dl4.9minecraft.net Open in urlscan Pro
213.219.39.26 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dl4.9minecraft.net/index.php?act=dl&id=1569394985
Submission: On September 27 via manual (September 27th 2022, 9:49:19 pm UTC) from US — Scanned from GB

Summary HTTP 35 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 9 domains to perform 35 HTTP transactions. The main IP is 213.219.39.26, located in London, United Kingdom and belongs to LINODE-AP Linode, LLC, US. The main domain is dl4.9minecraft.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 6th 2021. Valid for: a year.

This is the only time dl4.9minecraft.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	213.219.39.26 213.219.39.26	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
15	198.24.170.52 198.24.170.52	19437 (SS-ASH) (SS-ASH)
10	152.199.21.117 152.199.21.117	15133 (EDGECAST) (EDGECAST)
2 2	34.120.20.117 34.120.20.117	15169 (GOOGLE) (GOOGLE)
2	100.21.192.180 100.21.192.180	16509 (AMAZON-02) (AMAZON-02)
1	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
2	79.125.67.2 79.125.67.2	16509 (AMAZON-02) (AMAZON-02)
1	159.89.246.130 159.89.246.130	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	72.251.249.13 72.251.249.13	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
35	9

2 213.219.39.26 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: 213-219-39-26.ip.linodeusercontent.com

dl4.9minecraft.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 198.24.170.52 (Ashburn, United States)

ASN19437 (SS-ASH, US)

server.cpmstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 152.199.21.117 (United States)

ASN15133 (EDGECAST, US)

ssl.cdne.cpmstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.20.117 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 117.20.120.34.bc.googleusercontent.com

www.blindferret-trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 100.21.192.180 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-21-192-180.us-west-2.compute.amazonaws.com

t.paydaythegame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.125.67.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-67-2.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.13 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	cpmstar.com server.cpmstar.com — Cisco Umbrella Rank: 4044 ssl.cdne.cpmstar.com — Cisco Umbrella Rank: 27993	760 KB
2	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1371	1 KB
2	paydaythegame.com t.paydaythegame.com	612 B
2	blindferret-trk.com 2 redirects www.blindferret-trk.com — Cisco Umbrella Rank: 74495	663 B
2	9minecraft.net dl4.9minecraft.net	17 KB
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 597	744 B
1	serverbid.com e.serverbid.com — Cisco Umbrella Rank: 3609	391 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 228	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	1 KB
35	9

	Domain	Requested by
15	server.cpmstar.com	dl4.9minecraft.net server.cpmstar.com ssl.cdne.cpmstar.com
10	ssl.cdne.cpmstar.com	server.cpmstar.com dl4.9minecraft.net ssl.cdne.cpmstar.com
2	g2.gumgum.com	ssl.cdne.cpmstar.com
2	t.paydaythegame.com	dl4.9minecraft.net
2	www.blindferret-trk.com	2 redirects
2	dl4.9minecraft.net	dl4.9minecraft.net
1	ap.lijit.com	ssl.cdne.cpmstar.com
1	e.serverbid.com	ssl.cdne.cpmstar.com
1	ib.adnxs.com	ssl.cdne.cpmstar.com
1	fonts.googleapis.com	dl4.9minecraft.net
35	10

This site contains links to these domains. Also see Links.

Domain
www.9minecraft.net
server.cpmstar.com

Subject Issuer	Validity	Valid
*.9minecraft.net Sectigo RSA Domain Validation Secure Server CA	`2021-10-06` - `2022-10-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
server.cpmstar.com Go Daddy Secure Certificate Authority - G2	`2022-07-20` - `2023-08-21`	a year	crt.sh
ssl.cdne.cpmstar.com Go Daddy Secure Certificate Authority - G2	`2022-02-26` - `2023-03-30`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.gumgum.com Amazon	`2022-05-06` - `2023-06-04`	a year	crt.sh
*.consumableaudio.com R3	`2022-07-05` - `2022-10-03`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985
Frame ID: 7A887C38C6F2140250137499DCBEF991
Requests: 28 HTTP requests in this frame

Frame: https://ssl.cdne.cpmstar.com/cached/creatives/1313452/300_x_250-1.png
Frame ID: B8A9093AE6E08295FC47A98559AD93D7
Requests: 2 HTTP requests in this frame

Frame: https://t.paydaythegame.com/imgp/ma8cw5?sub1=10&sub2=21303&campaign_name=2022_t2_Q3_Payday2
Frame ID: 109FDAADF7F276948975CBDF3DDB7E72
Requests: 3 HTTP requests in this frame

Frame: https://ssl.cdne.cpmstar.com/cached/creatives/1298505/got_banner_728x90_en_new.jpg
Frame ID: 21FF73BF1C2E1B2F5C07DFE273639F11
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

9Minecraft - Minecraft Files Storage

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Page Statistics

35
Requests

94 %
HTTPS

10 %
IPv6

9
Domains

10
Subdomains

9
IPs

5
Countries

783 kB
Transfer

1323 kB
Size

16
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.9minecraft.net/
Title: 9Minecraft

Search URL Search Domain Scan URL

URL: http://server.cpmstar.com/click.aspx?poolid=37623&subpoolid=0&campaignid=476594&creativeid=1298574&imptld=9minecraft.net

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://www.blindferret-trk.com/i/FNX4R/HWZWHQ/?source_id=21303&sub1= HTTP 302
https://t.paydaythegame.com/imgp/ma8cw5?sub1=10&sub2=21303&campaign_name=2022_t2_Q3_Payday2

Request Chain 29

https://www.blindferret-trk.com/i/FNX4R/HWZWHQ/?source_id=21303&sub1= HTTP 302
https://t.paydaythegame.com/imgp/ma8cw5?sub1=10&sub2=21303&campaign_name=2022_t2_Q3_Payday2

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request index.php Show response
dl4.9minecraft.net/ 4 KB
2 KB 129ms
40ms Document
text/html 213.219.39.26
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.219.39.26 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: 213-219-39-26.ip.linodeusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 44e611347e788b29fc0217b974a375bd657f091547707ba2488508343a49a576

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 27 Sep 2022 21:49:13 GMT
server: nginx/1.10.3 (Ubuntu)

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 203ms
75ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap

Requested by

Host: dl4.9minecraft.net
URL: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58cbefaf0f461dc0670eaff4da9f2a2e4f1000e1dfebec0ba390f9859b7792f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 20:28:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 27 Sep 2022 21:49:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Sep 2022 21:49:13 GMT

GET
H2 200 download-button.png
dl4.9minecraft.net/ 15 KB
15 KB 77ms
76ms Image
image/png 213.219.39.26
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl4.9minecraft.net/download-button.png
Requested by: Host: dl4.9minecraft.net
URL: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.219.39.26 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: 213-219-39-26.ip.linodeusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 549eee1f5a6f50384324a9fa2f786e26c4900c3f51e753adc0fedf11d4f1ff3d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 21:49:13 GMT
last-modified: Fri, 04 Jul 2014 03:06:02 GMT
server: nginx/1.10.3 (Ubuntu)
accept-ranges: bytes
etag: "53b61a1a-3b08"
content-length: 15112
content-type: image/png

GET
H/1.1 200
OK view.aspx Show response
server.cpmstar.com/ 739 B
1 KB 556ms
109ms Script
text/html 198.24.170.52
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/view.aspx?poolid=21303&script=1&rnd=443946
Requested by: Host: dl4.9minecraft.net
URL: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.170.52 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: fc83b1e1cf76533991605d7b814f984859260f3cbf91985c37c612834a735856

Request headers

Referer: https://dl4.9minecraft.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 21:49:13 GMT
Server: Microsoft-IIS/10.0
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control: private,no-store, no-cache, must-revalidate
Content-Type: text/html; charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK lib.js Show response
server.cpmstar.com/cached/js/ 7 KB
2 KB 108ms
108ms Script
application/javascript 198.24.170.52
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/cached/js/lib.js
Requested by: Host: server.cpmstar.com
URL: https://server.cpmstar.com/view.aspx?poolid=21303&script=1&rnd=443946
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.170.52 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 35f808834cfb012b89e04de8be8e367b48678a3d2eaf22fec539b7f0152fbc72

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 21:49:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Dec 2020 18:11:57 GMT
Server: Microsoft-IIS/10.0
ETag: "8094b51ce9cfd61:0"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 2069

GET
H/1.1 200
OK view.aspx Show response
server.cpmstar.com/ 739 B
1 KB 219ms
111ms Script
text/html 198.24.170.52
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/view.aspx?poolid=21303&script=1&rnd=431896
Requested by: Host: dl4.9minecraft.net
URL: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.170.52 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: fc83b1e1cf76533991605d7b814f984859260f3cbf91985c37c612834a735856

Request headers

Referer: https://dl4.9minecraft.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 21:49:14 GMT
Server: Microsoft-IIS/10.0
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control: private,no-store, no-cache, must-revalidate
Content-Type: text/html; charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 504_10650_hb.js Show response
server.cpmstar.com/cached/zonefiles/ 25 KB
4 KB 215ms
108ms Script
application/javascript 198.24.170.52
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/cached/zonefiles/504_10650_hb.js?v=127520
Requested by: Host: server.cpmstar.com
URL: https://server.cpmstar.com/cached/js/lib.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.170.52 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7fe65305c77ccb295227aebeafd2706dacc58a11efc0405f1aa46b44c2c9293a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 21:49:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Sep 2020 21:48:29 GMT
Server: Microsoft-IIS/10.0
ETag: "80b415f16090d61:0"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 3720
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK view.aspx Show response
server.cpmstar.com/ 746 B
1 KB 110ms
110ms Script
text/html 198.24.170.52
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/view.aspx?poolid=21302&script=1&rnd=71085
Requested by: Host: dl4.9minecraft.net
URL: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.170.52 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: abae9235f423ad15462ace74f4c89257e67c2cb76f77e59cb53e1c27b9bd3483

Request headers

Referer: https://dl4.9minecraft.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 21:49:14 GMT
Server: Microsoft-IIS/10.0
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control: private,no-store, no-cache, must-revalidate
Content-Type: text/html; charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 mobilemodules.js Show response
ssl.cdne.cpmstar.com/cached/zonemasters/ 238 KB
65 KB 457ms
39ms Script
application/javascript 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=773
Requested by: Host: server.cpmstar.com
URL: https://server.cpmstar.com/cached/zonefiles/504_10650_hb.js?v=127520
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8DFE) /
Resource Hash: e48090f7272f805faa64155ad8f4f3f8a1caa04af222e2f962adb9a44bf8b207

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 21:49:14 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 06:07:32 GMT
server: ECAcc (lha/8DFE)
age: 99989
etag: "2c1cbc512cfd81:0+gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: max-age=259200
content-type: application/javascript
content-length: 66302

GET
H2 200 siteskin_v100.pack.js Show response
ssl.cdne.cpmstar.com/cached/js/ 15 KB
4 KB 447ms
36ms Script
application/javascript 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.cdne.cpmstar.com/cached/js/siteskin_v100.pack.js
Requested by: Host: dl4.9minecraft.net
URL: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8DD3) /
Resource Hash: 876a4fe5aff2bd7035c1ec6ff645b592aeebb2ea9b579ae8f065e011ed3440e4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 21:49:14 GMT
content-encoding: gzip
last-modified: Wed, 30 Dec 2020 08:30:21 GMT
server: ECAcc (lha/8DD3)
age: 11317
etag: "80cceb286ded61:0"
vary: Accept-Encoding
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-type: application/javascript
content-length: 4166

GET
H/1.1 200
OK view.aspx Show response
server.cpmstar.com/ 462 B
1001 B 110ms
110ms Script
application/javascript 198.24.170.52
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/view.aspx?poolid=37623&json=nc&rnd=298425&callback=xs54le
Requested by: Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/js/siteskin_v100.pack.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.170.52 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9d956fa3848494e89e1e68a21170fa835d283052b71342d34517ec547bc42bc6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 21:49:14 GMT
Server: Microsoft-IIS/10.0
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control: private,no-store, no-cache, must-revalidate
Content-Type: application/javascript; charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK country.aspx Show response
server.cpmstar.com/ 165 B
661 B 109ms
109ms Script
application/javascript 198.24.170.52
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/country.aspx?cache=true&referer=dl4.9minecraft.net&callback=k1dgvab
Requested by: Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=773
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.170.52 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7ad5fd59b209f0d6d575676a11b4dc5801f953c8add278103215d6adcf7731db

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache,no-cache
Date: Tue, 27 Sep 2022 21:49:14 GMT
Server: Microsoft-IIS/10.0
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control: no-cache,no-store, no-cache, must-revalidate
Content-Type: application/javascript; charset=utf-8
Content-Length: 165
Expires: -1,Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 GOT_EN_336x768_Left_New.jpg
ssl.cdne.cpmstar.com/cached/creatives/1298574/ 108 KB
108 KB 38ms
38ms Image
image/jpeg 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.cdne.cpmstar.com/cached/creatives/1298574/GOT_EN_336x768_Left_New.jpg
Requested by: Host: dl4.9minecraft.net
URL: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8D74) /
Resource Hash: 5c5e0d5e2e0026c552d94400da9af99f37946b7bc9fdc2dfd7b87455ef0abe5d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 21:49:14 GMT
last-modified: Mon, 26 Sep 2022 23:39:47 GMT
server: ECAcc (lha/8D74)
age: 79768
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: public
content-disposition: inline;filename=1298574_GOT_EN_336x768_Left_New.jpg
accept-ranges: bytes
content-type: image/jpeg
content-length: 110433
expires: Wed, 28 Sep 2022 21:49:15 GMT

GET
H2 200 GOT_EN_336x768_Right_New.jpg
ssl.cdne.cpmstar.com/cached/creatives/1298574/ 94 KB
94 KB 36ms
35ms Image
image/jpeg 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.cdne.cpmstar.com/cached/creatives/1298574/GOT_EN_336x768_Right_New.jpg
Requested by: Host: dl4.9minecraft.net
URL: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8DE2) /
Resource Hash: 91972d75bb5c367b3c66a956872c8886cc656da5b8f5629b4f79f3002dd5597e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 21:49:14 GMT
last-modified: Mon, 26 Sep 2022 23:39:47 GMT
server: ECAcc (lha/8DE2)
age: 79767
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: public
content-disposition: inline;filename=1298574_GOT_EN_336x768_Right_New.jpg
accept-ranges: bytes
content-type: image/jpeg
content-length: 96380
expires: Wed, 28 Sep 2022 21:49:15 GMT

GET
H2 200 d-intel.json Show response
ssl.cdne.cpmstar.com/cached/zonemasters/marks/ 13 KB
3 KB 138ms
35ms Fetch
application/json 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/marks/d-intel.json
Requested by: Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=773
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8CA2) /
Resource Hash: b2a466a2428d6edabd3ff287746d4568111c344b016364ce1e56214985f94f9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 21:49:15 GMT
content-encoding: gzip
last-modified: Sat, 16 Oct 2021 07:04:52 GMT
server: ECAcc (lha/8CA2)
age: 68556
etag: "4529b1d5cc2d71:0+gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: max-age=259200
content-type: application/json
content-length: 2709

GET
H2 200 lib.js Show response
ssl.cdne.cpmstar.com/cached/js/ 7 KB
2 KB 63ms
62ms Script
application/javascript 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.cdne.cpmstar.com/cached/js/lib.js
Requested by: Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=773
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8DBF) /
Resource Hash: 35f808834cfb012b89e04de8be8e367b48678a3d2eaf22fec539b7f0152fbc72

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 21:49:15 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 18:11:57 GMT
server: ECAcc (lha/8DBF)
age: 2486
etag: "8094b51ce9cfd61:0"
vary: Accept-Encoding
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-type: application/javascript
content-length: 2069

GET
H2 200 starprebid.js Show response
ssl.cdne.cpmstar.com/cached/zonemasters/lib/prebid/ 450 KB
135 KB 35ms
35ms Script
application/javascript 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/lib/prebid/starprebid.js?ver=773
Requested by: Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=773
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8D91) /
Resource Hash: 9961773b5f5f079c04c10465c8eabb3d246988ea165332cb128b2b5d677b7b37

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 21:49:15 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 19:50:14 GMT
server: ECAcc (lha/8D91)
age: 12688
etag: "3ed77e36bcc3d81:0+gzip"
vary: Accept-Encoding
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: max-age=259200
content-type: application/javascript
content-length: 138137

GET
H/1.1 200
OK view.aspx Show response
server.cpmstar.com/ 391 B
779 B 109ms
108ms Script
application/javascript 198.24.170.52
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/view.aspx?tfcd=0&poolid=84319&rnd=884702&fv=0&mv=1&json=c_m&callback=f19islq&referer=https%3A%2F%2Fdl4.9minecraft.net%2Findex.php&episode=current
Requested by: Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=773
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.170.52 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7d6720f4bd40de339507d3343d5a61dd67b4ea14bfdebb19b065fd0f19cce477

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 21:49:14 GMT
Server: Microsoft-IIS/10.0
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control: private,no-store, no-cache, must-revalidate
Content-Type: application/javascript; charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK view.aspx Show response
server.cpmstar.com/ 1 KB
2 KB 110ms
109ms Script
application/javascript 198.24.170.52
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/view.aspx?poolid=21303&json=c_m&callback=v16fb8l
Requested by: Host: server.cpmstar.com
URL: https://server.cpmstar.com/cached/js/lib.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.170.52 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 73f997120c315c0db21bf4b7550c4adefe844013aedfc46b04fca45a0677501b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 21:49:14 GMT
Server: Microsoft-IIS/10.0
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control: private,no-store, no-cache, must-revalidate
Content-Type: application/javascript; charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 300_x_250-1.png
ssl.cdne.cpmstar.com/cached/creatives/1313452/ Frame B8A9 158 KB
158 KB 38ms
37ms Image
image/png 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.cdne.cpmstar.com/cached/creatives/1313452/300_x_250-1.png
Requested by: Host: dl4.9minecraft.net
URL: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8D34) /
Resource Hash: a2d8e706870cf113e0226c0033cadf5f18345841073cae3b3b208b98d40e891c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 21:49:15 GMT
last-modified: Tue, 27 Sep 2022 01:43:19 GMT
server: ECAcc (lha/8D34)
age: 72356
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: public
content-disposition: inline;filename=1313452_300_x_250-1.png
accept-ranges: bytes
content-type: image/png
content-length: 161285
expires: Wed, 28 Sep 2022 21:49:16 GMT

GET
H2

200

ma8cw5
t.paydaythegame.com/imgp/ Frame B8A9
Redirect Chain

https://www.blindferret-trk.com/i/FNX4R/HWZWHQ/?source_id=21303&sub1=
https://t.paydaythegame.com/imgp/ma8cw5?sub1=10&sub2=21303&campaign_name=2022_t2_Q3_Payday2

43 B
358 B

697ms
190ms

Image
image/gif

100.21.192.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paydaythegame.com/imgp/ma8cw5?sub1=10&sub2=21303&campaign_name=2022_t2_Q3_Payday2
Requested by: Host: dl4.9minecraft.net
URL: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985
Protocol: H2
Server: 100.21.192.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-21-192-180.us-west-2.compute.amazonaws.com
Software: envoy /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 21:49:15 GMT
server: envoy
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 4
content-length: 43
expires: 0

Redirect headers

date: Tue, 27 Sep 2022 21:49:15 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: text/html; charset=utf-8
location: https://t.paydaythegame.com/imgp/ma8cw5?sub1=10&sub2=21303&campaign_name=2022_t2_Q3_Payday2
x-eflow-request-id: bfb7a338-f64f-4eda-9a48-2b58c0d3d3c1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 259 B
1 KB 264ms
160ms XHR
application/json 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/lib/prebid/starprebid.js?ver=773

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

83d36a6b830f00fd0d24a5adfbb6708660384ad8e2fdc8d5da80137046f3fed1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://dl4.9minecraft.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 21:49:15 GMT
X-Proxy-Origin: 217.138.196.107; 217.138.196.107; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9d4a7f4c-dd3f-4a30-8ad6-a0ef3966baa7
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://dl4.9minecraft.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 259
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
331 B 152ms
42ms XHR
application/json 79.125.67.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1664315355130&to=0&aun=%2FDl.9minecraft.net%2F%2421302&maxw=970&maxh=250&si=15990&pi=3&bf=728x90%2C970x90%2C970x250%2C970x250&gdprApplies=0&schain=1.0%2C1!cpmstar.com%2C10650%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fdl4.9minecraft.net%2Findex.php%3Fact%3Ddl%26id%3D1569394985&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.5.0%22%7D&ogu=null&ns=9216
Requested by: Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/lib/prebid/starprebid.js?ver=773
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.67.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-67-2.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://dl4.9minecraft.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 21:49:15 GMT
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://dl4.9minecraft.net
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 414 B
946 B 166ms
56ms XHR
application/json 79.125.67.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1664315355130&to=0&aun=%2FDl.9minecraft.net%2F%2421303&maxw=300&maxh=250&si=15898&pi=3&bf=300x250&gdprApplies=0&schain=1.0%2C1!cpmstar.com%2C10650%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fdl4.9minecraft.net%2Findex.php%3Fact%3Ddl%26id%3D1569394985&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.5.0%22%7D&ogu=null&ns=9216
Requested by: Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/lib/prebid/starprebid.js?ver=773
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.67.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-67-2.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 90c4e66f5f27c2600df3dd4bb3c8f2d607a28808f83088e132266c78dc53feb9

Request headers

Referer: https://dl4.9minecraft.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 21:49:15 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://dl4.9minecraft.net
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
391 B 600ms
151ms XHR
application/json 159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/lib/prebid/starprebid.js?ver=773
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://dl4.9minecraft.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Sep 2022 21:49:15 GMT
content-encoding: gzip
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://dl4.9minecraft.net
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
content-length: 42

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 93 B
744 B 278ms
122ms XHR
application/json 72.251.249.13
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.5.0
Requested by: Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/lib/prebid/starprebid.js?ver=773
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 5ac46f0abe893987555a2b2e41869dd2465dfe65b9c05a0387f1dbb9b1099a40

Request headers

Referer: https://dl4.9minecraft.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 27 Sep 2022 21:49:15 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://dl4.9minecraft.net
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 97

GET
H/1.1 200
OK view.aspx Show response
server.cpmstar.com/ 1 KB
2 KB 115ms
115ms Script
application/javascript 198.24.170.52
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/view.aspx?tfcd=0&poolid=21302&json=c_mp&mv=1&gampb=1&callback=c1742hi&referer=https%3A%2F%2Fdl4.9minecraft.net%2Findex.php
Requested by: Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=773
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.170.52 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 806e2b7a71ce926d7ef69ab2d42afefd452f14f20cde2e56185c537055a73c2b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 21:49:14 GMT
Server: Microsoft-IIS/10.0
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control: private,no-store, no-cache, must-revalidate
Content-Type: application/javascript; charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK view.aspx Show response
server.cpmstar.com/ 2 KB
2 KB 110ms
110ms Script
application/javascript 198.24.170.52
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/view.aspx?tfcd=0&poolid=21303&json=c_mp&mv=1&gampb=1&callback=hkoinf&referer=https%3A%2F%2Fdl4.9minecraft.net%2Findex.php
Requested by: Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=773
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.170.52 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 1fab0751de93bcc3f90ec8b9dc8becacc8c64a60ed8fe88420c9fc4b232d18d7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 21:49:15 GMT
Server: Microsoft-IIS/10.0
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control: private,no-store, no-cache, must-revalidate
Content-Type: application/javascript; charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK tag.aspx Show response
server.cpmstar.com/ 0
0 108ms
108ms Script
text/html 198.24.170.52
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/tag.aspx?a=0_0176D4A8&group=58
Requested by: Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=773
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.170.52 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H/1.1 200
OK view.aspx Show response
server.cpmstar.com/ 0
339 B 109ms
108ms Script
text/html 198.24.170.52
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/view.aspx?poolid=0&script=1&json=nc&callback=b1iq2op&rnd=899752&tfcd=0&
Requested by: Host: ssl.cdne.cpmstar.com
URL: https://ssl.cdne.cpmstar.com/cached/zonemasters/mobilemodules.js?ver=773
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.170.52 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 21:49:15 GMT
Server: Microsoft-IIS/10.0
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control: private,no-store, no-cache, must-revalidate
Content-Type: text/html
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

ma8cw5
t.paydaythegame.com/imgp/ Frame 109F
Redirect Chain

https://www.blindferret-trk.com/i/FNX4R/HWZWHQ/?source_id=21303&sub1=
https://t.paydaythegame.com/imgp/ma8cw5?sub1=10&sub2=21303&campaign_name=2022_t2_Q3_Payday2

43 B
254 B

200ms
191ms

Image
image/gif

100.21.192.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paydaythegame.com/imgp/ma8cw5?sub1=10&sub2=21303&campaign_name=2022_t2_Q3_Payday2
Requested by: Host: dl4.9minecraft.net
URL: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985
Protocol: H2
Server: 100.21.192.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-21-192-180.us-west-2.compute.amazonaws.com
Software: envoy /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 21:49:15 GMT
server: envoy
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 4
content-length: 43
expires: 0

Redirect headers

date: Tue, 27 Sep 2022 21:49:15 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: text/html; charset=utf-8
location: https://t.paydaythegame.com/imgp/ma8cw5?sub1=10&sub2=21303&campaign_name=2022_t2_Q3_Payday2
x-eflow-request-id: 1b0faa94-1cbb-47e1-91ca-352bd5b32aca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122

GET
H2 200 got_banner_728x90_en_new.jpg
ssl.cdne.cpmstar.com/cached/creatives/1298505/ Frame 21FF 37 KB
37 KB 43ms
41ms Image
image/jpeg 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.cdne.cpmstar.com/cached/creatives/1298505/got_banner_728x90_en_new.jpg
Requested by: Host: dl4.9minecraft.net
URL: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8C92) /
Resource Hash: 7850393086e237064a2b759f5e4cbd48432937cdf390b80d93bb5f4396ad8475

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 21:49:15 GMT
last-modified: Tue, 27 Sep 2022 13:35:30 GMT
server: ECAcc (lha/8C92)
age: 29625
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: public
content-disposition: inline;filename=1298505_got_banner_728x90_en_new.jpg
accept-ranges: bytes
content-type: image/jpeg
content-length: 37453
expires: Wed, 28 Sep 2022 21:49:16 GMT

GET
H/1.1 200
OK pixel.aspx
server.cpmstar.com/ Frame 21FF 43 B
552 B 110ms
109ms Image
image/gif 198.24.170.52
SS-ASH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.cpmstar.com/pixel.aspx?poolid=21302&campaignid=476593&creativeid=1298505&pixelid=PX_CR&sp=6.13098406569184&s=1664315355_CD7FA4CC&referer=https%3a%2f%2fdl4.9minecraft.net%2findex.php
Requested by: Host: dl4.9minecraft.net
URL: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.170.52 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 21:49:15 GMT
Server: Microsoft-IIS/10.0
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control: private,no-store, no-cache, must-revalidate
Content-Type: image/gif
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 BankRobberyPEGI_300x250.png
ssl.cdne.cpmstar.com/cached/creatives/1312504/ Frame 109F 135 KB
135 KB 40ms
39ms Image
image/png 152.199.21.117
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.cdne.cpmstar.com/cached/creatives/1312504/BankRobberyPEGI_300x250.png
Requested by: Host: dl4.9minecraft.net
URL: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.117 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lha/8D13) /
Resource Hash: 47a69ecbf3fae729a4aa7186f2406ac798f3de4b57843bef52ce09fb19affc60

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 21:49:15 GMT
last-modified: Tue, 27 Sep 2022 18:47:30 GMT
server: ECAcc (lha/8D13)
age: 10905
x-cache: HIT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
access-control-allow-origin: *
cache-control: public
content-disposition: inline;filename=1312504_BankRobberyPEGI_300x250.png
accept-ranges: bytes
content-type: image/png
content-length: 138094
expires: Wed, 28 Sep 2022 21:49:16 GMT

GET
H/1.1 200
OK pixel.aspx
server.cpmstar.com/ Frame 109F 43 B
588 B 202ms
110ms Image
image/gif 198.24.170.52
SS-ASH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.cpmstar.com/pixel.aspx?poolid=21303&campaignid=479491&creativeid=1312504&pixelid=PX_CR&sp=479.88277841941&s=1664315355_C6D660D5&referer=https%3a%2f%2fdl4.9minecraft.net%2findex.php
Requested by: Host: dl4.9minecraft.net
URL: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.170.52 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://dl4.9minecraft.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 21:49:15 GMT
Server: Microsoft-IIS/10.0
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Cache-Control: private,no-store, no-cache, must-revalidate
Content-Type: image/gif
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.server.cpmstar.com/	1970-01-20 15:54:35	Name: USER_ID Value: %c7%c7%e9%fb%3b%a6%e8%08%16P%ba%22%e2%82%f2
.server.cpmstar.com/	1970-01-20 07:01:47	Name: n25 Value: 0,37623,476594,1298574,1664315354,0
.server.cpmstar.com/	1970-01-20 15:54:35	Name: r Value: 0_58_1664315355
.gumgum.com/	1970-01-20 15:04:11	Name: cs Value: true
.gumgum.com/	1970-01-20 07:01:47	Name: loc Value: IJeU5cAuwbe7D5nF2Fd1iLxQQp5Ju4QwZaN3-z92u61HhoQofzBJmASp143X5hqE_HqzfSs4lk1H4Io2P9lVaI3OxXWmpeQMlOL2S4NuRJogkjwg1DLbcJTjkz6rKz9X
.gumgum.com/	1970-01-20 15:04:11	Name: vst Value: e_12992044-b169-4953-afb7-3d0a255bd6f7
www.blindferret-trk.com/	1970-01-20 07:01:47	Name: imp_transaction_id Value: 072857f908f34c23bb56f5d0ca1a8a4e
.adnxs.com/	1970-01-20 08:28:11	Name: icu Value: ChgIqphgEAoYASABKAEw29_NmQY4AUABSAEQ29_NmQYYAA..
.adnxs.com/	1970-01-20 08:28:11	Name: uuid2 Value: 8789068056372804069
.lijit.com/	1970-01-20 15:04:11	Name: ljtrtb Value: eJyrrgUAAXUA%2BQ%3D%3D
.lijit.com/	1970-01-20 15:04:11	Name: ljt_reader Value: FY2dqBZHzLwNzMkLSROYQ8kx
.serverbid.com/	1970-01-20 06:40:11	Name: CONSUMABLEID Value: 2a02fa536ed74ff182fa536ed74ff16f
.server.cpmstar.com/	1970-01-20 07:01:47	Name: n1 Value: 0,21302,476593,1298505,1664315355,0
.server.cpmstar.com/	1970-01-20 07:01:47	Name: n3 Value: 0,21303,479491,1313452,1664315355,0\|0,21303,479491,1312504,1664315355,0
t.paydaythegame.com/	1970-01-20 15:04:11	Name: session_id Value: 1ed3eae3-b61b-6e8c-879c-4a67009febcd
t.paydaythegame.com/	1970-01-20 06:20:01	Name: session_id_ma8cw5_impression Value: 1ed3eae3-b61b-6e8c-879c-4a67009febcd

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985(Line 46) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://server.cpmstar.com/view.aspx?poolid=21303&script=1&rnd=443946, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985(Line 46) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://server.cpmstar.com/view.aspx?poolid=21303&script=1&rnd=443946, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985(Line 56) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://server.cpmstar.com/view.aspx?poolid=21303&script=1&rnd=431896, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985(Line 56) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://server.cpmstar.com/view.aspx?poolid=21303&script=1&rnd=431896, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985(Line 123) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://server.cpmstar.com/view.aspx?poolid=21302&script=1&rnd=71085, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dl4.9minecraft.net/index.php?act=dl&id=1569394985(Line 123) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://server.cpmstar.com/view.aspx?poolid=21302&script=1&rnd=71085, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ap.lijit.com
dl4.9minecraft.net
e.serverbid.com
fonts.googleapis.com
g2.gumgum.com
ib.adnxs.com
server.cpmstar.com
ssl.cdne.cpmstar.com
t.paydaythegame.com
www.blindferret-trk.com
100.21.192.180
152.199.21.117
159.89.246.130
185.89.211.116
198.24.170.52
213.219.39.26
2a00:1450:400d:80c::200a
34.120.20.117
72.251.249.13
79.125.67.2
1fab0751de93bcc3f90ec8b9dc8becacc8c64a60ed8fe88420c9fc4b232d18d7
35f808834cfb012b89e04de8be8e367b48678a3d2eaf22fec539b7f0152fbc72
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44e611347e788b29fc0217b974a375bd657f091547707ba2488508343a49a576
47a69ecbf3fae729a4aa7186f2406ac798f3de4b57843bef52ce09fb19affc60
549eee1f5a6f50384324a9fa2f786e26c4900c3f51e753adc0fedf11d4f1ff3d
58cbefaf0f461dc0670eaff4da9f2a2e4f1000e1dfebec0ba390f9859b7792f6
5ac46f0abe893987555a2b2e41869dd2465dfe65b9c05a0387f1dbb9b1099a40
5c5e0d5e2e0026c552d94400da9af99f37946b7bc9fdc2dfd7b87455ef0abe5d
73f997120c315c0db21bf4b7550c4adefe844013aedfc46b04fca45a0677501b
7850393086e237064a2b759f5e4cbd48432937cdf390b80d93bb5f4396ad8475
7ad5fd59b209f0d6d575676a11b4dc5801f953c8add278103215d6adcf7731db
7d6720f4bd40de339507d3343d5a61dd67b4ea14bfdebb19b065fd0f19cce477
7fe65305c77ccb295227aebeafd2706dacc58a11efc0405f1aa46b44c2c9293a
806e2b7a71ce926d7ef69ab2d42afefd452f14f20cde2e56185c537055a73c2b
83d36a6b830f00fd0d24a5adfbb6708660384ad8e2fdc8d5da80137046f3fed1
876a4fe5aff2bd7035c1ec6ff645b592aeebb2ea9b579ae8f065e011ed3440e4
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
90c4e66f5f27c2600df3dd4bb3c8f2d607a28808f83088e132266c78dc53feb9
91972d75bb5c367b3c66a956872c8886cc656da5b8f5629b4f79f3002dd5597e
9961773b5f5f079c04c10465c8eabb3d246988ea165332cb128b2b5d677b7b37
9d956fa3848494e89e1e68a21170fa835d283052b71342d34517ec547bc42bc6
a2d8e706870cf113e0226c0033cadf5f18345841073cae3b3b208b98d40e891c
abae9235f423ad15462ace74f4c89257e67c2cb76f77e59cb53e1c27b9bd3483
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2a466a2428d6edabd3ff287746d4568111c344b016364ce1e56214985f94f9e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48090f7272f805faa64155ad8f4f3f8a1caa04af222e2f962adb9a44bf8b207
fc83b1e1cf76533991605d7b814f984859260f3cbf91985c37c612834a735856

dl4.9minecraft.net Open in urlscan Pro 213.219.39.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

35 Requests

94 %HTTPS

10 %IPv6

9 Domains

10 Subdomains

9 IPs

5 Countries

783 kBTransfer

1323 kBSize

16 Cookies

2 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dl4.9minecraft.net Open in urlscan Pro
213.219.39.26 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

94 %
HTTPS

10 %
IPv6

9
Domains

10
Subdomains

9
IPs

5
Countries

783 kB
Transfer

1323 kB
Size

16
Cookies

35 HTTP transactions
0 data transactions