www6.bildnewsaktuell.com
Open in
urlscan Pro
85.13.157.212
Public Scan
Submitted URL: http://office365auth.capitalonegroup.info/
Effective URL: http://www6.bildnewsaktuell.com/
Submission: On September 26 via api from US — Scanned from DE
Effective URL: http://www6.bildnewsaktuell.com/
Submission: On September 26 via api from US — Scanned from DE
Summary
This website contacted 7 IPs
in 2 countries
across 6 domains to perform 13 HTTP transactions.
The main IP is 85.13.157.212, located in
Germany and
belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE.
The main domain is www6.bildnewsaktuell.com.
This is the only time www6.bildnewsaktuell.com was scanned on urlscan.io!
This is the only time www6.bildnewsaktuell.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 | 72.52.178.23 72.52.178.23 | 32244 (LIQUIDWEB) (LIQUIDWEB) | |
| 2 2 | 173.192.101.24 173.192.101.24 | 36351 (SOFTLAYER) (SOFTLAYER) | |
| 1 2 | 85.184.251.201 85.184.251.201 | 51862 (IONOS-AS) (IONOS-AS) | |
| 1 | 217.79.188.54 217.79.188.54 | 24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG) | |
| 5 | 217.79.188.2 217.79.188.2 | 24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG) | |
| 1 | 3.127.168.54 3.127.168.54 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 85.13.157.212 85.13.157.212 | 34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68) | |
| 2 | 217.79.188.10 217.79.188.10 | 24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG) | |
| 13 | 7 |
2
72.52.178.23
(United States)
ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com
ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com
| office365auth.capitalonegroup.info |
2
173.192.101.24
(Dallas, United States)
ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
| mybetterdl.com | |
| p237996.mybetterdl.com |
1
217.79.188.54
(Germany)
ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: aa.adfarm1.adition.com
ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: aa.adfarm1.adition.com
| ad13.adfarm1.adition.com |
5
217.79.188.2
(Germany)
ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad1.adfarm1.adition.com
ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad1.adfarm1.adition.com
| ad1.adfarm1.adition.com |
1
3.127.168.54
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-168-54.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-168-54.eu-central-1.compute.amazonaws.com
| trk.exclusiveoffers.today |
1
85.13.157.212
(Germany)
ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd40608.kasserver.com
ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd40608.kasserver.com
| www6.bildnewsaktuell.com |
2
217.79.188.10
(Germany)
ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
| imagesrv.adition.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 8 |
adition.com
ad13.adfarm1.adition.com ad1.adfarm1.adition.com imagesrv.adition.com |
183 KB |
| 2 |
disply.me
1 redirects
rtb.disply.me |
1 KB |
| 2 |
mybetterdl.com
2 redirects
mybetterdl.com p237996.mybetterdl.com |
1 KB |
| 2 |
capitalonegroup.info
office365auth.capitalonegroup.info |
12 KB |
| 1 |
bildnewsaktuell.com
www6.bildnewsaktuell.com |
532 B |
| 1 |
exclusiveoffers.today
trk.exclusiveoffers.today |
1 KB |
| 13 | 6 |
| Domain | Requested by | |
|---|---|---|
| 5 | ad1.adfarm1.adition.com |
ad13.adfarm1.adition.com
www6.bildnewsaktuell.com ad1.adfarm1.adition.com |
| 2 | imagesrv.adition.com |
www6.bildnewsaktuell.com
|
| 2 | rtb.disply.me |
1 redirects
office365auth.capitalonegroup.info
|
| 2 | office365auth.capitalonegroup.info |
office365auth.capitalonegroup.info
|
| 1 | www6.bildnewsaktuell.com |
ad1.adfarm1.adition.com
|
| 1 | trk.exclusiveoffers.today |
ad1.adfarm1.adition.com
|
| 1 | ad13.adfarm1.adition.com |
rtb.disply.me
|
| 1 | p237996.mybetterdl.com | 1 redirects |
| 1 | mybetterdl.com | 1 redirects |
| 13 | 9 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| ad1.adfarm1.adition.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.disply.me AlphaSSL CA - SHA256 - G2 |
2020-09-03 - 2021-10-05 |
a year | crt.sh |
| *.adfarm1.adition.com AlphaSSL CA - SHA256 - G2 |
2021-05-21 - 2022-06-22 |
a year | crt.sh |
| trk.exclusiveoffers.today R3 |
2021-08-02 - 2021-10-31 |
3 months | crt.sh |
| *.adition.com AlphaSSL CA - SHA256 - G2 |
2021-04-15 - 2022-05-17 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://www6.bildnewsaktuell.com/
Frame ID: DB20BB8240BF707FE2FC36AC7302F0CF
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://office365auth.capitalonegroup.info/ Page URL
- http://office365auth.capitalonegroup.info/page/bouncy.php?&bpae=GbhGsz%2FnwtZ99psh%2BxTH0QWRkGtgIS06Uvz1fe0Dtr0W4%2BSy... Page URL
-
https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6RB_AzGGnYx2vUMbGgTknjRTUHApkf6JKnI6j6WA_S05kxA4Jl5P...
HTTP 302
https://p237996.mybetterdl.com/adServe/domainClick?ai=utaGB_LycpNqqym3ENxkUkLPhgVVyPA-Xzq4vnC43fnuAzDr-DojL... HTTP 302
https://rtb.disply.me/a2nn1qfjjoq046z6kph65 Page URL
-
http://rtb.disply.me/a2nn1qfjx4igfnzqh10a6
HTTP 302
https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H Page URL
- https://ad1.adfarm1.adition.com/banner?sid=4498272&gdpr=0&gdpr_consent=&kid=3890177&wpt=H Page URL
- http://www6.bildnewsaktuell.com/ Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://ad1.adfarm1.adition.com/redi?lid=7012120695906632914&gdpr=0&gdpr_consent=&gdpr_pd=0&userid=7012120695885202661&sid=4498291&kid=4151981&bid=12556528&c=55273&keyword=&sr=6&clickurl=https%3A%2F%2Fad1.adfarm1.adition.com%2Fredi%3Flid%3D7012120695907681490%26gdpr%3D0%26gdpr%5Fconsent%3D%26gdpr%5Fpd%3D0%26userid%3D7012120695885202661%26sid%3D4498291%26kid%3D4151982%26bid%3D12556467%26c%3D28136%26keyword%3D%26sr%3D6%26clickurl%3D
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://office365auth.capitalonegroup.info/ Page URL
- http://office365auth.capitalonegroup.info/page/bouncy.php?&bpae=GbhGsz%2FnwtZ99psh%2BxTH0QWRkGtgIS06Uvz1fe0Dtr0W4%2BSyig3eQcYoz1eMz92RnkKPYxfstY7HtTf8xVY6aZS30MpZ6DLCUonKFGkyYEFGw%2BvJOLYAGX%2FBd4U3Jftboth%2BPHZ%2FzMN5%2BQB8BZZG0UlBhe%2B8K%2BAs6wL2LCsbCQSgYURLFyX0YurYg%2BvdqZ8RqgVhSDHma3nPpTTWZ2gZUNnCq45wq%2FLN0Xka9H%2FTC%2Bl4%2B%2B%2BxlbCwv0N0eW89C9QZ6A3grJhjiDWH5iGK6QAKAX9j9fjs91YWzgsRD0hLQiasfvywqN8b0U4z340jPUia9%2FB6INZqCoI%2BAxa6VhUUALpUSTt2ERyNYazgPmDdwn9qPo67JBWhli9Tr%2FyJ6ztCSuzd8z6gM9LBY73Trddbfg3PK7UFXEWABhQSC4ejdPIK7R98joI4BsbPtvCiHw2oNGIqoUW%2FN9m4gf9QplF%2B%2Fza5OP4yroAz7l9SVi2jPM6ffIXt79DmMBHap9mtUBivXhACUzHEoOFIsQsK3gM7N0zr6jgqjLyhfQJexsu2e%2Bn25UbHJveBaJ%2BHFlxhojBl33Dy7txQoDx8w7%2FSlkG1TNhcrUqtBROF5j15CIrqRYnwJtpOJUAKZZbXZzFMBH2yDhTC2vpDU5fd0t9G66sUyn2nBjeqficJhFn6QfoWiT4ndrozorttZYPjm%2FYLEsExj9T0ZkNtIpvyY0JgPy%2FoU9%2B%2B4vSytEzalCKBb1Rmksk%2BXJVDwIt%2F4OvqvfCPVHL9Fmn7YeFjOQwDX44UkFu5s2QswAVpZyHmkonIJ51OeWjyEhTkolrBTgVo%2FIErndbgYNXgk%2BfychN%2BbibTPOeBj7ZI98qDWMdler4lXl9kuRNIbKkXtKD%2BiUU7MyWas9%2FPAedR5eqCvQmju96P6AvZ45E0mIC2xDOcUlyOAium4RwhlSnoaWnHQfl2hpudZ%2BlJmrjImXyZOoiQT8LWRr6MjyxWpUpYrBk0%2FXxDJ%2BZOLk9RCAM8UhoDf25PN0xzA9UVd5rFEHpJgqh6h7pBscAvPHCOs9StCoRXeCn6TQNc2l1Gh6iz9XaCGIBz%2B8mOpX%2Fl4fzrC7JMkuttvUdDLbV8n1nNih36PAfKQS4y41fDvHNtu%2Fgp1f94smiP6zU%2BRd9T5c3H%2BNsvsbWXVvlYMcZhhMusAWMMxohasmq%2BJsntTRr1cd0jdJBP6Xi6whGmfCsfZmyO4BZbw3gFQZ8YAzV7mOWbSsZXbxsFd7ATECJlyWHFISegLL7eHYUeKuRr6S9cs5hpArPuYBCHVH2gjzT1YicTf7%2BUTtUNYvcO%2B6ZOSmnW3tXz%2FPgEeNx2Ou7auLkHCLSz%2BHxRzeSxvr6H39c%2BEOJ8tx75yaivYjA5WNK4pHimps%2BTOXviIL8GqSKO9eiNOY92XRLb1UAiSh8ICEfLKyvDmMDzx7gv3VMHbfwM3fG8vLZeH63xsUdS9osKHceWSJ1vVK6DQ4s735Z4pROx2sQ0ld8zqO%2FK6iidNbIQOgJCP%2FT2NOu%2BrPwSuwEI2Za9Ncwq7aaaJgsjI%2FEuwTJh1qxkYbE1uh5D7n18IB2FW%2FuLuJ%2Fm3E0sucgbvyiaxsW2jSDIi7x4sETdGSOej62rvTGjebC33nZKpX0UUb2Hli2Ca%2BYCoda8KZ3I7QyKvzFv9V9Ti36pjGeEztgjf96mL6Ji%2BqRVnaU6f6ordzW3zkDM2zCA1T3GFVWwnJ7Wk0FsmHosmk9HvwFMhs9SRoN%2B54yE5tnh1PlwKF6p%2FqE3FOv1HVric%2B4sKfCIf7MuOEy%2B86y7cbSijJRGe64LZ7jKIs6WQyiOehed9A24fO5araTeBKWgxz%2BxgCKlznIEeKQDvPxLovFgxSXQ2E3ustvy9ozmp3EUfgH5q9DWKM18YM8cV49PUdYZDkZmIWsbNSc22LHTUficXwPoFndlBuDq3HDSb4ugiJV5lAPbP2aUnBsYF7mGjveekGAUIOWs&redirectType=js&inIframe=false&inPopUp=false Page URL
-
https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6RB_AzGGnYx2vUMbGgTknjRTUHApkf6JKnI6j6WA_S05kxA4Jl5PumzrtKGeLDN2bDp6O7CY8H5otvV17wkvfiSxVzUh4G27zB_xj91QQmqspmcTlx44u3Z3JFwh8HBc0z2-Z6fHMSbNGBaLP11-ybTxlVlYmiYqf7JiD1QHLabogr8LCdd9x4--nxXHMDCdNTCtEXj0Tb2f7RkdFluAf_FHv9bPxoH05T5YPpCIQWMGRs1oTTlUXMkwRTEXYeW976vR3OTBv1b9vzRX9IuvznAz7Ye9xJsGlgxM2Xb8gQnbOTZkCrT2IgEN6JXs5DH5E_D1yfuRddCuDOh2g5gz-yU4hPuNyU-e9KczIZLDzEnLyirZZ05f5Z-ckzC2CIUxuk8-2Slxy1ZiiNea2-gRao3zrONsIlSpyi8JLWY1o3p3E1ZmeizCYUc_9rNkHsdNKo8K9PtBCjFi1hT4kK8ZiR777bjry6Cuit3dcqc33VUouwkQr6BWZdChWyke_eC4vaew7Uu-skuS-1U0x1pUt2ofh8-ZCyKl0vde6Vanvb70f_RGbOl5lwVe61UIYrK28VBwiuLUmLFzuAr1iAGsmV_0QB2z-fUCoHKC5iJKzaIcpIVlvrmuMLZiS-aRkwfwkfACxyT2TGC-kOG9b0en2ftoQKS_ty6ZQ9nReIWvBNTiIEm_YkA_eFS_xYiROVTTzDhrix9KcMJlBVBZh1vjds2wMWpPXF36AkUGRb2mDm4uA-m-_9qZO1KWHvIUdYMVdXnWCSthwEd0bllYSgfeN1FSiEjRDlUw5VgTRv1Kgk-uCL1ZV-PqPeprN37i4Sgnnf6NAnIjlhwUMAGb0mb3iblM9b81IjB2kxxnP35IB_J21iVnKzCLNQ43OT338-HFqjZvgyGxFMuaKagbWnoFl-i433LTbjxWBeadUMBCA2iIa7YOWLroL5e5wAN9fa0E-VHemtA5-njSeq2jjHPGlowBtjZkahIhHKelylT5ydqQgFIWn31oeH1FHuV_FKCtKr2rQ7LaHcn5SHqzSk-KRg7qb2PPeTclojXmPyZ7KLga-yzkt54L1JiI8z1hX-jh2tlQEZUze64Sg4JB5-wQqVdcOYCkv8TSN9Oz7KUuHHuSEbPer4OrbqzsXngl4p5u5rKWmpwAowHldcIkSucK5ukOm8MU5JJIv4OxKk-psmyKq3QNZOBFe6bTs-ylLhx7kgPXB3AgauLLohl7S5xgFoEUE43vK9wrPdZBux3FUHjF38iUrcSEkyFxd04pqC2rIrUW2-30ONt4E7j86oVLpRsW-gI-N__3ihPz5DhJbK6m0dRWAT5y5pgpisJbmIY32Nxb-xXRUgILJoKhdvBuV6giGXtLnGAWgRQTje8r3Cs9yQeJQzKmJPYZKgsStkYie2IZe0ucYBaBFBON7yvcKz388GJ0qPLcfn6qr1HO1EZJ67F1dhtg6ytKnct0LI3b27mh6y2RNxf5w
HTTP 302
https://p237996.mybetterdl.com/adServe/domainClick?ai=utaGB_LycpNqqym3ENxkUkLPhgVVyPA-Xzq4vnC43fnuAzDr-DojLPFFzqKDcsZ5yxQ58Uk9kejmGve3h1XvC2_bGf0nagF0dRePfirJtYMCozyvMhv4-LlU-hBqlV3wbM7TR-A6o2LnrG8E1DfQ9WZHVFF3I5r1iGXtLnGAWgRQTje8r3Cs9ztgHbmegKwP69ojy3OPTxF6Se1gT8gCoWKeC3D9p_z2R7QcABl3KfH-IM8VNDArkIYYFTPvgdCZzemOHFtnc7a_sv4-1dMTzVE_VEqSqib4vsB0iuJvaA4l_jIE1GWrF0-cSEhrDbOxEkcnN0O_o7n7N9RLydVTTh8VzEnRK1KGnazT_fgIBNS4dnN5JBOCTIW_9plALkDivgUM53Dzny0iZs55fPbhlVFjRcsj7Dbq1aOuLzwF6DpmidZ79W2X0diAbtp9NeTI&ui=w_Wj54-Mm6RB_AzGGnYx2hRmEDfJrVfy5BqBrDJxXOEpwLuM3MdU-yyIon9TmgS5fAZKvFC0qEn-vypvfyFPnXSkmNBaySM_k422lYtwnZklzYpFQ8rLlA&si=1&oref=c4ed96b2ef188b61ee536af939e54e86&optunit=o3PohfWRZSRZYspU1JCr--wfNWU6mXTF&rb=9MD8j-wl9rc&rr=1&abtg=0 HTTP 302
https://rtb.disply.me/a2nn1qfjjoq046z6kph65 Page URL
-
http://rtb.disply.me/a2nn1qfjx4igfnzqh10a6
HTTP 302
https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H Page URL
- https://ad1.adfarm1.adition.com/banner?sid=4498272&gdpr=0&gdpr_consent=&kid=3890177&wpt=H Page URL
- http://www6.bildnewsaktuell.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6RB_AzGGnYx2vUMbGgTknjRTUHApkf6JKnI6j6WA_S05kxA4Jl5PumzrtKGeLDN2bDp6O7CY8H5otvV17wkvfiSxVzUh4G27zB_xj91QQmqspmcTlx44u3Z3JFwh8HBc0z2-Z6fHMSbNGBaLP11-ybTxlVlYmiYqf7JiD1QHLabogr8LCdd9x4--nxXHMDCdNTCtEXj0Tb2f7RkdFluAf_FHv9bPxoH05T5YPpCIQWMGRs1oTTlUXMkwRTEXYeW976vR3OTBv1b9vzRX9IuvznAz7Ye9xJsGlgxM2Xb8gQnbOTZkCrT2IgEN6JXs5DH5E_D1yfuRddCuDOh2g5gz-yU4hPuNyU-e9KczIZLDzEnLyirZZ05f5Z-ckzC2CIUxuk8-2Slxy1ZiiNea2-gRao3zrONsIlSpyi8JLWY1o3p3E1ZmeizCYUc_9rNkHsdNKo8K9PtBCjFi1hT4kK8ZiR777bjry6Cuit3dcqc33VUouwkQr6BWZdChWyke_eC4vaew7Uu-skuS-1U0x1pUt2ofh8-ZCyKl0vde6Vanvb70f_RGbOl5lwVe61UIYrK28VBwiuLUmLFzuAr1iAGsmV_0QB2z-fUCoHKC5iJKzaIcpIVlvrmuMLZiS-aRkwfwkfACxyT2TGC-kOG9b0en2ftoQKS_ty6ZQ9nReIWvBNTiIEm_YkA_eFS_xYiROVTTzDhrix9KcMJlBVBZh1vjds2wMWpPXF36AkUGRb2mDm4uA-m-_9qZO1KWHvIUdYMVdXnWCSthwEd0bllYSgfeN1FSiEjRDlUw5VgTRv1Kgk-uCL1ZV-PqPeprN37i4Sgnnf6NAnIjlhwUMAGb0mb3iblM9b81IjB2kxxnP35IB_J21iVnKzCLNQ43OT338-HFqjZvgyGxFMuaKagbWnoFl-i433LTbjxWBeadUMBCA2iIa7YOWLroL5e5wAN9fa0E-VHemtA5-njSeq2jjHPGlowBtjZkahIhHKelylT5ydqQgFIWn31oeH1FHuV_FKCtKr2rQ7LaHcn5SHqzSk-KRg7qb2PPeTclojXmPyZ7KLga-yzkt54L1JiI8z1hX-jh2tlQEZUze64Sg4JB5-wQqVdcOYCkv8TSN9Oz7KUuHHuSEbPer4OrbqzsXngl4p5u5rKWmpwAowHldcIkSucK5ukOm8MU5JJIv4OxKk-psmyKq3QNZOBFe6bTs-ylLhx7kgPXB3AgauLLohl7S5xgFoEUE43vK9wrPdZBux3FUHjF38iUrcSEkyFxd04pqC2rIrUW2-30ONt4E7j86oVLpRsW-gI-N__3ihPz5DhJbK6m0dRWAT5y5pgpisJbmIY32Nxb-xXRUgILJoKhdvBuV6giGXtLnGAWgRQTje8r3Cs9yQeJQzKmJPYZKgsStkYie2IZe0ucYBaBFBON7yvcKz388GJ0qPLcfn6qr1HO1EZJ67F1dhtg6ytKnct0LI3b27mh6y2RNxf5w HTTP 302
- https://p237996.mybetterdl.com/adServe/domainClick?ai=utaGB_LycpNqqym3ENxkUkLPhgVVyPA-Xzq4vnC43fnuAzDr-DojLPFFzqKDcsZ5yxQ58Uk9kejmGve3h1XvC2_bGf0nagF0dRePfirJtYMCozyvMhv4-LlU-hBqlV3wbM7TR-A6o2LnrG8E1DfQ9WZHVFF3I5r1iGXtLnGAWgRQTje8r3Cs9ztgHbmegKwP69ojy3OPTxF6Se1gT8gCoWKeC3D9p_z2R7QcABl3KfH-IM8VNDArkIYYFTPvgdCZzemOHFtnc7a_sv4-1dMTzVE_VEqSqib4vsB0iuJvaA4l_jIE1GWrF0-cSEhrDbOxEkcnN0O_o7n7N9RLydVTTh8VzEnRK1KGnazT_fgIBNS4dnN5JBOCTIW_9plALkDivgUM53Dzny0iZs55fPbhlVFjRcsj7Dbq1aOuLzwF6DpmidZ79W2X0diAbtp9NeTI&ui=w_Wj54-Mm6RB_AzGGnYx2hRmEDfJrVfy5BqBrDJxXOEpwLuM3MdU-yyIon9TmgS5fAZKvFC0qEn-vypvfyFPnXSkmNBaySM_k422lYtwnZklzYpFQ8rLlA&si=1&oref=c4ed96b2ef188b61ee536af939e54e86&optunit=o3PohfWRZSRZYspU1JCr--wfNWU6mXTF&rb=9MD8j-wl9rc&rr=1&abtg=0 HTTP 302
- https://rtb.disply.me/a2nn1qfjjoq046z6kph65
- http://rtb.disply.me/a2nn1qfjx4igfnzqh10a6 HTTP 302
- https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H
13 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
/
office365auth.capitalonegroup.info/ |
7 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bouncy.php
office365auth.capitalonegroup.info/page/ |
5 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
 Cookie set
a2nn1qfjjoq046z6kph65
rtb.disply.me/ Redirect Chain
|
297 B 570 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
banner
ad13.adfarm1.adition.com/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
banner
ad1.adfarm1.adition.com/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
0cb10f32-b650-44db-9d09-d916504dcba1
trk.exclusiveoffers.today/impression/ |
35 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
/
www6.bildnewsaktuell.com/ |
242 B 532 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adition.js
imagesrv.adition.com/js/ |
32 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
ad1.adfarm1.adition.com/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
banner
ad1.adfarm1.adition.com/ |
1 KB 995 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
ad1.adfarm1.adition.com/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
banner
ad1.adfarm1.adition.com/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
000001959007.jpg
imagesrv.adition.com/banners/3495/files/00/1d/e4/5f/ |
168 KB 168 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
37 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster object| Adition_Environment object| Adition_Jsonp_Manager object| Adition_VT_API object| Adition_VT_Manager object| Adition_PostMessageService function| Adition_OSId function| Adition_BrowserId function| Adition_ResId function| Adition_Referrer function| Adition_UserAgent function| Adition_Location function| Adition_Flash function| Adition_isFlashBlocked object| Adition_VT_Area string| ev function| Adition_VT_MeasurementContainer function| Adition_VT_MeasurementItem function| Adition_Prfstr number| ad_wid number| ad_count number| iframe string| ref number| os number| browser number| screen_res string| fvers string| ro string| uao string| prfstr string| autoo string| userid number| adjsver object| a string| oobClickURL function| AdOob6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .mybetterdl.com/ | Name: rhid Value: 79724138337 |
|
| .mybetterdl.com/ | Name: loi Value: ad_683043_off_276189_aff_15466_cid_237996-CAPITALONEGROUP.INFO_ts_1632636575 |
|
| rtb.disply.me/ | Name: YUC Value: 0afcd177-d107-4eb3-bd2b-a7c935c0fa55 |
|
| .adfarm1.adition.com/ | Name: UserID1 Value: 7012120695885202661 |
|
| .trk.exclusiveoffers.today/ | Name: bemob-uniq-impression:0cb10f32-b650-44db-9d09-d916504dcba1 Value: 1 |
|
| .trk.exclusiveoffers.today/ | Name: bemob-0cb10f32-b650-44db-9d09-d916504dcba1 Value: %7B%22extClickId%22%3Anull%2C%22cost%22%3A0%2C%22custom1%22%3A%22%7BMotiv%7D%22%2C%22custom2%22%3Anull%2C%22custom3%22%3Anull%2C%22custom4%22%3Anull%2C%22custom5%22%3Anull%2C%22custom6%22%3Anull%2C%22custom7%22%3Anull%2C%22custom8%22%3Anull%2C%22custom9%22%3Anull%2C%22custom10%22%3Anull%2C%22custom1Masked%22%3Anull%2C%22custom2Masked%22%3Anull%2C%22custom3Masked%22%3Anull%2C%22custom4Masked%22%3Anull%2C%22custom5Masked%22%3Anull%2C%22custom6Masked%22%3Anull%2C%22custom7Masked%22%3Anull%2C%22custom8Masked%22%3Anull%2C%22custom9Masked%22%3Anull%2C%22custom10Masked%22%3Anull%7D |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad1.adfarm1.adition.com
ad13.adfarm1.adition.com
imagesrv.adition.com
mybetterdl.com
office365auth.capitalonegroup.info
p237996.mybetterdl.com
rtb.disply.me
trk.exclusiveoffers.today
www6.bildnewsaktuell.com
173.192.101.24
217.79.188.10
217.79.188.2
217.79.188.54
3.127.168.54
72.52.178.23
85.13.157.212
85.184.251.201
19bcbba417f03dfe5358b46518999a4b3ef79d5e421d36c66bfc6925184646d9
211064e06472defea581f20733f241b724be1f14f1a8c3a6e2752914a229897e
29f1f7dbfd916d809c67ccbcd7c8ca33cc7a0c1373de3eb0c22c3374b11474f1
8a1b55f97771ca3deac18add2d1635d8c1ff8bc98254c709220cd80acac6ae38
9c3463d535e0296041e61dfd35268731e975d2c87747a719db1d35ca6b5d611e
ab0583ec3a9fc9a5b1b633c4999389700aedbd9c2198bf8f279c69721e0f05f2
b9309c8a3db6f4c28d2192ce4855e93e5945afe31d5fb001a08552126fc9ce47
bd2e9c695ede7d931c8ad281f2b6f4c94144ca86772437dbaf0b58df55875d01
f777f547b87b0aad5736dcbe64c1cc79f3aef991617880d185b187b3ae25754c