syndication.realsrv.com Open in urlscan Pro
95.211.229.246 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://syndication.realsrv.com/ads-iframe-display.php?idzone=3206397&type=300x250&p=https%3A//www.xzorra.com/follando-a-mi-veci...
Submission: On March 05 via api (March 5th 2021, 2:54:18 am UTC) from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 9 HTTP transactions. The main IP is 95.211.229.246, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is syndication.realsrv.com.
TLS certificate: Issued by R3 on January 11th 2021. Valid for: 3 months.

This is the only time syndication.realsrv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	95.211.229.246 95.211.229.246	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	94.199.255.192 94.199.255.192	48684 (VIKINGHOST) (VIKINGHOST)
4	66.254.122.118 66.254.122.118	29789 (REFLECTED) (REFLECTED)
2	2606:4700::68... 2606:4700::6810:7444	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	5.79.73.88 5.79.73.88	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
9	6

1 95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.199.255.192 (Netherlands)

ASN48684 (VIKINGHOST, NL)

bngpt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.254.122.118 (United States)

ASN29789 (REFLECTED, US)

i.bongacash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7444 (United States)

ASN13335 (CLOUDFLARENET, US)

i.bimbolive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.79.73.88 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

dbo.bngpt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	bongacash.com i.bongacash.com	51 KB
2	bimbolive.com i.bimbolive.com	25 KB
2	bngpt.com bngpt.com dbo.bngpt.com	174 KB
1	realsrv.com syndication.realsrv.com	1 KB
9	4

	Domain	Requested by
4	i.bongacash.com	bngpt.com
2	i.bimbolive.com	bngpt.com i.bongacash.com
1	dbo.bngpt.com	bngpt.com
1	bngpt.com	syndication.realsrv.com
1	syndication.realsrv.com
9	5

This site contains no links.

Subject Issuer	Validity	Valid
realsrv.com R3	`2021-01-11` - `2021-04-11`	3 months	crt.sh
bngpt.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-24` - `2021-03-24`	a year	crt.sh
*.bongacash.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-05` - `2021-06-03`	a year	crt.sh
i.bimbolive.com Cloudflare Inc ECC CA-3	`2020-07-05` - `2021-07-05`	a year	crt.sh
dbo.bngpt.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-12` - `2021-05-12`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://syndication.realsrv.com/ads-iframe-display.php?idzone=3206397&type=300x250&p=https%3A//www.xzorra.com/follando-a-mi-vecino-mexicano-caliente-mienstras-estoy-sola-en-verano/&dt=1614945060108&sub=&tags=&cookieconsent=true&screen_resolution=1280x1024&el=%22
Frame ID: AE8982D8D65A631DA4604BF8EA21F293
Requests: 1 HTTP requests in this frame

Frame: https://bngpt.com/promo.php?c=680190&subid=oodNbVHPNPHNZNHXY4H2zqJ5a6LrHUzUVy1VVOldRLKqeqV1UtrqZnTumrdK6V0rrKZnT2U3W2XOnsqusupdK6V07p3SuldM6V0rpnO3q32z14qu1us0rmm11p4nrp1rroo3m3zdK5TAkJnHqH9009sqppZ6XOldK6V1tDpXSuD7&subid2=3206397&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Frame ID: 17D749CCA46D1739FC1D5134B2814F4B
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

9
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

251 kB
Transfer

444 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set ads-iframe-display.php Show response
syndication.realsrv.com/ 1 KB
1 KB 70ms
34ms Document
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.realsrv.com/ads-iframe-display.php?idzone=3206397&type=300x250&p=https%3A//www.xzorra.com/follando-a-mi-vecino-mexicano-caliente-mienstras-estoy-sola-en-verano/&dt=1614945060108&sub=&tags=&cookieconsent=true&screen_resolution=1280x1024&el=%22
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 58979f864433825e097887573b4d60a6c4d2dbcd92e9ec69d7b8c7a8d6f8db35

Request headers

Host: syndication.realsrv.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Fri, 05 Mar 2021 02:54:01 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2260419d49786400.24689358795744716%22%3B%7D; expires=Sun, 05 Mar 2023 02:54:01 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
Content-Encoding: gzip

GET
H2 200 promo.php Show response
bngpt.com/ Frame 17D7 127 KB
42 KB 74ms
36ms Document
text/html 94.199.255.192
VIKINGHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://bngpt.com/promo.php?c=680190&subid=oodNbVHPNPHNZNHXY4H2zqJ5a6LrHUzUVy1VVOldRLKqeqV1UtrqZnTumrdK6V0rrKZnT2U3W2XOnsqusupdK6V07p3SuldM6V0rpnO3q32z14qu1us0rmm11p4nrp1rroo3m3zdK5TAkJnHqH9009sqppZ6XOldK6V1tDpXSuD7&subid2=3206397&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0

Requested by

Host: syndication.realsrv.com
URL: https://syndication.realsrv.com/ads-iframe-display.php?idzone=3206397&type=300x250&p=https%3A//www.xzorra.com/follando-a-mi-vecino-mexicano-caliente-mienstras-estoy-sola-en-verano/&dt=1614945060108&sub=&tags=&cookieconsent=true&screen_resolution=1280x1024&el=%22

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.199.255.192 , Netherlands, ASN48684 (VIKINGHOST, NL),

Reverse DNS

Software

nginx /

Resource Hash

680c4eb42c6a8ed1947691eee7b0bccfa804d1c37cb2b1d53b46bba67ffba695

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

:method: GET
:authority: bngpt.com
:scheme: https
:path: /promo.php?c=680190&subid=oodNbVHPNPHNZNHXY4H2zqJ5a6LrHUzUVy1VVOldRLKqeqV1UtrqZnTumrdK6V0rrKZnT2U3W2XOnsqusupdK6V07p3SuldM6V0rpnO3q32z14qu1us0rmm11p4nrp1rroo3m3zdK5TAkJnHqH9009sqppZ6XOldK6V1tDpXSuD7&subid2=3206397&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://syndication.realsrv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://syndication.realsrv.com/

Response headers

server: nginx
date: Fri, 05 Mar 2021 02:54:02 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin
expires: Fri, 05 Mar 2021 02:54:01 GMT
cache-control: no-cache public
x-bcs: ded7724
strict-transport-security: max-age=0;
content-encoding: gzip
x-bc-bl: 105

GET
H2 200 jquery.tools.min.js Show response
i.bongacash.com/dynamic_banner/ Frame 17D7 135 KB
46 KB 71ms
23ms Script
application/x-javascript 66.254.122.118
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://i.bongacash.com/dynamic_banner/jquery.tools.min.js
Requested by: Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodNbVHPNPHNZNHXY4H2zqJ5a6LrHUzUVy1VVOldRLKqeqV1UtrqZnTumrdK6V0rrKZnT2U3W2XOnsqusupdK6V07p3SuldM6V0rpnO3q32z14qu1us0rmm11p4nrp1rroo3m3zdK5TAkJnHqH9009sqppZ6XOldK6V1tDpXSuD7&subid2=3206397&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.118 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197

Request headers

Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 02:54:01 GMT
content-encoding: gzip
last-modified: Tue, 18 Jun 2019 13:44:19 GMT
x-cdn-diag-r: fra1-11044-7-50758-h-0-0---
x-shm-miss: true
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
x-cdn-diag: fra1-11058-4-17371-h-0-0---;110447-8-53649----0-1-0
expires: Sat, 14 Nov 2020 07:18:40 GMT

GET
H2 200 logo2_default.png
i.bongacash.com/dynamic_banner/images/ Frame 17D7 4 KB
4 KB 80ms
51ms Image
image/png 66.254.122.118
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bongacash.com/dynamic_banner/images/logo2_default.png
Requested by: Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodNbVHPNPHNZNHXY4H2zqJ5a6LrHUzUVy1VVOldRLKqeqV1UtrqZnTumrdK6V0rrKZnT2U3W2XOnsqusupdK6V07p3SuldM6V0rpnO3q32z14qu1us0rmm11p4nrp1rroo3m3zdK5TAkJnHqH9009sqppZ6XOldK6V1tDpXSuD7&subid2=3206397&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.118 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: ea5bb79665ee9cab463d102ec757ae3028aab2c32267326aeb6c1a8aa978cc4f

Request headers

Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 02:54:01 GMT
last-modified: Tue, 18 Jun 2019 13:44:19 GMT
content-type: image/png
cache-control: max-age=2592000
x-cdn-diag: fra1-11059-1-41572-h-0-0---;110447-8-53649----0-0-1
accept-ranges: bytes
content-length: 3813
expires: Wed, 27 Jan 2021 08:42:04 GMT

GET
H2 200 video_back.gif
i.bongacash.com/dynamic_banner/images/ Frame 17D7 44 B
268 B 23ms
23ms Image
image/gif 66.254.122.118
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bongacash.com/dynamic_banner/images/video_back.gif
Requested by: Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodNbVHPNPHNZNHXY4H2zqJ5a6LrHUzUVy1VVOldRLKqeqV1UtrqZnTumrdK6V0rrKZnT2U3W2XOnsqusupdK6V07p3SuldM6V0rpnO3q32z14qu1us0rmm11p4nrp1rroo3m3zdK5TAkJnHqH9009sqppZ6XOldK6V1tDpXSuD7&subid2=3206397&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.118 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 45ec8d91945614154aa6d7310bcfc5f00ea6d89647f51d8be503c988a3a91f13

Request headers

Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 02:54:01 GMT
last-modified: Tue, 18 Jun 2019 13:44:19 GMT
content-type: image/gif
cache-control: max-age=2592000
x-cdn-diag: fra1-11023-6-16440-h-0-0---;110447-9-53649----0-0-0
accept-ranges: bytes
content-length: 44
expires: Sat, 14 Nov 2020 07:18:40 GMT

GET
H2 200 english.png
i.bongacash.com/dynamic_banner/images/lang/ Frame 17D7 542 B
767 B 23ms
23ms Image
image/png 66.254.122.118
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bongacash.com/dynamic_banner/images/lang/english.png
Requested by: Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodNbVHPNPHNZNHXY4H2zqJ5a6LrHUzUVy1VVOldRLKqeqV1UtrqZnTumrdK6V0rrKZnT2U3W2XOnsqusupdK6V07p3SuldM6V0rpnO3q32z14qu1us0rmm11p4nrp1rroo3m3zdK5TAkJnHqH9009sqppZ6XOldK6V1tDpXSuD7&subid2=3206397&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.118 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: 097f8db12c193936f803052d0e27068c5e8959011a541b12d609c5c73d464d52

Request headers

Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 02:54:01 GMT
last-modified: Tue, 18 Jun 2019 13:44:19 GMT
content-type: image/png
cache-control: max-age=2592000
x-cdn-diag: fra1-11023-7-16510-h-0-0---;110447-9-53649----0-1-0
accept-ranges: bytes
content-length: 542
expires: Sat, 14 Nov 2020 07:18:41 GMT

GET
H2 200 062edd91542709f234e6ff3dbd6bf998_thumb_medium.jpg
i.bimbolive.com/066/33b/0ea/ Frame 17D7 12 KB
13 KB 39ms
24ms Image
image/jpeg 2606:4700::6810:7444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bimbolive.com/066/33b/0ea/062edd91542709f234e6ff3dbd6bf998_thumb_medium.jpg
Requested by: Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodNbVHPNPHNZNHXY4H2zqJ5a6LrHUzUVy1VVOldRLKqeqV1UtrqZnTumrdK6V0rrKZnT2U3W2XOnsqusupdK6V07p3SuldM6V0rpnO3q32z14qu1us0rmm11p4nrp1rroo3m3zdK5TAkJnHqH9009sqppZ6XOldK6V1tDpXSuD7&subid2=3206397&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:7444 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beef24e950ad57aee6303f1b05243f2ad89559ddd7b4b227be192cd512bb26ab

Request headers

Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-bc-o: 2
date: Fri, 05 Mar 2021 02:54:01 GMT
cf-cache-status: HIT
age: 1255933
x-o1-p6: EXPIRED
content-length: 12676
cf-request-id: 08a1e7803100004ea48908e000000001
last-modified: Sat, 23 Jan 2021 09:48:05 GMT
server: cloudflare
etag: "600bf0d5-3184"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 20 Mar 2021 14:01:48 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 62b00ead1a454ea4-FRA
cf-bgj: h2pri

GET
H2 206 stream_CindyBKK.webm
dbo.bngpt.com/ Frame 17D7 132 KB
132 KB 52ms
16ms Media
video/webm 5.79.73.88
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://dbo.bngpt.com/stream_CindyBKK.webm
Requested by: Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodNbVHPNPHNZNHXY4H2zqJ5a6LrHUzUVy1VVOldRLKqeqV1UtrqZnTumrdK6V0rrKZnT2U3W2XOnsqusupdK6V07p3SuldM6V0rpnO3q32z14qu1us0rmm11p4nrp1rroo3m3zdK5TAkJnHqH9009sqppZ6XOldK6V1tDpXSuD7&subid2=3206397&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.79.73.88 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: f33d87611bb8f60c09379cb75f5beb0e6b441015aadb895f5cdc3ec9b1affc38

Request headers

Referer: https://bngpt.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 05 Mar 2021 02:53:59 GMT
last-modified: Thu, 04 Mar 2021 12:59:04 GMT
server: nginx
etag: "6040d998-20e37"
content-type: video/webm
Content-Range: bytes 0-134710/134711
x-circle-268: HIT
cache-control: max-age=10800
x-dbo-01: HIT
Content-Length: 134711
expires: Fri, 05 Mar 2021 05:53:59 GMT

GET
H2 200 062edd91542709f234e6ff3dbd6bf998_thumb_medium.jpg
i.bimbolive.com/066/33b/0ea/ Frame 17D7 12 KB
12 KB 9ms
9ms Image
image/jpeg 2606:4700::6810:7444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bimbolive.com/066/33b/0ea/062edd91542709f234e6ff3dbd6bf998_thumb_medium.jpg
Requested by: Host: i.bongacash.com
URL: https://i.bongacash.com/dynamic_banner/jquery.tools.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:7444 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beef24e950ad57aee6303f1b05243f2ad89559ddd7b4b227be192cd512bb26ab

Request headers

Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-bc-o: 2
date: Fri, 05 Mar 2021 02:54:01 GMT
cf-cache-status: HIT
age: 1255933
x-o1-p6: EXPIRED
content-length: 12676
cf-request-id: 08a1e7808200004ea40f26e000000001
last-modified: Sat, 23 Jan 2021 09:48:05 GMT
server: cloudflare
etag: "600bf0d5-3184"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 20 Mar 2021 14:01:48 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 62b00ead9ac94ea4-FRA
cf-bgj: h2pri

GET
DATA 200
OK truncated
/ Frame 17D7 21 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b336e72ade9127a8f50308df1bc4f5cd3a89482832cd0768802b4e63bf1b25e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.realsrv.com/	1970-01-20 10:06:24	Name: __uvt Value: a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2260419d49786400.24689358795744716%22%3B%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bngpt.com
dbo.bngpt.com
i.bimbolive.com
i.bongacash.com
syndication.realsrv.com
2606:4700::6810:7444
5.79.73.88
66.254.122.118
94.199.255.192
95.211.229.246
097f8db12c193936f803052d0e27068c5e8959011a541b12d609c5c73d464d52
45ec8d91945614154aa6d7310bcfc5f00ea6d89647f51d8be503c988a3a91f13
58979f864433825e097887573b4d60a6c4d2dbcd92e9ec69d7b8c7a8d6f8db35
680c4eb42c6a8ed1947691eee7b0bccfa804d1c37cb2b1d53b46bba67ffba695
8b336e72ade9127a8f50308df1bc4f5cd3a89482832cd0768802b4e63bf1b25e
beef24e950ad57aee6303f1b05243f2ad89559ddd7b4b227be192cd512bb26ab
e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197
ea5bb79665ee9cab463d102ec757ae3028aab2c32267326aeb6c1a8aa978cc4f
f33d87611bb8f60c09379cb75f5beb0e6b441015aadb895f5cdc3ec9b1affc38

syndication.realsrv.com Open in urlscan Pro 95.211.229.246 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

20 %IPv6

4 Domains

5 Subdomains

6 IPs

2 Countries

251 kBTransfer

444 kBSize

1 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

1 Cookies

Indicators

syndication.realsrv.com Open in urlscan Pro
95.211.229.246 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

251 kB
Transfer

444 kB
Size

1
Cookies

9 HTTP transactions
1 data transactions