www.pay-detroitcityliving.furnished-apartment-toronto.com Open in urlscan Pro
69.89.31.136 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.pay-detroitcityliving.furnished-apartment-toronto.com/
Submission: On February 13 via api (February 13th 2022, 6:57:22 am UTC) from CA — Scanned from CA

Summary HTTP 14 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 14 HTTP transactions. The main IP is 69.89.31.136, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.pay-detroitcityliving.furnished-apartment-toronto.com.

This is the only time www.pay-detroitcityliving.furnished-apartment-toronto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	69.89.31.136 69.89.31.136	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1 8	5.9.20.91 5.9.20.91	24940 (HETZNER-AS) (HETZNER-AS)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	199.223.255.125 199.223.255.125	40244 (TURNKEY-I...) (TURNKEY-INTERNET)
14	5

4 69.89.31.136 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box336.bluehost.com

www.pay-detroitcityliving.furnished-apartment-toronto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 5.9.20.91 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: h109.hubuhost.com

g.cash-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.blyatflix.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.223.255.125 (United States)

ASN40244 (TURNKEY-INTERNET, US)
PTR: 199-223-255-125.static.as40244.net

thisis.aninter.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	cash-ads.com g.cash-ads.com — Cisco Umbrella Rank: 771666	37 KB
4	furnished-apartment-toronto.com www.pay-detroitcityliving.furnished-apartment-toronto.com	32 KB
3	blyatflix.de 1 redirects c.blyatflix.de — Cisco Umbrella Rank: 541865	1 KB
1	aninter.net thisis.aninter.net — Cisco Umbrella Rank: 760612
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97
14	5

	Domain	Requested by
5	g.cash-ads.com	www.pay-detroitcityliving.furnished-apartment-toronto.com g.cash-ads.com
4	www.pay-detroitcityliving.furnished-apartment-toronto.com	www.pay-detroitcityliving.furnished-apartment-toronto.com
3	c.blyatflix.de	1 redirects g.cash-ads.com c.blyatflix.de
1	thisis.aninter.net	www.pay-detroitcityliving.furnished-apartment-toronto.com
1	www.facebook.com	c.blyatflix.de
14	5

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
cityliving1.managebuilding.com
cash-ads.com
advertiser.cash-ads.com

Subject Issuer	Validity	Valid
g.cash-ads.com R3	`2022-01-20` - `2022-04-20`	3 months	crt.sh
c.blyatflix.de R3	`2022-02-06` - `2022-05-07`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-22` - `2022-02-20`	3 months	crt.sh
thisis.aninter.net R3	`2022-01-06` - `2022-04-06`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://www.pay-detroitcityliving.furnished-apartment-toronto.com/
Frame ID: 65965820CACBF025637C85E660AB8A21
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/Bitcoin-Games-Net-102891872169703
Frame ID: 8BF7B3FAE5C85E46CDDA9231ACBAA349
Requests: 1 HTTP requests in this frame

Frame: https://c.blyatflix.de/nora/?t=1644735438
Frame ID: 224A7618545A7141B3B4290F6F1308FD
Requests: 1 HTTP requests in this frame

Frame: https://g.cash-ads.com/?nc=t2akfuM1IOjY2q9FWekBC7ZDbkWkPgtdL8Ztc4AALc8%3D
Frame ID: B48403623E5C3CF7036EF5D40F8CD134
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

14
Requests

64 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

70 kB
Transfer

238 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.apple.com/us/app/resident-center/id1466854902

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.buildium.resident.android

Search URL Search Domain Scan URL

URL: https://cityliving1.managebuilding.com/Resident/portal

Search URL Search Domain Scan URL

URL: https://cash-ads.com/?ref=1%2BuP05ILbiq4mECil15x5g%3D%3D
Title: Publisher?

Search URL Search Domain Scan URL

URL: https://advertiser.cash-ads.com/?ref=1%2BuP05ILbiq4mECil15x5g%3D%3D
Title: Advertiser?

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://c.blyatflix.de/nora/?t=1644735437 HTTP 302
https://www.facebook.com/Bitcoin-Games-Net-102891872169703

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.pay-detroitcityliving.furnished-apartment-toronto.com/ 2 KB
1 KB 291ms
111ms Document
text/html 69.89.31.136
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.pay-detroitcityliving.furnished-apartment-toronto.com/
Protocol: HTTP/1.1
Server: 69.89.31.136 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box336.bluehost.com
Software: Apache /
Resource Hash: bbf687f19d7e40d3d1fc5a6a29e210c69567da92acc1be6caabad0c05f4bea69

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

Date: Sun, 13 Feb 2022 06:57:17 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 06 Sep 2020 19:39:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 814
Keep-Alive: timeout=5, max=75
Content-Type: text/html

GET
H2 200 / Show response
g.cash-ads.com/layer/ 10 KB
3 KB 327ms
119ms Script
text/html 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/layer/?code=npMY%2FiiOBdsY%2BxQM19iL9Q%3D%3D

Requested by

Host: www.pay-detroitcityliving.furnished-apartment-toronto.com
URL: http://www.pay-detroitcityliving.furnished-apartment-toronto.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

d6f5ee1275b66455aa6462c3c0cd730182caa3b646ed2b02c8f5ea98a61523f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.pay-detroitcityliving.furnished-apartment-toronto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 06:57:17 GMT
content-encoding: gzip
server: nginx
x-frame-options: deny
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK residentcenterapp-apple.png
www.pay-detroitcityliving.furnished-apartment-toronto.com/ 8 KB
8 KB 110ms
110ms Image
image/png 69.89.31.136
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.pay-detroitcityliving.furnished-apartment-toronto.com/residentcenterapp-apple.png
Requested by: Host: www.pay-detroitcityliving.furnished-apartment-toronto.com
URL: http://www.pay-detroitcityliving.furnished-apartment-toronto.com/
Protocol: HTTP/1.1
Server: 69.89.31.136 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box336.bluehost.com
Software: Apache /
Resource Hash: 48bb42b031285b45b12d2fb0583f138abdac19d99eb0c1d8e253bbdb85d4d221

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.pay-detroitcityliving.furnished-apartment-toronto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 06:57:17 GMT
Last-Modified: Fri, 04 Oct 2019 14:46:44 GMT
Server: Apache
Accept-Ranges: bytes
Content-Type: image/png
Connection: Keep-Alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=74
Content-Length: 8250

GET
H/1.1 200
OK residentcenterapp-google.png
www.pay-detroitcityliving.furnished-apartment-toronto.com/ 6 KB
6 KB 106ms
105ms Image
image/png 69.89.31.136
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.pay-detroitcityliving.furnished-apartment-toronto.com/residentcenterapp-google.png
Requested by: Host: www.pay-detroitcityliving.furnished-apartment-toronto.com
URL: http://www.pay-detroitcityliving.furnished-apartment-toronto.com/
Protocol: HTTP/1.1
Server: 69.89.31.136 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box336.bluehost.com
Software: Apache /
Resource Hash: ac5f9cde98c8d329a455200d91ca0409a456b436769e3e9ae7597975ad334ef1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.pay-detroitcityliving.furnished-apartment-toronto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 06:57:17 GMT
Last-Modified: Fri, 04 Oct 2019 14:46:49 GMT
Server: Apache
Accept-Ranges: bytes
Content-Type: image/png
Connection: Keep-Alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=73
Content-Length: 5848

GET
H/1.1 200
OK PayWithoutApp.png
www.pay-detroitcityliving.furnished-apartment-toronto.com/ 16 KB
16 KB 105ms
105ms Image
image/png 69.89.31.136
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.pay-detroitcityliving.furnished-apartment-toronto.com/PayWithoutApp.png
Requested by: Host: www.pay-detroitcityliving.furnished-apartment-toronto.com
URL: http://www.pay-detroitcityliving.furnished-apartment-toronto.com/
Protocol: HTTP/1.1
Server: 69.89.31.136 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box336.bluehost.com
Software: Apache /
Resource Hash: 6c5ee1252dea1c1fa7b179fbd0ee11c3d5445a153145177a0cabdcc7b5a61a52

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.pay-detroitcityliving.furnished-apartment-toronto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 06:57:17 GMT
Last-Modified: Fri, 04 Oct 2019 15:39:47 GMT
Server: Apache
Accept-Ranges: bytes
Content-Type: image/png
Connection: Keep-Alive
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=72
Content-Length: 16608

GET
H2 200 jw.js Show response
c.blyatflix.de/ 2 KB
656 B 404ms
102ms Script
text/javascript 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.blyatflix.de/jw.js?de=yZX534BoHK8EA9UO

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/layer/?code=npMY%2FiiOBdsY%2BxQM19iL9Q%3D%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

13b3180d62eca8bdc9b3c32234f2f280b0b0b59b372154ad8913b229bac5b7a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pay-detroitcityliving.furnished-apartment-toronto.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 13 Feb 2022 06:57:17 GMT
content-encoding: gzip
vary: Accept-Encoding
server: nginx
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15768000; includeSubDomains
content-type: text/javascript; charset=utf-8

GET
H2

200

Bitcoin-Games-Net-102891872169703
www.facebook.com/ Frame 8BF7
Redirect Chain

https://c.blyatflix.de/nora/?t=1644735437
https://www.facebook.com/Bitcoin-Games-Net-102891872169703

0
0

116ms
78ms

Document
text/html

2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/Bitcoin-Games-Net-102891872169703

Requested by

Host: c.blyatflix.de
URL: https://c.blyatflix.de/jw.js?de=yZX534BoHK8EA9UO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: http://www.pay-detroitcityliving.furnished-apartment-toronto.com/

Response headers

vary: Accept-Encoding
content-encoding: br
accept-ch-lifetime: 4838400
accept-ch: sec-ch-prefers-color-scheme,viewport-width
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: VWkH6vzyoYs+7gsRA2ucyfndcCvU3hah1fEWZ9zYYUcDXhkyshJ4ZM1NPBT0kye5E99FFTPuJ94rbFokRSHdiw==
date: Sun, 13 Feb 2022 06:57:18 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

Redirect headers

server: nginx
date: Sun, 13 Feb 2022 06:57:18 GMT
content-type: text/html; charset=UTF-8
location: https://www.facebook.com/Bitcoin-Games-Net-102891872169703
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
c.blyatflix.de/nora/ Frame 224A 0
190 B 103ms
103ms Document
text/html 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.blyatflix.de/nora/?t=1644735438

Requested by

Host: c.blyatflix.de
URL: https://c.blyatflix.de/jw.js?de=yZX534BoHK8EA9UO

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: http://www.pay-detroitcityliving.furnished-apartment-toronto.com/

Response headers

server: nginx
date: Sun, 13 Feb 2022 06:57:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 /
thisis.aninter.net/ 160 KB
0 260ms
215ms Media
audio/mpeg 199.223.255.125
TURNKEY-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://thisis.aninter.net/?type=https

Requested by

Host: www.pay-detroitcityliving.furnished-apartment-toronto.com
URL: http://www.pay-detroitcityliving.furnished-apartment-toronto.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.223.255.125 , United States, ASN40244 (TURNKEY-INTERNET, US),

Reverse DNS

199-223-255-125.static.as40244.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.pay-detroitcityliving.furnished-apartment-toronto.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

icy-genre: Misc
date: Sun, 13 Feb 2022 06:57:18 GMT
icy-name: Hubu.FM | Radio Hunteburg
icy-notice2: Shoutcast DNAS/posix(linux x64) v2.6.1.777<BR>
icy-url: https://hubu.fm
icy-notice1: <BR>This stream requires <a href="http://www.winamp.com">Winamp</a><BR>
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
server: nginx
icy-br: 128
strict-transport-security: max-age=15768000; includeSubDomains
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
icy-sr: 44100
icy-pub: 1
accept-ranges: none

GET
H2 200 / Show response
g.cash-ads.com/ Frame B484 481 B
523 B 202ms
202ms Document
text/html 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/?nc=dEShAPcrp8yolQiOQyKsWgSOVHQsRLcCeybzGVbbfNc%3D

Requested by

Host: www.pay-detroitcityliving.furnished-apartment-toronto.com
URL: http://www.pay-detroitcityliving.furnished-apartment-toronto.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

b4336ec41c472709f590da14fe293ee35760c9bc7de7f120ac8feeca8d1cb96d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: http://www.pay-detroitcityliving.furnished-apartment-toronto.com/

Response headers

server: nginx
date: Sun, 13 Feb 2022 06:57:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 b1.jpg
g.cash-ads.com/img/ 28 KB
28 KB 202ms
201ms Image
image/jpeg 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.cash-ads.com/img/b1.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h109.hubuhost.com
Software: nginx /
Resource Hash: e49b46e8109d1609137959f802572bac4e67e6f11e993b90a9a91f02a3991e9b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.pay-detroitcityliving.furnished-apartment-toronto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Feb 2022 06:57:18 GMT
last-modified: Tue, 28 Jul 2020 00:38:56 GMT
server: nginx
etag: "5f1f73a0-6f0c"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 28428
expires: Sun, 20 Feb 2022 06:57:18 GMT

GET
H2 200 lds.gif
g.cash-ads.com/img/ Frame B484 5 KB
5 KB 101ms
101ms Image
image/gif 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.cash-ads.com/img/lds.gif
Requested by: Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=dEShAPcrp8yolQiOQyKsWgSOVHQsRLcCeybzGVbbfNc%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h109.hubuhost.com
Software: nginx /
Resource Hash: 5d8b123d692b5e61bc24ee0ec2134ed95bd2f5e9baa788180bee718fc00da8c4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://g.cash-ads.com/?nc=dEShAPcrp8yolQiOQyKsWgSOVHQsRLcCeybzGVbbfNc%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Feb 2022 06:57:18 GMT
last-modified: Thu, 21 Jan 2021 21:02:57 GMT
server: nginx
etag: "6009ec01-14bf"
content-type: image/gif
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 5311
expires: Sun, 20 Feb 2022 06:57:18 GMT

GET /
g.cash-ads.com/ Frame B484 0
0

GET
H2 200 x.png
g.cash-ads.com/img/ 578 B
780 B 101ms
100ms Image
image/png 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.cash-ads.com/img/x.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h109.hubuhost.com
Software: nginx /
Resource Hash: f99ec5195bb3174b4416402cde79ed86dc28ff5710ef480aa2ba549d10ea6baa

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://www.pay-detroitcityliving.furnished-apartment-toronto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Sun, 13 Feb 2022 06:57:19 GMT
last-modified: Tue, 28 Jul 2020 00:38:57 GMT
server: nginx
etag: "5f1f73a1-242"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 578
expires: Sun, 20 Feb 2022 06:57:19 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=t2akfuM1IOjY2q9FWekBC7ZDbkWkPgtdL8Ztc4AALc8%3D

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://g.cash-ads.com/layer/?code=npMY%2FiiOBdsY%2BxQM19iL9Q%3D%3D Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.blyatflix.de/jw.js?de=yZX534BoHK8EA9UO, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://g.cash-ads.com/layer/?code=npMY%2FiiOBdsY%2BxQM19iL9Q%3D%3D Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.blyatflix.de/jw.js?de=yZX534BoHK8EA9UO, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.blyatflix.de
g.cash-ads.com
thisis.aninter.net
www.facebook.com
www.pay-detroitcityliving.furnished-apartment-toronto.com
g.cash-ads.com
199.223.255.125
2a03:2880:f112:83:face:b00c:0:25de
5.9.20.91
69.89.31.136
13b3180d62eca8bdc9b3c32234f2f280b0b0b59b372154ad8913b229bac5b7a3
48bb42b031285b45b12d2fb0583f138abdac19d99eb0c1d8e253bbdb85d4d221
5d8b123d692b5e61bc24ee0ec2134ed95bd2f5e9baa788180bee718fc00da8c4
6c5ee1252dea1c1fa7b179fbd0ee11c3d5445a153145177a0cabdcc7b5a61a52
ac5f9cde98c8d329a455200d91ca0409a456b436769e3e9ae7597975ad334ef1
b4336ec41c472709f590da14fe293ee35760c9bc7de7f120ac8feeca8d1cb96d
bbf687f19d7e40d3d1fc5a6a29e210c69567da92acc1be6caabad0c05f4bea69
d6f5ee1275b66455aa6462c3c0cd730182caa3b646ed2b02c8f5ea98a61523f1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49b46e8109d1609137959f802572bac4e67e6f11e993b90a9a91f02a3991e9b
f99ec5195bb3174b4416402cde79ed86dc28ff5710ef480aa2ba549d10ea6baa

www.pay-detroitcityliving.furnished-apartment-toronto.com Open in urlscan Pro 69.89.31.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

14 Requests

64 %HTTPS

25 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

70 kBTransfer

238 kBSize

0 Cookies

5 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

www.pay-detroitcityliving.furnished-apartment-toronto.com Open in urlscan Pro
69.89.31.136 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

64 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

70 kB
Transfer

238 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions