URL: http://airroutine.com/trk/webversion.php?lg=nta2nZy2lvbuoZS5os0Xos0XodS7lte7oZy3mtu7o2G7o3i7o2PVyNnpzMzLCG==
Submission: On October 29 via manual from ES

Summary

This website contacted 4 IPs in 4 countries across 4 domains to perform 7 HTTP transactions. The main IP is 51.68.138.35, located in United Kingdom and belongs to OVH, FR. The main domain is airroutine.com.
This is the only time airroutine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 51.68.138.35 16276 (OVH)
2 164.132.59.106 16276 (OVH)
1 2 172.217.23.166 15169 (GOOGLE)
2 54.77.50.184 16509 (AMAZON-02)
7 4
Apex Domain
Subdomains
Transfer
3 airroutine.com
airroutine.com
3 KB
2 cookieduweb.com
shopping.cookieduweb.com
656 B
2 doubleclick.net
ad.doubleclick.net
683 B
2 jobsoffer.net
cdn.jobsoffer.net
156 KB
7 4
Domain Requested by
3 airroutine.com 1 redirects airroutine.com
2 shopping.cookieduweb.com airroutine.com
2 ad.doubleclick.net 1 redirects airroutine.com
2 cdn.jobsoffer.net airroutine.com
7 4

This site contains no links.

Subject Issuer Validity Valid
cdn.country-events.com
Let's Encrypt Authority X3
2018-09-02 -
2018-12-01
3 months crt.sh
*.doubleclick.net
Google Internet Authority G3
2018-10-09 -
2019-01-01
3 months crt.sh

This page contains 1 frames:

Frame: http://shopping.cookieduweb.com/aff_c?offer_id=1795&aff_id=1519&file_id=4265&aff_sub5=;
Frame ID: 9FA997A109DA4DFF7DAE9AD5BEA5ACEA
Requests: 7 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

7
Requests

43 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

4
Countries

159 kB
Transfer

162 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://ad.doubleclick.net/ddm/trackimp/N534601.3347355CLICKLAB/B21881415.232401817;dc_trk_aid=430104597;dc_trk_cid=107814408;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N534601.3347355CLICKLAB/B21881415.232401817;dc_pre=COjbla_Gq94CFcaxewodZQoH7A;dc_trk_aid=430104597;dc_trk_cid=107814408;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 5
  • http://airroutine.com/trk/click.php?lg=nta2nZy2lvbuoZS5os0Xos0XodS7mJyYoZS2nZe1oZTOoZS7o2PVyNnpzMzLCG== HTTP 302
  • http://shopping.cookieduweb.com/aff_c?offer_id=1795&aff_id=1519&file_id=4265&aff_sub5=;

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request webversion.php
airroutine.com/trk/
7 KB
2 KB
Document
General
Full URL
http://airroutine.com/trk/webversion.php?lg=nta2nZy2lvbuoZS5os0Xos0XodS7lte7oZy3mtu7o2G7o3i7o2PVyNnpzMzLCG==
Protocol
HTTP/1.1
Server
51.68.138.35 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
costa35.airroutine.com
Software
nginx / PHP/5.6.38
Resource Hash
18bf7436533f79d19f612672775fc6a8b339eeceeecb644687fbb7746d904655

Request headers

Host
airroutine.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Mon, 29 Oct 2018 11:30:36 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
X-Powered-By
PHP/5.6.38
refresh
3;url=http://airroutine.com/trk/click.php?lg=nta2nZy2lvbuoZS5os0Xos0XodS7mJyYoZS2nZe1oZTOoZS7o2PVyNnpzMzLCG==
Content-Encoding
gzip
0_8a0bf7321dd972a45535c79ba85fdc8d71c360090a82218df0c397584bbbe9eb.jpg
cdn.jobsoffer.net/img/6715/
93 KB
94 KB
Image
General
Full URL
https://cdn.jobsoffer.net/img/6715/0_8a0bf7321dd972a45535c79ba85fdc8d71c360090a82218df0c397584bbbe9eb.jpg
Requested by
Host: airroutine.com
URL: http://airroutine.com/trk/webversion.php?lg=nta2nZy2lvbuoZS5os0Xos0XodS7lte7oZy3mtu7o2G7o3i7o2PVyNnpzMzLCG==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.132.59.106 , France, ASN16276 (OVH, FR),
Reverse DNS
106.ip-164-132-59.eu
Software
nginx /
Resource Hash
e8685a613f0eefdc54311c3f514c9e720d3f1f013f8f44162998f7986234ca95

Request headers

Referer
http://airroutine.com/trk/webversion.php?lg=nta2nZy2lvbuoZS5os0Xos0XodS7lte7oZy3mtu7o2G7o3i7o2PVyNnpzMzLCG==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 29 Oct 2018 11:30:37 GMT
Last-Modified
Fri, 26 Oct 2018 14:51:46 GMT
Server
nginx
ETag
"5bd32a02-17532"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
95538
Expires
Thu, 31 Dec 2037 23:55:55 GMT
B21881415.232401817;dc_pre=COjbla_Gq94CFcaxewodZQoH7A;dc_trk_aid=430104597;dc_trk_cid=107814408;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N534601.3347355CLICKLAB/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N534601.3347355CLICKLAB/B21881415.232401817;dc_trk_aid=430104597;dc_trk_cid=107814408;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
  • https://ad.doubleclick.net/ddm/trackimp/N534601.3347355CLICKLAB/B21881415.232401817;dc_pre=COjbla_Gq94CFcaxewodZQoH7A;dc_trk_aid=430104597;dc_trk_cid=107814408;ord=[timestamp];dc_lat=;dc_rdid=;tag_...
42 B
317 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N534601.3347355CLICKLAB/B21881415.232401817;dc_pre=COjbla_Gq94CFcaxewodZQoH7A;dc_trk_aid=430104597;dc_trk_cid=107814408;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Requested by
Host: airroutine.com
URL: http://airroutine.com/trk/webversion.php?lg=nta2nZy2lvbuoZS5os0Xos0XodS7lte7oZy3mtu7o2G7o3i7o2PVyNnpzMzLCG==
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.23.166 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f166.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://airroutine.com/trk/webversion.php?lg=nta2nZy2lvbuoZS5os0Xos0XodS7lte7oZy3mtu7o2G7o3i7o2PVyNnpzMzLCG==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Oct 2018 11:30:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Oct 2018 11:30:37 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N534601.3347355CLICKLAB/B21881415.232401817;dc_pre=COjbla_Gq94CFcaxewodZQoH7A;dc_trk_aid=430104597;dc_trk_cid=107814408;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
aff_i
shopping.cookieduweb.com/
43 B
346 B
Image
General
Full URL
http://shopping.cookieduweb.com/aff_i?offer_id=1795&aff_id=1519&file_id=4265&aff_sub5=;
Requested by
Host: airroutine.com
URL: http://airroutine.com/trk/webversion.php?lg=nta2nZy2lvbuoZS5os0Xos0XodS7lte7oZy3mtu7o2G7o3i7o2PVyNnpzMzLCG==
Protocol
HTTP/1.1
Server
54.77.50.184 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-77-50-184.eu-west-1.compute.amazonaws.com
Software
nginx/1.13.12 /
Resource Hash
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

Referer
http://airroutine.com/trk/webversion.php?lg=nta2nZy2lvbuoZS5os0Xos0XodS7lte7oZy3mtu7o2G7o3i7o2PVyNnpzMzLCG==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 29 Oct 2018 11:30:37 GMT
Server
nginx/1.13.12
tracking_id
102ce42fddefdb4a27e2d5b1577be9
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Sat, 26 Jul 1997 05:00:00 GMT
1_0fc65e3d95e829e32cfd917d0be5d4d4c8984386094647626c7e23032228815d.png
cdn.jobsoffer.net/img/6715/
62 KB
62 KB
Image
General
Full URL
https://cdn.jobsoffer.net/img/6715/1_0fc65e3d95e829e32cfd917d0be5d4d4c8984386094647626c7e23032228815d.png
Requested by
Host: airroutine.com
URL: http://airroutine.com/trk/webversion.php?lg=nta2nZy2lvbuoZS5os0Xos0XodS7lte7oZy3mtu7o2G7o3i7o2PVyNnpzMzLCG==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
164.132.59.106 , France, ASN16276 (OVH, FR),
Reverse DNS
106.ip-164-132-59.eu
Software
nginx /
Resource Hash
4ba5aecd3de07647083f62020598d18ed159f6fffb5d6014b2fe9997b672dba6

