Report - mkkuei4kdsz.com/286/114.htmlp

Report Overview

Submitted URL
mkkuei4kdsz.com/286/114.htmlp
IP
64.225.91.73
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2024-05-10 12:05:23
Access
public
Website Title
Bester Online-Buchmacher » Legale Wetten mit dem 20Bet Wettbüro
Final URL
20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	1.6 kB	103 kB	142.250.74.99
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	493 B	6.1 kB	142.250.74.106
domaincntrol.com	274993	2017-03-03	2018-01-06	2024-03-28	467 B	482 B	104.18.26.45
ww2.mkkuei4kdsz.com	unknown	2020-04-15	2022-01-21	2024-03-24	2.6 kB	1.9 kB	64.190.63.136
platdom-1.online	unknown	2024-04-24	2024-05-03	2024-05-08	1.6 kB	4.1 kB	3.33.192.145
20winlp.com	unknown	2023-08-10	2023-08-10	2024-04-15	8.7 kB	1.7 MB	37.252.8.161
mkkuei4kdsz.com	unknown	2020-04-15	2012-11-29	2023-07-12	483 B	592 B	64.225.91.73
xml-v4.clouback-2.online	unknown	unknown	No data	No data	512 B	221 B	173.239.53.32
media.toxtren.com	unknown	2023-07-03	2023-07-21	2024-05-02	515 B	1.2 kB	13.107.213.53

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	mkkuei4kdsz.com	Sinkholed
2024-05-10	medium	mkkuei4kdsz.com	Sinkholed
2024-05-10	medium	mkkuei4kdsz.com	Sinkholed
2024-05-10	medium	mkkuei4kdsz.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (1)

	URL	Size	First Seen	Last Seen
	20winlp.com/barcelona-bayer/de/js/refers.js	1.1 kB	2024-05-10	2024-05-18
Pretty URL 20winlp.com/barcelona-bayer/de/js/refers.js IP 37.252.8.161 ASN #42708 GleSYS AB Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 14:05:30 Last Seen2024-05-18 10:05:07 Times Seen3 Hash 542944cb336d0da1fcafeb544a6d4f4f 43638c05d8c94aa594e4197f2901180c57f0b840 510d9a54bbb843863a5fa8806e7986921b21fa564a23b1d5365193f15e838ae1 Loading...

HTTP Transactions (30)

URL IP Response Size

mkkuei4kdsz.com/286/114.htmlp

64.225.91.73

336 B

URL
mkkuei4kdsz.com/286/114.htmlp
IP
64.225.91.73:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document, ASCII text
Size
336 B (336 bytes)
Hash
3b03d93d3487806337b5c6443ce7a62d
93a7a790bb6348606cbdaf5daeaaf4ea8cf731d0
7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /286/114.htmlp HTTP/1.1
Host: mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 12:04:57 GMT
Content-Type: text/html
Last-Modified: Wed, 22 Feb 2023 21:25:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63f68860-251"
Content-Encoding: gzip

domaincntrol.com/?orighost=https://mkkuei4kdsz.com/286/114.htmlp

104.18.26.45

28 B

URL
domaincntrol.com/?orighost=https://mkkuei4kdsz.com/286/114.htmlp
IP
104.18.26.45:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
28 B (28 bytes)
Hash
7aae16ed70d2e07943585bbb1cd02b55
3209123510c034e6e38ca45edf14307f1375a8f5
51bfb53a70df6adc48f0670be59a16a657ab5a2bafc176973a32d5c36a4fc5d3

HTTP Headers

GET /?orighost=https://mkkuei4kdsz.com/286/114.htmlp HTTP/1.1
Host: domaincntrol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mkkuei4kdsz.com/
Origin: https://mkkuei4kdsz.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 12:04:57 GMT
content-type: text/javascript;charset=UTF-8
content-length: 28
access-control-allow-origin: *
x_details: {"destination":"sedo","orighost":"mkkuei4kdsz.com","type":"org","finalurl":"http://ww2.mkkuei4kdsz.com","browser":"firefox","os":"linux","country":"NO","device":"desktop","isbot":false,"botscore":99}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819cb739cff56b7-OSL
X-Firefox-Spdy: h2

ww2.mkkuei4kdsz.com/search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTcxNTM0MjcwMDZmOWNiMWRmNTk2OGM0ZTBmOTM3NDc0NzAzNDIwZTk1&crc=46c968334798fc2867d77625d8997b029a07a389&cv=1

64.190.63.136

0 B

URL
ww2.mkkuei4kdsz.com/search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTcxNTM0MjcwMDZmOWNiMWRmNTk2OGM0ZTBmOTM3NDc0NzAzNDIwZTk1&crc=46c968334798fc2867d77625d8997b029a07a389&cv=1
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTcxNTM0MjcwMDZmOWNiMWRmNTk2OGM0ZTBmOTM3NDc0NzAzNDIwZTk1&crc=46c968334798fc2867d77625d8997b029a07a389&cv=1 HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww2.mkkuei4kdsz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Fri, 10 May 2024 12:05:00 GMT
server: NginX
x-cache-miss-from: parking-7cbf88ff6b-zv9hm
x-powered-by: PHP/8.1.17
content-length: 0
X-Firefox-Spdy: h2

ww2.mkkuei4kdsz.com/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DIrYwiUwyEtg_0&v=YTAyZGY0MjQ0MDFkNjY1ODZlOTI1OWZmZTU0YTEwMDMJMQl3dzIubWtrdWVpNGtkc3ouY29tNjYzZTBkNmEyMGM2YjcuOTI2ODU2NTIJd3cyLm1ra3VlaTRrZHN6LmNvbTY2M2UwZDZhMjBjOTMzLjgzNzIxMTcwCTE3MTUzNDI3MDAJYWRfNjNfMA%3D%3D&l=OAk1ZmJlZmFjMDRlMGIzY2JjYmE4NDUyNDMzNTlhNDk5MgkwCTM1CTAJNGM1MTA4NDU5M2ZkOGNjYTE5MjAxNWRjMWUwNWZiNjMJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE3MTUzNDI3MDAJMC4wMDAzOTcJTgkwCTEJMTgwNQkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMQ%253D%253D

64.190.63.136

0 B

URL
ww2.mkkuei4kdsz.com/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DIrYwiUwyEtg_0&v=YTAyZGY0MjQ0MDFkNjY1ODZlOTI1OWZmZTU0YTEwMDMJMQl3dzIubWtrdWVpNGtkc3ouY29tNjYzZTBkNmEyMGM2YjcuOTI2ODU2NTIJd3cyLm1ra3VlaTRrZHN6LmNvbTY2M2UwZDZhMjBjOTMzLjgzNzIxMTcwCTE3MTUzNDI3MDAJYWRfNjNfMA%3D%3D&l=OAk1ZmJlZmFjMDRlMGIzY2JjYmE4NDUyNDMzNTlhNDk5MgkwCTM1CTAJNGM1MTA4NDU5M2ZkOGNjYTE5MjAxNWRjMWUwNWZiNjMJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE3MTUzNDI3MDAJMC4wMDAzOTcJTgkwCTEJMTgwNQkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMQ%253D%253D
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DIrYwiUwyEtg_0&v=YTAyZGY0MjQ0MDFkNjY1ODZlOTI1OWZmZTU0YTEwMDMJMQl3dzIubWtrdWVpNGtkc3ouY29tNjYzZTBkNmEyMGM2YjcuOTI2ODU2NTIJd3cyLm1ra3VlaTRrZHN6LmNvbTY2M2UwZDZhMjBjOTMzLjgzNzIxMTcwCTE3MTUzNDI3MDAJYWRfNjNfMA%3D%3D&l=OAk1ZmJlZmFjMDRlMGIzY2JjYmE4NDUyNDMzNTlhNDk5MgkwCTM1CTAJNGM1MTA4NDU5M2ZkOGNjYTE5MjAxNWRjMWUwNWZiNjMJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE3MTUzNDI3MDAJMC4wMDAzOTcJTgkwCTEJMTgwNQkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMQ%253D%253D HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww2.mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Fri, 10 May 2024 12:05:00 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 10 May 2024 12:05:00 GMT
location: /search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DIrYwiUwyEtg_0&v=YTAyZGY0MjQ0MDFkNjY1ODZlOTI1OWZmZTU0YTEwMDMJMQl3dzIubWtrdWVpNGtkc3ouY29tNjYzZTBkNmEyMGM2YjcuOTI2ODU2NTIJd3cyLm1ra3VlaTRrZHN6LmNvbTY2M2UwZDZhMjBjOTMzLjgzNzIxMTcwCTE3MTUzNDI3MDAJYWRfNjNfMA%3D%3D&l=OAk1ZmJlZmFjMDRlMGIzY2JjYmE4NDUyNDMzNTlhNDk5MgkwCTM1CTAJNGM1MTA4NDU5M2ZkOGNjYTE5MjAxNWRjMWUwNWZiNjMJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE3MTUzNDI3MDAJMC4wMDAzOTcJTgkwCTEJMTgwNQkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMQ%253D%253D
pragma: no-cache
server: NginX
x-cache-miss-from: parking-7cbf88ff6b-7flh7
x-powered-by: PHP/8.1.17
content-length: 0
X-Firefox-Spdy: h2

ww2.mkkuei4kdsz.com/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DIrYwiUwyEtg_0&v=YTAyZGY0MjQ0MDFkNjY1ODZlOTI1OWZmZTU0YTEwMDMJMQl3dzIubWtrdWVpNGtkc3ouY29tNjYzZTBkNmEyMGM2YjcuOTI2ODU2NTIJd3cyLm1ra3VlaTRrZHN6LmNvbTY2M2UwZDZhMjBjOTMzLjgzNzIxMTcwCTE3MTUzNDI3MDAJYWRfNjNfMA%3D%3D&l=OAk1ZmJlZmFjMDRlMGIzY2JjYmE4NDUyNDMzNTlhNDk5MgkwCTM1CTAJNGM1MTA4NDU5M2ZkOGNjYTE5MjAxNWRjMWUwNWZiNjMJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE3MTUzNDI3MDAJMC4wMDAzOTcJTgkwCTEJMTgwNQkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMQ%253D%253D

64.190.63.136

313 B

URL
ww2.mkkuei4kdsz.com/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DIrYwiUwyEtg_0&v=YTAyZGY0MjQ0MDFkNjY1ODZlOTI1OWZmZTU0YTEwMDMJMQl3dzIubWtrdWVpNGtkc3ouY29tNjYzZTBkNmEyMGM2YjcuOTI2ODU2NTIJd3cyLm1ra3VlaTRrZHN6LmNvbTY2M2UwZDZhMjBjOTMzLjgzNzIxMTcwCTE3MTUzNDI3MDAJYWRfNjNfMA%3D%3D&l=OAk1ZmJlZmFjMDRlMGIzY2JjYmE4NDUyNDMzNTlhNDk5MgkwCTM1CTAJNGM1MTA4NDU5M2ZkOGNjYTE5MjAxNWRjMWUwNWZiNjMJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE3MTUzNDI3MDAJMC4wMDAzOTcJTgkwCTEJMTgwNQkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMQ%253D%253D
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type
HTML document, ASCII text
Size
313 B (313 bytes)
Hash
8a5cab488b78e60ec5fa5882c7b0f475
6dc59b945606672b276bc6cb6e7cf3bcfa772893
5a9660456173b62a65c4178f559cfa56f73c658556219e6d02a96488b36977bc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DIrYwiUwyEtg_0&v=YTAyZGY0MjQ0MDFkNjY1ODZlOTI1OWZmZTU0YTEwMDMJMQl3dzIubWtrdWVpNGtkc3ouY29tNjYzZTBkNmEyMGM2YjcuOTI2ODU2NTIJd3cyLm1ra3VlaTRrZHN6LmNvbTY2M2UwZDZhMjBjOTMzLjgzNzIxMTcwCTE3MTUzNDI3MDAJYWRfNjNfMA%3D%3D&l=OAk1ZmJlZmFjMDRlMGIzY2JjYmE4NDUyNDMzNTlhNDk5MgkwCTM1CTAJNGM1MTA4NDU5M2ZkOGNjYTE5MjAxNWRjMWUwNWZiNjMJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE3MTUzNDI3MDAJMC4wMDAzOTcJTgkwCTEJMTgwNQkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMQ%253D%253D HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww2.mkkuei4kdsz.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Fri, 10 May 2024 12:05:00 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 10 May 2024 12:05:00 GMT
location: https://xml.sedodna.com/click?i=IrYwiUwyEtg_0
pragma: no-cache
server: NginX
x-cache-miss-from: parking-7cbf88ff6b-w8ldc
x-powered-by: PHP/8.1.17
X-Firefox-Spdy: h2

platdom-1.online/api/v1/px?xmlid=GaE3HhrGXG0rzlBUB2SiqmzwuEgmV9dEk1G3yE6j

3.33.192.145

1.1 kB

URL
platdom-1.online/api/v1/px?xmlid=GaE3HhrGXG0rzlBUB2SiqmzwuEgmV9dEk1G3yE6j
IP
3.33.192.145:0
ASN
#16509 AMAZON-02

File type
gzip compressed data, from Unix
Size
1.1 kB (1117 bytes)
Hash
52b1d4a62f3f88b8c6f78b95f9ff672d
98a597632c8354461f6e3884174d9253edf07c71
fab53b9e20851ec57e4cc082ec24f143f9958baebb7106b8c29235a8c2246457

HTTP Headers

GET /api/v1/px?xmlid=GaE3HhrGXG0rzlBUB2SiqmzwuEgmV9dEk1G3yE6j HTTP/1.1
Host: platdom-1.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 12:05:01 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
etag: W/"8ad-n80aj3JCX2eRSJqSdidPlFNGGdE"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

xml-v4.clouback-2.online/click?seat=368919&i=2pP553L9qnA_0

173.239.53.32

302 Found

0 B

URL User Request GET HTTP/1.1
xml-v4.clouback-2.online/click?seat=368919&i=2pP553L9qnA_0
IP
173.239.53.32:443
ASN
#27257 WEBAIR-INTERNET

Certificate
IssuerLet's Encrypt
Subjectclouback-2.online
FingerprintCE:3C:67:1D:72:45:71:C9:58:A5:D9:F5:72:0D:3A:AA:FA:D7:3D:30
ValidityWed, 24 Apr 2024 14:28:27 GMT - Tue, 23 Jul 2024 14:28:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?seat=368919&i=2pP553L9qnA_0 HTTP/1.1
Host: xml-v4.clouback-2.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 10 May 2024 12:05:02 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://media.toxtren.com/redirect.aspx?pid=256077&bid=2146&lpid=1686

media.toxtren.com/redirect.aspx?pid=256077&bid=2146&lpid=1686

13.107.213.53

307 Temporary Redirect

0 B

URL User Request GET HTTP/2
media.toxtren.com/redirect.aspx?pid=256077&bid=2146&lpid=1686
IP
13.107.213.53:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerSectigo Limited
Subjecttoxtren.com
Fingerprint69:B4:EF:A9:0D:63:73:6B:57:48:78:33:BE:76:F0:45:69:A3:A4:52
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect.aspx?pid=256077&bid=2146&lpid=1686 HTTP/1.1
Host: media.toxtren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
date: Fri, 10 May 2024 12:05:02 GMT
content-type: text/html
content-length: 0
cache-control: private,no-cache, no-store
pragma: no-cache
location: https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a256077%2c%22BID%22%3a2146%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1715342702557)%5c%2f%22%2c%22CookieTag%22%3a%222146256077451240919C2024510125%22%7d%5d; SameSite=None;; domain=.toxtren.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22e5fb1850-95d6-447a-b15b-fc27d378fc75%7c0%22%7d%5d; domain=.toxtren.com; expires=Sat, 10-May-3023 12:05:02 GMT; path=/; secure; SameSite=Strict
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
x-azure-ref: 20240510T120502Z-er15bb998b7jkprxhhpw58pbtc0000000710000000000eke
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2

20winlp.com/barcelona-bayer/de/img/psj_benfica.png

37.252.8.161

200 OK

176 kB

URL GET HTTP/2
20winlp.com/barcelona-bayer/de/img/psj_benfica.png
IP
37.252.8.161:443
ASN
#42708 GleSYS AB

Requested by
https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Certificate
IssuerLet's Encrypt
Subject20winlp.com
Fingerprint89:29:90:91:29:7C:9E:CB:1E:84:7D:35:18:28:AB:0B:CA:77:FC:69
ValiditySun, 14 Apr 2024 23:04:13 GMT - Sat, 13 Jul 2024 23:04:12 GMT

File type
PNG image data, 648 x 1080, 8-bit/color RGBA, non-interlaced
Size
176 kB (175810 bytes)
Hash
034e0a0cb35daef41ffb7aad286e140c
03eb2578bc75f860a270dff8fb15c4862a9de732
05f5657a52c398b6cded49e111bbd42e41ebf0df3f62dbdae896c01e50467e83

HTTP Headers

GET /barcelona-bayer/de/img/psj_benfica.png HTTP/1.1
Host: 20winlp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.1
date: Fri, 10 May 2024 12:05:03 GMT
content-type: image/png
content-length: 175810
last-modified: Thu, 10 Aug 2023 10:00:36 GMT
etag: "64d4b544-2aec2"
expires: Fri, 10 May 2024 12:10:03 GMT
cache-control: max-age=300
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2

20winlp.com/barcelona-bayer/de/img/20bet-logo.svg

37.252.8.161

200 OK

17 kB

URL GET HTTP/2
20winlp.com/barcelona-bayer/de/img/20bet-logo.svg
IP
37.252.8.161:443
ASN
#42708 GleSYS AB

Requested by
https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Certificate
IssuerLet's Encrypt
Subject20winlp.com
Fingerprint89:29:90:91:29:7C:9E:CB:1E:84:7D:35:18:28:AB:0B:CA:77:FC:69
ValiditySun, 14 Apr 2024 23:04:13 GMT - Sat, 13 Jul 2024 23:04:12 GMT

File type
SVG Scalable Vector Graphics image
Size
17 kB (16759 bytes)
Hash
d1cbb9c5587eff030f6943d5c354726c
fe33665b682f913ae902c0ffe99d05db51907ce4
033012e9f9b68749619cce6cc311c2333ffdaae98102c21927dd7e63d936b5d0

HTTP Headers

GET /barcelona-bayer/de/img/20bet-logo.svg HTTP/1.1
Host: 20winlp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.1
date: Fri, 10 May 2024 12:05:03 GMT
content-type: image/svg+xml
content-length: 16759
last-modified: Thu, 10 Aug 2023 10:00:36 GMT
etag: "64d4b544-4177"
expires: Fri, 10 May 2024 12:10:03 GMT
cache-control: max-age=300
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2

20winlp.com/barcelona-bayer/de/img/Logo_UEFA_Champions_League.svg

37.252.8.161

200 OK

12 kB

URL GET HTTP/2
20winlp.com/barcelona-bayer/de/img/Logo_UEFA_Champions_League.svg
IP
37.252.8.161:443
ASN
#42708 GleSYS AB

Requested by
https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Certificate
IssuerLet's Encrypt
Subject20winlp.com
Fingerprint89:29:90:91:29:7C:9E:CB:1E:84:7D:35:18:28:AB:0B:CA:77:FC:69
ValiditySun, 14 Apr 2024 23:04:13 GMT - Sat, 13 Jul 2024 23:04:12 GMT

File type
SVG Scalable Vector Graphics image
Size
12 kB (11922 bytes)
Hash
79020da9ed95b4220d771c06c31dd832
1a3d05a265064a23af46b9f499a8e5cf4cae134c
3a246a1ea26e2895ffae5e73bc6192270b9e1001b6e8bcc517b7a8644222d07d

HTTP Headers

GET /barcelona-bayer/de/img/Logo_UEFA_Champions_League.svg HTTP/1.1
Host: 20winlp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.1
date: Fri, 10 May 2024 12:05:03 GMT
content-type: image/svg+xml
content-length: 11922
last-modified: Thu, 10 Aug 2023 10:00:36 GMT
etag: "64d4b544-2e92"
expires: Fri, 10 May 2024 12:10:03 GMT
cache-control: max-age=300
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2

20winlp.com/barcelona-bayer/de/img/bcn.png

37.252.8.161

200 OK

5.2 kB

URL GET HTTP/2
20winlp.com/barcelona-bayer/de/img/bcn.png
IP
37.252.8.161:443
ASN
#42708 GleSYS AB

Requested by
https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Certificate
IssuerLet's Encrypt
Subject20winlp.com
Fingerprint89:29:90:91:29:7C:9E:CB:1E:84:7D:35:18:28:AB:0B:CA:77:FC:69
ValiditySun, 14 Apr 2024 23:04:13 GMT - Sat, 13 Jul 2024 23:04:12 GMT

File type
PNG image data, 73 x 75, 8-bit/color RGBA, non-interlaced
Size
5.2 kB (5234 bytes)
Hash
85de86c7edf8bb1b0cbc5609c38ac05f
2de161cc2cfb02cb367bd3e380b0eb0609a9e118
23ab7badb175d28200aec5f5e47dd32a91ed831464eeac060ab7c665e8de38b9

HTTP Headers

GET /barcelona-bayer/de/img/bcn.png HTTP/1.1
Host: 20winlp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.1
date: Fri, 10 May 2024 12:05:03 GMT
content-type: image/png
content-length: 5234
last-modified: Thu, 10 Aug 2023 10:00:36 GMT
etag: "64d4b544-1472"
expires: Fri, 10 May 2024 12:10:03 GMT
cache-control: max-age=300
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2

20winlp.com/barcelona-bayer/de/img/bayern.png

37.252.8.161

200 OK

5.9 kB

URL GET HTTP/2
20winlp.com/barcelona-bayer/de/img/bayern.png
IP
37.252.8.161:443
ASN
#42708 GleSYS AB

Requested by
https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Certificate
IssuerLet's Encrypt
Subject20winlp.com
Fingerprint89:29:90:91:29:7C:9E:CB:1E:84:7D:35:18:28:AB:0B:CA:77:FC:69
ValiditySun, 14 Apr 2024 23:04:13 GMT - Sat, 13 Jul 2024 23:04:12 GMT

File type
PNG image data, 74 x 74, 8-bit/color RGBA, non-interlaced
Size
5.9 kB (5887 bytes)
Hash
842317bb965d5cc7d63393ea6a41b08c
e81ce31778915fb2be0a47e32f8d7de680e3faf4
1a5c725174799ead8d5a8312115a50b3239c868000bc75c0b4d908860f4deeed

HTTP Headers

GET /barcelona-bayer/de/img/bayern.png HTTP/1.1
Host: 20winlp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.1
date: Fri, 10 May 2024 12:05:03 GMT
content-type: image/png
content-length: 5887
last-modified: Thu, 10 Aug 2023 10:00:36 GMT
etag: "64d4b544-16ff"
expires: Fri, 10 May 2024 12:10:03 GMT
cache-control: max-age=300
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2

20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3

37.252.8.161

200 OK

3.2 kB

URL User Request GET HTTP/2
20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
IP
37.252.8.161:443
ASN
#42708 GleSYS AB

Certificate
IssuerLet's Encrypt
Subject20winlp.com
Fingerprint89:29:90:91:29:7C:9E:CB:1E:84:7D:35:18:28:AB:0B:CA:77:FC:69
ValiditySun, 14 Apr 2024 23:04:13 GMT - Sat, 13 Jul 2024 23:04:12 GMT

File type
gzip compressed data, from Unix
Size
3.2 kB (3167 bytes)
Hash
24026b9143326b99631002769c986578
aef569ab6a1fffe9340b0b9ac429d777c2c117d5
6dde2d60b09f2caa15df4dd585a8c25a4e2e9a78c864f4dbb5f29bf9708ea4ba

HTTP Headers

GET /barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3 HTTP/1.1
Host: 20winlp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Fri, 10 May 2024 12:05:02 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2

20winlp.com/barcelona-bayer/de/img/payment/visa.svg

37.252.8.161

200 OK

1.9 kB

URL GET HTTP/2
20winlp.com/barcelona-bayer/de/img/payment/visa.svg
IP
37.252.8.161:443
ASN
#42708 GleSYS AB

Requested by
https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Certificate
IssuerLet's Encrypt
Subject20winlp.com
Fingerprint89:29:90:91:29:7C:9E:CB:1E:84:7D:35:18:28:AB:0B:CA:77:FC:69
ValiditySun, 14 Apr 2024 23:04:13 GMT - Sat, 13 Jul 2024 23:04:12 GMT

File type
SVG Scalable Vector Graphics image
Size
1.9 kB (1879 bytes)
Hash
f4500cc3072d041f899dd1a0e1a13921
f4e9f0ae3dbbba8aea8c7ae628578e481a3eaa97
bb70223b70de4b3cc43975524ee59a6bd8e70609366efec1cb0717a251ea88b6

HTTP Headers

GET /barcelona-bayer/de/img/payment/visa.svg HTTP/1.1
Host: 20winlp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.1
date: Fri, 10 May 2024 12:05:03 GMT
content-type: image/svg+xml
content-length: 1879
last-modified: Thu, 10 Aug 2023 10:00:36 GMT
etag: "64d4b544-757"
expires: Fri, 10 May 2024 12:10:03 GMT
cache-control: max-age=300
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2

20winlp.com/barcelona-bayer/de/img/payment/mc.svg

37.252.8.161

200 OK

1.7 kB

URL GET HTTP/2
20winlp.com/barcelona-bayer/de/img/payment/mc.svg
IP
37.252.8.161:443
ASN
#42708 GleSYS AB

Requested by
https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Certificate
IssuerLet's Encrypt
Subject20winlp.com
Fingerprint89:29:90:91:29:7C:9E:CB:1E:84:7D:35:18:28:AB:0B:CA:77:FC:69
ValiditySun, 14 Apr 2024 23:04:13 GMT - Sat, 13 Jul 2024 23:04:12 GMT

File type
SVG Scalable Vector Graphics image
Size
1.7 kB (1677 bytes)
Hash
882326d30c9f4ea7d16ee1bd3e2517d2
cc614494555b181f14b0ff586790a3a757c52685
b6f3fce54b58e19e32d8d63c2989d67aef2672a023c41748b0513bade9880b08

HTTP Headers

GET /barcelona-bayer/de/img/payment/mc.svg HTTP/1.1
Host: 20winlp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.1
date: Fri, 10 May 2024 12:05:03 GMT
content-type: image/svg+xml
content-length: 1677
last-modified: Thu, 10 Aug 2023 10:00:36 GMT
etag: "64d4b544-68d"
expires: Fri, 10 May 2024 12:10:03 GMT
cache-control: max-age=300
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/exo2/v21/7cHov4okm5zmbtYtG-wc5Q.woff2

142.250.74.99

200 OK

43 kB

URL GET HTTP/2
fonts.gstatic.com/s/exo2/v21/7cHov4okm5zmbtYtG-wc5Q.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 42640, version 1.0
Size
43 kB (42640 bytes)
Hash
dd1528e81f5361ff430081187d9b82db
ef0b2dd66be2c0f95e1873798c29ffb3071276b1
1ee6f39098704cadd8255a8bf57e4ce8241179ff381a3747343af50871e20645

HTTP Headers

GET /s/exo2/v21/7cHov4okm5zmbtYtG-wc5Q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://20winlp.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 42640
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 14:45:44 GMT
expires: Fri, 09 May 2025 14:45:44 GMT
cache-control: public, max-age=31536000
age: 76759
last-modified: Wed, 13 Sep 2023 22:30:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/exo2/v21/7cHov4okm5zmbtYtG-wc5Q.woff2

142.250.74.99

200 OK

43 kB

URL GET HTTP/2
fonts.gstatic.com/s/exo2/v21/7cHov4okm5zmbtYtG-wc5Q.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 42640, version 1.0
Size
43 kB (42640 bytes)
Hash
dd1528e81f5361ff430081187d9b82db
ef0b2dd66be2c0f95e1873798c29ffb3071276b1
1ee6f39098704cadd8255a8bf57e4ce8241179ff381a3747343af50871e20645

HTTP Headers

GET /s/exo2/v21/7cHov4okm5zmbtYtG-wc5Q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://20winlp.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 42640
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 14:45:44 GMT
expires: Fri, 09 May 2025 14:45:44 GMT
cache-control: public, max-age=31536000
age: 76759
last-modified: Wed, 13 Sep 2023 22:30:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

20winlp.com/barcelona-bayer/de/img/payment/Sofort%C3%BCberweisung_Logo.svg

37.252.8.161

200 OK

3.9 kB

URL GET HTTP/2
20winlp.com/barcelona-bayer/de/img/payment/Sofort%C3%BCberweisung_Logo.svg
IP
37.252.8.161:443
ASN
#42708 GleSYS AB

Requested by
https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Certificate
IssuerLet's Encrypt
Subject20winlp.com
Fingerprint89:29:90:91:29:7C:9E:CB:1E:84:7D:35:18:28:AB:0B:CA:77:FC:69
ValiditySun, 14 Apr 2024 23:04:13 GMT - Sat, 13 Jul 2024 23:04:12 GMT

