www.mitmachenundbelohntwerden.de Open in urlscan Pro
185.3.185.94 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://statconuter.info/click.php?key=oktdnxk0eudx47jnjizz&ct=ct
Effective URL:
https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postb...
Submission: On August 22 via manual (August 22nd 2019, 12:55:41 pm UTC) from IL

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 8 domains to perform 26 HTTP transactions. The main IP is 185.3.185.94, located in Germany and belongs to CLARANET-AS ClaraNET LTD, GB. The main domain is www.mitmachenundbelohntwerden.de.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 9th 2019. Valid for: 3 months.

This is the only time www.mitmachenundbelohntwerden.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	95.216.40.29 95.216.40.29	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a05:d018:483... 2a05:d018:483:6110:1151:1546:9e4a:df36	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2a05:d018:483... 2a05:d018:483:6130:fd89:3ada:41ec:3ec0	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a05:d018:483... 2a05:d018:483:6130:5cc5:c974:7f81:d960	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 3	34.249.106.0 34.249.106.0	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
19	185.3.185.94 185.3.185.94	8426 (CLARANET-...) (CLARANET-AS ClaraNET LTD)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2606:4700:10:... 2606:4700:10::6816:68f	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
26	6

1 95.216.40.29 (Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.29.40.216.95.clients.your-server.de

statconuter.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:483:6110:1151:1546:9e4a:df36 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cd-down.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:483:6130:fd89:3ada:41ec:3ec0 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

gfstrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:483:6130:5cc5:c974:7f81:d960 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

gdmconvtrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.249.106.0 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-249-106-0.eu-west-1.compute.amazonaws.com

trck.easytrck123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 185.3.185.94 (Germany)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)

www.mitmachenundbelohntwerden.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:68f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

eu.winnernotification.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	mitmachenundbelohntwerden.de www.mitmachenundbelohntwerden.de	225 KB
3	winnernotification.com eu.winnernotification.com	36 KB
3	easytrck123.com 2 redirects trck.easytrck123.com	3 KB
2	gfstrck.com 1 redirects gfstrck.com	2 KB
1	googleapis.com fonts.googleapis.com	802 B
1	gdmconvtrck.com gdmconvtrck.com	876 B
1	cd-down.com 1 redirects cd-down.com	245 B
1	statconuter.info 1 redirects statconuter.info	212 B
26	8

	Domain	Requested by
19	www.mitmachenundbelohntwerden.de	www.mitmachenundbelohntwerden.de
3	eu.winnernotification.com	www.mitmachenundbelohntwerden.de eu.winnernotification.com
3	trck.easytrck123.com	2 redirects gdmconvtrck.com
2	gfstrck.com	1 redirects
1	fonts.googleapis.com	www.mitmachenundbelohntwerden.de
1	gdmconvtrck.com	gfstrck.com
1	cd-down.com	1 redirects
1	statconuter.info	1 redirects
26	8

This site contains no links.

Subject Issuer	Validity	Valid
cldsecure.com Amazon	`2019-05-20` - `2020-06-20`	a year	crt.sh
gdmconvtrck.com Amazon	`2019-04-19` - `2020-05-19`	a year	crt.sh
trck.easytrck123.com Amazon	`2019-03-29` - `2020-04-29`	a year	crt.sh
www.mitmachenundbelohntwerden.de Let's Encrypt Authority X3	`2019-08-09` - `2019-11-07`	3 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
winnernotification.com CloudFlare Inc ECC CA-2	`2019-05-22` - `2020-05-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
Frame ID: 9E7107CD916FFF64A25168965CD51F30
Requests: 25 HTTP requests in this frame

Frame: https://eu.winnernotification.com/pushweb/assets/m_main.html
Frame ID: 972456DAE6D6D7986AE5A75E2D9790AD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://statconuter.info/click.php?key=oktdnxk0eudx47jnjizz&ct=ct HTTP 302
https://cd-down.com/?a=91119&c=181300&s2=4a1dbuqc8wj4cf HTTP 302
https://gfstrck.com/?a=91119&c=181300&oc=73909&sr=t&s2=4a1dbuqc8wj4cf&vt=1566478508986&h=ade231d... Page URL
https://gfstrck.com/?a=91119&c=181300&oc=73909&sr=t&s2=4a1dbuqc8wj4cf&vt=1566478509113&h=580ce31... HTTP 302
https://trck.easytrck123.com/aff_c?offer_id=13275&aff_id=9095&url_id=15319&aff_sub=91119&aff_sub2=3a30407... HTTP 302
https://trck.easytrck123.com/aff_r?offer_id=13275&aff_id=9095&url=https%3A%2F%2Fwww.mitmachenundbelohntwe... Page URL
https://trck.easytrck123.com/aff_r?offer_id=13275&aff_id=9095&redirect_pass=1&url=https%3A%2F%2Fwww.mitma... HTTP 302
https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=909... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

MooTools (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /mootools.*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Page Statistics

26
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

6
IPs

4
Countries

264 kB
Transfer

535 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://statconuter.info/click.php?key=oktdnxk0eudx47jnjizz&ct=ct HTTP 302
https://cd-down.com/?a=91119&c=181300&s2=4a1dbuqc8wj4cf HTTP 302
https://gfstrck.com/?a=91119&c=181300&oc=73909&sr=t&s2=4a1dbuqc8wj4cf&vt=1566478508986&h=ade231d5912529e30589a36ee00a9ed8fe4a44ce&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D181300%26s2%3D4a1dbuqc8wj4cf Page URL
https://gfstrck.com/?a=91119&c=181300&oc=73909&sr=t&s2=4a1dbuqc8wj4cf&vt=1566478509113&h=580ce31d36fa5e59a93ae8474092ca88f2a9d0c9&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D181300%26s2%3D4a1dbuqc8wj4cf&us=e08ed4f8668048f1af54d71b1f34cd69 HTTP 302
https://trck.easytrck123.com/aff_c?offer_id=13275&aff_id=9095&url_id=15319&aff_sub=91119&aff_sub2=3a30407e24fc43b4af8e2fb0eb693e60e9f8&aff_sub4= HTTP 302
https://trck.easytrck123.com/aff_r?offer_id=13275&aff_id=9095&url=https%3A%2F%2Fwww.mitmachenundbelohntwerden.de%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D1744%26wingame_pk%3D124%26freetest_pk%3D424%26sub_id%3D9095-91119%26sub_id_postback%3D102d66362a58289507d46ee29e0111&urlauth=782645405188849479252602384616 Page URL
https://trck.easytrck123.com/aff_r?offer_id=13275&aff_id=9095&redirect_pass=1&url=https%3A%2F%2Fwww.mitmachenundbelohntwerden.de%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D1744%26wingame_pk%3D124%26freetest_pk%3D424%26sub_id%3D9095-91119%26sub_id_postback%3D102d66362a58289507d46ee29e0111&urlauth=782645405188849479252602384616 HTTP 302
https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://statconuter.info/click.php?key=oktdnxk0eudx47jnjizz&ct=ct HTTP 302
https://cd-down.com/?a=91119&c=181300&s2=4a1dbuqc8wj4cf HTTP 302
https://gfstrck.com/?a=91119&c=181300&oc=73909&sr=t&s2=4a1dbuqc8wj4cf&vt=1566478508986&h=ade231d5912529e30589a36ee00a9ed8fe4a44ce&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D181300%26s2%3D4a1dbuqc8wj4cf

Request Chain 2

https://gfstrck.com/?a=91119&c=181300&oc=73909&sr=t&s2=4a1dbuqc8wj4cf&vt=1566478509113&h=580ce31d36fa5e59a93ae8474092ca88f2a9d0c9&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D181300%26s2%3D4a1dbuqc8wj4cf&us=e08ed4f8668048f1af54d71b1f34cd69 HTTP 302
https://trck.easytrck123.com/aff_c?offer_id=13275&aff_id=9095&url_id=15319&aff_sub=91119&aff_sub2=3a30407e24fc43b4af8e2fb0eb693e60e9f8&aff_sub4= HTTP 302
https://trck.easytrck123.com/aff_r?offer_id=13275&aff_id=9095&url=https%3A%2F%2Fwww.mitmachenundbelohntwerden.de%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D1744%26wingame_pk%3D124%26freetest_pk%3D424%26sub_id%3D9095-91119%26sub_id_postback%3D102d66362a58289507d46ee29e0111&urlauth=782645405188849479252602384616

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
gfstrck.com/
Redirect Chain

https://statconuter.info/click.php?key=oktdnxk0eudx47jnjizz&ct=ct
https://cd-down.com/?a=91119&c=181300&s2=4a1dbuqc8wj4cf
https://gfstrck.com/?a=91119&c=181300&oc=73909&sr=t&s2=4a1dbuqc8wj4cf&vt=1566478508986&h=ade231d5912529e30589a36ee00a9ed8fe4a44ce&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D181300%26s2%3D4a...

2 KB
889 B

127ms
30ms

Document
text/html

2a05:d018:483:6130:fd89:3ada:41ec:3ec0
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://gfstrck.com/?a=91119&c=181300&oc=73909&sr=t&s2=4a1dbuqc8wj4cf&vt=1566478508986&h=ade231d5912529e30589a36ee00a9ed8fe4a44ce&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D181300%26s2%3D4a1dbuqc8wj4cf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:483:6130:fd89:3ada:41ec:3ec0 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: ee679d87dcc15c6ce7b8d9b68da9d85a5074120b95bedd61a8b9a59561adbfea

Request headers

:method: GET
:authority: gfstrck.com
:scheme: https
:path: /?a=91119&c=181300&oc=73909&sr=t&s2=4a1dbuqc8wj4cf&vt=1566478508986&h=ade231d5912529e30589a36ee00a9ed8fe4a44ce&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D181300%26s2%3D4a1dbuqc8wj4cf
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
date: Thu, 22 Aug 2019 12:55:09 GMT
content-type: text/html;charset=utf-8
server: nginx
vary: Accept-Encoding
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Sat, 1 May 2020 12:00:00 GMT
content-encoding: gzip

Redirect headers

status: 302
date: Thu, 22 Aug 2019 12:55:08 GMT
content-type: text/html;charset=ISO-8859-1
location: https://gfstrck.com?a=91119&c=181300&oc=73909&sr=t&s2=4a1dbuqc8wj4cf&vt=1566478508986&h=ade231d5912529e30589a36ee00a9ed8fe4a44ce&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D181300%26s2%3D4a1dbuqc8wj4cf
server: nginx
content-language: en-US

GET
H2 200 trck
gdmconvtrck.com/ 1 KB
876 B 122ms
34ms Script
text/javascript 2a05:d018:483:6130:5cc5:c974:7f81:d960
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://gdmconvtrck.com/trck
Requested by: Host: gfstrck.com
URL: https://gfstrck.com/?a=91119&c=181300&oc=73909&sr=t&s2=4a1dbuqc8wj4cf&vt=1566478508986&h=ade231d5912529e30589a36ee00a9ed8fe4a44ce&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D181300%26s2%3D4a1dbuqc8wj4cf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:483:6130:5cc5:c974:7f81:d960 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://gfstrck.com/?a=91119&c=181300&oc=73909&sr=t&s2=4a1dbuqc8wj4cf&vt=1566478508986&h=ade231d5912529e30589a36ee00a9ed8fe4a44ce&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D181300%26s2%3D4a1dbuqc8wj4cf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2019 12:55:09 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Sat, 1 May 2020 12:00:00 GMT

GET
H/1.1

200
OK

aff_r Show response
trck.easytrck123.com/
Redirect Chain

https://gfstrck.com/?a=91119&c=181300&oc=73909&sr=t&s2=4a1dbuqc8wj4cf&vt=1566478509113&h=580ce31d36fa5e59a93ae8474092ca88f2a9d0c9&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D181300%26s2%3D4a...
https://trck.easytrck123.com/aff_c?offer_id=13275&aff_id=9095&url_id=15319&aff_sub=91119&aff_sub2=3a30407e24fc43b4af8e2fb0eb693e60e9f8&aff_sub4=
https://trck.easytrck123.com/aff_r?offer_id=13275&aff_id=9095&url=https%3A%2F%2Fwww.mitmachenundbelohntwerden.de%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D1744%26wingame_pk%3D124%26freetest_pk%3D424%26...

364 B
655 B

32ms
31ms

Document
text/html

34.249.106.0
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://trck.easytrck123.com/aff_r?offer_id=13275&aff_id=9095&url=https%3A%2F%2Fwww.mitmachenundbelohntwerden.de%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D1744%26wingame_pk%3D124%26freetest_pk%3D424%26sub_id%3D9095-91119%26sub_id_postback%3D102d66362a58289507d46ee29e0111&urlauth=782645405188849479252602384616
Requested by: Host: gdmconvtrck.com
URL: https://gdmconvtrck.com/trck
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.106.0 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-249-106-0.eu-west-1.compute.amazonaws.com
Software: nginx/1.13.12 /
Resource Hash: 95d411038afb09f37fbdf5159896c435ea25a594de2832ed40d5fa45cf8036ff

Request headers

Host: trck.easytrck123.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://gfstrck.com/?a=91119&c=181300&oc=73909&sr=t&s2=4a1dbuqc8wj4cf&vt=1566478508986&h=ade231d5912529e30589a36ee00a9ed8fe4a44ce&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D181300%26s2%3D4a1dbuqc8wj4cf
Accept-Encoding: gzip, deflate, br
Cookie: aff_ran_url_13275=15319; enc_aff_session_13275=ENC030f30d4f2b275493390cc3c556ee4f1a269b73f98e3c3c3c63dad860f79020808e2fda9410e20d2959b9182d73d068ee93d665db1066b58d9b9ad3dcf181e8a152f4deac66c974ed087cba68353b03ddac2a3e2b23c3296378d8e1c2b7965974c5c586042803ef5cce4be0118cb66db3b66d6e121a4daab9ddd5443a9d80017646124ab5bd7b2a0ab6ed9f06e8c100f38e689d95b902dab42bdd9e610066b4dbf64ca7a81a37bfdf6a02e106e053233e34b6e2fc91d9e2acd2310627cab5e31d4966ac474fd36158c13641508b430f1bec85b461a409461c825586628034a84d324127ca56e73f5c3ea19ce141909dae403614a993d5b5e729675c8679e8834a5c4ca97545f54d37dc82403975eff2635366edaaeea0db2a1075067f92173edd9b95f95e0246cdd3ce395dcb50f3bfde0639a46b75202d72faf0d521bae4c040a0a25aad6; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://gfstrck.com/?a=91119&c=181300&oc=73909&sr=t&s2=4a1dbuqc8wj4cf&vt=1566478508986&h=ade231d5912529e30589a36ee00a9ed8fe4a44ce&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D181300%26s2%3D4a1dbuqc8wj4cf

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html
Date: Thu, 22 Aug 2019 12:55:09 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Server: nginx/1.13.12
Content-Length: 364
Connection: keep-alive

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 22 Aug 2019 12:55:09 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: /aff_r?offer_id=13275&aff_id=9095&url=https%3A%2F%2Fwww.mitmachenundbelohntwerden.de%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D1744%26wingame_pk%3D124%26freetest_pk%3D424%26sub_id%3D9095-91119%26sub_id_postback%3D102d66362a58289507d46ee29e0111&urlauth=782645405188849479252602384616
P3P: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx/1.13.12
Set-Cookie: aff_ran_url_13275=15319; expires=Fri, 23 Aug 2019 12:55:09 GMT; path=/; enc_aff_session_13275=ENC030f30d4f2b275493390cc3c556ee4f1a269b73f98e3c3c3c63dad860f79020808e2fda9410e20d2959b9182d73d068ee93d665db1066b58d9b9ad3dcf181e8a152f4deac66c974ed087cba68353b03ddac2a3e2b23c3296378d8e1c2b7965974c5c586042803ef5cce4be0118cb66db3b66d6e121a4daab9ddd5443a9d80017646124ab5bd7b2a0ab6ed9f06e8c100f38e689d95b902dab42bdd9e610066b4dbf64ca7a81a37bfdf6a02e106e053233e34b6e2fc91d9e2acd2310627cab5e31d4966ac474fd36158c13641508b430f1bec85b461a409461c825586628034a84d324127ca56e73f5c3ea19ce141909dae403614a993d5b5e729675c8679e8834a5c4ca97545f54d37dc82403975eff2635366edaaeea0db2a1075067f92173edd9b95f95e0246cdd3ce395dcb50f3bfde0639a46b75202d72faf0d521bae4c040a0a25aad6; expires=Sun, 22 Sep 2019 12:55:09 GMT; path=/; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Sat, 16 Jul 2022 23:35:09 GMT; path=/;
tracking_id: 102d66362a58289507d46ee29e0111
X-Robots-Tag: noindex, nofollow
Content-Length: 474
Connection: keep-alive

GET
H/1.1

200
OK

Primary Request wingame.pl Show response
www.mitmachenundbelohntwerden.de/cgi-bin/
Redirect Chain

https://trck.easytrck123.com/aff_r?offer_id=13275&aff_id=9095&redirect_pass=1&url=https%3A%2F%2Fwww.mitmachenundbelohntwerden.de%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D1744%26wingame_pk%3D124%26free...
https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111

27 KB
8 KB

1239ms
426ms

Document
text/html

185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: f2529a450a2a0e6a05bac7da2c63fd37189ea8dd66c052fafcb011dfefc1ba8f

Request headers

Host: www.mitmachenundbelohntwerden.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://trck.easytrck123.com/aff_r?offer_id=13275&aff_id=9095&url=https%3A%2F%2Fwww.mitmachenundbelohntwerden.de%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D1744%26wingame_pk%3D124%26freetest_pk%3D424%26sub_id%3D9095-91119%26sub_id_postback%3D102d66362a58289507d46ee29e0111&urlauth=782645405188849479252602384616
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://trck.easytrck123.com/aff_r?offer_id=13275&aff_id=9095&url=https%3A%2F%2Fwww.mitmachenundbelohntwerden.de%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D1744%26wingame_pk%3D124%26freetest_pk%3D424%26sub_id%3D9095-91119%26sub_id_postback%3D102d66362a58289507d46ee29e0111&urlauth=782645405188849479252602384616

Response headers

Server: nginx
Date: Thu, 22 Aug 2019 12:55:10 GMT
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-FIRSTPAGE: 1
X-PAGE: pregame
X-Map-Context: de
X-Served-By: a-04
Content-Encoding: gzip

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 22 Aug 2019 12:55:09 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
Pragma: no-cache
Server: nginx/1.13.12
Content-Length: 371
Connection: keep-alive

GET
H/1.1 200
OK default.css
www.mitmachenundbelohntwerden.de/_global/css/ 4 KB
2 KB 10ms
7ms Stylesheet
text/css 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mitmachenundbelohntwerden.de/_global/css/default.css?1923217304326132610
Requested by: Host: www.mitmachenundbelohntwerden.de
URL: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: a211fa8cfb82dcb3b146a1b52b658cb54aab0e8643753a2ee4e91bbab7cea84d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 22 Aug 2019 12:55:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Feb 2019 07:52:24 GMT
Server: nginx
X-Map-Context: de
X-Served-By: a-03
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Fri, 23 Aug 2019 12:55:10 GMT

GET
H/1.1 200
OK font-awesome.min.css
www.mitmachenundbelohntwerden.de/_global/fonts/font-awesome-4.6.3/css/ 28 KB
7 KB 19ms
9ms Stylesheet
text/css 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mitmachenundbelohntwerden.de/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?1923217304326132610
Requested by: Host: www.mitmachenundbelohntwerden.de
URL: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 2915756289e00f26ea66d2cfbdddb890bf2eaed1823e2d4b5855f49eea567064

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 22 Aug 2019 12:55:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Aug 2016 09:52:51 GMT
Server: nginx
X-Map-Context: de
X-Served-By: a-03
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Fri, 23 Aug 2019 12:55:10 GMT

GET
H/1.1 200
OK series.css
www.mitmachenundbelohntwerden.de/_global/wingame/54/css/ 25 KB
5 KB 28ms
8ms Stylesheet
text/css 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mitmachenundbelohntwerden.de/_global/wingame/54/css/series.css?1923217304326132610
Requested by: Host: www.mitmachenundbelohntwerden.de
URL: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 35760ab55cdfeca80927bb58481105f762de07e439bbbfd2c7986bca834dbe65

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 22 Aug 2019 12:55:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Oct 2018 10:14:15 GMT
Server: nginx
X-Map-Context: de
X-Served-By: a-02
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Fri, 23 Aug 2019 12:55:10 GMT

GET
H/1.1 200
OK sweepstake.css
www.mitmachenundbelohntwerden.de/wingame/124/css/ 8 KB
2 KB 36ms
8ms Stylesheet
text/css 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mitmachenundbelohntwerden.de/wingame/124/css/sweepstake.css?1923217304326132610
Requested by: Host: www.mitmachenundbelohntwerden.de
URL: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: e0d3693e80c80badf3b1e9d8336194d15ddd1985ad9ec242f85b759c3aba55bf

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 22 Aug 2019 12:55:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Feb 2018 15:36:35 GMT
Server: nginx
X-Map-Context: de
X-Served-By: a-01
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Fri, 23 Aug 2019 12:55:10 GMT

GET
H/1.1 200
OK theme.css
www.mitmachenundbelohntwerden.de/_global/wingame/54/themes/default/css/ 2 KB
1009 B 43ms
7ms Stylesheet
text/css 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mitmachenundbelohntwerden.de/_global/wingame/54/themes/default/css/theme.css?1923217304326132610
Requested by: Host: www.mitmachenundbelohntwerden.de
URL: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: b660eb9b6e0d543df513566804f4812e40e4ac135a114cfeec54b6a3ee8b5745

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 22 Aug 2019 12:55:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Dec 2014 13:54:34 GMT
Server: nginx
X-Map-Context: de
X-Served-By: a-04
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Fri, 23 Aug 2019 12:55:10 GMT

GET
H/1.1 200
OK MooTools-Core-1.6.0-compressed.js Show response
www.mitmachenundbelohntwerden.de/_global/js/framework/ 88 KB
28 KB 57ms
13ms Script
application/javascript 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mitmachenundbelohntwerden.de/_global/js/framework/MooTools-Core-1.6.0-compressed.js?1923217304326132610
Requested by: Host: www.mitmachenundbelohntwerden.de
URL: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 22 Aug 2019 12:55:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Nov 2017 11:48:17 GMT
Server: nginx
X-Map-Context: de
X-Served-By: a-02
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Fri, 23 Aug 2019 12:55:10 GMT

GET
H/1.1 200
OK scripts.js Show response
www.mitmachenundbelohntwerden.de/_global/js/ 54 KB
14 KB 76ms
10ms Script
application/javascript 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mitmachenundbelohntwerden.de/_global/js/scripts.js?1923217304326132610
Requested by: Host: www.mitmachenundbelohntwerden.de
URL: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6da8b6dd69202450cbb86a6f2e3110989b63f428af8d652f5dff4138a850b533

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 22 Aug 2019 12:55:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Jun 2019 07:06:41 GMT
Server: nginx
X-Map-Context: de
X-Served-By: a-04
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Fri, 23 Aug 2019 12:55:10 GMT

GET
H/1.1 200
OK global.js Show response
www.mitmachenundbelohntwerden.de/wingame/global/js/ 6 KB
3 KB 84ms
8ms Script
application/javascript 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mitmachenundbelohntwerden.de/wingame/global/js/global.js?1923217304326132610
Requested by: Host: www.mitmachenundbelohntwerden.de
URL: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7d8f22e2f033be8c95599551d8e9969546f3b9b4ebc3c00b7d29d5db873546b3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 22 Aug 2019 12:55:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Oct 2018 13:09:25 GMT
Server: nginx
X-Map-Context: de
X-Served-By: a-03
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Fri, 23 Aug 2019 12:55:10 GMT

GET
H/1.1 200
OK series.js Show response
www.mitmachenundbelohntwerden.de/_global/wingame/54/js/ 13 KB
4 KB 93ms
8ms Script
application/javascript 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mitmachenundbelohntwerden.de/_global/wingame/54/js/series.js?1923217304326132610
Requested by: Host: www.mitmachenundbelohntwerden.de
URL: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 57f1444a460acf51492857adaf4da51b4663fed8d77c910a697460811c513381

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 22 Aug 2019 12:55:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Jun 2019 06:39:23 GMT
Server: nginx
X-Map-Context: de
X-Served-By: a-02
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Fri, 23 Aug 2019 12:55:10 GMT

GET
H/1.1 200
OK sweepstake.js Show response
www.mitmachenundbelohntwerden.de/wingame/124/js/ 2 KB
1 KB 101ms
8ms Script
application/javascript 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mitmachenundbelohntwerden.de/wingame/124/js/sweepstake.js?1923217304326132610
Requested by: Host: www.mitmachenundbelohntwerden.de
URL: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7d06cb594bfe3cd307d1991474c66db74a474170711cdca2f7383e12a44c9a73

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 22 Aug 2019 12:55:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Jun 2019 07:10:18 GMT
Server: nginx
X-Map-Context: de
X-Served-By: a-04
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Fri, 23 Aug 2019 12:55:10 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
802 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Teko:300,400,500,600,700

Requested by

Host: www.mitmachenundbelohntwerden.de
URL: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

c2247d50d3090eb5d412be66248398fa4653dbe63fe885c1885bcef296512ca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 22 Aug 2019 12:55:10 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Thu, 22 Aug 2019 12:55:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Thu, 22 Aug 2019 12:55:10 GMT

GET
H/1.1 200
OK close_icon.svg
www.mitmachenundbelohntwerden.de/wingame/global/images/ 841 B
1 KB 66ms
7ms Image
image/svg+xml 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mitmachenundbelohntwerden.de/wingame/global/images/close_icon.svg
Requested by: Host: www.mitmachenundbelohntwerden.de
URL: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: d6625aafc5018f0230c6c78dc48379d86ae4ea03dbe7674ace540bf27dd87976

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 22 Aug 2019 12:55:10 GMT
Last-Modified: Tue, 20 Nov 2018 09:46:13 GMT
Server: nginx
X-Map-Context: de
ETag: "5bf3d7e5-349"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 841
X-Served-By: a-01

GET
H/1.1 200
OK sign.png
www.mitmachenundbelohntwerden.de/wingame/124/images/ 7 KB
8 KB 53ms
8ms Image
image/png 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mitmachenundbelohntwerden.de/wingame/124/images/sign.png
Requested by: Host: www.mitmachenundbelohntwerden.de
URL: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: a5387e1cea23cff5964e96bd01bb25b86a205c9d26421e2523e23da588360fb4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 22 Aug 2019 12:55:10 GMT
Last-Modified: Tue, 09 Dec 2014 12:05:00 GMT
Server: nginx
X-Map-Context: de
ETag: "5486e56c-1d55"
X-Served-By: a-02
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 7509
Expires: Fri, 23 Aug 2019 12:55:10 GMT

GET
H/1.1 200
OK image_424_8_1535447992.png
www.mitmachenundbelohntwerden.de/files/web/freetest/_images/ 23 KB
23 KB 23ms
8ms Image
image/png 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mitmachenundbelohntwerden.de/files/web/freetest/_images/image_424_8_1535447992.png
Requested by: Host: www.mitmachenundbelohntwerden.de
URL: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 0a385261f26b72edb5218f78fcc8e8229df4501b73119df2b431e438b365864c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 22 Aug 2019 12:55:10 GMT
Last-Modified: Tue, 28 Aug 2018 09:19:52 GMT
Server: nginx
X-Map-Context: de
ETag: "5b8513b8-5af9"
X-Served-By: a-04
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 23289
Expires: Fri, 23 Aug 2019 12:55:10 GMT

GET
H/1.1 200
OK close.png
www.mitmachenundbelohntwerden.de/_global/wingame/default/bba/images/ 1 KB
2 KB 36ms
6ms Image
image/png 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mitmachenundbelohntwerden.de/_global/wingame/default/bba/images/close.png
Requested by: Host: www.mitmachenundbelohntwerden.de
URL: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6a0d30a4b3dc6eee3adbff72319c017932c011da39da3ed564200cd530a89b1d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 22 Aug 2019 12:55:10 GMT
Last-Modified: Tue, 06 Dec 2016 13:05:32 GMT
Server: nginx
X-Map-Context: de
ETag: "5846b79c-4dd"
X-Served-By: a-02
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 1245
Expires: Fri, 23 Aug 2019 12:55:10 GMT

GET
H/1.1 200
OK 20159413288_bba-logo.png
www.mitmachenundbelohntwerden.de/_global/wingame/default/bba/images/ 4 KB
4 KB 43ms
7ms Image
image/png 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mitmachenundbelohntwerden.de/_global/wingame/default/bba/images/20159413288_bba-logo.png
Requested by: Host: www.mitmachenundbelohntwerden.de
URL: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 0edb4d4dacef152307427cbf965443eb70c695e6a7c7e22418b29c3d94805d35

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 22 Aug 2019 12:55:10 GMT
Last-Modified: Tue, 08 Dec 2015 14:28:55 GMT
Server: nginx
X-Map-Context: de
ETag: "5666e927-e71"
X-Served-By: a-03
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 3697
Expires: Fri, 23 Aug 2019 12:55:10 GMT

GET
H/1.1 200
OK bg-amazon750eu-de-xmas.jpg
www.mitmachenundbelohntwerden.de/_static/_global/_supload/images/ 109 KB
109 KB 51ms
10ms Image
image/jpeg 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mitmachenundbelohntwerden.de/_static/_global/_supload/images/bg-amazon750eu-de-xmas.jpg
Requested by: Host: www.mitmachenundbelohntwerden.de
URL: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: ec897a6651d41f375bf9ea4822d1f9adde8893734801e98d49f557d4036308fe

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 22 Aug 2019 12:55:10 GMT
Last-Modified: Fri, 07 Dec 2018 07:18:36 GMT
Server: nginx
ETag: "2835135334"
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 111652
Expires: Fri, 23 Aug 2019 12:55:10 GMT

GET
H/1.1 200
OK header_arrow.png
www.mitmachenundbelohntwerden.de/_global/wingame/54/images/ 2 KB
2 KB 67ms
7ms Image
image/png 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mitmachenundbelohntwerden.de/_global/wingame/54/images/header_arrow.png
Requested by: Host: www.mitmachenundbelohntwerden.de
URL: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5da614e08f2538b996cfccf995e70bd7666c22148aeaabcc3dc72ec4f6557199

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.mitmachenundbelohntwerden.de/_global/wingame/54/css/series.css?1923217304326132610
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 22 Aug 2019 12:55:10 GMT
Last-Modified: Tue, 09 Dec 2014 12:04:57 GMT
Server: nginx
X-Map-Context: de
ETag: "5486e569-819"
X-Served-By: a-01
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 2073
Expires: Fri, 23 Aug 2019 12:55:10 GMT

GET
H/1.1 200
OK spiky_ornament_large.png
www.mitmachenundbelohntwerden.de/_global/wingame/54/images/ 2 KB
2 KB 67ms
7ms Image
image/png 185.3.185.94
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mitmachenundbelohntwerden.de/_global/wingame/54/images/spiky_ornament_large.png
Requested by: Host: www.mitmachenundbelohntwerden.de
URL: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software: nginx /
Resource Hash: 48d0add2d9053fac4b29e2a12c083de6ebc213919119d4dfb7292b7992f1257a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.mitmachenundbelohntwerden.de/_global/wingame/54/css/series.css?1923217304326132610
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 22 Aug 2019 12:55:10 GMT
Last-Modified: Wed, 10 Dec 2014 19:18:44 GMT
Server: nginx
X-Map-Context: de
ETag: "54889c94-677"
X-Served-By: a-02
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 1655
Expires: Fri, 23 Aug 2019 12:55:10 GMT

GET
H2 200 init.js Show response
eu.winnernotification.com/pushweb/assets/ 2 KB
1 KB 174ms
79ms Script
application/javascript 2606:4700:10::6816:68f
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.winnernotification.com/pushweb/assets/init.js
Requested by: Host: www.mitmachenundbelohntwerden.de
URL: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:68f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68ec50414899a1331db65381da5a086f76601c5c7cc5ab9354120f0863652cdc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 50a4ffe5cab86491-FRA
date: Thu, 22 Aug 2019 12:55:11 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
status: 200
etag: W/"6da-JgtmxWvzdFsUzMfd52NNQkQLPmw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin: *
cache-control: no-cache
content-type: application/javascript; charset=utf-8
access-control-allow-headers: Content-Type, Authorization, Accengage-Time, Accengage-Signature

GET
H2 200 t_main.js Show response
eu.winnernotification.com/pushweb/assets/ 118 KB
34 KB 89ms
89ms Script
application/javascript 2606:4700:10::6816:68f
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.winnernotification.com/pushweb/assets/t_main.js?
Requested by: Host: eu.winnernotification.com
URL: https://eu.winnernotification.com/pushweb/assets/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:68f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecb93c3e29574ba87cd727db9d8ad6a92a6a557b344c94521351b8edf2ce1f9f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 50a4ffe64b326491-FRA
date: Thu, 22 Aug 2019 12:55:11 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
status: 200
etag: W/"1d63b-y6pnxaRloIe0xkraAE96IBLkRmU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin: *
cache-control: no-cache
content-type: application/javascript; charset=utf-8
access-control-allow-headers: Content-Type, Authorization, Accengage-Time, Accengage-Signature

GET
H2 200 m_main.html
eu.winnernotification.com/pushweb/assets/ Frame 9724 0
0 55ms
54ms Document
text/html 2606:4700:10::6816:68f
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.winnernotification.com/pushweb/assets/m_main.html?
Requested by: Host: eu.winnernotification.com
URL: https://eu.winnernotification.com/pushweb/assets/t_main.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:68f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: eu.winnernotification.com
:scheme: https
:path: /pushweb/assets/m_main.html?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111
accept-encoding: gzip, deflate, br
cookie: __cfduid=d849d5d64d4cb622537f64fb6547e85311566478511
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.mitmachenundbelohntwerden.de/cgi-bin/wingame.pl?partner_pk=1744&wingame_pk=124&freetest_pk=424&sub_id=9095-91119&sub_id_postback=102d66362a58289507d46ee29e0111

Response headers

status: 200
date: Thu, 22 Aug 2019 12:55:11 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization, Accengage-Time, Accengage-Signature
cache-control: no-cache
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 50a4ffe71c046491-FRA
content-encoding: gzip

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.winnernotification.com/	1970-01-19 11:53:34	Name: __cfduid Value: d849d5d64d4cb622537f64fb6547e85311566478511

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cd-down.com
eu.winnernotification.com
fonts.googleapis.com
gdmconvtrck.com
gfstrck.com
statconuter.info
trck.easytrck123.com
www.mitmachenundbelohntwerden.de
185.3.185.94
2606:4700:10::6816:68f
2a00:1450:4001:81f::200a
2a05:d018:483:6110:1151:1546:9e4a:df36
2a05:d018:483:6130:5cc5:c974:7f81:d960
2a05:d018:483:6130:fd89:3ada:41ec:3ec0
34.249.106.0
95.216.40.29
0a385261f26b72edb5218f78fcc8e8229df4501b73119df2b431e438b365864c
0edb4d4dacef152307427cbf965443eb70c695e6a7c7e22418b29c3d94805d35
2915756289e00f26ea66d2cfbdddb890bf2eaed1823e2d4b5855f49eea567064
35760ab55cdfeca80927bb58481105f762de07e439bbbfd2c7986bca834dbe65
48d0add2d9053fac4b29e2a12c083de6ebc213919119d4dfb7292b7992f1257a
57f1444a460acf51492857adaf4da51b4663fed8d77c910a697460811c513381
5da614e08f2538b996cfccf995e70bd7666c22148aeaabcc3dc72ec4f6557199
68ec50414899a1331db65381da5a086f76601c5c7cc5ab9354120f0863652cdc
6a0d30a4b3dc6eee3adbff72319c017932c011da39da3ed564200cd530a89b1d
6da8b6dd69202450cbb86a6f2e3110989b63f428af8d652f5dff4138a850b533
7d06cb594bfe3cd307d1991474c66db74a474170711cdca2f7383e12a44c9a73
7d8f22e2f033be8c95599551d8e9969546f3b9b4ebc3c00b7d29d5db873546b3
95d411038afb09f37fbdf5159896c435ea25a594de2832ed40d5fa45cf8036ff
a211fa8cfb82dcb3b146a1b52b658cb54aab0e8643753a2ee4e91bbab7cea84d
a5387e1cea23cff5964e96bd01bb25b86a205c9d26421e2523e23da588360fb4
b660eb9b6e0d543df513566804f4812e40e4ac135a114cfeec54b6a3ee8b5745
be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36
c2247d50d3090eb5d412be66248398fa4653dbe63fe885c1885bcef296512ca5
d6625aafc5018f0230c6c78dc48379d86ae4ea03dbe7674ace540bf27dd87976
e0d3693e80c80badf3b1e9d8336194d15ddd1985ad9ec242f85b759c3aba55bf
ec897a6651d41f375bf9ea4822d1f9adde8893734801e98d49f557d4036308fe
ecb93c3e29574ba87cd727db9d8ad6a92a6a557b344c94521351b8edf2ce1f9f
ee679d87dcc15c6ce7b8d9b68da9d85a5074120b95bedd61a8b9a59561adbfea
f2529a450a2a0e6a05bac7da2c63fd37189ea8dd66c052fafcb011dfefc1ba8f

www.mitmachenundbelohntwerden.de Open in urlscan Pro 185.3.185.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

63 %IPv6

8 Domains

8 Subdomains

6 IPs

4 Countries

264 kBTransfer

535 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

1 Cookies

www.mitmachenundbelohntwerden.de Open in urlscan Pro
185.3.185.94 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

6
IPs

4
Countries

264 kB
Transfer

535 kB
Size

1
Cookies

26 HTTP transactions
0 data transactions