urlscan.io logo urlscan.io
SecurityTrails logo

ytbexnu.cluster029.hosting.ovh.net Open in urlscan Pro
51.91.236.255  Public Scan

Go To Rescan Add Verdict Report
URL: http://ytbexnu.cluster029.hosting.ovh.net/secuoktes/dousta/
Submission: On October 13 via manual from ES — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 4 countries across 4 domains to perform 2 HTTP transactions. The main IP is 51.91.236.255, located in France and belongs to OVH, FR. The main domain is ytbexnu.cluster029.hosting.ovh.net.
This is the only time ytbexnu.cluster029.hosting.ovh.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 51.91.236.255 16276 (OVH)
1 1 52.210.2.133 16509 (AMAZON-02)
1 1 40.118.56.141 8075 (MICROSOFT...)
1 172.217.18.102 15169 (GOOGLE)
2 2
Apex Domain
Subdomains		 Transfer
1 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 219
1 uinterbox.com
securitasdirect.uinterbox.com
900 B
1 minusta-lulee.com
auto.minusta-lulee.com
2 KB
1 ovh.net
ytbexnu.cluster029.hosting.ovh.net
635 B
2 4

This site contains no links.

Subject Issuer Validity Valid
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 1 frames:

Frame: https://ad.doubleclick.net/ddm/trackclk/N428801.2559562SECURITASDIRECTES/B22270652.347356403;dc_trk_aid=539122912;dc_trk_cid=179308959;data-dcm-param-afname=Datawork_EMAIL;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
Frame ID: 777AFB3D103E1B284BD3BB15415AE421
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

C

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

4
Countries

1 kB
Transfer

0 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://auto.minusta-lulee.com/aff_c?offer_id=1641&aff_id=1674&source=4654&aff_sub5=57707&file_id=13105&url_id=13148 HTTP 302
  • https://securitasdirect.uinterbox.com/tracking/clk?act=11689&gel=91991&pub=8773&org=2675&ei1=4654&ei2=102df3f54c731afe5576994acc740f HTTP 302
  • https://ad.doubleclick.net/ddm/trackclk/N428801.2559562SECURITASDIRECTES/B22270652.347356403;dc_trk_aid=539122912;dc_trk_cid=179308959;data-dcm-param-afname=Datawork_EMAIL;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ytbexnu.cluster029.hosting.ovh.net/secuoktes/dousta/ 		492 B
635 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ytbexnu.cluster029.hosting.ovh.net/secuoktes/dousta/
Protocol
HTTP/1.1
Server
51.91.236.255 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster029.hosting.ovh.net
Software
Apache /
Resource Hash
53b8bc2b3e8ce5ee91d28814473ed9e11d9f1415e04d884ef2cac56c95327bec

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
357
content-type
text/html
date
Thu, 13 Oct 2022 06:29:03 GMT
server
Apache
vary
Accept-Encoding
x-iplb-instance
32727
x-iplb-request-id
253BA461:AD88_335BECFF:0050_6347B02F_9CD3:7660
B22270652.347356403;dc_trk_aid=539122912;dc_trk_cid=179308959;data-dcm-param-afname=Datawork_EMAIL;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
ad.doubleclick.net/ddm/trackclk/N428801.2559562SECURITASDIRECTES/
Redirect Chain
  • http://auto.minusta-lulee.com/aff_c?offer_id=1641&aff_id=1674&source=4654&aff_sub5=57707&file_id=13105&url_id=13148
  • https://securitasdirect.uinterbox.com/tracking/clk?act=11689&gel=91991&pub=8773&org=2675&ei1=4654&ei2=102df3f54c731afe5576994acc740f
  • https://ad.doubleclick.net/ddm/trackclk/N428801.2559562SECURITASDIRECTES/B22270652.347356403;dc_trk_aid=539122912;dc_trk_cid=179308959;data-dcm-param-afname=Datawork_EMAIL;dc_lat=;dc_rdid=;tag_for_...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackclk/N428801.2559562SECURITASDIRECTES/B22270652.347356403;dc_trk_aid=539122912;dc_trk_cid=179308959;data-dcm-param-afname=Datawork_EMAIL;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ytbexnu.cluster029.hosting.ovh.net/secuoktes/dousta/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 06:29:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Connection
close
Content-Length
0
Content-Type
text/html;charset=UTF-8
Date
Thu, 13 Oct 2022 06:29:04 GMT
ETag
6b1df6f3f97b4353905a03cbef7197e5
Location
https://ad.doubleclick.net/ddm/trackclk/N428801.2559562SECURITASDIRECTES/B22270652.347356403;dc_trk_aid=539122912;dc_trk_cid=179308959;data-dcm-param-afname=Datawork_EMAIL;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
P3P
policyref="http://statsunify.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
Pragma
no-cache
Server
datracks

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation

3 Cookies

Domain/Path Name / Value
.uinterbox.com/ Name: sunid2
Value: fd57a6df82824e0990de6089865c1107
securitasdirect.uinterbox.com/ Name: sunid
Value: 6b1df6f3f97b4353905a03cbef7197e5
.doubleclick.net/ Name: IDE
Value: AHWqTUlBKpC5F5o_-gb0kiBDnpoJAfh1_cym1eySNviTNxtne_V5o-8fNSIcGWzQAR0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
auto.minusta-lulee.com
securitasdirect.uinterbox.com
ytbexnu.cluster029.hosting.ovh.net
172.217.18.102
40.118.56.141
51.91.236.255
52.210.2.133
53b8bc2b3e8ce5ee91d28814473ed9e11d9f1415e04d884ef2cac56c95327bec