urlscan.io logo urlscan.io
SecurityTrails logo

tubemate.us Open in urlscan Pro
75.102.22.187  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://customersupport.luxxotica.com/
Effective URL: https://tubemate.us/?lang=en
Submission: On July 13 via automatic, source certstream-suspicious — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 14 HTTP transactions. The main IP is 75.102.22.187, located in Chicago, United States and belongs to SERVERCENTRAL, US. The main domain is tubemate.us.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 20th 2024. Valid for: 3 months.
This is the only time tubemate.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 185.53.178.110 61969 (TEAMINTER...)
1 18.66.121.190 16509 (AMAZON-02)
2 44.194.155.73 14618 (AMAZON-AES)
1 2 15.197.224.234 16509 (AMAZON-02)
1 130.211.29.114 396982 (GOOGLE-CL...)
2 35.241.15.240 15169 (GOOGLE)
1 1 173.239.53.32 27257 (WEBAIR-IN...)
1 1 18.184.197.212 16509 (AMAZON-02)
2 75.102.22.187 23352 (SERVERCEN...)
1 23.109.170.188 7979 (SERVERS-COM)
14 8
4    185.53.178.110 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)
customersupport.luxxotica.com
1    18.66.121.190 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-121-190.fra60.r.cloudfront.net
d38psrni17bvxu.cloudfront.net
2    44.194.155.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-155-73.compute-1.amazonaws.com
tanis-ats.com
2    15.197.224.234 (United States)

ASN16509 (AMAZON-02, US)
PTR: ab226b763647f1870.awsglobalaccelerator.com
starchoice-1.online
1    130.211.29.114 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com
cdn.perfdrive.com
2    35.241.15.240 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 240.15.241.35.bc.googleusercontent.com
cas.avalon.perfdrive.com
1    173.239.53.32 (New York, United States)

ASN27257 (WEBAIR-INTERNET, US)
xml-v4.starvalue-2.online
1    18.184.197.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: eu-ip-2.short.io
go.advertia.click
2    75.102.22.187 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: bh7106.banahosting.com
tubemate.us
1    23.109.170.188 (Netherlands)

ASN7979 (SERVERS-COM, US)
wisteinsight.com
Apex Domain
Subdomains		 Transfer
4 luxxotica.com
customersupport.luxxotica.com
4 KB
3 perfdrive.com
cdn.perfdrive.com — Cisco Umbrella Rank: 35132
cas.avalon.perfdrive.com — Cisco Umbrella Rank: 12612
90 KB
2 tubemate.us
tubemate.us
2 KB
2 starchoice-1.online
starchoice-1.online — Cisco Umbrella Rank: 298826
21 KB
2 tanis-ats.com
tanis-ats.com — Cisco Umbrella Rank: 343044
4 KB
1 wisteinsight.com
wisteinsight.com — Cisco Umbrella Rank: 635535
1 KB
1 advertia.click
go.advertia.click
65 B
1 starvalue-2.online
xml-v4.starvalue-2.online
188 B
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
1 KB
14 9
Domain Requested by
4 customersupport.luxxotica.com d38psrni17bvxu.cloudfront.net
customersupport.luxxotica.com
2 tubemate.us starchoice-1.online
2 cas.avalon.perfdrive.com cdn.perfdrive.com
2 starchoice-1.online 1 redirects tanis-ats.com
2 tanis-ats.com customersupport.luxxotica.com
tanis-ats.com
1 wisteinsight.com tubemate.us
1 go.advertia.click 1 redirects
1 xml-v4.starvalue-2.online 1 redirects
1 cdn.perfdrive.com starchoice-1.online
1 d38psrni17bvxu.cloudfront.net customersupport.luxxotica.com
14 10

This site contains no links.

Subject Issuer Validity Valid
customersupport.luxxotica.com
R10		 2024-07-13 -
2024-10-11		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
tanis-ats.com
Amazon RSA 2048 M02		 2024-07-02 -
2025-07-31		 a year crt.sh
starchoice-1.online
Amazon RSA 2048 M02		 2024-07-03 -
2025-08-01		 a year crt.sh
*.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2023-09-21 -
2024-09-26		 a year crt.sh
cas.avalon.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2023-07-24 -
2024-08-05		 a year crt.sh
tubemate.us
cPanel, Inc. Certification Authority		 2024-05-20 -
2024-08-18		 3 months crt.sh
wisteinsight.com
R10		 2024-06-11 -
2024-09-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://tubemate.us/?lang=en
Frame ID: AEAC7BFB77EE44E9494A49DE9EBAE77A
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

5 Best Bitcoin Mining Hardware ASIC Machines (2021 Rigs)

Page URL History Show full URLs

  1. https://customersupport.luxxotica.com/ Page URL
  2. http://tanis-ats.com/zclkvisitor/7c9f8cd6-4168-11ef-8898-0afff2a15cf9/1304ac30-8585-11eb-af9e-0a5... HTTP 307
    https://tanis-ats.com/zclkvisitor/7c9f8cd6-4168-11ef-8898-0afff2a15cf9/1304ac30-8585-11eb-af9e-0a5... Page URL
  3. https://tanis-ats.com/zclkredirect?visitid=7c9f8cd6-4168-11ef-8898-0afff2a15cf9&type=js&browserWid... Page URL
  4. http://starchoice-1.online/api/v1/px?xmlid=CvrjMPJCDmh3kbo8fJvc5LREDApNcDjmbwiiLpD3 HTTP 307
    https://starchoice-1.online/api/v1/px?xmlid=CvrjMPJCDmh3kbo8fJvc5LREDApNcDjmbwiiLpD3 Page URL
  5. https://starchoice-1.online/api/v1/pxcheck?impId=CvrjMPJCDmh3kbo8fJvc5LREDApNcDjmbwiiLpD3&minfo=eyJjb29r... HTTP 302
    http://xml-v4.starvalue-2.online/click?seat=2922639&i=QpF0Binynsw_0 HTTP 307
    https://xml-v4.starvalue-2.online/click?seat=2922639&i=QpF0Binynsw_0 HTTP 302
    https://go.advertia.click/galaktic HTTP 302
    http://tubemate.us/?lang=en HTTP 307
    https://tubemate.us/?lang=en Page URL

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

8
IPs

3
Countries

123 kB
Transfer

360 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://customersupport.luxxotica.com/ Page URL
  2. http://tanis-ats.com/zclkvisitor/7c9f8cd6-4168-11ef-8898-0afff2a15cf9/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=7caa3b33-4168-11ef-8898-0afff2a15cf9 HTTP 307
    https://tanis-ats.com/zclkvisitor/7c9f8cd6-4168-11ef-8898-0afff2a15cf9/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=7caa3b33-4168-11ef-8898-0afff2a15cf9 Page URL
  3. https://tanis-ats.com/zclkredirect?visitid=7c9f8cd6-4168-11ef-8898-0afff2a15cf9&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome Page URL
  4. http://starchoice-1.online/api/v1/px?xmlid=CvrjMPJCDmh3kbo8fJvc5LREDApNcDjmbwiiLpD3 HTTP 307
    https://starchoice-1.online/api/v1/px?xmlid=CvrjMPJCDmh3kbo8fJvc5LREDApNcDjmbwiiLpD3 Page URL
  5. https://starchoice-1.online/api/v1/pxcheck?impId=CvrjMPJCDmh3kbo8fJvc5LREDApNcDjmbwiiLpD3&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI2LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cHM6Ly9zdGFyY2hvaWNlLTEub25saW5lL2FwaS92MS9weD94bWxpZD1DdnJqTVBKQ0RtaDNrYm84Zkp2YzVMUkVEQXBOY0RqbWJ3aWlMcEQzIiwiZGV2aWNlU3JlZW5TaXplIjoiMTIwMHgxNjAwIiwiZGV2aWNlV2luZG93U2l6ZSI6IjEyMDB4MTYwMCIsInduZDJzcmNSYXRpb0x3cjA2IjpmYWxzZSwiZWZmZWN0aXZlVHlwZSI6IjRnIiwiaXNCb3QiOmZhbHNlLCJmQm90TmFtZSI6IiIsImZSZWFzb25zIjoiIn0= HTTP 302
    http://xml-v4.starvalue-2.online/click?seat=2922639&i=QpF0Binynsw_0 HTTP 307
    https://xml-v4.starvalue-2.online/click?seat=2922639&i=QpF0Binynsw_0 HTTP 302
    https://go.advertia.click/galaktic HTTP 302
    http://tubemate.us/?lang=en HTTP 307
    https://tubemate.us/?lang=en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://tanis-ats.com/zclkvisitor/7c9f8cd6-4168-11ef-8898-0afff2a15cf9/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=7caa3b33-4168-11ef-8898-0afff2a15cf9 HTTP 307
  • https://tanis-ats.com/zclkvisitor/7c9f8cd6-4168-11ef-8898-0afff2a15cf9/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=7caa3b33-4168-11ef-8898-0afff2a15cf9
Request Chain 7
  • http://starchoice-1.online/api/v1/px?xmlid=CvrjMPJCDmh3kbo8fJvc5LREDApNcDjmbwiiLpD3 HTTP 307
  • https://starchoice-1.online/api/v1/px?xmlid=CvrjMPJCDmh3kbo8fJvc5LREDApNcDjmbwiiLpD3

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
customersupport.luxxotica.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://customersupport.luxxotica.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.110 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
565426696d03af39dac7cd7c99543662c120fd784cc342cc66379adfbb5756aa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ch
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-Ch-Lifetime
30
Content-Encoding
gzip
Content-Length
1336
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Jul 2024 22:37:29 GMT
Server
nginx
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_sdNvdY3akfwK6TWYPIpBRHBuA+64ZgJmeTzZz8xr9JthLYw7Zw0svqKqiefnEopoTBY99Zyp4J9t/lYElvf3Ug==
X-Buckets
bucket011,bucket077
X-Domain
luxxotica.com
X-Language
italian
X-Redirect
zeropark_zeroclick
X-Subdomain
customersupport
X-Template
tpl_CleanPeppermintBlack_twoclick
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: customersupport.luxxotica.com
URL: https://customersupport.luxxotica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.121.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-121-190.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

Referer
https://customersupport.luxxotica.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 04:35:22 GMT
via
1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
last-modified
Thu, 21 Mar 2024 11:48:11 GMT
server
nginx
x-amz-cf-pop
FRA60-P2
age
64929
etag
"65fc1e7b-448"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1096
x-amz-cf-id
8x2yW-CybVo9Z9zEdZtLGcWWRfJlFOyW1Qybx4DT5tTUzGRcaZTEOA==
track.php
customersupport.luxxotica.com/ 		0
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://customersupport.luxxotica.com/track.php?domain=luxxotica.com&toggle=browserjs&uid=MTcyMDkxMDI0OS4zMzU0OjQ1YmI3MjI0NDY4YzBjNmQ2M2NhN2YyZjMxOTZkM2NiNjg4MGI2ZWI0MjIwNzc2YzA4NDI4ODRiOTdlODMxM2M6NjY5MzAxYTk1MWUxYw%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.110 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

device-memory
8
rtt
100
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://customersupport.luxxotica.com/
dpr
1
downlink
10
ect
4g

Response headers

Date
Sat, 13 Jul 2024 22:37:30 GMT
Content-Encoding
gzip
Accept-Ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Server
nginx
X-Custom-Track
browserjs
Vary
Accept-Encoding
Accept-Ch-Lifetime
30
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Content-Length
20
ls.php
customersupport.luxxotica.com/ 		16 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://customersupport.luxxotica.com/ls.php?t=669301a9&token=a6476f28aa59cf26566a876c0ee4aad49e8345d4
Requested by
Host: customersupport.luxxotica.com
URL: https://customersupport.luxxotica.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.110 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

device-memory
8
rtt
100
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://customersupport.luxxotica.com/
dpr
1
downlink
10
ect
4g

Response headers

Date
Sat, 13 Jul 2024 22:37:30 GMT
Accept-Ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
POST, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
Accept-Ch-Lifetime
30
Charset
utf-8
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Te6fqBb/8X9elhXkf5yYNrEL76hpSSB3hVzS6rDGlZYLEtb69Zxa1iQJxbQ8HIBTH/DlkCXS2UKwcScyduJ1gA==
X-Log-Success
669301aa990e65270c05d359
Content-Length
16
track.php
customersupport.luxxotica.com/ 		0
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://customersupport.luxxotica.com/track.php?click=83c7419bd2a751edeafa170074d6f87dec2d0f6e&domain=luxxotica.com&uid=MTcyMDkxMDI0OS4zMzU0OjQ1YmI3MjI0NDY4YzBjNmQ2M2NhN2YyZjMxOTZkM2NiNjg4MGI2ZWI0MjIwNzc2YzA4NDI4ODRiOTdlODMxM2M6NjY5MzAxYTk1MWUxYw%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTEsYnVja2V0MDc3fHx8fHx8NjY5MzAxYTk1MWRlNnx8fDE3MjA5MTAyNDkuNjMwM3wwNDQ4ZDYzNGU3NmY3NDE5MDAyMjQyZjc2NWRiNDE3ZjZhZDQ3ZjU3fHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHx8fDB8MHx8MHx8fDB8MHxXMTA9fHwxfFcxMD18YTY0NzZmMjhhYTU5Y2YyNjU2NmE4NzZjMGVlNGFhZDQ5ZTgzNDVkNHwwfHwwfDB8fHw%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.53.178.110 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

device-memory
8
rtt
100
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width
1600
Referer
https://customersupport.luxxotica.com/
dpr
1
downlink
10
ect
4g

Response headers

Date
Sat, 13 Jul 2024 22:37:30 GMT
Content-Encoding
gzip
X-Blocked
true
Accept-Ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Server
nginx
X-Custom-Track
none
Vary
Accept-Encoding
Accept-Ch-Lifetime
30
Content-Type
text/html; charset=UTF-8
Content-Length
20
1304ac30-8585-11eb-af9e-0a51339b19df
tanis-ats.com/zclkvisitor/7c9f8cd6-4168-11ef-8898-0afff2a15cf9/
Redirect Chain
  • http://tanis-ats.com/zclkvisitor/7c9f8cd6-4168-11ef-8898-0afff2a15cf9/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=7caa3b33-4168-11ef-8898-0afff2a15cf9
  • https://tanis-ats.com/zclkvisitor/7c9f8cd6-4168-11ef-8898-0afff2a15cf9/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=7caa3b33-4168-11ef-8898-0afff2a15cf9
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tanis-ats.com/zclkvisitor/7c9f8cd6-4168-11ef-8898-0afff2a15cf9/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=7caa3b33-4168-11ef-8898-0afff2a15cf9
Requested by
Host: customersupport.luxxotica.com
URL: https://customersupport.luxxotica.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.155.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-155-73.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://customersupport.luxxotica.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
2732
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Sat, 13 Jul 2024 22:37:30 GMT
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'

Redirect headers

Location
https://tanis-ats.com/zclkvisitor/7c9f8cd6-4168-11ef-8898-0afff2a15cf9/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=7caa3b33-4168-11ef-8898-0afff2a15cf9
Non-Authoritative-Reason
HttpsUpgrades
zclkredirect
tanis-ats.com/ 		348 B
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tanis-ats.com/zclkredirect?visitid=7c9f8cd6-4168-11ef-8898-0afff2a15cf9&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome
Requested by
Host: tanis-ats.com
URL: https://tanis-ats.com/zclkvisitor/7c9f8cd6-4168-11ef-8898-0afff2a15cf9/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=7caa3b33-4168-11ef-8898-0afff2a15cf9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.155.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-155-73.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://tanis-ats.com/zclkvisitor/7c9f8cd6-4168-11ef-8898-0afff2a15cf9/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=7caa3b33-4168-11ef-8898-0afff2a15cf9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
348
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Sat, 13 Jul 2024 22:37:30 GMT
redirected
JS
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'
px
starchoice-1.online/api/v1/
Redirect Chain
  • http://starchoice-1.online/api/v1/px?xmlid=CvrjMPJCDmh3kbo8fJvc5LREDApNcDjmbwiiLpD3
  • https://starchoice-1.online/api/v1/px?xmlid=CvrjMPJCDmh3kbo8fJvc5LREDApNcDjmbwiiLpD3
114 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://starchoice-1.online/api/v1/px?xmlid=CvrjMPJCDmh3kbo8fJvc5LREDApNcDjmbwiiLpD3
Requested by
Host: tanis-ats.com
URL: https://tanis-ats.com/zclkredirect?visitid=7c9f8cd6-4168-11ef-8898-0afff2a15cf9&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.224.234 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab226b763647f1870.awsglobalaccelerator.com
Software
/
Resource Hash
746a10f68d3897fbd9380b883c797050978f9683359347f62dd9bf939f3e5f01

Request headers

Referer
https://tanis-ats.com/zclkredirect?visitid=7c9f8cd6-4168-11ef-8898-0afff2a15cf9&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 13 Jul 2024 22:37:31 GMT
etag
W/"1c8ff-C1hPrVYk+zzO523zI4V/FEnp1F0"
vary
Accept-Encoding

Redirect headers

Location
https://starchoice-1.online/api/v1/px?xmlid=CvrjMPJCDmh3kbo8fJvc5LREDApNcDjmbwiiLpD3
Non-Authoritative-Reason
HttpsUpgrades
stormcaster.js
cdn.perfdrive.com/advanced/ 		237 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.perfdrive.com/advanced/stormcaster.js
Requested by
Host: starchoice-1.online
URL: https://starchoice-1.online/api/v1/px?xmlid=CvrjMPJCDmh3kbo8fJvc5LREDApNcDjmbwiiLpD3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
114.29.211.130.bc.googleusercontent.com
Software
nginx/1.10.1 /
Resource Hash
083aa627d1b2a29661b9548eb547582b11faf1d2d90c076279053ab56be15f2b

Request headers

Referer
https://starchoice-1.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 21:53:40 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 18 Jun 2024 04:33:45 GMT
server
nginx/1.10.1
age
2632
etag
W/"66710e29-3b3c5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90611
jsdata
cas.avalon.perfdrive.com/ 		360 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://starchoice-1.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
9ms
date
Sat, 13 Jul 2024 22:37:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
360
content-type
text/plain; charset=UTF-8
jsdata
cas.avalon.perfdrive.com/ 		255 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://starchoice-1.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
10ms
date
Sat, 13 Jul 2024 22:37:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
content-type
text/plain; charset=UTF-8
Primary Request /
tubemate.us/
Redirect Chain
  • https://starchoice-1.online/api/v1/pxcheck?impId=CvrjMPJCDmh3kbo8fJvc5LREDApNcDjmbwiiLpD3&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81M...
  • http://xml-v4.starvalue-2.online/click?seat=2922639&i=QpF0Binynsw_0
  • https://xml-v4.starvalue-2.online/click?seat=2922639&i=QpF0Binynsw_0
  • https://go.advertia.click/galaktic
  • http://tubemate.us/?lang=en
  • https://tubemate.us/?lang=en
727 B
652 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tubemate.us/?lang=en
Requested by
Host: starchoice-1.online
URL: https://starchoice-1.online/api/v1/px?xmlid=CvrjMPJCDmh3kbo8fJvc5LREDApNcDjmbwiiLpD3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
75.102.22.187 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
bh7106.banahosting.com
Software
/
Resource Hash
daa6db574aac8c4e1e7d87aa1a20a94e9e4f0c2383e7fc3ceb7a6b131466c73c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
417
content-type
text/html; charset=UTF-8
date
Sat, 13 Jul 2024 22:37:33 GMT
vary
Accept-Encoding

Redirect headers

Location
https://tubemate.us/?lang=en
Non-Authoritative-Reason
HttpsUpgrades
84389
wisteinsight.com/1clkn/ 		6 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wisteinsight.com/1clkn/84389
Requested by
Host: tubemate.us
URL: https://tubemate.us/?lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.188 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://tubemate.us/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 13 Jul 2024 22:37:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Keep-Alive
timeout=20
favicon.ico
tubemate.us/ 		796 B
909 B 		Other
General
Check archive.org
Download Go to
Full URL
https://tubemate.us/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
75.102.22.187 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
bh7106.banahosting.com
Software
/
Resource Hash
c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400

Request headers

Referer
https://tubemate.us/?lang=en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 22:37:34 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
796
content-type
text/html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Domain/Path Name / Value
.starchoice-1.online/ Name: __ssds
Value: 2
.starchoice-1.online/ Name: __ssuzjsr2
Value: a9be0cd8e
.starchoice-1.online/ Name: __uzmaj2
Value: c57d9e09-7d7d-4387-b27e-839b0badf1f1
.starchoice-1.online/ Name: __uzmbj2
Value: 1720910252
.starchoice-1.online/ Name: __uzmcj2
Value: 332791074234
.starchoice-1.online/ Name: __uzmdj2
Value: 1720910252
.starchoice-1.online/ Name: __uzmlj2
Value: NGMMJ4y52EdBWVTWTaI51uVMEzGDH4miKQ9kFiVKFQM=
.starchoice-1.online/ Name: __uzmfj2
Value: 7f60004e46a860-f9de-4588-8913-936d5702321517209102526260-a34ccf6eddd6a76510
wisteinsight.com/ Name: GL_UI4
Value: eJw9jd1Og0AQhaGwtNWCTsID%2BAgstVgvTW99B7LLTula2GmGLdW3dzXRq%2FOTL%2BdEUbQoHyCeszUkV7WDJ1lXx6p56WSjt7XGZveKldxXeiuxqffPEtZ2ar3SA%2FoUVtOo2Ld%2BTmHTo0O2XduRwRweA%2FXXnB3dXApCs3ImBzEGYshhqZluE3KZQOrUiJAdTkxBxag%2BiCGRdRO8dcHHFSxoKpPiDsS7ddfPYpNFRZFFcH8ZlD8Sj601IYqelUGI32DVKY898RcsDU5nTxcAGkz7z%2F9%2BiuFnDTKDs%2B1CJH9C%2Fgbc802c
wisteinsight.com/ Name: GL_GI10
Value: eJwNyk0KwjAQBtDMgIGCFj7sATxBIOJPXbuQLLoRLxBrkUDIhDQK3t5uH08pxd0aHDJa2x%2BNvfTmtDf2cAa9we4BHhNWrvr4AxXw4MBlkSFEn0Bj24ACNrcoTx93d%2FnUaVlpRnOVkqX4OoGyJnAVzeD51SnQV2%2F%2F5k0aQw%3D%3D

2 Console Messages

Source Level URL
Text
network error URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js(Line 17)
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://tubemate.us/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()