us72er.com - urlscan.io

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 7 HTTP transactions. The main IP is 190.2.139.23, located in Naaldwijk, Netherlands and belongs to WORLDSTREAM, NL. The main domain is us72er.com.

This is the only time us72er.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	190.2.139.23 190.2.139.23	49981 (WORLDSTREAM) (WORLDSTREAM)
2	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE)
2 3	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
7	4

3 190.2.139.23 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: server73-vm12.openfrost.com

us72er.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.204 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	yadro.ru 2 redirects counter.yadro.ru	1 KB
3	us72er.com us72er.com	198 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	gstatic.com fonts.gstatic.com	11 KB
7	4

	Domain	Requested by
3	counter.yadro.ru	2 redirects us72er.com
3	us72er.com	us72er.com
2	fonts.googleapis.com	us72er.com
1	fonts.gstatic.com	fonts.googleapis.com
7	4

This site contains links to these domains. Also see Links.

Domain
semalt.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
counter.yadro.ru Let's Encrypt Authority X3	`2020-10-29` - `2021-01-27`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://us72er.com/
Frame ID: 9D1C2C94296CFAE81C97BA38B617741E
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Liveinternet (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<script[^<>]*>[^]{0,128}?src\s*=\s*['"]\/\/counter\.yadro\.ru\/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r/i
html //i
html //i

Page Statistics

7
Requests

57 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

211 kB
Transfer

219 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://semalt.com/qa/2.htm

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://counter.yadro.ru/hit;reputation2?r;s1600*1200*24;uhttp%3A//us72er.com/;hWeb%20Scraper%20Features%20-%20Semalt%20Expert;0.42519015645462677 HTTP 302
https://counter.yadro.ru/hit;reputation2?r;s1600*1200*24;uhttp%3A//us72er.com/;hWeb%20Scraper%20Features%20-%20Semalt%20Expert;0.42519015645462677 HTTP 302
https://counter.yadro.ru/hit;reputation2?q;r;s1600*1200*24;uhttp%3A//us72er.com/;hWeb%20Scraper%20Features%20-%20Semalt%20Expert;0.42519015645462677

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
us72er.com/ 10 KB
3 KB 101ms
52ms Document
text/html 190.2.139.23
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: http://us72er.com/
Protocol: HTTP/1.1
Server: 190.2.139.23 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: server73-vm12.openfrost.com
Software: nginx/1.18.0 / PHP/7.2.34
Resource Hash: 54635c7a0c34398162dc16a2bb00e70993db6c71095a4b2d08dafe6799474a73

Request headers

Host: us72er.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx/1.18.0
Date: Fri, 13 Nov 2020 05:37:09 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
X-Powered-By: PHP/7.2.34
Content-Encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 767 B
452 B 22ms
20ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: us72er.com
URL: http://us72er.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fcbf6af74906eaaff4fcdcba6634e89342bd322c9cb79767bd0df3aeef124333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://us72er.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Nov 2020 05:25:19 GMT
server: ESF
date: Fri, 13 Nov 2020 05:37:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Nov 2020 05:37:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
658 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700

Requested by

Host: us72er.com
URL: http://us72er.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

600d5f48dfba1019a6e4474b9f0c18dc3aaf7d6874ad319f12e635da583ab5b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://us72er.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Nov 2020 05:37:09 GMT
server: ESF
date: Fri, 13 Nov 2020 05:37:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Nov 2020 05:37:09 GMT

GET
H/1.1 200
OK 2166-1.jpg
us72er.com/webcontents/img/old/ 95 KB
95 KB 55ms
54ms Image
image/jpeg 190.2.139.23
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://us72er.com/webcontents/img/old/2166-1.jpg
Requested by: Host: us72er.com
URL: http://us72er.com/
Protocol: HTTP/1.1
Server: 190.2.139.23 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: server73-vm12.openfrost.com
Software: nginx/1.18.0 / PHP/7.2.34
Resource Hash: 2bb5a51d6bcfc36674b4c4395faa8c64e313f1f5c6d4be609ea86f90871ea6e3

Request headers

Referer: http://us72er.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 05:37:09 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
X-Powered-By: PHP/7.2.34
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 2166-2.jpg
us72er.com/webcontents/img/old/ 100 KB
101 KB 85ms
66ms Image
image/jpeg 190.2.139.23
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://us72er.com/webcontents/img/old/2166-2.jpg
Requested by: Host: us72er.com
URL: http://us72er.com/
Protocol: HTTP/1.1
Server: 190.2.139.23 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: server73-vm12.openfrost.com
Software: nginx/1.18.0 / PHP/7.2.34
Resource Hash: ce61c561bd540249531b28b9ceb2684fed3181fe7249ec0cd7c8958b62ac37cd

Request headers

Referer: http://us72er.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 13 Nov 2020 05:37:09 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
X-Powered-By: PHP/7.2.34
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1

200
OK

hit;reputation2
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit;reputation2?r;s1600*1200*24;uhttp%3A//us72er.com/;hWeb%20Scraper%20Features%20-%20Semalt%20Expert;0.42519015645462677
https://counter.yadro.ru/hit;reputation2?r;s1600*1200*24;uhttp%3A//us72er.com/;hWeb%20Scraper%20Features%20-%20Semalt%20Expert;0.42519015645462677
https://counter.yadro.ru/hit;reputation2?q;r;s1600*1200*24;uhttp%3A//us72er.com/;hWeb%20Scraper%20Features%20-%20Semalt%20Expert;0.42519015645462677

43 B
496 B

72ms
71ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;reputation2?q;r;s1600*1200*24;uhttp%3A//us72er.com/;hWeb%20Scraper%20Features%20-%20Semalt%20Expert;0.42519015645462677

Requested by

Host: us72er.com
URL: http://us72er.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://us72er.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Nov 2020 05:37:09 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 13 Nov 2019 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 13 Nov 2020 05:37:09 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;reputation2?q;r;s1600*1200*24;uhttp%3A//us72er.com/;hWeb%20Scraper%20Features%20-%20Semalt%20Expert;0.42519015645462677
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Wed, 13 Nov 2019 21:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://us72er.com
Referer: https://fonts.googleapis.com/css?family=Roboto:700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 20:01:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 552960
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Sat, 06 Nov 2021 20:01:09 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
us72er.com
190.2.139.23
2a00:1450:4001:81c::2003
2a00:1450:4001:81f::200a
88.212.201.204
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
2bb5a51d6bcfc36674b4c4395faa8c64e313f1f5c6d4be609ea86f90871ea6e3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
54635c7a0c34398162dc16a2bb00e70993db6c71095a4b2d08dafe6799474a73
600d5f48dfba1019a6e4474b9f0c18dc3aaf7d6874ad319f12e635da583ab5b9
ce61c561bd540249531b28b9ceb2684fed3181fe7249ec0cd7c8958b62ac37cd
fcbf6af74906eaaff4fcdcba6634e89342bd322c9cb79767bd0df3aeef124333

us72er.com Open in urlscan Pro 190.2.139.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

7 Requests

57 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

211 kBTransfer

219 kBSize

0 Cookies

1 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Indicators

us72er.com Open in urlscan Pro
190.2.139.23 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

57 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

211 kB
Transfer

219 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions