URL: https://syndication.realsrv.com/splash.php?idzone=4418326&capping=1
Tags: falconsandbox
Submission: On September 16 via api from US

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 95.211.229.247, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is syndication.realsrv.com.
TLS certificate: Issued by R3 on August 5th 2021. Valid for: 3 months.
This is the only time syndication.realsrv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 95.211.229.247 60781 (LEASEWEB-...)
3 1
Domain
Subdomains
Transfer
3 realsrv.com
syndication.realsrv.com
4 KB
3 1
Domain Requested by
3 syndication.realsrv.com syndication.realsrv.com
3 1

This site contains no links.

Subject Issuer Validity Valid
realsrv.com
R3
2021-08-05 -
2021-11-03
3 months crt.sh

This page contains 2 frames:

Primary Page: https://syndication.realsrv.com/splash.php?idzone=4418326&capping=1
Frame ID: DE7F0CCB7747A19378467B3144701CB9
Requests: 2 HTTP requests in this frame

Frame: https://syndication.realsrv.com/%22https:////promo-bc.com//promo.php?c=680184&subid=ooc7bc7qaZraJ63Uy22V1TUOldRLKqaWV1Utrqp3TupldK6V0rqaq7nT3S1UUSununqqoodK6V07p3SuldM6V0rpnOdK5znSuldK66d0rpXSuldK4Ps-&subid2=4418326%5Cn&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_2&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=0&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=none&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0%5C%22
Frame ID: 1435CED99F39864265D78693C3EBC1CD
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

4 kB
Transfer

6 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set splash.php?idzone=4418326&capping=1
syndication.realsrv.com/
6 KB
3 KB
Document
General
Full URL
https://syndication.realsrv.com/splash.php?idzone=4418326&capping=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
9a777342752db784cd29b5a7d9eb33bcc83ce28cabf8bc2b3edfc21e02b7a20b

Request headers

Host
syndication.realsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Thu, 16 Sep 2021 12:11:01 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226143345523e667.70509775981630693%22%3B%7D; expires=Sat, 16 Sep 2023 12:11:01 GMT; path=; domain=.realsrv.com; Secure; SameSite=none c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CDEU%7C4418326%7C40876513%7C0%7C300x100%7C508%7C52%7C2%7C40%7C0%7C0%7C0%7C4569%7C2905330%7C2925533%7C0%7C0%7C2%7C2%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7C%7C%7C%7C0%7C0%7C0%7C92%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Fri, 17 Sep 2021 12:11:01 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Content-Encoding
gzip
%27%20+%20closeImage%20+%20%27
syndication.realsrv.com/
192 B
192 B
Image
General
Full URL
https://syndication.realsrv.com/'%20+%20closeImage%20+%20'
Requested by
Host: syndication.realsrv.com
URL: https://syndication.realsrv.com/splash.php?idzone=4418326&capping=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
bbf001be97b405f9af2a4146c382a6635ec44b376ce10a669490fa1f9570fc9b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
syndication.realsrv.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://syndication.realsrv.com/splash.php?idzone=4418326&capping=1
Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226143345523e667.70509775981630693%22%3B%7D; c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CDEU%7C4418326%7C40876513%7C0%7C300x100%7C508%7C52%7C2%7C40%7C0%7C0%7C0%7C4569%7C2905330%7C2925533%7C0%7C0%7C2%7C2%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7C%7C%7C%7C0%7C0%7C0%7C92%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://syndication.realsrv.com/splash.php?idzone=4418326&capping=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 12:11:01 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
promo.php?c=680184&subid=ooc7bc7qaZraJ63Uy22V1TUOldRLKqaWV1Utrqp3TupldK6V0rqaq7nT3S1UUSununqqoodK6V07p3SuldM6V0rpnOdK5znSuldK66d0rpXSuldK4Ps-&subid2=4418326%5Cn&type=dynamic_banner&new_banner=0&db%...
syndication.realsrv.com/%22https:////promo-bc.com// Frame 1435
192 B
357 B
Document
General
Full URL
https://syndication.realsrv.com/%22https:////promo-bc.com//promo.php?c=680184&subid=ooc7bc7qaZraJ63Uy22V1TUOldRLKqaWV1Utrqp3TupldK6V0rqaq7nT3S1UUSununqqoodK6V07p3SuldM6V0rpnOdK5znSuldK66d0rpXSuldK4Ps-&subid2=4418326\n&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_2&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=0&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=none&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0\%22
Requested by
Host: syndication.realsrv.com
URL: https://syndication.realsrv.com/splash.php?idzone=4418326&capping=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
bbf001be97b405f9af2a4146c382a6635ec44b376ce10a669490fa1f9570fc9b

Request headers

Host
syndication.realsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://syndication.realsrv.com/splash.php?idzone=4418326&capping=1
Accept-Encoding
gzip, deflate, br
Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226143345523e667.70509775981630693%22%3B%7D; c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CDEU%7C4418326%7C40876513%7C0%7C300x100%7C508%7C52%7C2%7C40%7C0%7C0%7C0%7C4569%7C2905330%7C2925533%7C0%7C0%7C2%7C2%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7C%7C%7C%7C0%7C0%7C0%7C92%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://syndication.realsrv.com/splash.php?idzone=4418326&capping=1

Response headers

Server
nginx
Date
Thu, 16 Sep 2021 12:11:01 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster

2 Cookies

Domain/Path Name / Value
.realsrv.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226143345523e667.70509775981630693%22%3B%7D
.realsrv.com/ Name: c-tag
Value: %7B%22tag-banner%22%3A%22v3%7C%7CDEU%7C4418326%7C40876513%7C0%7C300x100%7C508%7C52%7C2%7C40%7C0%7C0%7C0%7C4569%7C2905330%7C2925533%7C0%7C0%7C2%7C2%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7C%7C%7C%7C0%7C0%7C0%7C92%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D

2 Console Messages

Source Level URL
Text
network error URL: https://syndication.realsrv.com/'%20+%20closeImage%20+%20'
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://syndication.realsrv.com/%22https:////promo-bc.com//promo.php?c=680184&subid=ooc7bc7qaZraJ63Uy22V1TUOldRLKqaWV1Utrqp3TupldK6V0rqaq7nT3S1UUSununqqoodK6V07p3SuldM6V0rpnOdK5znSuldK66d0rpXSuldK4Ps-&subid2=4418326\n&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_2&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=0&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=none&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0\%22
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

syndication.realsrv.com
95.211.229.247
9a777342752db784cd29b5a7d9eb33bcc83ce28cabf8bc2b3edfc21e02b7a20b
bbf001be97b405f9af2a4146c382a6635ec44b376ce10a669490fa1f9570fc9b