urlscan.io logo urlscan.io
SecurityTrails logo

redup.info Open in urlscan Pro
94.102.49.113  Public Scan

Go To Rescan Add Verdict Report
URL: http://redup.info/
Submission: On December 03 via manual from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 6 countries across 18 domains to perform 24 HTTP transactions. The main IP is 94.102.49.113, located in Seychelles and belongs to QUASINETWORKS, NL. The main domain is redup.info.
This is the only time redup.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 94.102.49.113 29073 (QUASINETW...)
1 2a00:1450:400... 15169 (GOOGLE)
2 108.161.189.121 54104 (AS-STACKPATH)
2 2400:cb00:204... 13335 (CLOUDFLAR...)
1 2400:cb00:204... 13335 (CLOUDFLAR...)
1 104.20.209.21 13335 (CLOUDFLAR...)
1 195.181.174.17 60068 (CDN77)
1 1 67.202.94.93 32748 (STEADFAST)
2 146.185.16.146 13213 (UK2NET-AS)
1 107.182.233.217 29854 (WESTHOST)
1 216.21.13.17 53334 (TUT-AS)
1 67.202.94.86 32748 (STEADFAST)
1 185.59.220.22 60068 (CDN77)
1 104.16.87.26 13335 (CLOUDFLAR...)
1 208.100.17.184 32748 (STEADFAST)
1 208.100.17.186 32748 (STEADFAST)
2 2 185.33.223.80 29990 (ASN-APPNEXUS)
1 54.229.169.32 16509 (AMAZON-02)
1 2 34.234.98.90 14618 (AMAZON-AES)
2 3 35.157.74.177 16509 (AMAZON-02)
3 3 172.217.21.194 15169 (GOOGLE)
3 3 216.52.1.12 30282 (AS-INAPCD...)
1 195.181.174.25 60068 (CDN77)
24 20
1    94.102.49.113 (Seychelles)

ASN29073 (QUASINETWORKS, NL)
PTR: cnlq.underhost.com
redup.info
1    2a00:1450:4001:81a::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
2    108.161.189.121 (Los Angeles, United States)

ASN54104 (AS-STACKPATH - netDNA, US)
maxcdn.bootstrapcdn.com
2    2400:cb00:2048:1::6818:762c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.popmyads.com
popmyads.com
1    2400:cb00:2048:1::6813:c166 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    104.20.209.21 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
pastebin.com
1    195.181.174.17 (United Kingdom)

ASN60068 (CDN77, GB)
PTR: frankfurt-10.cdn77.com
c1.popads.net
1    67.202.94.93 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us
whos.amung.us
2    146.185.16.146 (United Kingdom)

ASN13213 (UK2NET-AS, GB)
PTR: 92b91092.rdns.100tb.com
widgets.amung.us
1    107.182.233.217 (Providence, United States)

ASN29854 (WESTHOST - WestHost, Inc., US)
PTR: 6bb6e9d9.setaptr.net
t.dtscout.com
1    216.21.13.17 (United States)

ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US)
serve.popads.net
1    67.202.94.86 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us
whos.amung.us
1    185.59.220.22 (Frankfurt, Germany)

ASN60068 (CDN77, GB)
PTR: frankfurt-20.cdn77.com
c.adsco.re
1    104.16.87.26 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.tynt.com
1    208.100.17.184 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip184.208-100-17.static.steadfastdns.net
ic.tynt.com
1    208.100.17.186 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip186.208-100-17.static.steadfastdns.net
de.tynt.com
2    185.33.223.80 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
ib.adnxs.com
1    54.229.169.32 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-229-169-32.eu-west-1.compute.amazonaws.com
s.cpx.to
2    34.234.98.90 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-234-98-90.compute-1.amazonaws.com
idsync.rlcdn.com
3    35.157.74.177 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-74-177.eu-central-1.compute.amazonaws.com
ps.eyeota.net
3    172.217.21.194 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f194.1e100.net
cm.g.doubleclick.net
3    216.52.1.12 (United States)

ASN30282 (AS-INAPCDN-OCY - Internap Network Services Corporation, US)
loadus.exelator.com
loadm.exelator.com
1    195.181.174.25 (United Kingdom)

ASN60068 (CDN77, GB)
PTR: frankfurt-20.cdn77.com
load77.exelator.com
Domain Requested by
3 cm.g.doubleclick.net 3 redirects
3 ps.eyeota.net 2 redirects
2 loadus.exelator.com 2 redirects
2 idsync.rlcdn.com 1 redirects
2 ib.adnxs.com 2 redirects
2 widgets.amung.us redup.info
2 whos.amung.us 1 redirects widgets.amung.us
2 maxcdn.bootstrapcdn.com redup.info
1 load77.exelator.com
1 loadm.exelator.com 1 redirects
1 s.cpx.to
1 de.tynt.com cdn.tynt.com
1 ic.tynt.com redup.info
1 cdn.tynt.com widgets.amung.us
1 c.adsco.re serve.popads.net
1 serve.popads.net c1.popads.net
1 t.dtscout.com widgets.amung.us
t.dtscout.com
1 popmyads.com redup.info
1 c1.popads.net redup.info
1 pastebin.com redup.info
1 cdnjs.cloudflare.com redup.info
1 cdn.popmyads.com redup.info
1 ajax.googleapis.com redup.info
1 redup.info
0 tags.bluekai.com Failed
24 25

This site contains links to these domains. Also see Links.

Domain
redstream.tv
Subject Issuer Validity Valid
*.googleapis.com
Google Internet Authority G2		 2017-11-16 -
2018-02-08		 3 months crt.sh
*.bootstrapcdn.com
COMODO RSA Domain Validation Secure Server CA		 2017-10-03 -
2018-10-13		 a year crt.sh
sni101728.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2017-12-02 -
2018-06-10		 6 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2017-11-04 -
2018-05-13		 6 months crt.sh
ssl509085.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2017-11-17 -
2018-05-26		 6 months crt.sh
whos.amung.us
GeoTrust EV SSL CA - G4		 2017-07-19 -
2018-05-22		 10 months crt.sh

This page contains 3 frames:

Primary Page: http://redup.info/
Frame ID: 25227.1
Requests: 23 HTTP requests in this frame

Frame: http://t.dtscout.com/idg/
Frame ID: 25227.3
Requests: 1 HTTP requests in this frame

Frame: http://tags.bluekai.com/site/27519?dt=0&r=285234522&sig=2865682424&bkca=KJpnEnaNpQlN2UcnpdSG0F41uy2t56ow2cJ1PpPt9uvNG+xutT0ulO0NGLuXkwhzV6BEx0BMxpBpRyBMx019qSAuy9==
Frame ID: 25227.4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
  • script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

24
Requests

33 %
HTTPS

13 %
IPv6

18
Domains

25
Subdomains

20
IPs

6
Countries

155 kB
Transfer

451 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://whos.amung.us/swidget/poploco38301.png HTTP 307
  • https://widgets.amung.us/small/02/208.png
Request Chain 19
  • http://ib.adnxs.com/getuid?http%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3D%26pid%3D11254%26adnxs_uid%3D%24UID HTTP 302
  • http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%253A%252F%252Fs.cpx.to%252Fca.png%253Fref%253D%2526pid%253D11254%2526adnxs_uid%253D%2524UID HTTP 302
  • http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=4377510014858992102
Request Chain 20
  • http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMLFokHzoIngSGBgaJAg%3D%3D HTTP 302
  • http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMLFokHzoIngSGBgaJAg%3D%3D&redirect=1
Request Chain 21
  • http://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=Sports&random=1512316730312 HTTP 302
  • http://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=Sports&random=1512316730312 HTTP 302
  • http://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&bid=gdo9o51&newuser=1 HTTP 302
  • http://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&bid=gdo9o51&newuser=1&google_tc= HTTP 302
  • http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEAI_J3IVbmYfS3j-REnsNNQ&google_cver=1
Request Chain 22
  • http://loadus.exelator.com/load/?j=0&p=409&g=600&buid2=CmUMLFokHzoIngSGBgaJAg%3D%3D&random=1512316730312 HTTP 302
  • http://loadus.exelator.com/load/?j=0&p=409&g=600&buid2=CmUMLFokHzoIngSGBgaJAg%3D%3D&random=1512316730312&xl8blockcheck=1 HTTP 302
  • http://cm.g.doubleclick.net/pixel?google_nid=exelate&google_cm&google_sc HTTP 302
  • http://loadm.exelator.com/load/?p=204&g=001&bi=&j=0&google_gid=CAESEGwZvIx4e4npHboklPiRpK8&google_cver=1 HTTP 302
  • http://load77.exelator.com/pixel.gif
Request Chain 23
  • http://tags.bluekai.com/site/27519?id=CmUMLFokHzoIngSGBgaJAg%3D%3D&ret=html&random=1512316730312 HTTP 302
  • http://tags.bluekai.com/site/27519?dt=0&r=285234522&sig=2865682424&bkca=KJpnEnaNpQlN2UcnpdSG0F41uy2t56ow2cJ1PpPt9uvNG+xutT0ulO0NGLuXkwhzV6BEx0BMxpBpRyBMx019qSAuy9==

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
redup.info/ 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://redup.info/
Protocol
HTTP/1.1
Server
94.102.49.113 , Seychelles, ASN29073 (QUASINETWORKS, NL),
Reverse DNS
cnlq.underhost.com
Software
Apache /
Resource Hash
1c89541ec18033175a5b634209170b7dedb03a4541a4d760bc52b1e484ef9fcb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
redup.info
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 03 Dec 2017 15:58:45 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: redup.info
URL: http://redup.info/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/ajax/libs/jquery/3.2.1/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ajax.googleapis.com
referer
http://redup.info/
:scheme
https
:method
GET
Referer
http://redup.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 16 Nov 2017 18:45:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1458780
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
30306
x-xss-protection
1; mode=block
last-modified
Fri, 24 Mar 2017 20:55:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Nov 2018 18:45:49 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: redup.info
URL: http://redup.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.189.121 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
maxcdn.bootstrapcdn.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://redup.info/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://redup.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 03 Dec 2017 15:58:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Jul 2016 16:08:01 GMT
Server
NetDNA-cache/2.2
Connection
keep-alive
ETag
W/"ec3bb52a00e176a7181d454dffaea219"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31104000
Transfer-Encoding
chunked
X-Hello-Human
Say hello back! @getBootstrapCDN on Twitter
Expires
Wed, 28 Nov 2018 15:58:49 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: redup.info
URL: http://redup.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.189.121 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
maxcdn.bootstrapcdn.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://redup.info/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://redup.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 03 Dec 2017 15:58:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Jul 2016 16:08:02 GMT
Server
NetDNA-cache/2.2
Connection
keep-alive
ETag
W/"5869c96cc8f19086aee625d670d741f9"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31104000
Transfer-Encoding
chunked
X-Hello-Human
Say hello back! @getBootstrapCDN on Twitter
Expires
Wed, 28 Nov 2018 15:58:49 GMT
pma.js
cdn.popmyads.com/ 		74 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.popmyads.com/pma.js
Requested by
Host: redup.info
URL: http://redup.info/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:762c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
0272b99b353efa89211218d69a85b03f161645f5e506f0ac67888da6a239554d

Request headers

:path
/pma.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
cdn.popmyads.com
referer
http://redup.info/
:scheme
https
:method
GET
Referer
http://redup.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 03 Dec 2017 15:58:49 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 06 Nov 2017 15:39:44 GMT
server
cloudflare-nginx
etag
W/"14000c1-1290d-55d5243773320"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
set-cookie
__cfduid=dc0239f6c221446847c83c7f9d3564a9b1512316729; expires=Mon, 03-Dec-18 15:58:49 GMT; path=/; domain=.popmyads.com; HttpOnly
cf-ray
3c77bac67bb0973e-FRA
expires
Sun, 03 Dec 2017 19:58:49 GMT
it.svg
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/2.8.0/flags/4x3/ 		317 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/2.8.0/flags/4x3/it.svg
Requested by
Host: redup.info
URL: http://redup.info/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c166 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
adcd8604d60b39dd95372b5c51ba03f7a1cd6e0d1100fde9c487f2b6fab1887a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

:path
/ajax/libs/flag-icon-css/2.8.0/flags/4x3/it.svg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdnjs.cloudflare.com
referer
http://redup.info/
:scheme
https
:method
GET
Referer
http://redup.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 03 Dec 2017 15:58:49 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 03 Jan 2017 13:02:01 GMT
server
cloudflare-nginx
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=30672000
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
3c77bac67cc964e1-FRA
expires
Fri, 23 Nov 2018 15:58:49 GMT
aNRxMTcX
pastebin.com/raw/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastebin.com/raw/aNRxMTcX
Requested by
Host: redup.info
URL: http://redup.info/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.209.21 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
c3bd08089da41597d16007f67a47228b17351ad95f6d6ee8c862d9950ca3b533
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/raw/aNRxMTcX
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pastebin.com
referer
http://redup.info/
:scheme
https
:method
GET
Referer
http://redup.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Sun, 03 Dec 2017 15:58:49 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
server
cloudflare-nginx
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
status
200
cache-control
public, max-age=1801
set-cookie
__cfduid=d1ff7f21deae145e454b4433f9bf9f1d11512316729; expires=Mon, 03-Dec-18 15:58:49 GMT; path=/; domain=.pastebin.com; HttpOnly
cf-ray
3c77bac6bc98648d-FRA
x-xss-protection
1; mode=block
expires
Sun, 03 Dec 2017 16:28:50 GMT
pop.js
c1.popads.net/ 		70 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c1.popads.net/pop.js
Requested by
Host: redup.info
URL: http://redup.info/
Protocol
HTTP/1.1
Server
195.181.174.17 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-10.cdn77.com
Software
CDN77-Turbo /
Resource Hash
58424adc998ec9b8f1b135ddc422e337b3d41ee6616784751d6e9d6d3e442feb

Request headers

Pragma
no-cache
Origin
http://redup.info
Accept-Encoding
gzip, deflate
Host
c1.popads.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://redup.info/
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
http://redup.info/
Origin
http://redup.info

