urlscan.io logo urlscan.io
SecurityTrails logo

252amazwof.tagesgewinner.com Open in urlscan Pro
149.126.1.44  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://marnaaqui.blogspot.com/
Effective URL: http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
Submission: On May 18 via api from PT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 15 domains to perform 24 HTTP transactions. The main IP is 149.126.1.44, located in Switzerland and belongs to CYON, CH. The main domain is 252amazwof.tagesgewinner.com.
This is the only time 252amazwof.tagesgewinner.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 216.58.205.225 15169 (GOOGLE)
1 216.58.214.99 15169 (GOOGLE)
2 216.58.205.233 15169 (GOOGLE)
2 216.58.205.227 15169 (GOOGLE)
1 1 212.92.39.34 24592 (NEXICA-AS)
1 35.156.12.230 16509 (AMAZON-02)
1 1 52.76.254.138 16509 (AMAZON-02)
2 34.231.48.61 14618 (AMAZON-AES)
6 149.126.1.44 47302 (CYON)
1 205.185.208.52 20446 (HIGHWINDS3)
1 104.19.198.151 13335 (CLOUDFLAR...)
1 216.58.205.232 15169 (GOOGLE)
1 216.58.208.40 15169 (GOOGLE)
1 216.58.210.14 15169 (GOOGLE)
24 13
5    216.58.205.225 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f1.1e100.net
marnaaqui.blogspot.com
marnaaqui.blogspot.de
themes.googleusercontent.com
1    216.58.214.99 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s05-in-f99.1e100.net
www.gstatic.com
2    216.58.205.233 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f9.1e100.net
resources.blogblog.com
www.blogger.com
2    216.58.205.227 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f3.1e100.net
fonts.gstatic.com
1    212.92.39.34 (Barcelona, Spain)

ASN24592 (NEXICA-AS, ES)
ocio.leadzutw.com
1    35.156.12.230 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-12-230.eu-central-1.compute.amazonaws.com
cookieads.fuse-ad.com
1    52.76.254.138 (Singapore, Singapore)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-76-254-138.ap-southeast-1.compute.amazonaws.com
www.retail9.com
2    34.231.48.61 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-231-48-61.compute-1.amazonaws.com
uprealtime.com
6    149.126.1.44 (Switzerland)

ASN47302 (CYON, CH)
PTR: vss-tasyqo.cyon.net
252amazwof.tagesgewinner.com
1    205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net
code.jquery.com
1    104.19.198.151 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    216.58.205.232 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f232.1e100.net
www.googletagmanager.com
1    216.58.208.40 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f40.1e100.net
ssl.google-analytics.com
1    216.58.210.14 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f14.1e100.net
www.google-analytics.com
Domain Requested by
6 252amazwof.tagesgewinner.com uprealtime.com
252amazwof.tagesgewinner.com
3 marnaaqui.blogspot.de marnaaqui.blogspot.de
2 uprealtime.com cookieads.fuse-ad.com
uprealtime.com
2 fonts.gstatic.com marnaaqui.blogspot.de
1 www.google-analytics.com 252amazwof.tagesgewinner.com
1 ssl.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com 252amazwof.tagesgewinner.com
1 cdnjs.cloudflare.com 252amazwof.tagesgewinner.com
1 code.jquery.com 252amazwof.tagesgewinner.com
1 www.retail9.com cookieads.fuse-ad.com
1 cookieads.fuse-ad.com marnaaqui.blogspot.de
1 ocio.leadzutw.com 1 redirects
1 themes.googleusercontent.com marnaaqui.blogspot.de
1 www.blogger.com marnaaqui.blogspot.de
1 resources.blogblog.com marnaaqui.blogspot.de
1 www.gstatic.com marnaaqui.blogspot.de
1 marnaaqui.blogspot.com 1 redirects
24 17

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
Frame ID: 806619FF8E96C2CB720416D2E8D77337
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://marnaaqui.blogspot.com/ HTTP 302
    http://marnaaqui.blogspot.de/ Page URL
  2. https://ocio.leadzutw.com/?m=1I8OSITE83782X15&a= HTTP 302
    http://cookieads.fuse-ad.com/tl?a=31&o=351&aff_click_id=1526630312mb29168245613&sub_affid=7b1i8o191I8OSIT... Page URL
  3. http://www.retail9.com/redirect.php?demand=129&id=18276899&aff=322278&type=CPL&adult=0&incent=0&aff... HTTP 302
    http://uprealtime.com/view/iflCG2zrmhPAiV4J4BPxX4on1n5dDsULpbQZj3BlYZ6H74?c=20403&pid=3025&tid={Yo... Page URL
  4. http://uprealtime.com/hrfp?url=http%3A%2F%2F252amazwof.tagesgewinner.com%2F%3FsubIdentifier%3D2499... Page URL
  5. http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.blogspot\.com/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • script /TweenMax(?:\.min)?\.js/i
  • env /^TweenMax$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

24
Requests

0 %
HTTPS

0 %
IPv6

15
Domains

17
Subdomains

13
IPs

5
Countries

550 kB
Transfer

995 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://marnaaqui.blogspot.com/ HTTP 302
    http://marnaaqui.blogspot.de/ Page URL
  2. https://ocio.leadzutw.com/?m=1I8OSITE83782X15&a= HTTP 302
    http://cookieads.fuse-ad.com/tl?a=31&o=351&aff_click_id=1526630312mb29168245613&sub_affid=7b1i8o191I8OSITE83782X15 Page URL
  3. http://www.retail9.com/redirect.php?demand=129&id=18276899&aff=322278&type=CPL&adult=0&incent=0&aff_sub={Your_transactionid}=0260894FB2DFE1526630312417902&aff_sub2=31 HTTP 302
    http://uprealtime.com/view/iflCG2zrmhPAiV4J4BPxX4on1n5dDsULpbQZj3BlYZ6H74?c=20403&pid=3025&tid={Your_transactionid}=0260894FB2DFE1526630312417902_rtbs1_rtbs2_rtbs30ORIGIN18276899end_rtbaff322278_rtboffer18276899_rtbsub31&site=322278_31 Page URL
  4. http://uprealtime.com/hrfp?url=http%3A%2F%2F252amazwof.tagesgewinner.com%2F%3FsubIdentifier%3D2499489278e87a956fec1526630313%26subId%3D3025 Page URL
  5. http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://marnaaqui.blogspot.com/ HTTP 302
  • http://marnaaqui.blogspot.de/
Request Chain 9
  • https://ocio.leadzutw.com/?m=1I8OSITE83782X15&a= HTTP 302
  • http://cookieads.fuse-ad.com/tl?a=31&o=351&aff_click_id=1526630312mb29168245613&sub_affid=7b1i8o191I8OSITE83782X15
Request Chain 11
  • http://www.retail9.com/redirect.php?demand=129&id=18276899&aff=322278&type=CPL&adult=0&incent=0&aff_sub={Your_transactionid}=0260894FB2DFE1526630312417902&aff_sub2=31 HTTP 302
  • http://uprealtime.com/view/iflCG2zrmhPAiV4J4BPxX4on1n5dDsULpbQZj3BlYZ6H74?c=20403&pid=3025&tid={Your_transactionid}=0260894FB2DFE1526630312417902_rtbs1_rtbs2_rtbs30ORIGIN18276899end_rtbaff322278_rtboffer18276899_rtbsub31&site=322278_31
Request Chain 22
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1832821135&utmhn=252amazwof.tagesgewinner.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ihre%20Gewinnchance&utmhid=1044475102&utmr=http%3A%2F%2Fuprealtime.com%2Fhrfp%3Furl%3Dhttp%253A%252F%252F252amazwof.tagesgewinner.com%252F%253FsubIdentifier%253D2499489278e87a956fec1526630313%2526subId%253D3025&utmp=%2F%3FsubIdentifier%3D2499489278e87a956fec1526630313%26subId%3D3025&utmht=1526630313813&utmac=UA-68861802-8&utmgtm=G4s56ZF76B&utmcc=__utma%3D97103580.916088857.1526630314.1526630314.1526630314.1%3B%2B__utmz%3D97103580.1526630314.1.1.utmcsr%3Duprealtime.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2Fhrfp%3B&utmjid=1345846381&utmredir=1&utmu=qmAgAABAAAGBAAAAAgAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1832821135&utmhn=252amazwof.tagesgewinner.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ihre%20Gewinnchance&utmhid=1044475102&utmr=http%3A%2F%2Fuprealtime.com%2Fhrfp%3Furl%3Dhttp%253A%252F%252F252amazwof.tagesgewinner.com%252F%253FsubIdentifier%253D2499489278e87a956fec1526630313%2526subId%253D3025&utmp=%2F%3FsubIdentifier%3D2499489278e87a956fec1526630313%26subId%3D3025&utmht=1526630313813&utmac=UA-68861802-8&utmgtm=G4s56ZF76B&utmcc=__utma%3D97103580.916088857.1526630314.1526630314.1526630314.1%3B%2B__utmz%3D97103580.1526630314.1.1.utmcsr%3Duprealtime.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2Fhrfp%3B&utmjid=1345846381&utmredir=1&utmu=qmAgAABAAAGBAAAAAgAAAAAE~

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
marnaaqui.blogspot.de/
Redirect Chain
  • http://marnaaqui.blogspot.com/
  • http://marnaaqui.blogspot.de/
64 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://marnaaqui.blogspot.de/
Protocol
HTTP/1.1
Server
216.58.205.225 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f1.1e100.net
Software
GSE /
Resource Hash
3596f052144ba29746006bc34f4a5d7b7f1f0f662bf804baff698b200761c39f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
marnaaqui.blogspot.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
806619FF8E96C2CB720416D2E8D77337

Response headers

Content-Type
text/html; charset=UTF-8
Expires
Fri, 18 May 2018 07:58:31 GMT
Date
Fri, 18 May 2018 07:58:31 GMT
Cache-Control
private, max-age=0
Last-Modified
Wed, 18 Apr 2018 08:52:14 GMT
ETag
W/"ee00d34e521cd8d726facab01d54d8063c1486110c153693df5e7b9a5e675f2d"
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Length
14620
Server
GSE

Redirect headers

Location
http://marnaaqui.blogspot.de/
Content-Type
text/html; charset=UTF-8
Content-Encoding
gzip
Date
Fri, 18 May 2018 07:58:31 GMT
Expires
Fri, 18 May 2018 07:58:31 GMT
Cache-Control
private, max-age=0
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Content-Length
177
Server
GSE
clipboard.min.js
www.gstatic.com/external_hosted/clipboardjs/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
Requested by
Host: marnaaqui.blogspot.de
URL: http://marnaaqui.blogspot.de/
Protocol
SPDY
Server
216.58.214.99 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s05-in-f99.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://marnaaqui.blogspot.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 18 May 2018 07:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 May 2017 18:45:00 GMT
server
sffe
age
0
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
4096
x-xss-protection
1; mode=block
expires
Fri, 18 May 2018 07:58:31 GMT
sprite_v1_6.css.svg
marnaaqui.blogspot.de/responsive/ 		7 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://marnaaqui.blogspot.de/responsive/sprite_v1_6.css.svg
Requested by
Host: marnaaqui.blogspot.de
URL: http://marnaaqui.blogspot.de/
Protocol
HTTP/1.1
Server
216.58.205.225 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
marnaaqui.blogspot.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://marnaaqui.blogspot.de/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://marnaaqui.blogspot.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 07:58:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 17 May 2018 11:37:04 GMT
Server
sffe
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=604800
Accept-Ranges
bytes
Content-Length
2244
X-XSS-Protection
1; mode=block
Expires
Fri, 25 May 2018 07:58:31 GMT
2787469539-indie_compiled.js
resources.blogblog.com/blogblog/data/res/ 		127 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.blogblog.com/blogblog/data/res/2787469539-indie_compiled.js
Requested by
Host: marnaaqui.blogspot.de
URL: http://marnaaqui.blogspot.de/
Protocol
SPDY
Server
216.58.205.233 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f9.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://marnaaqui.blogspot.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 14 May 2018 01:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 May 2018 00:20:41 GMT
server
sffe
age
370270
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
44489
x-xss-protection
1; mode=block
expires
Mon, 21 May 2018 01:07:21 GMT
cookiechoices.js
marnaaqui.blogspot.de/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://marnaaqui.blogspot.de/js/cookiechoices.js
Requested by
Host: marnaaqui.blogspot.de
URL: http://marnaaqui.blogspot.de/
Protocol
HTTP/1.1
Server
216.58.205.225 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
marnaaqui.blogspot.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
http://marnaaqui.blogspot.de/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://marnaaqui.blogspot.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 07:58:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 17 May 2018 08:39:12 GMT
Server
sffe
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=604800
Accept-Ranges
bytes
Content-Length
1949
X-XSS-Protection
1; mode=block
Expires
Fri, 25 May 2018 07:58:31 GMT
315092416-widgets.js
www.blogger.com/static/v1/widgets/ 		145 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/315092416-widgets.js
Requested by
Host: marnaaqui.blogspot.de
URL: http://marnaaqui.blogspot.de/
Protocol
SPDY
Server
216.58.205.233 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f9.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://marnaaqui.blogspot.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 15 May 2018 00:32:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 May 2018 18:37:28 GMT
server
sffe
age
285936
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
53186
x-xss-protection
1; mode=block
expires
Wed, 15 May 2019 00:32:55 GMT
image
themes.googleusercontent.com/ 		223 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://themes.googleusercontent.com/image?id=L1lcAxxz0CLgsDzixEprHJ2F38TyEjCyE3RSAjynQDks0lT1BDc1OxXKaTEdLc89HPvdB11X9FDw&options=w1600
Requested by
Host: marnaaqui.blogspot.de
URL: http://marnaaqui.blogspot.de/
Protocol
SPDY
Server
216.58.205.225 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f1.1e100.net
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://marnaaqui.blogspot.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 18 May 2018 07:58:32 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename="unnamed.jpg"
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
228521
x-xss-protection
1; mode=block
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 19 May 2018 07:58:32 GMT
KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v18/ 		35 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxP.ttf
Requested by
Host: marnaaqui.blogspot.de
URL: http://marnaaqui.blogspot.de/
Protocol
HTTP/1.1
Server
216.58.205.227 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
http://marnaaqui.blogspot.de/
Origin
http://marnaaqui.blogspot.de

Response headers

Date
Mon, 12 Feb 2018 19:35:05 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 Oct 2017 17:32:56 GMT
Server
sffe
Age
8166206
Vary
Accept-Encoding
Content-Type
font/ttf
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
20272
X-XSS-Protection
1; mode=block
Expires
Tue, 12 Feb 2019 19:35:05 GMT
KFOlCnqEu92Fr1MmWUlfBBc9.ttf
fonts.gstatic.com/s/roboto/v18/ 		34 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc9.ttf
Requested by
Host: marnaaqui.blogspot.de
URL: http://marnaaqui.blogspot.de/
Protocol
HTTP/1.1
Server
216.58.205.227 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
http://marnaaqui.blogspot.de/
Origin
http://marnaaqui.blogspot.de

Response headers

Date
Wed, 09 May 2018 07:55:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 Oct 2017 17:33:12 GMT
Server
sffe
Age
777758
Vary
Accept-Encoding
Content-Type
font/ttf
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
20309
X-XSS-Protection
1; mode=block
Expires
Thu, 09 May 2019 07:55:53 GMT
Cookie set tl
cookieads.fuse-ad.com/
Redirect Chain
  • https://ocio.leadzutw.com/?m=1I8OSITE83782X15&a=
  • http://cookieads.fuse-ad.com/tl?a=31&o=351&aff_click_id=1526630312mb29168245613&sub_affid=7b1i8o191I8OSITE83782X15
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cookieads.fuse-ad.com/tl?a=31&o=351&aff_click_id=1526630312mb29168245613&sub_affid=7b1i8o191I8OSITE83782X15
Requested by
Host: marnaaqui.blogspot.de
URL: http://marnaaqui.blogspot.de/
Protocol
HTTP/1.1
Server
35.156.12.230 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-12-230.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9677487f1022de577f64ec05bc76343b8b4e5b3052357820ec1afc3e4a9fc4a8

Request headers

Host
cookieads.fuse-ad.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://marnaaqui.blogspot.de/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
806619FF8E96C2CB720416D2E8D77337
Referer
http://marnaaqui.blogspot.de/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Date
Fri, 18 May 2018 07:58:32 GMT
Expires
Sun, 06 Nov 1994 08:49:37 GMT
P3P
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
Set-Cookie
tid_351=0260894FB2DFE1526630312417902; Max-Age=2592000; Version=1 track_flag_2608=0; Max-Age=30; Version=1
X-Robots-Tag
noindex, nofollow
Content-Length
1044
Connection
keep-alive

Redirect headers

Date
Fri, 18 May 2018 07:58:32 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
close
Server
Apache
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Set-Cookie
leadzu_seen_1I8O=%5B%5D; expires=Fri, 18-May-2018 10:58:32 GMT; Max-Age=10800; path=/; domain=.leadzutw.com
Cache-Control
no-cache, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
http://cookieads.fuse-ad.com/tl?a=31&o=351&aff_click_id=1526630312mb29168245613&sub_affid=7b1i8o191I8OSITE83782X15
redirect.php
www.retail9.com/ 		0
0
Cookie set iflCG2zrmhPAiV4J4BPxX4on1n5dDsULpbQZj3BlYZ6H74
uprealtime.com/view/
Redirect Chain
  • http://www.retail9.com/redirect.php?demand=129&id=18276899&aff=322278&type=CPL&adult=0&incent=0&aff_sub={Your_transactionid}=0260894FB2DFE1526630312417902&aff_sub2=31
  • http://uprealtime.com/view/iflCG2zrmhPAiV4J4BPxX4on1n5dDsULpbQZj3BlYZ6H74?c=20403&pid=3025&tid={Your_transactionid}=0260894FB2DFE1526630312417902_rtbs1_rtbs2_rtbs30ORIGIN18276899end_rtbaff322278_rt...
292 B
1000 B 		Document
General
Check archive.org
Download Go to
Full URL
http://uprealtime.com/view/iflCG2zrmhPAiV4J4BPxX4on1n5dDsULpbQZj3BlYZ6H74?c=20403&pid=3025&tid={Your_transactionid}=0260894FB2DFE1526630312417902_rtbs1_rtbs2_rtbs30ORIGIN18276899end_rtbaff322278_rtboffer18276899_rtbsub31&site=322278_31
Requested by
Host: cookieads.fuse-ad.com
URL: http://cookieads.fuse-ad.com/tl?a=31&o=351&aff_click_id=1526630312mb29168245613&sub_affid=7b1i8o191I8OSITE83782X15
Protocol
HTTP/1.1
Server
34.231.48.61 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-231-48-61.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
65449f8bc676ab6a12ed4ad2de99ba5cea50ff752ce25637ea53745cbcee1b5a

Request headers

Host
uprealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
806619FF8E96C2CB720416D2E8D77337

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Cache-control
no-cache="set-cookie"
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 May 2018 07:58:33 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.12.2
Set-Cookie
PHPSESSID=don3ns67cu5hi5uflgr7hva01b; path=/ BP:20403:3025=http%3A%2F%2Fuprealtime.com%2Fview%2FgxRq1qZPtEgAqKRYqA6Ufdt29sHzvD4qcpWWS5pBAhs%3Fc%3D21327%26pid%3D3656%26tid%3D; expires=Fri, 18-May-2018 08:00:03 GMT; Max-Age=90; path=/ AWSELB=151F171F102002C82363931B27C8B37E6541B8FE324F00D61404AF97FF466AE69EE32720A520A61A1473BD925A01C9B74DE7ABDAB2F8C4F0B3066CBA553F8BFA43187B4EC6;PATH=/
Content-Length
240
Connection
keep-alive

Redirect headers

Content-Type
text/html; charset=UTF-8
Date
Fri, 18 May 2018 07:58:31 GMT
Location
http://uprealtime.com/view/iflCG2zrmhPAiV4J4BPxX4on1n5dDsULpbQZj3BlYZ6H74?c=20403&pid=3025&tid={Your_transactionid}=0260894FB2DFE1526630312417902_rtbs1_rtbs2_rtbs30ORIGIN18276899end_rtbaff322278_rtboffer18276899_rtbsub31&site=322278_31
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Content-Length
1839
Connection
keep-alive
hrfp
uprealtime.com/ 		142 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
http://uprealtime.com/hrfp?url=http%3A%2F%2F252amazwof.tagesgewinner.com%2F%3FsubIdentifier%3D2499489278e87a956fec1526630313%26subId%3D3025
Requested by
Host: uprealtime.com
URL: http://uprealtime.com/view/iflCG2zrmhPAiV4J4BPxX4on1n5dDsULpbQZj3BlYZ6H74?c=20403&pid=3025&tid={Your_transactionid}=0260894FB2DFE1526630312417902_rtbs1_rtbs2_rtbs30ORIGIN18276899end_rtbaff322278_rtboffer18276899_rtbsub31&site=322278_31
Protocol
HTTP/1.1
Server
34.231.48.61 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-231-48-61.compute-1.amazonaws.com
Software
nginx/1.12.2 / PHP/7.1.17
Resource Hash
c658c6959b80279347b8131af34203754504028d43d2fc96af32ff2fe9f5ebbb

Request headers

Host
uprealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://uprealtime.com/view/iflCG2zrmhPAiV4J4BPxX4on1n5dDsULpbQZj3BlYZ6H74?c=20403&pid=3025&tid={Your_transactionid}=0260894FB2DFE1526630312417902_rtbs1_rtbs2_rtbs30ORIGIN18276899end_rtbaff322278_rtboffer18276899_rtbsub31&site=322278_31
Accept-Encoding
gzip, deflate
Cookie
PHPSESSID=don3ns67cu5hi5uflgr7hva01b; BP:20403:3025=http%3A%2F%2Fuprealtime.com%2Fview%2FgxRq1qZPtEgAqKRYqA6Ufdt29sHzvD4qcpWWS5pBAhs%3Fc%3D21327%26pid%3D3656%26tid%3D; AWSELB=151F171F102002C82363931B27C8B37E6541B8FE324F00D61404AF97FF466AE69EE32720A520A61A1473BD925A01C9B74DE7ABDAB2F8C4F0B3066CBA553F8BFA43187B4EC6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
806619FF8E96C2CB720416D2E8D77337
Referer
http://uprealtime.com/view/iflCG2zrmhPAiV4J4BPxX4on1n5dDsULpbQZj3BlYZ6H74?c=20403&pid=3025&tid={Your_transactionid}=0260894FB2DFE1526630312417902_rtbs1_rtbs2_rtbs30ORIGIN18276899end_rtbaff322278_rtboffer18276899_rtbsub31&site=322278_31

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 May 2018 07:58:33 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.12.2
X-Powered-By
PHP/7.1.17
Content-Length
149
Connection
keep-alive
Primary Request /
252amazwof.tagesgewinner.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
Requested by
Host: uprealtime.com
URL: http://uprealtime.com/hrfp?url=http%3A%2F%2F252amazwof.tagesgewinner.com%2F%3FsubIdentifier%3D2499489278e87a956fec1526630313%26subId%3D3025
Protocol
HTTP/1.1
Server
149.126.1.44 , Switzerland, ASN47302 (CYON, CH),
Reverse DNS
vss-tasyqo.cyon.net
Software
/ PHP/7.0.30
Resource Hash
43880a00b01af7e7bf3e2db69192023b7b879e44ed908685e66292cc432bfbca

Request headers

Host
252amazwof.tagesgewinner.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://uprealtime.com/hrfp?url=http%3A%2F%2F252amazwof.tagesgewinner.com%2F%3FsubIdentifier%3D2499489278e87a956fec1526630313%26subId%3D3025
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
806619FF8E96C2CB720416D2E8D77337
Referer
http://uprealtime.com/hrfp?url=http%3A%2F%2F252amazwof.tagesgewinner.com%2F%3FsubIdentifier%3D2499489278e87a956fec1526630313%26subId%3D3025

Response headers

X-Powered-By
PHP/7.0.30
Content-Type
text/html; charset=UTF-8
Content-Length
1188
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Fri, 18 May 2018 07:58:33 GMT
Accept-Ranges
bytes
Connection
close
basics.css
252amazwof.tagesgewinner.com/stylesheets/ 		523 B
696 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://252amazwof.tagesgewinner.com/stylesheets/basics.css
Requested by
Host: 252amazwof.tagesgewinner.com
URL: http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
Protocol
HTTP/1.1
Server
149.126.1.44 , Switzerland, ASN47302 (CYON, CH),
Reverse DNS
vss-tasyqo.cyon.net
Software
/
Resource Hash
c602996f69cc19baccddea4aeca5874e95dc66e340c00fbec5856a225e842392

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
252amazwof.tagesgewinner.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
Connection
keep-alive
Cache-Control
no-cache
Referer
http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 07:58:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 May 2017 10:45:46 GMT
ETag
"20b-591d7b5a-b65043538487fbc2;gz"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
335
Expires
Fri, 25 May 2018 07:58:33 GMT
jquery-2.2.4.min.js
code.jquery.com/ 		84 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: 252amazwof.tagesgewinner.com
URL: http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
Protocol
HTTP/1.1
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer
http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 07:58:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 May 2016 17:24:41 GMT
Server
nginx
ETag
W/"573f4859-14e4a"
Vary
X-HW
1526630313.dop008.fr8.shc,1526630313.dop008.fr8.t,1526630313.cds010.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
34834
basics.js
252amazwof.tagesgewinner.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://252amazwof.tagesgewinner.com/js/basics.js
Requested by
Host: 252amazwof.tagesgewinner.com
URL: http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
Protocol
HTTP/1.1
Server
149.126.1.44 , Switzerland, ASN47302 (CYON, CH),
Reverse DNS
vss-tasyqo.cyon.net
Software
/
Resource Hash
445aa25eedd0b042ba2ab19f7f97306eeb2fd5f70f3f2505119f911e486a044f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
252amazwof.tagesgewinner.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
Connection
keep-alive
Cache-Control
no-cache
Referer
http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 07:58:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Apr 2017 10:36:54 GMT
ETag
"b25-58ef54c6-51f44b0f64f50c40;gz"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1337
Expires
Fri, 25 May 2018 07:58:33 GMT
gluecksrad.css
252amazwof.tagesgewinner.com/stylesheets/gws/ 		2 KB
1021 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://252amazwof.tagesgewinner.com/stylesheets/gws/gluecksrad.css
Requested by
Host: 252amazwof.tagesgewinner.com
URL: http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
Protocol
HTTP/1.1
Server
149.126.1.44 , Switzerland, ASN47302 (CYON, CH),
Reverse DNS
vss-tasyqo.cyon.net
Software
/
Resource Hash
8b5f4155df112e6014dc81c7aa098b4757b6645e46e4fb0a7cd5ff03e1ae8ce9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
252amazwof.tagesgewinner.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
Connection
keep-alive
Cache-Control
no-cache
Referer
http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 07:58:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Apr 2017 13:36:21 GMT
ETag
"7f3-58e795d5-404e17dd6b5a228f;gz"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
660
Expires
Fri, 25 May 2018 07:58:33 GMT
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.0/ 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.0/TweenMax.min.js
Requested by
Host: 252amazwof.tagesgewinner.com
URL: http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
Protocol
SPDY
Server
104.19.198.151 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 18 May 2018 07:58:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 19 Jul 2016 04:31:06 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
41ccc784bca426ba-FRA
expires
Wed, 08 May 2019 07:58:33 GMT
58e2393318369.png
252amazwof.tagesgewinner.com/images/gluecksrad/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://252amazwof.tagesgewinner.com/images/gluecksrad/58e2393318369.png
Requested by
Host: 252amazwof.tagesgewinner.com
URL: http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
Protocol
HTTP/1.1
Server
149.126.1.44 , Switzerland, ASN47302 (CYON, CH),
Reverse DNS
vss-tasyqo.cyon.net
Software
/
Resource Hash
103b6f16bb190bcad952825d00ac1287a355786cc575c9a28abed6536c1c80ac

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
252amazwof.tagesgewinner.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
Connection
keep-alive
Cache-Control
no-cache
Referer
http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 07:58:33 GMT
Last-Modified
Mon, 03 Apr 2017 11:59:47 GMT
ETag
"d5d2-58e23933-7cefdfbb9788669d;;;"
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
54738
Expires
Fri, 25 May 2018 07:58:33 GMT
gluecksrad.js
252amazwof.tagesgewinner.com/js/gws/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://252amazwof.tagesgewinner.com/js/gws/gluecksrad.js
Requested by
Host: 252amazwof.tagesgewinner.com
URL: http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
Protocol
HTTP/1.1
Server
149.126.1.44 , Switzerland, ASN47302 (CYON, CH),
Reverse DNS
vss-tasyqo.cyon.net
Software
/
Resource Hash
0a39b7a8d15bc88fdd5ba9339951779473fa92ae24506c3c66fbf6aea92c7a24

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
252amazwof.tagesgewinner.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
Connection
keep-alive
Cache-Control
no-cache
Referer
http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 07:58:33 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Apr 2017 12:33:43 GMT
ETag
"eef-58eb7ba7-df51c5d23d1ac4c1;gz"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1588
Expires
Fri, 25 May 2018 07:58:33 GMT
gtm.js
www.googletagmanager.com/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-56ZF76B
Requested by
Host: 252amazwof.tagesgewinner.com
URL: http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
Protocol
SPDY
Server
216.58.205.232 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f232.1e100.net
Software
Google Tag Manager (scaffolding) /
Resource Hash
35a4ec305d528d829c1f8c9d6521e1e65c12a482e6ff6771853baa11bf911892
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 18 May 2018 07:58:33 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
15162
x-xss-protection
1; mode=block
expires
Fri, 18 May 2018 07:58:33 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56ZF76B
Protocol
SPDY
Server
216.58.208.40 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f40.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 12 Apr 2018 18:13:11 GMT
server
Golfe2
age
1673
date
Fri, 18 May 2018 07:30:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
17168
expires
Fri, 18 May 2018 09:30:40 GMT
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1832821135&utmhn=252amazwof.tagesgewinner.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1832821135&utmhn=252amazwof.tagesgewinner.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl...
35 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1832821135&utmhn=252amazwof.tagesgewinner.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ihre%20Gewinnchance&utmhid=1044475102&utmr=http%3A%2F%2Fuprealtime.com%2Fhrfp%3Furl%3Dhttp%253A%252F%252F252amazwof.tagesgewinner.com%252F%253FsubIdentifier%253D2499489278e87a956fec1526630313%2526subId%253D3025&utmp=%2F%3FsubIdentifier%3D2499489278e87a956fec1526630313%26subId%3D3025&utmht=1526630313813&utmac=UA-68861802-8&utmgtm=G4s56ZF76B&utmcc=__utma%3D97103580.916088857.1526630314.1526630314.1526630314.1%3B%2B__utmz%3D97103580.1526630314.1.1.utmcsr%3Duprealtime.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2Fhrfp%3B&utmjid=1345846381&utmredir=1&utmu=qmAgAABAAAGBAAAAAgAAAAAE~
Requested by
Host: 252amazwof.tagesgewinner.com
URL: http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
Protocol
SPDY
Server
216.58.210.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://252amazwof.tagesgewinner.com/?subIdentifier=2499489278e87a956fec1526630313&subId=3025
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 May 2018 07:58:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1832821135&utmhn=252amazwof.tagesgewinner.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ihre%20Gewinnchance&utmhid=1044475102&utmr=http%3A%2F%2Fuprealtime.com%2Fhrfp%3Furl%3Dhttp%253A%252F%252F252amazwof.tagesgewinner.com%252F%253FsubIdentifier%253D2499489278e87a956fec1526630313%2526subId%253D3025&utmp=%2F%3FsubIdentifier%3D2499489278e87a956fec1526630313%26subId%3D3025&utmht=1526630313813&utmac=UA-68861802-8&utmgtm=G4s56ZF76B&utmcc=__utma%3D97103580.916088857.1526630314.1526630314.1526630314.1%3B%2B__utmz%3D97103580.1526630314.1.1.utmcsr%3Duprealtime.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2Fhrfp%3B&utmjid=1345846381&utmredir=1&utmu=qmAgAABAAAGBAAAAAgAAAAAE~
Non-Authoritative-Reason
HSTS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.retail9.com
URL
http://www.retail9.com/redirect.php?demand=129&id=18276899&aff=322278&type=CPL&adult=0&incent=0&aff_sub={Your_transactionid}=0260894FB2DFE1526630312417902&aff_sub2=31

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer function| $ function| jQuery function| preload object| tlMessageBox function| messageBox function| setLinkClick function| gotoLink function| pad function| parseTime function| deparam function| baseURL object| data object| _gsScope object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup object| $wheel number| numStoppers number| turns number| extraDreh number| maxItemWidth number| maxItemHeight object| stoppers object| items number| shiftY number| shiftZ object| tl object| images object| $stopper function| initItems number| radius function| onResize function| getPosOnWheel function| rotateStoppers number| dur function| complete function| ready object| google_tag_manager object| _gaq object| _gat object| gaGlobal

5 Cookies

Domain/Path Name / Value
.252amazwof.tagesgewinner.com/ Name: __utmt_UA-68861802-8
Value: 1
.252amazwof.tagesgewinner.com/ Name: __utmz
Value: 97103580.1526630314.1.1.utmcsr=uprealtime.com|utmccn=(referral)|utmcmd=referral|utmcct=/hrfp
.252amazwof.tagesgewinner.com/ Name: __utmb
Value: 97103580.1.10.1526630314
.252amazwof.tagesgewinner.com/ Name: __utmc
Value: 97103580
.252amazwof.tagesgewinner.com/ Name: __utma
Value: 97103580.916088857.1526630314.1526630314.1526630314.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

252amazwof.tagesgewinner.com
cdnjs.cloudflare.com
code.jquery.com
cookieads.fuse-ad.com
fonts.gstatic.com
marnaaqui.blogspot.com
marnaaqui.blogspot.de
ocio.leadzutw.com
resources.blogblog.com
ssl.google-analytics.com
themes.googleusercontent.com
uprealtime.com
www.blogger.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.retail9.com
www.retail9.com
104.19.198.151
149.126.1.44
205.185.208.52
212.92.39.34
216.58.205.225
216.58.205.227
216.58.205.232
216.58.205.233
216.58.208.40
216.58.210.14
216.58.214.99
34.231.48.61
35.156.12.230
52.76.254.138
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0a39b7a8d15bc88fdd5ba9339951779473fa92ae24506c3c66fbf6aea92c7a24
103b6f16bb190bcad952825d00ac1287a355786cc575c9a28abed6536c1c80ac
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
3596f052144ba29746006bc34f4a5d7b7f1f0f662bf804baff698b200761c39f
35a4ec305d528d829c1f8c9d6521e1e65c12a482e6ff6771853baa11bf911892
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
43880a00b01af7e7bf3e2db69192023b7b879e44ed908685e66292cc432bfbca
445aa25eedd0b042ba2ab19f7f97306eeb2fd5f70f3f2505119f911e486a044f
65449f8bc676ab6a12ed4ad2de99ba5cea50ff752ce25637ea53745cbcee1b5a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b5f4155df112e6014dc81c7aa098b4757b6645e46e4fb0a7cd5ff03e1ae8ce9
9677487f1022de577f64ec05bc76343b8b4e5b3052357820ec1afc3e4a9fc4a8
c602996f69cc19baccddea4aeca5874e95dc66e340c00fbec5856a225e842392
c658c6959b80279347b8131af34203754504028d43d2fc96af32ff2fe9f5ebbb