Submitted URL: http://lenfa.ru/
Effective URL: https://online.lenta.com/?utm_content=f3j3r&utm_term=14&utm_medium=CPA&utm_campaign=24&oid=gxxwwrft3&wid=f3j3r&statid=14_...
Submission: On December 07 via api from US — Scanned from US

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 178.248.239.227, located in Russian Federation and belongs to HLL-AS HLL LLC, RU. The main domain is online.lenta.com.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on August 26th 2024. Valid for: a year.
This is the only time online.lenta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 31.28.24.244 12616 (HOSTING-M...)
2 189.1.173.100 262287 (Latitude....)
4 178.248.239.227 51115 (HLL-AS HL...)
6 2
Apex Domain
Subdomains
Transfer
4 lenta.com
online.lenta.com
225 KB
2 whjre.com
whjre.com — Cisco Umbrella Rank: 535046
2 KB
1 lenfa.ru
lenfa.ru
166 B
6 3
Domain Requested by
4 online.lenta.com whjre.com
online.lenta.com
2 whjre.com whjre.com
1 lenfa.ru 1 redirects
6 3

This site contains no links.

Subject Issuer Validity Valid
whjre.com
R11
2024-10-09 -
2025-01-07
3 months crt.sh
*.online.lenta.com
GlobalSign RSA OV SSL CA 2018
2024-08-26 -
2025-09-27
a year crt.sh

This page contains 1 frames:

Primary Page: https://online.lenta.com/?utm_content=f3j3r&utm_term=14&utm_medium=CPA&utm_campaign=24&oid=gxxwwrft3&wid=f3j3r&statid=14_aadZ23cBFaZypEh&sub=aadZ23cBFaZypEh&sub2=2qd
Frame ID: B90498E703F926F538035738EAD68AB4
Requests: 6 HTTP requests in this frame

Screenshot

Page Title

HTTP 403

Page URL History Show full URLs

  1. http://lenfa.ru/ HTTP 307
    https://lenfa.ru/ HTTP 301
    https://whjre.com/v2/click-b2Ek9-BPGeP-07KQO-c3ac29a2?tl=1&sa=lejta&erid=2VfnxxfmT7W Page URL
  2. https://whjre.com/v2/click-b2Ek9-BPGeP-07KQO-c3ac29a2?tl=1&sa=lejta&erid=2VfnxxfmT7W&no_cookie... Page URL
  3. https://online.lenta.com/?utm_content=f3j3r&utm_term=14&utm_medium=CPA&utm_campaign=24&oid=gxxwwrft3&... Page URL

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

227 kB
Transfer

226 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lenfa.ru/ HTTP 307
    https://lenfa.ru/ HTTP 301
    https://whjre.com/v2/click-b2Ek9-BPGeP-07KQO-c3ac29a2?tl=1&sa=lejta&erid=2VfnxxfmT7W Page URL
  2. https://whjre.com/v2/click-b2Ek9-BPGeP-07KQO-c3ac29a2?tl=1&sa=lejta&erid=2VfnxxfmT7W&no_cookie=1&widht=1600&height=1200&timezone=600 Page URL
  3. https://online.lenta.com/?utm_content=f3j3r&utm_term=14&utm_medium=CPA&utm_campaign=24&oid=gxxwwrft3&wid=f3j3r&statid=14_aadZ23cBFaZypEh&sub=aadZ23cBFaZypEh&sub2=2qd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://lenfa.ru/ HTTP 307
  • https://lenfa.ru/ HTTP 301
  • https://whjre.com/v2/click-b2Ek9-BPGeP-07KQO-c3ac29a2?tl=1&sa=lejta&erid=2VfnxxfmT7W

6 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
click-b2Ek9-BPGeP-07KQO-c3ac29a2
whjre.com/v2/
Redirect Chain
  • http://lenfa.ru/
  • https://lenfa.ru/
  • https://whjre.com/v2/click-b2Ek9-BPGeP-07KQO-c3ac29a2?tl=1&sa=lejta&erid=2VfnxxfmT7W
2 KB
1 KB
Document
General
Full URL
https://whjre.com/v2/click-b2Ek9-BPGeP-07KQO-c3ac29a2?tl=1&sa=lejta&erid=2VfnxxfmT7W
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
189.1.173.100 São Paulo, Brazil, ASN262287 (Latitude.sh LTDA, BR),
Reverse DNS
Software
nginx /
Resource Hash
1c305e76b3d8a2911a0ec9f54a13bb6f06a2193a8eab95441c2e9128fa2f18a2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 07 Dec 2024 17:54:45 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx

Redirect headers

content-type
text/html; charset=UTF-8
date
Sat, 07 Dec 2024 17:54:44 GMT
location
https://whjre.com/v2/click-b2Ek9-BPGeP-07KQO-c3ac29a2?tl=1&sa=lejta&erid=2VfnxxfmT7W
server
nginx
x-powered-by
PHP/7.4.32
click-b2Ek9-BPGeP-07KQO-c3ac29a2
whjre.com/v2/
511 B
951 B
Document
General
Full URL
https://whjre.com/v2/click-b2Ek9-BPGeP-07KQO-c3ac29a2?tl=1&sa=lejta&erid=2VfnxxfmT7W&no_cookie=1&widht=1600&height=1200&timezone=600
Requested by
Host: whjre.com
URL: https://whjre.com/v2/click-b2Ek9-BPGeP-07KQO-c3ac29a2?tl=1&sa=lejta&erid=2VfnxxfmT7W
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
189.1.173.100 São Paulo, Brazil, ASN262287 (Latitude.sh LTDA, BR),
Reverse DNS
Software
nginx /
Resource Hash
450e6c11b24c4a1b8213c1907c245f550757375d858bc2b7befd28cb1c19dd0c

Request headers

Referer
https://whjre.com/v2/click-b2Ek9-BPGeP-07KQO-c3ac29a2?tl=1&sa=lejta&erid=2VfnxxfmT7W
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 07 Dec 2024 17:54:45 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
pragma
no-cache
server
nginx
Primary Request /
online.lenta.com/
265 B
657 B
Document
General
Full URL
https://online.lenta.com/?utm_content=f3j3r&utm_term=14&utm_medium=CPA&utm_campaign=24&oid=gxxwwrft3&wid=f3j3r&statid=14_aadZ23cBFaZypEh&sub=aadZ23cBFaZypEh&sub2=2qd
Requested by
Host: whjre.com
URL: https://whjre.com/v2/click-b2Ek9-BPGeP-07KQO-c3ac29a2?tl=1&sa=lejta&erid=2VfnxxfmT7W&no_cookie=1&widht=1600&height=1200&timezone=600
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.239.227 , Russian Federation, ASN51115 (HLL-AS HLL LLC, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
d345b3c04d0fcf410b83391892338e6c12b2e14bcfed019b1fb7aa43fedde5ed

Request headers

Referer
https://whjre.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
265
Content-Type
text/html
Date
Sat, 07 Dec 2024 17:54:45 GMT
Expires
0
Keep-Alive
timeout=15
Pragma
no-cache
Server
QRATOR
qauth.js
online.lenta.com/__qrator/
222 KB
223 KB
Script
General
Full URL
https://online.lenta.com/__qrator/qauth.js
Requested by
Host: online.lenta.com
URL: https://online.lenta.com/?utm_content=f3j3r&utm_term=14&utm_medium=CPA&utm_campaign=24&oid=gxxwwrft3&wid=f3j3r&statid=14_aadZ23cBFaZypEh&sub=aadZ23cBFaZypEh&sub2=2qd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.239.227 , Russian Federation, ASN51115 (HLL-AS HLL LLC, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
84e0067ff105357285ec4f2970fdd3ac06de46d9d02db5703a859fd5a686e859

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
no-cache, must-revalidate, max-age=0
ETag
"66b5071a-379bb"
Pragma
no-cache
Connection
keep-alive
Expires
0
Accept-Ranges
bytes
Content-Length
227771
Keep-Alive
timeout=15
Date
Sat, 07 Dec 2024 17:54:45 GMT
Content-Type
application/javascript
Last-Modified
Thu, 08 Aug 2024 17:57:46 GMT
Server
QRATOR
validate
online.lenta.com/__qrator/
0
228 B
XHR
General
Full URL
https://online.lenta.com/__qrator/validate?pow=174&nonce=1733594085.814.vVRRiWqLKSjL9XE9&qsessid=fbqun5p119k66q0kvca0g0klmndef917
Requested by
Host: online.lenta.com
URL: https://online.lenta.com/__qrator/qauth.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.239.227 , Russian Federation, ASN51115 (HLL-AS HLL LLC, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
keep-alive
Expires
0
Content-Length
0
Keep-Alive
timeout=15
Date
Sat, 07 Dec 2024 17:54:46 GMT
Server
QRATOR
403.html
online.lenta.com/qrerror/
1 KB
1 KB
XHR
General
Full URL
https://online.lenta.com/qrerror/403.html
Requested by
Host: online.lenta.com
URL: https://online.lenta.com/__qrator/qauth.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.239.227 , Russian Federation, ASN51115 (HLL-AS HLL LLC, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
ee2fe822772f57b4cfd9699771eedba3b126a037d46977f48b2c41ef294d9727

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length
1207
Keep-Alive
timeout=15
Date
Sat, 07 Dec 2024 17:54:47 GMT
Content-Type
text/html
Server
QRATOR
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| regeneratorRuntime function| setImmediate function| clearImmediate object| tests

9 Cookies

Domain/Path Name / Value
whjre.com/ Name: PHPSESSID
Value: b71c88666c285d77ed765b157727e649
.whjre.com/ Name: cnt
Value: 1c3de2ad7d9f746e45c5582e54a4ad50
whjre.com/ Name: skip_js_r
Value: 1
whjre.com/ Name: widht
Value: 1600
whjre.com/ Name: height
Value: 1200
whjre.com/ Name: timezone
Value: 600
whjre.com/ Name: init_referer
Value: NNNNIP38lbZNOj8kQpgVdXiYFjb1fHmXYHgHFFeAFp20GvgHAoUWY7V0GYV2GR42Gqs0QipjAqNAG3NXqqF2mKVlGqoBGZaBG9VmY9KCmxiIFveVml%2FK0eLbXFxbljZPNNNNNNNVvk8%3D
.whjre.com/ Name: pc
Value: %C3%2Bm%9C%DEHtI%AE%FAL%061%FElF%01%09
.lenta.com/ Name: qrator_jsr
Value: 1733594085.814.vVRRiWqLKSjL9XE9-fbqun5p119k66q0kvca0g0klmndef917-00

3 Console Messages

Source Level URL
Text
network error URL: https://online.lenta.com/?utm_content=f3j3r&utm_term=14&utm_medium=CPA&utm_campaign=24&oid=gxxwwrft3&wid=f3j3r&statid=14_aadZ23cBFaZypEh&sub=aadZ23cBFaZypEh&sub2=2qd
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
network error URL: https://online.lenta.com/__qrator/validate?pow=174&nonce=1733594085.814.vVRRiWqLKSjL9XE9&qsessid=fbqun5p119k66q0kvca0g0klmndef917
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://online.lenta.com/qrerror/403.html
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)