urlscan.io logo urlscan.io
SecurityTrails logo

www6.bildnewsaktuell.com Open in urlscan Pro
85.13.157.212  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://zeoinsight.com/
Effective URL: http://www6.bildnewsaktuell.com/
Submission: On September 14 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 11 HTTP transactions. The main IP is 85.13.157.212, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is www6.bildnewsaktuell.com.
This is the only time www6.bildnewsaktuell.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 69.16.231.57 32244 (LIQUIDWEB)
2 2 173.192.101.24 36351 (SOFTLAYER)
1 2 85.184.251.201 51862 (IONOS-AS)
1 217.79.188.54 24961 (MYLOC-AS ...)
3 217.79.188.2 24961 (MYLOC-AS ...)
1 85.13.157.212 34788 (NMM-AS D)
2 217.79.188.60 24961 (MYLOC-AS ...)
11 7
2    69.16.231.57 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb04.parklogic.com
zeoinsight.com
2    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
mybetterdl.com
p237996.mybetterdl.com
2    85.184.251.201 (Germany)

ASN51862 (IONOS-AS, DE)
PTR: ip85-184-251-201.pbiaas.com
rtb.disply.me
1    217.79.188.54 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: aa.adfarm1.adition.com
ad13.adfarm1.adition.com
3    217.79.188.2 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad1.adfarm1.adition.com
ad1.adfarm1.adition.com
1    85.13.157.212 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd40608.kasserver.com
www6.bildnewsaktuell.com
2    217.79.188.60 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com
Domain Requested by
3 ad1.adfarm1.adition.com ad13.adfarm1.adition.com
www6.bildnewsaktuell.com
ad1.adfarm1.adition.com
2 imagesrv.adition.com www6.bildnewsaktuell.com
2 rtb.disply.me 1 redirects zeoinsight.com
2 zeoinsight.com zeoinsight.com
1 www6.bildnewsaktuell.com ad1.adfarm1.adition.com
1 ad13.adfarm1.adition.com rtb.disply.me
1 p237996.mybetterdl.com 1 redirects
1 mybetterdl.com 1 redirects
0 trk.exclusiveoffers.today Failed ad1.adfarm1.adition.com
11 9

This site contains links to these domains. Also see Links.

Domain
ad1.adfarm1.adition.com
Subject Issuer Validity Valid
*.disply.me
AlphaSSL CA - SHA256 - G2		 2020-09-03 -
2021-10-05		 a year crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G2		 2021-05-21 -
2022-06-22		 a year crt.sh
*.adition.com
AlphaSSL CA - SHA256 - G2		 2021-04-15 -
2022-05-17		 a year crt.sh

This page contains 1 frames:

Primary Page: http://www6.bildnewsaktuell.com/
Frame ID: 103A4C79054E54661C4E715759670940
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://zeoinsight.com/ Page URL
  2. http://zeoinsight.com/page/bouncy.php?&bpae=GbhOcLHGglZ5j%2FOZ6F4vEVJWbml%2BJ8iAxxYdbRA5H8CI23E6Mz... Page URL
  3. https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6RB_AzGGnYx2kFYcXapzg15TUHApkf6JKnI6j6WA_S05qcKS7vDI... HTTP 302
    https://p237996.mybetterdl.com/adServe/domainClick?ai=utaGB_LycpNqqym3ENxkUvx81HHH4YMLRnHQIDNg-oXQff73Sp7GQ... HTTP 302
    https://rtb.disply.me/a2nn1qfjjoq046z6kph65 Page URL
  4. http://rtb.disply.me/a2nn1qfjx4igfnzqh10a6 HTTP 302
    https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H Page URL
  5. https://ad1.adfarm1.adition.com/banner?sid=4498272&gdpr=0&gdpr_consent=&kid=3890177&wpt=H Page URL
  6. http://www6.bildnewsaktuell.com/ Page URL

Page Statistics

11
Requests

64 %
HTTPS

0 %
IPv6

6
Domains

9
Subdomains

7
IPs

2
Countries

123 kB
Transfer

147 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://zeoinsight.com/ Page URL
  2. http://zeoinsight.com/page/bouncy.php?&bpae=GbhOcLHGglZ5j%2FOZ6F4vEVJWbml%2BJ8iAxxYdbRA5H8CI23E6MzTa8B3McGU0bdstoeOOYgC7FL6zobMkhO554byXy24Ht%2FsrxqOVHVoi44Iqu1woWzGxmy1aVVUEMw5DuRUdLm%2F1O1XYjHiEm5WnuAvn6Beo5tNt%2B9SpUoQe0Sw8kKB8zvrLLDiSNzwpjksGsU0egRiNqTeHscVtdQQpSOgfY3eo1bu%2F%2Fwny3hsh15qs%2FRWEgFHT5syM8VArnFBWZssqWrgCirIpD1gBg%2F7CBkTTgakBbGVWaotaQGhc2Q08WFAGWPDftCO33oUYfYN3WAtmhzkJeRn1xAvMcHPzJW5NylcIKo0GAQFwSQkxFr%2FJUdlSLb6xHWxovIJiWa%2FOnOSDoamoD24eGj2ZYTzZxuxg3fJPbvL87uKg%2FA%2B0%2BwRgqqR4PiV6BcvmuSjc%2FgLwdxAxjAY8rGJiZC8PIFrRwTCoqfAdO%2FdHWh7yvtsQQc1RTd8ax4RyOqe30p9RMk0Y6mVm%2F02MwBCl5nVZ3g%2FwnY1ch1ySSrmM9loXR4KXM5BBxmLqUdvtQbCnqmONVBVBD3O3iKFK4WoGVBf8owPYwJdv7zmO2xI1Fc0AqAmSUfo6UOEFIJC4jSnXiqbHWKqYoj4d8BT8GYDhQnvoGokSoSI1qI442XliPULMfI1X7gyND%2Bq24Sn3sZqpFQ8hG%2Bv0qnbFTaovpR73KDtvzzoqKx6IdnoDkKFa3zVPVL0lOBOPuAdZ15wCsag8Y5%2BiaX5uCfuI%2F06bznhTqKhgj%2BoIzIsQAYlzK97NL65%2F1B%2B3c%2F14mn2ieW%2FuL9M%2FZO91mqKQw0quQnhITKa4FF061TRHzeHz4RkZmhmelAws1zohLEDdVpKcvqjOuQCvUiWLQistxmFpPToo0kqwupccCn7VRWh3D53MlPaghX%2B3FMkX%2Beb0VIb%2F0n5h2mri7VoI%2FuUO8rQXZW4Vu4DQEU07%2FIFzWvGFt6jDx%2B0QGqlvfwgtJE6tHvxCeZuOmoMgdcB%2BFpG6UOS%2FaPWJtz75ILvpBhzCEhgcJyWFa%2Fuqmnx0lDbO%2B2y%2FbbmWJkoSCgDgNP2qMprpK1j9%2F6%2FE2Ss%2FeYRIh9b%2FSE9wVuEEZR3MB9sTlmb5FY8l2iL0w%2BAvWa7d6OEXp1inFGPsBuIBcOKHkFWPO3MlCXFsK3w0nScNIFilxNupPHv4O3XjgNLtWWZvpX03%2B6jAQkT69zxsjS4FMEJyYY%2FEbJ124kVPMhVJN0wiJydoLSaKmu6FZPiaQ6AxVG4pn2GTbfQAX8BOU6vjPYZgONc7a7Q%2FIHGIHWmmgcX3wds42cMITCMRoG364FKgrRp%2FEzb0VZcy%2FKmpJwgNY8sHqTB%2BjCUwwl4Zd1d8O9trGiKuLgK%2Bt1jU4NB7m83JR6FxtyeZ6bIjQ6JOeNRL4bLqnkKpyiQZehr89tpgcKTcDL1QNkXait%2BnnGpvowyeS5kSPAT2e7m8jggHLkB9EKQucjeJniVkX9eQgBA5wdGjonSZxoYBuUpAldWKdhBH3GOyzRwNbiXr1xAukDsc2uDqo9onvMZgFOLe7u0IYFPEi7IzURo0yBc91MdQLFlozYqxaTOdpo4cYlMuLsaYWSTiPJlh841rph5j6QKKJTkt%2BkT9uBIlakzpIRd12LOQ2TmDjjsFLGok0FHMyjdtlsvzrjLrREwQ%2FwC2WUbxs4NFDBV8WCMCq4dbK10rD7n2ubC2DD%2FyBwMQr6V2%2FyPmQ0kjvdkkIBeengOCKFAiNVdsHRD4yLz8eSk55w6qC60qeP6DYXWP9g3s1Y9xjlkvmpfU3SyCkcmEtT0E4hFXXV%2Bo2sI%2B7WYCYOqv%2F0OHuCziJ5rbk9RBtg2bgcORnPV4V8s9uS5GrhX5MQ5OmM1u957G37DP20GDj8I4149Ktre7lzfUgUFLq5dsfoJlacHJxckDBNvyy5rP2xHxazpcOkidxe2S%2FD6V3lJAG7GsCZovWre0VPe06gadcf8mfLY6KLRJLITebO2JhOqUdcAjKqedHiGGU8yCufDUDqaVOIcnxwdGs2kqthV%2Fp9He0HNJs1fW55w082MQPyZf406z4Bibd%2BLsnKspWm2RZKooyGAM9RpchkXSFwCGlQ3N0grHb%2BNVis4Utw5avmpNIzSO7BzpgpnK7NcxsrRjfK84u7F3fEKu3w%3D%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
  3. https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6RB_AzGGnYx2kFYcXapzg15TUHApkf6JKnI6j6WA_S05qcKS7vDIZtzmIMBUk7ob4rp6O7CY8H5otvV17wkvfiSxVzUh4G27zB_xj91QQmqspmcTlx44u3Z3JFwh8HBc0z2-Z6fHMSbNGBaLP11-ybTxlVlYmiYqf7JiD1QHLabogr8LCdd9x4--nxXHMDCdNQlfBt8onl5sCpmMA32VGgQ5kZbe_Xvn84ASCh-rYSZ0W5WO5-VNrjgiXtFd94wxZvYDPPtH8b_jFDrgD_uAqKUxLiJVat2mjHXbBya9w_clYfcAUz2LScUUOuAP-4CopQFTTdYLIiJpBwPes1UkhpKjFCHlSwbKUx4tGUiITb-z-Z_fTpi_OSez9qf3vnWpIh_YlXJxkCIfszjtPkJbU7nPdvx_-2cYQrNBDjVWfHy-rwdbfYGE1HDxtLIBxv6gqcGc3sIm3yJpeURxn_YnP6FPHDuLLu6BLTWRyI9bY5ZTF_pgvo1yXTkigXpPSNIDhPsC5Du0eb9H-VPuNMBwahIeA_ZbE7DcExSKOQftQwS3EqAY9wBRGv31-2iVhxlfs2yEH9BGfd4lMG9QEcs4t7aowOC05RGOEwCF9p6PAYCz3NjvKgrRu-k3ckXYVC7yKez_JFwZGHQ-n6hR5Zyphun2jXKNNEAJ_9LwRZUAtuNwkRgpefHFmsqlX82yCkArnV1f6QliFTOFxT4ZEfYWD1ICfr2oemUPE4YK_KgMNyclhH4oUmX1SfU3D52-37WF8Cf96zpVtt70-e4AO5due9uFNu4HzAslpHzCHpcLe_yj5d-3xujPGih73G_-OKpW0Kj94UieU4UDqVZk7fy-eUYw_Crsz_Em65yIG8T6gIhNDWphFQMnRctHAxns6jPapLnWCSthwEd0bllYSgfeN1FSiEjRDlUw5XWCRXMk6mpokr3Zr6tFQA35hcNN7LNKjzSjb4M_HpH--OZ4WQSJMZaOYVMKA3i_c5BkkJVbO-_yJqZXKUu1xIte_n6tPAaRg_akZz8g-xt228cAPv-UsRm3O_0SIIFnnxewNrUifNMU67YOWLroL5e5wAN9fa0E-VHemtA5-njSeq2jjHPGlowBtjZkahIhHKelylT5ydqQviCd00haNARIFq76KNt4ONHQJpsyxV7m4MRXfqc9uZLa4fRBFckWAOikJqB5W6FAL90j4MI3tBeZISyGMJqezdY4GXqWgil0a5iKz9pTYVV3NUyS2OY4LGBq4r66DLXDHKpzb4RnYcMWoUrD5b5-r7l2lDkdfbcBIwMWm0GiwcindQUxmqxHJ-6ton4a9sn4IYUYJddZNGEFHmQcG0kBTr8fNRxx-GDC4FxlhMLvnBcT3rYwu0Hoy6KQtqkUKj6_Wc3Ug5sxsZFOJcToUpEMHEGC0DA_2Sg4OYRXe1vmTFRCszjyL6bm7IFBO1vVWn-LMnkTrRGB4k5Lq2nIPprBO4RWle7_eNRGmEJTDGK9STkB15U6cmWi_w3jyUJvdi1rS8hDZyngQQrmvdNVb-Ai2vi794OMkDOJSCi1KCHjgdtmvdNVb-Ai2sCm_H7JEf8VK0yTLXpX2uKsAjKIsa6aWL8fNRxx-GDC4FxlhMLvnBc4X7wdGttzXcEJs9aHtOyrx86oA2CjIjxfe9OdJLN9o2HVDv-ud4rYbkcEcAYjxpLMbF5KqSyo8zYgG7afTXkyA HTTP 302
    https://p237996.mybetterdl.com/adServe/domainClick?ai=utaGB_LycpNqqym3ENxkUvx81HHH4YMLRnHQIDNg-oXQff73Sp7GQkVxYxDDN7gY9rZ6tMHgNHDRbxcuQMdu715gdpClM_f53AFw4JvCRI_RbxcuQMdu7_hJ8duLREOQACcGElMjU6jtvkx7PqDXPcDj8sH1B6iOcmzq1go7lsR1F49-Ksm1gwKjPK8yG_j4uVT6EGqVXfBsztNH4DqjYuesbwTUN9D1Wm39zzgS9NA6VJ_CXIEE9n4VbuqZVastAUgheKjLQ6KwCMoixrppYvx81HHH4YMLgXGWEwu-cFx_qCYvh_QGQ9bL3VvQXsFhyeROtEYHiTln7WVcLkdWPyZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxH-1_GqjSgzASAlEMfER0v1BbsozkC8-D-BybpyqSvYhWESdMhZIohUhp7t-pSZeDBzLOpT0JHMp&ui=w_Wj54-Mm6RB_AzGGnYx2og1MaRauQ365BqBrDJxXOHJ5E60RgeJOefK5qIrMZDbs9RmWU7Oh4Ci8-e0FB1Em_r9Tt-MT7uWtI2Y8N8XTsbTufO7hN5_zg&si=1&oref=99ebc5f548883b59699b97cb27409827&optunit=BCbPWh7Tsq9OJ9bA5ZnuUw&rb=1MVhHKAMSa4&rr=4&abtg=0 HTTP 302
    https://rtb.disply.me/a2nn1qfjjoq046z6kph65 Page URL
  4. http://rtb.disply.me/a2nn1qfjx4igfnzqh10a6 HTTP 302
    https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H Page URL
  5. https://ad1.adfarm1.adition.com/banner?sid=4498272&gdpr=0&gdpr_consent=&kid=3890177&wpt=H Page URL
  6. http://www6.bildnewsaktuell.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6RB_AzGGnYx2kFYcXapzg15TUHApkf6JKnI6j6WA_S05qcKS7vDIZtzmIMBUk7ob4rp6O7CY8H5otvV17wkvfiSxVzUh4G27zB_xj91QQmqspmcTlx44u3Z3JFwh8HBc0z2-Z6fHMSbNGBaLP11-ybTxlVlYmiYqf7JiD1QHLabogr8LCdd9x4--nxXHMDCdNQlfBt8onl5sCpmMA32VGgQ5kZbe_Xvn84ASCh-rYSZ0W5WO5-VNrjgiXtFd94wxZvYDPPtH8b_jFDrgD_uAqKUxLiJVat2mjHXbBya9w_clYfcAUz2LScUUOuAP-4CopQFTTdYLIiJpBwPes1UkhpKjFCHlSwbKUx4tGUiITb-z-Z_fTpi_OSez9qf3vnWpIh_YlXJxkCIfszjtPkJbU7nPdvx_-2cYQrNBDjVWfHy-rwdbfYGE1HDxtLIBxv6gqcGc3sIm3yJpeURxn_YnP6FPHDuLLu6BLTWRyI9bY5ZTF_pgvo1yXTkigXpPSNIDhPsC5Du0eb9H-VPuNMBwahIeA_ZbE7DcExSKOQftQwS3EqAY9wBRGv31-2iVhxlfs2yEH9BGfd4lMG9QEcs4t7aowOC05RGOEwCF9p6PAYCz3NjvKgrRu-k3ckXYVC7yKez_JFwZGHQ-n6hR5Zyphun2jXKNNEAJ_9LwRZUAtuNwkRgpefHFmsqlX82yCkArnV1f6QliFTOFxT4ZEfYWD1ICfr2oemUPE4YK_KgMNyclhH4oUmX1SfU3D52-37WF8Cf96zpVtt70-e4AO5due9uFNu4HzAslpHzCHpcLe_yj5d-3xujPGih73G_-OKpW0Kj94UieU4UDqVZk7fy-eUYw_Crsz_Em65yIG8T6gIhNDWphFQMnRctHAxns6jPapLnWCSthwEd0bllYSgfeN1FSiEjRDlUw5XWCRXMk6mpokr3Zr6tFQA35hcNN7LNKjzSjb4M_HpH--OZ4WQSJMZaOYVMKA3i_c5BkkJVbO-_yJqZXKUu1xIte_n6tPAaRg_akZz8g-xt228cAPv-UsRm3O_0SIIFnnxewNrUifNMU67YOWLroL5e5wAN9fa0E-VHemtA5-njSeq2jjHPGlowBtjZkahIhHKelylT5ydqQviCd00haNARIFq76KNt4ONHQJpsyxV7m4MRXfqc9uZLa4fRBFckWAOikJqB5W6FAL90j4MI3tBeZISyGMJqezdY4GXqWgil0a5iKz9pTYVV3NUyS2OY4LGBq4r66DLXDHKpzb4RnYcMWoUrD5b5-r7l2lDkdfbcBIwMWm0GiwcindQUxmqxHJ-6ton4a9sn4IYUYJddZNGEFHmQcG0kBTr8fNRxx-GDC4FxlhMLvnBcT3rYwu0Hoy6KQtqkUKj6_Wc3Ug5sxsZFOJcToUpEMHEGC0DA_2Sg4OYRXe1vmTFRCszjyL6bm7IFBO1vVWn-LMnkTrRGB4k5Lq2nIPprBO4RWle7_eNRGmEJTDGK9STkB15U6cmWi_w3jyUJvdi1rS8hDZyngQQrmvdNVb-Ai2vi794OMkDOJSCi1KCHjgdtmvdNVb-Ai2sCm_H7JEf8VK0yTLXpX2uKsAjKIsa6aWL8fNRxx-GDC4FxlhMLvnBc4X7wdGttzXcEJs9aHtOyrx86oA2CjIjxfe9OdJLN9o2HVDv-ud4rYbkcEcAYjxpLMbF5KqSyo8zYgG7afTXkyA HTTP 302
  • https://p237996.mybetterdl.com/adServe/domainClick?ai=utaGB_LycpNqqym3ENxkUvx81HHH4YMLRnHQIDNg-oXQff73Sp7GQkVxYxDDN7gY9rZ6tMHgNHDRbxcuQMdu715gdpClM_f53AFw4JvCRI_RbxcuQMdu7_hJ8duLREOQACcGElMjU6jtvkx7PqDXPcDj8sH1B6iOcmzq1go7lsR1F49-Ksm1gwKjPK8yG_j4uVT6EGqVXfBsztNH4DqjYuesbwTUN9D1Wm39zzgS9NA6VJ_CXIEE9n4VbuqZVastAUgheKjLQ6KwCMoixrppYvx81HHH4YMLgXGWEwu-cFx_qCYvh_QGQ9bL3VvQXsFhyeROtEYHiTln7WVcLkdWPyZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxH-1_GqjSgzASAlEMfER0v1BbsozkC8-D-BybpyqSvYhWESdMhZIohUhp7t-pSZeDBzLOpT0JHMp&ui=w_Wj54-Mm6RB_AzGGnYx2og1MaRauQ365BqBrDJxXOHJ5E60RgeJOefK5qIrMZDbs9RmWU7Oh4Ci8-e0FB1Em_r9Tt-MT7uWtI2Y8N8XTsbTufO7hN5_zg&si=1&oref=99ebc5f548883b59699b97cb27409827&optunit=BCbPWh7Tsq9OJ9bA5ZnuUw&rb=1MVhHKAMSa4&rr=4&abtg=0 HTTP 302
  • https://rtb.disply.me/a2nn1qfjjoq046z6kph65
Request Chain 3
  • http://rtb.disply.me/a2nn1qfjx4igfnzqh10a6 HTTP 302
  • https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
zeoinsight.com/ 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://zeoinsight.com/
Protocol
HTTP/1.1
Server
69.16.231.57 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb04.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/5.4.16
Resource Hash

Request headers

Host
zeoinsight.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 14 Sep 2021 17:11:54 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By
PHP/5.4.16
Content-Length
7564
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
bouncy.php
zeoinsight.com/page/ 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://zeoinsight.com/page/bouncy.php?&bpae=GbhOcLHGglZ5j%2FOZ6F4vEVJWbml%2BJ8iAxxYdbRA5H8CI23E6MzTa8B3McGU0bdstoeOOYgC7FL6zobMkhO554byXy24Ht%2FsrxqOVHVoi44Iqu1woWzGxmy1aVVUEMw5DuRUdLm%2F1O1XYjHiEm5WnuAvn6Beo5tNt%2B9SpUoQe0Sw8kKB8zvrLLDiSNzwpjksGsU0egRiNqTeHscVtdQQpSOgfY3eo1bu%2F%2Fwny3hsh15qs%2FRWEgFHT5syM8VArnFBWZssqWrgCirIpD1gBg%2F7CBkTTgakBbGVWaotaQGhc2Q08WFAGWPDftCO33oUYfYN3WAtmhzkJeRn1xAvMcHPzJW5NylcIKo0GAQFwSQkxFr%2FJUdlSLb6xHWxovIJiWa%2FOnOSDoamoD24eGj2ZYTzZxuxg3fJPbvL87uKg%2FA%2B0%2BwRgqqR4PiV6BcvmuSjc%2FgLwdxAxjAY8rGJiZC8PIFrRwTCoqfAdO%2FdHWh7yvtsQQc1RTd8ax4RyOqe30p9RMk0Y6mVm%2F02MwBCl5nVZ3g%2FwnY1ch1ySSrmM9loXR4KXM5BBxmLqUdvtQbCnqmONVBVBD3O3iKFK4WoGVBf8owPYwJdv7zmO2xI1Fc0AqAmSUfo6UOEFIJC4jSnXiqbHWKqYoj4d8BT8GYDhQnvoGokSoSI1qI442XliPULMfI1X7gyND%2Bq24Sn3sZqpFQ8hG%2Bv0qnbFTaovpR73KDtvzzoqKx6IdnoDkKFa3zVPVL0lOBOPuAdZ15wCsag8Y5%2BiaX5uCfuI%2F06bznhTqKhgj%2BoIzIsQAYlzK97NL65%2F1B%2B3c%2F14mn2ieW%2FuL9M%2FZO91mqKQw0quQnhITKa4FF061TRHzeHz4RkZmhmelAws1zohLEDdVpKcvqjOuQCvUiWLQistxmFpPToo0kqwupccCn7VRWh3D53MlPaghX%2B3FMkX%2Beb0VIb%2F0n5h2mri7VoI%2FuUO8rQXZW4Vu4DQEU07%2FIFzWvGFt6jDx%2B0QGqlvfwgtJE6tHvxCeZuOmoMgdcB%2BFpG6UOS%2FaPWJtz75ILvpBhzCEhgcJyWFa%2Fuqmnx0lDbO%2B2y%2FbbmWJkoSCgDgNP2qMprpK1j9%2F6%2FE2Ss%2FeYRIh9b%2FSE9wVuEEZR3MB9sTlmb5FY8l2iL0w%2BAvWa7d6OEXp1inFGPsBuIBcOKHkFWPO3MlCXFsK3w0nScNIFilxNupPHv4O3XjgNLtWWZvpX03%2B6jAQkT69zxsjS4FMEJyYY%2FEbJ124kVPMhVJN0wiJydoLSaKmu6FZPiaQ6AxVG4pn2GTbfQAX8BOU6vjPYZgONc7a7Q%2FIHGIHWmmgcX3wds42cMITCMRoG364FKgrRp%2FEzb0VZcy%2FKmpJwgNY8sHqTB%2BjCUwwl4Zd1d8O9trGiKuLgK%2Bt1jU4NB7m83JR6FxtyeZ6bIjQ6JOeNRL4bLqnkKpyiQZehr89tpgcKTcDL1QNkXait%2BnnGpvowyeS5kSPAT2e7m8jggHLkB9EKQucjeJniVkX9eQgBA5wdGjonSZxoYBuUpAldWKdhBH3GOyzRwNbiXr1xAukDsc2uDqo9onvMZgFOLe7u0IYFPEi7IzURo0yBc91MdQLFlozYqxaTOdpo4cYlMuLsaYWSTiPJlh841rph5j6QKKJTkt%2BkT9uBIlakzpIRd12LOQ2TmDjjsFLGok0FHMyjdtlsvzrjLrREwQ%2FwC2WUbxs4NFDBV8WCMCq4dbK10rD7n2ubC2DD%2FyBwMQr6V2%2FyPmQ0kjvdkkIBeengOCKFAiNVdsHRD4yLz8eSk55w6qC60qeP6DYXWP9g3s1Y9xjlkvmpfU3SyCkcmEtT0E4hFXXV%2Bo2sI%2B7WYCYOqv%2F0OHuCziJ5rbk9RBtg2bgcORnPV4V8s9uS5GrhX5MQ5OmM1u957G37DP20GDj8I4149Ktre7lzfUgUFLq5dsfoJlacHJxckDBNvyy5rP2xHxazpcOkidxe2S%2FD6V3lJAG7GsCZovWre0VPe06gadcf8mfLY6KLRJLITebO2JhOqUdcAjKqedHiGGU8yCufDUDqaVOIcnxwdGs2kqthV%2Fp9He0HNJs1fW55w082MQPyZf406z4Bibd%2BLsnKspWm2RZKooyGAM9RpchkXSFwCGlQ3N0grHb%2BNVis4Utw5avmpNIzSO7BzpgpnK7NcxsrRjfK84u7F3fEKu3w%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: zeoinsight.com
URL: http://zeoinsight.com/
Protocol
HTTP/1.1
Server
69.16.231.57 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb04.parklogic.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/5.4.16
Resource Hash

Request headers

Host
zeoinsight.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://zeoinsight.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://zeoinsight.com/

Response headers

Date
Tue, 14 Sep 2021 17:11:54 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By
PHP/5.4.16
Content-Length
5794
Keep-Alive
timeout=5, max=70
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Cookie set a2nn1qfjjoq046z6kph65
rtb.disply.me/
Redirect Chain
  • https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6RB_AzGGnYx2kFYcXapzg15TUHApkf6JKnI6j6WA_S05qcKS7vDIZtzmIMBUk7ob4rp6O7CY8H5otvV17wkvfiSxVzUh4G27zB_xj91QQmqspmcTlx44u3Z3JFwh8HBc0z2-Z6fHMSbNGBaLP11-yb...
  • https://p237996.mybetterdl.com/adServe/domainClick?ai=utaGB_LycpNqqym3ENxkUvx81HHH4YMLRnHQIDNg-oXQff73Sp7GQkVxYxDDN7gY9rZ6tMHgNHDRbxcuQMdu715gdpClM_f53AFw4JvCRI_RbxcuQMdu7_hJ8duLREOQACcGElMjU6jtvkx...
  • https://rtb.disply.me/a2nn1qfjjoq046z6kph65
297 B
570 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.disply.me/a2nn1qfjjoq046z6kph65
Requested by
Host: zeoinsight.com
URL: http://zeoinsight.com/page/bouncy.php?&bpae=GbhOcLHGglZ5j%2FOZ6F4vEVJWbml%2BJ8iAxxYdbRA5H8CI23E6MzTa8B3McGU0bdstoeOOYgC7FL6zobMkhO554byXy24Ht%2FsrxqOVHVoi44Iqu1woWzGxmy1aVVUEMw5DuRUdLm%2F1O1XYjHiEm5WnuAvn6Beo5tNt%2B9SpUoQe0Sw8kKB8zvrLLDiSNzwpjksGsU0egRiNqTeHscVtdQQpSOgfY3eo1bu%2F%2Fwny3hsh15qs%2FRWEgFHT5syM8VArnFBWZssqWrgCirIpD1gBg%2F7CBkTTgakBbGVWaotaQGhc2Q08WFAGWPDftCO33oUYfYN3WAtmhzkJeRn1xAvMcHPzJW5NylcIKo0GAQFwSQkxFr%2FJUdlSLb6xHWxovIJiWa%2FOnOSDoamoD24eGj2ZYTzZxuxg3fJPbvL87uKg%2FA%2B0%2BwRgqqR4PiV6BcvmuSjc%2FgLwdxAxjAY8rGJiZC8PIFrRwTCoqfAdO%2FdHWh7yvtsQQc1RTd8ax4RyOqe30p9RMk0Y6mVm%2F02MwBCl5nVZ3g%2FwnY1ch1ySSrmM9loXR4KXM5BBxmLqUdvtQbCnqmONVBVBD3O3iKFK4WoGVBf8owPYwJdv7zmO2xI1Fc0AqAmSUfo6UOEFIJC4jSnXiqbHWKqYoj4d8BT8GYDhQnvoGokSoSI1qI442XliPULMfI1X7gyND%2Bq24Sn3sZqpFQ8hG%2Bv0qnbFTaovpR73KDtvzzoqKx6IdnoDkKFa3zVPVL0lOBOPuAdZ15wCsag8Y5%2BiaX5uCfuI%2F06bznhTqKhgj%2BoIzIsQAYlzK97NL65%2F1B%2B3c%2F14mn2ieW%2FuL9M%2FZO91mqKQw0quQnhITKa4FF061TRHzeHz4RkZmhmelAws1zohLEDdVpKcvqjOuQCvUiWLQistxmFpPToo0kqwupccCn7VRWh3D53MlPaghX%2B3FMkX%2Beb0VIb%2F0n5h2mri7VoI%2FuUO8rQXZW4Vu4DQEU07%2FIFzWvGFt6jDx%2B0QGqlvfwgtJE6tHvxCeZuOmoMgdcB%2BFpG6UOS%2FaPWJtz75ILvpBhzCEhgcJyWFa%2Fuqmnx0lDbO%2B2y%2FbbmWJkoSCgDgNP2qMprpK1j9%2F6%2FE2Ss%2FeYRIh9b%2FSE9wVuEEZR3MB9sTlmb5FY8l2iL0w%2BAvWa7d6OEXp1inFGPsBuIBcOKHkFWPO3MlCXFsK3w0nScNIFilxNupPHv4O3XjgNLtWWZvpX03%2B6jAQkT69zxsjS4FMEJyYY%2FEbJ124kVPMhVJN0wiJydoLSaKmu6FZPiaQ6AxVG4pn2GTbfQAX8BOU6vjPYZgONc7a7Q%2FIHGIHWmmgcX3wds42cMITCMRoG364FKgrRp%2FEzb0VZcy%2FKmpJwgNY8sHqTB%2BjCUwwl4Zd1d8O9trGiKuLgK%2Bt1jU4NB7m83JR6FxtyeZ6bIjQ6JOeNRL4bLqnkKpyiQZehr89tpgcKTcDL1QNkXait%2BnnGpvowyeS5kSPAT2e7m8jggHLkB9EKQucjeJniVkX9eQgBA5wdGjonSZxoYBuUpAldWKdhBH3GOyzRwNbiXr1xAukDsc2uDqo9onvMZgFOLe7u0IYFPEi7IzURo0yBc91MdQLFlozYqxaTOdpo4cYlMuLsaYWSTiPJlh841rph5j6QKKJTkt%2BkT9uBIlakzpIRd12LOQ2TmDjjsFLGok0FHMyjdtlsvzrjLrREwQ%2FwC2WUbxs4NFDBV8WCMCq4dbK10rD7n2ubC2DD%2FyBwMQr6V2%2FyPmQ0kjvdkkIBeengOCKFAiNVdsHRD4yLz8eSk55w6qC60qeP6DYXWP9g3s1Y9xjlkvmpfU3SyCkcmEtT0E4hFXXV%2Bo2sI%2B7WYCYOqv%2F0OHuCziJ5rbk9RBtg2bgcORnPV4V8s9uS5GrhX5MQ5OmM1u957G37DP20GDj8I4149Ktre7lzfUgUFLq5dsfoJlacHJxckDBNvyy5rP2xHxazpcOkidxe2S%2FD6V3lJAG7GsCZovWre0VPe06gadcf8mfLY6KLRJLITebO2JhOqUdcAjKqedHiGGU8yCufDUDqaVOIcnxwdGs2kqthV%2Fp9He0HNJs1fW55w082MQPyZf406z4Bibd%2BLsnKspWm2RZKooyGAM9RpchkXSFwCGlQ3N0grHb%2BNVis4Utw5avmpNIzSO7BzpgpnK7NcxsrRjfK84u7F3fEKu3w%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.184.251.201 , Germany, ASN51862 (IONOS-AS, DE),
Reverse DNS
ip85-184-251-201.pbiaas.com
Software
nginx/1.13.0 / PHP/5.6.30
Resource Hash

