client.slots.dev.baxter.olx.org Open in urlscan Pro
18.66.248.102 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://client.slots.dev.baxter.olx.org/
Submission: On March 24 via automatic, source certstream-suspicious (March 24th 2022, 12:49:05 am UTC) — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 18.66.248.102, located in United States and belongs to AMAZON-02, US. The main domain is client.slots.dev.baxter.olx.org.
TLS certificate: Issued by Amazon on April 23rd 2021. Valid for: a year.

This is the only time client.slots.dev.baxter.olx.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	18.66.248.102 18.66.248.102	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	143.204.98.110 143.204.98.110	16509 (AMAZON-02) (AMAZON-02)
3	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
12	5

5 18.66.248.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-102.dus51.r.cloudfront.net

client.slots.dev.baxter.olx.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-110.fra50.r.cloudfront.net

cdn.slots.dev.baxter.olx.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	olx.org client.slots.dev.baxter.olx.org cdn.slots.dev.baxter.olx.org	53 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159	152 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 403	49 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
12	4

	Domain	Requested by
5	client.slots.dev.baxter.olx.org	client.slots.dev.baxter.olx.org
3	securepubads.g.doubleclick.net	cdn.slots.dev.baxter.olx.org securepubads.g.doubleclick.net
2	cdn.slots.dev.baxter.olx.org	client.slots.dev.baxter.olx.org cdn.slots.dev.baxter.olx.org
1	cdn.jsdelivr.net	client.slots.dev.baxter.olx.org
1	fonts.googleapis.com	client.slots.dev.baxter.olx.org
12	5

This site contains no links.

Subject Issuer	Validity	Valid
client.slots.dev.baxter.olx.org Amazon	`2021-04-23` - `2022-05-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
cdn.slots.dev.baxter.olx.org Amazon	`2021-04-23` - `2022-05-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://client.slots.dev.baxter.olx.org/
Frame ID: 4032012AC940C54A0A2D3F74AC958EA0
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Slots Client - Dev

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*id="__nuxt"
/_nuxt/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

12
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

256 kB
Transfer

1018 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
client.slots.dev.baxter.olx.org/ 3 KB
2 KB 91ms
20ms Document
text/html 18.66.248.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.slots.dev.baxter.olx.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-102.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c1db897b046d924fae6d03ffdd88b2dde8bd98fce336e9e9b82ae43f6f89ca1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Content-Type: text/html
Content-Length: 1099
Connection: keep-alive
Date: Thu, 24 Mar 2022 00:47:38 GMT
Last-Modified: Wed, 16 Mar 2022 18:10:50 GMT
ETag: "f6a82edc813b4a8cef21951351bb963b"
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Error from cloudfront
Via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: FDNYK_CGYht7OiM775Xs0qTGIjvUaGzfAeUkjLFf9BN-cZGVY-NaAg==
Age: 84

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 135ms
50ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap

Requested by

Host: client.slots.dev.baxter.olx.org
URL: https://client.slots.dev.baxter.olx.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff420b26b8a33e1bcae39c4d165c2cc259681bbb7b32565dbd7644c1d84cbfa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.slots.dev.baxter.olx.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 23:05:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 24 Mar 2022 00:49:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Mar 2022 00:49:01 GMT

GET
H2 200 materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/ 303 KB
49 KB 57ms
24ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css

Requested by

Host: client.slots.dev.baxter.olx.org
URL: https://client.slots.dev.baxter.olx.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

326108cddba2c3bc687388bacab69e579995ba63633c2b1dbabc4e2fe0a142ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.slots.dev.baxter.olx.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 00:49:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12425
x-jsd-version: 6.6.95
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19144-FRA, cache-iad-kiad7000038-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"4ba8b-4b7mN4qrT+FD4CcdwWqVD2LSOck"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6f0b678f18e38fdc-FRA

GET
H/1.1 200
OK init.js Show response
cdn.slots.dev.baxter.olx.org/client/web/release/ 242 KB
45 KB 254ms
205ms Script
application/javascript 143.204.98.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.slots.dev.baxter.olx.org/client/web/release/init.js
Requested by: Host: client.slots.dev.baxter.olx.org
URL: https://client.slots.dev.baxter.olx.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-110.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97f5aaf5280f6b223f6d159cffc13ddafbec1fc6eda4b73661b099fe759558da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.slots.dev.baxter.olx.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 00:49:02 GMT
Content-Encoding: br
Last-Modified: Thu, 17 Mar 2022 19:54:19 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: W/"af7fec8a33edb3cd9cdaf866614c84af"
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Content-Type: application/javascript
Via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
Cache-Control: max-age=900
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: t-uRBeYnNB66GxW7T854U4v3NbrGMS7YsD5bf0VsZ7ejpgUb94BNOQ==

GET
H/1.1 200
OK e68ce5b.js Show response
client.slots.dev.baxter.olx.org/_nuxt/ 3 KB
2 KB 11ms
11ms Script
text/html 18.66.248.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.slots.dev.baxter.olx.org/_nuxt/e68ce5b.js
Requested by: Host: client.slots.dev.baxter.olx.org
URL: https://client.slots.dev.baxter.olx.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-102.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c1db897b046d924fae6d03ffdd88b2dde8bd98fce336e9e9b82ae43f6f89ca1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.slots.dev.baxter.olx.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 00:47:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Mar 2022 18:10:50 GMT
Server: AmazonS3
Age: 84
ETag: "f6a82edc813b4a8cef21951351bb963b"
X-Cache: Error from cloudfront
Content-Type: text/html
Via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Content-Length: 1099
X-Amz-Cf-Id: _Fquu8XV6VGIDkKfbl5WJypV8EasI8DaLtMKFny6XBfx5QljxcuTJw==

GET
H/1.1 200
OK 662187e.js Show response
client.slots.dev.baxter.olx.org/_nuxt/ 3 KB
2 KB 23ms
11ms Script
text/html 18.66.248.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.slots.dev.baxter.olx.org/_nuxt/662187e.js
Requested by: Host: client.slots.dev.baxter.olx.org
URL: https://client.slots.dev.baxter.olx.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-102.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c1db897b046d924fae6d03ffdd88b2dde8bd98fce336e9e9b82ae43f6f89ca1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.slots.dev.baxter.olx.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 00:47:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Mar 2022 18:10:50 GMT
Server: AmazonS3
Age: 84
ETag: "f6a82edc813b4a8cef21951351bb963b"
X-Cache: Error from cloudfront
Content-Type: text/html
Via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Content-Length: 1099
X-Amz-Cf-Id: 8EelS8ECNQnoIefVqh7F-sOzsHtr0BfE4U6zb07fplkiqpk-RUyYeQ==

GET
H/1.1 200
OK 0e36472.js Show response
client.slots.dev.baxter.olx.org/_nuxt/ 3 KB
2 KB 33ms
10ms Script
text/html 18.66.248.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.slots.dev.baxter.olx.org/_nuxt/0e36472.js
Requested by: Host: client.slots.dev.baxter.olx.org
URL: https://client.slots.dev.baxter.olx.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-102.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c1db897b046d924fae6d03ffdd88b2dde8bd98fce336e9e9b82ae43f6f89ca1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.slots.dev.baxter.olx.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 00:47:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Mar 2022 18:10:50 GMT
Server: AmazonS3
Age: 84
ETag: "f6a82edc813b4a8cef21951351bb963b"
X-Cache: Error from cloudfront
Content-Type: text/html
Via: 1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Content-Length: 1099
X-Amz-Cf-Id: 3xIW4PE8-0qpC6bjCL933MyYCvnSXwzTgDb1tOYaYObQ5VLNWr4wag==

GET
H/1.1 200
OK 088fb6d.js Show response
client.slots.dev.baxter.olx.org/_nuxt/ 3 KB
2 KB 33ms
10ms Script
text/html 18.66.248.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.slots.dev.baxter.olx.org/_nuxt/088fb6d.js
Requested by: Host: client.slots.dev.baxter.olx.org
URL: https://client.slots.dev.baxter.olx.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-102.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c1db897b046d924fae6d03ffdd88b2dde8bd98fce336e9e9b82ae43f6f89ca1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.slots.dev.baxter.olx.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 00:47:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Mar 2022 18:10:50 GMT
Server: AmazonS3
Age: 84
ETag: "f6a82edc813b4a8cef21951351bb963b"
X-Cache: Error from cloudfront
Content-Type: text/html
Via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
Content-Length: 1099
X-Amz-Cf-Id: Uy0q82rj0_7qVupPjfPhK4JdAnITqGkKseCwNXt-jMZOR-avTcs2lg==

GET
H/1.1 200
OK init.css
cdn.slots.dev.baxter.olx.org/client/web/1647546495828/ 163 B
641 B 221ms
221ms Stylesheet
text/css 143.204.98.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.slots.dev.baxter.olx.org/client/web/1647546495828/init.css
Requested by: Host: cdn.slots.dev.baxter.olx.org
URL: https://cdn.slots.dev.baxter.olx.org/client/web/release/init.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-110.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae567b5d87c16b82e3a125d64951b5bc7b78cc53fd5fa3f06c4ae332ff07f332

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.slots.dev.baxter.olx.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 00:49:02 GMT
Via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
Last-Modified: Thu, 17 Mar 2022 19:48:25 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: "149c6b96b9de169481ebcd4d91082d0b"
X-Cache: Miss from cloudfront
Content-Type: text/css
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 163
X-Amz-Cf-Id: fQcnXZSYT3h7r0kM3kir4oDpOkDnqUIt0Wk5tLfKbW78NSnLGwY50A==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 145ms
55ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.slots.dev.baxter.olx.org
URL: https://cdn.slots.dev.baxter.olx.org/client/web/release/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

ac8b5666338801de5718296a007950be952fa680e9b8fe28830d3afef117f226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.slots.dev.baxter.olx.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 00:49:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27996
x-xss-protection: 0
server: sffe
etag: "1167 / 24 of 1000 / last-modified: 1648073136"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 24 Mar 2022 00:49:01 GMT

GET
H2 200 pubads_impl_2022031601.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
124 KB 39ms
38ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.slots.dev.baxter.olx.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 21:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10482
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126823
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 08:34:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 23 Mar 2023 21:54:19 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 53 B
92 B 95ms
47ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=client.slots.dev.baxter.olx.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

1cded0de19a1da4e4e0cdbde3a68dbea4eee34485d1d2beddcb45acb30babe96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.slots.dev.baxter.olx.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Mar 2022 00:49:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Thu, 24 Mar 2022 00:49:01 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.slots.dev.baxter.olx.org
client.slots.dev.baxter.olx.org
fonts.googleapis.com
securepubads.g.doubleclick.net
142.250.181.226
143.204.98.110
18.66.248.102
2606:4700::6810:5514
2a00:1450:4001:811::200a
1cded0de19a1da4e4e0cdbde3a68dbea4eee34485d1d2beddcb45acb30babe96
326108cddba2c3bc687388bacab69e579995ba63633c2b1dbabc4e2fe0a142ec
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
7c1db897b046d924fae6d03ffdd88b2dde8bd98fce336e9e9b82ae43f6f89ca1
97f5aaf5280f6b223f6d159cffc13ddafbec1fc6eda4b73661b099fe759558da
ac8b5666338801de5718296a007950be952fa680e9b8fe28830d3afef117f226
ae567b5d87c16b82e3a125d64951b5bc7b78cc53fd5fa3f06c4ae332ff07f332
ff420b26b8a33e1bcae39c4d165c2cc259681bbb7b32565dbd7644c1d84cbfa8

client.slots.dev.baxter.olx.org Open in urlscan Pro 18.66.248.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

40 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

256 kBTransfer

1018 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

0 Cookies

Indicators

client.slots.dev.baxter.olx.org Open in urlscan Pro
18.66.248.102 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

256 kB
Transfer

1018 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions