urlscan.io logo urlscan.io
SecurityTrails logo

campaign.dunder.com Open in urlscan Pro
104.25.121.9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://parablesamazing.wtf/?Wc4CBj17WloA4iGoktieP6Y6qru3jCnJ6ysFTrdBSX49KV75vrzmHQ
Effective URL: https://campaign.dunder.com/de/v3?btag=659754_C281D8E8BE8642F9AECCBF86B062FEA8&transaction_id=1028f31e88bc33d3c7ca987baef8cb...
Submission: On July 30 via manual from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 6 domains to perform 13 HTTP transactions. The main IP is 104.25.121.9, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is campaign.dunder.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on June 30th 2019. Valid for: 6 months.
This is the only time campaign.dunder.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 52.30.198.243 16509 (AMAZON-02)
1 1 52.31.45.52 16509 (AMAZON-02)
1 1 107.154.251.88 19551 (INCAPSULA)
1 104.25.121.9 13335 (CLOUDFLAR...)
13 3
2    2606:4700:30::681b:a058 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
parablesamazing.wtf
1    52.30.198.243 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-198-243.eu-west-1.compute.amazonaws.com
juumper.com
1    52.31.45.52 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-31-45-52.eu-west-1.compute.amazonaws.com
tracking.prfctcasino.com
1    107.154.251.88 (United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 107.154.251.88.ip.incapdns.net
media.dunderaffiliates.com
1    104.25.121.9 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
campaign.dunder.com
Domain Requested by
2 parablesamazing.wtf parablesamazing.wtf
1 campaign.dunder.com parablesamazing.wtf
campaign.dunder.com
1 media.dunderaffiliates.com 1 redirects
1 tracking.prfctcasino.com 1 redirects
1 juumper.com parablesamazing.wtf
0 use.typekit.net Failed campaign.dunder.com
13 6

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-07-25 -
2020-07-24		 a year crt.sh
ssl387316.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-06-30 -
2020-01-06		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://campaign.dunder.com/de/v3?btag=659754_C281D8E8BE8642F9AECCBF86B062FEA8&transaction_id=1028f31e88bc33d3c7ca987baef8cb&subid=&pid=632896&bid=1975
Frame ID: D6754DBEB9FD730384805270AEC60044
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://parablesamazing.wtf/?Wc4CBj17WloA4iGoktieP6Y6qru3jCnJ6ysFTrdBSX49KV75vrzmHQ Page URL
  2. https://parablesamazing.wtf/?Wc4CBj17WloA4iGoktieP6Y6qru3jCnJ6ysFTrdBSX49KV75vrzmHQ&step2=1&subid=ba_OQ7... Page URL
  3. http://juumper.com/?a=2861&c=19994&s1=&s2=_gotzha-casino-de_ba_OQ7OHGGQUBCPdgF389oa4_TOik6Cfc0R HTTP 302
    http://tracking.prfctcasino.com/aff_c?offer_id=154&aff_id=1000&aff_sub=2861&aff_sub2=19654-347068726 HTTP 302
    https://media.dunderaffiliates.com/redirect.aspx?pid=632896&bid=1975&transaction_id=1028f31e88bc33d3c7ca987baef... HTTP 301
    https://campaign.dunder.com/de/v3?btag=659754_C281D8E8BE8642F9AECCBF86B062FEA8&transaction_id=1028f31e88... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

13
Requests

23 %
HTTPS

20 %
IPv6

6
Domains

6
Subdomains

3
IPs

2
Countries

3 kB
Transfer

48 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://parablesamazing.wtf/?Wc4CBj17WloA4iGoktieP6Y6qru3jCnJ6ysFTrdBSX49KV75vrzmHQ Page URL
  2. https://parablesamazing.wtf/?Wc4CBj17WloA4iGoktieP6Y6qru3jCnJ6ysFTrdBSX49KV75vrzmHQ&step2=1&subid=ba_OQ7OHGGQUBCPdgF389oa4_TOik6Cfc0R Page URL
  3. http://juumper.com/?a=2861&c=19994&s1=&s2=_gotzha-casino-de_ba_OQ7OHGGQUBCPdgF389oa4_TOik6Cfc0R HTTP 302
    http://tracking.prfctcasino.com/aff_c?offer_id=154&aff_id=1000&aff_sub=2861&aff_sub2=19654-347068726 HTTP 302
    https://media.dunderaffiliates.com/redirect.aspx?pid=632896&bid=1975&transaction_id=1028f31e88bc33d3c7ca987baef8cb&subid= HTTP 301
    https://campaign.dunder.com/de/v3?btag=659754_C281D8E8BE8642F9AECCBF86B062FEA8&transaction_id=1028f31e88bc33d3c7ca987baef8cb&subid=&pid=632896&bid=1975 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
parablesamazing.wtf/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://parablesamazing.wtf/?Wc4CBj17WloA4iGoktieP6Y6qru3jCnJ6ysFTrdBSX49KV75vrzmHQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a058 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
069ef830e55b2e15cd3f8c3eba8b92683a4f53b5dc03798f00e8b30531a901e7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
parablesamazing.wtf
:scheme
https
:path
/?Wc4CBj17WloA4iGoktieP6Y6qru3jCnJ6ysFTrdBSX49KV75vrzmHQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status
200
date
Tue, 30 Jul 2019 11:07:25 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d5c7421c4666f07b9c3605b7aded0f4301564484845; expires=Wed, 29-Jul-20 11:07:25 GMT; path=/; domain=.parablesamazing.wtf; HttpOnly; Secure
vary
Accept-Encoding User-Agent
cache-control
private, max-age=86400, no-transform
referrer-policy
no-referrer
content-encoding
gzip
strict-transport-security
max-age=86400; includeSubDomains
x-content-type-options
nosniff
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4fe6de6afeffbef1-FRA
/
parablesamazing.wtf/ 		12 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://parablesamazing.wtf/?Wc4CBj17WloA4iGoktieP6Y6qru3jCnJ6ysFTrdBSX49KV75vrzmHQ&step2=1&subid=ba_OQ7OHGGQUBCPdgF389oa4_TOik6Cfc0R
Requested by
Host: parablesamazing.wtf
URL: https://parablesamazing.wtf/?Wc4CBj17WloA4iGoktieP6Y6qru3jCnJ6ysFTrdBSX49KV75vrzmHQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a058 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fef5ea21dc4a2fa8677cf60244c966471ea37c6465828310c94fbbf4643b512a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
parablesamazing.wtf
:scheme
https
:path
/?Wc4CBj17WloA4iGoktieP6Y6qru3jCnJ6ysFTrdBSX49KV75vrzmHQ&step2=1&subid=ba_OQ7OHGGQUBCPdgF389oa4_TOik6Cfc0R
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
cookie
__cfduid=d5c7421c4666f07b9c3605b7aded0f4301564484845
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status
200
date
Tue, 30 Jul 2019 11:07:25 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding User-Agent
cache-control
private, max-age=86400, no-transform
referrer-policy
no-referrer
content-encoding
gzip
strict-transport-security
max-age=86400; includeSubDomains
x-content-type-options
nosniff
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4fe6de6b4f65bef1-FRA
/
juumper.com/ 		0
0
Primary Request v3
campaign.dunder.com/de/
Redirect Chain
  • http://juumper.com/?a=2861&c=19994&s1=&s2=_gotzha-casino-de_ba_OQ7OHGGQUBCPdgF389oa4_TOik6Cfc0R
  • http://tracking.prfctcasino.com/aff_c?offer_id=154&aff_id=1000&aff_sub=2861&aff_sub2=19654-347068726
  • https://media.dunderaffiliates.com/redirect.aspx?pid=632896&bid=1975&transaction_id=1028f31e88bc33d3c7ca987baef8cb&subid=
  • https://campaign.dunder.com/de/v3?btag=659754_C281D8E8BE8642F9AECCBF86B062FEA8&transaction_id=1028f31e88bc33d3c7ca987baef8cb&subid=&pid=632896&bid=1975
34 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://campaign.dunder.com/de/v3?btag=659754_C281D8E8BE8642F9AECCBF86B062FEA8&transaction_id=1028f31e88bc33d3c7ca987baef8cb&subid=&pid=632896&bid=1975
Requested by
Host: parablesamazing.wtf
URL: https://parablesamazing.wtf/?Wc4CBj17WloA4iGoktieP6Y6qru3jCnJ6ysFTrdBSX49KV75vrzmHQ&step2=1&subid=ba_OQ7OHGGQUBCPdgF389oa4_TOik6Cfc0R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.121.9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.0.16
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
campaign.dunder.com
:scheme
https
:path
/de/v3?btag=659754_C281D8E8BE8642F9AECCBF86B062FEA8&transaction_id=1028f31e88bc33d3c7ca987baef8cb&subid=&pid=632896&bid=1975
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status
200
date
Tue, 30 Jul 2019 11:07:36 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=df1f84c5dde90c20139a5509475a78b481564484856; expires=Wed, 29-Jul-20 11:07:36 GMT; path=/; domain=.dunder.com; HttpOnly
x-powered-by
PHP/7.0.16
link
<https://campaign.dunder.com/de/wp-json/>; rel="https://api.w.org/", <https://campaign.dunder.com/de?p=914>; rel=shortlink
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-mod-pagespeed
1.9.32.14-0
cache-control
max-age=0, no-cache
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4fe6deb04c677299-AMS
content-encoding
br

Redirect headers

Cache-Control
private,no-cache, no-store
Pragma
no-cache
Content-Type
text/html
Location
https://campaign.dunder.com/de/v3?btag=659754_C281D8E8BE8642F9AECCBF86B062FEA8&transaction_id=1028f31e88bc33d3c7ca987baef8cb&subid=&pid=632896&bid=1975
Server
Microsoft-IIS/10.0
P3P
CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
X-AspNet-Version
4.0.30319
Set-Cookie
NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a632896%2c%22BID%22%3a1975%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1564484853200)%5c%2f%22%2c%22CookieTag%22%3a%221975632896757621941C2019730127%22%7d%5d; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/ NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22178574913%7c1%22%7d%5d; expires=Thu, 30-Jul-3018 11:07:33 GMT; path=/ visid_incap_2125556=wYPJStcBRtmBOu0mawEhufQkQF0AAAAAQUIPAAAAAADncEpr7I1BthuospdfFBTU; expires=Wed, 29 Jul 2020 08:28:49 GMT; path=/; Domain=.dunderaffiliates.com incap_ses_451_2125556=ujVfAZWCi0T9x/krmkdCBvQkQF0AAAAAQ160x8mr0zVorfUmbeiikw==; path=/; Domain=.dunderaffiliates.com ___utmvmFEuKSkLZ=lAOGjwLMrLF; path=/; Max-Age=900 ___utmvaFEuKSkLZ=fDyJbAX; path=/; Max-Age=900 ___utmvbFEuKSkLZ=uZl XMiOXalZ: Ctl; path=/; Max-Age=900
Request-Context
appId=cid-v1:42ca6b97-b564-4b23-b218-51b9f4f71628
X-Powered-By
ASP.NET
Date
Tue, 30 Jul 2019 11:07:32 GMT
Connection
close
Content-Length
0
X-Iinfo
5-173151774-173151783 NNNN CT(0 0 0) RT(1564484852236 35) q(0 0 0 1) r(0 0) U11
X-CDN
Incapsula
slots.css
campaign.dunder.com/ 		0
0
master.css
campaign.dunder.com/wp-content/themes/theme2/ 		0
0
jquery.js
campaign.dunder.com/wp-includes/js/jquery/ 		0
0
jquery-migrate.min.js
campaign.dunder.com/wp-includes/js/jquery/ 		0
0
popper.min.js
campaign.dunder.com/wp-content/themes/theme2/ 		0
0
child-theme.min.js
campaign.dunder.com/wp-content/themes/theme2/ 		0
0
wjt3tjw.js
use.typekit.net/ 		0
0
lgz2cdn.js
use.typekit.net/ 		0
0
book-of-dead-land-1.jpg
campaign.dunder.com/wp-content/uploads/2018/05/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
juumper.com
URL
http://juumper.com/?a=2861&c=13401&s1=&s2=_gotzha-casino-de-nAcTL-48_ba_OQ7OHGGQUBCPdgF389oa4_TOik6Cfc0R
Domain
campaign.dunder.com
URL
https://campaign.dunder.com/slots.css?v=1.16
Domain
campaign.dunder.com
URL
https://campaign.dunder.com/wp-content/themes/theme2/master.css
Domain
campaign.dunder.com
URL
https://campaign.dunder.com/wp-includes/js/jquery/jquery.js
Domain
campaign.dunder.com
URL
https://campaign.dunder.com/wp-includes/js/jquery/jquery-migrate.min.js
Domain
campaign.dunder.com
URL
https://campaign.dunder.com/wp-content/themes/theme2/popper.min.js
Domain
campaign.dunder.com
URL
https://campaign.dunder.com/wp-content/themes/theme2/child-theme.min.js
Domain
use.typekit.net
URL
https://use.typekit.net/wjt3tjw.js
Domain
use.typekit.net
URL
https://use.typekit.net/lgz2cdn.js
Domain
campaign.dunder.com
URL
https://campaign.dunder.com/wp-content/uploads/2018/05/book-of-dead-land-1.jpg

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

1 Cookies

Domain/Path Name / Value
.parablesamazing.wtf/ Name: __cfduid
Value: d5c7421c4666f07b9c3605b7aded0f4301564484845

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff