urlscan.io logo urlscan.io
SecurityTrails logo

www6.bildnewsaktuell.com Open in urlscan Pro
85.13.157.212  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://theyslap.com/
Effective URL: http://www6.bildnewsaktuell.com/
Submission: On February 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 7 HTTP transactions. The main IP is 85.13.157.212, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is www6.bildnewsaktuell.com.
This is the only time www6.bildnewsaktuell.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 212.32.237.92 60781 (LEASEWEB-...)
1 2 108.168.193.189 36351 (SOFTLAYER)
1 2 85.184.251.201 51862 (IONOS-AS)
1 217.79.188.54 24961 (MYLOC-AS ...)
1 217.79.188.2 24961 (MYLOC-AS ...)
1 85.13.157.212 34788 (NMM-AS D)
7 7
2    212.32.237.92 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
theyslap.com
2    108.168.193.189 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: bd.c1.a86c.ip4.static.sl-reverse.com
mybetterck.com
p185689.mybetterck.com
2    85.184.251.201 (Germany)

ASN51862 (IONOS-AS, DE)
PTR: ip85-184-251-201.pbiaas.com
rtb.disply.me
1    217.79.188.54 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: aa.adfarm1.adition.com
ad13.adfarm1.adition.com
1    217.79.188.2 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad1.adfarm1.adition.com
ad1.adfarm1.adition.com
1    85.13.157.212 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd40608.kasserver.com
www6.bildnewsaktuell.com
Apex Domain
Subdomains		 Transfer
2 adition.com
ad13.adfarm1.adition.com — Cisco Umbrella Rank: 52554
ad1.adfarm1.adition.com — Cisco Umbrella Rank: 38050
2 KB
2 disply.me
rtb.disply.me
1 KB
2 mybetterck.com
mybetterck.com — Cisco Umbrella Rank: 40248
p185689.mybetterck.com — Cisco Umbrella Rank: 537197
1 KB
2 theyslap.com
theyslap.com
3 KB
1 bildnewsaktuell.com
www6.bildnewsaktuell.com
398 B
0 exclusiveoffers.today Failed
trk.exclusiveoffers.today Failed
7 6
Domain Requested by
2 rtb.disply.me 1 redirects p185689.mybetterck.com
2 theyslap.com 1 redirects
1 www6.bildnewsaktuell.com ad1.adfarm1.adition.com
1 ad1.adfarm1.adition.com ad13.adfarm1.adition.com
1 ad13.adfarm1.adition.com rtb.disply.me
1 p185689.mybetterck.com theyslap.com
1 mybetterck.com 1 redirects
0 trk.exclusiveoffers.today Failed ad1.adfarm1.adition.com
7 8

This site contains no links.

Subject Issuer Validity Valid
*.mybetterck.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-06 -
2023-02-06		 a year crt.sh
*.disply.me
AlphaSSL CA - SHA256 - G2		 2021-09-28 -
2022-10-30		 a year crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G2		 2021-05-21 -
2022-06-22		 a year crt.sh

This page contains 1 frames:

Primary Page: http://www6.bildnewsaktuell.com/
Frame ID: FDE500055C713B470EFB88E3B456E837
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 Not Found

Page URL History Show full URLs

  1. http://theyslap.com/ Page URL
  2. http://theyslap.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0NDk... HTTP 302
    https://mybetterck.com/aS/feedclick?s=IKaS41W5VyaGclJvGWgoUziqIUQs1bUOTUHApkf6JKnI6j6WA_S05qcKS7vDI... HTTP 302
    https://p185689.mybetterck.com/adServe/domainClick?ai=utaGB_LycpNqqym3ENxkUi0MvWqkrDXuOzWiSyWHB8CSMJ2lB5MGf... Page URL
  3. https://rtb.disply.me/a2nn1qfjjoq046z6kph65 Page URL
  4. http://rtb.disply.me/a2nn1qfjx4igfnzqh10a6 HTTP 302
    https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H Page URL
  5. https://ad1.adfarm1.adition.com/banner?sid=4498272&gdpr=0&gdpr_consent=&kid=3890177&wpt=H Page URL
  6. http://www6.bildnewsaktuell.com/ Page URL

Page Statistics

7
Requests

57 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

7
IPs

3
Countries

4 kB
Transfer

4 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://theyslap.com/ Page URL
  2. http://theyslap.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0NDk2Mzg4NywiaWF0IjoxNjQ0OTU2Njg3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycmEwdXAybnAxc2RoaHE1aTQwdjNmMGQiLCJuYmYiOjE2NDQ5NTY2ODcsInRzIjoxNjQ0OTU2Njg3NTQwOTAwfQ.7NI5RMiOsq4v7skCltkzjWLWYzqBwsFPSSYymzptpIc&sid=51d07404-8e9d-11ec-8949-9f81c1c8f19f HTTP 302
    https://mybetterck.com/aS/feedclick?s=IKaS41W5VyaGclJvGWgoUziqIUQs1bUOTUHApkf6JKnI6j6WA_S05qcKS7vDIZtzmIMBUk7ob4rp6O7CY8H5otvV17wkvfiSxVzUh4G27zC0PjLlZhTw92AaEC_3J7AB_fDNGhEvvB32-Z6fHMSbNGBaLP11-ybTxlVlYmiYqf7JiD1QHLabogr8LCdd9x4--nxXHMDCdNQEJMsimiVN69itY8ErsynIqJJNtAI_-g-BoKApHFKVksS9S74X2dc3naR04NUTP-7OHyHM38xvTgrZc8EkmvQzZ2TSDMADTdCRAUk_Fxzjs4tqarKx94UCjEMXzOlu-rOB59OJGbJ8j2Ni0rRY-Yi5vBdobbhLoKyqIUb5odQwRRmSUdCohJwhGzSlTOLEzU97P4b99Fiz5JvXYKh4FUFSkM4xlOMx_cowY-Peul_M9FFVn3HOAHb95epTaxtM0N3c-iVuVJ2zTsxmJfLs7fBI1OvB6wiL_jAp28_9gx5hGXY6BhmWoJuqdDtUSZ-0uWOLCbczIuTp-h8KpppkdcI_MkiK5mQkPXIO7mYBU0TknxDNvbYCfc0uerRlvLHibl6kn4dt-UAU0IT38rNRhOXPP7czhRVk88ma0RuZmPVVu8nkDVWXgDSzVyH9Rned3WfLfKx5ROrDU4-sroVfk7KoQJvmoKSgwCFvmzNi9yC4kCdop_HiMJ6M0QhBZZ63_-JO4SoThD6OMtl3dbC4IX_m7vt_F9YPkIwtkb4KvnT6tTLrTIs7VlcA7P8OQlhphwG214WOuvNTE-YXDTeyzSo8xoYGh5uI9ryg-T8GVVwJ0hIi_MW5nArf3qJXNTBuagM8RQkQOJZT5brgto-zMsKXMyn77VPToglLlUd1k9jSNfHqCMVE9xhksffLvla0aMGu2Dli66C-XucADfX2tBPlR3prQOfp40kLZ-dJens2n_Ed_i3-Ytjcm_8ruJvx9RLlipXJHyQdyLn7GUZ7QQ6lTzQvziWiq67jTVQvVL4ScJYwqEcqLlqNRa8Vv1y9IfWC3Q8nwKZuEQFQaB8NztRqaKcnnOVCa1gtVodyh16Nu-Zngk2rC-1_E2NNxA6ib-IVMIyQQKPBQEVP-nMKsyLvpNM_WXgizdt7VGDMB3MvGRDo3sytpDcJQ_kHyAjmZhmKCTZjK_lmpXyzufCzDnxhYYq2TIPdPHgAIfjMxPi1Bq3BAhGtH3orWNd7gi4vGZSSN9s4SYUeCeP-vZa_vUAT_p0VlQm9Y7O9mMdWFcrMYgeLSfBiBs0O6AfuZebp_ccGwgTvNl65XM4Qkm2Vi2UKoyEOp_uQSubrDrbVrLrjVo0NNQMoLBBpKOe-i75L5gqygXGjjJuHWciU7s0LZ3hCouW-LdBXzfk-vcPMz4vkC_BMdEqz4PTixiMVdntXIxs HTTP 302
    https://p185689.mybetterck.com/adServe/domainClick?ai=utaGB_LycpNqqym3ENxkUi0MvWqkrDXuOzWiSyWHB8CSMJ2lB5MGfBaYZm_7IqTCA_Nxmo6Xy54PdhGn3_C1PnzMxTSW33E-llpg4FhZfxRg_-WvJ8gOFF7q4yBImSc8MndT0rcbhtKjIQ6n-5BK5usOttWsuuNW4Kq-om2f2CmGGBUz74HQmWS9VEMxMR-_6AfuZebp_cfWWifCPEixXL7AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU04fFcxJ0StShp2s0_34CATUuHZzeSQTgkyFv_aZQC5A4r4FDOdw858tImbOeXz24ZVRY0XLI-w26tWjri88Beg6ZonWe_Vtl9GtFLC8pMLsUA5RUDuR6cw8Fq9fZfmaQIJz7G7ZPe4bznH7_a5KV3xE&ui=IKaS41W5VyaGclJvGWgoU5-iGYUZ74135BqBrDJxXOHdWXHdPP_pKLLeBU7wafAzL9bWYq4gXL2pk7dWxXRF2mtY1SoYi7WuqZj9EHedmIQGSh04PbeYBA&si=1&oref=f2695a7fe85190e862dd4feb4457a7d8&optunit=Bvd3EeYmkEWtK6Mz5FaVqw&rb=1MVhHKAMSa4&rr=4&abtg=0 Page URL
  3. https://rtb.disply.me/a2nn1qfjjoq046z6kph65 Page URL
  4. http://rtb.disply.me/a2nn1qfjx4igfnzqh10a6 HTTP 302
    https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H Page URL
  5. https://ad1.adfarm1.adition.com/banner?sid=4498272&gdpr=0&gdpr_consent=&kid=3890177&wpt=H Page URL
  6. http://www6.bildnewsaktuell.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://theyslap.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0NDk2Mzg4NywiaWF0IjoxNjQ0OTU2Njg3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycmEwdXAybnAxc2RoaHE1aTQwdjNmMGQiLCJuYmYiOjE2NDQ5NTY2ODcsInRzIjoxNjQ0OTU2Njg3NTQwOTAwfQ.7NI5RMiOsq4v7skCltkzjWLWYzqBwsFPSSYymzptpIc&sid=51d07404-8e9d-11ec-8949-9f81c1c8f19f HTTP 302
  • https://mybetterck.com/aS/feedclick?s=IKaS41W5VyaGclJvGWgoUziqIUQs1bUOTUHApkf6JKnI6j6WA_S05qcKS7vDIZtzmIMBUk7ob4rp6O7CY8H5otvV17wkvfiSxVzUh4G27zC0PjLlZhTw92AaEC_3J7AB_fDNGhEvvB32-Z6fHMSbNGBaLP11-ybTxlVlYmiYqf7JiD1QHLabogr8LCdd9x4--nxXHMDCdNQEJMsimiVN69itY8ErsynIqJJNtAI_-g-BoKApHFKVksS9S74X2dc3naR04NUTP-7OHyHM38xvTgrZc8EkmvQzZ2TSDMADTdCRAUk_Fxzjs4tqarKx94UCjEMXzOlu-rOB59OJGbJ8j2Ni0rRY-Yi5vBdobbhLoKyqIUb5odQwRRmSUdCohJwhGzSlTOLEzU97P4b99Fiz5JvXYKh4FUFSkM4xlOMx_cowY-Peul_M9FFVn3HOAHb95epTaxtM0N3c-iVuVJ2zTsxmJfLs7fBI1OvB6wiL_jAp28_9gx5hGXY6BhmWoJuqdDtUSZ-0uWOLCbczIuTp-h8KpppkdcI_MkiK5mQkPXIO7mYBU0TknxDNvbYCfc0uerRlvLHibl6kn4dt-UAU0IT38rNRhOXPP7czhRVk88ma0RuZmPVVu8nkDVWXgDSzVyH9Rned3WfLfKx5ROrDU4-sroVfk7KoQJvmoKSgwCFvmzNi9yC4kCdop_HiMJ6M0QhBZZ63_-JO4SoThD6OMtl3dbC4IX_m7vt_F9YPkIwtkb4KvnT6tTLrTIs7VlcA7P8OQlhphwG214WOuvNTE-YXDTeyzSo8xoYGh5uI9ryg-T8GVVwJ0hIi_MW5nArf3qJXNTBuagM8RQkQOJZT5brgto-zMsKXMyn77VPToglLlUd1k9jSNfHqCMVE9xhksffLvla0aMGu2Dli66C-XucADfX2tBPlR3prQOfp40kLZ-dJens2n_Ed_i3-Ytjcm_8ruJvx9RLlipXJHyQdyLn7GUZ7QQ6lTzQvziWiq67jTVQvVL4ScJYwqEcqLlqNRa8Vv1y9IfWC3Q8nwKZuEQFQaB8NztRqaKcnnOVCa1gtVodyh16Nu-Zngk2rC-1_E2NNxA6ib-IVMIyQQKPBQEVP-nMKsyLvpNM_WXgizdt7VGDMB3MvGRDo3sytpDcJQ_kHyAjmZhmKCTZjK_lmpXyzufCzDnxhYYq2TIPdPHgAIfjMxPi1Bq3BAhGtH3orWNd7gi4vGZSSN9s4SYUeCeP-vZa_vUAT_p0VlQm9Y7O9mMdWFcrMYgeLSfBiBs0O6AfuZebp_ccGwgTvNl65XM4Qkm2Vi2UKoyEOp_uQSubrDrbVrLrjVo0NNQMoLBBpKOe-i75L5gqygXGjjJuHWciU7s0LZ3hCouW-LdBXzfk-vcPMz4vkC_BMdEqz4PTixiMVdntXIxs HTTP 302
  • https://p185689.mybetterck.com/adServe/domainClick?ai=utaGB_LycpNqqym3ENxkUi0MvWqkrDXuOzWiSyWHB8CSMJ2lB5MGfBaYZm_7IqTCA_Nxmo6Xy54PdhGn3_C1PnzMxTSW33E-llpg4FhZfxRg_-WvJ8gOFF7q4yBImSc8MndT0rcbhtKjIQ6n-5BK5usOttWsuuNW4Kq-om2f2CmGGBUz74HQmWS9VEMxMR-_6AfuZebp_cfWWifCPEixXL7AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU04fFcxJ0StShp2s0_34CATUuHZzeSQTgkyFv_aZQC5A4r4FDOdw858tImbOeXz24ZVRY0XLI-w26tWjri88Beg6ZonWe_Vtl9GtFLC8pMLsUA5RUDuR6cw8Fq9fZfmaQIJz7G7ZPe4bznH7_a5KV3xE&ui=IKaS41W5VyaGclJvGWgoU5-iGYUZ74135BqBrDJxXOHdWXHdPP_pKLLeBU7wafAzL9bWYq4gXL2pk7dWxXRF2mtY1SoYi7WuqZj9EHedmIQGSh04PbeYBA&si=1&oref=f2695a7fe85190e862dd4feb4457a7d8&optunit=Bvd3EeYmkEWtK6Mz5FaVqw&rb=1MVhHKAMSa4&rr=4&abtg=0
Request Chain 3
  • http://rtb.disply.me/a2nn1qfjx4igfnzqh10a6 HTTP 302
  • https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
theyslap.com/ 		468 B
824 B 		Document
General
Check archive.org
Download Go to
Full URL
http://theyslap.com/
Protocol
HTTP/1.1
Server
212.32.237.92 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
468
content-type
text/html; charset=utf-8
date
Tue, 15 Feb 2022 20:24:47 GMT
server
nginx
domainClick
p185689.mybetterck.com/adServe/
Redirect Chain
  • http://theyslap.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY0NDk2Mzg4NywiaWF0IjoxNjQ0OTU2Njg3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycmEwdXAybnAxc2RoaHE1aTQwdjNmMGQi...
  • https://mybetterck.com/aS/feedclick?s=IKaS41W5VyaGclJvGWgoUziqIUQs1bUOTUHApkf6JKnI6j6WA_S05qcKS7vDIZtzmIMBUk7ob4rp6O7CY8H5otvV17wkvfiSxVzUh4G27zC0PjLlZhTw92AaEC_3J7AB_fDNGhEvvB32-Z6fHMSbNGBaLP11-yb...
  • https://p185689.mybetterck.com/adServe/domainClick?ai=utaGB_LycpNqqym3ENxkUi0MvWqkrDXuOzWiSyWHB8CSMJ2lB5MGfBaYZm_7IqTCA_Nxmo6Xy54PdhGn3_C1PnzMxTSW33E-llpg4FhZfxRg_-WvJ8gOFF7q4yBImSc8MndT0rcbhtKjIQ6...
239 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p185689.mybetterck.com/adServe/domainClick?ai=utaGB_LycpNqqym3ENxkUi0MvWqkrDXuOzWiSyWHB8CSMJ2lB5MGfBaYZm_7IqTCA_Nxmo6Xy54PdhGn3_C1PnzMxTSW33E-llpg4FhZfxRg_-WvJ8gOFF7q4yBImSc8MndT0rcbhtKjIQ6n-5BK5usOttWsuuNW4Kq-om2f2CmGGBUz74HQmWS9VEMxMR-_6AfuZebp_cfWWifCPEixXL7AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU04fFcxJ0StShp2s0_34CATUuHZzeSQTgkyFv_aZQC5A4r4FDOdw858tImbOeXz24ZVRY0XLI-w26tWjri88Beg6ZonWe_Vtl9GtFLC8pMLsUA5RUDuR6cw8Fq9fZfmaQIJz7G7ZPe4bznH7_a5KV3xE&ui=IKaS41W5VyaGclJvGWgoU5-iGYUZ74135BqBrDJxXOHdWXHdPP_pKLLeBU7wafAzL9bWYq4gXL2pk7dWxXRF2mtY1SoYi7WuqZj9EHedmIQGSh04PbeYBA&si=1&oref=f2695a7fe85190e862dd4feb4457a7d8&optunit=Bvd3EeYmkEWtK6Mz5FaVqw&rb=1MVhHKAMSa4&rr=4&abtg=0
Requested by
Host: theyslap.com
URL: http://theyslap.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
bd.c1.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://theyslap.com/

Response headers

server
nginx
date
Tue, 15 Feb 2022 20:24:48 GMT
content-type
text/html;charset=ISO-8859-1
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

server
nginx
date
Tue, 15 Feb 2022 20:24:48 GMT
content-length
0
location
https://p185689.mybetterck.com/adServe/domainClick?ai=utaGB_LycpNqqym3ENxkUi0MvWqkrDXuOzWiSyWHB8CSMJ2lB5MGfBaYZm_7IqTCA_Nxmo6Xy54PdhGn3_C1PnzMxTSW33E-llpg4FhZfxRg_-WvJ8gOFF7q4yBImSc8MndT0rcbhtKjIQ6n-5BK5usOttWsuuNW4Kq-om2f2CmGGBUz74HQmWS9VEMxMR-_6AfuZebp_cfWWifCPEixXL7AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU04fFcxJ0StShp2s0_34CATUuHZzeSQTgkyFv_aZQC5A4r4FDOdw858tImbOeXz24ZVRY0XLI-w26tWjri88Beg6ZonWe_Vtl9GtFLC8pMLsUA5RUDuR6cw8Fq9fZfmaQIJz7G7ZPe4bznH7_a5KV3xE&ui=IKaS41W5VyaGclJvGWgoU5-iGYUZ74135BqBrDJxXOHdWXHdPP_pKLLeBU7wafAzL9bWYq4gXL2pk7dWxXRF2mtY1SoYi7WuqZj9EHedmIQGSh04PbeYBA&si=1&oref=f2695a7fe85190e862dd4feb4457a7d8&optunit=Bvd3EeYmkEWtK6Mz5FaVqw&rb=1MVhHKAMSa4&rr=4&abtg=0
a2nn1qfjjoq046z6kph65
rtb.disply.me/ 		297 B
570 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.disply.me/a2nn1qfjjoq046z6kph65
Requested by
Host: p185689.mybetterck.com
URL: https://p185689.mybetterck.com/adServe/domainClick?ai=utaGB_LycpNqqym3ENxkUi0MvWqkrDXuOzWiSyWHB8CSMJ2lB5MGfBaYZm_7IqTCA_Nxmo6Xy54PdhGn3_C1PnzMxTSW33E-llpg4FhZfxRg_-WvJ8gOFF7q4yBImSc8MndT0rcbhtKjIQ6n-5BK5usOttWsuuNW4Kq-om2f2CmGGBUz74HQmWS9VEMxMR-_6AfuZebp_cfWWifCPEixXL7AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU04fFcxJ0StShp2s0_34CATUuHZzeSQTgkyFv_aZQC5A4r4FDOdw858tImbOeXz24ZVRY0XLI-w26tWjri88Beg6ZonWe_Vtl9GtFLC8pMLsUA5RUDuR6cw8Fq9fZfmaQIJz7G7ZPe4bznH7_a5KV3xE&ui=IKaS41W5VyaGclJvGWgoU5-iGYUZ74135BqBrDJxXOHdWXHdPP_pKLLeBU7wafAzL9bWYq4gXL2pk7dWxXRF2mtY1SoYi7WuqZj9EHedmIQGSh04PbeYBA&si=1&oref=f2695a7fe85190e862dd4feb4457a7d8&optunit=Bvd3EeYmkEWtK6Mz5FaVqw&rb=1MVhHKAMSa4&rr=4&abtg=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.184.251.201 , Germany, ASN51862 (IONOS-AS, DE),
Reverse DNS
ip85-184-251-201.pbiaas.com
Software
nginx/1.13.0 / PHP/5.6.30
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.13.0
Date
Tue, 15 Feb 2022 20:24:48 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.6.30
X-Node
de-pool01-tr01
Content-Encoding
gzip
banner
ad13.adfarm1.adition.com/
Redirect Chain
  • http://rtb.disply.me/a2nn1qfjx4igfnzqh10a6
  • https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H
Requested by
Host: rtb.disply.me
URL: https://rtb.disply.me/a2nn1qfjjoq046z6kph65
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
aa.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
1483a80cf02054d44fe035bc6d722277ad75fac2b1ad84b967b84437ce2ca941

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.disply.me/a2nn1qfjjoq046z6kph65

Response headers

content-type
text/html
server
ADITIONSERVER v1.0
date
Tue, 15 Feb 2022 21:24:48 +0100
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma
no-cache
content-encoding
gzip

Redirect headers

Server
nginx/1.13.0
Date
Tue, 15 Feb 2022 20:24:48 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.6.30
Location
https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H
X-Node
de-pool01-tr01
banner
ad1.adfarm1.adition.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad1.adfarm1.adition.com/banner?sid=4498272&gdpr=0&gdpr_consent=&kid=3890177&wpt=H
Requested by
Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.2 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad1.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
698e09077aa51e7c629a9cda7069fc37483bba3b0af57bfd2acf844378df3922

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad13.adfarm1.adition.com/

Response headers

content-type
text/html
server
ADITIONSERVER v1.0
date
Tue, 15 Feb 2022 21:24:48 +0100
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma
no-cache
content-encoding
gzip
0cb10f32-b650-44db-9d09-d916504dcba1
trk.exclusiveoffers.today/impression/ 		0
0
Primary Request /
www6.bildnewsaktuell.com/ 		196 B
398 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www6.bildnewsaktuell.com/
Requested by
Host: ad1.adfarm1.adition.com
URL: https://ad1.adfarm1.adition.com/banner?sid=4498272&gdpr=0&gdpr_consent=&kid=3890177&wpt=H
Protocol
HTTP/1.1
Server
85.13.157.212 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd40608.kasserver.com
Software
Apache /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 15 Feb 2022 20:24:48 GMT
Server
Apache
Content-Length
196
Keep-Alive
timeout=2, max=1000
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
trk.exclusiveoffers.today
URL
https://trk.exclusiveoffers.today/impression/0cb10f32-b650-44db-9d09-d916504dcba1?Motiv={Motiv}

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone

5 Cookies

Domain/Path Name / Value
.theyslap.com/ Name: sid
Value: 51d07404-8e9d-11ec-8949-9f81c1c8f19f
.mybetterck.com/ Name: rhid
Value: 80724647398
.mybetterck.com/ Name: loi
Value: ad_683043_off_276189_aff_15466_cid_185689-THEYSLAP.COM_ts_1644956688
rtb.disply.me/ Name: YUC
Value: 76532045-5f28-40de-a59f-a0110a78e58f
.adfarm1.adition.com/ Name: UserID1
Value: 7065035178362143974

1 Console Messages

Source Level URL
Text
network error URL: http://www6.bildnewsaktuell.com/
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)