track.medium-connection.run Open in urlscan Pro
2606:4700:3030::6815:2563 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://track.medium-connection.run/campaigns/pj03288npxb03/track-url/vw807ho4jr9f7/a8e1dfc5d73f22bc240d1a4b9b7c5405a923ae3a
Effective URL:
http://track.medium-connection.run/campaigns/pj03288npxb03/web-version/vw807ho4jr9f7
Submission: On January 31 via manual (January 31st 2024, 9:38:25 am UTC) from SG — Scanned from SG

Summary HTTP 15 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3030::6815:2563, located in United States and belongs to CLOUDFLARENET, US. The main domain is track.medium-connection.run.

This is the only time track.medium-connection.run was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3030::ac43:cf11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::6815:2563	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	148.251.92.100 148.251.92.100	24940 (HETZNER-AS) (HETZNER-AS)
1	2404:6800:400... 2404:6800:4003:c1a::5f	15169 (GOOGLE) (GOOGLE)
10	108.156.133.27 108.156.133.27	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4003:c00::5e	15169 (GOOGLE) (GOOGLE)
15	5

1 2606:4700:3030::ac43:cf11 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

track.medium-connection.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:2563 (United States)

ASN13335 (CLOUDFLARENET, US)

track.medium-connection.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.92.100 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.100.92.251.148.clients.your-server.de

newvis.ideepourpro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1a::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 108.156.133.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-133-27.sin2.r.cloudfront.net

vht.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c00::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	tradedoubler.com vht.tradedoubler.com — Cisco Umbrella Rank: 113489	122 KB
2	gstatic.com fonts.gstatic.com	16 KB
2	medium-connection.run 1 redirects track.medium-connection.run	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	902 B
1	ideepourpro.com newvis.ideepourpro.com	259 B
15	5

	Domain	Requested by
10	vht.tradedoubler.com	track.medium-connection.run
2	fonts.gstatic.com	fonts.googleapis.com
2	track.medium-connection.run	1 redirects
1	fonts.googleapis.com	track.medium-connection.run
1	newvis.ideepourpro.com	track.medium-connection.run
15	5

This site contains links to these domains. Also see Links.

Domain
newvis.ideepourpro.com

Subject Issuer	Validity	Valid
newvis.ideepourpro.com R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.tradedoubler.com Amazon RSA 2048 M02	`2023-11-14` - `2024-12-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://track.medium-connection.run/campaigns/pj03288npxb03/web-version/vw807ho4jr9f7
Frame ID: 55F6D7B2ED13D71005A39086B08B44C3
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page URL History Show full URLs

https://track.medium-connection.run/campaigns/pj03288npxb03/track-url/vw807ho4jr9f7/a8e1dfc5d73f22bc240d1a4b9b7c... HTTP 301
http://track.medium-connection.run/campaigns/pj03288npxb03/web-version/vw807ho4jr9f7 Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

93 %
HTTPS

67 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

143 kB
Transfer

170 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://newvis.ideepourpro.com/campaigns/pj03288npxb03/track-url/vw807ho4jr9f7/a8e1dfc5d73f22bc240d1a4b9b7c5405a923ae3a
Title: Visualiser la version en ligne

Search URL Search Domain Scan URL

URL: https://newvis.ideepourpro.com/campaigns/pj03288npxb03/track-url/vw807ho4jr9f7/4a73c386591200f095b99e4966886485f6a617ef
Title: Klik hier

Search URL Search Domain Scan URL

URL: https://newvis.ideepourpro.com/campaigns/pj03288npxb03/track-url/vw807ho4jr9f7/8dfbef5168e299c9bfdefe490ee10129e237f12a

Search URL Search Domain Scan URL

URL: https://newvis.ideepourpro.com/campaigns/pj03288npxb03/track-url/vw807ho4jr9f7/f8df2d5215e61437567d395caacae447ebcbfe93
Title: (PrivacyPolicy)

Search URL Search Domain Scan URL

URL: https://newvis.ideepourpro.com/campaigns/pj03288npxb03/track-url/vw807ho4jr9f7/3b396237629ef9ad2f4cebe13f413ec0962f55eb
Title: cliquant ici

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://track.medium-connection.run/campaigns/pj03288npxb03/track-url/vw807ho4jr9f7/a8e1dfc5d73f22bc240d1a4b9b7c5405a923ae3a HTTP 301
http://track.medium-connection.run/campaigns/pj03288npxb03/web-version/vw807ho4jr9f7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request vw807ho4jr9f7 Show response
track.medium-connection.run/campaigns/pj03288npxb03/web-version/
Redirect Chain

https://track.medium-connection.run/campaigns/pj03288npxb03/track-url/vw807ho4jr9f7/a8e1dfc5d73f22bc240d1a4b9b7c5405a923ae3a
http://track.medium-connection.run/campaigns/pj03288npxb03/web-version/vw807ho4jr9f7

37 KB
4 KB

396ms
393ms

Document
text/html

2606:4700:3030::6815:2563
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://track.medium-connection.run/campaigns/pj03288npxb03/web-version/vw807ho4jr9f7

Protocol

HTTP/1.1

Server

2606:4700:3030::6815:2563 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be86ecd2f7f395aa2e736dc2b0f9cbd016e29c6154ab2bc332509a0f1188b5ce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 84e0fb2e98985fb1-SIN
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self';
Content-Type: text/html; charset=UTF-8
Date: Wed, 31 Jan 2024 09:38:20 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma: no-cache
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34W59jcO%2FSp2IYTsNaZ4JgvzwfQkEg96PQ83TuZY1u9WWFf%2FzOOm0kL9YcumZ9GAbF6UjM%2FRxKsQUJVUoFDdGgZnLTB3imO%2B8H%2FQ8p9q7gDhFB9iPjl4Y3h6%2FoFc3Vp4sCxKIGe%2Fgk5Y1Lvh%2FDfPDh5UtDsooaCSI8s%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 84e0fb2bcc208820-SIN
content-security-policy: frame-ancestors 'self';
content-type: text/html; charset=UTF-8
date: Wed, 31 Jan 2024 09:38:20 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 31 Jan 2024 09:38:20 GMT
location: http://track.medium-connection.run/campaigns/pj03288npxb03/web-version/vw807ho4jr9f7
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XK3NhQIln5diExUPhTPUsZ74g5stlVSD0i8hssrkoEjFnd8oJsEhTjHYTu%2BSpCv%2FWkvrTgwJEDi2scJRq%2FXbMisO55BesuTOKVSQSSEnjv7hQ9yOXsw8VCJzxsoRGKESO49MWGrY%2Bam9DmUCBU3ut19yCb10nZmQxEk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 vw807ho4jr9f7
newvis.ideepourpro.com/campaigns/pj03288npxb03/track-opening/ 0
259 B 1018ms
212ms Image
application/json 148.251.92.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newvis.ideepourpro.com/campaigns/pj03288npxb03/track-opening/vw807ho4jr9f7

Requested by

Host: track.medium-connection.run
URL: http://track.medium-connection.run/campaigns/pj03288npxb03/web-version/vw807ho4jr9f7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

148.251.92.100 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.100.92.251.148.clients.your-server.de

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://track.medium-connection.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'self';
date: Wed, 31 Jan 2024 09:38:21 GMT
last-modified: Wed, 31 Jan 2024 09:38:21 GMT
server: Apache
content-type: application/json
p3p: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
902 B 24ms
12ms Stylesheet
text/css 2404:6800:4003:c1a::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;700&display=swap

Requested by

Host: track.medium-connection.run
URL: http://track.medium-connection.run/campaigns/pj03288npxb03/web-version/vw807ho4jr9f7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dd8cd8c7dc16f30b6d6e738d78747ed2b2c151bebdbf9f5c12d23c5dd6ac4c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://track.medium-connection.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jan 2024 09:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 08:08:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jan 2024 09:38:20 GMT

