667786.xmlfeed.adtelligent.com Open in urlscan Pro
2a06:8640:572::2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.ly/3m82XOX#/t/i8455x0uz/rf76f0755x537x84579x02588082x1833873x8010772268x1316528
Effective URL:
https://667786.xmlfeed.adtelligent.com/?ss=1&subid=667786-c283d9f6&domain=to.yellowanemone.com&site_page_url=to.yellowanemone.com&click...
Submission: On November 27 via api (November 27th 2021, 10:43:46 pm UTC) from BE — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 9 HTTP transactions. The main IP is 2a06:8640:572::2, located in Piscataway, United States and belongs to 24SHELLS, US. The main domain is 667786.xmlfeed.adtelligent.com.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on November 6th 2021. Valid for: 3 months.

This is the only time 667786.xmlfeed.adtelligent.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 2	178.255.47.116 178.255.47.116	200088 (ARTNET2) (ARTNET2)
1	67.222.128.199 67.222.128.199	30277 (DFW-DATAC...) (DFW-DATACENTER)
3	2606:4700:e6:... 2606:4700:e6::ac40:cb0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::ac43:c657	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.248.51.205 104.248.51.205	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a06:8640:572::2 2a06:8640:572::2	55081 (24SHELLS) (24SHELLS)
9	7

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.255.47.116 (Chocznia, Poland) 1 redirects

ASN200088 (ARTNET2, PL)
PTR: v47116.artnet.gda.pl

noitse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.222.128.199 (United States)

ASN30277 (DFW-DATACENTER, US)
PTR: kronneyfac.info

theshiningtree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:cb0d (United States)

ASN13335 (CLOUDFLARENET, US)

tulac.ngunsen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:c657 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.addlnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.248.51.205 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

to.yellowanemone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:8640:572::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)

667786.xmlfeed.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	ngunsen.com tulac.ngunsen.com	24 KB
2	yellowanemone.com 1 redirects to.yellowanemone.com	1 KB
2	noitse.com 1 redirects noitse.com	716 B
1	adtelligent.com 667786.xmlfeed.adtelligent.com	336 B
1	addlnk.com cdn.addlnk.com	1 KB
1	theshiningtree.com theshiningtree.com	448 B
1	bit.ly 1 redirects bit.ly	339 B
9	7

	Domain	Requested by
3	tulac.ngunsen.com	theshiningtree.com tulac.ngunsen.com
2	to.yellowanemone.com	1 redirects tulac.ngunsen.com
2	noitse.com	1 redirects
1	667786.xmlfeed.adtelligent.com	to.yellowanemone.com
1	cdn.addlnk.com	tulac.ngunsen.com
1	theshiningtree.com	noitse.com
1	bit.ly	1 redirects
9	7

This site contains no links.

Subject Issuer	Validity	Valid
theshiningtree.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-16` - `2021-12-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
to.aurorapolaris.net R3	`2021-11-25` - `2022-02-23`	3 months	crt.sh
667786.xmlfeed.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-11-06` - `2022-02-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://667786.xmlfeed.adtelligent.com/?ss=1&subid=667786-c283d9f6&domain=to.yellowanemone.com&site_page_url=to.yellowanemone.com&click_id=pubaf09a385a90644c4851994c19e6af7dd
Frame ID: 8E67ACB1610BED00AA8B571D1FF4167D
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bit.ly/3m82XOX HTTP 301
http://noitse.com/anchor/ Page URL
http://noitse.com//t/i8455x0uz/rf76f0755x537x84579x02588082x1833873x8010772268x1316528 HTTP 302
https://theshiningtree.com/1764681f0e7b5db9349/639_5570_97548_735/8256131_3783381/39532146 Page URL
https://tulac.ngunsen.com/rc/9e8aef8068?affclick=1212210770&pubid=690416 Page URL
https://to.yellowanemone.com/?feed=340673-667786&url=https%3A%2F%2Fwww.cryptoweb.xyz%2F&query=https%3A%2F... Page URL
https://to.yellowanemone.com/redirect.php?feed=340673-667786&url=to.yellowanemone.com&query=https://www.c... HTTP 302
https://667786.xmlfeed.adtelligent.com/?ss=1&subid=667786-c283d9f6&domain=to.yellowanemone.com&site_page_url=to.yel... Page URL

