urlscan.io logo urlscan.io
SecurityTrails logo

lp.interwetten.com Open in urlscan Pro
194.127.139.104  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://search.len-reg.info/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=08881
Effective URL: https://lp.interwetten.com/NKBEURDE?bn=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar
Submission: On March 22 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 12 HTTP transactions. The main IP is 194.127.139.104, located in Austria and belongs to INTERWETTEN-AT-AS, AT. The main domain is lp.interwetten.com.
TLS certificate: Issued by Thawte TLS RSA CA G1 on January 5th 2018. Valid for: a year.
This is the only time lp.interwetten.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 198.143.165.220 32475 (SINGLEHOP...)
1 3 107.6.174.196 32475 (SINGLEHOP...)
1 205.147.93.131 393676 (ZENEDGE)
1 52.72.228.176 14618 (AMAZON-AES)
1 89.255.250.69 60626 (LEASEWEBCDN)
2 2 52.45.229.95 14618 (AMAZON-AES)
2 3 62.141.35.233 24961 (MYLOC-AS)
1 1 151.106.13.29 29066 (VELIANET-...)
3 194.127.139.104 43916 (INTERWETT...)
12 8
3    198.143.165.220 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: server04.com-2.mobi
search.len-reg.info
3    107.6.174.196 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: bigfish.setupcentral.network
up.trkgenius.com
1    205.147.93.131 (North Miami Beach, United States)

ASN393676 (ZENEDGE - Oracle Corporation, US)
minently.com
1    52.72.228.176 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-72-228-176.compute-1.amazonaws.com
ggthemig.com
1    89.255.250.69 (Netherlands)

ASN60626 (LEASEWEBCDN, NL)
cdn.ggthemig.com
2    52.45.229.95 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-45-229-95.compute-1.amazonaws.com
paramonos-oha.com
3    62.141.35.233 (Germany)

ASN24961 (MYLOC-AS, DE)
PTR: ve922.venus.dedi.server-hosting.expert
llilil.com
1    151.106.13.29 (Milwaukee, United States)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
go2linkfast.com
3    194.127.139.104 (Austria)

ASN43916 (INTERWETTEN-AT-AS, AT)
lp.interwetten.com
Apex Domain
Subdomains		 Transfer
3 interwetten.com
lp.interwetten.com
315 KB
3 llilil.com
llilil.com
29 KB
3 trkgenius.com
up.trkgenius.com
4 KB
3 len-reg.info
search.len-reg.info
5 KB
2 paramonos-oha.com
paramonos-oha.com
1 KB
2 ggthemig.com
ggthemig.com Failed
cdn.ggthemig.com
2 KB
1 go2linkfast.com
go2linkfast.com
976 B
1 minently.com
minently.com
3 KB
12 8
Domain Requested by
3 lp.interwetten.com cdn.ggthemig.com
lp.interwetten.com
3 llilil.com 2 redirects ggthemig.com
3 up.trkgenius.com 1 redirects search.len-reg.info
up.trkgenius.com
3 search.len-reg.info 1 redirects search.len-reg.info
2 paramonos-oha.com 2 redirects
1 go2linkfast.com 1 redirects
1 cdn.ggthemig.com ggthemig.com
1 ggthemig.com minently.com
1 minently.com
12 9

This site contains links to these domains. Also see Links.

Domain
www.interwetten.com
Subject Issuer Validity Valid
up.trkgenius.com
Let's Encrypt Authority X3		 2019-01-21 -
2019-04-21		 3 months crt.sh
minently.com
Let's Encrypt Authority X3		 2019-01-22 -
2019-04-22		 3 months crt.sh
llilil.com
Let's Encrypt Authority X3		 2019-02-23 -
2019-05-24		 3 months crt.sh
*.interwetten.com
Thawte TLS RSA CA G1		 2018-01-05 -
2019-05-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://lp.interwetten.com/NKBEURDE?bn=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar
Frame ID: 2F8DD3B9EF176ADA1458448B873D42D9
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://search.len-reg.info/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=08881 Page URL
  2. http://search.len-reg.info/?utm_term=6671124310049948542&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
  3. http://search.len-reg.info/proc.php?54459be284ca06c37ddafd1bb2a1cef2d960143e HTTP 302
    https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=667112431004994... Page URL
  4. https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6671124310049948... Page URL
  5. https://up.trkgenius.com/out.php?v=2c2bf2443e9cad801a717da71a593b09 HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=W... Page URL
  6. http://ggthemig.com/rnd/warez?pkyb=vRzSVjHyBCNmBt2VWJqFDglkaxgI8XrKQxk5fskAQZY%3D Page URL
  7. http://paramonos-oha.com/vgyadfyasydg_adsermadrems?adTagId=ee795150-730c-11e8-800a-0ae8b840b174&cpm=0... HTTP 302
    https://go2linkfast.com/i/11411?var1=november-vow-7ApPx0Qn HTTP 302
    https://lp.interwetten.com/NKBEURDE?bn=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

12
Requests

58 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

8
IPs

4
Countries

357 kB
Transfer

367 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://search.len-reg.info/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=08881 Page URL
  2. http://search.len-reg.info/?utm_term=6671124310049948542&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b08186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0f1f6f2f1f5eeedbbd9eeefecede2e3e0e1e6e7e4e11a1b18192eb1 Page URL
  3. http://search.len-reg.info/proc.php?54459be284ca06c37ddafd1bb2a1cef2d960143e HTTP 302
    https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6671124310049948542&pubid=1608 Page URL
  4. https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6671124310049948542&pubid=1608&m=3Pouxbo22ba7XMimJN7k3iG07nMCu9IL-_ERbBdyf4c-LogRnBg-LoE8njzeL_Su3AcunaoSutkv7vuyyFSgZOSGCmWLuEISJnaSJqkm7EumnBzC4Ed0ui Page URL
  5. https://up.trkgenius.com/out.php?v=2c2bf2443e9cad801a717da71a593b09 HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=6b54ade9310564e9bb21c9cca0b93847&ext1=dvx Page URL
  6. http://ggthemig.com/rnd/warez?pkyb=vRzSVjHyBCNmBt2VWJqFDglkaxgI8XrKQxk5fskAQZY%3D Page URL
  7. http://paramonos-oha.com/vgyadfyasydg_adsermadrems?adTagId=ee795150-730c-11e8-800a-0ae8b840b174&cpm=0.000002&fallbackUrl=http%3A%2F%2Farre.work%2Fclick%2F1%2F950fe227-9cc3-410f-8081-2cc50422cd25 HTTP 302
    https://go2linkfast.com/i/11411?var1=november-vow-7ApPx0Qn HTTP 302
    https://lp.interwetten.com/NKBEURDE?bn=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://search.len-reg.info/proc.php?54459be284ca06c37ddafd1bb2a1cef2d960143e HTTP 302
  • https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6671124310049948542&pubid=1608
Request Chain 4
  • https://up.trkgenius.com/out.php?v=2c2bf2443e9cad801a717da71a593b09 HTTP 302
  • https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=6b54ade9310564e9bb21c9cca0b93847&ext1=dvx
Request Chain 8
  • http://paramonos-oha.com/vgyadfyasydg_defa_adsmulms?adTagId=ee795150-730c-11e8-800a-0ae8b840b174&cpm=0.05&fallbackUrl=http%3A%2F%2Farre.work%2Fclick%2F1%2F950fe227-9cc3-410f-8081-2cc50422cd25 HTTP 302
  • https://llilil.com/clikc.php?key=qiqdms3bxvhea2fppzys&cid=dvd1427ca14c7911e99e2712618bcac89a2a91ab604c3811e99e2712618bcac89a036992d8fba402e8c0&target=alpha-mig-hIgH47Om&campaign_id=1169252&geo=DE&keyword=&source=morel-bovine&match=&campaign_name=18+Win+an+iPhone+DE&carrier=unknown&traffic_type=POPUP&visitor_type=NON-ADULT HTTP 301
  • https://llilil.com/click.php?key=qiqdms3bxvhea2fppzys&cid=dvd1427ca14c7911e99e2712618bcac89a2a91ab604c3811e99e2712618bcac89a036992d8fba402e8c0&target=alpha-mig-hIgH47Om&campaign_id=1169252&geo=DE&keyword=&source=morel-bovine&match=&campaign_name=18+Win+an+iPhone+DE&carrier=unknown&traffic_type=POPUP&visitor_type=NON-ADULT&natds=hor HTTP 302
  • http://llilil.com/tracker/redads/index.php?device_name=Desktop&lpkey=150f539224a6214499&campaign=18&domain=llilil.com&t1=1&t2=1&clickid=8f8b2xsfva6vr1f7&dhre=100&fn=tdgTiKPidmr5d45HkpleerM&po=0&comp=god&uclick=xsfva6vr HTTP 307
  • https://llilil.com/tracker/redads/index.php?device_name=Desktop&lpkey=150f539224a6214499&campaign=18&domain=llilil.com&t1=1&t2=1&clickid=8f8b2xsfva6vr1f7&dhre=100&fn=tdgTiKPidmr5d45HkpleerM&po=0&comp=god&uclick=xsfva6vr

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
search.len-reg.info/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://search.len-reg.info/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=08881
Protocol
HTTP/1.1
Server
198.143.165.220 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
5eea9f4802b9cb93ad509c6855454c90bdf57edbc75f8fb6374db7504a835040

Request headers

Host
search.len-reg.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Fri, 22 Mar 2019 08:09:27 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie
u=5aff9540d45049b42f175189fe8c1e98; expires=Sat, 21-Mar-2020 08:09:27 GMT; Max-Age=31536000; path=/
Content-Encoding
gzip
/
search.len-reg.info/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://search.len-reg.info/?utm_term=6671124310049948542&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b08186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0f1f6f2f1f5eeedbbd9eeefecede2e3e0e1e6e7e4e11a1b18192eb1
Requested by
Host: search.len-reg.info
URL: http://search.len-reg.info/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=08881
Protocol
HTTP/1.1
Server
198.143.165.220 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
f8af2d343b0e8fb9b192e563bce0d05418d6aa4b236b0918940523e4aa7d7a01

Request headers

Host
search.len-reg.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://search.len-reg.info/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=08881
Accept-Encoding
gzip, deflate
Cookie
u=5aff9540d45049b42f175189fe8c1e98
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://search.len-reg.info/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=08881

Response headers

Server
nginx
Date
Fri, 22 Mar 2019 08:09:27 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding
gzip
in.html
up.trkgenius.com/
Redirect Chain
  • http://search.len-reg.info/proc.php?54459be284ca06c37ddafd1bb2a1cef2d960143e
  • https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6671124310049948542&pubid=1608
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6671124310049948542&pubid=1608
Requested by
Host: search.len-reg.info
URL: http://search.len-reg.info/?utm_term=6671124310049948542&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b08186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0f1f6f2f1f5eeedbbd9eeefecede2e3e0e1e6e7e4e11a1b18192eb1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.6.174.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
bigfish.setupcentral.network
Software
nginx/1.14.0 /
Resource Hash
7e11348d49a8eb6e7584fca5405c42b697353d4c8b6946ac4d57c4e17b0e0eaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
up.trkgenius.com
:scheme
https
:path
/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6671124310049948542&pubid=1608
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://search.len-reg.info/?utm_term=6671124310049948542&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b08186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0f1f6f2f1f5eeedbbd9eeefecede2e3e0e1e6e7e4e11a1b18192eb1
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://search.len-reg.info/?utm_term=6671124310049948542&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b08186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0f1f6f2f1f5eeedbbd9eeefecede2e3e0e1e6e7e4e11a1b18192eb1

Response headers

status
200
server
nginx/1.14.0
date
Fri, 22 Mar 2019 08:09:27 GMT
content-type
text/html
last-modified
Sun, 27 Jan 2019 05:38:08 GMT
etag
W/"5c4d43c0-1605"
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip

Redirect headers

Server
nginx
Date
Fri, 22 Mar 2019 08:09:27 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6671124310049948542&pubid=1608
in.php
up.trkgenius.com/ 		1 KB
983 B 		Document
General
Check archive.org
Download Go to
Full URL
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6671124310049948542&pubid=1608&m=3Pouxbo22ba7XMimJN7k3iG07nMCu9IL-_ERbBdyf4c-LogRnBg-LoE8njzeL_Su3AcunaoSutkv7vuyyFSgZOSGCmWLuEISJnaSJqkm7EumnBzC4Ed0ui
Requested by
Host: up.trkgenius.com
URL: https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6671124310049948542&pubid=1608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.6.174.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
bigfish.setupcentral.network
Software
nginx/1.14.0 /
Resource Hash
0127d76450a0ecf29f9ad9e679f57d521795368741652214e87ad1afba7416e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
up.trkgenius.com
:scheme
https
:path
/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6671124310049948542&pubid=1608&m=3Pouxbo22ba7XMimJN7k3iG07nMCu9IL-_ERbBdyf4c-LogRnBg-LoE8njzeL_Su3AcunaoSutkv7vuyyFSgZOSGCmWLuEISJnaSJqkm7EumnBzC4Ed0ui
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6671124310049948542&pubid=1608
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6671124310049948542&pubid=1608

Response headers

status
200
server
nginx/1.14.0
date
Fri, 22 Mar 2019 08:09:27 GMT
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
pragma
no-cache
expires
0
surrogate-control
no-store
refresh
0; url=out.php?v=2c2bf2443e9cad801a717da71a593b09
set-cookie
t=75451fec92bdd4a1
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ
minently.com/RnSda/rDN3/ojdn/
Redirect Chain
  • https://up.trkgenius.com/out.php?v=2c2bf2443e9cad801a717da71a593b09
  • https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=6b54ade9310564e9bb21c9cca0b93847&ext1=dvx
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=6b54ade9310564e9bb21c9cca0b93847&ext1=dvx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.147.93.131 North Miami Beach, United States, ASN393676 (ZENEDGE - Oracle Corporation, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
d976df508c5c4a952cd9ac89ae65d68c2113b52de9e70c5455d45fcef0785202
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

:method
GET
:authority
minently.com
:scheme
https
:path
/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=6b54ade9310564e9bb21c9cca0b93847&ext1=dvx
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6671124310049948542&pubid=1608&m=3Pouxbo22ba7XMimJN7k3iG07nMCu9IL-_ERbBdyf4c-LogRnBg-LoE8njzeL_Su3AcunaoSutkv7vuyyFSgZOSGCmWLuEISJnaSJqkm7EumnBzC4Ed0ui
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6671124310049948542&pubid=1608&m=3Pouxbo22ba7XMimJN7k3iG07nMCu9IL-_ERbBdyf4c-LogRnBg-LoE8njzeL_Su3AcunaoSutkv7vuyyFSgZOSGCmWLuEISJnaSJqkm7EumnBzC4Ed0ui

Response headers

status
200
content-type
text/html;charset=utf-8
x-cache-status
NOTCACHED
x-zen-fury
8b68720504d6e5cfa41c41f99e5444c428727b0d
date
Fri, 22 Mar 2019 08:09:28 GMT
cache-control
no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
expires
Sat, 26 Jul 1997 05:00:00 GMT
set-cookie
MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=c8f6c34014a838acdf053eb8e973ad8a_1553242168.065; domain=minently.com; path=/; expires=Mon, 19-Mar-2029 08:09:28 UTC; Secure x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1553242168.0665; domain=minently.com; path=/; expires=Mon, 19-Mar-2029 08:09:28 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3Vm54dUkxR1laODlCaXJxeVhzd0k5RXlVRjV0ZkpKem1qc044WkZWWXRTTg%3D%3D; domain=minently.com; path=/; expires=Mon, 19-Mar-2029 08:09:28 UTC; Secure c8f6c34014a838acdf053eb8e973ad8a_1553242168.065_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bnZEc0kzbHpMem9zQnQxUTE4UkJTc3pwSFlKY3BWM212TCt6Rldsb0p6U2NHNGJ1SFJUUzRSN1VkWlhETFVwT3ZNdTBlNTAwWkQ5MUZsSlErRlpRaFJoSkJSS3VtV1hvZG8yUGh6OGRocnhPV3RFdkJ3Yld0YUNna2tyRGdSR0M0TjRRZ0M0K2ppREJkRm9pN1hJeUJvVkx5Sk8yN0VUUDJQbUc2TlhmYzZjTGRGQWNkZmR0UnVYM0FtOE9lNkR4a3dqWEdwOWY5OTVPUlFNTG1iMnF4aHlkMFh5dVpXRVYwOUtLZkxUelBKbVgzU3pvNlIwS2ZxN0Z6ak5SQmNGcFgyMC9MRXJpaS9EQTBUMUJRM2xpektnckphYkpHM3BSd2EyVVl0ZFJkbkUzUDdEMFJCSy9IS1M0WGczN3AreWVvWG4yOTU1c0FqZEFjYkZFY0hCbFdVY1pPN1ZSOUhmRC9SV2FCbzl1RmZCK2RlckZOZjZyMlQrVHpteDJtRjhQKzIweVdScnNrTERWRmpXak1nY1l2VTUvNGRYWUZ5VmIxSUlkQTVOZ3lVOSthRTJqMkVRNVREdjBxcXNBbk4rcVFJSy9pYmd5aHZYVzJuWHo1WTVTMHBhaXVpaFpYV0NLbjBtZ2tjMVN2V2lEQXNjUW50d3UrUi84NlU0SzV2TDZSSEJSdUZ4QWovdG4wcDdlaE8wR2lqdzd3THVzTVJXNTNON3pUYkFOTDNqenRTU205c1AvWkgrbUIwdWUxalQzS2RRc0VzTzIrTHA3bzdRQXlwM2FaSkRnWUk5YnQvNXQ5QXQ1Y1owUDlZY1lqdlZQQUh3bzJQcWFrTnhsTWxDUFF0SU93MjJvZlFOYlEvYnVzTGhXOHZ2WmdhV29iNWY0SHpuUHVLRHc1ZGt3ZHpmdkR4ZnFLZ2VyZ3J4djNzQlJDSjFGUk9YTDlPbXp5d1R4SG1JNUhrVVpXYlROZEEvZmt1TWtPeWZPZGoxMEY0ZUhPMU1iaHJESmJLT0FhdnNyMy96Rm5meWhscVNKZ0R3aTB5WDNRaEhvRjd1QU83emk0UkI4cUNnN0xZSUtjOGJxaG93MWpxWTFBdktUa1Y2dmc9PQ%3D%3D; domain=minently.com; path=/; expires=Mon, 19-Mar-2029 08:09:28 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=NVY5NWFXbU50a1luUW0wRkRKbTA2c0d0SE9qZjJuUXFzSXYrVjFPc2ZjVE1jUmdZU1BRODdidGUzSzBFRnZRLzZ3SW1MaEY0SUlaWjI4N2t0K2p1U2pkZzZCOVhpZXVXODlTcWN2ckNES1U9; domain=minently.com; path=/; expires=Fri, 22-Mar-2019 09:14:28 UTC; Secure SERVERID=sfc36; path=/
vary
Accept-Encoding Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
ZENEDGE
x-cdn
Served-By-Zenedge

Redirect headers

status
302
server
nginx/1.14.0
date
Fri, 22 Mar 2019 08:09:27 GMT
content-type
text/html; charset=UTF-8
location
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=6b54ade9310564e9bb21c9cca0b93847&ext1=dvx
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
pragma
no-cache
expires
0
surrogate-control
no-store
strict-transport-security
max-age=31536000; includeSubDomains
warez
ggthemig.com/rnd/ 		0
0
Cookie set warez
ggthemig.com/rnd/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ggthemig.com/rnd/warez?pkyb=vRzSVjHyBCNmBt2VWJqFDglkaxgI8XrKQxk5fskAQZY%3D
Requested by
Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=6b54ade9310564e9bb21c9cca0b93847&ext1=dvx
Protocol
HTTP/1.1
Server
52.72.228.176 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-72-228-176.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
2070d898fcd89478ec942697ba266da044548a964ffbb0601c21ee1cd6bbf24e

Request headers

Host
ggthemig.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://minently.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://minently.com/

Response headers

Date
Fri, 22 Mar 2019 08:09:29 GMT
Content-Type
text/html;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
AWSALB=4qHYLlju9KGPHP3+hObjyzREOLcoDDHIZCxcjaWx/vllwg/K0Y0rrJp6tqenkYnVnLtR6eGOfbmxBIuIOwbxgIdnjt9e2k1XYl759fBOJ9kDqAyHkwrjps6qs/8q; Expires=Fri, 29 Mar 2019 08:09:28 GMT; Path=/
Server
Apache-Coyote/1.1
Cache-control
no-store, no-cache
Content-Encoding
gzip
Vary
Accept-Encoding
Cookie set 1
cdn.ggthemig.com/script/ 		426 B
828 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.ggthemig.com/script/1
Requested by
Host: ggthemig.com
URL: http://ggthemig.com/rnd/warez?pkyb=vRzSVjHyBCNmBt2VWJqFDglkaxgI8XrKQxk5fskAQZY%3D
Protocol
HTTP/1.1
Server
89.255.250.69 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
a4392d45d719d5b19bd258bc76c266541da55f8524d499d06674e30e1b9e555d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cdn.ggthemig.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://ggthemig.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ggthemig.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Mar 2019 08:09:29 GMT
Content-Encoding
gzip
CDN-Cache-Hit
1
Server
leasewebcdn/5.4.2
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=ISO-8859-1
CDN-Cache
HIT
Cache-control
max-age=3600 Public
CDN-Node
DIRECT, FRA1-EDGE03014
Set-Cookie
AWSALB=ojil1g3lxfsjJeihT5r1IwR84z3+Kg6dYOkBf2lhjm6/BCAWCSC9lJaz3P559dxmp/GqwqoQYr9VHjsJQMr5JhTZrzTcLY2IYIavDek8+dvcxFL1K0ewTeB6F2sw; Expires=Fri, 29 Mar 2019 08:07:33 GMT; Path=/
Expires
Fri, 22 Mar 2019 09:09:29 GMT
index.php
llilil.com/tracker/redads/
Redirect Chain
  • http://paramonos-oha.com/vgyadfyasydg_defa_adsmulms?adTagId=ee795150-730c-11e8-800a-0ae8b840b174&cpm=0.05&fallbackUrl=http%3A%2F%2Farre.work%2Fclick%2F1%2F950fe227-9cc3-410f-8081-2cc50422cd25
  • https://llilil.com/clikc.php?key=qiqdms3bxvhea2fppzys&cid=dvd1427ca14c7911e99e2712618bcac89a2a91ab604c3811e99e2712618bcac89a036992d8fba402e8c0&target=alpha-mig-hIgH47Om&campaign_id=1169252&geo=DE&k...
  • https://llilil.com/click.php?key=qiqdms3bxvhea2fppzys&cid=dvd1427ca14c7911e99e2712618bcac89a2a91ab604c3811e99e2712618bcac89a036992d8fba402e8c0&target=alpha-mig-hIgH47Om&campaign_id=1169252&geo=DE&k...
  • http://llilil.com/tracker/redads/index.php?device_name=Desktop&lpkey=150f539224a6214499&campaign=18&domain=llilil.com&t1=1&t2=1&clickid=8f8b2xsfva6vr1f7&dhre=100&fn=tdgTiKPidmr5d45HkpleerM&po=0&com...
  • https://llilil.com/tracker/redads/index.php?device_name=Desktop&lpkey=150f539224a6214499&campaign=18&domain=llilil.com&t1=1&t2=1&clickid=8f8b2xsfva6vr1f7&dhre=100&fn=tdgTiKPidmr5d45HkpleerM&po=0&co...
28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://llilil.com/tracker/redads/index.php?device_name=Desktop&lpkey=150f539224a6214499&campaign=18&domain=llilil.com&t1=1&t2=1&clickid=8f8b2xsfva6vr1f7&dhre=100&fn=tdgTiKPidmr5d45HkpleerM&po=0&comp=god&uclick=xsfva6vr
Requested by
Host: ggthemig.com
URL: http://ggthemig.com/rnd/warez?pkyb=vRzSVjHyBCNmBt2VWJqFDglkaxgI8XrKQxk5fskAQZY%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
62.141.35.233 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
ve922.venus.dedi.server-hosting.expert
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ggthemig.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2019 08:09:29 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2019 08:09:29GMT
server
nginx/1.14.2
strict-transport-security
max-age=31536000
content-type
text/html; charset=UTF-8
status
200
cache-control
no-cache, must-revalidate
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://llilil.com/tracker/redads/index.php?device_name=Desktop&lpkey=150f539224a6214499&campaign=18&domain=llilil.com&t1=1&t2=1&clickid=8f8b2xsfva6vr1f7&dhre=100&fn=tdgTiKPidmr5d45HkpleerM&po=0&comp=god&uclick=xsfva6vr
Non-Authoritative-Reason
HSTS
Primary Request Cookie set NKBEURDE
lp.interwetten.com/
Redirect Chain
  • http://paramonos-oha.com/vgyadfyasydg_adsermadrems?adTagId=ee795150-730c-11e8-800a-0ae8b840b174&cpm=0.000002&fallbackUrl=http%3A%2F%2Farre.work%2Fclick%2F1%2F950fe227-9cc3-410f-8081-2cc50422cd25
  • https://go2linkfast.com/i/11411?var1=november-vow-7ApPx0Qn
  • https://lp.interwetten.com/NKBEURDE?bn=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.interwetten.com/NKBEURDE?bn=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar
Requested by
Host: cdn.ggthemig.com
URL: http://cdn.ggthemig.com/script/1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.127.139.104 , Austria, ASN43916 (INTERWETTEN-AT-AS, AT),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
504247238b1c8cf55a2f84b3712df0006e57193e796767399edf610bbc344a21

Request headers

Host
lp.interwetten.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://ggthemig.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://ggthemig.com/

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Server
Microsoft-IIS/10.0
Set-Cookie
ASP.NET_SessionId=zjxytoylgxjgmp4t2epihc5v; path=/; HttpOnly __IW_OPERT_BANNER=OPBANNERNAME=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar; domain=interwetten.com; expires=Sun, 21-Apr-2019 07:09:30 GMT; path=/
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Fri, 22 Mar 2019 08:09:30 GMT
Content-Length
1477

Redirect headers

Server
nginx
Date
Fri, 22 Mar 2019 08:09:30 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
Set-Cookie
TRK_TRG=eJxjYGBgEmEXZMosEOQztDDVMzQx1TMz0zMyMRJkTk%2FNF2RycRXkLkpNz8zPi0%2FOT0llEORMziyphLKZM4sLBDk98otLDANySosF%2BfJSS%2BKLC1JTU8AK2JgFOTKL4wuK8isq2RgBPFYcpA%3D%3D; expires=Sat, 23-Mar-2019 08:09:30 GMT; Max-Age=86400; path=/ TRK_TRU2=eJxjYGBgEuEQZC5NNBVUSEozsTBLM05MSjRJNjE2MjM2SkpJTTFIs7RMNE9KMTESZE0qSsxL4RVkzc1PSc3hFeRKKsovL04tis9MYWMU5IfxylKLijPz83gcAg4wgIAga34xSAm7IBeQAZdVceqP0fh6WJA7JbUsMzk1vqSyIJWNEQAVJioV; expires=Sat, 23-Mar-2019 08:09:30 GMT; Max-Age=86400; path=/ trk_cpa_pixel=d19e8420-4c79-11e9-be1b-91dba319b4cb; expires=Tue, 21-May-2019 08:09:30 GMT; Max-Age=5184000; path=/
Location
https://lp.interwetten.com/NKBEURDE?bn=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar
Content-Encoding
gzip
Vary
Accept-Encoding
BG_EUR_DE.jpg
lp.interwetten.com/Content/Images/NKB/Desktop/ 		278 KB
278 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.interwetten.com/Content/Images/NKB/Desktop/BG_EUR_DE.jpg
Requested by
Host: lp.interwetten.com
URL: https://lp.interwetten.com/NKBEURDE?bn=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.127.139.104 , Austria, ASN43916 (INTERWETTEN-AT-AS, AT),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
752a69da0bfcf39850fd6c33a6ff740a33d5352990c12830edab85ec00890c1b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
lp.interwetten.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://lp.interwetten.com/NKBEURDE?bn=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar
Cookie
ASP.NET_SessionId=zjxytoylgxjgmp4t2epihc5v; __IW_OPERT_BANNER=OPBANNERNAME=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lp.interwetten.com/NKBEURDE?bn=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Mar 2019 08:09:30 GMT
Last-Modified
Thu, 07 Feb 2019 10:33:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"07ee888d0bed41:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
284681
Footer_DE.jpg
lp.interwetten.com/Content/Images/NKB/Desktop/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.interwetten.com/Content/Images/NKB/Desktop/Footer_DE.jpg
Requested by
Host: lp.interwetten.com
URL: https://lp.interwetten.com/NKBEURDE?bn=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.127.139.104 , Austria, ASN43916 (INTERWETTEN-AT-AS, AT),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9b6f0ceceb1837683fba3750c7f85c44d47853719a37fd451245b7217a00acca

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
lp.interwetten.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://lp.interwetten.com/NKBEURDE?bn=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar
Cookie
ASP.NET_SessionId=zjxytoylgxjgmp4t2epihc5v; __IW_OPERT_BANNER=OPBANNERNAME=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar
Connection
keep-alive
Cache-Control
no-cache
Referer
https://lp.interwetten.com/NKBEURDE?bn=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Mar 2019 08:09:29 GMT
Last-Modified
Thu, 07 Feb 2019 10:33:16 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"07ee888d0bed41:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
35388

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ggthemig.com
URL
http://ggthemig.com/rnd/warez?pkyb=vRzSVjHyBCNmBt2VWJqFDglkaxgI8XrKQxk5fskAQZY%3D&

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

2 Cookies

Domain/Path Name / Value
.interwetten.com/ Name: __IW_OPERT_BANNER
Value: OPBANNERNAME=PopUnder-SB-Text-Default-DE-text-6807-popAds-sportradar
lp.interwetten.com/ Name: ASP.NET_SessionId
Value: zjxytoylgxjgmp4t2epihc5v