www.newslineonline.com Open in urlscan Pro
2606:4700:3030::ac43:8e56 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.newslineonline.com/lp/cr-de-pl-16?sit=News.de%20NL%20(Salesbutler)&cmp=3da42e39-5a88-40d1-a979-34f625892425&cmn=AUt...
Submission: On February 19 via manual (February 19th 2021, 4:20:55 pm UTC) from US

Summary HTTP 51 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 16 domains to perform 51 HTTP transactions. The main IP is 2606:4700:3030::ac43:8e56, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.newslineonline.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 15th 2020. Valid for: a year.

This is the only time www.newslineonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	2606:4700:303... 2606:4700:3030::ac43:8e56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::ac43:8ce1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:218... 2600:9000:2182:8200:8:85a:880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:2800:234... 2606:2800:234:4cc4:5670:35d5:1e00:b394	15133 (EDGECAST) (EDGECAST)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
2	95.211.229.245 95.211.229.245	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	95.211.229.247 95.211.229.247	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
4	2a05:d014:943... 2a05:d014:943:a601:f946:192e:9f3d:5036	16509 (AMAZON-02) (AMAZON-02)
3	2a05:d014:943... 2a05:d014:943:a603:621b:9023:482:b4dc	16509 (AMAZON-02) (AMAZON-02)
1 2	80.239.201.18 80.239.201.18	1299 (TELIANET ...) (TELIANET Telia Carrier)
2 2	18.158.173.146 18.158.173.146	16509 (AMAZON-02) (AMAZON-02)
1 2	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2.17.187.27 2.17.187.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1	154.47.36.27 154.47.36.27	174 (COGENT-174) (COGENT-174)
51	16

25 2606:4700:3030::ac43:8e56 (United States)

ASN13335 (CLOUDFLARENET, US)

www.newslineonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:8ce1 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.codedelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2182:8200:8:85a:880:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.d.adup-tech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:4cc4:5670:35d5:1e00:b394 (United States)

ASN15133 (EDGECAST, US)

a.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

main.exdynsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
main.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

main.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a05:d014:943:a601:f946:192e:9f3d:5036 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

d.adup-tech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d014:943:a603:621b:9023:482:b4dc (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

t.d.adup-tech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.239.201.18 (Sweden) 1 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 80-239-201-18.teliacarrier-cust.com

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.173.146 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-173-146.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.241 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.187.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-187-27.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.47.36.27 (United States)

ASN174 (COGENT-174, US)

ymetrica1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	newslineonline.com www.newslineonline.com	1 MB
9	adup-tech.com s.d.adup-tech.com d.adup-tech.com t.d.adup-tech.com	37 KB
7	yandex.ru 2 redirects mc.yandex.ru	3 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net	1 KB
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	adscale.de 2 redirects ih.adscale.de	695 B
2	webvisor.org 1 redirects mc.webvisor.org	716 B
2	exoclick.com a.exoclick.com main.exoclick.com	1 KB
1	ymetrica1.com ymetrica1.com	376 B
1	yieldlab.net ad.yieldlab.net	360 B
1	taboola.com sync.taboola.com	219 B
1	realsrv.com main.realsrv.com	418 B
1	exdynsrv.com main.exdynsrv.com	419 B
1	jsdelivr.net cdn.jsdelivr.net	77 KB
1	codedelivr.net cdnjs.codedelivr.net	30 KB
1	onesignal.com cdn.onesignal.com	3 KB
51	16

	Domain	Requested by
25	www.newslineonline.com	www.newslineonline.com
7	mc.yandex.ru	2 redirects www.newslineonline.com cdn.jsdelivr.net
4	d.adup-tech.com	s.d.adup-tech.com
3	t.d.adup-tech.com
2	cm.g.doubleclick.net	2 redirects
2	ib.adnxs.com	1 redirects
2	ih.adscale.de	2 redirects
2	mc.webvisor.org	1 redirects
2	s.d.adup-tech.com	www.newslineonline.com
1	ymetrica1.com	cdn.jsdelivr.net
1	ad.yieldlab.net
1	sync.taboola.com
1	main.realsrv.com	www.newslineonline.com
1	main.exoclick.com	www.newslineonline.com
1	main.exdynsrv.com	www.newslineonline.com
1	cdn.jsdelivr.net	www.newslineonline.com
1	a.exoclick.com	www.newslineonline.com
1	cdnjs.codedelivr.net	www.newslineonline.com
1	cdn.onesignal.com	www.newslineonline.com
51	19

This site contains links to these domains. Also see Links.

Domain
go2.newslineonline.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-11-15` - `2021-11-14`	a year	crt.sh
*.adup-tech.com Amazon	`2020-10-15` - `2021-11-14`	a year	crt.sh
*.ackcdn.net GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-08-07` - `2021-08-01`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
exdynsrv.com R3	`2021-01-11` - `2021-04-11`	3 months	crt.sh
exoclick.com R3	`2021-02-03` - `2021-05-04`	3 months	crt.sh
realsrv.com R3	`2021-01-11` - `2021-04-11`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
mc.webvisor.com Yandex CA	`2020-09-29` - `2021-03-23`	6 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2020-02-04` - `2021-05-05`	a year	crt.sh
ymetrica.com Yandex CA	`2020-09-29` - `2021-03-23`	6 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.newslineonline.com/lp/cr-de-pl-16?sit=News.de%20NL%20(Salesbutler)&cmp=3da42e39-5a88-40d1-a979-34f625892425&cmn=AUtt_disp_DACH_ALL_CRPTO&cid=82auj1ojqEW3qBwUoRjdT1&src=1&adn=0014_goldenRosesSportsCar&hglt=Bitcoin+Code&pym=250&bemobdata=c%3D3da42e39-5a88-40d1-a979-34f625892425..f%3D669c091c-260f-4217-ac4d-bbe128a69adf..a%3D0..b%3D0..z%3D0.41..c1%3DAUtt_ntv1_mail_DACH_d_CRPTO..c2%3D2020_11_47_image..c3%3D0014_goldenRosesSportsCar..c4%3D%257Bkeyword%257D..c5%3DNews.de%2520NL%2520(Salesbutler)..c6%3DNozF45pQ4zBiNgKsGOMQ..c7%3D1..c8%3DArbeitgeber%2520sind%2520entsetzt!..c9%3DFehler%2520in%2520%257Bgeo_country%253ADeutschland%257D%2520macht%2520Tausende%2520Menschen%2520reich..c10%3DArtikel%2520lesen%2520%253E%253E
Frame ID: 6598F6FC1F811BD011994AE5601A69D5
Requests: 45 HTTP requests in this frame

Frame: https://d.adup-tech.com/services/retargeting.html
Frame ID: 454A52891815F82A2EA3AB9298F05D5B
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

51
Requests

100 %
HTTPS

53 %
IPv6

16
Domains

19
Subdomains

16
IPs

5
Countries

1393 kB
Transfer

1898 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://go2.newslineonline.com/click
Title: Zum Inhalt springen

Search URL Search Domain Scan URL

URL: https://go2.newslineonline.com/go/a3348b9d-4686-41b0-9642-1b9d36ceaad2?xcid=82auj1ojqEW3qBwUoRjdT1&cmp=3da42e39-5a88-40d1-a979-34f625892425&cmn=AUtt_disp_DACH_ALL_CRPTO&ad=0014_goldenRosesSportsCar&lp=cr-de-pl-16&site=News.de%20NL%20(Salesbutler)&dom=www.newslineonline.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fwww.newslineonline.com%2Flp%2Fcr-de-pl-16%3Fsit%3DNews.de%2520NL%2520(Salesbutler)%26cmp%3D3da42e39-5a88-40d1-a979-34f625892425%26cmn%3DAUtt_disp_DACH_ALL_CRPTO%26cid%3D82auj1ojqEW3qBwUoRjdT1%26src%3D1%26adn%3D0014_goldenRosesSportsCar%26hglt%3DBitcoin%2BCode%26pym%3D250%26bemobdata%3Dc%253D3da42e39-5a88-40d1-a979-34f625892425..f%253D669c091c-260f-4217-ac4d-bbe128a69adf..a%253D0..b%253D0..z%253D0.41..c1%253DAUtt_ntv1_mail_DACH_d_CRPTO..c2%253D2020_11_47_image..c3%253D0014_goldenRosesSportsCar..c4%253D%25257Bkeyword%25257D..c5%253DNews.de%252520NL%252520(Salesbutler)..c6%253DNozF45pQ4zBiNgKsGOMQ..c7%253D1..c8%253DArbeitgeber%252520sind%252520entsetzt!..c9%253DFehler%252520in%252520%25257Bgeo_country%25253ADeutschland%25257D%252520macht%252520Tausende%252520Menschen%252520reich..c10%253DArtikel%252520lesen%252520%25253E%25253E&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxskmb7n72i09b%3Afp%3A345%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A2%3Adp%3A0%3Als%3A1276971381150%3Ahid%3A893537725%3Az%3A60%3Ai%3A20210219172038%3Aet%3A1613751638%3Ac%3A1%3Arn%3A46159060%3Au%3A1613751638365219736%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613751637836%3Awv%3A2%3Ads%3A9%2C14%2C70%2C7%2C0%2C0%2C%2C279%2C1%2C%2C%2C%2C375%3Adsn%3A9%2C14%2C70%2C7%2C0%2C0%2C%2C274%2C1%2C%2C%2C%2C375%3Ati%3A2%3Ast%3A1613751638 HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fwww.newslineonline.com%2Flp%2Fcr-de-pl-16%3Fsit%3DNews.de%2520NL%2520%28Salesbutler%29%26cmp%3D3da42e39-5a88-40d1-a979-34f625892425%26cmn%3DAUtt_disp_DACH_ALL_CRPTO%26cid%3D82auj1ojqEW3qBwUoRjdT1%26src%3D1%26adn%3D0014_goldenRosesSportsCar%26hglt%3DBitcoin%2BCode%26pym%3D250%26bemobdata%3Dc%253D3da42e39-5a88-40d1-a979-34f625892425..f%253D669c091c-260f-4217-ac4d-bbe128a69adf..a%253D0..b%253D0..z%253D0.41..c1%253DAUtt_ntv1_mail_DACH_d_CRPTO..c2%253D2020_11_47_image..c3%253D0014_goldenRosesSportsCar..c4%253D%25257Bkeyword%25257D..c5%253DNews.de%252520NL%252520%28Salesbutler%29..c6%253DNozF45pQ4zBiNgKsGOMQ..c7%253D1..c8%253DArbeitgeber%252520sind%252520entsetzt%21..c9%253DFehler%252520in%252520%25257Bgeo_country%25253ADeutschland%25257D%252520macht%252520Tausende%252520Menschen%252520reich..c10%253DArtikel%252520lesen%252520%25253E%25253E&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxskmb7n72i09b%3Afp%3A345%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A421%3Acn%3A2%3Adp%3A0%3Als%3A1276971381150%3Ahid%3A893537725%3Az%3A60%3Ai%3A20210219172038%3Aet%3A1613751638%3Ac%3A1%3Arn%3A46159060%3Au%3A1613751638365219736%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613751637836%3Awv%3A2%3Ads%3A9%2C14%2C70%2C7%2C0%2C0%2C%2C279%2C1%2C%2C%2C%2C375%3Adsn%3A9%2C14%2C70%2C7%2C0%2C0%2C%2C274%2C1%2C%2C%2C%2C375%3Ati%3A2%3Ast%3A1613751638

Request Chain 37

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9189.4Ka8Z4BaD6waH3UuxZ2XQ9hYEmdYL3hDz6hBUmvlUVsmbr2ff7AjBiflPymHlxIl.bOufG9OBqug5AJnHpSuYxUtHEnM%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=9189.pDTJVUueIYI-x4MyBxGPYjCKRvFZfd-cE2lkHhlsgANcEYdEE-4f4rAuZRc6EPmGmOGIWKFSuxdTI1637EDfInm9ph96Y27tPZj5W05TAVk%2C.2I5w_Tv9UMNNEaSsAMVa_3tipQ0%2C

Request Chain 40

https://ih.adscale.de/adscale-ih/tpui?tpid=71&tpuid=_kJXSZxpqVBu9gL-VWgo&cburl=https%3A%2F%2Fd.adup-tech.com%2Frtb%2Fadscale%2Fcm%3Fssp_uid%3D__ADSCALE_USER_ID__%26ext_id%3D_kJXSZxpqVBu9gL-VWgo HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=71&tpuid=_kJXSZxpqVBu9gL-VWgo&cburl=https%3A%2F%2Fd.adup-tech.com%2Frtb%2Fadscale%2Fcm%3Fssp_uid%3D__ADSCALE_USER_ID__%26ext_id%3D_kJXSZxpqVBu9gL-VWgo&nut&uu=628aeef713ea47deb52230312ff9ca55 HTTP 307
https://d.adup-tech.com/rtb/adscale/cm?ssp_uid=e5b44ee5a9ab4bae903143ae6c9a1c59742e9bf89d52bf49c919f845cea50293&ext_id=_kJXSZxpqVBu9gL-VWgo

Request Chain 41

https://ib.adnxs.com/setuid?code=_kJXSZxpqVBu9gL-VWgo&entity=473 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fcode%3D_kJXSZxpqVBu9gL-VWgo%26entity%3D473

Request Chain 42

https://cm.g.doubleclick.net/pixel?google_ula=7599423&google_nid=UnisterAdserver&google_hm=X2tKWFNaeHBxVkJ1OWdMLVZXZ28%3D&google_cm=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_ula=7599423&google_nid=UnisterAdserver&google_hm=X2tKWFNaeHBxVkJ1OWdMLVZXZ28%3D&google_cm=1&google_tc= HTTP 302
https://d.adup-tech.com/rtb/google/cm?google_gid=CAESED0ew-lIIYBesPmYwSJRo_8&google_cver=1&google_ula=7599423,0

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request cr-de-pl-16 Show response
www.newslineonline.com/lp/ 148 KB
30 KB 94ms
70ms Document
text/html 2606:4700:3030::ac43:8e56
CLOUDFLARENET

General

Domain/Path	Expires	Name / Value
.newslineonline.com/	1970-01-19 16:17:03	Name: _ym_isad Value: 2
.newslineonline.com/	1970-01-20 01:01:27	Name: _ym_d Value: 1613751638
www.newslineonline.com/	1970-01-19 16:59:03	Name: vc Value: 1
.newslineonline.com/	1970-01-20 01:01:27	Name: _ym_uid Value: 1613751638365219736
.newslineonline.com/	1970-01-19 16:59:03	Name: __cfduid Value: def09c5bd00925d2fa37ac59bef62484a1613751637

www.newslineonline.com Open in urlscan Pro 2606:4700:3030::ac43:8e56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

53 %IPv6

16 Domains

19 Subdomains

16 IPs

5 Countries

1393 kBTransfer

1898 kBSize

5 Cookies

2 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.newslineonline.com Open in urlscan Pro
2606:4700:3030::ac43:8e56 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

53 %
IPv6

16
Domains

19
Subdomains

16
IPs

5
Countries

1393 kB
Transfer

1898 kB
Size

5
Cookies

51 HTTP transactions
0 data transactions