Request headers

Host
rtb.disply.me
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://zeoinsight.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://zeoinsight.com/page/bouncy.php?&bpae=GbhOcLHGglZ5j%2FOZ6F4vEVJWbml%2BJ8iAxxYdbRA5H8CI23E6MzTa8B3McGU0bdstoeOOYgC7FL6zobMkhO554byXy24Ht%2FsrxqOVHVoi44Iqu1woWzGxmy1aVVUEMw5DuRUdLm%2F1O1XYjHiEm5WnuAvn6Beo5tNt%2B9SpUoQe0Sw8kKB8zvrLLDiSNzwpjksGsU0egRiNqTeHscVtdQQpSOgfY3eo1bu%2F%2Fwny3hsh15qs%2FRWEgFHT5syM8VArnFBWZssqWrgCirIpD1gBg%2F7CBkTTgakBbGVWaotaQGhc2Q08WFAGWPDftCO33oUYfYN3WAtmhzkJeRn1xAvMcHPzJW5NylcIKo0GAQFwSQkxFr%2FJUdlSLb6xHWxovIJiWa%2FOnOSDoamoD24eGj2ZYTzZxuxg3fJPbvL87uKg%2FA%2B0%2BwRgqqR4PiV6BcvmuSjc%2FgLwdxAxjAY8rGJiZC8PIFrRwTCoqfAdO%2FdHWh7yvtsQQc1RTd8ax4RyOqe30p9RMk0Y6mVm%2F02MwBCl5nVZ3g%2FwnY1ch1ySSrmM9loXR4KXM5BBxmLqUdvtQbCnqmONVBVBD3O3iKFK4WoGVBf8owPYwJdv7zmO2xI1Fc0AqAmSUfo6UOEFIJC4jSnXiqbHWKqYoj4d8BT8GYDhQnvoGokSoSI1qI442XliPULMfI1X7gyND%2Bq24Sn3sZqpFQ8hG%2Bv0qnbFTaovpR73KDtvzzoqKx6IdnoDkKFa3zVPVL0lOBOPuAdZ15wCsag8Y5%2BiaX5uCfuI%2F06bznhTqKhgj%2BoIzIsQAYlzK97NL65%2F1B%2B3c%2F14mn2ieW%2FuL9M%2FZO91mqKQw0quQnhITKa4FF061TRHzeHz4RkZmhmelAws1zohLEDdVpKcvqjOuQCvUiWLQistxmFpPToo0kqwupccCn7VRWh3D53MlPaghX%2B3FMkX%2Beb0VIb%2F0n5h2mri7VoI%2FuUO8rQXZW4Vu4DQEU07%2FIFzWvGFt6jDx%2B0QGqlvfwgtJE6tHvxCeZuOmoMgdcB%2BFpG6UOS%2FaPWJtz75ILvpBhzCEhgcJyWFa%2Fuqmnx0lDbO%2B2y%2FbbmWJkoSCgDgNP2qMprpK1j9%2F6%2FE2Ss%2FeYRIh9b%2FSE9wVuEEZR3MB9sTlmb5FY8l2iL0w%2BAvWa7d6OEXp1inFGPsBuIBcOKHkFWPO3MlCXFsK3w0nScNIFilxNupPHv4O3XjgNLtWWZvpX03%2B6jAQkT69zxsjS4FMEJyYY%2FEbJ124kVPMhVJN0wiJydoLSaKmu6FZPiaQ6AxVG4pn2GTbfQAX8BOU6vjPYZgONc7a7Q%2FIHGIHWmmgcX3wds42cMITCMRoG364FKgrRp%2FEzb0VZcy%2FKmpJwgNY8sHqTB%2BjCUwwl4Zd1d8O9trGiKuLgK%2Bt1jU4NB7m83JR6FxtyeZ6bIjQ6JOeNRL4bLqnkKpyiQZehr89tpgcKTcDL1QNkXait%2BnnGpvowyeS5kSPAT2e7m8jggHLkB9EKQucjeJniVkX9eQgBA5wdGjonSZxoYBuUpAldWKdhBH3GOyzRwNbiXr1xAukDsc2uDqo9onvMZgFOLe7u0IYFPEi7IzURo0yBc91MdQLFlozYqxaTOdpo4cYlMuLsaYWSTiPJlh841rph5j6QKKJTkt%2BkT9uBIlakzpIRd12LOQ2TmDjjsFLGok0FHMyjdtlsvzrjLrREwQ%2FwC2WUbxs4NFDBV8WCMCq4dbK10rD7n2ubC2DD%2FyBwMQr6V2%2FyPmQ0kjvdkkIBeengOCKFAiNVdsHRD4yLz8eSk55w6qC60qeP6DYXWP9g3s1Y9xjlkvmpfU3SyCkcmEtT0E4hFXXV%2Bo2sI%2B7WYCYOqv%2F0OHuCziJ5rbk9RBtg2bgcORnPV4V8s9uS5GrhX5MQ5OmM1u957G37DP20GDj8I4149Ktre7lzfUgUFLq5dsfoJlacHJxckDBNvyy5rP2xHxazpcOkidxe2S%2FD6V3lJAG7GsCZovWre0VPe06gadcf8mfLY6KLRJLITebO2JhOqUdcAjKqedHiGGU8yCufDUDqaVOIcnxwdGs2kqthV%2Fp9He0HNJs1fW55w082MQPyZf406z4Bibd%2BLsnKspWm2RZKooyGAM9RpchkXSFwCGlQ3N0grHb%2BNVis4Utw5avmpNIzSO7BzpgpnK7NcxsrRjfK84u7F3fEKu3w%3D%3D&redirectType=js&inIframe=false&inPopUp=false

Response headers

Server
nginx/1.13.0
Date
Tue, 14 Sep 2021 17:11:55 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.6.30
Set-Cookie
YUC=50d3a429-1c38-4639-8cf1-fb6e75480955; expires=Tue, 14-Dec-2021 17:11:55 GMT; Max-Age=7862400; path=/
X-Node
de-pool01-tr01
Content-Encoding
gzip

Redirect headers

server
nginx
date
Tue, 14 Sep 2021 17:11:55 GMT
content-length
0
set-cookie
rhid=79632146694; Max-Age=15552000; Expires=Sun, 13-Mar-2022 17:11:55 GMT; Domain=mybetterdl.com; Path=/; SameSite=None; secure; loi=ad_683043_off_276189_aff_15466_cid_237996-ZEOINSIGHT.COM_ts_1631639515; Max-Age=3600; Expires=Tue, 14-Sep-2021 18:11:55 GMT; Domain=mybetterdl.com; Path=/; SameSite=None; secure;
location
https://rtb.disply.me/a2nn1qfjjoq046z6kph65
banner
ad13.adfarm1.adition.com/
Redirect Chain
  • http://rtb.disply.me/a2nn1qfjx4igfnzqh10a6
  • https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H
Requested by
Host: rtb.disply.me
URL: https://rtb.disply.me/a2nn1qfjjoq046z6kph65
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
aa.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash

Request headers

:method
GET
:authority
ad13.adfarm1.adition.com
:scheme
https
:path
/banner?sid=3699872&kid=3386344&wpt=H
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rtb.disply.me/a2nn1qfjjoq046z6kph65

Response headers

content-type
text/html
server
ADITIONSERVER v1.0
date
Tue, 14 Sep 2021 19:11:55 +0200
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma
no-cache
set-cookie
UserID1=7007838355823396069; expires=Mon, 13-Dec-2021 16:11:55 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
content-encoding
gzip

Redirect headers

Server
nginx/1.13.0
Date
Tue, 14 Sep 2021 17:11:55 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.6.30
Set-Cookie
YUC=50d3a429-1c38-4639-8cf1-fb6e75480955; expires=Tue, 14-Dec-2021 17:11:55 GMT; Max-Age=7862400; path=/ YUC=50d3a429-1c38-4639-8cf1-fb6e75480955; expires=Tue, 14-Dec-2021 17:11:55 GMT; Max-Age=7862400; path=/
Location
https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H
X-Node
de-pool01-tr01
banner
ad1.adfarm1.adition.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad1.adfarm1.adition.com/banner?sid=4498272&gdpr=0&gdpr_consent=&kid=3890177&wpt=H
Requested by
Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.2 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad1.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash

Request headers

:method
GET
:authority
ad1.adfarm1.adition.com
:scheme
https
:path
/banner?sid=4498272&gdpr=0&gdpr_consent=&kid=3890177&wpt=H
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://ad13.adfarm1.adition.com/
accept-encoding
gzip, deflate, br
cookie
UserID1=7007838355823396069
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad13.adfarm1.adition.com/

Response headers

content-type
text/html
server
ADITIONSERVER v1.0
date
Tue, 14 Sep 2021 19:11:55 +0200
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma
no-cache
set-cookie
UserID1=7007838355823396069; expires=Mon, 13-Dec-2021 16:11:54 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
content-encoding
gzip
0cb10f32-b650-44db-9d09-d916504dcba1
trk.exclusiveoffers.today/impression/ 		0
0
Primary Request /
www6.bildnewsaktuell.com/ 		242 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www6.bildnewsaktuell.com/
Requested by
Host: ad1.adfarm1.adition.com
URL: https://ad1.adfarm1.adition.com/banner?sid=4498272&gdpr=0&gdpr_consent=&kid=3890177&wpt=H
Protocol
HTTP/1.1
Server
85.13.157.212 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd40608.kasserver.com
Software
Apache /
Resource Hash
8a1b55f97771ca3deac18add2d1635d8c1ff8bc98254c709220cd80acac6ae38

Request headers

Host
www6.bildnewsaktuell.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 14 Sep 2021 17:11:55 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Last-Modified
Tue, 09 Feb 2021 16:33:58 GMT
ETag
"f2-5bae9da6fe15a-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
174
Keep-Alive
timeout=2, max=1000
Content-Type
text/html
adition.js
imagesrv.adition.com/js/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: www6.bildnewsaktuell.com
URL: http://www6.bildnewsaktuell.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
19bcbba417f03dfe5358b46518999a4b3ef79d5e421d36c66bfc6925184646d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www6.bildnewsaktuell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 17:11:56 GMT
content-encoding
br
last-modified
Tue, 27 Jul 2021 14:05:18 GMT
etag
"3435361896-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad1.adfarm1.adition.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad1.adfarm1.adition.com/js?wp_id=4498291&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_39}&kid=4151981
Requested by
Host: www6.bildnewsaktuell.com
URL: http://www6.bildnewsaktuell.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.2 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad1.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
32235fef80b5fe53052fc9a30ccfd55e750798cefdbf360be39491d4d2fd073c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www6.bildnewsaktuell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 19:11:55 +0200
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
cache-control
max-age=600
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires
Sat, 01 Jan 2000 00:00:00 GMT
banner
ad1.adfarm1.adition.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad1.adfarm1.adition.com/banner?sid=4498291&adjsver=3&fvers=&iframe=0&ref=&ro=http%3A//www6.bildnewsaktuell.com/&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/92.0.4515.159%20Safari/537.36&os=17&browser=11&userid=7007838355823396069&kid=4151981&gdpr=%24%7BGDPR%7D&gdpr_consent=${GDPR_CONSENT_39}&screen_res=6&wpt=J&clickurl=
Requested by
Host: ad1.adfarm1.adition.com
URL: https://ad1.adfarm1.adition.com/js?wp_id=4498291&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_39}&kid=4151981
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.2 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad1.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
c5180acd08f82551c62736700efd06cceda53b118dfa7b49b721881b7332f997

Request headers

Referer
http://www6.bildnewsaktuell.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Tue, 14 Sep 2021 19:11:56 +0200
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
content-type
text/javascript
expires
Sat, 01 Jan 2000 00:00:00 GMT
000001870458.jpg
imagesrv.adition.com/banners/3495/files/00/1c/8a/7a/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/3495/files/00/1c/8a/7a/000001870458.jpg
Requested by
Host: www6.bildnewsaktuell.com
URL: http://www6.bildnewsaktuell.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
b3cb70c2a41a0d324fb76682529231fcdf461d4ab48b655569edfce20321fdfa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www6.bildnewsaktuell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 14 Sep 2021 17:11:56 GMT
last-modified
Wed, 16 Sep 2020 12:47:17 GMT
accept-ranges
bytes
etag
"3351636371"
content-length
97727
content-type
image/jpeg

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
trk.exclusiveoffers.today
URL
https://trk.exclusiveoffers.today/impression/0cb10f32-b650-44db-9d09-d916504dcba1?Motiv={Motiv}

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| Adition_Environment object| Adition_Jsonp_Manager object| Adition_VT_API object| Adition_VT_Manager object| Adition_PostMessageService function| Adition_OSId function| Adition_BrowserId function| Adition_ResId function| Adition_Referrer function| Adition_UserAgent function| Adition_Location function| Adition_Flash function| Adition_isFlashBlocked object| Adition_VT_Area string| ev function| Adition_VT_MeasurementContainer function| Adition_VT_MeasurementItem function| Adition_Prfstr number| ad_wid number| ad_count number| iframe string| ref number| os number| browser number| screen_res string| fvers string| ro string| uao string| prfstr string| autoo string| userid number| adjsver object| a string| oobClickURL function| AdOob

4 Cookies

Domain/Path Name / Value
.mybetterdl.com/ Name: rhid
Value: 79632146694
.mybetterdl.com/ Name: loi
Value: ad_683043_off_276189_aff_15466_cid_237996-ZEOINSIGHT.COM_ts_1631639515
rtb.disply.me/ Name: YUC
Value: 50d3a429-1c38-4639-8cf1-fb6e75480955
.adfarm1.adition.com/ Name: UserID1
Value: 7007838355823396069

2 Console Messages

Source Level URL
Text
javascript warning URL: https://ad1.adfarm1.adition.com/js?wp_id=4498291&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_39}&kid=4151981
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ad1.adfarm1.adition.com/banner?sid=4498291&adjsver=3&fvers=&iframe=0&ref=&ro=http%3A//www6.bildnewsaktuell.com/&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/92.0.4515.159%20Safari/537.36&os=17&browser=11&userid=7007838355823396069&kid=4151981&gdpr=%24%7BGDPR%7D&gdpr_consent=${GDPR_CONSENT_39}&screen_res=6&wpt=J&clickurl=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ad1.adfarm1.adition.com/js?wp_id=4498291&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_39}&kid=4151981
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ad1.adfarm1.adition.com/banner?sid=4498291&adjsver=3&fvers=&iframe=0&ref=&ro=http%3A//www6.bildnewsaktuell.com/&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/92.0.4515.159%20Safari/537.36&os=17&browser=11&userid=7007838355823396069&kid=4151981&gdpr=%24%7BGDPR%7D&gdpr_consent=${GDPR_CONSENT_39}&screen_res=6&wpt=J&clickurl=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.