liptonbelitebus.semuacontest.com Open in urlscan Pro
124.217.255.140 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://liptonbelitebus.semuacontest.com/
Submission: On October 10 via api (October 10th 2023, 5:41:35 pm UTC) from US — Scanned from US

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 13 HTTP transactions. The main IP is 124.217.255.140, located in Johor Bahru, Malaysia and belongs to SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY. The main domain is liptonbelitebus.semuacontest.com.
TLS certificate: Issued by R3 on October 10th 2023. Valid for: 3 months.

This is the only time liptonbelitebus.semuacontest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	124.217.255.140 124.217.255.140	45839 (SHINJIRU-...) (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd)
2	108.156.173.123 108.156.173.123	16509 (AMAZON-02) (AMAZON-02)
1 4	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	44.206.35.153 44.206.35.153	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.199.23.6 34.199.23.6	14618 (AMAZON-AES) (AMAZON-AES)
1	3.209.181.195 3.209.181.195	14618 (AMAZON-AES) (AMAZON-AES)
2 2	68.67.161.182 68.67.161.182	29990 (ASN-APPNEX) (ASN-APPNEX)
13	4

7 124.217.255.140 (Johor Bahru, Malaysia)

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: hammerhead.ipchina163.com

liptonbelitebus.semuacontest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.156.173.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-173-123.cmh68.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.131.137 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.206.35.153 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-35-153.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.23.6 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-23-6.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.181.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-181-195.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.161.182 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	semuacontest.com liptonbelitebus.semuacontest.com	2 MB
6	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1808 insight.adsrvr.org — Cisco Umbrella Rank: 665 match.adsrvr.org — Cisco Umbrella Rank: 402	6 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	2 KB
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 2014 beacon.krxd.net — Cisco Umbrella Rank: 903	219 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 242	2 KB
13	5

	Domain	Requested by
7	liptonbelitebus.semuacontest.com	liptonbelitebus.semuacontest.com
3	match.adsrvr.org	js.adsrvr.org
2	ib.adnxs.com	2 redirects
2	dpm.demdex.net	2 redirects
2	js.adsrvr.org	liptonbelitebus.semuacontest.com match.adsrvr.org
1	beacon.krxd.net	js.adsrvr.org
1	usermatch.krxd.net	1 redirects
1	insight.adsrvr.org	1 redirects
13	8

This site contains no links.

Subject Issuer	Validity	Valid
liptonbelitebus.semuacontest.com R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://liptonbelitebus.semuacontest.com/
Frame ID: 8BCF33CF1360C4F618CD7248018C23DF
Requests: 8 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=94d0svl&ref=https%3A%2F%2Fliptonbelitebus.semuacontest.com%2F&upid=96o0m9s&upv=1.1.0
Frame ID: EB3D7628B365005BD27074BA065B00CC
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Frame ID: E01F64561D5DAE0713ED09E553681F99
Requests: 1 HTTP requests in this frame

Frame: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=39171875-bce6-4bbe-9923-8fdbf0ddbcdc
Frame ID: ABB1DA24C24BE797868D0198C37EB95B
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=8022817280840063285&ttd_tdid=39171875-bce6-4bbe-9923-8fdbf0ddbcdc
Frame ID: ABCA13652072A1F8448FA60BF263746C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kempen Lipton Beli & Tebus

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

8
Subdomains

4
IPs

2
Countries

2147 kB
Transfer

2159 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://insight.adsrvr.org/track/up?adv=94d0svl&ref=https%3A%2F%2Fliptonbelitebus.semuacontest.com%2F&upid=96o0m9s&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=94d0svl&ref=https%3A%2F%2Fliptonbelitebus.semuacontest.com%2F&upid=96o0m9s&upv=1.1.0

Request Chain 9

https://dpm.demdex.net/ibs:dpid=903&dpuuid=39171875-bce6-4bbe-9923-8fdbf0ddbcdc&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=39171875-bce6-4bbe-9923-8fdbf0ddbcdc&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam

Request Chain 10

https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=39171875-bce6-4bbe-9923-8fdbf0ddbcdc HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=39171875-bce6-4bbe-9923-8fdbf0ddbcdc

Request Chain 11

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=39171875-bce6-4bbe-9923-8fdbf0ddbcdc HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D39171875-bce6-4bbe-9923-8fdbf0ddbcdc HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=8022817280840063285&ttd_tdid=39171875-bce6-4bbe-9923-8fdbf0ddbcdc

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response liptonbelitebus.semuacontest.com/	19 KB 8 KB	3140ms 1908ms	Document text/html	124.217.255.140 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://liptonbelitebus.semuacontest.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 124.217.255.140 Johor Bahru, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS hammerhead.ipchina163.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `7c0836f2f0dec544966265b5a2d75554a873040a9039b584e4a412989b9b238b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes content-encoding br content-length 7592 content-type text/html date Tue, 10 Oct 2023 17:41:24 GMT etag W/"803ceff4d7fbd91:0" last-modified Wed, 11 Oct 2023 00:14:53 GMT server Microsoft-IIS/10.0 vary Accept-Encoding x-powered-by ASP.NET x-powered-by-plesk PleskWin
GET H2	200	html5reset.css liptonbelitebus.semuacontest.com/css/	2 KB 1001 B	729ms 728ms	Stylesheet text/css	124.217.255.140 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://liptonbelitebus.semuacontest.com/css/html5reset.css Requested by Host: liptonbelitebus.semuacontest.com URL: https://liptonbelitebus.semuacontest.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 124.217.255.140 Johor Bahru, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS hammerhead.ipchina163.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `885f087adbd33847528d55c39096cce2d8e33226724b2bb12bb881df2a5f09c4` Request headers accept-language en-US,en;q=0.9 Referer https://liptonbelitebus.semuacontest.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Tue, 10 Oct 2023 17:41:25 GMT content-encoding br last-modified Thu, 03 Nov 2011 20:07:56 GMT server Microsoft-IIS/10.0 etag "036ac46649acc1:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 887
GET H2	200	col.css liptonbelitebus.semuacontest.com/css/	829 B 596 B	730ms 729ms	Stylesheet text/css	124.217.255.140 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://liptonbelitebus.semuacontest.com/css/col.css Requested by Host: liptonbelitebus.semuacontest.com URL: https://liptonbelitebus.semuacontest.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 124.217.255.140 Johor Bahru, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS hammerhead.ipchina163.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `6f451f62be481907f05b3853dec6c73e909cd2ea181f17bcdd6f36e954c2f9c5` Request headers accept-language en-US,en;q=0.9 Referer https://liptonbelitebus.semuacontest.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Tue, 10 Oct 2023 17:41:25 GMT content-encoding br last-modified Wed, 19 Dec 2012 00:16:42 GMT server Microsoft-IIS/10.0 etag "051a1f7eddcd1:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 492
GET H2	200	2cols.css liptonbelitebus.semuacontest.com/css/	348 B 359 B	731ms 729ms	Stylesheet text/css	124.217.255.140 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://liptonbelitebus.semuacontest.com/css/2cols.css Requested by Host: liptonbelitebus.semuacontest.com URL: https://liptonbelitebus.semuacontest.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 124.217.255.140 Johor Bahru, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS hammerhead.ipchina163.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `b4f740ad252fbce5013182f1c54b16b044a7f7bdda35cacb1c658a3e9e24af7d` Request headers accept-language en-US,en;q=0.9 Referer https://liptonbelitebus.semuacontest.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Tue, 10 Oct 2023 17:41:25 GMT content-encoding br last-modified Thu, 13 Oct 2016 23:49:10 GMT server Microsoft-IIS/10.0 etag "05fa064ac25d21:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 254
GET H2	200	3cols.css liptonbelitebus.semuacontest.com/css/	431 B 387 B	249ms 248ms	Stylesheet text/css	124.217.255.140 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://liptonbelitebus.semuacontest.com/css/3cols.css Requested by Host: liptonbelitebus.semuacontest.com URL: https://liptonbelitebus.semuacontest.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 124.217.255.140 Johor Bahru, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS hammerhead.ipchina163.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `5b2b4244b4498e77144c654658f290940e5898c129a6495c5a6d336f7e4c9d80` Request headers accept-language en-US,en;q=0.9 Referer https://liptonbelitebus.semuacontest.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Tue, 10 Oct 2023 17:41:25 GMT content-encoding br last-modified Thu, 05 Sep 2013 16:05:46 GMT server Microsoft-IIS/10.0 etag "029b6c751aace1:0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 275
GET H/1.1	200 OK	up_loader.1.1.0.js Show response js.adsrvr.org/	5 KB 3 KB	88ms 18ms	Script application/x-javascript	108.156.173.123 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adsrvr.org/up_loader.1.1.0.js Requested by Host: liptonbelitebus.semuacontest.com URL: https://liptonbelitebus.semuacontest.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.156.173.123 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-156-173-123.cmh68.r.cloudfront.net Software AmazonS3 / Resource Hash `899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1` Request headers accept-language en-US,en;q=0.9 Referer https://liptonbelitebus.semuacontest.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Tue, 10 Oct 2023 07:04:18 GMT Content-Encoding gzip Via 1.1 a325baefc1f21c1691e3e84bbf7b8906.cloudfront.net (CloudFront) Last-Modified Tue, 01 Aug 2023 20:10:44 GMT Server AmazonS3 X-Amz-Cf-Pop CMH68-P1 Age 38226 ETag W/"b7474eac210849250426a8f6a39d00f3" x-amz-server-side-encryption AES256 Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript X-Cache Hit from cloudfront Connection keep-alive X-Amz-Cf-Id kKJLgtVRbMbPHo1NJi8Dh9XvoBYqK8n5MTo8Om2RBuzqb0Wal5Xo6A==
GET H2	200	WHBanner2.jpg liptonbelitebus.semuacontest.com/	812 KB 812 KB	969ms 967ms	Image image/jpeg	124.217.255.140 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Show image Full URL https://liptonbelitebus.semuacontest.com/WHBanner2.jpg Requested by Host: liptonbelitebus.semuacontest.com URL: https://liptonbelitebus.semuacontest.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 124.217.255.140 Johor Bahru, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS hammerhead.ipchina163.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `77327642dfb8792fd3b4e128069b5678ac7c2af6e8ca815de6d7dcd8b1593438` Request headers accept-language en-US,en;q=0.9 Referer https://liptonbelitebus.semuacontest.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Tue, 10 Oct 2023 17:41:25 GMT last-modified Wed, 11 Oct 2023 00:10:11 GMT server Microsoft-IIS/10.0 etag W/"8073d94cd7fbd91:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 831137
GET H2	200	WHBanner1.jpg liptonbelitebus.semuacontest.com/	1 MB 1 MB	250ms 249ms	Image image/jpeg	124.217.255.140 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Show image Full URL https://liptonbelitebus.semuacontest.com/WHBanner1.jpg Requested by Host: liptonbelitebus.semuacontest.com URL: https://liptonbelitebus.semuacontest.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 124.217.255.140 Johor Bahru, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS hammerhead.ipchina163.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `63763d2303dfdcb7dd25499be2cc6b135232f7789ef62a878740a14083712794` Request headers accept-language en-US,en;q=0.9 Referer https://liptonbelitebus.semuacontest.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-powered-by-plesk PleskWin date Tue, 10 Oct 2023 17:41:25 GMT last-modified Wed, 11 Oct 2023 00:10:11 GMT server Microsoft-IIS/10.0 etag W/"8073d94cd7fbd91:0" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 1350272
GET H2	200	/ Show response match.adsrvr.org/track/upb/ Frame EB3D Redirect Chain https://insight.adsrvr.org/track/up?adv=94d0svl&ref=https%3A%2F%2Fliptonbelitebus.semuacontest.com%2F&upid=96o0m9s&upv=1.1.0 https://match.adsrvr.org/track/upb/?adv=94d0svl&ref=https%3A%2F%2Fliptonbelitebus.semuacontest.com%2F&upid=96o0m9s&upv=1.1.0	849 B 884 B	15ms 11ms	Document text/html	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/upb/?adv=94d0svl&ref=https%3A%2F%2Fliptonbelitebus.semuacontest.com%2F&upid=96o0m9s&upv=1.1.0 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/up_loader.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software Kestrel / Resource Hash `b4920965e96533f82a422b2919c510c982ba9e18d3d61060393ce04db7bcae23` Request headers Referer https://liptonbelitebus.semuacontest.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding gzip content-type text/html date Tue, 10 Oct 2023 17:41:26 GMT server Kestrel vary Accept-Encoding Redirect headers content-length 299 date Tue, 10 Oct 2023 17:41:26 GMT location https://match.adsrvr.org/track/upb/?adv=94d0svl&ref=https%3A%2F%2Fliptonbelitebus.semuacontest.com%2F&upid=96o0m9s&upv=1.1.0 server Kestrel
GET H/1.1	200 OK	universal_pixel.1.1.0.js Show response js.adsrvr.org/ Frame EB3D	488 B 1 KB	20ms 19ms	Script application/x-javascript	108.156.173.123 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adsrvr.org/universal_pixel.1.1.0.js Requested by Host: match.adsrvr.org URL: https://match.adsrvr.org/track/upb/?adv=94d0svl&ref=https%3A%2F%2Fliptonbelitebus.semuacontest.com%2F&upid=96o0m9s&upv=1.1.0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.156.173.123 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-156-173-123.cmh68.r.cloudfront.net Software AmazonS3 / Resource Hash `484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2` Request headers accept-language en-US,en;q=0.9 Referer https://match.adsrvr.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Tue, 10 Oct 2023 12:55:08 GMT Via 1.1 a325baefc1f21c1691e3e84bbf7b8906.cloudfront.net (CloudFront) Last-Modified Tue, 01 Aug 2023 20:10:40 GMT Server AmazonS3 X-Amz-Cf-Pop CMH68-P1 Age 27995 x-amz-server-side-encryption AES256 ETag "2775054c068b37509e0798448f7fd32c" Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/x-javascript Connection keep-alive Accept-Ranges bytes Content-Length 488 X-Amz-Cf-Id EkxyH6dqLcvhUocRqxIoaxtxz8Nn2ZMF8WU-SDL0zRx6Q4vQ_VepSg==
GET H2	200	generic Show response match.adsrvr.org/track/cmf/ Frame E01F Redirect Chain https://dpm.demdex.net/ibs:dpid=903&dpuuid=39171875-bce6-4bbe-9923-8fdbf0ddbcdc&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=39171875-bce6-4bbe-9923-8fdbf0ddbcdc&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam	70 B 455 B	12ms 11ms	Document image/gif	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/universal_pixel.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software Kestrel / Resource Hash `8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0` Request headers Referer https://match.adsrvr.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-length 70 content-type image/gif date Tue, 10 Oct 2023 17:41:26 GMT server Kestrel Redirect headers Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 DCS dcs-prod-va6-1-v051-0bd875ce1.edge-va6.demdex.com 4 ms Expires Thu, 01 Jan 1970 00:00:00 UTC Location https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID xD3I/gC6SBk=
GET H2	204	usermatch.gif beacon.krxd.net/ Frame ABB1 Redirect Chain https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=39171875-bce6-4bbe-9923-8fdbf0ddbcdc https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=39171875-bce6-4bbe-9923-8fdbf0ddbcdc	0 0	63ms 17ms	Document text/plain	3.209.181.195 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=39171875-bce6-4bbe-9923-8fdbf0ddbcdc Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/universal_pixel.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.209.181.195 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-209-181-195.compute-1.amazonaws.com Software / Resource Hash Request headers Referer https://match.adsrvr.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control private, no-cache, no-store date Tue, 10 Oct 2023 17:41:26 GMT p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" x-request-time D=26 t=1696959686 x-served-by beacon-n038-ash-prod.krxd.net Redirect headers content-length 0 date Tue, 10 Oct 2023 17:41:26 GMT location https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=39171875-bce6-4bbe-9923-8fdbf0ddbcdc x-age 0 x-cache MISS x-cache-hits 0 x-served-by usermatch-a011-ash-prod.krxd.net
GET H2	200	appnexus Show response match.adsrvr.org/track/cmf/ Frame ABCA Redirect Chain https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=39171875-bce6-4bbe-9923-8fdbf0ddbcdc https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D39171875-bce6-4bbe-9923-8fdbf0ddbcdc https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=8022817280840063285&ttd_tdid=39171875-bce6-4bbe-9923-8fdbf0ddbcdc	70 B 455 B	11ms 10ms	Document image/gif	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=8022817280840063285&ttd_tdid=39171875-bce6-4bbe-9923-8fdbf0ddbcdc Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/universal_pixel.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software Kestrel / Resource Hash `8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0` Request headers Referer https://match.adsrvr.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-length 70 content-type image/gif date Tue, 10 Oct 2023 17:41:26 GMT server Kestrel Redirect headers accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness access-control-allow-credentials true access-control-allow-origin * an-x-request-uuid 87d29200-76ef-4e0a-b33f-818db8aa484e cache-control no-store, no-cache, private content-length 0 content-type text/html; charset=utf-8 date Tue, 10 Oct 2023 17:41:26 GMT expires Sat, 15 Nov 2008 16:00:00 GMT location https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=8022817280840063285&ttd_tdid=39171875-bce6-4bbe-9923-8fdbf0ddbcdc p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" pragma no-cache server nginx/1.21.3 x-proxy-origin 5.181.234.133; 5.181.234.133; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com x-xss-protection 0

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adsrvr.org/	1970-01-21 00:09:42	Name: TDID Value: 39171875-bce6-4bbe-9923-8fdbf0ddbcdc
.adnxs.com/	1970-01-20 17:32:15	Name: uuid2 Value: 8022817280840063285
.demdex.net/	1970-01-20 19:41:51	Name: demdex Value: 03311771981878581332485633217043526088
.dpm.demdex.net/	1970-01-20 19:41:51	Name: dpm Value: 03311771981878581332485633217043526088
.adsrvr.org/	1970-01-21 00:09:42	Name: TDCPM Value: CAESEgoDYWFtEgsIrqXqjsXwpDwQBRITCgRrcnV4EgsIwMrqjsXwpDwQBRIXCghhcHBuZXh1cxILCPKPjJDF8KQ8EAUYBSACKAMyCwiyg-272_CkPBAFOAFCBCICCAFaBzk0ZDBzdmxgAQ..
.krxd.net/	1970-01-20 19:41:51	Name: _kuid_ Value: P2Nbc-rK

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.krxd.net
dpm.demdex.net
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
liptonbelitebus.semuacontest.com
match.adsrvr.org
usermatch.krxd.net
108.156.173.123
124.217.255.140
3.209.181.195
34.199.23.6
35.71.131.137
44.206.35.153
68.67.161.182
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2
5b2b4244b4498e77144c654658f290940e5898c129a6495c5a6d336f7e4c9d80
63763d2303dfdcb7dd25499be2cc6b135232f7789ef62a878740a14083712794
6f451f62be481907f05b3853dec6c73e909cd2ea181f17bcdd6f36e954c2f9c5
77327642dfb8792fd3b4e128069b5678ac7c2af6e8ca815de6d7dcd8b1593438
7c0836f2f0dec544966265b5a2d75554a873040a9039b584e4a412989b9b238b
885f087adbd33847528d55c39096cce2d8e33226724b2bb12bb881df2a5f09c4
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
b4920965e96533f82a422b2919c510c982ba9e18d3d61060393ce04db7bcae23
b4f740ad252fbce5013182f1c54b16b044a7f7bdda35cacb1c658a3e9e24af7d

liptonbelitebus.semuacontest.com Open in urlscan Pro 124.217.255.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

5 Domains

8 Subdomains

4 IPs

2 Countries

2147 kBTransfer

2159 kBSize

6 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

6 Cookies

Indicators

liptonbelitebus.semuacontest.com Open in urlscan Pro
124.217.255.140 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

8
Subdomains

4
IPs

2
Countries

2147 kB
Transfer

2159 kB
Size

6
Cookies

13 HTTP transactions
0 data transactions