Response headers

Date
Sun, 03 Dec 2017 15:58:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Nov 2017 23:00:02 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
W/"59fcf4f2-11628"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
X-Edge-IP
195.181.174.10
Connection
keep-alive
X-Age
332851
Expires
Wed, 15 Nov 2017 19:31:15 GMT
208.png
widgets.amung.us/small/02/
Redirect Chain
  • https://whos.amung.us/swidget/poploco38301.png
  • https://widgets.amung.us/small/02/208.png
328 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/small/02/208.png
Requested by
Host: redup.info
URL: http://redup.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.16.146 , United Kingdom, ASN13213 (UK2NET-AS, GB),
Reverse DNS
92b91092.rdns.100tb.com
Software
nginx/1.9.6 /
Resource Hash
2282e673ecc647a2d5a72a77b80e0a97616fa567cca7ed635a635574f5b8238d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
widgets.amung.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://redup.info/
Cookie
uid=CgH9H1okHzk8YykDVC3HAg==
Connection
keep-alive
Cache-Control
no-cache
Referer
http://redup.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 03 Dec 2017 15:58:49 GMT
Last-Modified
Sun, 13 Jun 2010 09:48:29 GMT
Server
nginx/1.9.6
ETag
"4c14a96d-148"
Content-Type
image/png
Cache-Control
max-age=86400 private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
328
Expires
Mon, 04 Dec 2017 15:58:49 GMT

Redirect headers

Location
https://widgets.amung.us/small/02/208.png
Date
Sun, 03 Dec 2017 15:58:49 GMT
Cache-Control
no-cache, no-store, must-revalidate private
Set-Cookie
uid=CgH9H1okHzk8YykDVC3HAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.amung.us; path=/
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
adtracking_user.php
popmyads.com/bot/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popmyads.com/bot/adtracking_user.php
Requested by
Host: redup.info
URL: http://redup.info/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:762c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx / PHP/7.1.4
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/bot/adtracking_user.php
pragma
no-cache
cookie
__cfduid=dc0239f6c221446847c83c7f9d3564a9b1512316729
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
popmyads.com
referer
http://redup.info/
:scheme
https
:method
GET
Referer
http://redup.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

status
200
date
Sun, 03 Dec 2017 15:58:49 GMT
content-encoding
gzip
server
cloudflare-nginx
cf-ray
3c77bac70c2e973e-FRA
x-powered-by
PHP/7.1.4
content-type
text/html; charset=UTF-8
small.js
widgets.amung.us/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://widgets.amung.us/small.js
Requested by
Host: redup.info
URL: http://redup.info/
Protocol
HTTP/1.1
Server
146.185.16.146 , United Kingdom, ASN13213 (UK2NET-AS, GB),
Reverse DNS
92b91092.rdns.100tb.com
Software
nginx/1.9.6 /
Resource Hash
6d09203f29ccbb6f8ce2358049f0e8ef248a9dcb1c3ea5e95d8bb46cb27edbdd

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
widgets.amung.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://redup.info/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://redup.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 03 Dec 2017 15:58:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Nov 2017 20:49:59 GMT
Server
nginx/1.9.6
ETag
W/"5a1885f7-14b3"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=60 private
Connection
keep-alive
Expires
Sun, 03 Dec 2017 15:59:49 GMT
Cookie set /
t.dtscout.com/i/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://t.dtscout.com/i/?l=http%3A%2F%2Fredup.info%2F&j=
Requested by
Host: widgets.amung.us
URL: http://widgets.amung.us/small.js
Protocol
HTTP/1.1
Server
107.182.233.217 Providence, United States, ASN29854 (WESTHOST - WestHost, Inc., US),
Reverse DNS
6bb6e9d9.setaptr.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
fd59221be4565455898299ead9847f328528b5448eae372980995b05b37a2cb0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
t.dtscout.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://redup.info/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://redup.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 03 Dec 2017 15:58:49 GMT
Server
nginx/1.10.3 (Ubuntu)
X-Z
I
Transfer-Encoding
chunked
Content-Type
application/javascript
Set-Cookie
m=1; expires=Sun, 03-Dec-2017 16:28:49 GMT; Max-Age=1800; path=/; domain=dtscout.com b=1; expires=Sun, 03-Dec-2017 23:58:49 GMT; Max-Age=28800; path=/; domain=dtscout.com ey=1; expires=Sun, 03-Dec-2017 19:58:49 GMT; Max-Age=14400; path=/; domain=dtscout.com ah=1; expires=Mon, 04-Dec-2017 15:58:49 GMT; Max-Age=86400; path=/; domain=dtscout.com df=1512316729; expires=Tue, 03-Dec-2019 15:58:49 GMT; Max-Age=63072000; path=/; domain=dtscout.com d=null; expires=Fri, 02-Dec-2022 15:58:49 GMT; Max-Age=157680000; path=/; domain=dtscout.com l=a7bp2VokHzlTd2vJ/MTvAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.dtscout.com; path=/
Cache-Control
no-cache
Connection
close
Expires
Sun, 03 Dec 2017 15:58:48 GMT
Cookie set c
serve.popads.net/ 		233 B
233 B 		Script
General
Check archive.org
Download Go to
Full URL
http://serve.popads.net/c?r=1512316729&v=3&siteId=2086883&minBid=&popundersPerIP=&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200
Requested by
Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol
HTTP/1.1
Server
216.21.13.17 , United States, ASN53334 (TUT-AS - Total Uptime Technologies, LLC, US),
Reverse DNS
Software
/
Resource Hash
0a8f50562f6e14d06f3302133ee7baa75514b7193485f3ef76a40b26c56283ee

Request headers

Pragma
no-cache
Origin
http://redup.info
Accept-Encoding
gzip, deflate
Host
serve.popads.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://redup.info/
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
http://redup.info/
Origin
http://redup.info

Response headers

Pragma
no-cache
Date
Sun, 03 Dec 2017 15:58:49 GMT
Access-Control-Allow-Origin
*
Content-Type
text/javascript;charset=UTF-8
PopAds-EC
GIID
Set-Cookie
PP_CV=yes; expires=Sun, 03-Dec-2017 16:58:49 GMT; Max-Age=3600 fraudcheck=e8f67cb0c7950b7f21bce9a17333725b; expires=Tue, 02-Jan-2018 15:58:49 GMT; Max-Age=2592000; path=/; domain=.popads.net
Cache-Control
private, no-store, no-cache, must-revalidate, no-transform, max-age=0
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
233
Cookie set /
whos.amung.us/pingjs/ 		32 B
63 B 		Script
General
Check archive.org
Download Go to
Full URL
http://whos.amung.us/pingjs/?k=y558mrsja4oz&t=redUP&c=s&y=&a=0&d=0.369&v=22
Requested by
Host: widgets.amung.us
URL: http://widgets.amung.us/small.js
Protocol
HTTP/1.1
Server
67.202.94.86 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
amung.us
Software
/
Resource Hash
bded50b5275a5c4694ffff6c64d89072bf2f1914fcf5c02ca09bccd7010c2206

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
whos.amung.us
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://redup.info/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://redup.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 03 Dec 2017 15:58:49 GMT
Cache-Control
private
Set-Cookie
uid=CgH9IlokHzky0X8XGMbtAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.amung.us; path=/
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
close
Content-Type
text/javascript;charset=UTF-8
/
c.adsco.re/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c.adsco.re/
Requested by
Host: serve.popads.net
URL: http://serve.popads.net/c?r=1512316729&v=3&siteId=2086883&minBid=&popundersPerIP=&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200
Protocol
HTTP/1.1
Server
185.59.220.22 Frankfurt, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
d7d06aa615f09bf5bd22082d7e4f5ed0874a3416a9c01eb67b78d6611abc2605

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
c.adsco.re
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://redup.info/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://redup.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 03 Dec 2017 15:58:49 GMT
Content-Encoding
gzip
Last-Modified
Sat, 02 Dec 2017 15:57:34 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
W/"6e56-5a22cd6e-e292dcec238535cc;;;"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/x-javascript
Cache-Control
public, max-age=604800
X-Edge-IP
185.59.220.20
Connection
keep-alive
X-Age
86462
Expires
Sat, 09 Dec 2017 15:57:47 GMT
/
t.dtscout.com/idg/ Frame 2522 		0
0
Cookie set tc.js
cdn.tynt.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.tynt.com/tc.js
Requested by
Host: widgets.amung.us
URL: http://widgets.amung.us/small.js
Protocol
HTTP/1.1
Server
104.16.87.26 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
718fcbfdbe6ea3baf0548d9d8fce036292ea37d8b0fc0cf894826ed349a4ecc1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cdn.tynt.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://redup.info/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://redup.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 03 Dec 2017 15:58:49 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 03 Nov 2017 18:23:47 GMT
Server
cloudflare-nginx
ETag
W/"59fcb433-3ddc"
Vary
Accept-Encoding
Content-Type
application/javascript
Set-Cookie
__cfduid=dbf500d048f69d0011ee3e8ec3d65a9971512316729; expires=Mon, 03-Dec-18 15:58:49 GMT; path=/; domain=.tynt.com; HttpOnly
Cache-Control
public, max-age=259200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
3c77bac9a62197f8-FRA
Expires
Wed, 06 Dec 2017 15:58:49 GMT
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/gif
Cookie set p
ic.tynt.com/b/ 		35 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ic.tynt.com/b/p?id=w!y558mrsja4oz&lm=0&ts=1512316729873&dn=TC&iso=0&t=redUP
Requested by
Host: redup.info
URL: http://redup.info/
Protocol
HTTP/1.1
Server
208.100.17.184 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip184.208-100-17.static.steadfastdns.net
Software
nginx/1.10.3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ic.tynt.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://redup.info/
Cookie
__cfduid=dbf500d048f69d0011ee3e8ec3d65a9971512316729
Connection
keep-alive
Cache-Control
no-cache
Referer
http://redup.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 03 Dec 2017 15:58:50 GMT
Last-Modified
Fri, 16 Apr 2010 15:38:20 GMT
Server
nginx/1.10.3
ETag
"4bc8846c-23"
Connection
close
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Cache-Control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
Set-Cookie
uid=CmUMLFokHzoIngSGBgaJAg==; expires=Mon, 03-Dec-18 15:58:50 GMT; domain=tynt.com; path=/
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
35
Expires
"Sat, 26 Jul 1997 05:00:00 GMT"
Cookie set v2
de.tynt.com/deb/ 		895 B
895 B 		Script
General
Check archive.org
Download Go to
Full URL
http://de.tynt.com/deb/v2?id=w!y558mrsja4oz&dn=TC&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: http://cdn.tynt.com/tc.js
Protocol
HTTP/1.1
Server
208.100.17.186 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
a54d1242f91b7289512bfd3a1ea2f067c36f37ba9b20f3812d5152f15b6b91be

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
de.tynt.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://redup.info/
Cookie
__cfduid=dbf500d048f69d0011ee3e8ec3d65a9971512316729; uid=CmUMLFokHzoIngSGBgaJAg==
Connection
keep-alive
Cache-Control
no-cache
Referer
http://redup.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 03 Dec 2017 15:58:49 GMT
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Set-Cookie
pids=%5B%7B%22p%22%3A%22c765f4c2e2%22%2C%22f%22%3A1%2C%22ts%22%3A1512316730312%7D%2C%7B%22p%22%3A%22700df83834%22%2C%22f%22%3A1%2C%22ts%22%3A1512316730312%7D%2C%7B%22p%22%3A%22af48439725%22%2C%22f%22%3A1%2C%22ts%22%3A1512316730312%7D%2C%7B%22p%22%3A%22410719e95b%22%2C%22f%22%3A1%2C%22ts%22%3A1512316730312%7D%2C%7B%22p%22%3A%22b14f8674ce%22%2C%22f%22%3A1%2C%22ts%22%3A1512316730312%7D%5D;Version=1;Max-Age=7776000
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
Connection
close
Content-Type
application/javascript
Content-Length
895
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cookie set ca.png
s.cpx.to/
Redirect Chain
  • http://ib.adnxs.com/getuid?http%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3D%26pid%3D11254%26adnxs_uid%3D%24UID
  • http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%253A%252F%252Fs.cpx.to%252Fca.png%253Fref%253D%2526pid%253D11254%2526adnxs_uid%253D%2524UID
  • http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=4377510014858992102
95 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=4377510014858992102
Protocol
HTTP/1.1
Server
54.229.169.32 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-169-32.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s.cpx.to
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://redup.info/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://redup.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Dec 2017 15:58:50 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Set-Cookie
cpSess=f60e6fb789ad430ea1d8871b451607a4; Expires=Mon, 03 Dec 2018 15:58:50 GMT; Domain=.cpx.to; Path=/; HttpOnly
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Sun, 03 Dec 2017 15:58:50 GMT

Redirect headers

Date
Sun, 03 Dec 2017 15:58:52 GMT
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 251.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.200:80
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
eb07d67b-909d-4f99-9597-f6ae2dede911
Server
nginx/1.13.4
Location
http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=4377510014858992102
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Set-Cookie
sess=1; Path=/; Max-Age=86400; Expires=Mon, 04-Dec-2017 15:58:52 GMT; Domain=.adnxs.com; HttpOnly uuid2=4377510014858992102; Path=/; Max-Age=7776000; Expires=Sat, 03-Mar-2018 15:58:52 GMT; Domain=.adnxs.com; HttpOnly
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set 405716.gif
idsync.rlcdn.com/
Redirect Chain
  • http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMLFokHzoIngSGBgaJAg%3D%3D
  • http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMLFokHzoIngSGBgaJAg%3D%3D&redirect=1
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMLFokHzoIngSGBgaJAg%3D%3D&redirect=1
Protocol
HTTP/1.1
Server
34.234.98.90 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-234-98-90.compute-1.amazonaws.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
idsync.rlcdn.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://redup.info/
Cookie
ck1=ck1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://redup.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store
Set-Cookie
rlas3=vJjj9arhYKUlaJuCz4xKRimmSpbNzywbgJPqsPS2Xs2MyA9jEACu5w==;Domain=.rlcdn.com;Expires=Fri, 01-Jun-2018 15:58:48 GMT rtn1-z=IaPVs8VHz+Q7baiX69VNWHsca00W+BhdmoZ1wHwyYec=;Domain=.rlcdn.com;Expires=Fri, 01-Jun-2018 15:58:48 GMT
P3P
CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Content-Length
43
Connection
keep-alive
Content-Type
image/gif; charset=ISO-8859-1

Redirect headers

P3P
CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Location
http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMLFokHzoIngSGBgaJAg%3D%3D&redirect=1
Set-Cookie
ck1=ck1;Domain=.rlcdn.com;Expires=Fri, 01-Jun-2018 15:58:49 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Type
image/gif; charset=ISO-8859-1
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ps.eyeota.net/
Redirect Chain
  • http://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=Sports&random=1512316730312
  • http://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=Sports&random=1512316730312
  • http://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&bid=gdo9o51&newuser=1
  • http://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&bid=gdo9o51&newuser=1&google_tc=
  • http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEAI_J3IVbmYfS3j-REnsNNQ&google_cver=1
70 B
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEAI_J3IVbmYfS3j-REnsNNQ&google_cver=1
Protocol
HTTP/1.1
Server
35.157.74.177 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-157-74-177.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ps.eyeota.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://redup.info/
Cookie
mako_uid=1601d19fc0f-18ce0000010f18b8
Connection
keep-alive
Cache-Control
no-cache
Referer
http://redup.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 03 Dec 2017 15:58:50 GMT
Content-Length
70
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 03 Dec 2017 15:58:50 GMT
Server
HTTP server (unknown)
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location
http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEAI_J3IVbmYfS3j-REnsNNQ&google_cver=1
Cache-Control
no-cache, must-revalidate
Set-Cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUnhEH7GSEsroGr5iMnEkCL0F6zxo_EJ4ai-7JVp8FQlFMS6DX0XCw; expires=Fri, 28-Dec-2018 15:58:50 GMT; path=/; domain=.doubleclick.net; HttpOnly
Content-Type
text/html; charset=UTF-8
Content-Length
310
X-XSS-Protection
1; mode=block
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
load77.exelator.com/
Redirect Chain
  • http://loadus.exelator.com/load/?j=0&p=409&g=600&buid2=CmUMLFokHzoIngSGBgaJAg%3D%3D&random=1512316730312
  • http://loadus.exelator.com/load/?j=0&p=409&g=600&buid2=CmUMLFokHzoIngSGBgaJAg%3D%3D&random=1512316730312&xl8blockcheck=1
  • http://cm.g.doubleclick.net/pixel?google_nid=exelate&google_cm&google_sc
  • http://loadm.exelator.com/load/?p=204&g=001&bi=&j=0&google_gid=CAESEGwZvIx4e4npHboklPiRpK8&google_cver=1
  • http://load77.exelator.com/pixel.gif
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://load77.exelator.com/pixel.gif
Protocol
HTTP/1.1
Server
195.181.174.25 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
load77.exelator.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://redup.info/
Cookie
EE="3a0641e6703645d84f2c1fd1f2468961"; ud="eJxrXxzq6XKLQcE40cDMxDDVzNzA2MzENMXCJM0o2TAtxTDNyMTMwtLMcHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yMxwSX5RZvoiF9fFRSlpDItKik8Fb%252BDrBQA78yjy"
Connection
keep-alive
Cache-Control
no-cache
Referer
http://redup.info/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 03 Dec 2017 15:58:50 GMT
Last-Modified
Wed, 25 Oct 2017 17:03:56 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
"59f0c3fc-2b"
X-Cache
HIT
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-Edge-IP
195.181.174.20
Connection
keep-alive
Accept-Ranges
bytes
X-Age
689690
Content-Length
43

Redirect headers

Date
Sun, 03 Dec 2017 15:58:50 GMT
Server
nginx/1.12.2
X-Powered-By
Undertow/1
P3P
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
Location
http://load77.exelator.com/pixel.gif
Set-Cookie
EE="3a0641e6703645d84f2c1fd1f2468961"; Domain=.exelator.com; Path=/; Max-Age=10368000; Expires=Mon, 02-Apr-2018 03:58:50 GMT; ud="eJxrXxzq6XKLQcE40cDMxDDVzNzA2MzENMXCJM0o2TAtxTDNyMTMwtLMcHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yMxwSX5RZvoiF9fFRSlpDItKik8Fb%252BDrBQA78yjy"; Domain=.exelator.com; Path=/; Max-Age=10368000; Expires=Mon, 02-Apr-2018 03:58:50 GMT;
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
27519
tags.bluekai.com/site/ Frame 2522
Redirect Chain
  • http://tags.bluekai.com/site/27519?id=CmUMLFokHzoIngSGBgaJAg%3D%3D&ret=html&random=1512316730312
  • http://tags.bluekai.com/site/27519?dt=0&r=285234522&sig=2865682424&bkca=KJpnEnaNpQlN2UcnpdSG0F41uy2t56ow2cJ1PpPt9uvNG+xutT0ulO0NGLuXkwhzV6BEx0BMxpBpRyBMx019qSAuy9==
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.dtscout.com
URL
http://t.dtscout.com/idg/
Domain
tags.bluekai.com
URL
http://tags.bluekai.com/site/27519?dt=0&r=285234522&sig=2865682424&bkca=KJpnEnaNpQlN2UcnpdSG0F41uy2t56ow2cJ1PpPt9uvNG+xutT0ulO0NGLuXkwhzV6BEx0BMxpBpRyBMx019qSAuy9==

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| _pop string| pmauid string| pmawid string| fq function| H1UU object| _2ua function| A7tt object| s object| elem object| Base64 string| hash string| siteurl string| url number| fqq boolean| pmapoptype function| treatDataForUrl function| genn function| getBrowserNo function| dec2hex function| setCharAt number| W7 number| k7 function| generateId number| U7 number| z7 number| M7 number| L7 number| b7 number| Y7 number| y7 number| F7 string| popns object| PMAPOP number| realBrowser object| _wau function| T8CC object| leca object| BJPPopAds object| detectZoom object| PopAds object| _pao object| WAU_ren function| WAU_small function| WAU_r_s function| WAU_cps function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas object| mnr function| AdscoreInit object| a object| cv object| x string| x1 string| x2 object| Tynt object| _33Across

7 Cookies

Domain/Path Name / Value
.dtscout.com/ Name: d
Value: null
.dtscout.com/ Name: df
Value: 1512316729
.dtscout.com/ Name: l
Value: a7bp2VokHzlTd2vJ/MTvAg==
.dtscout.com/ Name: ah
Value: 1
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: ey
Value: 1
.dtscout.com/ Name: b
Value: 1

1 Console Messages

Source Level URL
Text
console-api warning URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js(Line 2)
Message:
jQuery.Deferred exception: $(...).hoverIntent is not a function

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
c.adsco.re
c1.popads.net
cdn.popmyads.com
cdn.tynt.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
de.tynt.com
ib.adnxs.com
ic.tynt.com
idsync.rlcdn.com
load77.exelator.com
loadm.exelator.com
loadus.exelator.com
maxcdn.bootstrapcdn.com
pastebin.com
popmyads.com
ps.eyeota.net
redup.info
s.cpx.to
serve.popads.net
t.dtscout.com
tags.bluekai.com
whos.amung.us
widgets.amung.us
t.dtscout.com
tags.bluekai.com
104.16.87.26
104.20.209.21
107.182.233.217
108.161.189.121
146.185.16.146
172.217.21.194
185.33.223.80
185.59.220.22
195.181.174.17
195.181.174.25
208.100.17.184
208.100.17.186
216.21.13.17
216.52.1.12
2400:cb00:2048:1::6813:c166
2400:cb00:2048:1::6818:762c
2a00:1450:4001:81a::200a
34.234.98.90
35.157.74.177
54.229.169.32
67.202.94.86
67.202.94.93
94.102.49.113
0272b99b353efa89211218d69a85b03f161645f5e506f0ac67888da6a239554d
0a8f50562f6e14d06f3302133ee7baa75514b7193485f3ef76a40b26c56283ee
1c89541ec18033175a5b634209170b7dedb03a4541a4d760bc52b1e484ef9fcb
2282e673ecc647a2d5a72a77b80e0a97616fa567cca7ed635a635574f5b8238d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
58424adc998ec9b8f1b135ddc422e337b3d41ee6616784751d6e9d6d3e442feb
6d09203f29ccbb6f8ce2358049f0e8ef248a9dcb1c3ea5e95d8bb46cb27edbdd
718fcbfdbe6ea3baf0548d9d8fce036292ea37d8b0fc0cf894826ed349a4ecc1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
a54d1242f91b7289512bfd3a1ea2f067c36f37ba9b20f3812d5152f15b6b91be
adcd8604d60b39dd95372b5c51ba03f7a1cd6e0d1100fde9c487f2b6fab1887a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
bded50b5275a5c4694ffff6c64d89072bf2f1914fcf5c02ca09bccd7010c2206
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c3bd08089da41597d16007f67a47228b17351ad95f6d6ee8c862d9950ca3b533
d7d06aa615f09bf5bd22082d7e4f5ed0874a3416a9c01eb67b78d6611abc2605
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fd59221be4565455898299ead9847f328528b5448eae372980995b05b37a2cb0