a.magsrv.com - urlscan.io

Summary

This website contacted 3 IPs in 3 countries across 2 domains to perform 7 HTTP transactions. The main IP is 2001:4de0:ac19::1:b:1a, located in Netherlands and belongs to STACKPATH-CDN, US. The main domain is a.magsrv.com.
TLS certificate: Issued by R3 on August 1st 2023. Valid for: 3 months.

This is the only time a.magsrv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (STACKPATH...) (STACKPATH-CDN)
2	95.211.229.246 95.211.229.246	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	88.214.195.156 88.214.195.156	46636 (NATCOWEB) (NATCOWEB)
1	5.9.105.245 5.9.105.245	24940 (HETZNER-AS) (HETZNER-AS)
7	3

4 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

a.magsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

s.magsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.195.156 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

track.trackingtraffo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.9.105.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.105.9.5.clients.your-server.de

ads.trackingtraffo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	magsrv.com a.magsrv.com s.magsrv.com	39 KB
2	trackingtraffo.com 1 redirects track.trackingtraffo.com — Cisco Umbrella Rank: 172058 ads.trackingtraffo.com — Cisco Umbrella Rank: 454931	123 KB
7	2

	Domain	Requested by
4	a.magsrv.com	a.magsrv.com
2	s.magsrv.com	a.magsrv.com
1	ads.trackingtraffo.com
1	track.trackingtraffo.com	1 redirects
7	4

This site contains no links.

Subject Issuer	Validity	Valid
magsrv.com R3	`2023-08-01` - `2023-10-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://a.magsrv.com/iframe.php?idzone=3500843&size=300x250
Frame ID: 6EA8FED75B48D14F22B9AD856A233DC8
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

7
Requests

86 %
HTTPS

25 %
IPv6

2
Domains

4
Subdomains

3
IPs

3
Countries

161 kB
Transfer

232 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://track.trackingtraffo.com/banner/imp?auth=12jumq&price=${AUCTION_PRICE}&c=PSg-CHfKH6Dz02XuHzyQMHQrzl4o6MB9_KSDDgexP7bNtm1sll-Ms2I8GIjAwHk0FHr65euFpsdecpSVwT1eSMt9uZBXcY2x2scQU7mhhHUmvWh0B8Alb5VvaGsSjqe9O8S0yc6RsqMy8WldC12vMG7mhncDvj1j4OOGu6fGCNDJK4P5oMslHHLwUyBGAjjP1KKz6Zu_Ih-3BHjY4mLlzE2hOyWelwdv1evyhRGWc9nQxeICzBJ7ToYi33xBvppX4n_jujjgiL9cc1FVCrPBFPAfbPVzNUNagHN6sDqsgfnQnSEapzwTwmQ0zoKp7GHgNRD5-suT2iejORqc2rSSKmBKheodBiOjg5PdKdYhFwE19g-VUweIZlKylRHRXSKqAqmxXymlqS3K37WkLFiXBAO4SwxHIoWvy13zeR_dCku5_q3bXUGi-S6ljOcMzMx2CANRQuSJb0YveBwQCIhixBeIMuFkRmZbIpkLx6tlp0Uv-wJ_YZ242P_ihogrpobF5juIVZNePLa0kP5wOicS2Luqf2u8AQYIxOTjTt6pt58M_XArfLemeyjbYF5Y_jOGOCF30ULZgDqWF9gKQFrJjwEYpQU HTTP 302
https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1656340292912-20BET_first_slots_315x300_DE-AT-CH.jpg

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request iframe.php Show response a.magsrv.com/	275 B 356 B	153ms 42ms	Document text/html	2001:4de0:ac19::1:b:1a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://a.magsrv.com/iframe.php?idzone=3500843&size=300x250 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash `e436319c18e559d2183aeef437503a7344556300054f25730658f653cd4fa8a0` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch accept-ranges bytes access-control-allow-origin * * cache-control max-age=10800 content-encoding gzip content-length 184 content-type text/html; charset=UTF-8 date Mon, 07 Aug 2023 10:45:19 GMT server nginx x-hw 1691405119.dop207.fr8.t,1691405119.cds261.fr8.hn,1691405119.cds218.fr8.c
GET H2	200	build-iframe-js-url.js Show response a.magsrv.com/	759 B 588 B	43ms 43ms	Script application/javascript	2001:4de0:ac19::1:b:1a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://a.magsrv.com/build-iframe-js-url.js?idzone=3500843 Requested by Host: a.magsrv.com URL: https://a.magsrv.com/iframe.php?idzone=3500843&size=300x250 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash `66f778576f67e8e5fa9973e568fa14a936db0d80b2395e76bda4817df7746863` Request headers accept-language de-DE,de;q=0.9 Referer https://a.magsrv.com/iframe.php?idzone=3500843&size=300x250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 07 Aug 2023 10:45:19 GMT content-encoding gzip server nginx accept-ch etag W/"b61cdaa9d1177b5197457157b14" x-hw 1691405119.dop207.fr8.t,1691405119.cds261.fr8.hn,1691405119.cds136.fr8.c content-type application/javascript access-control-allow-origin , cache-control max-age=10800 accept-ranges bytes content-length 456
GET H2	200	ad-provider.js Show response a.magsrv.com/	103 KB 33 KB	44ms 44ms	Script application/javascript	2001:4de0:ac19::1:b:1a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://a.magsrv.com/ad-provider.js Requested by Host: a.magsrv.com URL: https://a.magsrv.com/iframe.php?idzone=3500843&size=300x250 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash `2cc4d0da63dfd4b3a4b05666d797aa3537bc80bcf18e5bbd7afd260f68962fd5` Request headers accept-language de-DE,de;q=0.9 Referer https://a.magsrv.com/iframe.php?idzone=3500843&size=300x250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 07 Aug 2023 10:45:19 GMT content-encoding gzip server nginx accept-ch etag W/"f7b62318ccec4fda7e838ae49b0" x-hw 1691405119.dop207.fr8.t,1691405119.cds261.fr8.hn,1691405119.cds167.fr8.c content-type application/javascript access-control-allow-origin , cache-control max-age=10800 accept-ranges bytes content-length 33301
GET H2	200	iframe.js Show response a.magsrv.com/	2 KB 1 KB	44ms 44ms	Script application/javascript	2001:4de0:ac19::1:b:1a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://a.magsrv.com/iframe.js?idzone=3500843&size=300x250 Requested by Host: a.magsrv.com URL: https://a.magsrv.com/build-iframe-js-url.js?idzone=3500843 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash `c83992fea433afeba75a347c7c155689213036e9bb781cc90541f259947c13f6` Request headers accept-language de-DE,de;q=0.9 Referer https://a.magsrv.com/iframe.php?idzone=3500843&size=300x250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 07 Aug 2023 10:45:19 GMT content-encoding gzip server nginx accept-ch etag W/"d35301cfbe76af8a6927003b72a" x-hw 1691405119.dop207.fr8.t,1691405119.cds261.fr8.hn,1691405119.cds202.fr8.c content-type application/javascript access-control-allow-origin , cache-control max-age=10800 accept-ranges bytes content-length 1059
POST H/1.1	200 OK	api.php Show response s.magsrv.com/v1/	4 KB 4 KB	386ms 286ms	XHR application/json	95.211.229.246 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://s.magsrv.com/v1/api.php Requested by Host: a.magsrv.com URL: https://a.magsrv.com/ad-provider.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash `3bf8c34882eec3afa4d4b3f988f75666226bd0d2594f6bc7a432c17280124e1f` Request headers Referer https://a.magsrv.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type text/plain Response headers Date Mon, 07 Aug 2023 10:45:20 GMT Access-Control-Request-Method POST Content-Encoding gzip Server nginx Accept-CH Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin https://a.magsrv.com Access-Control-Allow-Credentials true Connection keep-alive X-Robots-Tag noindex, follow Access-Control-Allow-Headers Authorization, Content-Type
GET H/1.1	200 OK	cimp.php Show response s.magsrv.com/	0 705 B	42ms 42ms	XHR text/html	95.211.229.246 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1U2Y6jOhD9lfs0b6SNwdi0NLqCAAlkhTQh8BKxLwlL2In4+Ev3aK5KctUpn6pzHixDABkKEArgfwD3yaJPCGYCVhChFV7RAM2SbM4sPedlm4T1M2yalV/mCwXzkJs5BiPALwixiJ8ZBABhmRkBMiNCEGaWXQwhDA3YmQUznMESDAtpGnH4G6wAtzBm8yLNsmnM9KLI4L8JzgwAI0Rgpn9czIRdevQMxu81IYEex4MoRBwfhF7AB5h4PAl8j2M9zv8eArO7yt24qfsfz+BPrGjMLZfwL54hjwCN8Ex9N/8Afk7Kpk2LeJ4Xwg8rjWo3D+f5/7E/gX90FjVmKWiW/dZN2rb6/Phoa9d/rH7OZdOSo6j8NvLhuUUR1h9eVz//dbs2+U3DrMtfv6o69cPfYMX98n8z5Bg3bLAbGuUwFfrO0tzzuxvMAPpVUnVNy8v2YKrXCqTa8xGMFvZ5s+sGyZVPo+0CYhaXyKSzu67kBzHdorONXo/XwXKhnW6791EI+GdUV50j1wpMXrW70R6n4Cp/RfVOY262rtqPTG3Xl3VYpeVh/6riZ5W5taLWYVcTXrWUtLPLqsdK14sU4eobl4Z9VI09zzI7ic/wtthvpF61J9FyChXLHn3Fiozr7KIY12qKdOVhT9Ue19Rxq2MGaU9g7JrLy6ZSX7QVbNu7wRs9OXC1tt6Ke/3RblT97Vyzsx1Tj2dfgA2vJmhCGhJarEJp6E6ql7yZ0qZT+pRa42Ww9gJ1deGt0NCt3Y43p3+HLNr7pvkUb0nCOixIq6TMU1ooe+Z0Log4PljrPU0BHtS3HF8TWtwwd00wqhKyk9SIBmUsD0yH2zTWpqbNu/M9uVxQ7jtm2maDNMnGOYPyOrEyJp726T2kDRJGhHBadbgPxdXe1mo0hmZX+M2xypsxTr7o8JAM3Ld79yRPvQUHKzNugro+aKUlTVv55FwUiLYHW5dEMU/UpqmdDF2om7mrj36jrDNshY2Ls7uLByKE18e0JoO51suAW6uFbNyVZ8fkW9lQqewLXht4BfR0svZ5vG7D3atjp7p7q5603TCjFgouOoh7oa6Y4nQLGV2wm8Zxx8MVqY2UF6eTBXHccF8WUJs9MbZKbZ3UWxSd1iIuyuKgss8H6+zxvt9npTfYPYGVIgjqiJKn0ssa8XFGdM1/O85rjF7Xdq1uxiSKL11BEivSMUUOsMcPbkpyeQq5WBLZ8TzJU95nZUUh8a1lrcnFZGryQ0Y1Z9b3IRUedmf9RuupMz5fRZK5Ch8gI+FdVnJt2bobSGfWAlLfXOGoZ7k59q4jdjdeeBbimA8DPUFrbafCWTg920CR1AxSAtF606x3JRxbt9YrITVCENr2/XXkRW4TMGeKYo1tXeF4JlwYsJzveS7BHBcE4fI3ocD3eS4KMe26/wHbtBKwbwUAAA== Requested by Host: a.magsrv.com URL: https://a.magsrv.com/ad-provider.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://a.magsrv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Mon, 07 Aug 2023 10:45:20 GMT Content-Encoding gzip Server nginx Accept-CH Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://a.magsrv.com Access-Control-Allow-Credentials true Connection keep-alive X-Robots-Tag noindex, follow
GET H/1.1	200 OK	1656340292912-20BET_first_slots_315x300_DE-AT-CH.jpg ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/ Redirect Chain https://track.trackingtraffo.com/banner/imp?auth=12jumq&price=${AUCTION_PRICE}&c=PSg-CHfKH6Dz02XuHzyQMHQrzl4o6MB9_KSDDgexP7bNtm1sll-Ms2I8GIjAwHk0FHr65euFpsdecpSVwT1eSMt9uZBXcY2x2scQU7mhhHUmvWh0B8Al... https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1656340292912-20BET_first_slots_315x300_DE-AT-CH.jpg	122 KB 122 KB	189ms 77ms	Image image/jpeg	5.9.105.245 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1656340292912-20BET_first_slots_315x300_DE-AT-CH.jpg Protocol HTTP/1.1 Server 5.9.105.245 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.245.105.9.5.clients.your-server.de Software nginx/1.18.0 (Ubuntu) / Resource Hash `2cde3c17913feb6205dddac924ba54d63dd44e4c48ba98493ff91b895968d578` Request headers accept-language de-DE,de;q=0.9 Referer https://a.magsrv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Mon, 07 Aug 2023 10:45:20 GMT Last-Modified Wed, 18 Jan 2023 15:38:42 GMT Server nginx/1.18.0 (Ubuntu) ETag "63c81282-1e7b1" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 124849 Redirect headers Pragma no-cache Date Mon, 07 Aug 2023 10:45:20 GMT Server nginx/1.18.0 (Ubuntu) Location https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1656340292912-20BET_first_slots_315x300_DE-AT-CH.jpg Cache-Control no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.magsrv.com/	1970-01-20 23:26:05	Name: __uvt Value: a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2264d0cb3fbdd353.17400729996314594%22%3B%7D
			.magsrv.com/	1970-01-20 23:26:05	Name: __upt Value: %7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.magsrv.com
ads.trackingtraffo.com
s.magsrv.com
track.trackingtraffo.com
2001:4de0:ac19::1:b:1a
5.9.105.245
88.214.195.156
95.211.229.246
2cc4d0da63dfd4b3a4b05666d797aa3537bc80bcf18e5bbd7afd260f68962fd5
2cde3c17913feb6205dddac924ba54d63dd44e4c48ba98493ff91b895968d578
3bf8c34882eec3afa4d4b3f988f75666226bd0d2594f6bc7a432c17280124e1f
66f778576f67e8e5fa9973e568fa14a936db0d80b2395e76bda4817df7746863
c83992fea433afeba75a347c7c155689213036e9bb781cc90541f259947c13f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e436319c18e559d2183aeef437503a7344556300054f25730658f653cd4fa8a0

a.magsrv.com Open in urlscan Pro 2001:4de0:ac19::1:b:1a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

7 Requests

86 %HTTPS

25 %IPv6

2 Domains

4 Subdomains

3 IPs

3 Countries

161 kBTransfer

232 kBSize

2 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

2 Cookies

Indicators

a.magsrv.com Open in urlscan Pro
2001:4de0:ac19::1:b:1a Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

86 %
HTTPS

25 %
IPv6

2
Domains

4
Subdomains

3
IPs

3
Countries

161 kB
Transfer

232 kB
Size

2
Cookies

7 HTTP transactions
0 data transactions