banner_click.php?redirect=398055711-01li80.%D1%81%D1%82%D1%80%D0%BE%D0%B9-%D0%B4%D0%B2%D0%B5%D1%80%D1%8C.%D1%80%D1%84
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 12:46:26 GMT
content-encoding
gzip
x-amz-version-id
QVfMoX4q6nk8eezjLaeb_39KOE8g909G
cf-cache-status
HIT
x-amz-request-id
CYR35P5X8TCY1VVN
age
112673
content-length
6877
x-amz-id-2
SGcDVaNAUZZdyMndf0qqMI+0C+2JtB34+9bziFzJ/bSzDIg+EJ7Hel5rj5unBOK0i5qSCvP4itI=
last-modified
Tue, 06 Aug 2019 23:38:06 GMT
server
cloudflare
etag
"dcb3c4f757008e776475da7bdb311488"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
82eb6ed9e9835b01-VIE
vglnk.js
cdn.viglink.com/api/
82 KB
29 KB
Script
General
Full URL
https://cdn.viglink.com/api/vglnk.js
Requested by
Host: www.thesamba.com
URL: https://www.thesamba.com/cdn-cgi/apps/body/webegmM7BnQ8wppiV8fokfV4IxY.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-65.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c4e1d1d6b881f146a475b3d009cac2e81e5a3ee71f836d62cf32330c0bcad57

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.thesamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:42:18 GMT
content-encoding
gzip
via
1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
last-modified
Fri, 12 May 2023 15:14:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
601749
x-amz-server-side-encryption
AES256
etag
"6c8a8d538bfaf5e3eee3cfe467f261a5"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
28925
x-amz-cf-id
hXKhEUsiVzsDMaAllcxapNM5fuzyLxAYk0o4MZDQQxWuKmdY3OysqQ==
loader.min.js
comparisons.sovrn.com/js/
3 KB
1 KB
Script
General
Full URL
https://comparisons.sovrn.com/js/loader.min.js
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-85.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53bf676d7fb58887b9f4c83c1330451e2b01f1a0863284c5fb4e8284b9a87d8b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.thesamba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
wUjdKB9KxRQ_qaiqixzvDYOao_YWjVDV
content-encoding
br
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
date
Fri, 01 Dec 2023 09:58:58 GMT
last-modified
Mon, 13 Nov 2023 15:08:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
10050
x-amz-server-side-encryption
AES256
etag
W/"cd7ae9ed1060bf847a247edb30351188"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
l0ESpnzQYWeRZDlQVUcj87yAPlyDkqNNiPHA6AplIfBl4tHj81UPfw==
Primary Request /
398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai/
5 KB
3 KB
Document
General
Full URL
http://398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai/
Protocol
HTTP/1.1
Server
104.21.0.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a36c3bd6bee70e34217750b97f1d0a135ae466904c731c13507f31caa0a0ed33
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
82eb6edd2c5bc31d-VIE
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Dec 2023 12:46:27 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHQa5ivAwBt3EJ1llrC6XCK%2FpG5hB8c79IuTIidpYQ%2Byokx9jXsNEb84eflTaTwI5XHKJ668SlafjolReVYI9ihxAD4yKII4Xs90NatGgeFkgGtIk%2BjbYYd3XSz3DzkNNUbYgpV%2FHbHVC9GgJHSOcBS7v2ycKqNQC4wi6%2BlkBRbT"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Frame-Options
DENY
X-Powered-CMS
Antibot.Cloud (See: https://antibot.cloud/)
X-Robots-Tag
noindex
alt-svc
h3=":443"; ma=86400
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-AT,de;q=0.9
Referer
http://398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
hit;62new
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;62new?t52.6;r;s1600*1200*24;uhttp%3A//398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai/;hJust%20a%20moment...;0.8677604984063487
  • https://counter.yadro.ru/hit;62new?q;t52.6;r;s1600*1200*24;uhttp%3A//398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai/;hJust%20a%20moment...;0.8677604984063487
362 B
848 B
Image
General
Full URL
https://counter.yadro.ru/hit;62new?q;t52.6;r;s1600*1200*24;uhttp%3A//398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai/;hJust%20a%20moment...;0.8677604984063487
Requested by
Host: 398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai
URL: http://398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
a73d6739819ba98621e4bdb24bc2fbc2c88583479558b9878e5b986d3b59341d
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-AT,de;q=0.9
Referer
http://398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 12:46:27 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
362
Expires
Wed, 30 Nov 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 12:46:27 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit;62new?q;t52.6;r;s1600*1200*24;uhttp%3A//398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai/;hJust%20a%20moment...;0.8677604984063487
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Wed, 30 Nov 2022 21:00:00 GMT
ab.php
398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai/antibot/
349 B
1 KB
Script
General
Full URL
http://398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai/antibot/ab.php?h1=65247ca83ef05eee1498bf0492335566&h2=84fd12a528c49800b93aa84aeadd4a04&ip=212.103.60.203&via=&v=5.07&r=&rand=1701434787
Requested by
Host: 398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai
URL: http://398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai/
Protocol
HTTP/1.1
Server
104.21.0.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-AT,de;q=0.9
Referer
http://398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 12:46:30 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
X-Powered-CMS
Antibot.Cloud (See: https://antibot.cloud/)
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Server
cloudflare
X-Frame-Options
DENY
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9lXfWfBadERbAts7TODtvKlIAA5mOJiFRMkIZEwfbUpHyGSqdR6GpXT%2Fgs9ruYhnZM9DcmekFuOsbtfK1q4DWQohABq7HF4yMAIj1ZwFEDVwPAqfnQV9R31OPhS0FNWf6j7EGKR145YKWvXQfWIcA2dgmmhOQBG4TetcrkY6lSF"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
X-Robots-Tag
noindex
CF-RAY
82eb6ef10ac1c31d-VIE
Expires
Mon, 26 Jul 1997 05:00:00 GMT
/
corrc.com/
Redirect Chain
  • http://398055711-01li80.xn----dtbffq3angbk2j.xn--p1ai/
  • https://corrc.com/?u=n7rwwwl&o=at5ruqf&t=62-11
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
corrc.com
URL
https://corrc.com/?u=n7rwwwl&o=at5ruqf&t=62-11

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| timer function| LoadTest

2 Cookies

Domain/Path Name / Value
.yadro.ru/ Name: FTID
Value: 1bQTMZ1J_zOh1bQTMZ0029Or
.yadro.ru/ Name: VID
Value: 0BZLfU2WZUuh1bQTMZ0029PK