urlscan.io logo urlscan.io
SecurityTrails logo

syndication.dynsrvtbg.com Open in urlscan Pro
95.211.229.246  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://inpotaqi.com/rnd/kept?nfqv=FJ/d49zORcYb9zN6lvaXEQ==&af=11908_072c0f96ce4famp&ssp_info=TbFApx4nNgks14z41YFGDmI...
Effective URL: https://syndication.dynsrvtbg.com/splash.php?idzone=3015142&type=8&sub=161229
Submission: On May 30 via api from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 9 HTTP transactions. The main IP is 95.211.229.246, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is syndication.dynsrvtbg.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 29th 2019. Valid for: 3 months.
This is the only time syndication.dynsrvtbg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 54.84.166.74 14618 (AMAZON-AES)
1 2 62.212.87.141 60781 (LEASEWEB-...)
1 52.208.172.46 16509 (AMAZON-02)
1 205.147.93.131 393676 (ZENEDGE)
1 104.25.186.102 13335 (CLOUDFLAR...)
1 1 173.239.53.17 27257 (WEBAIR-IN...)
1 95.211.229.246 60781 (LEASEWEB-...)
9 7
1    2606:4700:20::6819:6c64 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
inpotaqi.com
1    54.84.166.74 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-84-166-74.compute-1.amazonaws.com
madagty.com
2    62.212.87.141 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
bidstraff.com
1    52.208.172.46 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-208-172-46.eu-west-1.compute.amazonaws.com
1d6168aa654.traffic-c.com
1    205.147.93.131 (United States)

ASN393676 (ZENEDGE - Oracle Corporation, US)
durasser.com
1    104.25.186.102 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
botudeso.com
1    173.239.53.17 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
xml.adxfactory.com
1    95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
syndication.dynsrvtbg.com
Domain Requested by
2 bidstraff.com 1 redirects inpotaqi.com
1 syndication.dynsrvtbg.com botudeso.com
1 xml.adxfactory.com 1 redirects
1 botudeso.com durasser.com
1 durasser.com
1 1d6168aa654.traffic-c.com inpotaqi.com
1 madagty.com 1 redirects
1 inpotaqi.com
0 consent.yahoo.com Failed syndication.dynsrvtbg.com
9 9

This site contains links to these domains. Also see Links.

Domain
xml.adxfactory.com
Subject Issuer Validity Valid
trk.billysrv.com
Let's Encrypt Authority X3		 2019-05-24 -
2019-08-22		 3 months crt.sh
traffic-c.com
Let's Encrypt Authority X3		 2019-04-19 -
2019-07-18		 3 months crt.sh
durasser.com
Let's Encrypt Authority X3		 2019-04-16 -
2019-07-15		 3 months crt.sh
ssl375931.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-05-21 -
2019-11-27		 6 months crt.sh
dynsrvtbg.com
Let's Encrypt Authority X3		 2019-04-29 -
2019-07-28		 3 months crt.sh

This page contains 1 frames:

Frame: https://consent.yahoo.com/collectConsent?sessionId=3_cc-session_82d0c1f1-c91e-4525-89cc-2b75379ea304&lang=de-DE&inline=false
Frame ID: 91D1D30B989CC72901E18EBE866F42CE
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://inpotaqi.com/rnd/kept?nfqv=FJ/d49zORcYb9zN6lvaXEQ==&af=11908_072c0f96ce4famp&ssp_info=TbF... Page URL
  2. http://madagty.com/buasdg78ezads13gffe7667dhd9?adTagId=ee795150-730c-11e8-800a-0ae8b840b174&cpm... HTTP 302
    https://bidstraff.com/l/21367515bcdfaf81e2d9?source=msadir&clickid=779c4417-82fc-11e9-baf0-122307f... Page URL
  3. https://bidstraff.com/l/21367515bcdfaf81e2d9?source=msadir&clickid=779c4417-82fc-11e9-baf0-122307f... HTTP 302
    https://1d6168aa654.traffic-c.com/?p=2827&media_type=mainstream&click_id=bmconv_20190530190046_00df616e_d682_4... Page URL
  4. https://durasser.com/2iWEs/S4Gt/RYW9/Hcnse1U2_5IkZ5ZAs5bZgj3LhywhRcAUrhkjpYYEAgYrtZ-XCA4?T4g=Main... Page URL
  5. https://botudeso.com/auction?info=imoSvZ5PR%252Fw0i9YbG5K28IqCXHv4GAgqtCSDoJ64XxxishHRQGYqu74Ggc1... Page URL
  6. http://xml.adxfactory.com/click?i=IcmGRf9eXmk_0 HTTP 302
    https://syndication.dynsrvtbg.com/splash.php?idzone=3015142&type=8&sub=161229 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i

