yax100.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://yax100.com/adframe/eyJpZCI6MywicHVibGlzaGVyX2lkIjoyLCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?utm_content=1283045...
Submission: On March 10 via manual (March 10th 2024, 9:18:27 am UTC) from DE — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 10 domains to perform 14 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is yax100.com. The Cisco Umbrella rank of the primary domain is 144095.
TLS certificate: Issued by E1 on February 1st 2024. Valid for: 3 months.

This is the only time yax100.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a02:cb40:200... 2a02:cb40:200::242	20546 (SOPRADO-ANY) (SOPRADO-ANY)
1	142.132.247.201 142.132.247.201	24940 (HETZNER-AS) (HETZNER-AS)
1	176.9.183.55 176.9.183.55	24940 (HETZNER-AS) (HETZNER-AS)
2	216.239.32.21 216.239.32.21	15169 (GOOGLE) (GOOGLE)
3	3.75.56.58 3.75.56.58	16509 (AMAZON-02) (AMAZON-02)
1 3	3.77.50.185 3.77.50.185	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.53.204 18.156.53.204	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:20:... 2606:4700:20::681a:cd7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.102.211.201 34.102.211.201	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.102.166.105 34.102.166.105	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6811:b447	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	9

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

yax100.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:cb40:200::242 (Germany) 1 redirects

ASN20546 (SOPRADO-ANY, DE)

t.adcell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.132.247.201 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.201.247.132.142.clients.your-server.de

nextleveldefend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.183.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.183.9.176.clients.your-server.de

feedtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net

ctl.feedtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.56.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com

visifeed.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.77.50.185 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-50-185.eu-central-1.compute.amazonaws.com

yieponia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.53.204 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-53-204.eu-central-1.compute.amazonaws.com

yaketar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:cd7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.linksprf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.211.201 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.211.102.34.bc.googleusercontent.com

track.effiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.166.105 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 105.166.102.34.bc.googleusercontent.com

partner.atu.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b447 (United States)

ASN13335 (CLOUDFLARENET, US)

www.atu.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	yieponia.com 1 redirects yieponia.com — Cisco Umbrella Rank: 140662	35 KB
3	visifeed.org visifeed.org — Cisco Umbrella Rank: 132628	2 KB
3	feedtrk.com feedtrk.com — Cisco Umbrella Rank: 134016 ctl.feedtrk.com — Cisco Umbrella Rank: 140176	182 KB
2	atu.de 1 redirects partner.atu.de www.atu.de — Cisco Umbrella Rank: 576285	1 KB
2	linksprf.com 1 redirects r.linksprf.com — Cisco Umbrella Rank: 115322	1 KB
2	yaketar.com 1 redirects yaketar.com — Cisco Umbrella Rank: 631653	2 KB
2	yax100.com yax100.com — Cisco Umbrella Rank: 144095	40 KB
1	effiliation.com 1 redirects track.effiliation.com — Cisco Umbrella Rank: 259693	466 B
1	nextleveldefend.com nextleveldefend.com — Cisco Umbrella Rank: 343361	673 B
1	adcell.com 1 redirects t.adcell.com — Cisco Umbrella Rank: 61242	452 B
14	10

	Domain	Requested by
3	yieponia.com	1 redirects visifeed.org yieponia.com
3	visifeed.org	feedtrk.com visifeed.org
2	r.linksprf.com	1 redirects yaketar.com
2	yaketar.com	1 redirects yieponia.com
2	ctl.feedtrk.com	feedtrk.com ctl.feedtrk.com
2	yax100.com	yax100.com
1	www.atu.de	r.linksprf.com
1	partner.atu.de	1 redirects
1	track.effiliation.com	1 redirects
1	feedtrk.com	yax100.com
1	nextleveldefend.com	yax100.com
1	t.adcell.com	1 redirects
14	12

This site contains no links.

Subject Issuer	Validity	Valid
yax100.com E1	`2024-02-01` - `2024-05-01`	3 months	crt.sh
*.nextleveldefend.com R3	`2024-02-04` - `2024-05-04`	3 months	crt.sh
feedtrk.com R3	`2024-01-20` - `2024-04-19`	3 months	crt.sh
ctl.feedtrk.com GTS CA 1D4	`2024-02-10` - `2024-05-10`	3 months	crt.sh
visifeed.org R3	`2024-03-09` - `2024-06-07`	3 months	crt.sh
yieponia.com R3	`2024-01-26` - `2024-04-25`	3 months	crt.sh
yaketar.com Amazon RSA 2048 M01	`2023-09-05` - `2024-10-04`	a year	crt.sh
linksprf.com GTS CA 1P5	`2024-03-01` - `2024-05-30`	3 months	crt.sh
atu.de Cloudflare Inc ECC CA-3	`2023-11-10` - `2024-11-08`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://yax100.com/adframe/eyJpZCI6MywicHVibGlzaGVyX2lkIjoyLCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?utm_content=1283045&utm_term=&sid=bsw_triplelift&ecid=&aid=19020348-11c6-44ca-b4ba-5fb825b6bd25&reg=&dev=&tt=network
Frame ID: 2EE6D293CD4E454D2A00B50DB3467E73
Requests: 2 HTTP requests in this frame

Frame: https://nextleveldefend.com/impression?CID=71__nxt__BID=0__nxt__SRC=725__nxt__SUB=SUBID__nxt__CLK=CLICKID&utm_medium=affiliate&utm_source=adcell&utm_campaign=257824&bid=355517-105746-&adcref=yax100.com%2F
Frame ID: F04153CC73B4A57254D34A74EB3B5E48
Requests: 1 HTTP requests in this frame

Frame: https://feedtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjEsImNyZWF0aXZlX2lkIjozMSwicHVibGlzaGVyX2lkIjoyLCJ6b25lX2lkIjozLCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiY3RsLmZlZWR0cmsuY29tIiwiZnJhbWVfY2FtcGFpZ25pZCI6ImQxYzFhMGQ4LTUwMTMtNDRhNS1iYmJmLTA5MDEwODNlMDcxYiIsImZyYW1lX3RhcmdldCI6IiU0MEoiLCJmcmFtZV90YXJnZXRfaWQiOjMsImZyYW1lX2FkZGNvdW50cnkiOjAsImNvdW50cnkiOiJERSIsInRzIjoxNzEwMDYyMzAzfQ%3D%3D
Frame ID: DC3BC8336812C383B479FF3162A1B7D0
Requests: 3 HTTP requests in this frame

Frame: https://visifeed.org/i?n=1&t=93&ts=e_d1c1a0d8-5013-44a5-bbbf-0901083e071b&l=k%7B&phash=65b57a5893265d014bd65f80fe1b2e82f40b47c49642ce42ebcd62c8f2551439&ci=yC_t6Tx%3F&its=9F%5Bt%2ALr5d4bA%7BQD%3BvnPWbT%5B&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Frame ID: 89DA1C7E55E33B0B835CDDC851E0FCC0
Requests: 2 HTTP requests in this frame

Frame: https://www.atu.de/?cod=AFFEFF09193DE&aid={48}%7C{1395055146}&eff_cpt=22923285&eff_sub1=v0304000143917d20e9a940d840c285738c012299f656
Frame ID: 2E2778170CB4C27D86AD4B6CDFA7BDF2
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

14
Requests

100 %
HTTPS

33 %
IPv6

10
Domains

12
Subdomains

9
IPs

2
Countries

262 kB
Transfer

537 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://t.adcell.com/p/view?promoId=355517&slotId=105746&pv=1&htlp=1 HTTP 302
https://nextleveldefend.com/impression?CID=71__nxt__BID=0__nxt__SRC=725__nxt__SUB=SUBID__nxt__CLK=CLICKID&utm_medium=affiliate&utm_source=adcell&utm_campaign=257824&bid=355517-105746-&adcref=yax100.com%2F

Request Chain 10

https://yieponia.com/redirect?publisherId=5gg8kvwqdn34zxyn&market=de&placementId=65b57a5893265d014bd65f80fe1b2e82f40b47c49642ce42ebcd62c8f2551400&placementId2=d1c1a0d8-5013-44a5-bbbf-0901083e071b&fp=W3sia2V5IjoidXNlcl9hZ2VudCIsInZhbHVlIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMi4wLjYyNjEuMTExIFNhZmFyaS81MzcuMzYifSx7ImtleSI6Imxhbmd1YWdlIiwidmFsdWUiOiJlbi1VUyJ9LHsia2V5IjoibmF2aWdhdG9yX3BsYXRmb3JtIiwidmFsdWUiOiJXaW4zMiJ9LHsia2V5IjoicmVndWxhcl9wbHVnaW5zIiwidmFsdWUiOlsiQ2hyb21lIFBERiBQbHVnaW46OlBvcnRhYmxlIERvY3VtZW50IEZvcm1hdDo6YXBwbGljYXRpb24veC1nb29nbGUtY2hyb21lLXBkZn5wZGYiLCJDaHJvbWUgUERGIFZpZXdlcjo6OjphcHBsaWNhdGlvbi9wZGZ%2BcGRmIiwiTmF0aXZlIENsaWVudDo6OjphcHBsaWNhdGlvbi94LW5hY2x%2BLGFwcGxpY2F0aW9uL3gtcG5hY2x%2BIl19LHsia2V5IjoianNfZm9udHMiLCJ2YWx1ZSI6W119LHsia2V5IjoiYXBwX2NvZGVfbmFtZSIsInZhbHVlIjoiTW96aWxsYSJ9LHsia2V5IjoiYnVpbGRfaWQiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoicHJvZHVjdCIsInZhbHVlIjoiR2Vja28ifSx7ImtleSI6InZlbmRvciIsInZhbHVlIjoiR29vZ2xlIEluYy4ifSx7ImtleSI6InZlbmRvcl9zdWIiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoiYXBwX3ZlcnNpb24iLCJ2YWx1ZSI6IjUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIyLjAuNjI2MS4xMTEgU2FmYXJpLzUzNy4zNiJ9XQ%3D%3D HTTP 302
https://yaketar.com/y?t=atu.de&cid=60620944d305f6cf342ef9c3edf37de763eab3d5e5ad547164a7514588b60b01&identifier=e459f741d0231390 HTTP 302
https://yaketar.com/search/atu.de

Request Chain 11

https://r.linksprf.com/v1/redirect?url=https://atu.de&api_key=bfbba305ac09de6ffebd06af78a8e794&site_id=4d297fa368bf43fd929d8514ce823be2&type=url&source=https://yaketar.com/de/search/atu.de&yk_tag=60620944d305f6cf342ef9c3edf37de763eab3d5e5ad547164a7514588b60b01 HTTP 302
https://r.linksprf.com/v2/go?t=6t6p9%3A2%2F1rcc3.5f2i0i8t0o9.9o0%2Fde1v3e1%2F0f4i3cvidk_if_eo5p2e2r22%3D9u3t8m%26cfdi%3Fic%3Dl0.0f0e0t4l9r7s2mecan4ida4lcf8e7k8a0t2%2F9sft5h&e=1&ai=27f77f5ced1d49daac2ee3dc8e6d06f0&sct=0&ct=1710062305151&cu=7d20e9a940d840c285738c012299f656&cs=0c294abf1b6dfcdbe86dea947829c225

Request Chain 12

https://track.effiliation.com/servlet/effi.click?id_compteur=22923285&effi_id=v0304000143917d20e9a940d840c285738c012299f656 HTTP 302
https://partner.atu.de/servlet/effi.click?id_compteur=22923285&effi_id=v0304000143917d20e9a940d840c285738c012299f656 HTTP 302
https://www.atu.de/?cod=AFFEFF09193DE&aid={48}%7C{1395055146}&eff_cpt=22923285&eff_sub1=v0304000143917d20e9a940d840c285738c012299f656

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request eyJpZCI6MywicHVibGlzaGVyX2lkIjoyLCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0= Show response
yax100.com/adframe/ 2 KB
1 KB 207ms
110ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yax100.com/adframe/eyJpZCI6MywicHVibGlzaGVyX2lkIjoyLCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?utm_content=1283045&utm_term=&sid=bsw_triplelift&ecid=&aid=19020348-11c6-44ca-b4ba-5fb825b6bd25&reg=&dev=&tt=network
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79af31442fc939a132569a8b2447b122dab3a4c25ad61f93101a8e1cd84ceb50

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8622379619ec1c32-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 10 Mar 2024 09:18:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMtoS3Fmm9KnqGXIb4mqOT%2By64vuZcXwiKQceMDmaOnj2TFeptJ9m9AJviKf%2BB3PnznClKOZOAusHj%2BqStJj9ZdTeKvstWY%2BuUwCRhjlwN%2Fm6j8CSdofxYpAIbrdMa7wf8VqkabmQzci"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 zNkwMxPM9fTbbe9SFGY9kg8YtheO0PyU2Bc60NC6.jpg
yax100.com/storage/ 38 KB
38 KB 53ms
53ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yax100.com/storage/zNkwMxPM9fTbbe9SFGY9kg8YtheO0PyU2Bc60NC6.jpg
Requested by: Host: yax100.com
URL: https://yax100.com/adframe/eyJpZCI6MywicHVibGlzaGVyX2lkIjoyLCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?utm_content=1283045&utm_term=&sid=bsw_triplelift&ecid=&aid=19020348-11c6-44ca-b4ba-5fb825b6bd25&reg=&dev=&tt=network
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9ebab2d0ddc0faf32ad7d081d46b3f98283b51a9821732f2a51eee80f921837

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yax100.com/adframe/eyJpZCI6MywicHVibGlzaGVyX2lkIjoyLCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?utm_content=1283045&utm_term=&sid=bsw_triplelift&ecid=&aid=19020348-11c6-44ca-b4ba-5fb825b6bd25&reg=&dev=&tt=network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 09:18:23 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 16 Feb 2024 12:16:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65cf523b-9862"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8sKesOYTkkk%2BveSWMiFfAhf5Anyf9mB6n1ZmWBT7quh6vio4ALFyu5O4GUaEyeyUy%2BDMGQP%2FZJ9a1%2FFBqI5VpQCQTzhrnFLLX1CycqC2d9vRc1yQIholMvcikIlARjgCAEQaYpe68De"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 86223796cae41c32-FRA
alt-svc: h3=":443"; ma=86400
content-length: 39010

GET
H2

200

impression Show response
nextleveldefend.com/ Frame F041
Redirect Chain

https://t.adcell.com/p/view?promoId=355517&slotId=105746&pv=1&htlp=1
https://nextleveldefend.com/impression?CID=71__nxt__BID=0__nxt__SRC=725__nxt__SUB=SUBID__nxt__CLK=CLICKID&utm_medium=affiliate&utm_source=adcell&utm_campaign=257824&bid=355517-105746-&adcref=yax100...

0
673 B

160ms
71ms

Document
text/html

142.132.247.201
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nextleveldefend.com/impression?CID=71__nxt__BID=0__nxt__SRC=725__nxt__SUB=SUBID__nxt__CLK=CLICKID&utm_medium=affiliate&utm_source=adcell&utm_campaign=257824&bid=355517-105746-&adcref=yax100.com%2F
Requested by: Host: yax100.com
URL: https://yax100.com/adframe/eyJpZCI6MywicHVibGlzaGVyX2lkIjoyLCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?utm_content=1283045&utm_term=&sid=bsw_triplelift&ecid=&aid=19020348-11c6-44ca-b4ba-5fb825b6bd25&reg=&dev=&tt=network
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.247.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.201.247.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://yax100.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 10 Mar 2024 09:18:24 GMT
server: nginx/1.18.0 (Ubuntu)

Redirect headers

cache-control: max-age=0
content-length: 0
content-type: text/html
date: Sun, 10 Mar 2024 09:18:23 GMT
expires: Sun, 10 Mar 2024 09:18:23 GMT
location: https://nextleveldefend.com/impression?CID=71__nxt__BID=0__nxt__SRC=725__nxt__SUB=SUBID__nxt__CLK=CLICKID&utm_medium=affiliate&utm_source=adcell&utm_campaign=257824&bid=355517-105746-&adcref=yax100.com%2F
server: myracloud
strict-transport-security: max-age=15768000

GET
H/1.1 200
OK eyJjYW1wYWlnbl9pZCI6MjEsImNyZWF0aXZlX2lkIjozMSwicHVibGlzaGVyX2lkIjoyLCJ6b25lX2lkIjozLCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiY3RsLmZlZWR0cmsuY29tIiwiZnJhbWVfY2FtcGFpZ25pZCI6ImQxYzFhM... Show response
feedtrk.com/track/ Frame DC3B 1 KB
2 KB 134ms
46ms Document
text/html 176.9.183.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://feedtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjEsImNyZWF0aXZlX2lkIjozMSwicHVibGlzaGVyX2lkIjoyLCJ6b25lX2lkIjozLCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiY3RsLmZlZWR0cmsuY29tIiwiZnJhbWVfY2FtcGFpZ25pZCI6ImQxYzFhMGQ4LTUwMTMtNDRhNS1iYmJmLTA5MDEwODNlMDcxYiIsImZyYW1lX3RhcmdldCI6IiU0MEoiLCJmcmFtZV90YXJnZXRfaWQiOjMsImZyYW1lX2FkZGNvdW50cnkiOjAsImNvdW50cnkiOiJERSIsInRzIjoxNzEwMDYyMzAzfQ%3D%3D
Requested by: Host: yax100.com
URL: https://yax100.com/adframe/eyJpZCI6MywicHVibGlzaGVyX2lkIjoyLCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?utm_content=1283045&utm_term=&sid=bsw_triplelift&ecid=&aid=19020348-11c6-44ca-b4ba-5fb825b6bd25&reg=&dev=&tt=network
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 176.9.183.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.183.9.176.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4bef002e7bdee4bfd87c81cefb5ddb11275e38e66cb879a669dfea285ac88f79

Request headers

Referer: https://yax100.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 10 Mar 2024 09:18:23 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 200 track Show response
ctl.feedtrk.com/ Frame DC3B 189 KB
76 KB 199ms
98ms Script
application/javascript 216.239.32.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctl.feedtrk.com/track?id=

Requested by

Host: feedtrk.com
URL: https://feedtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjEsImNyZWF0aXZlX2lkIjozMSwicHVibGlzaGVyX2lkIjoyLCJ6b25lX2lkIjozLCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiY3RsLmZlZWR0cmsuY29tIiwiZnJhbWVfY2FtcGFpZ25pZCI6ImQxYzFhMGQ4LTUwMTMtNDRhNS1iYmJmLTA5MDEwODNlMDcxYiIsImZyYW1lX3RhcmdldCI6IiU0MEoiLCJmcmFtZV90YXJnZXRfaWQiOjMsImZyYW1lX2FkZGNvdW50cnkiOjAsImNvdW50cnkiOiJERSIsInRzIjoxNzEwMDYyMzAzfQ%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.21 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2015.1e100.net

Software

Google Tag Manager /

Resource Hash

1f4b06dfcdf76b8ca05fd613b566ce6bac7232247a8024d9927d79a749f0a362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feedtrk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 09:18:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: Google Tag Manager
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
x-xss-protection: 0

GET
H/1.1 200
OK d Show response
visifeed.org/ Frame 89DA 402 B
735 B 151ms
61ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/d?t=%40J&ts=e_d1c1a0d8-5013-44a5-bbbf-0901083e071b
Requested by: Host: feedtrk.com
URL: https://feedtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjEsImNyZWF0aXZlX2lkIjozMSwicHVibGlzaGVyX2lkIjoyLCJ6b25lX2lkIjozLCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiY3RsLmZlZWR0cmsuY29tIiwiZnJhbWVfY2FtcGFpZ25pZCI6ImQxYzFhMGQ4LTUwMTMtNDRhNS1iYmJmLTA5MDEwODNlMDcxYiIsImZyYW1lX3RhcmdldCI6IiU0MEoiLCJmcmFtZV90YXJnZXRfaWQiOjMsImZyYW1lX2FkZGNvdW50cnkiOjAsImNvdW50cnkiOiJERSIsInRzIjoxNzEwMDYyMzAzfQ%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: b08473868a75e37981a9d70d883ec5e2a687fb97faf5ea9a7ee67e3ad701d6c1

Request headers

Referer: https://feedtrk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 10 Mar 2024 09:18:24 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H/1.1 200
OK i Show response
visifeed.org/ Frame 89DA 407 B
733 B 50ms
50ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/i?n=1&t=93&ts=e_d1c1a0d8-5013-44a5-bbbf-0901083e071b&l=k%7B&phash=65b57a5893265d014bd65f80fe1b2e82f40b47c49642ce42ebcd62c8f2551439&ci=yC_t6Tx%3F&its=9F%5Bt%2ALr5d4bA%7BQD%3BvnPWbT%5B&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by: Host: visifeed.org
URL: https://visifeed.org/d?t=%40J&ts=e_d1c1a0d8-5013-44a5-bbbf-0901083e071b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: c6395571ed9192d8339701fb77506c533a6d8b7937fb0516cd901f1618860cb0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 10 Mar 2024 09:18:24 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H/1.1 200
OK d Show response
visifeed.org/ Frame 2E27 343 B
671 B 71ms
71ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/d?t=93&ts=e_d1c1a0d8-5013-44a5-bbbf-0901083e071b&l=k%7B&phash=65b57a5893265d014bd65f80fe1b2e82f40b47c49642ce42ebcd62c8f2551400&ci=yC_t6Tx%3F&its=9F%5Bt%2ALr5d4bA%7BQD%3BvnPWbT%5B&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by: Host: visifeed.org
URL: https://visifeed.org/i?n=1&t=93&ts=e_d1c1a0d8-5013-44a5-bbbf-0901083e071b&l=k%7B&phash=65b57a5893265d014bd65f80fe1b2e82f40b47c49642ce42ebcd62c8f2551439&ci=yC_t6Tx%3F&its=9F%5Bt%2ALr5d4bA%7BQD%3BvnPWbT%5B&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: c3b5bdb56b74615ae8e10df69506527f84549ae9bb5415ed2853e679f9395187

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 10 Mar 2024 09:18:24 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H/1.1 200
OK redirect Show response
yieponia.com/ Frame 2E27 2 KB
1 KB 155ms
69ms Document
text/html 3.77.50.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yieponia.com/redirect?publisherId=5gg8kvwqdn34zxyn&market=de&placementId=65b57a5893265d014bd65f80fe1b2e82f40b47c49642ce42ebcd62c8f2551400&placementId2=d1c1a0d8-5013-44a5-bbbf-0901083e071b
Requested by: Host: visifeed.org
URL: https://visifeed.org/d?t=93&ts=e_d1c1a0d8-5013-44a5-bbbf-0901083e071b&l=k%7B&phash=65b57a5893265d014bd65f80fe1b2e82f40b47c49642ce42ebcd62c8f2551400&ci=yC_t6Tx%3F&its=9F%5Bt%2ALr5d4bA%7BQD%3BvnPWbT%5B&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.77.50.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-77-50-185.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/8.2.16
Resource Hash: 40e4ae3bf44d54bb09e67ffcd4bb890a67dae0cb914d0c47d59a6dfdc2043d63

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 10 Mar 2024 09:18:24 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/8.2.16

GET
H2 200 js Show response
ctl.feedtrk.com/gtag/ Frame DC3B 268 KB
104 KB 92ms
91ms Script
application/javascript 216.239.32.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ctl.feedtrk.com/gtag/js?id=G-B6LHGYT55G&l=dataLayer&cx=c
Requested by: Host: ctl.feedtrk.com
URL: https://ctl.feedtrk.com/track?id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2015.1e100.net
Software: /
Resource Hash: b68fb0776a422ea0ef4fb0e9a4e772e7ca5ab67a97f00b1b30ec8128d94f2623

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://feedtrk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-type: application/javascript; charset=UTF-8
date: Sun, 10 Mar 2024 09:18:24 GMT
cache-control: private, max-age=900
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
expires: Sun, 10 Mar 2024 09:32:36 GMT

GET
H/1.1 200
OK fp.min.js Show response
yieponia.com/js/ Frame 2E27 34 KB
34 KB 249ms
249ms Script
application/javascript 3.77.50.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yieponia.com/js/fp.min.js
Requested by: Host: yieponia.com
URL: https://yieponia.com/redirect?publisherId=5gg8kvwqdn34zxyn&market=de&placementId=65b57a5893265d014bd65f80fe1b2e82f40b47c49642ce42ebcd62c8f2551400&placementId2=d1c1a0d8-5013-44a5-bbbf-0901083e071b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.77.50.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-77-50-185.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yieponia.com/redirect?publisherId=5gg8kvwqdn34zxyn&market=de&placementId=65b57a5893265d014bd65f80fe1b2e82f40b47c49642ce42ebcd62c8f2551400&placementId2=d1c1a0d8-5013-44a5-bbbf-0901083e071b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sun, 10 Mar 2024 09:18:24 GMT
Last-Modified: Tue, 27 Feb 2024 11:09:21 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Etag: W/"65ddc2e1-864c"
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2

200

atu.de Show response
yaketar.com/search/ Frame 2E27
Redirect Chain

https://yieponia.com/redirect?publisherId=5gg8kvwqdn34zxyn&market=de&placementId=65b57a5893265d014bd65f80fe1b2e82f40b47c49642ce42ebcd62c8f2551400&placementId2=d1c1a0d8-5013-44a5-bbbf-0901083e071b&f...
https://yaketar.com/y?t=atu.de&cid=60620944d305f6cf342ef9c3edf37de763eab3d5e5ad547164a7514588b60b01&identifier=e459f741d0231390
https://yaketar.com/search/atu.de

518 B
1 KB

52ms
52ms

Document
text/html

18.156.53.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yaketar.com/search/atu.de
Requested by: Host: yieponia.com
URL: https://yieponia.com/redirect?publisherId=5gg8kvwqdn34zxyn&market=de&placementId=65b57a5893265d014bd65f80fe1b2e82f40b47c49642ce42ebcd62c8f2551400&placementId2=d1c1a0d8-5013-44a5-bbbf-0901083e071b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.53.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-53-204.eu-central-1.compute.amazonaws.com
Software: nginx / PHP/7.1.33
Resource Hash: 64a0ff681a248ab2fa8ee7e03e3aae2e465879b7ba0382415aecb90e0b30759f

Request headers

Referer: https://yieponia.com/redirect?publisherId=5gg8kvwqdn34zxyn&market=de&placementId=65b57a5893265d014bd65f80fe1b2e82f40b47c49642ce42ebcd62c8f2551400&placementId2=d1c1a0d8-5013-44a5-bbbf-0901083e071b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Sun, 10 Mar 2024 09:18:24 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
referrer-policy: no-referrer
server: nginx
x-powered-by: PHP/7.1.33

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Sun, 10 Mar 2024 09:18:24 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://yaketar.com/search/atu.de
pragma: no-cache
referrer-policy: no-referrer
server: nginx
x-powered-by: PHP/7.1.33

GET
H2

200

go Show response
r.linksprf.com/v2/ Frame 2E27
Redirect Chain

https://r.linksprf.com/v1/redirect?url=https://atu.de&api_key=bfbba305ac09de6ffebd06af78a8e794&site_id=4d297fa368bf43fd929d8514ce823be2&type=url&source=https://yaketar.com/de/search/atu.de&yk_tag=6...
https://r.linksprf.com/v2/go?t=6t6p9%3A2%2F1rcc3.5f2i0i8t0o9.9o0%2Fde1v3e1%2F0f4i3cvidk_if_eo5p2e2r22%3D9u3t8m%26cfdi%3Fic%3Dl0.0f0e0t4l9r7s2mecan4ida4lcf8e7k8a0t2%2F9sft5h&e=1&ai=27f77f5ced1d49daa...

1 KB
818 B

76ms
75ms

Document
text/html

2606:4700:20::681a:cd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.linksprf.com/v2/go?t=6t6p9%3A2%2F1rcc3.5f2i0i8t0o9.9o0%2Fde1v3e1%2F0f4i3cvidk_if_eo5p2e2r22%3D9u3t8m%26cfdi%3Fic%3Dl0.0f0e0t4l9r7s2mecan4ida4lcf8e7k8a0t2%2F9sft5h&e=1&ai=27f77f5ced1d49daac2ee3dc8e6d06f0&sct=0&ct=1710062305151&cu=7d20e9a940d840c285738c012299f656&cs=0c294abf1b6dfcdbe86dea947829c225
Requested by: Host: yaketar.com
URL: https://yaketar.com/search/atu.de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:cd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e66d577f1fac87a372c3f17794bb16e8bcfcdc3d833721501ed668f1b4a67d2

Request headers

Referer: https://yaketar.com/search/atu.de
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8622379f8d1d9243-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Sun, 10 Mar 2024 09:18:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8%2FBmkFgk%2BNQbSdrsycqZ9Okp0iUaawiOz5744dmVBZBeVKzFVg1DZ4%2BsuujRi0s5Jjt4LlQb%2BB1k2dtOK65jNtc8oTvH%2BsDPUZA5i3OJzRjvPimfP2tWWhk95gVUx4OglXv%2BHDlmkgac6OW"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 8622379eec6a9243-FRA
content-length: 0
date: Sun, 10 Mar 2024 09:18:25 GMT
location: /v2/go?t=6t6p9%3A2%2F1rcc3.5f2i0i8t0o9.9o0%2Fde1v3e1%2F0f4i3cvidk_if_eo5p2e2r22%3D9u3t8m%26cfdi%3Fic%3Dl0.0f0e0t4l9r7s2mecan4ida4lcf8e7k8a0t2%2F9sft5h&e=1&ai=27f77f5ced1d49daac2ee3dc8e6d06f0&sct=0&ct=1710062305151&cu=7d20e9a940d840c285738c012299f656&cs=0c294abf1b6dfcdbe86dea947829c225
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUWEqaVoW%2BzglZNrWu490AoJ8qztzEskbV%2BguaMYTasNFDtlPbPtQo3opv%2BLqUfJIxprrO8bPwsuIO8fQ3RvUNNp%2BYjrVpPR1N2MrZy01RTikv7BaaTP1VAto%2Fr%2BxJ1TAvRqvjASmoJfts1c"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2

200

/
www.atu.de/ Frame 2E27
Redirect Chain

https://track.effiliation.com/servlet/effi.click?id_compteur=22923285&effi_id=v0304000143917d20e9a940d840c285738c012299f656
https://partner.atu.de/servlet/effi.click?id_compteur=22923285&effi_id=v0304000143917d20e9a940d840c285738c012299f656
https://www.atu.de/?cod=AFFEFF09193DE&aid={48}%7C{1395055146}&eff_cpt=22923285&eff_sub1=v0304000143917d20e9a940d840c285738c012299f656

0
0

300ms
199ms

Document
text/html

2606:4700::6811:b447
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.atu.de/?cod=AFFEFF09193DE&aid={48}%7C{1395055146}&eff_cpt=22923285&eff_sub1=v0304000143917d20e9a940d840c285738c012299f656

Requested by

Host: r.linksprf.com
URL: https://r.linksprf.com/v2/go?t=6t6p9%3A2%2F1rcc3.5f2i0i8t0o9.9o0%2Fde1v3e1%2F0f4i3cvidk_if_eo5p2e2r22%3D9u3t8m%26cfdi%3Fic%3Dl0.0f0e0t4l9r7s2mecan4ida4lcf8e7k8a0t2%2F9sft5h&e=1&ai=27f77f5ced1d49daac2ee3dc8e6d06f0&sct=0&ct=1710062305151&cu=7d20e9a940d840c285738c012299f656&cs=0c294abf1b6dfcdbe86dea947829c225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b447 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Referer: https://r.linksprf.com/v2/go?t=6t6p9%3A2%2F1rcc3.5f2i0i8t0o9.9o0%2Fde1v3e1%2F0f4i3cvidk_if_eo5p2e2r22%3D9u3t8m%26cfdi%3Fic%3Dl0.0f0e0t4l9r7s2mecan4ida4lcf8e7k8a0t2%2F9sft5h&e=1&ai=27f77f5ced1d49daac2ee3dc8e6d06f0&sct=0&ct=1710062305151&cu=7d20e9a940d840c285738c012299f656&cs=0c294abf1b6dfcdbe86dea947829c225
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
cache-control: no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 862237a2abf21915-FRA
content-encoding: gzip
content-type: text/html;charset=UTF-8
csrftoken: D9E9D98D1DB7A0D7FA7F32943CD3739031D72E66DE387C031CD15D80420A82A8
date: Sun, 10 Mar 2024 09:18:25 GMT
expires: Thu, 26 Dec 2000 00:00:00 GMT
last-modified: So., 10 M 2024 09:18:25 GMT
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-datadome: protected
x-frame-options: sameorigin

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-length: 0
content-security-policy: frame-ancestors 'none'; object-src 'none'
date: Sun, 10 Mar 2024 09:18:25 GMT
expire: Wed, 31 Dec 1969 23:59:59 GMT
location: https://www.atu.de?cod=AFFEFF09193DE&aid={48}%7C{1395055146}&eff_cpt=22923285&eff_sub1=v0304000143917d20e9a940d840c285738c012299f656
p3p: CP='ALL DSP COR IND PHY ONL UNI PUR COM NAV INT CNT PRE CUR ADM TAI PSA PSD IVAo IVDo CONo TELo OUR SAMo'
permissions-policy: accelerometer=(), geolocation=(), fullscreen=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=()
pragma: no-store
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
t.adcell.com/	1970-01-20 19:02:28	Name: ADCELLvpid11826 Value: 355517-105746-%23%23%23%23https%3A%2F%2Fyax100.com%2F%40%40%40%401710062303
.nextleveldefend.com/	1970-01-20 19:44:14	Name: nextleveldefend_71 Value: eJxtj01LxDAQhv%2FLgD11JUk7SRvoxS4LZb2tniUf0yXYWumHKKX%2F3diLC3oZeN55552ZFZaJxuBBr%2FBhuoVAQ44ZSssKVhpmrc0ziwWaVmRWSlF6J5G8MsR4UZQMUpgn0FxxxqTIWL5FYeQ3eSvUoBVP4QE0S%2BESQWAKp52e4r4QMy7PsftTm2Ok%2Bhyhfmzqc3NMlrl%2F6cmHpa9M24YumJl2cRqW0VFlvKOu2xVn%2BncTrm%2BVQFWIPLHBVxkicnXgDFUuD0l0j9RWX%2BYzHnzvhv5OnGD75wk3DK%2BBzJVuXvk1%2FBnYvgGq1lzr
yaketar.com/	1970-01-20 19:11:07	Name: AWSALBCORS Value: gh6BzA23ckfDECS8C5DomKW+MdqOOSM4b5UuCQrQC3kizKPmZ8KdhJUWmwD6Awvehsrfyx03D/ny2PZhD7G9s7FtbgNC84hJgZYUto78vhKYGLKS8EDcMMMpP1+k
.linksprf.com/	1970-01-21 03:46:38	Name: ykuid Value: 3be955e338e749e380360fdf4e04fc88
.partner.atu.de/	1970-01-20 19:44:14	Name: flw_clic660025649 Value: "https://url_pb : (https://www.atu.de?cod=AFFEFF09193DE&aid={48}%7C{1395055146}&eff_cpt=22923285&eff_sub1=v0304000143917d20e9a940d840c285738c012299f656) --> java.net.URISyntaxException: Illegal character in query at index 41: https://www.atu.de?cod=AFFEFF09193DE&aid={48}%7C{1395055146}&eff_cpt=22923285&eff_sub1=v0304000143917d20e9a940d840c285738c012299f656"
.partner.atu.de/	1970-01-20 19:44:14	Name: affi660025649 Value: "1395055146"
.partner.atu.de/	1970-01-20 19:44:14	Name: effi660025649 Value: "22923285"
.partner.atu.de/	1970-01-20 19:44:14	Name: date660025649 Value: "10/03/2024 10:18:25"
.partner.atu.de/	1970-01-20 19:44:14	Name: referer660025649 Value: "https://r.linksprf.com/"
.partner.atu.de/	1970-01-20 19:44:14	Name: effi_id660025649 Value: "v0304000143917d20e9a940d840c285738c012299f656"
.partner.atu.de/	1970-01-20 19:44:14	Name: conversion660025649 Value: "22923285,"

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://yax100.com/adframe/eyJpZCI6MywicHVibGlzaGVyX2lkIjoyLCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?utm_content=1283045&utm_term=&sid=bsw_triplelift&ecid=&aid=19020348-11c6-44ca-b4ba-5fb825b6bd25&reg=&dev=&tt=network Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://yax100.com/adframe/eyJpZCI6MywicHVibGlzaGVyX2lkIjoyLCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?utm_content=1283045&utm_term=&sid=bsw_triplelift&ecid=&aid=19020348-11c6-44ca-b4ba-5fb825b6bd25&reg=&dev=&tt=network Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://yax100.com/adframe/eyJpZCI6MywicHVibGlzaGVyX2lkIjoyLCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?utm_content=1283045&utm_term=&sid=bsw_triplelift&ecid=&aid=19020348-11c6-44ca-b4ba-5fb825b6bd25&reg=&dev=&tt=network Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://yax100.com/adframe/eyJpZCI6MywicHVibGlzaGVyX2lkIjoyLCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?utm_content=1283045&utm_term=&sid=bsw_triplelift&ecid=&aid=19020348-11c6-44ca-b4ba-5fb825b6bd25&reg=&dev=&tt=network Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://yax100.com/adframe/eyJpZCI6MywicHVibGlzaGVyX2lkIjoyLCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?utm_content=1283045&utm_term=&sid=bsw_triplelift&ecid=&aid=19020348-11c6-44ca-b4ba-5fb825b6bd25&reg=&dev=&tt=network Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://yax100.com/adframe/eyJpZCI6MywicHVibGlzaGVyX2lkIjoyLCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?utm_content=1283045&utm_term=&sid=bsw_triplelift&ecid=&aid=19020348-11c6-44ca-b4ba-5fb825b6bd25&reg=&dev=&tt=network Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://yax100.com/adframe/eyJpZCI6MywicHVibGlzaGVyX2lkIjoyLCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?utm_content=1283045&utm_term=&sid=bsw_triplelift&ecid=&aid=19020348-11c6-44ca-b4ba-5fb825b6bd25&reg=&dev=&tt=network Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://yax100.com/adframe/eyJpZCI6MywicHVibGlzaGVyX2lkIjoyLCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?utm_content=1283045&utm_term=&sid=bsw_triplelift&ecid=&aid=19020348-11c6-44ca-b4ba-5fb825b6bd25&reg=&dev=&tt=network Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://yax100.com/adframe/eyJpZCI6MywicHVibGlzaGVyX2lkIjoyLCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?utm_content=1283045&utm_term=&sid=bsw_triplelift&ecid=&aid=19020348-11c6-44ca-b4ba-5fb825b6bd25&reg=&dev=&tt=network Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://yax100.com/adframe/eyJpZCI6MywicHVibGlzaGVyX2lkIjoyLCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?utm_content=1283045&utm_term=&sid=bsw_triplelift&ecid=&aid=19020348-11c6-44ca-b4ba-5fb825b6bd25&reg=&dev=&tt=network Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://yax100.com/adframe/eyJpZCI6MywicHVibGlzaGVyX2lkIjoyLCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?utm_content=1283045&utm_term=&sid=bsw_triplelift&ecid=&aid=19020348-11c6-44ca-b4ba-5fb825b6bd25&reg=&dev=&tt=network Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://yax100.com/adframe/eyJpZCI6MywicHVibGlzaGVyX2lkIjoyLCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?utm_content=1283045&utm_term=&sid=bsw_triplelift&ecid=&aid=19020348-11c6-44ca-b4ba-5fb825b6bd25&reg=&dev=&tt=network Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://yax100.com/adframe/eyJpZCI6MywicHVibGlzaGVyX2lkIjoyLCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?utm_content=1283045&utm_term=&sid=bsw_triplelift&ecid=&aid=19020348-11c6-44ca-b4ba-5fb825b6bd25&reg=&dev=&tt=network Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://yax100.com/adframe/eyJpZCI6MywicHVibGlzaGVyX2lkIjoyLCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?utm_content=1283045&utm_term=&sid=bsw_triplelift&ecid=&aid=19020348-11c6-44ca-b4ba-5fb825b6bd25&reg=&dev=&tt=network Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.atu.de/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ctl.feedtrk.com
feedtrk.com
nextleveldefend.com
partner.atu.de
r.linksprf.com
t.adcell.com
track.effiliation.com
visifeed.org
www.atu.de
yaketar.com
yax100.com
yieponia.com
142.132.247.201
176.9.183.55
18.156.53.204
216.239.32.21
2606:4700:20::681a:cd7
2606:4700::6811:b447
2a02:cb40:200::242
2a06:98c1:3120::3
3.75.56.58
3.77.50.185
34.102.166.105
34.102.211.201
1e66d577f1fac87a372c3f17794bb16e8bcfcdc3d833721501ed668f1b4a67d2
1f4b06dfcdf76b8ca05fd613b566ce6bac7232247a8024d9927d79a749f0a362
40e4ae3bf44d54bb09e67ffcd4bb890a67dae0cb914d0c47d59a6dfdc2043d63
4bef002e7bdee4bfd87c81cefb5ddb11275e38e66cb879a669dfea285ac88f79
64a0ff681a248ab2fa8ee7e03e3aae2e465879b7ba0382415aecb90e0b30759f
7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07
79af31442fc939a132569a8b2447b122dab3a4c25ad61f93101a8e1cd84ceb50
b08473868a75e37981a9d70d883ec5e2a687fb97faf5ea9a7ee67e3ad701d6c1
b68fb0776a422ea0ef4fb0e9a4e772e7ca5ab67a97f00b1b30ec8128d94f2623
c3b5bdb56b74615ae8e10df69506527f84549ae9bb5415ed2853e679f9395187
c6395571ed9192d8339701fb77506c533a6d8b7937fb0516cd901f1618860cb0
c9ebab2d0ddc0faf32ad7d081d46b3f98283b51a9821732f2a51eee80f921837
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

yax100.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

14 Requests

100 %HTTPS

33 %IPv6

10 Domains

12 Subdomains

9 IPs

2 Countries

262 kBTransfer

537 kBSize

11 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

11 Cookies

15 Console Messages

Indicators

yax100.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

33 %
IPv6

10
Domains

12
Subdomains

9
IPs

2
Countries

262 kB
Transfer

537 kB
Size

11
Cookies

14 HTTP transactions
0 data transactions