Page Statistics

9
Requests

78 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

27 kB
Transfer

66 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.ly/3m82XOX HTTP 301
http://noitse.com/anchor/ Page URL
http://noitse.com//t/i8455x0uz/rf76f0755x537x84579x02588082x1833873x8010772268x1316528 HTTP 302
https://theshiningtree.com/1764681f0e7b5db9349/639_5570_97548_735/8256131_3783381/39532146 Page URL
https://tulac.ngunsen.com/rc/9e8aef8068?affclick=1212210770&pubid=690416 Page URL
https://to.yellowanemone.com/?feed=340673-667786&url=https%3A%2F%2Fwww.cryptoweb.xyz%2F&query=https%3A%2F%2Fwww.cryptoweb.xyz%2F&pub_clickid=pubaf09a385a90644c4851994c19e6af7dd&subid=c283d9f6 Page URL
https://to.yellowanemone.com/redirect.php?feed=340673-667786&url=to.yellowanemone.com&query=https://www.cryptoweb.xyz/&subid=c283d9f6&pub_clickid=pubaf09a385a90644c4851994c19e6af7dd&dt=1600|1200|0|0|1600|1200&r=0 HTTP 302
https://667786.xmlfeed.adtelligent.com/?ss=1&subid=667786-c283d9f6&domain=to.yellowanemone.com&site_page_url=to.yellowanemone.com&click_id=pubaf09a385a90644c4851994c19e6af7dd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://bit.ly/3m82XOX HTTP 301
http://noitse.com/anchor/

Request Chain 1

http://noitse.com//t/i8455x0uz/rf76f0755x537x84579x02588082x1833873x8010772268x1316528 HTTP 302
https://theshiningtree.com/1764681f0e7b5db9349/639_5570_97548_735/8256131_3783381/39532146

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ noitse.com/anchor/ Redirect Chain http://bit.ly/3m82XOX http://noitse.com/anchor/	259 B 436 B	258ms 46ms	Document text/html	178.255.47.116 ARTNET2
General Check archive.org Show headers Download Go to Full URL http://noitse.com/anchor/ Protocol HTTP/1.1 Server 178.255.47.116 Chocznia, Poland, ASN200088 (ARTNET2, PL), Reverse DNS v47116.artnet.gda.pl Software Apache / PHP/5.3.3 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Sat, 27 Nov 2021 22:43:35 GMT Server Apache X-Powered-By PHP/5.3.3 Content-Length 259 Connection close Content-Type text/html; charset=UTF-8 Redirect headers Server nginx Date Sat, 27 Nov 2021 22:43:37 GMT Content-Type text/html; charset=utf-8 Content-Length 112 Cache-Control private, max-age=90 Location http://noitse.com/anchor/ Via 1.1 google
GET H/1.1	200 OK	39532146 theshiningtree.com/1764681f0e7b5db9349/639_5570_97548_735/8256131_3783381/ Redirect Chain http://noitse.com//t/i8455x0uz/rf76f0755x537x84579x02588082x1833873x8010772268x1316528 https://theshiningtree.com/1764681f0e7b5db9349/639_5570_97548_735/8256131_3783381/39532146	135 B 448 B	3050ms 1647ms	Document text/html	67.222.128.199 DFW-DATACENTER
General Check archive.org Show headers Download Go to Full URL https://theshiningtree.com/1764681f0e7b5db9349/639_5570_97548_735/8256131_3783381/39532146 Requested by Host: noitse.com URL: http://noitse.com/anchor/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 67.222.128.199 , United States, ASN30277 (DFW-DATACENTER, US), Reverse DNS kronneyfac.info Software Apache / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://noitse.com/anchor/#/t/i8455x0uz/rf76f0755x537x84579x02588082x1833873x8010772268x1316528 Response headers Date Sat, 27 Nov 2021 22:43:39 GMT Server Apache Content-Length 135 Connection close Content-Type text/html; charset=UTF-8 Redirect headers Date Sat, 27 Nov 2021 22:43:35 GMT Server Apache X-Powered-By PHP/5.3.3 Location https://theshiningtree.com/1764681f0e7b5db9349/639_5570_97548_735/8256131_3783381/39532146 Content-Length 0 Connection close Content-Type text/html; charset=UTF-8
GET H2	200	9e8aef8068 Show response tulac.ngunsen.com/rc/	2 KB 2 KB	163ms 115ms	Document text/html	2606:4700:e6::ac40:cb0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tulac.ngunsen.com/rc/9e8aef8068?affclick=1212210770&pubid=690416 Requested by Host: theshiningtree.com URL: https://theshiningtree.com/1764681f0e7b5db9349/639_5570_97548_735/8256131_3783381/39532146 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e6::ac40:cb0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3e4c99c22b8aa1b2185013634defac5922424bc4b4ac7dacd1455434cd5faa7e` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://theshiningtree.com/ Response headers date Sat, 27 Nov 2021 22:43:41 GMT content-type text/html; charset=utf-8 vary Accept-Encoding, Accept-Language, Cookie content-language en-us cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vuurH%2FY%2F4bkSTa%2Bp3oxLTL5f2lluC6rKBpWZHNL0M0GgQvtvu7StoL1YVbbL7svoSzN2Q3bWmMtadmHbpbFilbE14LSl1PYoItelIL3sJJw08uk%2BOj0MTBGRwWg8FOxC4oWqhJOv0r9SuzfwByEGbQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6b4ee0761d985a07-MXP content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	redirect.css cdn.addlnk.com/	1 KB 1 KB	70ms 32ms	Stylesheet text/css	2606:4700:3030::ac43:c657 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.addlnk.com/redirect.css Requested by Host: tulac.ngunsen.com URL: https://tulac.ngunsen.com/rc/9e8aef8068?affclick=1212210770&pubid=690416 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:c657 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sat, 27 Nov 2021 22:43:41 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1192 cf-polished origSize=1680 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id DKTVV72H0BS6DA7T x-amz-id-2 rX0S36m+Hwr0wRd6F6gpl4sHh5fTIwhtu0jKfeRyoGp+ZbXif1lU65GivC9/JtrI9pQZfkIxzE0= last-modified Wed, 13 Mar 2019 00:03:12 GMT server cloudflare etag W/"3ae56d32551602b41f9046c14d1cfde2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgo16z0ZvOsZ3OYZKWkl1h5XSBPd5i2yy3x%2FWqteMm5lGFaLmmRjn9RqSPIzWnWcrtmgYjAnbX2Jbefueyl8LSetzQVw0nkOuRn8SVsfAnXuLX0WYF33Pag50fAecFa4DsPlkjCzPFW8wY6svw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cf-ray 6b4ee0771bc1d60c-MXP cf-bgj minify
GET H2	200	invisible.js Show response tulac.ngunsen.com/cdn-cgi/challenge-platform/h/b/scripts/	39 KB 14 KB	74ms 74ms	Script text/javascript	2606:4700:e6::ac40:cb0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tulac.ngunsen.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js Requested by Host: tulac.ngunsen.com URL: https://tulac.ngunsen.com/rc/9e8aef8068?affclick=1212210770&pubid=690416 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e6::ac40:cb0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `783761ba8e1b6d25d728c9db860481134b35c716b336296e9cb7200530c19de5` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sat, 27 Nov 2021 22:43:41 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JaJnc5M6cMaA23GeDkB0Q56ke%2BBWhXXoEtMZ5dPoso7wa9tTaBoUnAwv9NkbVmrwGHD9468dG9JKOpeoAcj%2FTYi3u5j4EwmzC3gmFZTqOa%2FAiiIPbb7YgiJXJRuIGGwZ8fAAuiKfDc8Z995bgxdkUw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=604800, public x-control-type-options nosniff cf-ray 6b4ee076ef905a07-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	pica.js tulac.ngunsen.com/cdn-cgi/challenge-platform/h/b/scripts/	21 KB 8 KB	39ms 39ms	Other text/javascript	2606:4700:e6::ac40:cb0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tulac.ngunsen.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js Requested by Host: tulac.ngunsen.com URL: https://tulac.ngunsen.com/rc/9e8aef8068?affclick=1212210770&pubid=690416 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e6::ac40:cb0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4fdd31ae44061818d3cc21979614a9e2bc4169009ec5124f8f6546987efa00b4` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sat, 27 Nov 2021 22:43:41 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naaPfQd3LkZkW8E6gp%2FHNYc9MVF2f5GGtdJ41u%2FKPzwOOIL97wFYfXSBOL0jF%2BDbiTn%2BUyiyfFMvlLGq5%2FpP8tzxymJlOBtCuRNEGRTS0y6qDBKgzkGre3foZCkC8bPN107hgZKcgCBTtbC8lIzM1w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=604800, public x-control-type-options nosniff cf-ray 6b4ee07769385a07-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	/ Show response to.yellowanemone.com/	3 KB 1 KB	304ms 93ms	Document text/html	104.248.51.205 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://to.yellowanemone.com/?feed=340673-667786&url=https%3A%2F%2Fwww.cryptoweb.xyz%2F&query=https%3A%2F%2Fwww.cryptoweb.xyz%2F&pub_clickid=pubaf09a385a90644c4851994c19e6af7dd&subid=c283d9f6 Requested by Host: tulac.ngunsen.com URL: https://tulac.ngunsen.com/rc/9e8aef8068?affclick=1212210770&pubid=690416 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.248.51.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash `09fc642278d1c7cfb92e337ce2d6d374be96b0a4e9453a32393e9abb6fbf1309` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx date Sat, 27 Nov 2021 22:43:41 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding content-encoding gzip
POST		result tulac.ngunsen.com/cdn-cgi/challenge-platform/h/b/cv/	0 0

GET H/1.1	400 Bad Request	Primary Request / Show response 667786.xmlfeed.adtelligent.com/ Redirect Chain https://to.yellowanemone.com/redirect.php?feed=340673-667786&url=to.yellowanemone.com&query=https://www.cryptoweb.xyz/&subid=c283d9f6&pub_clickid=pubaf09a385a90644c4851994c19e6af7dd&dt=1600\|1200\|0\|... https://667786.xmlfeed.adtelligent.com/?ss=1&subid=667786-c283d9f6&domain=to.yellowanemone.com&site_page_url=to.yellowanemone.com&click_id=pubaf09a385a90644c4851994c19e6af7dd	63 B 336 B	394ms 88ms	Document text/plain	2a06:8640:572::2 24SHELLS
General Check archive.org Show headers Download Go to Full URL https://667786.xmlfeed.adtelligent.com/?ss=1&subid=667786-c283d9f6&domain=to.yellowanemone.com&site_page_url=to.yellowanemone.com&click_id=pubaf09a385a90644c4851994c19e6af7dd Requested by Host: to.yellowanemone.com URL: https://to.yellowanemone.com/?feed=340673-667786&url=https%3A%2F%2Fwww.cryptoweb.xyz%2F&query=https%3A%2F%2Fwww.cryptoweb.xyz%2F&pub_clickid=pubaf09a385a90644c4851994c19e6af7dd&subid=c283d9f6 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a06:8640:572::2 Piscataway, United States, ASN55081 (24SHELLS, US), Reverse DNS Software VertaMedia 1.0 / Resource Hash `b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://to.yellowanemone.com/?feed=340673-667786&url=https%3A%2F%2Fwww.cryptoweb.xyz%2F&query=https%3A%2F%2Fwww.cryptoweb.xyz%2F&pub_clickid=pubaf09a385a90644c4851994c19e6af7dd&subid=c283d9f6 Response headers Server VertaMedia 1.0 Date Sat, 27 Nov 2021 22:43:41 GMT Content-Type text/plain; charset=utf-8 Content-Length 63 Access-Control-Allow-Origin https://to.yellowanemone.com Access-Control-Allow-Credentials true Connection Keep-Alive Redirect headers server nginx date Sat, 27 Nov 2021 22:43:41 GMT content-type text/html; charset=UTF-8 location https://667786.xmlfeed.adtelligent.com/?ss=1&subid=667786-c283d9f6&domain=to.yellowanemone.com&site_page_url=to.yellowanemone.com&click_id=pubaf09a385a90644c4851994c19e6af7dd

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tulac.ngunsen.com
URL: https://tulac.ngunsen.com/cdn-cgi/challenge-platform/h/b/cv/result?req_id=6b4ee0761d985a07

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 03:20:05	Name: _bit Value: larmHB-3f298555b28ba9b3ed-00H
theshiningtree.com/	1970-01-19 23:44:05	Name: uid15295 Value: 1212210770-20211127174340-80d84a77d8dcfb4279ed48830cf573d2-
tulac.ngunsen.com/	1970-01-19 23:10:57	Name: AWSALB Value: CU94jhm/kR70QOzT5yjrKwP1MyBbAJmqgal1h1jWEChv0wCEmAxe/GgxAi8XSriiEHt1a00NdaFb/avB3HvXKiLTKUfT0prFBDGnCPw4ZRfOrhb44u7dC0DWd1zZ
to.yellowanemone.com/	1970-01-19 23:00:53	Name: 340673-667786_0 Value: 1638053021

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://tulac.ngunsen.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
network	error	URL: https://667786.xmlfeed.adtelligent.com/?ss=1&subid=667786-c283d9f6&domain=to.yellowanemone.com&site_page_url=to.yellowanemone.com&click_id=pubaf09a385a90644c4851994c19e6af7dd Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

667786.xmlfeed.adtelligent.com
bit.ly
cdn.addlnk.com
noitse.com
theshiningtree.com
to.yellowanemone.com
tulac.ngunsen.com
tulac.ngunsen.com
104.248.51.205
178.255.47.116
2606:4700:3030::ac43:c657
2606:4700:e6::ac40:cb0d
2a06:8640:572::2
67.199.248.10
67.222.128.199
09fc642278d1c7cfb92e337ce2d6d374be96b0a4e9453a32393e9abb6fbf1309
3e4c99c22b8aa1b2185013634defac5922424bc4b4ac7dacd1455434cd5faa7e
4fdd31ae44061818d3cc21979614a9e2bc4169009ec5124f8f6546987efa00b4
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
783761ba8e1b6d25d728c9db860481134b35c716b336296e9cb7200530c19de5
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25

667786.xmlfeed.adtelligent.com Open in urlscan Pro 2a06:8640:572::2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

9 Requests

78 %HTTPS

43 %IPv6

7 Domains

7 Subdomains

7 IPs

2 Countries

27 kBTransfer

66 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

4 Cookies

2 Console Messages

Indicators

667786.xmlfeed.adtelligent.com Open in urlscan Pro
2a06:8640:572::2 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

78 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

27 kB
Transfer

66 kB
Size

4
Cookies

9 HTTP transactions
0 data transactions