Page Statistics

9
Requests

56 %
HTTPS

13 %
IPv6

9
Domains

9
Subdomains

7
IPs

4
Countries

20 kB
Transfer

49 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://inpotaqi.com/rnd/kept?nfqv=FJ/d49zORcYb9zN6lvaXEQ==&af=11908_072c0f96ce4famp&ssp_info=TbFApx4nNgks14z41YFGDmIb46DVNJpq6LgcupF6NdZJztASq6A20B1jb0W87SoX8VlD5AHjnlrd+hi4YdjvacoLUY2tbmHBA5G3mDw+KGQk6pIxShcXt0JjE7ON9dkHnNjHxy7TsfWn6uiqIqpCnIqlsd8e2ngdxRxRe/lt/+gqOa8RNVL8b+7GvUzwzMJnW/YfZO1vIp7yIVXXa6EPRw== Page URL
  2. http://madagty.com/buasdg78ezads13gffe7667dhd9?adTagId=ee795150-730c-11e8-800a-0ae8b840b174&cpm=0.00002&fallbackUrl=https%3A%2F%2Fbidstraff.com%2Fl%2F21367515bcdfaf81e2d9%3Fsource%3Dmsadir HTTP 302
    https://bidstraff.com/l/21367515bcdfaf81e2d9?source=msadir&clickid=779c4417-82fc-11e9-baf0-122307ffc824 Page URL
  3. https://bidstraff.com/l/21367515bcdfaf81e2d9?source=msadir&clickid=779c4417-82fc-11e9-baf0-122307ffc824&code=23Y3VvBDU6O0A6PD9BQENBR0URhYV3Fn.GGI9-jR1PVB.JhYMBMjMDdHF6CFRyeICELYZHRnBIRxSJeX8ZGYOSHU5UT1Ahi2gCMzU0NQZofwo7QTw9DnB4EkNFREUWi5IaSht.koeDISGFa2YDNARocWoJOQp6fnuCEBCHgHcVXIWGf4V-O2WLgU0giZVmZAN3dnprB257dwxybnqCdRGHdBVihZGBhYZ8S1JMT0BJb2Fka3F4dHlvQylTeYByei9dcnUzY2g2bzhKSnpNUX1USUFjcHFuaFtqaFJxfTlAP0Q8QkYxOl5caWNjRDmGhIeCPmaFhI1vKiJGbHd1dG04QT86PTxCR0NLQUVLTzdreoB8joZNVFNYUDM3AmR6Bj4HbHYLQwxuQkIRQUJEREVGF3lNThxMTR6ShiJSMDEyA2prBzg5OQpudHEPPxB3fokVe3eDi34afoSKH1BRUiJsb2kENTU2Nwh8fn1zDj8-QUJDREQVhYp7iY8cHI2Qg5OWhAEzMjM3NTc3PwlvgXh7D0JDEYR4ehZ.i4yJVEpLhoyPj5WDcWowZnNyNQd6a21uDT4.QUVCQ0hHFXmFjIkbG5OLiyAgmIlsdwMzBGhqbgk6Ozw9Pj9AQUFCQ0VGRkdISktMTU5PUFFSUzEyMzQ1NjY4OTo7PD0.P0BBQkJERUZHSElKS0xNTk9QUVJSMTEzA2duewg5Ojs8PT4-QEFCQ0RFRUdISEpKTE1OTlAgmJd0AnkxXTtcXUOAOH1Ae3x9fkyJQYBJhIWGh1WSSpFUlFuYUEVMbztaBXFzdnALcHo6Y2IQg4aHFUUWg3mIGxuEiZEgUCGQdAIzNDQ2Nzg4OjoLg3EPQEFCdEUUeIiPGRmNfoAeUFMglJJkAjQ3BGl2eQk6CnlvcQ9IPkoSgIiFF0hN&_tdf=54 HTTP 302
    https://1d6168aa654.traffic-c.com/?p=2827&media_type=mainstream&click_id=bmconv_20190530190046_00df616e_d682_426f_8b0f_6bb33b636074&pi=117082_msadir Page URL
  4. https://durasser.com/2iWEs/S4Gt/RYW9/Hcnse1U2_5IkZ5ZAs5bZgj3LhywhRcAUrhkjpYYEAgYrtZ-XCA4?T4g=Mainstream_2&tracker=5iz12gfu33p1bq33ngn0g8ssc,13057486,5,2827&af=2827&ctrack=1559235646.2364066766 Page URL
  5. https://botudeso.com/auction?info=imoSvZ5PR%252Fw0i9YbG5K28IqCXHv4GAgqtCSDoJ64XxxishHRQGYqu74Ggc12WvY9fvlFsJ0HF1ActoN7bQRbveprwXR6znO9XNcgEKFFS1I%253D&sid=2IHskw9IH890twQercOCfxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&id=2 Page URL
  6. http://xml.adxfactory.com/click?i=IcmGRf9eXmk_0 HTTP 302
    https://syndication.dynsrvtbg.com/splash.php?idzone=3015142&type=8&sub=161229 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://madagty.com/buasdg78ezads13gffe7667dhd9?adTagId=ee795150-730c-11e8-800a-0ae8b840b174&cpm=0.00002&fallbackUrl=https%3A%2F%2Fbidstraff.com%2Fl%2F21367515bcdfaf81e2d9%3Fsource%3Dmsadir HTTP 302
  • https://bidstraff.com/l/21367515bcdfaf81e2d9?source=msadir&clickid=779c4417-82fc-11e9-baf0-122307ffc824
Request Chain 2
  • https://bidstraff.com/l/21367515bcdfaf81e2d9?source=msadir&clickid=779c4417-82fc-11e9-baf0-122307ffc824&code=23Y3VvBDU6O0A6PD9BQENBR0URhYV3Fn.GGI9-jR1PVB.JhYMBMjMDdHF6CFRyeICELYZHRnBIRxSJeX8ZGYOSHU5UT1Ahi2gCMzU0NQZofwo7QTw9DnB4EkNFREUWi5IaSht.koeDISGFa2YDNARocWoJOQp6fnuCEBCHgHcVXIWGf4V-O2WLgU0giZVmZAN3dnprB257dwxybnqCdRGHdBVihZGBhYZ8S1JMT0BJb2Fka3F4dHlvQylTeYByei9dcnUzY2g2bzhKSnpNUX1USUFjcHFuaFtqaFJxfTlAP0Q8QkYxOl5caWNjRDmGhIeCPmaFhI1vKiJGbHd1dG04QT86PTxCR0NLQUVLTzdreoB8joZNVFNYUDM3AmR6Bj4HbHYLQwxuQkIRQUJEREVGF3lNThxMTR6ShiJSMDEyA2prBzg5OQpudHEPPxB3fokVe3eDi34afoSKH1BRUiJsb2kENTU2Nwh8fn1zDj8-QUJDREQVhYp7iY8cHI2Qg5OWhAEzMjM3NTc3PwlvgXh7D0JDEYR4ehZ.i4yJVEpLhoyPj5WDcWowZnNyNQd6a21uDT4.QUVCQ0hHFXmFjIkbG5OLiyAgmIlsdwMzBGhqbgk6Ozw9Pj9AQUFCQ0VGRkdISktMTU5PUFFSUzEyMzQ1NjY4OTo7PD0.P0BBQkJERUZHSElKS0xNTk9QUVJSMTEzA2duewg5Ojs8PT4-QEFCQ0RFRUdISEpKTE1OTlAgmJd0AnkxXTtcXUOAOH1Ae3x9fkyJQYBJhIWGh1WSSpFUlFuYUEVMbztaBXFzdnALcHo6Y2IQg4aHFUUWg3mIGxuEiZEgUCGQdAIzNDQ2Nzg4OjoLg3EPQEFCdEUUeIiPGRmNfoAeUFMglJJkAjQ3BGl2eQk6CnlvcQ9IPkoSgIiFF0hN&_tdf=54 HTTP 302
  • https://1d6168aa654.traffic-c.com/?p=2827&media_type=mainstream&click_id=bmconv_20190530190046_00df616e_d682_426f_8b0f_6bb33b636074&pi=117082_msadir
Request Chain 7
  • https://syndication.dynsrvtbg.com/splash.php?idzone=3015142&type=8&sub=161229&p=https%3A%2F%2Fbotudeso.com%2F&tested=1&check=1773cbeac41fbe562da4e71cf69eb281&screen_resolution=1600x1200&container_resolution=1600x1200&iframe=0 HTTP 302
  • https://yahoo.com/ HTTP 301
  • https://www.yahoo.com/ HTTP 307
  • https://de.yahoo.com/?p=us HTTP 307
  • https://guce.yahoo.com/consent?brandType=eu&gcrumb=azJ2ZhU&lang=de-DE&done=https%3A%2F%2Fde.yahoo.com%2F%3Fp%3Dus HTTP 302
  • https://consent.yahoo.com/collectConsent?sessionId=3_cc-session_82d0c1f1-c91e-4525-89cc-2b75379ea304&lang=de-DE&inline=false

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set kept
inpotaqi.com/rnd/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://inpotaqi.com/rnd/kept?nfqv=FJ/d49zORcYb9zN6lvaXEQ==&af=11908_072c0f96ce4famp&ssp_info=TbFApx4nNgks14z41YFGDmIb46DVNJpq6LgcupF6NdZJztASq6A20B1jb0W87SoX8VlD5AHjnlrd+hi4YdjvacoLUY2tbmHBA5G3mDw+KGQk6pIxShcXt0JjE7ON9dkHnNjHxy7TsfWn6uiqIqpCnIqlsd8e2ngdxRxRe/lt/+gqOa8RNVL8b+7GvUzwzMJnW/YfZO1vIp7yIVXXa6EPRw==
Protocol
HTTP/1.1
Server
2606:4700:20::6819:6c64 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
inpotaqi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 30 May 2019 17:00:45 GMT
Content-Type
text/html;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=df81fd223fab989390ac68c9b5177bc0c1559235645; expires=Fri, 29-May-20 17:00:45 GMT; path=/; domain=.inpotaqi.com; HttpOnly
Referrer-Policy
origin
Cache-control
no-store, no-cache
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4df244231e59beb5-FRA
Content-Encoding
gzip
21367515bcdfaf81e2d9
bidstraff.com/l/
Redirect Chain
  • http://madagty.com/buasdg78ezads13gffe7667dhd9?adTagId=ee795150-730c-11e8-800a-0ae8b840b174&cpm=0.00002&fallbackUrl=https%3A%2F%2Fbidstraff.com%2Fl%2F21367515bcdfaf81e2d9%3Fsource%3Dmsadir
  • https://bidstraff.com/l/21367515bcdfaf81e2d9?source=msadir&clickid=779c4417-82fc-11e9-baf0-122307ffc824
36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bidstraff.com/l/21367515bcdfaf81e2d9?source=msadir&clickid=779c4417-82fc-11e9-baf0-122307ffc824
Requested by
Host: inpotaqi.com
URL: http://inpotaqi.com/rnd/kept?nfqv=FJ/d49zORcYb9zN6lvaXEQ==&af=11908_072c0f96ce4famp&ssp_info=TbFApx4nNgks14z41YFGDmIb46DVNJpq6LgcupF6NdZJztASq6A20B1jb0W87SoX8VlD5AHjnlrd+hi4YdjvacoLUY2tbmHBA5G3mDw+KGQk6pIxShcXt0JjE7ON9dkHnNjHxy7TsfWn6uiqIqpCnIqlsd8e2ngdxRxRe/lt/+gqOa8RNVL8b+7GvUzwzMJnW/YfZO1vIp7yIVXXa6EPRw==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.87.141 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
72d6afd038754d8c8199a647b2070f16fe34d0c7c9cfae35c2eeee16dcd606a8

Request headers

Host
bidstraff.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://inpotaqi.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://inpotaqi.com/

Response headers

Server
nginx
Date
Thu, 30 May 2019 17:00:46 GMT
Content-Type
text/html
Last-Modified
Mon, 27 May 2019 14:42:36 GMT
Transfer-Encoding
chunked
ETag
W/"5cebf75c-8f0f"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Content-Encoding
gzip

Redirect headers

Date
Thu, 30 May 2019 17:00:46 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Location
https://bidstraff.com/l/21367515bcdfaf81e2d9?source=msadir&clickid=779c4417-82fc-11e9-baf0-122307ffc824
Server
ZeroPark-Traffic
/
1d6168aa654.traffic-c.com/
Redirect Chain
  • https://bidstraff.com/l/21367515bcdfaf81e2d9?source=msadir&clickid=779c4417-82fc-11e9-baf0-122307ffc824&code=23Y3VvBDU6O0A6PD9BQENBR0URhYV3Fn.GGI9-jR1PVB.JhYMBMjMDdHF6CFRyeICELYZHRnBIRxSJeX8ZGYOSHU...
  • https://1d6168aa654.traffic-c.com/?p=2827&media_type=mainstream&click_id=bmconv_20190530190046_00df616e_d682_426f_8b0f_6bb33b636074&pi=117082_msadir
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1d6168aa654.traffic-c.com/?p=2827&media_type=mainstream&click_id=bmconv_20190530190046_00df616e_d682_426f_8b0f_6bb33b636074&pi=117082_msadir
Requested by
Host: inpotaqi.com
URL: http://inpotaqi.com/rnd/kept?nfqv=FJ/d49zORcYb9zN6lvaXEQ==&af=11908_072c0f96ce4famp&ssp_info=TbFApx4nNgks14z41YFGDmIb46DVNJpq6LgcupF6NdZJztASq6A20B1jb0W87SoX8VlD5AHjnlrd+hi4YdjvacoLUY2tbmHBA5G3mDw+KGQk6pIxShcXt0JjE7ON9dkHnNjHxy7TsfWn6uiqIqpCnIqlsd8e2ngdxRxRe/lt/+gqOa8RNVL8b+7GvUzwzMJnW/YfZO1vIp7yIVXXa6EPRw==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.208.172.46 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-208-172-46.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7be850b235a472d0a14d6bbfd1c94e8f6d8913ca556c86c69d833a2e9a82d800

Request headers

:method
GET
:authority
1d6168aa654.traffic-c.com
:scheme
https
:path
/?p=2827&media_type=mainstream&click_id=bmconv_20190530190046_00df616e_d682_426f_8b0f_6bb33b636074&pi=117082_msadir
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://bidstraff.com/l/21367515bcdfaf81e2d9?source=msadir&clickid=779c4417-82fc-11e9-baf0-122307ffc824
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://bidstraff.com/l/21367515bcdfaf81e2d9?source=msadir&clickid=779c4417-82fc-11e9-baf0-122307ffc824

Response headers

status
200
date
Thu, 30 May 2019 17:00:46 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
traffic-back=ok; expires=Thu, 30-May-2019 17:01:16 GMT; Max-Age=30; path=/; domain=.traffic-c.com t-uuid=5iz12gfufc63hz5z2iw0g0gco; expires=Wed, 30-May-2029 17:00:46 GMT; Max-Age=315619200; path=/; domain=.traffic-c.com traffic-visited-offers=20509%7C1559235646%7C20509%7Cunspecified; expires=Fri, 31-May-2019 17:00:46 GMT; Max-Age=86400; path=/; domain=.traffic-c.com rts-trck=1; expires=Thu, 30-May-2019 17:10:46 GMT; Max-Age=600; path=/; domain=1d6168aa654.traffic-c.com
last-modified
Thu, 30 May 2019 17:00:46 GMT
expires
Thu, 30 May 2019 17:00:46 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
x-robots-tag
noindex, nofollow
content-encoding
gzip

Redirect headers

Server
nginx
Date
Thu, 30 May 2019 17:00:46 GMT
Transfer-Encoding
chunked
Location
https://1d6168aa654.traffic-c.com/?p=2827&media_type=mainstream&click_id=bmconv_20190530190046_00df616e_d682_426f_8b0f_6bb33b636074&pi=117082_msadir
Cache-Control
private, max-age=0, no-cache, no-store, must-revalidate
Pragma
no-cache
Set-Cookie
BSESSID=trkf3f56169-485a-4e4e-8505-8fa47a6efb79; Max-Age=63072000; Expires=Sat, 29 May 2021 17:00:46 GMT; Path=/
Hcnse1U2_5IkZ5ZAs5bZgj3LhywhRcAUrhkjpYYEAgYrtZ-XCA4
durasser.com/2iWEs/S4Gt/RYW9/ 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://durasser.com/2iWEs/S4Gt/RYW9/Hcnse1U2_5IkZ5ZAs5bZgj3LhywhRcAUrhkjpYYEAgYrtZ-XCA4?T4g=Mainstream_2&tracker=5iz12gfu33p1bq33ngn0g8ssc,13057486,5,2827&af=2827&ctrack=1559235646.2364066766
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.147.93.131 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
d673d071233fe7797b3c7f7d647673f2c082bc08a6aea3806a4b6d82ad9ba5d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

:method
GET
:authority
durasser.com
:scheme
https
:path
/2iWEs/S4Gt/RYW9/Hcnse1U2_5IkZ5ZAs5bZgj3LhywhRcAUrhkjpYYEAgYrtZ-XCA4?T4g=Mainstream_2&tracker=5iz12gfu33p1bq33ngn0g8ssc,13057486,5,2827&af=2827&ctrack=1559235646.2364066766
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://1d6168aa654.traffic-c.com/?p=2827&media_type=mainstream&click_id=bmconv_20190530190046_00df616e_d682_426f_8b0f_6bb33b636074&pi=117082_msadir
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://1d6168aa654.traffic-c.com/?p=2827&media_type=mainstream&click_id=bmconv_20190530190046_00df616e_d682_426f_8b0f_6bb33b636074&pi=117082_msadir

Response headers

status
200
content-type
text/html;charset=utf-8
x-cache-status
NOTCACHED
x-zen-fury
f434b8dc161b27c24c5edd6aca8a03c9cff75752
date
Thu, 30 May 2019 17:00:46 GMT
cache-control
no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
expires
Sat, 26 Jul 1997 05:00:00 GMT
set-cookie
NfFkRdM4lqwgbiG78%2BUJDvgwlnV3Ym319a2jbdOC07o%3D=4fc700b6be1a0850a82be3223f2ba351_1559235646.7582; domain=durasser.com; path=/; expires=Sun, 27-May-2029 17:00:46 UTC; Secure %2F5ylJ4SeJomlZC%2F8FmSETlHltYW5Xc1j6HMR3SwHSQ4%3D=1559235646.7609; domain=durasser.com; path=/; expires=Sun, 27-May-2029 17:00:46 UTC; Secure 4NCpywJlw38q9nRCrV2iYepvFUnAVtQvrb%2FABG5b6ZI%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3U0hqaVl2RFVhOVAzL1dveGltbzEzUnhQdVIzN05GbS9RZE1BSThZTk93Sw%3D%3D; domain=durasser.com; path=/; expires=Sun, 27-May-2029 17:00:46 UTC; Secure 4fc700b6be1a0850a82be3223f2ba351_1559235646.7582_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bnZEc0kzbHpMem9zQnQxUTE4UkJTc3pwSFlKY3BWM212TCt6Rldsb0p6U2NHNGJ1SFJUUzRSN1VkWlhETFVwT3MzR0R3L1pPcmp1aW9mZ3ZoQ0JJak5LNUdValFhcEo4bGUyRTNxbnQzNmZHRUVpWFd1T1VURmtGdjFaaThVM2FUdWNYTEk4OCt4UWVrUnNsK0N6Zld4cUlRLzN3MkgvZ2xrRTY3eVdOaFNuUlZPR0NYYXhLaS9BT0l5MTRqdGIzMUxTT1lpczY3ZExQTmNGSExuWXp2NlZhTXIyRGUxb25tTk9kZHVtbzV6TTFiT214c0VkRmEvNnpmbDF3T1pOU0lkYVVvQVFOb0k5N3hHdmtxTXEzWGY1RjVoczU3c0lsVmJpTzdIRHV1MGgzRllOYmhyN3dncDUxU2lrRHdpRzVVUlBCeXVQNlhYSjEwTU5yS0piWC9ad1RvN3E4dkFaV1cwM0p6b0lSYUd3T0xneEtmSVBQdnozWnRPSmc3dXZGTkFITWpJbldTNlF5MnBlQ3Y3MkV1cVl2RG0xRDRxT20raVRQYXdtWDQ0VTJnbXlFSkdNU1ZMaEwvY1BTc2o2Umhqekg1UmZ6Y1k0Q0FpZm02ejcrMkdaMUdDbmM3djJvWFpTaVZNdm9EZ1BrTlh1MlpXdmh6SVIzWEVLMkNJMmM5QmlCeC9xRDh3ak1NODNKZkNPYXRacjQxK2xKZUE4YTczNzcxdkRWKy9jU0V4WThxeEpqRG5zY1IxbEdFcVFGRS9EN1oxZ2EvdkVucUg4bVI4UzNzNTRYdkg4QllaZUNJSUczSzV2WUZGVGxSK2JaTmpoVFhPVE1memdHTGtIcmgzTjFINU9WSWk5eWNsY2QwOUNnYURIZHFUL2NuZDVZU09DN0lqM0tMMmJhc1kyam56dzVWR0h6MkIzWWZ1ZStxZXhyd1BodUVlWitvcWdoMFJKaHNEeGxQMmE1YUZSN1MxeUZSQzVHNUtTL1FxVzRMUVplVDhmNWhoNUhQenRNZE80QWFZUmZRcm8xamJIVlEvMkh3eEsydDROVUE5SCs1K1d5M1RnMVE2TFlNbnh2RndQRXFWQUUrNGFtZm5xY2VRQ2poMkduN0VHU3U2eGVPZ0trM29LdkpRd1VKeVFza2hnUmlySlZFOHM%3D; domain=durasser.com; path=/; expires=Sun, 27-May-2029 17:00:46 UTC; Secure uLXq6amEJTkDhRGEX2qUh2211wruvx4pLD2lR6ntGOw%3D=SWhBTjNISVd3czcvNlpMbTJKYXdaakxPWmkwQXpzVUhkeEtvakZrL0tZbFJHYjhNdFpHR3ltU1RQMlRQcDlJcDBjeUhOU1JSQkU5Wm4wN1I4ZXhiVTZWRmVQZ1R4aWR4b3VJRzJDbm1VUDQ9; domain=durasser.com; path=/; expires=Thu, 30-May-2019 18:05:46 UTC; Secure SERVERID=sfc20; path=/
vary
Accept-Encoding Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
ZENEDGE
x-cdn
Served-By-Zenedge
auction
botudeso.com/ 		0
0
auction
botudeso.com/ 		0
0
auction
botudeso.com/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://botudeso.com/auction?info=imoSvZ5PR%252Fw0i9YbG5K28IqCXHv4GAgqtCSDoJ64XxxishHRQGYqu74Ggc12WvY9fvlFsJ0HF1ActoN7bQRbveprwXR6znO9XNcgEKFFS1I%253D&sid=2IHskw9IH890twQercOCfxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&id=2
Requested by
Host: durasser.com
URL: https://durasser.com/2iWEs/S4Gt/RYW9/Hcnse1U2_5IkZ5ZAs5bZgj3LhywhRcAUrhkjpYYEAgYrtZ-XCA4?T4g=Mainstream_2&tracker=5iz12gfu33p1bq33ngn0g8ssc,13057486,5,2827&af=2827&ctrack=1559235646.2364066766
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.186.102 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddbed921aa76526243fdacb800b6bcd64bf39626c16c6d197f08c9201c3826b9

Request headers

:method
GET
:authority
botudeso.com
:scheme
https
:path
/auction?info=imoSvZ5PR%252Fw0i9YbG5K28IqCXHv4GAgqtCSDoJ64XxxishHRQGYqu74Ggc12WvY9fvlFsJ0HF1ActoN7bQRbveprwXR6znO9XNcgEKFFS1I%253D&sid=2IHskw9IH890twQercOCfxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&id=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://durasser.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://durasser.com/

Response headers

status
200
date
Thu, 30 May 2019 17:00:59 GMT
content-type
text/html;charset=ISO-8859-1
set-cookie
__cfduid=dcbc722cb452160ad489841802a2d5f4d1559235659; expires=Fri, 29-May-20 17:00:59 GMT; path=/; domain=.botudeso.com; HttpOnly
cache-control
no-store, no-cache
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4df24478496dd8fd-AMS
content-encoding
br
Primary Request Cookie set splash.php
syndication.dynsrvtbg.com/
Redirect Chain
  • http://xml.adxfactory.com/click?i=IcmGRf9eXmk_0
  • https://syndication.dynsrvtbg.com/splash.php?idzone=3015142&type=8&sub=161229
1 KB
932 B 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.dynsrvtbg.com/splash.php?idzone=3015142&type=8&sub=161229
Requested by
Host: botudeso.com
URL: https://botudeso.com/auction?info=imoSvZ5PR%252Fw0i9YbG5K28IqCXHv4GAgqtCSDoJ64XxxishHRQGYqu74Ggc12WvY9fvlFsJ0HF1ActoN7bQRbveprwXR6znO9XNcgEKFFS1I%253D&sid=2IHskw9IH890twQercOCfxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&id=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
34f502a887a4790df7eeb1632c2787c5bca5844d8e1548df38c7642f35d11b08

Request headers

Host
syndication.dynsrvtbg.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://botudeso.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://botudeso.com/

Response headers

Server
nginx
Date
Thu, 30 May 2019 17:01:00 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225cf00c4c682156.932117752758240148%22%3B%7D; expires=Sat, 29-May-2021 17:01:00 GMT; Max-Age=63072000; domain=dynsrvtbg.com
Content-Encoding
gzip

Redirect headers

Location
https://syndication.dynsrvtbg.com/splash.php?idzone=3015142&type=8&sub=161229
Connection
keep-alive
Content-Length
0
collectConsent
consent.yahoo.com/
Redirect Chain
  • https://syndication.dynsrvtbg.com/splash.php?idzone=3015142&type=8&sub=161229&p=https%3A%2F%2Fbotudeso.com%2F&tested=1&check=1773cbeac41fbe562da4e71cf69eb281&screen_resolution=1600x1200&container_r...
  • https://yahoo.com/
  • https://www.yahoo.com/
  • https://de.yahoo.com/?p=us
  • https://guce.yahoo.com/consent?brandType=eu&gcrumb=azJ2ZhU&lang=de-DE&done=https%3A%2F%2Fde.yahoo.com%2F%3Fp%3Dus
  • https://consent.yahoo.com/collectConsent?sessionId=3_cc-session_82d0c1f1-c91e-4525-89cc-2b75379ea304&lang=de-DE&inline=false
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
botudeso.com
URL
https://botudeso.com/auction?info=imoSvZ5PR%252Fw0i9YbG5K28IqCXHv4GAgqtCSDoJ64XxxishHRQGYqu74Ggc12WvY9fvlFsJ0HF1ActoN7bQRbveprwXR6znO9XNcgEKFFS1I%253D&sid=2IHskw9IH890twQercOCfxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&id=2&
Domain
botudeso.com
URL
https://botudeso.com/auction?info=imoSvZ5PR%252Fw0i9YbG5K28IqCXHv4GAgqtCSDoJ64XxxishHRQGYqu74Ggc12WvY9fvlFsJ0HF1ActoN7bQRbveprwXR6znO9XNcgEKFFS1I%253D&sid=2IHskw9IH890twQercOCfxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&id=2
Domain
consent.yahoo.com
URL
https://consent.yahoo.com/collectConsent?sessionId=3_cc-session_82d0c1f1-c91e-4525-89cc-2b75379ea304&lang=de-DE&inline=false

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| foo function| unload undefined| xhttp

1 Cookies

Domain/Path Name / Value
.botudeso.com/ Name: __cfduid
Value: dcbc722cb452160ad489841802a2d5f4d1559235659