urlscan.io logo urlscan.io
SecurityTrails logo

www6.bildnewsaktuell.com Open in urlscan Pro
85.13.157.212  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://popcash.net/world/go/78036/145869
Effective URL: http://www6.bildnewsaktuell.com/
Submission: On February 24 via manual from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 9 HTTP transactions. The main IP is 85.13.157.212, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is www6.bildnewsaktuell.com.
This is the only time www6.bildnewsaktuell.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 34.225.204.165 14618 (AMAZON-AES)
1 2 108.168.193.189 36351 (SOFTLAYER)
1 3 85.184.251.201 51862 (IONOS-AS)
1 192.152.28.112 54548 (PROFITBRI...)
1 217.79.188.54 24961 (MYLOC-AS ...)
1 217.79.188.2 24961 (MYLOC-AS ...)
1 85.13.157.212 34788 (NMM-AS D)
9 8
1    2606:4700:3035::6815:3426 (United States)

ASN13335 (CLOUDFLARENET, US)
popcash.net
2    34.225.204.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-204-165.compute-1.amazonaws.com
ps.popcash.net
2    108.168.193.189 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: bd.c1.a86c.ip4.static.sl-reverse.com
mybetterck.com
p149800.mybetterck.com
3    85.184.251.201 (Germany)

ASN51862 (IONOS-AS, DE)
PTR: ip85-184-251-201.pbiaas.com
rtb.disply.me
1    192.152.28.112 (United States)

ASN54548 (PROFITBRICKS-USA, US)
PTR: ip192-152-28-112.pbiaas.com
tr.disply.me
1    217.79.188.54 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: aa.adfarm1.adition.com
ad13.adfarm1.adition.com
1    217.79.188.2 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad1.adfarm1.adition.com
ad1.adfarm1.adition.com
1    85.13.157.212 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd40608.kasserver.com
www6.bildnewsaktuell.com
Apex Domain
Subdomains		 Transfer
4 disply.me
rtb.disply.me
tr.disply.me
2 KB
3 popcash.net
popcash.net — Cisco Umbrella Rank: 21681
ps.popcash.net — Cisco Umbrella Rank: 68419
3 KB
2 adition.com
ad13.adfarm1.adition.com — Cisco Umbrella Rank: 52554
ad1.adfarm1.adition.com — Cisco Umbrella Rank: 38050
2 KB
2 mybetterck.com
mybetterck.com — Cisco Umbrella Rank: 40248
p149800.mybetterck.com — Cisco Umbrella Rank: 985466
1 KB
1 bildnewsaktuell.com
www6.bildnewsaktuell.com
398 B
0 exclusiveoffers.today Failed
trk.exclusiveoffers.today Failed
9 6
Domain Requested by
3 rtb.disply.me 1 redirects p149800.mybetterck.com
rtb.disply.me
2 ps.popcash.net 1 redirects
1 www6.bildnewsaktuell.com ad1.adfarm1.adition.com
1 ad1.adfarm1.adition.com ad13.adfarm1.adition.com
1 ad13.adfarm1.adition.com tr.disply.me
1 tr.disply.me rtb.disply.me
1 p149800.mybetterck.com ps.popcash.net
1 mybetterck.com 1 redirects
1 popcash.net 1 redirects
0 trk.exclusiveoffers.today Failed ad1.adfarm1.adition.com
9 10

This site contains no links.

Subject Issuer Validity Valid
*.mybetterck.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-06 -
2023-02-06		 a year crt.sh
*.disply.me
AlphaSSL CA - SHA256 - G2		 2021-09-28 -
2022-10-30		 a year crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G2		 2021-05-21 -
2022-06-22		 a year crt.sh

This page contains 1 frames:

Primary Page: http://www6.bildnewsaktuell.com/
Frame ID: E55476291519E5CFDB006BF0402F647D
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 Not Found

Page URL History Show full URLs

  1. http://popcash.net/world/go/78036/145869 HTTP 301
    http://ps.popcash.net/go/78036/145869 Page URL
  2. http://ps.popcash.net/ad/ad?p=78036&w=145869&t=670f55804c2013b2&r=&vw=1600&vh=1200 HTTP 303
    https://mybetterck.com/aS/feedclick?s=7BsrmHcakyKL2dEM7sUb2Y8uDhK_8R6jB7ZE1YLCGEwYF6YgUAw_3LUC6hWIe... HTTP 302
    https://p149800.mybetterck.com/adServe/adClick?ai=utaGB_LycpNqqym3ENxkUuLbw0qwvs9GRo2Bex3LyBMiggS_Y6RKyi6Ml... Page URL
  3. https://rtb.disply.me/a2nn1qfjjoq046z6kph65 Page URL
  4. http://rtb.disply.me/a2nn1qfjx4igfnzqh10a6 Page URL
  5. https://rtb.disply.me/s2nn1qfkoxfglrzir6h7y HTTP 302
    https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H Page URL
  6. https://ad1.adfarm1.adition.com/banner?sid=4498272&gdpr=0&gdpr_consent=&kid=3890177&wpt=H Page URL
  7. http://www6.bildnewsaktuell.com/ Page URL

Page Statistics

9
Requests

56 %
HTTPS

13 %
IPv6

6
Domains

10
Subdomains

8
IPs

2
Countries

5 kB
Transfer

4 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://popcash.net/world/go/78036/145869 HTTP 301
    http://ps.popcash.net/go/78036/145869 Page URL
  2. http://ps.popcash.net/ad/ad?p=78036&w=145869&t=670f55804c2013b2&r=&vw=1600&vh=1200 HTTP 303
    https://mybetterck.com/aS/feedclick?s=7BsrmHcakyKL2dEM7sUb2Y8uDhK_8R6jB7ZE1YLCGEwYF6YgUAw_3LUC6hWIeTga6IkCbg7sKEvYHBXOP_rLZQXcHrRjAVC1x8Ccu10KovQy41APW-6MwKln2qeMlLf4MACrWjRFRbdQqA-7SpS1-nz8A67K93Xm2XLBSeumdxp-RQAFn2BQ3xgDVrO8Ja_zKve5gTju4kwTfWYFuJY-DcBkozh9QQJqoCv3vSA1ahWiUkjRQ4SnYQjV8ptGnCa-P-AAq8_czQu47vLEd5Yt7uQXcimrIiQJc7feCDzeYwYy1etPxVlfGpDHz100suigU6peeXKxYUCwF8U3uN26tp3U5VQlwZxaKpqziiaLTAxC_OARtIl3x7L8wRz7DS3DaTrJ5ERN403DWGMkV0IuH3dasHA2rkpGpt5RDWjEzVv-PKlQUiQTJtEwi2oaZptrQ1coXOoyLN8Y7QFMumJtD0zRkCJmOWo_4394Lm2KdSwwqaTCAQmMFRM25fIP2Iaea4Gc7L3iFEbfbnGGtAJDVpDzG9oYmBKXhyTn0mpPfJ3V5KjxTXxeGZAAQABd4P5G1wn1tAk05fWUbV_nI8MNe_jsFuwbGh12gYrIXIN944HplDQIrCvK9hOzFB1o33Q3Fe7U76YGwvAl0I57g3aKBLChKYT0Nv2P1lM75H08PwFFagns9Z4rO31G88PGMWNjAt9bVNPbw9H5DyZ_4yjo-jI9UcufA23aa-fZ4fY4zmw40z-rXhBEnFDl-4elVlHg9d4jJF3Oie7KsiUT6mOIdlMOIGJMrr6_grpDQW-utySlx7YWjd2Vcu9YUN9hhfs6G5gkk8yjAnPIxIylmvnBa62pG5b6G3WfrkBY1GAEihQXKZLbNLOQfuHxHeN3pBA4QtTvbKPH3u5ezr-xKkMP3yKCBL9jpErKgD42dmHVoRsh6s0pPikYO6m9jz3k3JaI15j8meyi4Gvss5LeeC9SYiPM9YV_o4drZUBGVM3uuEoOCQefsEKlXXDmApL_E0jfTs-ylLhx7khGz3q-Dq26s7F54JeKebuaylpqcAKMB5XXCJErnCubpHMQ998FV0AIykGsyEKB4dQQvEzNJDopS07PspS4ce5IK5MXcGLdUukNU9oexlozjSsGDJkDUp1iHq2Z9PiDfYebkMzQs_Kbp5-aVGfDa4esmdgpCDwRjbH6oS8mim810gXsETCqGkZdq-tEn7u6qa0D-RtqD0DhJxoJnzP2cI_6M1gEgNZpjVpp3Lq8-ovAVma2JaPPLYskSgA0-7Arsa1HrYWxTNp3Up-25SyteTxIGXuo8NDKsj4WBGu3Yx722IMpqZk4-9arxPJA3lPX9bEmDW_olsHQNA HTTP 302
    https://p149800.mybetterck.com/adServe/adClick?ai=utaGB_LycpNqqym3ENxkUuLbw0qwvs9GRo2Bex3LyBMiggS_Y6RKyi6MlCZKCQR1P0RWgXMK-vqdSxlVmFZU8_7b0smYQd2ZntvpDL1rWYdOIs3E02P7fTkW95Yg0aXlm81Epovry9NMnyHL0hIBXIJhsPpE6TgSDwHvy-FgMa3D9fOdNs4yhvj-io1Jy_ORq90jg_ZyYtlrXZ7fy64Z_MSDPhdk_SCbAOiOAfLKc3X6tVUHBRtKv-3MVfKXZeqnjZ1KsGQdcLbXy9rWOEYUYjyN2o-3EfhQIlDjxDeukss2V8Z1_cNyh9cIHqGMuP9gcBeRmJ93EJu5kygdpabC421p2h3hBQbn7HyBEOo_2tJ52jM6-Hyv0n8drmlLwBcTO8-XODN6ptXCmdLfeykaLg&ui=7BsrmHcakyKL2dEM7sUb2fbWwvziNp_1xLgNeF8Zj-hraACK-BnMp_iwrJhHwSLQyznrzLk0iyg4Fxgqc4yoeGjl3jQqUsiWb9Eqlv1chwugtIiBYHGKzg&si=1&oref=7f047bf4f5d70331120ee316da4f321e&optunit=IoIEv2OkSsoWAEN7AihW3w&rb=wTgypEaKH3w&rr=0&abtg=0 Page URL
  3. https://rtb.disply.me/a2nn1qfjjoq046z6kph65 Page URL
  4. http://rtb.disply.me/a2nn1qfjx4igfnzqh10a6 Page URL
  5. https://rtb.disply.me/s2nn1qfkoxfglrzir6h7y HTTP 302
    https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H Page URL
  6. https://ad1.adfarm1.adition.com/banner?sid=4498272&gdpr=0&gdpr_consent=&kid=3890177&wpt=H Page URL
  7. http://www6.bildnewsaktuell.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://popcash.net/world/go/78036/145869 HTTP 301
  • http://ps.popcash.net/go/78036/145869
Request Chain 1
  • http://ps.popcash.net/ad/ad?p=78036&w=145869&t=670f55804c2013b2&r=&vw=1600&vh=1200 HTTP 303
  • https://mybetterck.com/aS/feedclick?s=7BsrmHcakyKL2dEM7sUb2Y8uDhK_8R6jB7ZE1YLCGEwYF6YgUAw_3LUC6hWIeTga6IkCbg7sKEvYHBXOP_rLZQXcHrRjAVC1x8Ccu10KovQy41APW-6MwKln2qeMlLf4MACrWjRFRbdQqA-7SpS1-nz8A67K93Xm2XLBSeumdxp-RQAFn2BQ3xgDVrO8Ja_zKve5gTju4kwTfWYFuJY-DcBkozh9QQJqoCv3vSA1ahWiUkjRQ4SnYQjV8ptGnCa-P-AAq8_czQu47vLEd5Yt7uQXcimrIiQJc7feCDzeYwYy1etPxVlfGpDHz100suigU6peeXKxYUCwF8U3uN26tp3U5VQlwZxaKpqziiaLTAxC_OARtIl3x7L8wRz7DS3DaTrJ5ERN403DWGMkV0IuH3dasHA2rkpGpt5RDWjEzVv-PKlQUiQTJtEwi2oaZptrQ1coXOoyLN8Y7QFMumJtD0zRkCJmOWo_4394Lm2KdSwwqaTCAQmMFRM25fIP2Iaea4Gc7L3iFEbfbnGGtAJDVpDzG9oYmBKXhyTn0mpPfJ3V5KjxTXxeGZAAQABd4P5G1wn1tAk05fWUbV_nI8MNe_jsFuwbGh12gYrIXIN944HplDQIrCvK9hOzFB1o33Q3Fe7U76YGwvAl0I57g3aKBLChKYT0Nv2P1lM75H08PwFFagns9Z4rO31G88PGMWNjAt9bVNPbw9H5DyZ_4yjo-jI9UcufA23aa-fZ4fY4zmw40z-rXhBEnFDl-4elVlHg9d4jJF3Oie7KsiUT6mOIdlMOIGJMrr6_grpDQW-utySlx7YWjd2Vcu9YUN9hhfs6G5gkk8yjAnPIxIylmvnBa62pG5b6G3WfrkBY1GAEihQXKZLbNLOQfuHxHeN3pBA4QtTvbKPH3u5ezr-xKkMP3yKCBL9jpErKgD42dmHVoRsh6s0pPikYO6m9jz3k3JaI15j8meyi4Gvss5LeeC9SYiPM9YV_o4drZUBGVM3uuEoOCQefsEKlXXDmApL_E0jfTs-ylLhx7khGz3q-Dq26s7F54JeKebuaylpqcAKMB5XXCJErnCubpHMQ998FV0AIykGsyEKB4dQQvEzNJDopS07PspS4ce5IK5MXcGLdUukNU9oexlozjSsGDJkDUp1iHq2Z9PiDfYebkMzQs_Kbp5-aVGfDa4esmdgpCDwRjbH6oS8mim810gXsETCqGkZdq-tEn7u6qa0D-RtqD0DhJxoJnzP2cI_6M1gEgNZpjVpp3Lq8-ovAVma2JaPPLYskSgA0-7Arsa1HrYWxTNp3Up-25SyteTxIGXuo8NDKsj4WBGu3Yx722IMpqZk4-9arxPJA3lPX9bEmDW_olsHQNA HTTP 302
  • https://p149800.mybetterck.com/adServe/adClick?ai=utaGB_LycpNqqym3ENxkUuLbw0qwvs9GRo2Bex3LyBMiggS_Y6RKyi6MlCZKCQR1P0RWgXMK-vqdSxlVmFZU8_7b0smYQd2ZntvpDL1rWYdOIs3E02P7fTkW95Yg0aXlm81Epovry9NMnyHL0hIBXIJhsPpE6TgSDwHvy-FgMa3D9fOdNs4yhvj-io1Jy_ORq90jg_ZyYtlrXZ7fy64Z_MSDPhdk_SCbAOiOAfLKc3X6tVUHBRtKv-3MVfKXZeqnjZ1KsGQdcLbXy9rWOEYUYjyN2o-3EfhQIlDjxDeukss2V8Z1_cNyh9cIHqGMuP9gcBeRmJ93EJu5kygdpabC421p2h3hBQbn7HyBEOo_2tJ52jM6-Hyv0n8drmlLwBcTO8-XODN6ptXCmdLfeykaLg&ui=7BsrmHcakyKL2dEM7sUb2fbWwvziNp_1xLgNeF8Zj-hraACK-BnMp_iwrJhHwSLQyznrzLk0iyg4Fxgqc4yoeGjl3jQqUsiWb9Eqlv1chwugtIiBYHGKzg&si=1&oref=7f047bf4f5d70331120ee316da4f321e&optunit=IoIEv2OkSsoWAEN7AihW3w&rb=wTgypEaKH3w&rr=0&abtg=0
Request Chain 5
  • https://rtb.disply.me/s2nn1qfkoxfglrzir6h7y HTTP 302
  • https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
145869
ps.popcash.net/go/78036/
Redirect Chain
  • http://popcash.net/world/go/78036/145869
  • http://ps.popcash.net/go/78036/145869
425 B
460 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ps.popcash.net/go/78036/145869
Protocol
HTTP/1.1
Server
34.225.204.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-204-165.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf259218da66727049333821e696c41fc671448c9ac46c341f80f43fa0cf6688

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 24 Feb 2022 17:45:28 GMT
Server
nginx
Vary
Accept-Encoding
Content-Length
272
Connection
keep-alive

Redirect headers

Date
Thu, 24 Feb 2022 17:45:28 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
http://ps.popcash.net/go/78036/145869
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obhkQBDj%2FsGrPK9EUJrckPFrLVd%2FeR5rQ8vYQVG%2B7bjcn7P3lAB5%2BafyQR9wYBAnP25d9g6lvfgiPcZB7enkZrFKx2%2BFBZxnKXUCnFysgiY3rpbsyHDCaEKdB2GEeVT1zGMgeSvbUbV%2F"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6e2a81fd8c046d8c-MUC
adClick
p149800.mybetterck.com/adServe/
Redirect Chain
  • http://ps.popcash.net/ad/ad?p=78036&w=145869&t=670f55804c2013b2&r=&vw=1600&vh=1200
  • https://mybetterck.com/aS/feedclick?s=7BsrmHcakyKL2dEM7sUb2Y8uDhK_8R6jB7ZE1YLCGEwYF6YgUAw_3LUC6hWIeTga6IkCbg7sKEvYHBXOP_rLZQXcHrRjAVC1x8Ccu10KovQy41APW-6MwKln2qeMlLf4MACrWjRFRbdQqA-7SpS1-nz8A67K93X...
  • https://p149800.mybetterck.com/adServe/adClick?ai=utaGB_LycpNqqym3ENxkUuLbw0qwvs9GRo2Bex3LyBMiggS_Y6RKyi6MlCZKCQR1P0RWgXMK-vqdSxlVmFZU8_7b0smYQd2ZntvpDL1rWYdOIs3E02P7fTkW95Yg0aXlm81Epovry9NMnyHL0hI...
239 B
550 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p149800.mybetterck.com/adServe/adClick?ai=utaGB_LycpNqqym3ENxkUuLbw0qwvs9GRo2Bex3LyBMiggS_Y6RKyi6MlCZKCQR1P0RWgXMK-vqdSxlVmFZU8_7b0smYQd2ZntvpDL1rWYdOIs3E02P7fTkW95Yg0aXlm81Epovry9NMnyHL0hIBXIJhsPpE6TgSDwHvy-FgMa3D9fOdNs4yhvj-io1Jy_ORq90jg_ZyYtlrXZ7fy64Z_MSDPhdk_SCbAOiOAfLKc3X6tVUHBRtKv-3MVfKXZeqnjZ1KsGQdcLbXy9rWOEYUYjyN2o-3EfhQIlDjxDeukss2V8Z1_cNyh9cIHqGMuP9gcBeRmJ93EJu5kygdpabC421p2h3hBQbn7HyBEOo_2tJ52jM6-Hyv0n8drmlLwBcTO8-XODN6ptXCmdLfeykaLg&ui=7BsrmHcakyKL2dEM7sUb2fbWwvziNp_1xLgNeF8Zj-hraACK-BnMp_iwrJhHwSLQyznrzLk0iyg4Fxgqc4yoeGjl3jQqUsiWb9Eqlv1chwugtIiBYHGKzg&si=1&oref=7f047bf4f5d70331120ee316da4f321e&optunit=IoIEv2OkSsoWAEN7AihW3w&rb=wTgypEaKH3w&rr=0&abtg=0
Requested by
Host: ps.popcash.net
URL: http://ps.popcash.net/go/78036/145869
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
bd.c1.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://ps.popcash.net/go/78036/145869

Response headers

server
nginx
date
Thu, 24 Feb 2022 17:45:28 GMT
content-type
text/html;charset=ISO-8859-1
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

server
nginx
date
Thu, 24 Feb 2022 17:45:28 GMT
content-length
0
location
https://p149800.mybetterck.com/adServe/adClick?ai=utaGB_LycpNqqym3ENxkUuLbw0qwvs9GRo2Bex3LyBMiggS_Y6RKyi6MlCZKCQR1P0RWgXMK-vqdSxlVmFZU8_7b0smYQd2ZntvpDL1rWYdOIs3E02P7fTkW95Yg0aXlm81Epovry9NMnyHL0hIBXIJhsPpE6TgSDwHvy-FgMa3D9fOdNs4yhvj-io1Jy_ORq90jg_ZyYtlrXZ7fy64Z_MSDPhdk_SCbAOiOAfLKc3X6tVUHBRtKv-3MVfKXZeqnjZ1KsGQdcLbXy9rWOEYUYjyN2o-3EfhQIlDjxDeukss2V8Z1_cNyh9cIHqGMuP9gcBeRmJ93EJu5kygdpabC421p2h3hBQbn7HyBEOo_2tJ52jM6-Hyv0n8drmlLwBcTO8-XODN6ptXCmdLfeykaLg&ui=7BsrmHcakyKL2dEM7sUb2fbWwvziNp_1xLgNeF8Zj-hraACK-BnMp_iwrJhHwSLQyznrzLk0iyg4Fxgqc4yoeGjl3jQqUsiWb9Eqlv1chwugtIiBYHGKzg&si=1&oref=7f047bf4f5d70331120ee316da4f321e&optunit=IoIEv2OkSsoWAEN7AihW3w&rb=wTgypEaKH3w&rr=0&abtg=0
a2nn1qfjjoq046z6kph65
rtb.disply.me/ 		297 B
570 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.disply.me/a2nn1qfjjoq046z6kph65
Requested by
Host: p149800.mybetterck.com
URL: https://p149800.mybetterck.com/adServe/adClick?ai=utaGB_LycpNqqym3ENxkUuLbw0qwvs9GRo2Bex3LyBMiggS_Y6RKyi6MlCZKCQR1P0RWgXMK-vqdSxlVmFZU8_7b0smYQd2ZntvpDL1rWYdOIs3E02P7fTkW95Yg0aXlm81Epovry9NMnyHL0hIBXIJhsPpE6TgSDwHvy-FgMa3D9fOdNs4yhvj-io1Jy_ORq90jg_ZyYtlrXZ7fy64Z_MSDPhdk_SCbAOiOAfLKc3X6tVUHBRtKv-3MVfKXZeqnjZ1KsGQdcLbXy9rWOEYUYjyN2o-3EfhQIlDjxDeukss2V8Z1_cNyh9cIHqGMuP9gcBeRmJ93EJu5kygdpabC421p2h3hBQbn7HyBEOo_2tJ52jM6-Hyv0n8drmlLwBcTO8-XODN6ptXCmdLfeykaLg&ui=7BsrmHcakyKL2dEM7sUb2fbWwvziNp_1xLgNeF8Zj-hraACK-BnMp_iwrJhHwSLQyznrzLk0iyg4Fxgqc4yoeGjl3jQqUsiWb9Eqlv1chwugtIiBYHGKzg&si=1&oref=7f047bf4f5d70331120ee316da4f321e&optunit=IoIEv2OkSsoWAEN7AihW3w&rb=wTgypEaKH3w&rr=0&abtg=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.184.251.201 , Germany, ASN51862 (IONOS-AS, DE),
Reverse DNS
ip85-184-251-201.pbiaas.com
Software
nginx/1.13.0 / PHP/5.6.30
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.13.0
Date
Thu, 24 Feb 2022 17:45:29 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.6.30
X-Node
de-pool01-tr01
Content-Encoding
gzip
a2nn1qfjx4igfnzqh10a6
rtb.disply.me/ 		143 B
506 B 		Document
General
Check archive.org
Download Go to
Full URL
http://rtb.disply.me/a2nn1qfjx4igfnzqh10a6
Requested by
Host: rtb.disply.me
URL: https://rtb.disply.me/a2nn1qfjjoq046z6kph65
Protocol
HTTP/1.1
Server
85.184.251.201 , Germany, ASN51862 (IONOS-AS, DE),
Reverse DNS
ip85-184-251-201.pbiaas.com
Software
nginx/1.13.0 / PHP/5.6.30
Resource Hash
8c99ed0d8cbffb017ed02ab09a123c84b4d67fb6b049337f44319e288e893b4a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.13.0
Date
Thu, 24 Feb 2022 17:45:29 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.6.30
X-Node
de-pool01-tr01
Content-Encoding
gzip
rra.php
tr.disply.me/ 		60 B
279 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.disply.me/rra.php?tp=wtcAd&t=1
Requested by
Host: rtb.disply.me
URL: http://rtb.disply.me/a2nn1qfjx4igfnzqh10a6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
192.152.28.112 , United States, ASN54548 (PROFITBRICKS-USA, US),
Reverse DNS
ip192-152-28-112.pbiaas.com
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 17:45:29 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
nginx
x-backend-response
0.013
content-type
application/javascript
access-control-allow-headers
Cache-Control,Pragma,origin
x-cluster-node
dy-tr01
banner
ad13.adfarm1.adition.com/
Redirect Chain
  • https://rtb.disply.me/s2nn1qfkoxfglrzir6h7y
  • https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H
Requested by
Host: tr.disply.me
URL: https://tr.disply.me/rra.php?tp=wtcAd&t=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
aa.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
bf0210f3761cd90487973b195e0977d4769bd796a245215f881930cd8bb19330

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://rtb.disply.me/a2nn1qfjx4igfnzqh10a6

Response headers

content-type
text/html
server
ADITIONSERVER v1.0
date
Thu, 24 Feb 2022 18:45:29 +0100
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma
no-cache
content-encoding
gzip

Redirect headers

Server
nginx/1.13.0
Date
Thu, 24 Feb 2022 17:45:29 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.6.30
Location
https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H
X-Node
de-pool01-tr01
banner
ad1.adfarm1.adition.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad1.adfarm1.adition.com/banner?sid=4498272&gdpr=0&gdpr_consent=&kid=3890177&wpt=H
Requested by
Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=3699872&kid=3386344&wpt=H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.2 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad1.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
5988393af523ea593877c7aacb17bd2998140f2290a91026f16d45dfc8ed049a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad13.adfarm1.adition.com/

Response headers

content-type
text/html
server
ADITIONSERVER v1.0
date
Thu, 24 Feb 2022 18:45:29 +0100
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma
no-cache
content-encoding
gzip
0cb10f32-b650-44db-9d09-d916504dcba1
trk.exclusiveoffers.today/impression/ 		0
0
Primary Request /
www6.bildnewsaktuell.com/ 		196 B
398 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www6.bildnewsaktuell.com/
Requested by
Host: ad1.adfarm1.adition.com
URL: https://ad1.adfarm1.adition.com/banner?sid=4498272&gdpr=0&gdpr_consent=&kid=3890177&wpt=H
Protocol
HTTP/1.1
Server
85.13.157.212 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd40608.kasserver.com
Software
Apache /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 24 Feb 2022 17:45:29 GMT
Server
Apache
Content-Length
196
Keep-Alive
timeout=2, max=1000
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
trk.exclusiveoffers.today
URL
https://trk.exclusiveoffers.today/impression/0cb10f32-b650-44db-9d09-d916504dcba1?Motiv={Motiv}

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone

4 Cookies

Domain/Path Name / Value
.mybetterck.com/ Name: rhid
Value: 80782363983
.mybetterck.com/ Name: loi
Value: ad_683043_off_276189_aff_15466_cid_149800-145869_ts_1645724728
rtb.disply.me/ Name: YUC
Value: 55a969b8-ddbc-49fd-ace3-4833cfdbd537
.adfarm1.adition.com/ Name: UserID1
Value: 7068333889320322280

1 Console Messages

Source Level URL
Text
network error URL: http://www6.bildnewsaktuell.com/
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)