mexa.sh Open in urlscan Pro
2606:4700:3035::ac43:b205 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mexa.sh/eh4roho631wa/Ani-RJ256315.part1.rar.html
Submission Tags: falconsandbox
Submission: On February 05 via api (February 5th 2022, 6:51:23 pm UTC) from US — Scanned from DE

Summary HTTP 71 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 17 domains to perform 71 HTTP transactions. The main IP is 2606:4700:3035::ac43:b205, located in United States and belongs to CLOUDFLARENET, US. The main domain is mexa.sh. The Cisco Umbrella rank of the primary domain is 722310.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 24th 2021. Valid for: a year.

This is the only time mexa.sh was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	2606:4700:303... 2606:4700:3035::ac43:b205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3034::6815:4ca0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:a5d5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::6815:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.2.181.154 52.2.181.154	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:303... 2606:4700:3038::6815:ead6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	204.237.133.116 204.237.133.116	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	18.66.122.39 18.66.122.39	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f14:b4f... 2600:1f14:b4f:4b03:4fa2:7755:ddb4:2837	16509 (AMAZON-02) (AMAZON-02)
2	3.219.151.28 3.219.151.28	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	35.163.34.104 35.163.34.104	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	67.27.159.121 67.27.159.121	3356 (LEVEL3) (LEVEL3)
1	136.243.51.205 136.243.51.205	24940 (HETZNER-AS) (HETZNER-AS)
8	67.27.1.249 67.27.1.249	3356 (LEVEL3) (LEVEL3)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	136.243.134.97 136.243.134.97	24940 (HETZNER-AS) (HETZNER-AS)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.102.28.254 104.102.28.254	() ()
71	26

26 2606:4700:3035::ac43:b205 (United States)

ASN13335 (CLOUDFLARENET, US)

mexa.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::6815:4ca0 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.netcatx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:a5d5 (United States)

ASN13335 (CLOUDFLARENET, US)

t.go2.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.2.181.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-181-154.compute-1.amazonaws.com

q.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ead6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.237.133.116 (Philadelphia, United States)

ASN3257 (GTT-BACKBONE GTT, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-39.fra60.r.cloudfront.net

pix.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:b4f:4b03:4fa2:7755:ddb4:2837 (Boardman, United States)

ASN16509 (AMAZON-02, US)

ipv6.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.219.151.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-151-28.compute-1.amazonaws.com

adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.163.34.104 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-34-104.us-west-2.compute.amazonaws.com

exchange.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.27.159.121 (United States)

ASN3356 (LEVEL3, US)

cdn.runative-syndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.51.205 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.205.51.243.136.clients.your-server.de

run-syndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 67.27.1.249 (United States)

ASN3356 (LEVEL3, US)

lcdn.tsyndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.134.97 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.97.134.243.136.clients.your-server.de

pxl.tsyndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.28.254 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	mexa.sh mexa.sh — Cisco Umbrella Rank: 722310	544 KB
12	tsyndicate.com lcdn.tsyndicate.com — Cisco Umbrella Rank: 12585 pxl.tsyndicate.com — Cisco Umbrella Rank: 15042	63 KB
6	adrta.com q.adrta.com — Cisco Umbrella Rank: 2574 pix.adrta.com — Cisco Umbrella Rank: 3492 ipv6.adrta.com — Cisco Umbrella Rank: 2709 adrta.com — Cisco Umbrella Rank: 1804	13 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 722 gum.criteo.com — Cisco Umbrella Rank: 369 mug.criteo.com — Cisco Umbrella Rank: 2864	7 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	40 KB
3	adtrue.com cdn.adtrue.com — Cisco Umbrella Rank: 48356 exchange.adtrue.com — Cisco Umbrella Rank: 34830	79 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	134 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 645	57 KB
2	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459 ads.pubmatic.com image6.pubmatic.com Failed	14 KB
2	netcatx.com cdn.netcatx.com — Cisco Umbrella Rank: 320916	3 KB
1	run-syndicate.com run-syndicate.com — Cisco Umbrella Rank: 33781	10 KB
1	runative-syndicate.com cdn.runative-syndicate.com — Cisco Umbrella Rank: 33224	3 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5557	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 96	341 B
1	google.com analytics.google.com — Cisco Umbrella Rank: 1062	341 B
1	cdn-adtrue.com cdn-adtrue.com — Cisco Umbrella Rank: 54253	906 B
1	go2.global t.go2.global — Cisco Umbrella Rank: 232947	2 KB
71	17

	Domain	Requested by
26	mexa.sh	mexa.sh
8	lcdn.tsyndicate.com	mexa.sh run-syndicate.com
4	pxl.tsyndicate.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	mexa.sh cdn-adtrue.com www.googletagmanager.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	cdn.adtrue.com static.criteo.net
2	adrta.com	pix.adrta.com
2	q.adrta.com	t.go2.global q.adrta.com
2	cdn.adtrue.com	t.go2.global mexa.sh
2	cdn.netcatx.com	mexa.sh
1	ads.pubmatic.com	cdn.adtrue.com
1	mug.criteo.com
1	run-syndicate.com	cdn.runative-syndicate.com
1	cdn.runative-syndicate.com	exchange.adtrue.com
1	exchange.adtrue.com	cdn.adtrue.com
1	www.google.de	mexa.sh
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	ipv6.adrta.com	pix.adrta.com
1	pix.adrta.com	q.adrta.com
1	hbopenbid.pubmatic.com	cdn.adtrue.com
1	bidder.criteo.com	cdn.adtrue.com
1	cdn-adtrue.com	t.go2.global
1	t.go2.global	mexa.sh
0	image6.pubmatic.com Failed	ads.pubmatic.com
71	26

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-24` - `2022-06-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
go2.global Cloudflare Inc ECC CA-3	`2021-05-01` - `2022-04-30`	a year	crt.sh
*.adtrue.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-08-14`	2 years	crt.sh
*.adrta.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-10` - `2022-06-10`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
cdn.runative-syndicate.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-22` - `2022-07-23`	a year	crt.sh
run-syndicate.com R3	`2022-01-12` - `2022-04-12`	3 months	crt.sh
lcdn.tsyndicate.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-26` - `2022-03-29`	a year	crt.sh
tsyndicate.com R3	`2022-01-12` - `2022-04-12`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://mexa.sh/eh4roho631wa/Ani-RJ256315.part1.rar.html
Frame ID: 159A4C284E8CB70FAD94E0AED6E87499
Requests: 30 HTTP requests in this frame

Frame: https://t.go2.global/tag/impress_v2?pzoneid=20333&ref=https://mexa.sh/eh4roho631wa/Ani-RJ256315.part1.rar.html&cb=2082139860
Frame ID: BEC4721C23CF3201BE0A004FD3606789
Requests: 20 HTTP requests in this frame

Frame: https://cdn.netcatx.com/adxchange/px.html
Frame ID: ADF92DE9B4449C5EC6C3CAD7157AEBDF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: B924C60409C34DBE4A4FF037E89AD3A9
Requests: 3 HTTP requests in this frame

Frame: https://run-syndicate.com/iframes2/a2cffae7ad0d4c2fbd12a6dade538e96.html?keywords=Ani,part,rar&adb=0&clientjs=1&w=1600&h=1200
Frame ID: 701D13B6ABFB3457C637D0AF7BE752DF
Requests: 14 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=mexa.sh
Frame ID: E27AA33FA3714A3E2807AB091A50A49E
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D1E8C032E478EBD5DE68706B0D971DED
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download Ani-RJ256315 part1 rar