mediasama.com Open in urlscan Pro
149.56.38.113 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://apusduodena.shop/itqrmwaplrsuevbgpwgefmfmwy/33070/0.6755230140575876
Effective URL:
https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&...
Submission: On October 23 via api (October 23rd 2024, 1:12:25 am UTC) from US — Scanned from CA

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 4 countries across 6 domains to perform 13 HTTP transactions. The main IP is 149.56.38.113, located in Montreal, Canada and belongs to OVH, FR. The main domain is mediasama.com. The Cisco Umbrella rank of the primary domain is 981940.
TLS certificate: Issued by E6 on October 15th 2024. Valid for: 3 months.

This is the only time mediasama.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	23.109.170.23 23.109.170.23	7979 (SERVERS-COM) (SERVERS-COM)
1 1	2600:1f18:43d... 2600:1f18:43d1:2a02:c3bd:35f3:da0a:4041	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:303... 2606:4700:3037::ac43:b84d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2606:4700:303... 2606:4700:3033::6815:1f27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	5.196.166.128 5.196.166.128	16276 (OVH) (OVH)
11	149.56.38.113 149.56.38.113	16276 (OVH) (OVH)
13	3

1 23.109.170.23 (Netherlands)

ASN7979 (SERVERS-COM, US)

apusduodena.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:43d1:2a02:c3bd:35f3:da0a:4041 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rno2p.bemobtrcks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:b84d (United States)

ASN13335 (CLOUDFLARENET, US)

dexpredict.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:1f27 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

junkyadexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.196.166.128 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip128.ip-5-196-166.eu

gamingadlt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 149.56.38.113 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip113.ip-149-56-38.net

mediasama.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	mediasama.com mediasama.com — Cisco Umbrella Rank: 981940	2 MB
2	junkyadexchange.com 2 redirects junkyadexchange.com — Cisco Umbrella Rank: 141945	2 KB
1	gamingadlt.com 1 redirects gamingadlt.com — Cisco Umbrella Rank: 625949	366 B
1	dexpredict.com dexpredict.com — Cisco Umbrella Rank: 154512	4 KB
1	bemobtrcks.com 1 redirects rno2p.bemobtrcks.com — Cisco Umbrella Rank: 293888	988 B
1	apusduodena.shop apusduodena.shop	2 KB
13	6

	Domain	Requested by
11	mediasama.com	dexpredict.com mediasama.com
2	junkyadexchange.com	2 redirects
1	gamingadlt.com	1 redirects
1	dexpredict.com	apusduodena.shop
1	rno2p.bemobtrcks.com	1 redirects
1	apusduodena.shop
13	6

This site contains links to these domains. Also see Links.

Domain
www.pornstarharem.com

Subject Issuer	Validity	Valid
apusduodena.shop R11	`2024-10-11` - `2025-01-09`	3 months	crt.sh
dexpredict.com WE1	`2024-10-16` - `2025-01-14`	3 months	crt.sh
mediasama.com E6	`2024-10-15` - `2025-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=
Frame ID: EEE1F180E633309B0F0FD51AE09B863A
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Star Harem

Page URL History Show full URLs

http://apusduodena.shop/itqrmwaplrsuevbgpwgefmfmwy/33070/0.6755230140575876 HTTP 307
https://apusduodena.shop/itqrmwaplrsuevbgpwgefmfmwy/33070/0.6755230140575876 Page URL
https://rno2p.bemobtrcks.com/go/e9890044-77ce-48a1-9f56-db0fecd9814b?cost=2.1987E-5&click_id=D6EA2460-90D... HTTP 302
https://dexpredict.com/jump/next.php?r=6808846&sub1=100444&sub2=437071 Page URL
https://junkyadexchange.com/jump/next.php?stamat=m%257C%252C0NjIiYjYrB1dAN0dEdHP3xP.4ce%252C7H0PozvLiGV-... HTTP 302
https://junkyadexchange.com/script/i.php?t=1&c=23836982&stamat=m%257C%252C%252CA2e3Y3K6oGU3BJ-GH0dEdHP3x... HTTP 302
https://gamingadlt.com/s/?k=66bf1c746d560&subid=172964593610000TCATV62001R4958R1420R151RR2216V558e9... HTTP 302
https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

3
IPs

4
Countries

2227 kB
Transfer

2391 kB
Size

11
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.pornstarharem.com/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=&tc9=&tc10=

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://apusduodena.shop/itqrmwaplrsuevbgpwgefmfmwy/33070/0.6755230140575876 HTTP 307
https://apusduodena.shop/itqrmwaplrsuevbgpwgefmfmwy/33070/0.6755230140575876 Page URL
https://rno2p.bemobtrcks.com/go/e9890044-77ce-48a1-9f56-db0fecd9814b?cost=2.1987E-5&click_id=D6EA2460-90DB-11EF-992F-693328F77158&zoneid=100444&geo=CA&cid=437071 HTTP 302
https://dexpredict.com/jump/next.php?r=6808846&sub1=100444&sub2=437071 Page URL
https://junkyadexchange.com/jump/next.php?stamat=m%257C%252C0NjIiYjYrB1dAN0dEdHP3xP.4ce%252C7H0PozvLiGV-YkDx825CHgxURJrrGkI3KXkHBHgBOuSWnXJRMX_wSnBTm05qza9kDHwV_NNtlxLY17vguMQ2C5z1PbzjVYvykYRBE2lVfeo%252C&cbpage=https://dexpredict.com/jump/next.php?r=6808846&sub1=100444&sub2=437071&cbur=0.3001916449336224&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fapusduodena.shop%2F&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2FGoogle%20Inc.1600x1200420en-CA84824%20bits HTTP 302
https://junkyadexchange.com/script/i.php?t=1&c=23836982&stamat=m%257C%252C%252CA2e3Y3K6oGU3BJ-GH0dEdHP3xP.5c4%252CdU_cU3L5WQeN0xEVpjSagzLCC15t0bSwEni1Ur9uzJWap_L0ltVb_dd3NJq0NB_M6U5erSbgSUQgH-iKqhVNdJy0CTWuIuIUkAHW5eNKxouNkVgOsBj_kTXFmgFPixhPY8okBWt8rZ12TmMf9Q0R9XjdYhtdJRNcwcmUhNPexQUDMjByWWUoOAbSJ_MwLuzd8auP3tZ5bnslLO4nJ7rVCeyLOoDF39SXxZwddB688kUWevas5ilfMnFRAFA5aPlKcvcyTdNlKxfU7N8kJh8_gfYPIEBlU75IBJvI8x-o06VhjzPBBDsNCDhmhn8IvQFlh6xS9bRK61OLKDOQGXLBl0HEnImC9V1_YFLz7TSxO2nErf9ONkSd47xpmaji-OMkZ4_rMqGjy4N7Qy38wxi_7FUY0ekSg-baJLbhVtchzsBbOUssr8aUK_jq41GTkIlQZ48QqBiETmtRWyoBvWHFvOsEHgrlpj8kjHUD02NAD_vCH0wB2h029URBOY4KfUPY-rG0shLyYU9lsPExpAKGpskz02T6o3coK-PgLjZ9CPL8XgdcRSFOmcLm2fALrVQ2uk-1_zStW0Kh-uE1CW4vwbSSXppt--UimpEOpjNZU5KTr51X8mrudmuo1ILWHo67a5jVu7pxf8aoM6N0IcHLYw%252C%252C HTTP 302
https://gamingadlt.com/s/?k=66bf1c746d560&subid=172964593610000TCATV62001R4958R1420R151RR2216V558e9&subid2=6808846-2517794690-1088857032 HTTP 302
https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://apusduodena.shop/itqrmwaplrsuevbgpwgefmfmwy/33070/0.6755230140575876 HTTP 307
https://apusduodena.shop/itqrmwaplrsuevbgpwgefmfmwy/33070/0.6755230140575876

Request Chain 1

https://rno2p.bemobtrcks.com/go/e9890044-77ce-48a1-9f56-db0fecd9814b?cost=2.1987E-5&click_id=D6EA2460-90DB-11EF-992F-693328F77158&zoneid=100444&geo=CA&cid=437071 HTTP 302
https://dexpredict.com/jump/next.php?r=6808846&sub1=100444&sub2=437071

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

0.6755230140575876
apusduodena.shop/itqrmwaplrsuevbgpwgefmfmwy/33070/
Redirect Chain

http://apusduodena.shop/itqrmwaplrsuevbgpwgefmfmwy/33070/0.6755230140575876
https://apusduodena.shop/itqrmwaplrsuevbgpwgefmfmwy/33070/0.6755230140575876

741 B
2 KB

1014ms
148ms

Document
text/html

23.109.170.23
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://apusduodena.shop/itqrmwaplrsuevbgpwgefmfmwy/33070/0.6755230140575876

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.170.23 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 23 Oct 2024 01:12:14 GMT
Keep-Alive: timeout=20
Server: nginx
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

Redirect headers

Location: https://apusduodena.shop/itqrmwaplrsuevbgpwgefmfmwy/33070/0.6755230140575876
Non-Authoritative-Reason: HttpsUpgrades

GET
H3

200

next.php
dexpredict.com/jump/
Redirect Chain

https://rno2p.bemobtrcks.com/go/e9890044-77ce-48a1-9f56-db0fecd9814b?cost=2.1987E-5&click_id=D6EA2460-90DB-11EF-992F-693328F77158&zoneid=100444&geo=CA&cid=437071
https://dexpredict.com/jump/next.php?r=6808846&sub1=100444&sub2=437071

10 KB
4 KB

345ms
164ms

Document
text/html

2606:4700:3037::ac43:b84d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dexpredict.com/jump/next.php?r=6808846&sub1=100444&sub2=437071
Requested by: Host: apusduodena.shop
URL: https://apusduodena.shop/itqrmwaplrsuevbgpwgefmfmwy/33070/0.6755230140575876
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b84d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://apusduodena.shop/itqrmwaplrsuevbgpwgefmfmwy/33070/0.6755230140575876
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d6ddb9b5f8e41fe-EWR
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Wed, 23 Oct 2024 01:12:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s5grVSz6W6G5n3tEMmHjL6heqCjWSXSQNnJxj04%2FprDx9c%2FYNLkcVypYT1QR9JGDKFA2MWOyPHVfPU4yu0JeggS4iGyA3VKXx7PoRbnbd3ALv1vpnUQ5l9gz8%2BfwrbdUFgYOWOl1qWMTDPUqsg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=89103&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4152&recv_bytes=4331&delivery_rate=37250&cwnd=12000&unsent_bytes=0&cid=e9e03650baa87626&ts=152&x=1" cfExtPri cfHdrFlush;dur=0
vary: accept-encoding
via: 1.1 google

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin: *
cache-control: no-cache
content-length: 200
content-type: text/html; charset=utf-8
date: Wed, 23 Oct 2024 01:12:15 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
location: https://dexpredict.com/jump/next.php?r=6808846&sub1=100444&sub2=437071
server: openresty
vary: Accept
x-response-time: 3.785ms

GET
H/1.1

200
OK

Primary Request / Show response
mediasama.com/starharem/02/n/ga/
Redirect Chain

https://junkyadexchange.com/jump/next.php?stamat=m%257C%252C0NjIiYjYrB1dAN0dEdHP3xP.4ce%252C7H0PozvLiGV-YkDx825CHgxURJrrGkI3KXkHBHgBOuSWnXJRMX_wSnBTm05qza9kDHwV_NNtlxLY17vguMQ2C5z1PbzjVYvykYRBE2lVf...
https://junkyadexchange.com/script/i.php?t=1&c=23836982&stamat=m%257C%252C%252CA2e3Y3K6oGU3BJ-GH0dEdHP3xP.5c4%252CdU_cU3L5WQeN0xEVpjSagzLCC15t0bSwEni1Ur9uzJWap_L0ltVb_dd3NJq0NB_M6U5erSbgSUQgH-iKqhV...
https://gamingadlt.com/s/?k=66bf1c746d560&subid=172964593610000TCATV62001R4958R1420R151RR2216V558e9&subid2=6808846-2517794690-1088857032
https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=

2 KB
1 KB

478ms
112ms

Document
text/html

149.56.38.113
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=
Requested by: Host: dexpredict.com
URL: https://dexpredict.com/jump/next.php?r=6808846&sub1=100444&sub2=437071
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 149.56.38.113 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip113.ip-149-56-38.net
Software: Apache /
Resource Hash: ef93cf9d8f8af43565b8c4ddaf450c0a39f626c89f72b19ace80bcad96e34628

Request headers

Referer: https://dexpredict.com/jump/next.php?r=6808846&sub1=100444&sub2=437071
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 853
content-type: text/html
date: Wed, 23 Oct 2024 01:11:57 GMT
etag: "807-5dc33aa9ee58c-gzip"
last-modified: Sat, 09 Apr 2022 07:29:07 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

content-type: text/html; charset=UTF-8
date: Wed, 23 Oct 2024 01:12:17 GMT
location: https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=
server: nginx

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
mediasama.com/starharem/02/n/ga/js/ 85 KB
30 KB 66ms
64ms Script
text/javascript 149.56.38.113
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediasama.com/starharem/02/n/ga/js/jquery-3.3.1.min.js
Requested by: Host: mediasama.com
URL: https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 149.56.38.113 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip113.ip-149-56-38.net
Software: Apache /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=

Response headers

content-encoding: gzip
etag: "1538f-5dc33ab1f027d-gzip"
accept-ranges: bytes
content-length: 30307
date: Wed, 23 Oct 2024 01:11:57 GMT
last-modified: Sat, 09 Apr 2022 07:29:15 GMT
vary: Accept-Encoding
server: Apache
content-type: text/javascript

GET
H/1.1 200
OK less.min.js Show response
mediasama.com/starharem/02/n/ga/js/ 151 KB
46 KB 137ms
58ms Script
text/javascript 149.56.38.113
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediasama.com/starharem/02/n/ga/js/less.min.js
Requested by: Host: mediasama.com
URL: https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 149.56.38.113 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip113.ip-149-56-38.net
Software: Apache /
Resource Hash: 9498cee5b6db4e9050e8705d002ca3a6ec3c0b907fe1f4386b39bfa32f236c90

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=

Response headers

content-encoding: gzip
etag: "25cc3-5dc33ab2887fe-gzip"
accept-ranges: bytes
content-length: 46424
date: Wed, 23 Oct 2024 01:11:57 GMT
last-modified: Sat, 09 Apr 2022 07:29:16 GMT
vary: Accept-Encoding
server: Apache
content-type: text/javascript

GET
H/1.1 200
OK getParam.js Show response
mediasama.com/starharem/02/n/ga/js/ 919 B
660 B 249ms
103ms Script
text/javascript 149.56.38.113
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediasama.com/starharem/02/n/ga/js/getParam.js
Requested by: Host: mediasama.com
URL: https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 149.56.38.113 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip113.ip-149-56-38.net
Software: Apache /
Resource Hash: 985c5ddae43a0d868acd7687ad1d03c5150d16a2f842c1324ac4c830f5ca6bc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=

Response headers

content-encoding: gzip
etag: "397-5dc33ab16f3fc-gzip"
accept-ranges: bytes
content-length: 389
date: Wed, 23 Oct 2024 01:11:57 GMT
last-modified: Sat, 09 Apr 2022 07:29:15 GMT
vary: Accept-Encoding
server: Apache
content-type: text/javascript

GET
H/1.1 200
OK style.less Show response
mediasama.com/starharem/02/n/ga/ 5 KB
5 KB 45ms
45ms XHR
text/plain 149.56.38.113
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediasama.com/starharem/02/n/ga/style.less
Requested by: Host: mediasama.com
URL: https://mediasama.com/starharem/02/n/ga/js/less.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 149.56.38.113 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip113.ip-149-56-38.net
Software: Apache /
Resource Hash: 2d07d337a00233354507178c90cb02d505c8517789e52cd6319ceef4b2a96a02

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: text/css
Referer: https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=

Response headers

accept-ranges: bytes
content-length: 5283
date: Wed, 23 Oct 2024 01:11:57 GMT
etag: "14a3-5dc60512b7728"
last-modified: Mon, 11 Apr 2022 12:45:20 GMT
server: Apache

GET
H/1.1 200
OK bg1.jpg
mediasama.com/starharem/02/n/ga/assets/backgrounds/desktop/ 283 KB
283 KB 52ms
51ms Image
image/jpeg 149.56.38.113
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediasama.com/starharem/02/n/ga/assets/backgrounds/desktop/bg1.jpg
Requested by: Host: mediasama.com
URL: https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 149.56.38.113 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip113.ip-149-56-38.net
Software: Apache /
Resource Hash: 16d18f128572ad94dd58221898b3ea4f473cf49ad561892175dab6a3fe4fad81

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=

Response headers

accept-ranges: bytes
content-length: 289955
date: Wed, 23 Oct 2024 01:11:57 GMT
etag: "46ca3-5dc5c42198449"
last-modified: Mon, 11 Apr 2022 07:54:47 GMT
content-type: image/jpeg
server: Apache

GET
H/1.1 200
OK bg2.jpg
mediasama.com/starharem/02/n/ga/assets/backgrounds/desktop/ 271 KB
272 KB 176ms
175ms Image
image/jpeg 149.56.38.113
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediasama.com/starharem/02/n/ga/assets/backgrounds/desktop/bg2.jpg
Requested by: Host: mediasama.com
URL: https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 149.56.38.113 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip113.ip-149-56-38.net
Software: Apache /
Resource Hash: 9436ef31aeb0f168ab2d8eccc9be85b059e908e3bffc0fb7bcf646ab3ee93af8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=

Response headers

accept-ranges: bytes
content-length: 277892
date: Wed, 23 Oct 2024 01:11:57 GMT
etag: "43d84-5dc5c421d1e2a"
last-modified: Mon, 11 Apr 2022 07:54:47 GMT
content-type: image/jpeg
server: Apache

GET
H/1.1 200
OK bg3.jpg
mediasama.com/starharem/02/n/ga/assets/backgrounds/desktop/ 360 KB
360 KB 289ms
262ms Image
image/jpeg 149.56.38.113
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediasama.com/starharem/02/n/ga/assets/backgrounds/desktop/bg3.jpg
Requested by: Host: mediasama.com
URL: https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 149.56.38.113 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip113.ip-149-56-38.net
Software: Apache /
Resource Hash: e00d4cdfec29753e628ae71d24014149559299984a8d6b2fc7eb509943819989

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=

Response headers

accept-ranges: bytes
content-length: 368690
date: Wed, 23 Oct 2024 01:11:57 GMT
etag: "5a032-5dc5c423355ab"
last-modified: Mon, 11 Apr 2022 07:54:49 GMT
content-type: image/jpeg
server: Apache

GET
H/1.1 200
OK bg4.jpg
mediasama.com/starharem/02/n/ga/assets/backgrounds/desktop/ 348 KB
349 KB 601ms
245ms Image
image/jpeg 149.56.38.113
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediasama.com/starharem/02/n/ga/assets/backgrounds/desktop/bg4.jpg
Requested by: Host: mediasama.com
URL: https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 149.56.38.113 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip113.ip-149-56-38.net
Software: Apache /
Resource Hash: e4cdb1a5fa6e611ba706394c9c2df56ee8fb2d18b439118acaf5970d8b71660b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=

Response headers

accept-ranges: bytes
content-length: 356676
date: Wed, 23 Oct 2024 01:11:58 GMT
etag: "57144-5dc5c4239702b"
last-modified: Mon, 11 Apr 2022 07:54:49 GMT
content-type: image/jpeg
server: Apache

GET
H/1.1 200
OK desk_front.png
mediasama.com/starharem/02/n/ga/assets/ 871 KB
872 KB 604ms
217ms Image
image/png 149.56.38.113
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediasama.com/starharem/02/n/ga/assets/desk_front.png
Requested by: Host: mediasama.com
URL: https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 149.56.38.113 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip113.ip-149-56-38.net
Software: Apache /
Resource Hash: 8046fe4c35476355cd61aac9dda004598371ee1775b762985bd43cbe0686fe03

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=

Response headers

accept-ranges: bytes
content-length: 892392
date: Wed, 23 Oct 2024 01:11:58 GMT
etag: "d9de8-5dc5c41beb245"
last-modified: Mon, 11 Apr 2022 07:54:41 GMT
content-type: image/png
server: Apache

GET
H/1.1 200
OK favicon.png
mediasama.com/starharem/02/n/ga/assets/ 2 KB
2 KB 43ms
43ms Other
image/png 149.56.38.113
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediasama.com/starharem/02/n/ga/assets/favicon.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 149.56.38.113 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip113.ip-149-56-38.net
Software: Apache /
Resource Hash: 5e8053d97334f92cad4529e9657c3a117d2e43ec9ab161c28f017f86167c4114

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediasama.com/starharem/02/n/ga/?ref_id=42&noagev=1&tc1=HH32a9fd174a03f12f7d2f8d0c91000320&tc2=29773&tc3=6165&tc4=SOI&tc5=&tc6=&tc7=smartlink-1132&tc8=

Response headers

accept-ranges: bytes
content-length: 2005
date: Wed, 23 Oct 2024 01:11:58 GMT
etag: "7d5-5dc5c41b5a9c5"
last-modified: Mon, 11 Apr 2022 07:54:41 GMT
content-type: image/png
server: Apache

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| less

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
apusduodena.shop/	1970-01-21 00:28:52	Name: GL_UI4 Value: eJw9jd1Og0AQhaGwtNWCTsID%2BAiAaOml8dZ3IMvuSNcuO82wpfr2riZ6dX7y5ZwoilblHcRLtoXkIp%2FgQel9pRCHVtb75656rIa66xp1qJq2kW3TwdbMvZeDRZ%2FCZp4k%2B94vKexGdMhG9Yo05nAfqL%2Fm5OjqUhADS6dzEFMgbA7rgek6I5cJpE5OCNnrkSmomOQHMSR1cwjeuODjClY0l0lxA%2BLNuMtnscuiosgiuD1b6d%2BJp97oEMXIUiPEL7BR0uNI%2FAVrjfPJ0xmArO7%2F%2Bd9PYX%2FWINO4GBUi%2BSPyN0XnTgI%3D
apusduodena.shop/	1970-01-21 00:28:52	Name: GL_GI10 Value: eJwtykEKwjAQBdDMIFFRFx97AE%2BQtgG717jURfEEaTpIIaQlrZ5fF24fTynFxR48TDjUTWMqY6uzsbYGvcDuAg4J2vnkew%2FK4NaB84%2Fat3QSQAGbx5iWLD6CBuyuEuPp%2FznN2DrfRSlvzzto0gq8jOsVeO4LBfro4xe4jhva
apusduodena.shop/	1970-01-21 01:53:49	Name: cvn1 Value: CwaAAAAAAhQBCgAXTmsGAQM%3D
apusduodena.shop/	1970-01-21 00:28:52	Name: GL_BC Value: eJxjYGBgEmEU5EyKNzQ1MjcxMBZh5EqX8M1jYwQAKeYDuQ%3D%3D
apusduodena.shop/	1970-01-21 00:28:52	Name: GL_CA_33070 Value: eJxjYGBgEmHkYhDl7BdhEmRMZmMUZCzhSpfwzQMAGvwDKw%3D%3D
apusduodena.shop/	1970-01-21 00:28:52	Name: GL_OC Value: eJxjYGBgEmEUZMmPNzUQYeRKl%2FDNY2MEABeBAsA%3D
.rno2p.bemobtrcks.com/	1970-01-21 09:13:01	Name: bemob-viewer-id Value: 6dd007cf-d7fb-4872-8059-dc20fdd55b8c
.rno2p.bemobtrcks.com/	1970-01-21 00:28:52	Name: bemob-uniq-visit:e9890044-77ce-48a1-9f56-db0fecd9814b Value: 1
.rno2p.bemobtrcks.com/	1970-01-21 01:10:37	Name: bemob-click-id Value: TaMHrPW5HxohTpDvY9Upit
gamingadlt.com/	1970-01-21 00:27:27	Name: HH-msoc-66bf1c746d5606165 Value: 1
gamingadlt.com/	1970-01-21 00:28:09	Name: HH-offer6165 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apusduodena.shop
dexpredict.com
gamingadlt.com
junkyadexchange.com
mediasama.com
rno2p.bemobtrcks.com
149.56.38.113
23.109.170.23
2600:1f18:43d1:2a02:c3bd:35f3:da0a:4041
2606:4700:3033::6815:1f27
2606:4700:3037::ac43:b84d
5.196.166.128
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16d18f128572ad94dd58221898b3ea4f473cf49ad561892175dab6a3fe4fad81
2d07d337a00233354507178c90cb02d505c8517789e52cd6319ceef4b2a96a02
5e8053d97334f92cad4529e9657c3a117d2e43ec9ab161c28f017f86167c4114
8046fe4c35476355cd61aac9dda004598371ee1775b762985bd43cbe0686fe03
9436ef31aeb0f168ab2d8eccc9be85b059e908e3bffc0fb7bcf646ab3ee93af8
9498cee5b6db4e9050e8705d002ca3a6ec3c0b907fe1f4386b39bfa32f236c90
985c5ddae43a0d868acd7687ad1d03c5150d16a2f842c1324ac4c830f5ca6bc8
e00d4cdfec29753e628ae71d24014149559299984a8d6b2fc7eb509943819989
e4cdb1a5fa6e611ba706394c9c2df56ee8fb2d18b439118acaf5970d8b71660b
ef93cf9d8f8af43565b8c4ddaf450c0a39f626c89f72b19ace80bcad96e34628

mediasama.com Open in urlscan Pro 149.56.38.113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

3 IPs

4 Countries

2227 kBTransfer

2391 kBSize

11 Cookies

1 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

11 Cookies

Security Headers

Indicators

mediasama.com Open in urlscan Pro
149.56.38.113 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

3
IPs

4
Countries

2227 kB
Transfer

2391 kB
Size

11
Cookies

13 HTTP transactions
0 data transactions