toolbox.contentspread.net
Open in
urlscan Pro
217.79.179.49
Public Scan
Effective URL: https://toolbox.contentspread.net/container/olusenetnl/sensor/24155e.dyn?&country=RO&csSiteUrl=https%3A%2F%2Fen.usenet.nl%2Fregist...
Submission: On April 15 via manual from RO
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 23rd 2017. Valid for: 2 years.
This is the only time toolbox.contentspread.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 138.201.135.113 138.201.135.113 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 217.79.179.49 217.79.179.49 | 24961 (MYLOC-AS) (MYLOC-AS) | |
1 | 212.48.120.130 212.48.120.130 | 8893 (ARTFILES-...) (ARTFILES-AS Zirkusweg 1) | |
1 | 146.148.127.183 146.148.127.183 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 2 | 216.58.214.102 216.58.214.102 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
4 | 4 |
ASN24940 (HETZNER-AS, DE)
PTR: static.113.135.201.138.clients.your-server.de
toolbox.contentspread.net |
ASN24961 (MYLOC-AS, DE)
PTR: n049.navy.fastwebserver.de
toolbox.contentspread.net |
ASN8893 (ARTFILES-AS Zirkusweg 1, DE)
PTR: lb.usemaxserver.de
www.usemax.de |
ASN15169 (GOOGLE - Google LLC, US)
PTR: 183.127.148.146.bc.googleusercontent.com
www.ad4mat.net |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s05-in-f6.1e100.net
ad.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
doubleclick.net
1 redirects
ad.doubleclick.net |
492 B |
2 |
contentspread.net
1 redirects
toolbox.contentspread.net |
3 KB |
1 |
ad4mat.net
www.ad4mat.net |
897 B |
1 |
usemax.de
www.usemax.de |
223 B |
4 | 4 |
Domain | Requested by | |
---|---|---|
2 | ad.doubleclick.net |
1 redirects
toolbox.contentspread.net
|
2 | toolbox.contentspread.net | 1 redirects |
1 | www.ad4mat.net |
toolbox.contentspread.net
|
1 | www.usemax.de |
toolbox.contentspread.net
|
4 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
service.contentspread.net Go Daddy Secure Certificate Authority - G2 |
2017-06-23 - 2019-07-11 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://toolbox.contentspread.net/container/olusenetnl/sensor/24155e.dyn?&country=RO&csSiteUrl=https%3A%2F%2Fen.usenet.nl%2Fregistration%2F%3Futm_source%3DAF%255FTA%255F103096%26utm_medium%3DAFNE%26utm_campaign%3D438757%26utm_content%3D0%255F1&csSiteRef=http%3A%2F%2Faff.adsbreak.com%2Fgeo%2Fpreset%3Fgeo_id%3D110%26user_id%3D7949%3Fuc%3D4ED19AE0-40B4-11E8-86D0-CF08FB9CEFDE%26tsid%3D17752
Frame ID: 9F210CB0D6CB3F1CE936EE0781153CC6
Requests: 4 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://toolbox.contentspread.net/integration/olusenetnl/35763e.dyn?&csTouchpoint=basket&country=RO&csSiteUrl=...
HTTP 302
https://toolbox.contentspread.net/container/olusenetnl/sensor/24155e.dyn?&country=RO&csSiteUrl=https%3A%2F%2Fe... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://toolbox.contentspread.net/integration/olusenetnl/35763e.dyn?&csTouchpoint=basket&country=RO&csSiteUrl=https%253A%252F%252Fen.usenet.nl%252Fregistration%252F%253Futm_source%253DAF%25255FTA%25255F103096%2526utm_medium%253DAFNE%2526utm_campaign%253D438757%2526utm_content%253D0%25255F1&csSiteRef=http%253A%252F%252Faff.adsbreak.com%252Fgeo%252Fpreset%253Fgeo_id%253D110%2526user_id%253D7949%253Fuc%253D4ED19AE0-40B4-11E8-86D0-CF08FB9CEFDE%2526tsid%253D17752
HTTP 302
https://toolbox.contentspread.net/container/olusenetnl/sensor/24155e.dyn?&country=RO&csSiteUrl=https%3A%2F%2Fen.usenet.nl%2Fregistration%2F%3Futm_source%3DAF%255FTA%255F103096%26utm_medium%3DAFNE%26utm_campaign%3D438757%26utm_content%3D0%255F1&csSiteRef=http%3A%2F%2Faff.adsbreak.com%2Fgeo%2Fpreset%3Fgeo_id%3D110%26user_id%3D7949%3Fuc%3D4ED19AE0-40B4-11E8-86D0-CF08FB9CEFDE%26tsid%3D17752 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://ad.doubleclick.net/ddm/activity/src=5528306;type=invmedia;cat=pht8xijl;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
- https://ad.doubleclick.net/ddm/activity/src=5528306;dc_pre=COGQt9TCvNoCFQQ84AodBPIIrw;type=invmedia;cat=pht8xijl;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
24155e.dyn
toolbox.contentspread.net/container/olusenetnl/sensor/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rt.php
www.usemax.de/ |
0 223 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ck_tracker.php
www.ad4mat.net/ads/js/ |
543 B 897 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
src=5528306;dc_pre=COGQt9TCvNoCFQQ84AodBPIIrw;type=invmedia;cat=pht8xijl;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
ad.doubleclick.net/ddm/activity/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| country string| adspaceId string| productId string| catId string| search_name string| sprd string| scriptURL function| scriptLoader string| tp_rtrgt_items string| tp_rtrgt_segment number| tp_rtrgt_random string| tp_rtrgt_url object| pxsrsc object| px4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ad-srv.net/ | Name: uid Value: 7c0539c9956a58c4 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUmsius6eGwltevmGiq446CezgXFSKiZOaJojB2p1PuJWQI86lygqDdYXI-S |
|
.ad-srv.net/ | Name: rtrgt_30863 Value: 94e521EHPrr8knouV2m4cVWFhEO5%252BaSstKaHUx7adNxwHTfpIayqkL7VRBUJBXg8iiPNyw%252BqVR1lxp4dJRDiPD32VN72%252BadN1VrjBEFOcVNO9Hx7Nl35WvRlUOksKOZNPjAf7v9RNr |
|
.adc-srv.net/ | Name: adc_vs Value: x%9C%ABV%2A-N%CDK-%89%2F%29V%B22452%B600657%D0%81%09%27%25%16g%A7%96%28Y%29%29%D5%02%001%81%0D%AE |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.doubleclick.net
toolbox.contentspread.net
www.ad4mat.net
www.usemax.de
138.201.135.113
146.148.127.183
212.48.120.130
216.58.214.102
217.79.179.49
28cf9591cc4d399583ec7ea9f71d00ac74cfe31f9bcf2cec68fdcfc577be22ea
91db25db7199216011ba61afc42761e0a74a18cc87bfbd9a7044039d552925cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629