Submitted URL: http://constintptr.com/1560200/
Effective URL: http://mediaonly.ru/winmactraffergotoads.php?zoneid=1560200
Submission: On October 16 via manual from US

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 7 HTTP transactions. The main IP is 139.162.189.24, located in Frankfurt, Germany and belongs to LINODE-AP Linode, LLC, US. The main domain is mediaonly.ru.
This is the only time mediaonly.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 188.72.213.122 35415 (WEBZILLA)
1 188.42.160.79 35415 (WEBZILLA)
1 185.49.145.151 35415 (WEBZILLA)
3 139.162.189.24 63949 (LINODE-AP...)
7 5
Apex Domain
Subdomains
Transfer
3 mediaonly.ru
mediaonly.ru
19 KB
2 rtmark.net
my.rtmark.net
mt.rtmark.net
581 B
2 constintptr.com
constintptr.com
7 KB
0 crwdcntrl.net Failed
ad.crwdcntrl.net Failed
7 4
Domain Requested by
3 mediaonly.ru constintptr.com
mediaonly.ru
2 constintptr.com 1 redirects
1 mt.rtmark.net constintptr.com
1 my.rtmark.net constintptr.com
0 ad.crwdcntrl.net Failed constintptr.com
7 5

This site contains links to these domains. Also see Links.

Domain
cpanel.com
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://mediaonly.ru/winmactraffergotoads.php?zoneid=1560200
Frame ID: 1FDDB43311666C13018CC8A27C57D792
Requests: 8 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://constintptr.com/1560200/ Page URL
  2. http://constintptr.com/?r=%2Fmb%2Fhan&pbk3=3717a403f1827be916a35181ba7e82a86612973396451105809&empt... HTTP 302
    http://mediaonly.ru/winmactraffergotoads.php?zoneid=1560200 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

7
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

26 kB
Transfer

34 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://constintptr.com/1560200/ Page URL
  2. http://constintptr.com/?r=%2Fmb%2Fhan&pbk3=3717a403f1827be916a35181ba7e82a86612973396451105809&empty=0&uuid=7459bc28-b5e5-4bc6-8644-4098491f9cca&ad_scheme=1&rotation_type=3&ppucounter=0&first_visit=0&on_test=0&offer_views=0&ab_test=0&adparams=bm9qcz0w&ip=65a89d51a74c843ac913134976da73e8&zoneid=1560200&x=1600&y=1200&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=http%3A%2F%2Fconstintptr.com%2Fafu.php%3Fzoneid%3D1407888%26var%3D1560200&drf=&np=0&pt=0&nb=1&ng=1&dm=undefined&cf=0&nw=1&hil=undefined&id=2f06d4d874d6db15cd90862403ee955c&co=1&rf=0&hs=d01d492f13aec958676a3d4656a2a36c&ix=0&fs=0&sf_type=1&timeout=0 HTTP 302
    http://mediaonly.ru/winmactraffergotoads.php?zoneid=1560200 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set /
constintptr.com/1560200/
13 KB
6 KB
Document
General
Full URL
http://constintptr.com/1560200/
Protocol
HTTP/1.1
Server
188.72.213.122 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
8bb4c3ec79d47e2b534940a7303e94dc33dd38a7b1198e2a9028e7509c877850
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Host
constintptr.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Tue, 16 Oct 2018 15:14:12 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Timing-Allow-Origin
* *
Pragma
no-cache
Cache-Control
private, max-age=0, no-cache
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie
SeenToday=1; expires=Wed, 17-Oct-2018 15:14:12 GMT; Max-Age=86400; path=/ OAGEO9457f=13%7CDE%7CBY%7CGUNZENHAUSEN%7CBROADBAND%7CHETZNER+ONLINE+AG%7CHOSTING%7C10436%7C42476%7C%3F%7C276005; expires=Wed, 17-Oct-2018 15:14:12 GMT; Max-Age=86400; path=/ oaidts=1539702852; expires=Wed, 16-Oct-2019 15:14:12 GMT; Max-Age=31536000; path=/ OAID=9551dd76697a342bf4148d8a298229b6; expires=Wed, 16-Oct-2019 15:14:12 GMT; Max-Age=31536000; path=/ OAID=9551dd76697a342bf4148d8a298229b6; expires=Wed, 16-Oct-2019 15:14:12 GMT; Max-Age=31536000; path=/ exsdsf=1539702852 pbk3=3717a403f1827be916a35181ba7e82a86612973396451105809; expires=Tue, 16-Oct-2018 15:24:12 GMT; Max-Age=600 ltm_afu=1; expires=Wed, 17-Oct-2018 15:14:12 GMT; Max-Age=86400; path=/
X-FRAME-OPTIONS
DENY
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Encoding
gzip
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
img.gif
my.rtmark.net/
43 B
366 B
Other
General
Full URL
http://my.rtmark.net/img.gif?f=merge&userId=9551dd76697a342bf4148d8a298229b6
Requested by
Host: constintptr.com
URL: http://constintptr.com/afu.php?zoneid=1407888&var=1560200
Protocol
HTTP/1.1
Server
188.42.160.79 , Luxembourg, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://constintptr.com/afu.php?zoneid=1407888&var=1560200
Origin
http://constintptr.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 16 Oct 2018 15:14:12 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
image/gif
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
pe=y
ad.crwdcntrl.net/5/c=10546/
0
0

omr.gif
mt.rtmark.net/
43 B
215 B
Other
General
Full URL
http://mt.rtmark.net/omr.gif?s=afu&geo=DE&p=5%2C101&zoneid=1560200&oaid=9551dd76697a342bf4148d8a298229b6
Requested by
Host: constintptr.com
URL: http://constintptr.com/afu.php?zoneid=1407888&var=1560200
Protocol
HTTP/1.1
Server
185.49.145.151 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
v-6-07-17-d6376-151.webazilla.com
Software
nginx /
Resource Hash

Request headers

Referer
http://constintptr.com/afu.php?zoneid=1407888&var=1560200
Origin
http://constintptr.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 16 Oct 2018 15:14:12 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Primary Request winmactraffergotoads.php
mediaonly.ru/
Redirect Chain
  • http://constintptr.com/?r=%2Fmb%2Fhan&pbk3=3717a403f1827be916a35181ba7e82a86612973396451105809&empty=0&uuid=7459bc28-b5e5-4bc6-8644-4098491f9cca&ad_scheme=1&rotation_type=3&ppucounter=0&first_visit...
  • http://mediaonly.ru/winmactraffergotoads.php?zoneid=1560200
10 KB
10 KB
Document
General
Full URL
http://mediaonly.ru/winmactraffergotoads.php?zoneid=1560200
Requested by
Host: constintptr.com
URL: http://constintptr.com/afu.php?zoneid=1407888&var=1560200
Protocol
HTTP/1.1
Server
139.162.189.24 Frankfurt, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1506-24.members.linode.com
Software
Apache /
Resource Hash
68a5a737475bb3428129a12411192bd6ce09367c16e0e9c6d3f830cb90a89c45

Request headers

Host
mediaonly.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://constintptr.com/afu.php?zoneid=1407888&var=1560200
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://constintptr.com/afu.php?zoneid=1407888&var=1560200

Response headers

Date
Tue, 16 Oct 2018 15:14:12 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
text/html

Redirect headers

Server
nginx
Date
Tue, 16 Oct 2018 15:14:12 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Timing-Allow-Origin
* *
Pragma
no-cache
Cache-Control
private, max-age=0, no-cache
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie
65a89d51a74c843ac913134976da73e8=c2g2iwWzmRBrNAVn41Wes6rq8EVUK9rNkvHZzAlUEqM; expires=Tue, 23-Oct-2018 15:14:12 GMT; Max-Age=604800 OAGEO9457f=13%7CDE%7CBY%7CGUNZENHAUSEN%7CBROADBAND%7CHETZNER+ONLINE+AG%7CHOSTING%7C10436%7C42476%7C%3F%7C276005; expires=Wed, 17-Oct-2018 15:14:12 GMT; Max-Age=86400; path=/ ppucnt=1; expires=Wed, 17-Oct-2018 15:14:12 GMT; Max-Age=86400; path=/ ppucntstart=1539702852; expires=Wed, 17-Oct-2018 15:14:12 GMT; Max-Age=86400; path=/ allcnt=1; expires=Wed, 16-Oct-2019 15:14:12 GMT; Max-Age=31536000; path=/ OAID=9551dd76697a342bf4148d8a298229b6; expires=Wed, 16-Oct-2019 15:14:12 GMT; Max-Age=31536000; path=/ _OACCAP[1251542]=1; expires=Wed, 16-Oct-2019 15:14:12 GMT; Max-Age=31536000; path=/ _OACBLOCK[1251542]=1539702852; expires=Thu, 15-Nov-2018 15:14:12 GMT; Max-Age=2592000; path=/ _OXCCLK[1251542]=1; expires=Wed, 16-Oct-2019 15:14:12 GMT; Max-Age=31536000; path=/ _OXPCLK[116508]=1; expires=Wed, 16-Oct-2019 15:14:12 GMT; Max-Age=31536000; path=/
P3P
CP="CUR ADM OUR NOR STA NID"
Location
http://mediaonly.ru/winmactraffergotoads.php?zoneid=1560200
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
server_misconfigured.png
mediaonly.ru/img-sys/
3 KB
3 KB
Image
General
Full URL
http://mediaonly.ru/img-sys/server_misconfigured.png
Requested by
Host: mediaonly.ru
URL: http://mediaonly.ru/winmactraffergotoads.php?zoneid=1560200
Protocol
HTTP/1.1
Server
139.162.189.24 Frankfurt, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1506-24.members.linode.com
Software
Apache /
Resource Hash
944120fb6962c7484d769d645e6d830850eead9394f6a84090aed489cfc0c41f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
mediaonly.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://mediaonly.ru/winmactraffergotoads.php?zoneid=1560200
Connection
keep-alive
Cache-Control
no-cache
Referer
http://mediaonly.ru/winmactraffergotoads.php?zoneid=1560200
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 16 Oct 2018 15:14:12 GMT
Last-Modified
Thu, 12 Nov 2015 19:51:56 GMT
Server
Apache
ETag
"1893d-c5c-5245d46722f00"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3164
powered_by_cpanel.svg
mediaonly.ru/img-sys/
5 KB
6 KB
Image
General
Full URL
http://mediaonly.ru/img-sys/powered_by_cpanel.svg
Requested by
Host: mediaonly.ru
URL: http://mediaonly.ru/winmactraffergotoads.php?zoneid=1560200
Protocol
HTTP/1.1
Server
139.162.189.24 Frankfurt, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1506-24.members.linode.com
Software
Apache /
Resource Hash
179a9aa9fff4c52850d9ce34a4c435404ddfd4fefa8aab9a6eb4f47b83f922d9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
mediaonly.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://mediaonly.ru/winmactraffergotoads.php?zoneid=1560200
Connection
keep-alive
Cache-Control
no-cache
Referer
http://mediaonly.ru/winmactraffergotoads.php?zoneid=1560200
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 16 Oct 2018 15:14:12 GMT
Last-Modified
Sun, 31 Jan 2016 10:20:50 GMT
Server
Apache
ETag
"189ea-15f1-52a9e9f589ab9"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
5617
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf54538a1951e9e4ed0b407ffbed2583fd441fcc087da5c6657a0cde6d0c0208

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.crwdcntrl.net
URL
http://ad.crwdcntrl.net/5/c=10546/pe=y?http%3A%2F%2Fmt.rtmark.net%2Fltm.gif%3Fid%3D9551dd76697a342bf4148d8a298229b6%26sg%3D%24%7Baud_ids%7D

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff
X-Frame-Options DENY