urlscan.io logo urlscan.io
SecurityTrails logo

toolbox.contentspread.net Open in urlscan Pro
217.79.179.49  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://toolbox.contentspread.net/integration/olusenetnl/35763e.dyn?&csTouchpoint=basket&country=RO&csSiteUrl=https%253A%252F%252F...
Effective URL: https://toolbox.contentspread.net/container/olusenetnl/sensor/24155e.dyn?&country=RO&csSiteUrl=https%3A%2F%2Fen.usenet.nl%2Fregist...
Submission: On April 15 via manual from RO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 4 HTTP transactions. The main IP is 217.79.179.49, located in Germany and belongs to MYLOC-AS, DE. The main domain is toolbox.contentspread.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 23rd 2017. Valid for: 2 years.
This is the only time toolbox.contentspread.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 138.201.135.113 24940 (HETZNER-AS)
1 217.79.179.49 24961 (MYLOC-AS)
1 212.48.120.130 8893 (ARTFILES-...)
1 146.148.127.183 15169 (GOOGLE)
1 2 216.58.214.102 15169 (GOOGLE)
4 4
1    138.201.135.113 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.113.135.201.138.clients.your-server.de
toolbox.contentspread.net
1    217.79.179.49 (Germany)

ASN24961 (MYLOC-AS, DE)
PTR: n049.navy.fastwebserver.de
toolbox.contentspread.net
1    212.48.120.130 (Germany)

ASN8893 (ARTFILES-AS Zirkusweg 1, DE)
PTR: lb.usemaxserver.de
www.usemax.de
1    146.148.127.183 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 183.127.148.146.bc.googleusercontent.com
www.ad4mat.net
2    216.58.214.102 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s05-in-f6.1e100.net
ad.doubleclick.net
Apex Domain
Subdomains		 Transfer
2 doubleclick.net
ad.doubleclick.net
492 B
2 contentspread.net
toolbox.contentspread.net
3 KB
1 ad4mat.net
www.ad4mat.net
897 B
1 usemax.de
www.usemax.de
223 B
4 4
Domain Requested by
2 ad.doubleclick.net 1 redirects toolbox.contentspread.net
2 toolbox.contentspread.net 1 redirects
1 www.ad4mat.net toolbox.contentspread.net
1 www.usemax.de toolbox.contentspread.net
4 4

This site contains no links.

Subject Issuer Validity Valid
service.contentspread.net
Go Daddy Secure Certificate Authority - G2		 2017-06-23 -
2019-07-11		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://toolbox.contentspread.net/container/olusenetnl/sensor/24155e.dyn?&country=RO&csSiteUrl=https%3A%2F%2Fen.usenet.nl%2Fregistration%2F%3Futm_source%3DAF%255FTA%255F103096%26utm_medium%3DAFNE%26utm_campaign%3D438757%26utm_content%3D0%255F1&csSiteRef=http%3A%2F%2Faff.adsbreak.com%2Fgeo%2Fpreset%3Fgeo_id%3D110%26user_id%3D7949%3Fuc%3D4ED19AE0-40B4-11E8-86D0-CF08FB9CEFDE%26tsid%3D17752
Frame ID: 9F210CB0D6CB3F1CE936EE0781153CC6
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://toolbox.contentspread.net/integration/olusenetnl/35763e.dyn?&csTouchpoint=basket&country=RO&csSiteUrl=... HTTP 302
    https://toolbox.contentspread.net/container/olusenetnl/sensor/24155e.dyn?&country=RO&csSiteUrl=https%3A%2F%2Fe... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

4
Requests

25 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

3 kB
Transfer

2 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://toolbox.contentspread.net/integration/olusenetnl/35763e.dyn?&csTouchpoint=basket&country=RO&csSiteUrl=https%253A%252F%252Fen.usenet.nl%252Fregistration%252F%253Futm_source%253DAF%25255FTA%25255F103096%2526utm_medium%253DAFNE%2526utm_campaign%253D438757%2526utm_content%253D0%25255F1&csSiteRef=http%253A%252F%252Faff.adsbreak.com%252Fgeo%252Fpreset%253Fgeo_id%253D110%2526user_id%253D7949%253Fuc%253D4ED19AE0-40B4-11E8-86D0-CF08FB9CEFDE%2526tsid%253D17752 HTTP 302
    https://toolbox.contentspread.net/container/olusenetnl/sensor/24155e.dyn?&country=RO&csSiteUrl=https%3A%2F%2Fen.usenet.nl%2Fregistration%2F%3Futm_source%3DAF%255FTA%255F103096%26utm_medium%3DAFNE%26utm_campaign%3D438757%26utm_content%3D0%255F1&csSiteRef=http%3A%2F%2Faff.adsbreak.com%2Fgeo%2Fpreset%3Fgeo_id%3D110%26user_id%3D7949%3Fuc%3D4ED19AE0-40B4-11E8-86D0-CF08FB9CEFDE%26tsid%3D17752 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://ad.doubleclick.net/ddm/activity/src=5528306;type=invmedia;cat=pht8xijl;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=5528306;dc_pre=COGQt9TCvNoCFQQ84AodBPIIrw;type=invmedia;cat=pht8xijl;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 24155e.dyn
toolbox.contentspread.net/container/olusenetnl/sensor/
Redirect Chain
  • https://toolbox.contentspread.net/integration/olusenetnl/35763e.dyn?&csTouchpoint=basket&country=RO&csSiteUrl=https%253A%252F%252Fen.usenet.nl%252Fregistration%252F%253Futm_source%253DAF%25255FTA%2...
  • https://toolbox.contentspread.net/container/olusenetnl/sensor/24155e.dyn?&country=RO&csSiteUrl=https%3A%2F%2Fen.usenet.nl%2Fregistration%2F%3Futm_source%3DAF%255FTA%255F103096%26utm_medium%3DAFNE%2...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://toolbox.contentspread.net/container/olusenetnl/sensor/24155e.dyn?&country=RO&csSiteUrl=https%3A%2F%2Fen.usenet.nl%2Fregistration%2F%3Futm_source%3DAF%255FTA%255F103096%26utm_medium%3DAFNE%26utm_campaign%3D438757%26utm_content%3D0%255F1&csSiteRef=http%3A%2F%2Faff.adsbreak.com%2Fgeo%2Fpreset%3Fgeo_id%3D110%26user_id%3D7949%3Fuc%3D4ED19AE0-40B4-11E8-86D0-CF08FB9CEFDE%26tsid%3D17752
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.179.49 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
n049.navy.fastwebserver.de
Software
nginx /
Resource Hash
28cf9591cc4d399583ec7ea9f71d00ac74cfe31f9bcf2cec68fdcfc577be22ea

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
toolbox.contentspread.net
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 15 Apr 2018 14:46:10 GMT
Last-Modified
Sun, 15 Apr 2018 14:46:10 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI NID PSAa OUR BUS COM NAV STA"
Cache-Control
no-store, no-cache, must-revalidate
Connection
close
Content-Type
text/html;charset=UTF-8
Expires
Sat, 13 Jun 1992 00:00:00 GMT

Redirect headers

Location
https://toolbox.contentspread.net/container/olusenetnl/sensor/24155e.dyn?&country=RO&csSiteUrl=https%3A%2F%2Fen.usenet.nl%2Fregistration%2F%3Futm_source%3DAF%255FTA%255F103096%26utm_medium%3DAFNE%26utm_campaign%3D438757%26utm_content%3D0%255F1&csSiteRef=http%3A%2F%2Faff.adsbreak.com%2Fgeo%2Fpreset%3Fgeo_id%3D110%26user_id%3D7949%3Fuc%3D4ED19AE0-40B4-11E8-86D0-CF08FB9CEFDE%26tsid%3D17752
Date
Sun, 15 Apr 2018 14:44:01 GMT
Server
nginx
Connection
close
Content-Length
0
Content-Type
text/plain; charset=iso-8859-1
rt.php
www.usemax.de/ 		0
223 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usemax.de/rt.php?campaign_id=30757&place=4&product_id=&cachebuster=[TIMESTAMP]
Requested by
Host: toolbox.contentspread.net
URL: https://toolbox.contentspread.net/container/olusenetnl/sensor/24155e.dyn?&country=RO&csSiteUrl=https%3A%2F%2Fen.usenet.nl%2Fregistration%2F%3Futm_source%3DAF%255FTA%255F103096%26utm_medium%3DAFNE%26utm_campaign%3D438757%26utm_content%3D0%255F1&csSiteRef=http%3A%2F%2Faff.adsbreak.com%2Fgeo%2Fpreset%3Fgeo_id%3D110%26user_id%3D7949%3Fuc%3D4ED19AE0-40B4-11E8-86D0-CF08FB9CEFDE%26tsid%3D17752
Protocol
HTTP/1.1
Server
212.48.120.130 , Germany, ASN8893 (ARTFILES-AS Zirkusweg 1, DE),
Reverse DNS
lb.usemaxserver.de
Software
Apache/2.4.10 (Debian) / PHP/5.6.33-0+deb8u1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://toolbox.contentspread.net/container/olusenetnl/sensor/24155e.dyn?&country=RO&csSiteUrl=https%3A%2F%2Fen.usenet.nl%2Fregistration%2F%3Futm_source%3DAF%255FTA%255F103096%26utm_medium%3DAFNE%26utm_campaign%3D438757%26utm_content%3D0%255F1&csSiteRef=http%3A%2F%2Faff.adsbreak.com%2Fgeo%2Fpreset%3Fgeo_id%3D110%26user_id%3D7949%3Fuc%3D4ED19AE0-40B4-11E8-86D0-CF08FB9CEFDE%26tsid%3D17752
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Sun, 15 Apr 2018 14:46:11 GMT
Server
Apache/2.4.10 (Debian)
Connection
Keep-Alive
X-Powered-By
PHP/5.6.33-0+deb8u1
Content-Length
0
Keep-Alive
timeout=1, max=100
Content-Type
text/html
ck_tracker.php
www.ad4mat.net/ads/js/ 		543 B
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ad4mat.net:444/ads/js/ck_tracker.php?productId=&catId=&searchName=&sprd=false&adspaceId=9990610&country=at.ad4mat.net
Requested by
Host: toolbox.contentspread.net
URL: https://toolbox.contentspread.net/container/olusenetnl/sensor/24155e.dyn?&country=RO&csSiteUrl=https%3A%2F%2Fen.usenet.nl%2Fregistration%2F%3Futm_source%3DAF%255FTA%255F103096%26utm_medium%3DAFNE%26utm_campaign%3D438757%26utm_content%3D0%255F1&csSiteRef=http%3A%2F%2Faff.adsbreak.com%2Fgeo%2Fpreset%3Fgeo_id%3D110%26user_id%3D7949%3Fuc%3D4ED19AE0-40B4-11E8-86D0-CF08FB9CEFDE%26tsid%3D17752
Protocol
SPDY
Server
146.148.127.183 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
183.127.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
91db25db7199216011ba61afc42761e0a74a18cc87bfbd9a7044039d552925cc

Request headers

Referer
https://toolbox.contentspread.net/container/olusenetnl/sensor/24155e.dyn?&country=RO&csSiteUrl=https%3A%2F%2Fen.usenet.nl%2Fregistration%2F%3Futm_source%3DAF%255FTA%255F103096%26utm_medium%3DAFNE%26utm_campaign%3D438757%26utm_content%3D0%255F1&csSiteRef=http%3A%2F%2Faff.adsbreak.com%2Fgeo%2Fpreset%3Fgeo_id%3D110%26user_id%3D7949%3Fuc%3D4ED19AE0-40B4-11E8-86D0-CF08FB9CEFDE%26tsid%3D17752
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

status
200
date
Sun, 15 Apr 2018 14:46:10 GMT
content-encoding
gzip
server
nginx
content-type
text/html
x-cache
MISS
p3p
CP="NOI CUR OUR STP", policyref="/w3c/p3p.ad4mat.xml
src=5528306;dc_pre=COGQt9TCvNoCFQQ84AodBPIIrw;type=invmedia;cat=pht8xijl;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
ad.doubleclick.net/ddm/activity/
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=5528306;type=invmedia;cat=pht8xijl;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
  • https://ad.doubleclick.net/ddm/activity/src=5528306;dc_pre=COGQt9TCvNoCFQQ84AodBPIIrw;type=invmedia;cat=pht8xijl;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/src=5528306;dc_pre=COGQt9TCvNoCFQQ84AodBPIIrw;type=invmedia;cat=pht8xijl;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
Requested by
Host: toolbox.contentspread.net
URL: https://toolbox.contentspread.net/container/olusenetnl/sensor/24155e.dyn?&country=RO&csSiteUrl=https%3A%2F%2Fen.usenet.nl%2Fregistration%2F%3Futm_source%3DAF%255FTA%255F103096%26utm_medium%3DAFNE%26utm_campaign%3D438757%26utm_content%3D0%255F1&csSiteRef=http%3A%2F%2Faff.adsbreak.com%2Fgeo%2Fpreset%3Fgeo_id%3D110%26user_id%3D7949%3Fuc%3D4ED19AE0-40B4-11E8-86D0-CF08FB9CEFDE%26tsid%3D17752
Protocol
SPDY
Server
216.58.214.102 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s05-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://toolbox.contentspread.net/container/olusenetnl/sensor/24155e.dyn?&country=RO&csSiteUrl=https%3A%2F%2Fen.usenet.nl%2Fregistration%2F%3Futm_source%3DAF%255FTA%255F103096%26utm_medium%3DAFNE%26utm_campaign%3D438757%26utm_content%3D0%255F1&csSiteRef=http%3A%2F%2Faff.adsbreak.com%2Fgeo%2Fpreset%3Fgeo_id%3D110%26user_id%3D7949%3Fuc%3D4ED19AE0-40B4-11E8-86D0-CF08FB9CEFDE%26tsid%3D17752
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Apr 2018 14:46:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 Apr 2018 14:46:10 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/activity/src=5528306;dc_pre=COGQt9TCvNoCFQQ84AodBPIIrw;type=invmedia;cat=pht8xijl;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| country string| adspaceId string| productId string| catId string| search_name string| sprd string| scriptURL function| scriptLoader string| tp_rtrgt_items string| tp_rtrgt_segment number| tp_rtrgt_random string| tp_rtrgt_url object| pxsrsc object| px

4 Cookies

Domain/Path Name / Value
.ad-srv.net/ Name: uid
Value: 7c0539c9956a58c4
.doubleclick.net/ Name: IDE
Value: AHWqTUmsius6eGwltevmGiq446CezgXFSKiZOaJojB2p1PuJWQI86lygqDdYXI-S
.ad-srv.net/ Name: rtrgt_30863
Value: 94e521EHPrr8knouV2m4cVWFhEO5%252BaSstKaHUx7adNxwHTfpIayqkL7VRBUJBXg8iiPNyw%252BqVR1lxp4dJRDiPD32VN72%252BadN1VrjBEFOcVNO9Hx7Nl35WvRlUOksKOZNPjAf7v9RNr
.adc-srv.net/ Name: adc_vs
Value: x%9C%ABV%2A-N%CDK-%89%2F%29V%B22452%B600657%D0%81%09%27%25%16g%A7%96%28Y%29%29%D5%02%001%81%0D%AE