GET
H/1.1 200
OK top.png
vht.tradedoubler.com/file/278228/1023/img/ 18 KB
18 KB 41ms
4ms Image
image/png 108.156.133.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/278228/1023/img/top.png

Requested by

Host: track.medium-connection.run
URL: http://track.medium-connection.run/campaigns/pj03288npxb03/web-version/vw807ho4jr9f7

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.156.133.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-133-27.sin2.r.cloudfront.net

Software

Apache /

Resource Hash

7335efc7045c231ac5e3ba7e1fba6d07239363bfb2df93839450be7dde7f15fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://track.medium-connection.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 27 Jan 2024 03:47:41 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 c3691d761a167bc90e6d3311843f48ce.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: SIN2-P4
Age: 366640
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 18242
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 01 Dec 2023 12:46:32 GMT
Server: Apache
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: ygHWZfN5u8RUuJSvISYdxZAyR2w92_auL7zGQalLD3PVOmEwJcJNjw==

GET
H/1.1 200
OK cta1_befr.png
vht.tradedoubler.com/file/278228/1023/img/ 5 KB
5 KB 42ms
6ms Image
image/png 108.156.133.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/278228/1023/img/cta1_befr.png

Requested by

Host: track.medium-connection.run
URL: http://track.medium-connection.run/campaigns/pj03288npxb03/web-version/vw807ho4jr9f7

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.156.133.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-133-27.sin2.r.cloudfront.net

Software

Apache /

Resource Hash

8c22de7d7d005d6012b92930b1db9ad2848cec438930ff26c7115015bb87c77e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://track.medium-connection.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Tue, 30 Jan 2024 08:16:48 GMT
Via: 1.1 01348adbf285860dd21bc52b989abbe4.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: SIN2-P4
Age: 91293
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 4636
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 01 Dec 2023 12:46:32 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: 8e_68hS0cgcUI4AQngyJnfii-mX7iNuljPpiQpvgHC35YeLQrFkA2A==

GET
H/1.1 200
OK hero1.png
vht.tradedoubler.com/file/278228/1023/img/ 36 KB
36 KB 44ms
8ms Image
image/png 108.156.133.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/278228/1023/img/hero1.png

Requested by

Host: track.medium-connection.run
URL: http://track.medium-connection.run/campaigns/pj03288npxb03/web-version/vw807ho4jr9f7

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.156.133.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-133-27.sin2.r.cloudfront.net

Software

Apache /

Resource Hash

1c5d613f69b63f25b2657b659a2b6bda815da76692b675811d93fb58ac4d024f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://track.medium-connection.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 07:34:41 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 8f2a5dcba4af73563588816a8f361736.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: SIN2-P4
Age: 180220
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 36381
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 01 Dec 2023 12:46:32 GMT
Server: Apache
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: xrNAwWnMemgxe91p2upGQddpVF6xMefdw3-gUI0eV6vQJjzzDutk1A==

GET
H/1.1 200
OK hero2.png
vht.tradedoubler.com/file/278228/1023/img/ 21 KB
21 KB 43ms
7ms Image
image/png 108.156.133.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/278228/1023/img/hero2.png

Requested by

Host: track.medium-connection.run
URL: http://track.medium-connection.run/campaigns/pj03288npxb03/web-version/vw807ho4jr9f7

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.156.133.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-133-27.sin2.r.cloudfront.net

Software

Apache /

Resource Hash

254cba992c18b899c96d8bbf8af0abeb502307063ad5758c7c33b8ec30f645fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://track.medium-connection.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 07:34:41 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 a0fb529982aa9787ef3a5780a065c43a.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: SIN2-P4
Age: 180220
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 21073
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 01 Dec 2023 12:46:32 GMT
Server: Apache
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: EHjXQyoRD7607AsLgK8cCPoAx_OnTCrMJlR4alv7DmoprjoVFg4YmA==

GET
H/1.1 200
OK divider.png
vht.tradedoubler.com/file/278228/1023/img/ 6 KB
7 KB 42ms
6ms Image
image/png 108.156.133.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/278228/1023/img/divider.png

Requested by

Host: track.medium-connection.run
URL: http://track.medium-connection.run/campaigns/pj03288npxb03/web-version/vw807ho4jr9f7

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.156.133.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-133-27.sin2.r.cloudfront.net

Software

Apache /

Resource Hash

eeff23843a00df423b1991e79654e06818211e1428a67a999d5848ee0781fbb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://track.medium-connection.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:17:43 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 e3763c12ecbeb3081a91797a48826e7e.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: SIN2-P4
Age: 444038
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 6269
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 01 Dec 2023 12:46:32 GMT
Server: Apache
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: n9Rtelx-I54qL3h7d_vvF_nsAEH2LvO-mFUd4rFxW7cFRq79byXXZw==

GET
H/1.1 200
OK map.gif
vht.tradedoubler.com/file/278228/1023/img/ 21 KB
22 KB 50ms
5ms Image
image/gif 108.156.133.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/278228/1023/img/map.gif

Requested by

Host: track.medium-connection.run
URL: http://track.medium-connection.run/campaigns/pj03288npxb03/web-version/vw807ho4jr9f7

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.156.133.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-133-27.sin2.r.cloudfront.net

Software

Apache /

Resource Hash

2c78258f6b32bcbd50169afbc8a7f6827e3c610f3db3028c46c34b1cbae62a34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://track.medium-connection.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 07:04:41 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 c3691d761a167bc90e6d3311843f48ce.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: SIN2-P4
Age: 268420
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 21709
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 01 Dec 2023 12:46:32 GMT
Server: Apache
Content-Type: image/gif
Accept-Ranges: bytes
X-Amz-Cf-Id: lOAv7qkhUty8JerYZ9wh0BZgvvdKAIDiXJIFEt-W9MJB9zNwTRYqCw==

GET
H/1.1 200
OK pic_1.png
vht.tradedoubler.com/file/278228/1023/img/ 2 KB
3 KB 11ms
10ms Image
image/png 108.156.133.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/278228/1023/img/pic_1.png

Requested by

Host: track.medium-connection.run
URL: http://track.medium-connection.run/campaigns/pj03288npxb03/web-version/vw807ho4jr9f7

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.156.133.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-133-27.sin2.r.cloudfront.net

Software

Apache /

Resource Hash

66f6bae2d60833757fe249c083780cda4c923861c049a381d6f924e43471b916

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://track.medium-connection.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Tue, 30 Jan 2024 01:34:55 GMT
Via: 1.1 640c029eaafcc45b2e6409e9a34bbbe4.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: SIN2-P4
Age: 115406
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2247
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 01 Dec 2023 12:46:32 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: xkSsxNE1y-0LwpSbjAoYIaYymAVfGv1TSI9vHX3-7ImqANPM4W69Tw==

GET
H/1.1 200
OK pic_2.png
vht.tradedoubler.com/file/278228/1023/img/ 2 KB
3 KB 8ms
7ms Image
image/png 108.156.133.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/278228/1023/img/pic_2.png

Requested by

Host: track.medium-connection.run
URL: http://track.medium-connection.run/campaigns/pj03288npxb03/web-version/vw807ho4jr9f7

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.156.133.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-133-27.sin2.r.cloudfront.net

Software

Apache /

Resource Hash

a00a00a248dbc4b7c47000b94369f052fd9c0caeec066f61c8305c2f9a905ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://track.medium-connection.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:17:44 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 8f2a5dcba4af73563588816a8f361736.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: SIN2-P4
Age: 444037
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2153
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 01 Dec 2023 12:46:32 GMT
Server: Apache
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: nFPg8u2UpN28ZSqYNsALhmfAkuKhD6YSIhzc7D08NKxJe0VDyfy6fA==

GET
H/1.1 200
OK pic_3.png
vht.tradedoubler.com/file/278228/1023/img/ 2 KB
2 KB 7ms
6ms Image
image/png 108.156.133.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/278228/1023/img/pic_3.png

Requested by

Host: track.medium-connection.run
URL: http://track.medium-connection.run/campaigns/pj03288npxb03/web-version/vw807ho4jr9f7

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.156.133.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-133-27.sin2.r.cloudfront.net

Software

Apache /

Resource Hash

fc005ccd1bd88db7022ce56d03586ada9af0a3c93f937e749fbea4d8f4649c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://track.medium-connection.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Tue, 30 Jan 2024 01:34:55 GMT
Via: 1.1 a0fb529982aa9787ef3a5780a065c43a.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: SIN2-P4
Age: 115405
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1629
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 01 Dec 2023 12:46:32 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: CplbCDyV9e54IbQwh4JhhrMFIeLiQylmCCisHnF47lJWXzPXkI1lgQ==

GET
H/1.1 200
OK cta2_befr.png
vht.tradedoubler.com/file/278228/1023/img/ 4 KB
5 KB 6ms
5ms Image
image/png 108.156.133.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/278228/1023/img/cta2_befr.png

Requested by

Host: track.medium-connection.run
URL: http://track.medium-connection.run/campaigns/pj03288npxb03/web-version/vw807ho4jr9f7

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.156.133.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-133-27.sin2.r.cloudfront.net

Software

Apache /

Resource Hash

1a542b337ba91a08866ebfdedd1cb90ae763ffad132e962a6da8cc615b5607f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://track.medium-connection.run/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 14:26:43 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 e3763c12ecbeb3081a91797a48826e7e.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: SIN2-P4
Age: 501098
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 4486
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 01 Dec 2023 12:46:32 GMT
Server: Apache
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: RLARuHOC3VPwCs_1j73xBUV4yok28Pfb1nthxizI-fvkHsygGiquLg==

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 23ms
4ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://track.medium-connection.run
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 21:55:27 GMT
x-content-type-options: nosniff
age: 560574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jan 2025 21:55:27 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 24ms
5ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://track.medium-connection.run
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 21:43:51 GMT
x-content-type-options: nosniff
age: 561270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jan 2025 21:43:51 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			track.medium-connection.run/	1969-12-31 23:59:59	Name: mwsid Value: 7vadqmtf3obpt78oah5nnk5l61

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self';

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
newvis.ideepourpro.com
track.medium-connection.run
vht.tradedoubler.com
108.156.133.27
148.251.92.100
2404:6800:4003:c00::5e
2404:6800:4003:c1a::5f
2606:4700:3030::6815:2563
2606:4700:3030::ac43:cf11
1a542b337ba91a08866ebfdedd1cb90ae763ffad132e962a6da8cc615b5607f3
1c5d613f69b63f25b2657b659a2b6bda815da76692b675811d93fb58ac4d024f
254cba992c18b899c96d8bbf8af0abeb502307063ad5758c7c33b8ec30f645fc
2c78258f6b32bcbd50169afbc8a7f6827e3c610f3db3028c46c34b1cbae62a34
66f6bae2d60833757fe249c083780cda4c923861c049a381d6f924e43471b916
7335efc7045c231ac5e3ba7e1fba6d07239363bfb2df93839450be7dde7f15fe
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8c22de7d7d005d6012b92930b1db9ad2848cec438930ff26c7115015bb87c77e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
a00a00a248dbc4b7c47000b94369f052fd9c0caeec066f61c8305c2f9a905ca3
be86ecd2f7f395aa2e736dc2b0f9cbd016e29c6154ab2bc332509a0f1188b5ce
dd8cd8c7dc16f30b6d6e738d78747ed2b2c151bebdbf9f5c12d23c5dd6ac4c82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeff23843a00df423b1991e79654e06818211e1428a67a999d5848ee0781fbb0
fc005ccd1bd88db7022ce56d03586ada9af0a3c93f937e749fbea4d8f4649c85

track.medium-connection.run Open in urlscan Pro 2606:4700:3030::6815:2563 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

67 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

143 kBTransfer

170 kBSize

1 Cookies

5 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

track.medium-connection.run Open in urlscan Pro
2606:4700:3030::6815:2563 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

67 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

143 kB
Transfer

170 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions