tsyndicate.com - urlscan.io

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 2606:4700::6811:2f6b, located in United States and belongs to CLOUDFLARENET, US. The main domain is tsyndicate.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 6th 2020. Valid for: 6 months.

This is the only time tsyndicate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700::68... 2606:4700::6811:2f6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	8.238.35.121 8.238.35.121	3356 (LEVEL3) (LEVEL3)
1	74.117.181.156 74.117.181.156	40824 (WZCOM-) (WZCOM-)
4	3

2 2606:4700::6811:2f6b (United States)

ASN13335 (CLOUDFLARENET, US)

tsyndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pxl.tsyndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.238.35.121 (United States)

ASN3356 (LEVEL3, US)

lcdn.tsyndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.117.181.156 (Fort Lauderdale, United States)

ASN40824 (WZCOM-, US)

n1272adserv.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	tsyndicate.com tsyndicate.com lcdn.tsyndicate.com pxl.tsyndicate.com	11 KB
1	n1272adserv.xyz n1272adserv.xyz
4	2

	Domain	Requested by
1	pxl.tsyndicate.com	tsyndicate.com
1	n1272adserv.xyz	tsyndicate.com
1	lcdn.tsyndicate.com
1	tsyndicate.com
4	4

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-04-06` - `2020-10-09`	6 months	crt.sh
lcdn.tsyndicate.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-20` - `2021-03-20`	a year	crt.sh
n1272adserv.xyz Let's Encrypt Authority X3	`2020-02-24` - `2020-05-24`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://tsyndicate.com/iframes2/f07b45a478b7418aa7fdf73af254a56e.html?keywords=ads
Frame ID: 77936917A705065CE1448D12F57D00C9
Requests: 3 HTTP requests in this frame

Frame: https://n1272adserv.xyz/dfbea?key=6744f704b92c77a58cf5e285410c71e4&ch=&plWidth=300&plHeight=250&cp.var1=197417&cp.var2=1479979&cp.var3=General&cp.var4=979&cp.var5=pornhat.com&cp.var6=5464&cp.var7={epom}&cp.var8={banner_id}&cp.var9=882&cp.var10={flow_id}
Frame ID: 99DD8D15E996C6C5BEBC8F626370FFEB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

4
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

4
Subdomains

3
IPs

1
Countries

11 kB
Transfer

10 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request f07b45a478b7418aa7fdf73af254a56e.html Show response tsyndicate.com/iframes2/	5 KB 6 KB	73ms 69ms	Document text/html	2606:4700::6811:2f6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/f07b45a478b7418aa7fdf73af254a56e.html?keywords=ads Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6811:2f6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1d315af31894811e0fe8a9fafdcb74997f0c895ed48a597b6611e30b28802855` Request headers :method GET :authority tsyndicate.com :scheme https :path /iframes2/f07b45a478b7418aa7fdf73af254a56e.html?keywords=ads pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Fri, 15 May 2020 07:33:15 GMT content-type text/html; charset=utf-8 content-length 5334 set-cookie __cfduid=d1ed9c18eb443f1591f01f1bb90e83b901589527995; expires=Sun, 14-Jun-20 07:33:15 GMT; path=/; domain=.tsyndicate.com; HttpOnly; SameSite=Lax bfq=e0SIEaFjSwwaN3LkUNiFhYgxBQ86FFFGYowaOHLYQDgjR40ufRQE; expires=Sat, 16 May 2020 07:33:15 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None ts_uid=7df665c4-bd13-4af9-9cde-7f83fb0cf949; expires=Wed, 15 May 2030 07:33:15 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None ts_s=e397c6b4-4db5-43f3-ac0a-65799b13d8e6; expires=Fri, 15 May 2020 07:33:15 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None cache-control no-cache, no-store, no-transform, must-revalidate no-transform pragma no-cache expires 0 vary * link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script x-request-id 593b2b73e8bcc272-FRA x-robots-tag none noindex, nofollow cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 593b2b73e8bcc272-FRA cf-request-id 02b8d97c6e0000c2722137c200000001
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/	5 KB 5 KB	301ms 89ms	Script application/javascript	8.238.35.121 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.238.35.121 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash `e09a6bffb9daaa19075aad318b579916b3b9acfeea54484946feeaccc2a191cc` Request headers Referer https://tsyndicate.com/iframes2/f07b45a478b7418aa7fdf73af254a56e.html?keywords=ads User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 15 May 2020 07:33:15 GMT last-modified Mon, 13 Apr 2020 06:58:56 GMT server nginx age 2740974 etag "5e940db0-138e" content-type application/javascript status 200 accept-ranges bytes x-robots-tag noindex, nofollow content-length 5006
GET H/1.1	200	Cookie set dfbea n1272adserv.xyz/ Frame 99DD	0 0	2180ms 451ms	Document text/html	74.117.181.156 WZCOM-
General Check archive.org Show headers Download Go to Full URL https://n1272adserv.xyz/dfbea?key=6744f704b92c77a58cf5e285410c71e4&ch=&plWidth=300&plHeight=250&cp.var1=197417&cp.var2=1479979&cp.var3=General&cp.var4=979&cp.var5=pornhat.com&cp.var6=5464&cp.var7={epom}&cp.var8={banner_id}&cp.var9=882&cp.var10={flow_id} Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/f07b45a478b7418aa7fdf73af254a56e.html?keywords=ads Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 74.117.181.156 Fort Lauderdale, United States, ASN40824 (WZCOM-, US), Reverse DNS Software / Resource Hash Request headers Host n1272adserv.xyz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://tsyndicate.com/iframes2/f07b45a478b7418aa7fdf73af254a56e.html?keywords=ads Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://tsyndicate.com/iframes2/f07b45a478b7418aa7fdf73af254a56e.html?keywords=ads Response headers Access-Control-Allow-Origin * Cache-Control no-cache Pragma no-cache Expires Thu, 01 Jan 1970 00:00:00 GMT P3P CP="CAO PSA OUR" Set-Cookie UUID=58305670-967e-11ea-bd1d-02426a7dad37; Domain=.n1272adserv.xyz; Expires=Sun, 15-May-2022 07:33:17 GMT; Path=/; Secure; SameSite=None Content-Type text/html;charset=UTF-8 Transfer-Encoding chunked Content-Encoding gzip Vary Accept-Encoding Date Fri, 15 May 2020 07:33:17 GMT
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/	24 B 260 B	16ms 16ms	Script text/javascript	2606:4700::6811:2f6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?r=1&s=39ec1fca473c323140f9fc20d4d873c01072cd529e182ee008e2bc264276faad1589527995&p=e0SEGUNHhI4YLETQOXNwYIwyMGyUkYGjhZgbY2y0oGEjxkYcOMbkaCGjzJiIY2aQoRGjhhgRCsPUGeOwTI0wN2jMqBGjBQ4zMny2rEGjRQ4YIVvMGCOmho0aZgjKGBlzIBk7B2_IUAinDkyEMXDQyCETDpyDRW3QUDgHjkEdM2yMrSHDhsIxbdAizKEzxg2ZZMwcTChCjBs3hGncyNG3rIg2bhrqsAGjRtfIk7cyVlgnhkM0dOjAmaPjxQs3MWRsDUNmThk5dlzgyaPnhWAxZcL8WFMmTw8bOmmYuQGDhpgcVG_cCFNDpJkaFHEUjQFjzA2INLjUgQHD7hg0PbZ3twuHzZU0ZOiEn9F9vHcb5pGUSXMmdA8ZNWC8_w7HhZ0w5Iihhxj6aukG_mwYwz8A5ZCBwMUaYyzBBf8LcIYejijDDdjCYINCBgOkoQfHQLRQjhp6gOMNOdxAIww6XBjjjTZMbNCGHtTSjjv4Kmzwhh72KGPFNvqwMUAcghQjDMRg-yI9I3ns78QceghJhiMFhCFIM9h4444nyejDKjLySEwHOuSoowyFyKDRoRVbfDHGGduwagwYD9pihhi66EqOmhBy4QY-b5guh52me8qlG8powbK24JCDsEELPTTRGhatodFHLxMhtr1iKOwkOOzUAQYXYPjL0hoQnUFRj5zrrI40HLpBMBugGsMoMciIYQaOwjCDpBzGIMPRG8zAYQYzxLBuWLKsem0Oh5CKoVkxgnt0jOk4smGli2Aow1EynMpBJBwygkGMGaxKYy8RZAhDVR2Gw4EvGXSgjgYddJDBqjrCcKiJN_RIgw02wnihhlRBQKEJgtJwg4435kBjBxCSmLgMNkCAeAwQnpgCBCxAqO6LGGj4ooYUQAjiLDbKuKIMMZZIg46FZ7jBBbkcXgIJKppgggUQ2EijNxA0HGONN1oeAg05aCzjBZ1S5XmrHFz4KAcQphA2wDRy3lmuOwMVgYgirJLjjDP7KowNs4twgsyoCVOo4oNmaCs2h6KmA0YWW6jDjZtLssEFMsZQjUyzj_0i8cUVosNUl3DIoS7GLleoDDu-8BA2OqjVYc8--1AgIA==&d=2496&priv=false&w=t Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/f07b45a478b7418aa7fdf73af254a56e.html?keywords=ads Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6811:2f6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a` Request headers Referer https://tsyndicate.com/iframes2/f07b45a478b7418aa7fdf73af254a56e.html?keywords=ads User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 15 May 2020 07:33:18 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/javascript; charset=utf-8 status 200 x-robots-tag noindex, nofollow cf-ray 593b2b85cad8c272-FRA content-length 24 cf-request-id 02b8d9879c0000c27221013200000001

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.n1272adserv.xyz/	1970-01-19 18:17:43	Name: ubv Value: MTA4fDczNzV8Rkl8M3wyfHxkbUZ5TVEqTVRrM05ERTN-ZG1GeU1nKk1UUTNPVGszT1F-ZG1GeU13KlIyVnVaWEpoYkF-ZG1GeU5BKk9UYzV-ZG1GeU5RKmNHOXlibWhoZEM1amIyMH5kbUZ5TmcqTlRRMk5BfmRtRnlOdyplMlZ3YjIxOX5kbUZ5T0EqZTJKaGJtNWxjbDlwWkgwfmRtRnlPUSpPRGd5fmRtRnlNVEEqZTJac2IzZGZhV1I5fGE1MGJhN2s4MWgwNHx8fA-1589527998145--
.n1272adserv.xyz/	1970-01-19 18:17:43	Name: ucv Value: 185-FI-1589614398145-24--
.n1272adserv.xyz/	1970-01-20 03:03:19	Name: UUID Value: 58305670-967e-11ea-bd1d-02426a7dad37
.tsyndicate.com/	1970-01-19 10:15:19	Name: __cfduid Value: d3174dcdf71f2874c375b3ad7fe2e2cb31589527998

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

lcdn.tsyndicate.com
n1272adserv.xyz
pxl.tsyndicate.com
tsyndicate.com
2606:4700::6811:2f6b
74.117.181.156
8.238.35.121
1d315af31894811e0fe8a9fafdcb74997f0c895ed48a597b6611e30b28802855
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
e09a6bffb9daaa19075aad318b579916b3b9acfeea54484946feeaccc2a191cc

tsyndicate.com Open in urlscan Pro 2606:4700::6811:2f6b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

4 Requests

100 %HTTPS

33 %IPv6

2 Domains

4 Subdomains

3 IPs

1 Countries

11 kBTransfer

10 kBSize

4 Cookies

0 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

4 Cookies

Indicators

tsyndicate.com Open in urlscan Pro
2606:4700::6811:2f6b Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

4
Subdomains

3
IPs

1
Countries

11 kB
Transfer

10 kB
Size

4
Cookies

4 HTTP transactions
0 data transactions