api.pingstart.com Open in urlscan Pro
52.43.255.182 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ads.dofunapps.com/acs.php?sid=6500&adid=7922744&clickid=AFS_5b1fb176d15d03000148b72a&pubid=1274&offerid=1455996&su...
Effective URL:
http://api.pingstart.com/static/ad.html?redirect=https%3A%2F%2Fbriskads.go2affise.com%2Fclick%3Fpid%3D185%26offer_id%3D83...
Submission: On June 13 via manual (June 13th 2018, 12:23:39 am UTC) from JP

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 5 countries across 11 domains to perform 8 HTTP transactions. The main IP is 52.43.255.182, located in Boardman, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is api.pingstart.com.

This is the only time api.pingstart.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.220.244.63 52.220.244.63	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	54.244.35.170 54.244.35.170	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 3	54.149.87.207 54.149.87.207	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	52.43.255.182 52.43.255.182	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	212.32.250.3 212.32.250.3	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	18.195.132.197 18.195.132.197	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	173.255.228.204 173.255.228.204	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	54.179.178.61 54.179.178.61	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	212.32.250.9 212.32.250.9	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	172.217.22.14 172.217.22.14	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	218.213.150.50 218.213.150.50	9293 (HKNET-VIP...) (HKNET-VIPNET NTT Com Asia Limited)
1	52.29.180.62 52.29.180.62	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
8	6

1 52.220.244.63 (Singapore, Singapore)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-220-244-63.ap-southeast-1.compute.amazonaws.com

ads.dofunapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.244.35.170 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-244-35-170.us-west-2.compute.amazonaws.com

a.nbt.ren	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.149.87.207 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-149-87-207.us-west-2.compute.amazonaws.com

c.snnd.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.43.255.182 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-43-255-182.us-west-2.compute.amazonaws.com

api.pingstart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.250.3 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

briskads.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.132.197 (Cambridge, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-132-197.eu-central-1.compute.amazonaws.com

clinkadtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.255.228.204 (Newark, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li238-204.members.linode.com

track.clickhubs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.179.178.61 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-179-178-61.ap-southeast-1.compute.amazonaws.com

pixel.webeyemob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.250.9 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

adferns.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.14 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f14.1e100.net

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 218.213.150.50 (Kwai Chung, Hong Kong) 1 redirects

ASN9293 (HKNET-VIPNET NTT Com Asia Limited, HK)

advclick.wecloudbak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.180.62 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-180-62.eu-central-1.compute.amazonaws.com

global.ymtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	pingstart.com api.pingstart.com	12 KB
3	snnd.co 2 redirects c.snnd.co	1 KB
2	go2affise.com 1 redirects briskads.go2affise.com adferns.go2affise.com	232 B
1	ymtracking.com global.ymtracking.com
1	wecloudbak.com 1 redirects advclick.wecloudbak.com	380 B
1	google.com play.google.com
1	webeyemob.com 1 redirects pixel.webeyemob.com	334 B
1	clickhubs.com 1 redirects track.clickhubs.com	481 B
1	clinkadtracking.com 1 redirects clinkadtracking.com	361 B
1	nbt.ren 1 redirects a.nbt.ren	827 B
1	dofunapps.com ads.dofunapps.com	709 B
8	11

	Domain	Requested by
3	api.pingstart.com	c.snnd.co api.pingstart.com
3	c.snnd.co	2 redirects
1	global.ymtracking.com	api.pingstart.com
1	advclick.wecloudbak.com	1 redirects
1	play.google.com	api.pingstart.com
1	adferns.go2affise.com	1 redirects
1	pixel.webeyemob.com	1 redirects
1	track.clickhubs.com	1 redirects
1	clinkadtracking.com	1 redirects
1	briskads.go2affise.com	api.pingstart.com
1	a.nbt.ren	1 redirects
1	ads.dofunapps.com
8	12

This site contains no links.

Subject Issuer	Validity	Valid
*.go2affise.com Go Daddy Secure Certificate Authority - G2	`2017-12-08` - `2019-12-08`	2 years	crt.sh
*.google.com Google Internet Authority G3	`2018-05-23` - `2018-08-15`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://api.pingstart.com/static/ad.html?redirect=https%3A%2F%2Fbriskads.go2affise.com%2Fclick%3Fpid%3D185%26offer_id%3D83%26sub1%3Dd87d07df-2203-4b23-a4b6-f8176d57de74__pspm%26sub2%3Dp14331320&publisher_id=1320&slot_id=0&t=2018-06-13%2000:23:30.025731314%20+0000%20UTC
Frame ID: AC42F959EB994E4099C76F521B4834AA
Requests: 4 HTTP requests in this frame

Frame: https://briskads.go2affise.com/click?pid=185&offer_id=83&sub1=d87d07df-2203-4b23-a4b6-f8176d57de74__pspm&sub2=p14331320
Frame ID: 14B49DDD9DC98FFD42938BB06B06E45A
Requests: 1 HTTP requests in this frame

Frame: https://play.google.com/store/apps/details?id=com.joycity.potc
Frame ID: 91FC84865FB374D86EF83FB3121C2EEC
Requests: 1 HTTP requests in this frame

Frame: http://api.pingstart.com/static/ad.html?app_id=&app_version=&channel_id=10000&lat=&lon=&osv=&pub_gaid=638027a4-ec1a-31ed-a5e6-b9fe809db127&publisher_slot=1320_0&sdkv=&sub_2=
Frame ID: 48051FC00F3E62261C52921DD147A76A
Requests: 1 HTTP requests in this frame

Frame: http://global.ymtracking.com/trace?aff_sub=&aff_sub2=v1-2f2-DE-86653792_JB2018061308230TPNSHWHPL2SJMV190-&sub_affiliate_id=3143&google_adv_id=638027a4-ec1a-31ed-a5e6-b9fe809db127&aff_sub6=gokeyboard&offer_id=11613558&app_id=184&type=ff71c4dc0000000a
Frame ID: A6CC530C93A39918495E7F4242773FFC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ads.dofunapps.com/acs.php?sid=6500&adid=7922744&clickid=AFS_5b1fb176d15d03000148b72a&pubid=127... Page URL
http://a.nbt.ren/sm/v1/click?rule_id=17&publisher_slot=&pub_aid=&pub_idfa=&sub_1=&package_nam... HTTP 302
http://c.snnd.co/api/v4/click?_castle_=6B8axNNyBW-c8KmEdr5FT6G0Q8CEO7uTgaGWCa50GU3SN6uURUWg0W... Page URL
http://api.pingstart.com/static/ad.html?redirect=https%3A%2F%2Fbriskads.go2affise.com%2Fclick%3Fpid%3... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

8
Requests

25 %
HTTPS

0 %
IPv6

11
Domains

12
Subdomains

6
IPs

5
Countries

14 kB
Transfer

13 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ads.dofunapps.com/acs.php?sid=6500&adid=7922744&clickid=AFS_5b1fb176d15d03000148b72a&pubid=1274&offerid=1455996&subid=1274_4265_602_120&gaid= Page URL
http://a.nbt.ren/sm/v1/click?rule_id=17&publisher_slot=&pub_aid=&pub_idfa=&sub_1=&package_name=852882903&pub_gaid= HTTP 302
http://c.snnd.co/api/v4/click?_castle_=6B8axNNyBW-c8KmEdr5FT6G0Q8CEO7uTgaGWCa50GU3SN6uURUWg0W2k7qL2U7QK7-8qljM3RPVgfeMgTi1Zr8FC7A-7xvTnZhuHfjwl-2zjO1WzVZZA34bu6ecDlklL1Axgv8SP6PwtU-6kflguNjTyHRcnczg4HUz-i4zGPNKNQehgCaELa9GYQNpM-g7UHzxaFmpozOdPp2JHvvCeVD1Faydmc0RR3QR3_QIrkGMLh3ZyaK43PBUdFbA4SgcILTwNvBidNt9iL9ZSlQJFIfcklMr4eU41AHLoN1suN11d3oixs56eIcd5s7qFvTrA2Apde4-X_RcbcyCYYOrrwHP3NcxnoxKSI1YViYl-1b58cqRwYv27MohzJ6vpCwGoeYNvpl0XnfLl1Ih-50S73xw58LFvAnDfG3DF_DfmGSjaDDGUtjJOcBR1Xys29ySVk4VQTUVJd_0YTbJHoDjLuQfklGCRS5Ra6gRhqvbWaODH5sQdY5Nnj0Zxc5VZIWujhxWxo6OfN_bVAGufMsZWDI_rWtoKZ0s2_R8JPg5CxtZyTLh6qOsL9ISpkw5G2_qoXKUVSdi8cwAKLBJnKAr3Wu4r5miWHvxfjHmFHJJQXN806yb12A%3D%3D Page URL
http://api.pingstart.com/static/ad.html?redirect=https%3A%2F%2Fbriskads.go2affise.com%2Fclick%3Fpid%3D185%26offer_id%3D83%26sub1%3Dd87d07df-2203-4b23-a4b6-f8176d57de74__pspm%26sub2%3Dp14331320&publisher_id=1320&slot_id=0&t=2018-06-13%2000:23:30.025731314%20+0000%20UTC Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://a.nbt.ren/sm/v1/click?rule_id=17&publisher_slot=&pub_aid=&pub_idfa=&sub_1=&package_name=852882903&pub_gaid= HTTP 302
http://c.snnd.co/api/v4/click?_castle_=6B8axNNyBW-c8KmEdr5FT6G0Q8CEO7uTgaGWCa50GU3SN6uURUWg0W2k7qL2U7QK7-8qljM3RPVgfeMgTi1Zr8FC7A-7xvTnZhuHfjwl-2zjO1WzVZZA34bu6ecDlklL1Axgv8SP6PwtU-6kflguNjTyHRcnczg4HUz-i4zGPNKNQehgCaELa9GYQNpM-g7UHzxaFmpozOdPp2JHvvCeVD1Faydmc0RR3QR3_QIrkGMLh3ZyaK43PBUdFbA4SgcILTwNvBidNt9iL9ZSlQJFIfcklMr4eU41AHLoN1suN11d3oixs56eIcd5s7qFvTrA2Apde4-X_RcbcyCYYOrrwHP3NcxnoxKSI1YViYl-1b58cqRwYv27MohzJ6vpCwGoeYNvpl0XnfLl1Ih-50S73xw58LFvAnDfG3DF_DfmGSjaDDGUtjJOcBR1Xys29ySVk4VQTUVJd_0YTbJHoDjLuQfklGCRS5Ra6gRhqvbWaODH5sQdY5Nnj0Zxc5VZIWujhxWxo6OfN_bVAGufMsZWDI_rWtoKZ0s2_R8JPg5CxtZyTLh6qOsL9ISpkw5G2_qoXKUVSdi8cwAKLBJnKAr3Wu4r5miWHvxfjHmFHJJQXN806yb12A%3D%3D

Request Chain 4

http://c.snnd.co/api/v4/click?_pre_chk=true&app_id=&app_version=&campaign_id=16146450&channel_id=10000&lat=&lon=&osv=&pub_gaid=638027a4-ec1a-31ed-a5e6-b9fe809db127&publisher_id=1560&publisher_slot=1320_0&sdkv=&sub_2= HTTP 302
http://clinkadtracking.com/tracking?camp=68345133&pubid=3797&sid=e78bcd92-d500-4de5-8761-c303a743ed4d__pspm&subpubid=1320_0_p1560&gaid=638027a4-ec1a-31ed-a5e6-b9fe809db127&idfa= HTTP 302
http://track.clickhubs.com/v1/ad/click?h=1528848061128&pubid=10332&campid=46509768&geo=DE&aid=&os_version=&gaid=638027a4-ec1a-31ed-a5e6-b9fe809db127&sub=b6uG9mMBAADVDgAAawIAACHJCwAAAAAALd0SBPYoXD8AAAAABC8YNwQ*&sub_id=3797 HTTP 302
http://pixel.webeyemob.com/v1/ad/click?subsite_id=30590&transaction_id=2d5c18c6-0024-4d8b-8bdd-64723cd4c983&id=39418&offer_id=161836918&geo=DE&aid=&client_version={os_version}&gaid=638027a4-ec1a-31ed-a5e6-b9fe809db127&tmark=1528848935878&p=10332 HTTP 302
https://adferns.go2affise.com/click?pid=2&offer_id=766&sub1=_9kpbBb4px8BZbVzciW61RIaaRX5LUUR4YAaZEuTR6yX_&sub2=30590&sub3=638027a4-ec1a-31ed-a5e6-b9fe809db127&sub4=com.lenovo.anyshare.gps HTTP 302
https://play.google.com/store/apps/details?id=com.joycity.potc

Request Chain 6

http://c.snnd.co/api/v4/click?_ad=1454&_c=1000&_cw=c&_mw=ap&_po=3461f5fdc51cb9b40585c557e940143028bbdf57f2ab716b7c9d9508ebc4c123&app_id=&app_name=&app_version=&campaign_id=15795062&channel_id=10000&lat=&lon=&osv=&pub_aid=&pub_gaid=638027a4-ec1a-31ed-a5e6-b9fe809db127&pub_idfa=&publisher_id=1508&publisher_slot=1320_0&rt=180613001114&sdkv=&sub_1=&sub_2= HTTP 302
http://advclick.wecloudbak.com/advclick?advposid=754&mapid=86653792&aid=&adid=638027a4-ec1a-31ed-a5e6-b9fe809db127&aff_sub=5c43b971-0857-4f0a-b0fe-d5b57179b6eb__pspm&aff_sub5=p1508_ HTTP 302
http://global.ymtracking.com/trace?aff_sub=&aff_sub2=v1-2f2-DE-86653792_JB2018061308230TPNSHWHPL2SJMV190-&sub_affiliate_id=3143&google_adv_id=638027a4-ec1a-31ed-a5e6-b9fe809db127&aff_sub6=gokeyboard&offer_id=11613558&app_id=184&type=ff71c4dc0000000a

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK acs.php Show response
ads.dofunapps.com/ 410 B
709 B 380ms
191ms Document
text/html 52.220.244.63
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.dofunapps.com/acs.php?sid=6500&adid=7922744&clickid=AFS_5b1fb176d15d03000148b72a&pubid=1274&offerid=1455996&subid=1274_4265_602_120&gaid=
Protocol: HTTP/1.1
Server: 52.220.244.63 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-220-244-63.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.7.9 /
Resource Hash: 825465476f302569eb921c5221e6bb628bcbd8871ebd69fad5fbd841df5ade78

Request headers

Host: ads.dofunapps.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: AC42F959EB994E4099C76F521B4834AA

Response headers

Server: nginx/1.7.9
Date: Wed, 13 Jun 2018 00:23:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Wed Jun 13 00:23:29 2018
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache

GET
H/1.1

200
OK

click Show response
c.snnd.co/api/v4/
Redirect Chain

http://a.nbt.ren/sm/v1/click?rule_id=17&publisher_slot=&pub_aid=&pub_idfa=&sub_1=&package_name=852882903&pub_gaid=
http://c.snnd.co/api/v4/click?_castle_=6B8axNNyBW-c8KmEdr5FT6G0Q8CEO7uTgaGWCa50GU3SN6uURUWg0W2k7qL2U7QK7-8qljM3RPVgfeMgTi1Zr8FC7A-7xvTnZhuHfjwl-2zjO1WzVZZA34bu6ecDlklL1Axgv8SP6PwtU-6kflguNjTyHRcncz...

464 B
590 B

352ms
183ms

Document
text/html

54.149.87.207
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://c.snnd.co/api/v4/click?_castle_=6B8axNNyBW-c8KmEdr5FT6G0Q8CEO7uTgaGWCa50GU3SN6uURUWg0W2k7qL2U7QK7-8qljM3RPVgfeMgTi1Zr8FC7A-7xvTnZhuHfjwl-2zjO1WzVZZA34bu6ecDlklL1Axgv8SP6PwtU-6kflguNjTyHRcnczg4HUz-i4zGPNKNQehgCaELa9GYQNpM-g7UHzxaFmpozOdPp2JHvvCeVD1Faydmc0RR3QR3_QIrkGMLh3ZyaK43PBUdFbA4SgcILTwNvBidNt9iL9ZSlQJFIfcklMr4eU41AHLoN1suN11d3oixs56eIcd5s7qFvTrA2Apde4-X_RcbcyCYYOrrwHP3NcxnoxKSI1YViYl-1b58cqRwYv27MohzJ6vpCwGoeYNvpl0XnfLl1Ih-50S73xw58LFvAnDfG3DF_DfmGSjaDDGUtjJOcBR1Xys29ySVk4VQTUVJd_0YTbJHoDjLuQfklGCRS5Ra6gRhqvbWaODH5sQdY5Nnj0Zxc5VZIWujhxWxo6OfN_bVAGufMsZWDI_rWtoKZ0s2_R8JPg5CxtZyTLh6qOsL9ISpkw5G2_qoXKUVSdi8cwAKLBJnKAr3Wu4r5miWHvxfjHmFHJJQXN806yb12A%3D%3D
Protocol: HTTP/1.1
Server: 54.149.87.207 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-149-87-207.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 764a4705faf119f5847ff2fc2ebe3d279b584cc19adbd852ed8bd4659344106a

Request headers

Host: c.snnd.co
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: AC42F959EB994E4099C76F521B4834AA

Response headers

Date: Wed, 13 Jun 2018 00:23:30 GMT
Content-Type: text/html
Content-Length: 464
Connection: keep-alive

Redirect headers

Date: Wed, 13 Jun 2018 00:23:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 694
Connection: keep-alive
Location: http://c.snnd.co/api/v4/click?_castle_=6B8axNNyBW-c8KmEdr5FT6G0Q8CEO7uTgaGWCa50GU3SN6uURUWg0W2k7qL2U7QK7-8qljM3RPVgfeMgTi1Zr8FC7A-7xvTnZhuHfjwl-2zjO1WzVZZA34bu6ecDlklL1Axgv8SP6PwtU-6kflguNjTyHRcnczg4HUz-i4zGPNKNQehgCaELa9GYQNpM-g7UHzxaFmpozOdPp2JHvvCeVD1Faydmc0RR3QR3_QIrkGMLh3ZyaK43PBUdFbA4SgcILTwNvBidNt9iL9ZSlQJFIfcklMr4eU41AHLoN1suN11d3oixs56eIcd5s7qFvTrA2Apde4-X_RcbcyCYYOrrwHP3NcxnoxKSI1YViYl-1b58cqRwYv27MohzJ6vpCwGoeYNvpl0XnfLl1Ih-50S73xw58LFvAnDfG3DF_DfmGSjaDDGUtjJOcBR1Xys29ySVk4VQTUVJd_0YTbJHoDjLuQfklGCRS5Ra6gRhqvbWaODH5sQdY5Nnj0Zxc5VZIWujhxWxo6OfN_bVAGufMsZWDI_rWtoKZ0s2_R8JPg5CxtZyTLh6qOsL9ISpkw5G2_qoXKUVSdi8cwAKLBJnKAr3Wu4r5miWHvxfjHmFHJJQXN806yb12A%3D%3D

GET
H/1.1 200
OK Primary Request ad.html Show response
api.pingstart.com/static/ 5 KB
5 KB 379ms
177ms Document
text/html 52.43.255.182
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.pingstart.com/static/ad.html?redirect=https%3A%2F%2Fbriskads.go2affise.com%2Fclick%3Fpid%3D185%26offer_id%3D83%26sub1%3Dd87d07df-2203-4b23-a4b6-f8176d57de74__pspm%26sub2%3Dp14331320&publisher_id=1320&slot_id=0&t=2018-06-13%2000:23:30.025731314%20+0000%20UTC
Requested by: Host: c.snnd.co
URL: http://c.snnd.co/api/v4/click?_castle_=6B8axNNyBW-c8KmEdr5FT6G0Q8CEO7uTgaGWCa50GU3SN6uURUWg0W2k7qL2U7QK7-8qljM3RPVgfeMgTi1Zr8FC7A-7xvTnZhuHfjwl-2zjO1WzVZZA34bu6ecDlklL1Axgv8SP6PwtU-6kflguNjTyHRcnczg4HUz-i4zGPNKNQehgCaELa9GYQNpM-g7UHzxaFmpozOdPp2JHvvCeVD1Faydmc0RR3QR3_QIrkGMLh3ZyaK43PBUdFbA4SgcILTwNvBidNt9iL9ZSlQJFIfcklMr4eU41AHLoN1suN11d3oixs56eIcd5s7qFvTrA2Apde4-X_RcbcyCYYOrrwHP3NcxnoxKSI1YViYl-1b58cqRwYv27MohzJ6vpCwGoeYNvpl0XnfLl1Ih-50S73xw58LFvAnDfG3DF_DfmGSjaDDGUtjJOcBR1Xys29ySVk4VQTUVJd_0YTbJHoDjLuQfklGCRS5Ra6gRhqvbWaODH5sQdY5Nnj0Zxc5VZIWujhxWxo6OfN_bVAGufMsZWDI_rWtoKZ0s2_R8JPg5CxtZyTLh6qOsL9ISpkw5G2_qoXKUVSdi8cwAKLBJnKAr3Wu4r5miWHvxfjHmFHJJQXN806yb12A%3D%3D
Protocol: HTTP/1.1
Server: 52.43.255.182 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-43-255-182.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 3079a0d1081b37246aa40f4e73ed403bb4239694d37008c270ec76ab1fd00c45

Request headers

Host: api.pingstart.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: AC42F959EB994E4099C76F521B4834AA

Response headers

Date: Wed, 13 Jun 2018 00:23:30 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK js_func Show response
api.pingstart.com/v1/ 3 KB
3 KB 182ms
182ms Script
text/plain 52.43.255.182
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.pingstart.com/v1/js_func?aid=1320&sid=0&size=2&callback=ad_callback.getCallbackData&t=2018-06-13%2000:23:30.025731314%20+0000%20UTC&os=1
Requested by: Host: api.pingstart.com
URL: http://api.pingstart.com/static/ad.html?redirect=https%3A%2F%2Fbriskads.go2affise.com%2Fclick%3Fpid%3D185%26offer_id%3D83%26sub1%3Dd87d07df-2203-4b23-a4b6-f8176d57de74__pspm%26sub2%3Dp14331320&publisher_id=1320&slot_id=0&t=2018-06-13%2000:23:30.025731314%20+0000%20UTC
Protocol: HTTP/1.1
Server: 52.43.255.182 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-43-255-182.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 9ff5856f32050cb937abe0fdf1b875f2089022fca4e47abcb8bea18603ab4f80

Request headers

Accept: */*
Pragma: no-cache
Connection: keep-alive
Accept-Encoding: gzip, deflate
Host: api.pingstart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 13 Jun 2018 00:23:30 GMT
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK Cookie set click
briskads.go2affise.com/ Frame 14B4 0
0 69ms
15ms Document
text/html 212.32.250.3
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://briskads.go2affise.com/click?pid=185&offer_id=83&sub1=d87d07df-2203-4b23-a4b6-f8176d57de74__pspm&sub2=p14331320
Requested by: Host: api.pingstart.com
URL: http://api.pingstart.com/static/ad.html?redirect=https%3A%2F%2Fbriskads.go2affise.com%2Fclick%3Fpid%3D185%26offer_id%3D83%26sub1%3Dd87d07df-2203-4b23-a4b6-f8176d57de74__pspm%26sub2%3Dp14331320&publisher_id=1320&slot_id=0&t=2018-06-13%2000:23:30.025731314%20+0000%20UTC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.32.250.3 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: briskads.go2affise.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: AC42F959EB994E4099C76F521B4834AA

Response headers

Server: nginx
Date: Wed, 13 Jun 2018 00:23:30 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: afclick=5b206402c07bf10001a12b19; Expires=Thu, 13 Jun 2019 00:23:30 GMT
Content-Encoding: gzip

GET
H2

200

details
play.google.com/store/apps/ Frame 91FC
Redirect Chain

http://c.snnd.co/api/v4/click?_pre_chk=true&app_id=&app_version=&campaign_id=16146450&channel_id=10000&lat=&lon=&osv=&pub_gaid=638027a4-ec1a-31ed-a5e6-b9fe809db127&publisher_id=1560&publisher_slot=...
http://clinkadtracking.com/tracking?camp=68345133&pubid=3797&sid=e78bcd92-d500-4de5-8761-c303a743ed4d__pspm&subpubid=1320_0_p1560&gaid=638027a4-ec1a-31ed-a5e6-b9fe809db127&idfa=
http://track.clickhubs.com/v1/ad/click?h=1528848061128&pubid=10332&campid=46509768&geo=DE&aid=&os_version=&gaid=638027a4-ec1a-31ed-a5e6-b9fe809db127&sub=b6uG9mMBAADVDgAAawIAACHJCwAAAAAALd0SBPYoXD8A...
http://pixel.webeyemob.com/v1/ad/click?subsite_id=30590&transaction_id=2d5c18c6-0024-4d8b-8bdd-64723cd4c983&id=39418&offer_id=161836918&geo=DE&aid=&client_version={os_version}&gaid=638027a4-ec1a-31...
https://adferns.go2affise.com/click?pid=2&offer_id=766&sub1=_9kpbBb4px8BZbVzciW61RIaaRX5LUUR4YAaZEuTR6yX_&sub2=30590&sub3=638027a4-ec1a-31ed-a5e6-b9fe809db127&sub4=com.lenovo.anyshare.gps
https://play.google.com/store/apps/details?id=com.joycity.potc

0
0

91ms
91ms

Document
text/html

172.217.22.14
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/store/apps/details?id=com.joycity.potc

Requested by

Host: api.pingstart.com
URL: http://api.pingstart.com/static/ad.html?redirect=https%3A%2F%2Fbriskads.go2affise.com%2Fclick%3Fpid%3D185%26offer_id%3D83%26sub1%3Dd87d07df-2203-4b23-a4b6-f8176d57de74__pspm%26sub2%3Dp14331320&publisher_id=1320&slot_id=0&t=2018-06-13%2000:23:30.025731314%20+0000%20UTC

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.22.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5jxgHv5KpNxAcMKbrOa3RL8u5L4' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /_/PlayStoreUi/cspreport script-src 'nonce-5jxgHv5KpNxAcMKbrOa3RL8u5L4' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://market.android.com https://www.google-analytics.com/analytics.js https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/PlayStoreUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: play.google.com
:scheme: https
:path: /store/apps/details?id=com.joycity.potc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: AC42F959EB994E4099C76F521B4834AA

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 13 Jun 2018 00:23:31 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'report-sample' 'nonce-5jxgHv5KpNxAcMKbrOa3RL8u5L4' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /_/PlayStoreUi/cspreport script-src 'nonce-5jxgHv5KpNxAcMKbrOa3RL8u5L4' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://market.android.com https://www.google-analytics.com/analytics.js https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/PlayStoreUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=132=DKcWaD_JBYuav-KGKhLt9COto4YUO9NwM6g0d6uwzHoas74-SjqA75-2TAL2Fc6y3JElQy0J4rExmLFETbhzsu_-Qc5tGnVs-iPqs7SmWca2OOZDUUxZsGs_cJ0eKcpt;Domain=.google.com;Path=/;Expires=Thu, 13-Dec-2018 00:23:31 GMT;HttpOnly
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"

Redirect headers

Server: nginx
Date: Wed, 13 Jun 2018 00:23:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 85
Connection: keep-alive
Location: https://play.google.com/store/apps/details?id=com.joycity.potc

GET
H/1.1 200
OK ad.html Show response
api.pingstart.com/static/ Frame 4805 5 KB
5 KB 203ms
182ms Document
text/html 52.43.255.182
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.pingstart.com/static/ad.html?app_id=&app_version=&channel_id=10000&lat=&lon=&osv=&pub_gaid=638027a4-ec1a-31ed-a5e6-b9fe809db127&publisher_slot=1320_0&sdkv=&sub_2=
Requested by: Host: api.pingstart.com
URL: http://api.pingstart.com/static/ad.html?redirect=https%3A%2F%2Fbriskads.go2affise.com%2Fclick%3Fpid%3D185%26offer_id%3D83%26sub1%3Dd87d07df-2203-4b23-a4b6-f8176d57de74__pspm%26sub2%3Dp14331320&publisher_id=1320&slot_id=0&t=2018-06-13%2000:23:30.025731314%20+0000%20UTC
Protocol: HTTP/1.1
Server: 52.43.255.182 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-43-255-182.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 3079a0d1081b37246aa40f4e73ed403bb4239694d37008c270ec76ab1fd00c45

Request headers

Host: api.pingstart.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: AC42F959EB994E4099C76F521B4834AA

Response headers

Date: Wed, 13 Jun 2018 00:23:30 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1

202
Accepted

trace
global.ymtracking.com/ Frame A6CC
Redirect Chain

http://c.snnd.co/api/v4/click?_ad=1454&_c=1000&_cw=c&_mw=ap&_po=3461f5fdc51cb9b40585c557e940143028bbdf57f2ab716b7c9d9508ebc4c123&app_id=&app_name=&app_version=&campaign_id=15795062&channel_id=10000...
http://advclick.wecloudbak.com/advclick?advposid=754&mapid=86653792&aid=&adid=638027a4-ec1a-31ed-a5e6-b9fe809db127&aff_sub=5c43b971-0857-4f0a-b0fe-d5b57179b6eb__pspm&aff_sub5=p1508_
http://global.ymtracking.com/trace?aff_sub=&aff_sub2=v1-2f2-DE-86653792_JB2018061308230TPNSHWHPL2SJMV190-&sub_affiliate_id=3143&google_adv_id=638027a4-ec1a-31ed-a5e6-b9fe809db127&aff_sub6=gokeyboar...

0
0

22ms
15ms

Document
text/html

52.29.180.62
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://global.ymtracking.com/trace?aff_sub=&aff_sub2=v1-2f2-DE-86653792_JB2018061308230TPNSHWHPL2SJMV190-&sub_affiliate_id=3143&google_adv_id=638027a4-ec1a-31ed-a5e6-b9fe809db127&aff_sub6=gokeyboard&offer_id=11613558&app_id=184&type=ff71c4dc0000000a
Requested by: Host: api.pingstart.com
URL: http://api.pingstart.com/static/ad.html?redirect=https%3A%2F%2Fbriskads.go2affise.com%2Fclick%3Fpid%3D185%26offer_id%3D83%26sub1%3Dd87d07df-2203-4b23-a4b6-f8176d57de74__pspm%26sub2%3Dp14331320&publisher_id=1320&slot_id=0&t=2018-06-13%2000:23:30.025731314%20+0000%20UTC
Protocol: HTTP/1.1
Server: 52.29.180.62 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-29-180-62.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Host: global.ymtracking.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: AC42F959EB994E4099C76F521B4834AA

Response headers

Server: nginx
Date: Wed, 13 Jun 2018 00:23:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

Redirect headers

Server: Tengine
Date: Wed, 13 Jun 2018 00:23:30 GMT
Content-Length: 0
Connection: keep-alive
Location: http://global.ymtracking.com/trace?aff_sub=&aff_sub2=v1-2f2-DE-86653792_JB2018061308230TPNSHWHPL2SJMV190-&sub_affiliate_id=3143&google_adv_id=638027a4-ec1a-31ed-a5e6-b9fe809db127&aff_sub6=gokeyboard&offer_id=11613558&app_id=184&type=ff71c4dc0000000a

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-18 21:04:20	Name: NID Value: 132=DKcWaD_JBYuav-KGKhLt9COto4YUO9NwM6g0d6uwzHoas74-SjqA75-2TAL2Fc6y3JElQy0J4rExmLFETbhzsu_-Qc5tGnVs-iPqs7SmWca2OOZDUUxZsGs_cJ0eKcpt

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.nbt.ren
adferns.go2affise.com
ads.dofunapps.com
advclick.wecloudbak.com
api.pingstart.com
briskads.go2affise.com
c.snnd.co
clinkadtracking.com
global.ymtracking.com
pixel.webeyemob.com
play.google.com
track.clickhubs.com
172.217.22.14
173.255.228.204
18.195.132.197
212.32.250.3
212.32.250.9
218.213.150.50
52.220.244.63
52.29.180.62
52.43.255.182
54.149.87.207
54.179.178.61
54.244.35.170
3079a0d1081b37246aa40f4e73ed403bb4239694d37008c270ec76ab1fd00c45
764a4705faf119f5847ff2fc2ebe3d279b584cc19adbd852ed8bd4659344106a
825465476f302569eb921c5221e6bb628bcbd8871ebd69fad5fbd841df5ade78
9ff5856f32050cb937abe0fdf1b875f2089022fca4e47abcb8bea18603ab4f80

api.pingstart.com Open in urlscan Pro 52.43.255.182 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

25 %HTTPS

0 %IPv6

11 Domains

12 Subdomains

6 IPs

5 Countries

14 kBTransfer

13 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

1 Cookies

Indicators

api.pingstart.com Open in urlscan Pro
52.43.255.182 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

25 %
HTTPS

0 %
IPv6

11
Domains

12
Subdomains

6
IPs

5
Countries

14 kB
Transfer

13 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions