urlscan.io logo urlscan.io
SecurityTrails logo

dsp.mo.gamsai.com Open in urlscan Pro
62.204.71.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://downloader.wonderful-day.club/4ebf7308-89df-4220-b1ac-6279cdc66676?zoneid=5871383&campaignid=6849801&browser=safari&browserver...
Effective URL: https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803b...
Submission: On February 25 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 17 HTTP transactions. The main IP is 62.204.71.10, located in Amsterdam, Netherlands and belongs to PROLOCATION Prolocation, NL. The main domain is dsp.mo.gamsai.com.
TLS certificate: Issued by R3 on February 11th 2024. Valid for: 3 months.
This is the only time dsp.mo.gamsai.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.184.38.55 16509 (AMAZON-02)
12 62.204.71.10 41887 (PROLOCATI...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
17 6
1    18.184.38.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com
downloader.wonderful-day.club
12    62.204.71.10 (Amsterdam, Netherlands)

ASN41887 (PROLOCATION Prolocation, NL)
dsp.mo.gamsai.com
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
12 gamsai.com
dsp.mo.gamsai.com
300 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
170 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6553
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 85
246 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2663
255 B
1 wonderful-day.club
downloader.wonderful-day.club
715 B
17 6
Domain Requested by
12 dsp.mo.gamsai.com dsp.mo.gamsai.com
2 www.googletagmanager.com dsp.mo.gamsai.com
www.googletagmanager.com
1 www.google.de dsp.mo.gamsai.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 downloader.wonderful-day.club 1 redirects
17 6

This site contains no links.

Subject Issuer Validity Valid
dsp.mo.gamsai.com
R3		 2024-02-11 -
2024-05-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
Frame ID: B060D78109A95C92741A75B2640B3060
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

dsp.mo.gamsai.com

Page URL History Show full URLs

  1. https://downloader.wonderful-day.club/4ebf7308-89df-4220-b1ac-6279cdc66676?zoneid=5871383&campaignid=6849801&brows... HTTP 302
    https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-4... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

17
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

470 kB
Transfer

793 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://downloader.wonderful-day.club/4ebf7308-89df-4220-b1ac-6279cdc66676?zoneid=5871383&campaignid=6849801&browser=safari&browserversion=16&language=en&osversion=ios11&useragent=Mozilla/5.0%20(iPhone;%20CPU%20iPhone%20OS%2011_0%20like%20Mac%20OS%20X)%20AppleWebKit/604.1.38%20(KHTML,%20like%20Gecko)%20Version/16.4%20Mobile/15A372%20Safari/604.1&user_activity=high&ad=propellerads_DC_15-3&bo=iphone&cost=0.059676&visitor_id=673177879861011005&rdk=rk1 HTTP 302
    https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/
Redirect Chain
  • https://downloader.wonderful-day.club/4ebf7308-89df-4220-b1ac-6279cdc66676?zoneid=5871383&campaignid=6849801&browser=safari&browserversion=16&language=en&osversion=ios11&useragent=Mozilla/5.0%20(iP...
  • https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__...
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.204.71.10 Amsterdam, Netherlands, ASN41887 (PROLOCATION Prolocation, NL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f2e57a25809efcbb2eead151c740fb96a91bdd45bd190af7bb0f9724294c901f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/16.4 Mobile/15A372 Safari/604.1
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, must-revalidate, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 25 Feb 2024 04:26:32 GMT
expires
Sun, 25 Feb 2024 04:26:32 GMT
server
nginx/1.18.0 (Ubuntu)
x-backend
Portal01

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Sun, 25 Feb 2024 04:26:32 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
pragma
no-cache
server
nginx
roboto-v20-latin-100.woff2
dsp.mo.gamsai.com/campaignbuilder/build/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dsp.mo.gamsai.com/campaignbuilder/build/fonts/roboto-v20-latin-100.woff2
Requested by
Host: dsp.mo.gamsai.com
URL: https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.204.71.10 Amsterdam, Netherlands, ASN41887 (PROLOCATION Prolocation, NL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
12823d585605238121554aff8bb060a235dc36f37efd9fb1e7e6ea1a9622bc35

Request headers

Referer
https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
Origin
https://dsp.mo.gamsai.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/16.4 Mobile/15A372 Safari/604.1

Response headers

date
Sun, 25 Feb 2024 04:26:32 GMT
last-modified
Tue, 20 Feb 2024 07:41:59 GMT
server
nginx/1.18.0 (Ubuntu)
x-backend
Portal01
etag
"65d457c7-3dc0"
vary
Accept
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
15808
roboto-v20-latin-regular.woff2
dsp.mo.gamsai.com/campaignbuilder/build/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dsp.mo.gamsai.com/campaignbuilder/build/fonts/roboto-v20-latin-regular.woff2
Requested by
Host: dsp.mo.gamsai.com
URL: https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.204.71.10 Amsterdam, Netherlands, ASN41887 (PROLOCATION Prolocation, NL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Request headers

Referer
https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
Origin
https://dsp.mo.gamsai.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/16.4 Mobile/15A372 Safari/604.1

Response headers

date
Sun, 25 Feb 2024 04:26:32 GMT
last-modified
Tue, 20 Feb 2024 07:41:59 GMT
server
nginx/1.18.0 (Ubuntu)
x-backend
Portal01
etag
"65d457c7-3d78"
vary
Accept
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
15736
roboto-v20-latin-700.woff2
dsp.mo.gamsai.com/campaignbuilder/build/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dsp.mo.gamsai.com/campaignbuilder/build/fonts/roboto-v20-latin-700.woff2
Requested by
Host: dsp.mo.gamsai.com
URL: https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.204.71.10 Amsterdam, Netherlands, ASN41887 (PROLOCATION Prolocation, NL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Request headers

Referer
https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
Origin
https://dsp.mo.gamsai.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/16.4 Mobile/15A372 Safari/604.1

Response headers

date
Sun, 25 Feb 2024 04:26:32 GMT
last-modified
Tue, 20 Feb 2024 07:41:59 GMT
server
nginx/1.18.0 (Ubuntu)
x-backend
Portal01
etag
"65d457c7-3dc8"
vary
Accept
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
15816
def.bundle.css
dsp.mo.gamsai.com/campaignbuilder/build/css/ 		42 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dsp.mo.gamsai.com/campaignbuilder/build/css/def.bundle.css
Requested by
Host: dsp.mo.gamsai.com
URL: https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.204.71.10 Amsterdam, Netherlands, ASN41887 (PROLOCATION Prolocation, NL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
aa819b0fce5afd33f07309e5cc94c7ead214e16dd51e951417ccaafc74af213c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/16.4 Mobile/15A372 Safari/604.1

Response headers

date
Sun, 25 Feb 2024 04:26:32 GMT
last-modified
Tue, 20 Feb 2024 07:41:59 GMT
server
nginx/1.18.0 (Ubuntu)
x-backend
Portal01
etag
"65d457c7-a76d"
content-type
text/css
accept-ranges
bytes
content-length
42861
campaign.bundle.css
dsp.mo.gamsai.com/campaignbuilder/dist/23_do_blue-folder_1/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dsp.mo.gamsai.com/campaignbuilder/dist/23_do_blue-folder_1/campaign.bundle.css
Requested by
Host: dsp.mo.gamsai.com
URL: https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.204.71.10 Amsterdam, Netherlands, ASN41887 (PROLOCATION Prolocation, NL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7b03587c344c4a9216a0f3ba61015a66ab17e937d098bf1fa8a8049284c07f18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/16.4 Mobile/15A372 Safari/604.1

Response headers

date
Sun, 25 Feb 2024 04:26:32 GMT
last-modified
Wed, 21 Feb 2024 10:14:24 GMT
server
nginx/1.18.0 (Ubuntu)
x-backend
Portal01
etag
"65d5cd00-918"
content-type
text/css
accept-ranges
bytes
content-length
2328
countries.bundle.css
dsp.mo.gamsai.com/campaignbuilder/build/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dsp.mo.gamsai.com/campaignbuilder/build/css/countries.bundle.css
Requested by
Host: dsp.mo.gamsai.com
URL: https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.204.71.10 Amsterdam, Netherlands, ASN41887 (PROLOCATION Prolocation, NL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b5a148cb0d4a5521eded4e61d3d044eb840f50647c1ed445ad1092debec5f517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/16.4 Mobile/15A372 Safari/604.1

Response headers

date
Sun, 25 Feb 2024 04:26:32 GMT
last-modified
Tue, 20 Feb 2024 07:41:59 GMT
server
nginx/1.18.0 (Ubuntu)
x-backend
Portal01
etag
"65d457c7-6db"
content-type
text/css
accept-ranges
bytes
content-length
1755
brokers.bundle.css
dsp.mo.gamsai.com/campaignbuilder/build/css/ 		167 B
315 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dsp.mo.gamsai.com/campaignbuilder/build/css/brokers.bundle.css
Requested by
Host: dsp.mo.gamsai.com
URL: https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.204.71.10 Amsterdam, Netherlands, ASN41887 (PROLOCATION Prolocation, NL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b4e453048b682fc43f24d9ab26b8b1a9be74d3036c81fa37b0f80780903f76ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/16.4 Mobile/15A372 Safari/604.1

Response headers

date
Sun, 25 Feb 2024 04:26:32 GMT
last-modified
Tue, 20 Feb 2024 07:41:59 GMT
server
nginx/1.18.0 (Ubuntu)
x-backend
Portal01
etag
"65d457c7-a7"
content-type
text/css
accept-ranges
bytes
content-length
167
campaign.bundle.js
dsp.mo.gamsai.com/campaignbuilder/dist/23_do_blue-folder_1/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp.mo.gamsai.com/campaignbuilder/dist/23_do_blue-folder_1/campaign.bundle.js
Requested by
Host: dsp.mo.gamsai.com
URL: https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.204.71.10 Amsterdam, Netherlands, ASN41887 (PROLOCATION Prolocation, NL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
031b6ce13a5ff0ba64639a367f553543cb1f80e406a4a016d685fb3abc04c24a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/16.4 Mobile/15A372 Safari/604.1

Response headers

date
Sun, 25 Feb 2024 04:26:32 GMT
last-modified
Wed, 21 Feb 2024 10:14:24 GMT
server
nginx/1.18.0 (Ubuntu)
x-backend
Portal01
etag
"65d5cd00-4ff"
content-type
application/javascript
accept-ranges
bytes
content-length
1279
web.bundle.js
dsp.mo.gamsai.com/campaignbuilder/build/js/ 		190 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp.mo.gamsai.com/campaignbuilder/build/js/web.bundle.js
Requested by
Host: dsp.mo.gamsai.com
URL: https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.204.71.10 Amsterdam, Netherlands, ASN41887 (PROLOCATION Prolocation, NL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
471baa1fadb54c2eaeea88dfde795a4952bfdbbdb8d3e740890efae91dba68ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/16.4 Mobile/15A372 Safari/604.1

Response headers

date
Sun, 25 Feb 2024 04:26:32 GMT
last-modified
Tue, 20 Feb 2024 07:41:59 GMT
server
nginx/1.18.0 (Ubuntu)
x-backend
Portal01
etag
"65d457c7-2f897"
content-type
application/javascript
accept-ranges
bytes
content-length
194711
hero_de.webp
dsp.mo.gamsai.com/campaignbuilder/dist/23_do_blue-folder_1/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.mo.gamsai.com/campaignbuilder/dist/23_do_blue-folder_1/hero_de.webp
Requested by
Host: dsp.mo.gamsai.com
URL: https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.204.71.10 Amsterdam, Netherlands, ASN41887 (PROLOCATION Prolocation, NL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8eb484fbdd450d8d93a8acee9eda688dd8857b18cda3f508210ddd4bdf7d38fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/16.4 Mobile/15A372 Safari/604.1

Response headers

date
Sun, 25 Feb 2024 04:26:32 GMT
last-modified
Wed, 21 Feb 2024 10:14:24 GMT
server
nginx/1.18.0 (Ubuntu)
x-backend
Portal01
etag
"65d5cd00-219a"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
8602
gtm.js
www.googletagmanager.com/ 		241 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5TBFVHV
Requested by
Host: dsp.mo.gamsai.com
URL: https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bad1b750511bd0f04dcbbe65a8c4fae7248240f36d104fe4ba6aa0a970031376
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dsp.mo.gamsai.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/16.4 Mobile/15A372 Safari/604.1

Response headers

date
Sun, 25 Feb 2024 04:26:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85742
x-xss-protection
0
last-modified
Sun, 25 Feb 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 25 Feb 2024 04:26:32 GMT
background_desktop.png
dsp.mo.gamsai.com/campaignbuilder/dist/23_do_blue-folder_1/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.mo.gamsai.com/campaignbuilder/dist/23_do_blue-folder_1/background_desktop.png
Requested by
Host: dsp.mo.gamsai.com
URL: https://dsp.mo.gamsai.com/campaignbuilder/dist/23_do_blue-folder_1/campaign.bundle.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.204.71.10 Amsterdam, Netherlands, ASN41887 (PROLOCATION Prolocation, NL),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3c29c8f8a01e54c178fdcb1d22e5a31e18709a7bdb96d81ce62ab3fbd145f9c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dsp.mo.gamsai.com/campaignbuilder/dist/23_do_blue-folder_1/campaign.bundle.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/16.4 Mobile/15A372 Safari/604.1

Response headers

date
Sun, 25 Feb 2024 04:26:32 GMT
last-modified
Wed, 21 Feb 2024 10:14:24 GMT
server
nginx/1.18.0 (Ubuntu)
x-backend
Portal01
etag
"65d5cd00-65e"
vary
Accept
content-type
image/png
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
1630
truncated
/ 		294 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
888051de65abde6ec7c6a4df40c141aafb6c7b7beef9147972aa6d5465a784ad

Request headers

Referer
Origin
https://dsp.mo.gamsai.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/16.4 Mobile/15A372 Safari/604.1

Response headers

Content-Type
image/svg+xml
js
www.googletagmanager.com/gtag/ 		248 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H5HF2L7MYP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TBFVHV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3d1bfabed2fca8ba098c86cefac834991167d622c92f0938106f7b6d9d039c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dsp.mo.gamsai.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/16.4 Mobile/15A372 Safari/604.1

Response headers

date
Sun, 25 Feb 2024 04:26:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87478
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 25 Feb 2024 04:26:32 GMT
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-H5HF2L7MYP&gtm=45je42l0v884834252z8833391220za200&_p=1708835192334&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1946963780.1708835192&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708835192&sct=1&seg=0&dl=https%3A%2F%2Fdsp.mo.gamsai.com%2Fspc%2Fdef%2F23_do_blue-folder_1%2F%3Ffc%3Dlu%26pni%3D15827%26pci%3D5135627%26pcu%3D7ca4d84a-0f62-40c6-b7ac-fa300ee803bd%26cid%3Dw8d3kv9i56gjq4ev2c2qj52s%26pubid%3D4ebf7308-89df-4220-b1ac-6279cdc66676__5871383&dt=dsp.mo.gamsai.com&en=page_view&_fv=1&_nsi=1&_ss=1&ep.campaign=23_do_blue-folder_1&ep.country_code=lu&ep.language_code=de&ep.brand=gamsai&ep.page=web&epn.ba=0&epn.autopin=0&ep.connection=WIFI&ep.evina=off&epn.pci=5135627&epn.pni=15827&ep.provider=WIFI&ep.publisher=&ep.orientation=landscape&tfd=690
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5HF2L7MYP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dsp.mo.gamsai.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/16.4 Mobile/15A372 Safari/604.1

Response headers

pragma
no-cache
date
Sun, 25 Feb 2024 04:26:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dsp.mo.gamsai.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H5HF2L7MYP&cid=1946963780.1708835192&gtm=45je42l0v884834252z8833391220za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5HF2L7MYP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dsp.mo.gamsai.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/16.4 Mobile/15A372 Safari/604.1

Response headers

pragma
no-cache
date
Sun, 25 Feb 2024 04:26:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dsp.mo.gamsai.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H5HF2L7MYP&cid=1946963780.1708835192&gtm=45je42l0v884834252z8833391220za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=775301652
Requested by
Host: dsp.mo.gamsai.com
URL: https://dsp.mo.gamsai.com/spc/def/23_do_blue-folder_1/?fc=lu&pni=15827&pci=5135627&pcu=7ca4d84a-0f62-40c6-b7ac-fa300ee803bd&cid=w8d3kv9i56gjq4ev2c2qj52s&pubid=4ebf7308-89df-4220-b1ac-6279cdc66676__5871383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dsp.mo.gamsai.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/16.4 Mobile/15A372 Safari/604.1

Response headers

pragma
no-cache
date
Sun, 25 Feb 2024 04:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| campaignSettings string| publicPath object| flow function| checktan function| checkmo function| pre-checkmo object| Stimulus object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

7 Cookies

Domain/Path Name / Value
.downloader.wonderful-day.club/ Name: 4ebf7308-89df-4220-b1ac-6279cdc66676-v4
Value: vn_sUt8zrP9gg0SLETAPiL-I7lwmDA1KF9wI722rLY4
.downloader.wonderful-day.club/ Name: cc-v4
Value: WrWO9c85ju6qo94VS0uiPGND2Qi0A3eGO63Gwow2UgPVZwoHxfVXGmXwrpZj%2FfqVtgzsJixD3xJx%2FtUiP%2FxPIL8ljq2ULW8R4psluDBdHYpxLIcJXueZEG0NVZXoIUOH0tlVCjbIZw%2Bu1dPfKuHQBQ%3D%3D
dsp.mo.gamsai.com/ Name: PHPSESSID
Value: iv5oh1amggjlvpsuj88349u87r
dsp.mo.gamsai.com/ Name: device_view
Value: mobile
.gamsai.com/ Name: _gcl_au
Value: 1.1.1651770228.1708835192
.gamsai.com/ Name: _ga
Value: GA1.1.1946963780.1708835192
.gamsai.com/ Name: _ga_H5HF2L7MYP
Value: GS1.1.1708835192.1.0.1708835192.60.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

downloader.wonderful-day.club
dsp.mo.gamsai.com
region1.analytics.google.com
stats.g.doubleclick.net
www.google.de
www.googletagmanager.com
18.184.38.55
2001:4860:4802:34::36
2a00:1450:4001:808::2003
2a00:1450:4001:813::2008
2a00:1450:400c:c00::9a
62.204.71.10
031b6ce13a5ff0ba64639a367f553543cb1f80e406a4a016d685fb3abc04c24a
12823d585605238121554aff8bb060a235dc36f37efd9fb1e7e6ea1a9622bc35
3c29c8f8a01e54c178fdcb1d22e5a31e18709a7bdb96d81ce62ab3fbd145f9c5
471baa1fadb54c2eaeea88dfde795a4952bfdbbdb8d3e740890efae91dba68ba
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
7b03587c344c4a9216a0f3ba61015a66ab17e937d098bf1fa8a8049284c07f18
888051de65abde6ec7c6a4df40c141aafb6c7b7beef9147972aa6d5465a784ad
8eb484fbdd450d8d93a8acee9eda688dd8857b18cda3f508210ddd4bdf7d38fb
aa819b0fce5afd33f07309e5cc94c7ead214e16dd51e951417ccaafc74af213c
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b4e453048b682fc43f24d9ab26b8b1a9be74d3036c81fa37b0f80780903f76ec
b5a148cb0d4a5521eded4e61d3d044eb840f50647c1ed445ad1092debec5f517
bad1b750511bd0f04dcbbe65a8c4fae7248240f36d104fe4ba6aa0a970031376
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d1bfabed2fca8ba098c86cefac834991167d622c92f0938106f7b6d9d039c6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e57a25809efcbb2eead151c740fb96a91bdd45bd190af7bb0f9724294c901f