Request headers

Referer
http://airroutine.com/trk/webversion.php?lg=nta2nZy2lvbuoZS5os0Xos0XodS7lte7oZy3mtu7o2G7o3i7o2PVyNnpzMzLCG==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 29 Oct 2018 11:30:37 GMT
Last-Modified
Fri, 26 Oct 2018 14:51:46 GMT
Server
nginx
ETag
"5bd32a02-f69a"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
63130
Expires
Thu, 31 Dec 2037 23:55:55 GMT
print.php
airroutine.com/trk/
43 B
233 B
Image
General
Full URL
http://airroutine.com/trk/print.php?lg=nta2nZy2lvbuoZS5os0Xos0XodS7lte7oZy3mtu7o2G7o3i7o2PVyNnpzMzLCG==
Requested by
Host: airroutine.com
URL: http://airroutine.com/trk/webversion.php?lg=nta2nZy2lvbuoZS5os0Xos0XodS7lte7oZy3mtu7o2G7o3i7o2PVyNnpzMzLCG==
Protocol
HTTP/1.1
Server
51.68.138.35 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
costa35.airroutine.com
Software
nginx / PHP/5.6.38
Resource Hash
dd5bdccb831d1b19c505bd3e67553f6049cea2e20dba7eb231a02ed0103e521f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
airroutine.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://airroutine.com/trk/webversion.php?lg=nta2nZy2lvbuoZS5os0Xos0XodS7lte7oZy3mtu7o2G7o3i7o2PVyNnpzMzLCG==
Connection
keep-alive
Cache-Control
no-cache
Referer
http://airroutine.com/trk/webversion.php?lg=nta2nZy2lvbuoZS5os0Xos0XodS7lte7oZy3mtu7o2G7o3i7o2PVyNnpzMzLCG==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 29 Oct 2018 11:30:37 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.6.38
Content-Length
43
Keep-Alive
timeout=60
Content-Type
image/gif
aff_c
shopping.cookieduweb.com/
Redirect Chain
  • http://airroutine.com/trk/click.php?lg=nta2nZy2lvbuoZS5os0Xos0XodS7mJyYoZS2nZe1oZTOoZS7o2PVyNnpzMzLCG==
  • http://shopping.cookieduweb.com/aff_c?offer_id=1795&aff_id=1519&file_id=4265&aff_sub5=;
0
310 B
Document
General
Full URL
http://shopping.cookieduweb.com/aff_c?offer_id=1795&aff_id=1519&file_id=4265&aff_sub5=;
Protocol
HTTP/1.1
Server
54.77.50.184 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-77-50-184.eu-west-1.compute.amazonaws.com
Software
nginx/1.13.12 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
shopping.cookieduweb.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://airroutine.com/trk/webversion.php?lg=nta2nZy2lvbuoZS5os0Xos0XodS7lte7oZy3mtu7o2G7o3i7o2PVyNnpzMzLCG==
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://airroutine.com/trk/webversion.php?lg=nta2nZy2lvbuoZS5os0Xos0XodS7lte7oZy3mtu7o2G7o3i7o2PVyNnpzMzLCG==

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Date
Mon, 29 Oct 2018 11:30:40 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Server
nginx/1.13.12
tracking_id
102ebfb460522b46e85e6a9e5a8c5b
X-Robots-Tag
noindex, nofollow
Content-Length
0
Connection
keep-alive

Redirect headers

Server
nginx
Date
Mon, 29 Oct 2018 11:30:40 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=60
X-Powered-By
PHP/5.6.38
Location
http://shopping.cookieduweb.com/aff_c?offer_id=1795&aff_id=1519&file_id=4265&aff_sub5=;

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies