secure.qualitylanders.com
Open in
urlscan Pro
185.21.190.36
Public Scan
Effective URL: https://secure.qualitylanders.com/de/de_nachricht_erhalten_geil_blonde1/?cep=qGKD4ZpL1pFtgw3c2R19ImkMewrq_IHVcQnMy986xKkJpezx8RmsA...
Submission: On April 19 via manual from CH
Summary
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on August 23rd 2018. Valid for: 2 years.
This is the only time secure.qualitylanders.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:30:... 2606:4700:30::681b:9c59 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 1 | 51.254.34.155 51.254.34.155 | 16276 (OVH) (OVH) | |
1 | 217.182.172.141 217.182.172.141 | 16276 (OVH) (OVH) | |
1 1 | 52.30.52.254 52.30.52.254 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 1 | 52.28.9.56 52.28.9.56 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 6 | 185.21.190.36 185.21.190.36 | 35470 (XL-AS) (XL-AS) | |
1 | 2606:4700:30:... 2606:4700:30::6812:32e0 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2606:4700::68... 2606:4700::6813:c597 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2606:2800:234... 2606:2800:234:1f1f:1754:1fef:718:1223 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
1 | 95.211.229.246 95.211.229.246 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
3 | 95.211.229.245 95.211.229.245 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
1 | 95.211.229.247 95.211.229.247 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
14 | 8 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
fightlife.tv |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-52-254.eu-west-1.compute.amazonaws.com
tracking.madoffers.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-9-56.eu-central-1.compute.amazonaws.com
recepicks-surves.com |
ASN35470 (XL-AS, NL)
PTR: vps72312.public.cloudvps.com
secure.qualitylanders.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ts-syndicate.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com |
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ads.exoclick.com |
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
main.exdynsrv.com | |
main.exoclick.com | |
main.exosrv.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
qualitylanders.com
1 redirects
secure.qualitylanders.com |
389 KB |
2 |
exoclick.com
ads.exoclick.com main.exoclick.com |
969 B |
1 |
realsrv.com
main.realsrv.com |
413 B |
1 |
exosrv.com
main.exosrv.com |
412 B |
1 |
exdynsrv.com
main.exdynsrv.com |
414 B |
1 |
dynsrvtyu.com
main.dynsrvtyu.com |
415 B |
1 |
cloudflare.com
cdnjs.cloudflare.com |
29 KB |
1 |
ts-syndicate.com
ts-syndicate.com |
480 B |
1 |
recepicks-surves.com
1 redirects
recepicks-surves.com |
1 KB |
1 |
madoffers.com
1 redirects
tracking.madoffers.com |
571 B |
1 |
slimcdn.com
dtrk.slimcdn.com |
10 KB |
1 |
mystats.xyz
1 redirects
track.mystats.xyz |
321 B |
1 |
fightlife.tv
1 redirects
fightlife.tv |
398 B |
14 | 13 |
Domain | Requested by | |
---|---|---|
6 | secure.qualitylanders.com |
1 redirects
dtrk.slimcdn.com
secure.qualitylanders.com |
1 | main.realsrv.com |
secure.qualitylanders.com
|
1 | main.exosrv.com |
secure.qualitylanders.com
|
1 | main.exoclick.com |
secure.qualitylanders.com
|
1 | main.exdynsrv.com |
secure.qualitylanders.com
|
1 | main.dynsrvtyu.com |
secure.qualitylanders.com
|
1 | ads.exoclick.com |
secure.qualitylanders.com
|
1 | cdnjs.cloudflare.com |
secure.qualitylanders.com
|
1 | ts-syndicate.com |
secure.qualitylanders.com
|
1 | recepicks-surves.com | 1 redirects |
1 | tracking.madoffers.com | 1 redirects |
1 | dtrk.slimcdn.com | |
1 | track.mystats.xyz | 1 redirects |
1 | fightlife.tv | 1 redirects |
14 | 14 |
This site contains links to these domains. Also see Links.
Domain |
---|
recepicks-surves.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
dtrk.slimcdn.com Let's Encrypt Authority X3 |
2019-03-07 - 2019-06-05 |
3 months | crt.sh |
secure.qualitylanders.com COMODO RSA Domain Validation Secure Server CA |
2018-08-23 - 2020-08-22 |
2 years | crt.sh |
sni241298.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-04-15 - 2019-10-22 |
6 months | crt.sh |
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-03-02 - 2019-09-08 |
6 months | crt.sh |
*.exoclick.com DigiCert SHA2 Secure Server CA |
2017-12-12 - 2020-12-16 |
3 years | crt.sh |
dynsrvtyu.com Let's Encrypt Authority X3 |
2019-02-10 - 2019-05-11 |
3 months | crt.sh |
exdynsrv.com Let's Encrypt Authority X3 |
2019-02-10 - 2019-05-11 |
3 months | crt.sh |
exosrv.com Let's Encrypt Authority X3 |
2019-02-10 - 2019-05-11 |
3 months | crt.sh |
realsrv.com Let's Encrypt Authority X3 |
2019-02-10 - 2019-05-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://secure.qualitylanders.com/de/de_nachricht_erhalten_geil_blonde1/?cep=qGKD4ZpL1pFtgw3c2R19ImkMewrq_IHVcQnMy986xKkJpezx8RmsACiTOKBzNeVk-DbHqNLKvyXPFmh8kxeNTwtUtEx5KrDUlbV79pitgqMygFYnjXC2InlE0qMqM6BufX4eajleO8yanS7HtW-4cQBbNiFghUEheqVEp0yPhO5fPGpYZp45R9eP1RjNzN5X7De2xgKUALXQ23qVARpNBxOmqwxY6fD23KXQWKCakBM&var1=exit&var2=default
Frame ID: 20F47BB794E0BE1BEDEBC0E2D2014C27
Requests: 14 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://fightlife.tv/
HTTP 302
http://track.mystats.xyz/in/asdeslimadult2/ HTTP 302
https://dtrk.slimcdn.com/directclick/?pid=BwIjqfXjuZUOY1Rbz1PX878NTI41&wsid=adultdating&subid=adultda... Page URL
-
http://tracking.madoffers.com/aff_c?offer_id=90&aff_id=1258&url_id=2073&aff_sub=a321681sadultdating&aff_cl...
HTTP 302
http://recepicks-surves.com/add7e581-f8e9-45e2-8576-eba2f40af69e?var1=exit&var2=default HTTP 302
https://secure.qualitylanders.com/de/de_nachricht_erhalten_geil_blonde1?cep=qGKD4ZpL1pFtgw3c2R19ImkMewrq_IHVcQ... HTTP 301
https://secure.qualitylanders.com/de/de_nachricht_erhalten_geil_blonde1/?cep=qGKD4ZpL1pFtgw3c2R19ImkMewrq_IHVc... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: weiter
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://fightlife.tv/
HTTP 302
http://track.mystats.xyz/in/asdeslimadult2/ HTTP 302
https://dtrk.slimcdn.com/directclick/?pid=BwIjqfXjuZUOY1Rbz1PX878NTI41&wsid=adultdating&subid=adultdating Page URL
-
http://tracking.madoffers.com/aff_c?offer_id=90&aff_id=1258&url_id=2073&aff_sub=a321681sadultdating&aff_click_id=19041911_02_321681_6f667910d7f42
HTTP 302
http://recepicks-surves.com/add7e581-f8e9-45e2-8576-eba2f40af69e?var1=exit&var2=default HTTP 302
https://secure.qualitylanders.com/de/de_nachricht_erhalten_geil_blonde1?cep=qGKD4ZpL1pFtgw3c2R19ImkMewrq_IHVcQnMy986xKkJpezx8RmsACiTOKBzNeVk-DbHqNLKvyXPFmh8kxeNTwtUtEx5KrDUlbV79pitgqMygFYnjXC2InlE0qMqM6BufX4eajleO8yanS7HtW-4cQBbNiFghUEheqVEp0yPhO5fPGpYZp45R9eP1RjNzN5X7De2xgKUALXQ23qVARpNBxOmqwxY6fD23KXQWKCakBM&var1=exit&var2=default HTTP 301
https://secure.qualitylanders.com/de/de_nachricht_erhalten_geil_blonde1/?cep=qGKD4ZpL1pFtgw3c2R19ImkMewrq_IHVcQnMy986xKkJpezx8RmsACiTOKBzNeVk-DbHqNLKvyXPFmh8kxeNTwtUtEx5KrDUlbV79pitgqMygFYnjXC2InlE0qMqM6BufX4eajleO8yanS7HtW-4cQBbNiFghUEheqVEp0yPhO5fPGpYZp45R9eP1RjNzN5X7De2xgKUALXQ23qVARpNBxOmqwxY6fD23KXQWKCakBM&var1=exit&var2=default Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://fightlife.tv/ HTTP 302
- http://track.mystats.xyz/in/asdeslimadult2/ HTTP 302
- https://dtrk.slimcdn.com/directclick/?pid=BwIjqfXjuZUOY1Rbz1PX878NTI41&wsid=adultdating&subid=adultdating
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
/
dtrk.slimcdn.com/directclick/ Redirect Chain
|
25 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
secure.qualitylanders.com/de/de_nachricht_erhalten_geil_blonde1/ Redirect Chain
|
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.28474cee41ffe0af9ca40271b738740c.css
secure.qualitylanders.com/de/de_nachricht_erhalten_geil_blonde1/css/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pointer.379e614fffbde38d78e7856df9fc640b.gif
secure.qualitylanders.com/de/de_nachricht_erhalten_geil_blonde1/images/ |
264 KB 265 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.0e6d982d2ff87f844f384e767901f335.js
secure.qualitylanders.com/de/de_nachricht_erhalten_geil_blonde1/js/ |
156 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aa4658d6-5af4-4709-b2e4-85b57c6b1a40
ts-syndicate.com/api/v1/retargeting/set/ |
35 B 480 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ |
85 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag_gen.js
ads.exoclick.com/ |
608 B 555 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
girl.2f085994fabde51eecfae063bf204ae0.jpg
secure.qualitylanders.com/de/de_nachricht_erhalten_geil_blonde1/images/ |
79 KB 80 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.php
main.dynsrvtyu.com/ |
0 415 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.php
main.exdynsrv.com/ |
0 414 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.php
main.exoclick.com/ |
0 414 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.php
main.exosrv.com/ |
0 412 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.php
main.realsrv.com/ |
0 413 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| getURLParameter function| $ function| jQuery function| next function| findGetParameter object| aliases0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.exoclick.com
cdnjs.cloudflare.com
dtrk.slimcdn.com
fightlife.tv
main.dynsrvtyu.com
main.exdynsrv.com
main.exoclick.com
main.exosrv.com
main.realsrv.com
recepicks-surves.com
secure.qualitylanders.com
track.mystats.xyz
tracking.madoffers.com
ts-syndicate.com
185.21.190.36
217.182.172.141
2606:2800:234:1f1f:1754:1fef:718:1223
2606:4700:30::6812:32e0
2606:4700:30::681b:9c59
2606:4700::6813:c597
51.254.34.155
52.28.9.56
52.30.52.254
95.211.229.245
95.211.229.246
95.211.229.247
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
29c2ed7ede7457f69dd7600d4b71c52b627b8ae18683107b9672e3a9fef69381
2aeae0e88daceb201d41a7824744f0a406f0ecc7e783ea8f46240e1df463482c
41bf29b43af647040b6ec292b83ac095071b581c910bc6e033464ba21a472497
5245bfea73ac54f0b027b9944d9f30be2fa9caa4f09d073172d3c4ca20379cc4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
89db88fadaf63fd4e91d869fed81834918debd6eacbe6e47b5ad54e061996aed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e89538bb0dcaaec0d2a5ea4b4fce2207b35f23c86b5d0d08dbb8dc227e0701ef
fba41de43326ef1ddaace03400155c1696ea5af13deba8504759cea750c67750