www.andhravilas.net Open in urlscan Pro
69.163.38.195 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.andhravilas.net/ads/google160600.html
Submission: On August 14 via manual (August 14th 2017, 8:46:05 pm UTC) from US

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 10 HTTP transactions. The main IP is 69.163.38.195, located in Portland, United States and belongs to DSNETWORKS-001 - DirectSpace Networks, LLC., US. The main domain is www.andhravilas.net.

This is the only time www.andhravilas.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	69.163.38.195 69.163.38.195	46816 (DSNETWORK...) (DSNETWORKS-001 - DirectSpace Networks)
4	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a02:26f0:78:... 2a02:26f0:78::174a:189b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:78:... 2a02:26f0:78::174a:18a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	5

2 69.163.38.195 (Portland, United States)

ASN46816 (DSNETWORKS-001 - DirectSpace Networks, LLC., US)
PTR: 69-163-34-195.in-addr.arpa.static.dsn1.net

www.andhravilas.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:814::2002 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:78::174a:189b (European Union)

ASN20940 (AKAMAI-ASN1, US)

u.pub-fit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:78::174a:18a1 (European Union)

ASN20940 (AKAMAI-ASN1, US)

px.rekket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	googlesyndication.com pagead2.googlesyndication.com	114 KB
2	andhravilas.net www.andhravilas.net	622 B
1	rekket.com px.rekket.com	43 B
1	pub-fit.com u.pub-fit.com	337 B
0	adnxs.com Failed ib.adnxs.com Failed
0	doubleclick.net Failed googleads.g.doubleclick.net Failed
10	6

	Domain	Requested by
4	pagead2.googlesyndication.com	www.andhravilas.net pagead2.googlesyndication.com
2	www.andhravilas.net	www.andhravilas.net
1	px.rekket.com	www.andhravilas.net
1	u.pub-fit.com	www.andhravilas.net
0	ib.adnxs.com Failed	www.andhravilas.net
0	googleads.g.doubleclick.net Failed	pagead2.googlesyndication.com
10	6

This site contains no links.

Subject Issuer	Validity	Valid
*.googleusercontent.com Google Internet Authority G2	`2017-08-02` - `2017-10-25`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://www.andhravilas.net/ads/google160600.html
Frame ID: 18271.1
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20170807/r20170110/zrt_lookup.html
Frame ID: 18271.3
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170807/r20170110/show_ads_impl.js
Frame ID: 18271.2
Requests: 2 HTTP requests in this frame

Frame: http://www.andhravilas.net/ads/pubfit160600.html
Frame ID: 18271.4
Requests: 3 HTTP requests in this frame

Frame: http://ib.adnxs.com/bounce?%2Ftt%3Fid%3D4318444%26size%3D160x600
Frame ID: 18271.6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

10
Requests

20 %
HTTPS

75 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

115 kB
Transfer

310 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request 4

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1559090919809790&output=html&h=600&slotname=3509945557&adk=445718934&adf=2881044700&w=160&flash=0&url=http%3A%2F%2Fwww.andhravilas.net&w...
http://www.andhravilas.net/ads/pubfit160600.html

Request 7

http://ib.adnxs.com/tt?id=4318444&size=160x600
http://ib.adnxs.com/bounce?%2Ftt%3Fid%3D4318444%26size%3D160x600

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request google160600.html Show response
www.andhravilas.net/ads/ 370 B
356 B 296ms
149ms Document
text/html 69.163.38.195
DirectSpace Networks

General

Check archive.org

Show headers Download Go to

Full URL: http://www.andhravilas.net/ads/google160600.html
Protocol: HTTP/1.1
Server: 69.163.38.195 Portland, United States, ASN46816 (DSNETWORKS-001 - DirectSpace Networks, LLC., US),
Reverse DNS: 69-163-34-195.in-addr.arpa.static.dsn1.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a546da8f0577aa33d9512e085d4f2653b00ddbdcc847dd1ad5ce8be7455beafa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 14 Aug 2017 20:45:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Nov 2014 00:47:05 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "8130f92f5bf9cf1:0"
Vary: Accept-Encoding
Content-Type: text/html
access-control-allow-origin: *
Accept-Ranges: bytes
access-control-allow-headers: content-type
Content-Length: 356

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 46 KB
17 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:814::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.andhravilas.net
URL: http://www.andhravilas.net/ads/google160600.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

8ade43bfaa7ece2e9e75c1d53e0a05ceb8a861d9a28e227577219f5f81936fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.andhravilas.net/ads/google160600.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 14 Aug 2017 19:48:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 3458
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 7712184217241966563
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 17120
X-XSS-Protection: 1; mode=block
Expires: Mon, 14 Aug 2017 20:48:15 GMT

GET
S 200 ca-pub-1559090919809790.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 133 B
143 B 34ms
20ms Script
text/javascript 2a00:1450:4001:814::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-1559090919809790.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.andhravilas.net/ads/google160600.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 14 Aug 2017 20:45:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 13 Aug 2017 20:32:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Tue, 15 Aug 2017 08:45:53 GMT

GET zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20170807/r20170110/ Frame 1827 0
0

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20170807/r20170110/ Frame 1827 181 KB
67 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:814::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20170807/r20170110/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

b729305d3314b646747c23cb5245e03696a0e6af4255e33bbbe8bd0990cf66bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.andhravilas.net/ads/google160600.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 14 Aug 2017 20:45:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 10445365074379314862
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 68532
X-XSS-Protection: 1; mode=block
Expires: Mon, 14 Aug 2017 20:45:53 GMT

GET
H/1.1

200
OK

pubfit160600.html Show response
www.andhravilas.net/ads/ Frame 1827
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1559090919809790&output=html&h=600&slotname=3509945557&adk=445718934&adf=2881044700&w=160&flash=0&url=http%3A%2F%2Fwww.andhravilas.net&w...
http://www.andhravilas.net/ads/pubfit160600.html

236 B
266 B

146ms
146ms

Document
text/html

69.163.38.195
DirectSpace Networks

General

Check archive.org

Show headers Download Go to

Full URL: http://www.andhravilas.net/ads/pubfit160600.html
Requested by: Host: www.andhravilas.net
URL: http://www.andhravilas.net/ads/google160600.html
Protocol: HTTP/1.1
Server: 69.163.38.195 Portland, United States, ASN46816 (DSNETWORKS-001 - DirectSpace Networks, LLC., US),
Reverse DNS: 69-163-34-195.in-addr.arpa.static.dsn1.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9ff93abf99f3ef0f6f4d419a39277a1e11c018e474180ff8676c16cbb1db6c76

Request headers

Referer: http://www.andhravilas.net/ads/google160600.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 14 Aug 2017 20:45:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Feb 2015 16:49:21 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "2583432644cd01:0"
Vary: Accept-Encoding
Content-Type: text/html
access-control-allow-origin: *
Accept-Ranges: bytes
access-control-allow-headers: content-type
Content-Length: 266

Redirect headers

timing-allow-origin: *
date: Mon, 14 Aug 2017 20:45:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: http://www.andhravilas.net/ads/pubfit160600.html
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 82
x-xss-protection: 1; mode=block

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20170807/r20170110/ Frame 1827 81 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20170807/r20170110/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20170807/r20170110/show_ads_impl.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

9808c2a819197b9ae6fdbc0eb76f575c600da8c7eaa6cf01b5d0f8432c64723a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.andhravilas.net/ads/google160600.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Tue, 08 Aug 2017 03:06:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 30503
x-xss-protection: 1; mode=block
server: cafe
etag: 6091082198805924231
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2017 03:06:52 GMT

GET
H/1.1 200
OK adtag_3066.js Show response
u.pub-fit.com/ Frame 1827 476 B
337 B 633ms
305ms Script
text/javascript 2a02:26f0:78::174a:189b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://u.pub-fit.com/adtag_3066.js
Requested by: Host: www.andhravilas.net
URL: http://www.andhravilas.net/ads/pubfit160600.html
Protocol: HTTP/1.1
Server: 2a02:26f0:78::174a:189b , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: c98fcd0dfbe45f7695969cdc1e47c64052098813b1a090f9f3720ce92639a813

Request headers

Referer: http://www.andhravilas.net/ads/pubfit160600.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 14 Aug 2017 20:45:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Feb 2015 12:47:48 GMT
X-Trans-Id: tx5b7b7b400ff7457386559-005982e8f2dfw1
ETag: 3c9195b73d31845951f2076dff520333
Vary: Accept-Encoding
Content-Type: text/javascript
X-Timestamp: 1425041267.03043
Cache-Control: public, max-age=244
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 337
Expires: Mon, 14 Aug 2017 20:49:58 GMT

GET

bounce
ib.adnxs.com/ Frame 1827
Redirect Chain

http://ib.adnxs.com/tt?id=4318444&size=160x600
http://ib.adnxs.com/bounce?%2Ftt%3Fid%3D4318444%26size%3D160x600

0
0

GET
H/1.1 200
OK pixel.gif
px.rekket.com/ Frame 1827 43 B
43 B 619ms
50ms Image
image/gif 2a02:26f0:78::174a:18a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://px.rekket.com/pixel.gif?id=3066&r=0.46374464936194926&u=http%3A%2F%2Fwww.andhravilas.net%2Fads%2Fgoogle160600.html
Requested by: Host: www.andhravilas.net
URL: http://www.andhravilas.net/ads/pubfit160600.html
Protocol: HTTP/1.1
Server: 2a02:26f0:78::174a:18a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://www.andhravilas.net/ads/pubfit160600.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 14 Aug 2017 20:45:54 GMT
Last-Modified: Wed, 13 Mar 2013 15:28:28 GMT
X-Trans-Id: tx779fa25de60e4691b2fa9-00591a150bdfw1
ETag: 325472601571f31e1bf00674c368d335
Content-Type: image/gif
X-Timestamp: 1363188507.50732
Cache-Control: public, max-age=364
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 14 Aug 2017 20:51:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20170807/r20170110/zrt_lookup.html

Domain: ib.adnxs.com
URL: http://ib.adnxs.com/bounce?%2Ftt%3Fid%3D4318444%26size%3D160x600

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adnxs.com/	2017-11-12 20:45:54	Name: uuid2 Value: 7490020754173441430
.adnxs.com/	2017-08-15 20:45:54	Name: sess Value: 1
.doubleclick.net/	2017-08-14 21:00:53	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
px.rekket.com
u.pub-fit.com
www.andhravilas.net
googleads.g.doubleclick.net
ib.adnxs.com
2a00:1450:4001:814::2002
2a02:26f0:78::174a:189b
2a02:26f0:78::174a:18a1
69.163.38.195
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
8ade43bfaa7ece2e9e75c1d53e0a05ceb8a861d9a28e227577219f5f81936fd1
9808c2a819197b9ae6fdbc0eb76f575c600da8c7eaa6cf01b5d0f8432c64723a
9ff93abf99f3ef0f6f4d419a39277a1e11c018e474180ff8676c16cbb1db6c76
a546da8f0577aa33d9512e085d4f2653b00ddbdcc847dd1ad5ce8be7455beafa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b729305d3314b646747c23cb5245e03696a0e6af4255e33bbbe8bd0990cf66bc
c98fcd0dfbe45f7695969cdc1e47c64052098813b1a090f9f3720ce92639a813

www.andhravilas.net Open in urlscan Pro 69.163.38.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

10 Requests

20 %HTTPS

75 %IPv6

6 Domains

6 Subdomains

5 IPs

3 Countries

115 kBTransfer

310 kBSize

3 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

3 Cookies

Indicators

www.andhravilas.net Open in urlscan Pro
69.163.38.195 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

20 %
HTTPS

75 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

115 kB
Transfer

310 kB
Size

3
Cookies

10 HTTP transactions
0 data transactions