File type
SVG Scalable Vector Graphics image
Size
3.9 kB (3943 bytes)
Hash
947a48dfe3585a3fb560a5b23818e402
8097cc5450b15c849d0386c1e41bf3453eed37be
9868cacbf5df11219d194750b55e509d229f87e882ef16e7be54f17c365e0f37

HTTP Headers

GET /barcelona-bayer/de/img/payment/Sofort%C3%BCberweisung_Logo.svg HTTP/1.1
Host: 20winlp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.1
date: Fri, 10 May 2024 12:05:03 GMT
content-type: image/svg+xml
content-length: 3943
last-modified: Thu, 10 Aug 2023 10:00:36 GMT
etag: "64d4b544-f67"
expires: Fri, 10 May 2024 12:10:03 GMT
cache-control: max-age=300
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2

20winlp.com/barcelona-bayer/de/img/payment/uberweisung.svg

37.252.8.161

200 OK

22 kB

URL GET HTTP/2
20winlp.com/barcelona-bayer/de/img/payment/uberweisung.svg
IP
37.252.8.161:443
ASN
#42708 GleSYS AB

Requested by
https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Certificate
IssuerLet's Encrypt
Subject20winlp.com
Fingerprint89:29:90:91:29:7C:9E:CB:1E:84:7D:35:18:28:AB:0B:CA:77:FC:69
ValiditySun, 14 Apr 2024 23:04:13 GMT - Sat, 13 Jul 2024 23:04:12 GMT

File type
SVG Scalable Vector Graphics image
Size
22 kB (21608 bytes)
Hash
6648e14207f5f43b2daefedbf6476480
e8a8cc0d336f14d98d82aa02d8893b23837818a8
1e8328e6d014afa498e2a91a3d14a8065c81008c81584936909585bec0d30753

HTTP Headers

GET /barcelona-bayer/de/img/payment/uberweisung.svg HTTP/1.1
Host: 20winlp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.1
date: Fri, 10 May 2024 12:05:03 GMT
content-type: image/svg+xml
content-length: 21608
last-modified: Thu, 10 Aug 2023 10:00:36 GMT
etag: "64d4b544-5468"
expires: Fri, 10 May 2024 12:10:03 GMT
cache-control: max-age=300
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq5Z9WXh0pg.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq5Z9WXh0pg.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15568, version 1.0
Size
16 kB (15568 bytes)
Hash
b494ea25144d5223bd17a4e8c5dfcdac
4128bebda87610be1144c6bab79e9bc2958e7d76
5b724df180b459e966ee211b72f33d2f1f2a0b1a305c202bf9f93d4d107f10e5

HTTP Headers

GET /s/montserrat/v26/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq5Z9WXh0pg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://20winlp.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15568
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 23:33:33 GMT
expires: Fri, 09 May 2025 23:33:33 GMT
cache-control: public, max-age=31536000
age: 45090
last-modified: Wed, 13 Sep 2023 22:52:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

20winlp.com/barcelona-bayer/de/img/payment/crypto.svg

37.252.8.161

200 OK

3.9 kB

URL GET HTTP/2
20winlp.com/barcelona-bayer/de/img/payment/crypto.svg
IP
37.252.8.161:443
ASN
#42708 GleSYS AB

Requested by
https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Certificate
IssuerLet's Encrypt
Subject20winlp.com
Fingerprint89:29:90:91:29:7C:9E:CB:1E:84:7D:35:18:28:AB:0B:CA:77:FC:69
ValiditySun, 14 Apr 2024 23:04:13 GMT - Sat, 13 Jul 2024 23:04:12 GMT

File type
SVG Scalable Vector Graphics image
Size
3.9 kB (3878 bytes)
Hash
7214dd83969dc685390db74d21e20485
4b3322739d6c082e24c051a9fea2039856c664ce
944c7776828e40ebdee57776e449e77083f08f64ae71654ad1e1321445b61c8b

HTTP Headers

GET /barcelona-bayer/de/img/payment/crypto.svg HTTP/1.1
Host: 20winlp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.1
date: Fri, 10 May 2024 12:05:03 GMT
content-type: image/svg+xml
content-length: 3878
last-modified: Thu, 10 Aug 2023 10:00:36 GMT
etag: "64d4b544-f26"
expires: Fri, 10 May 2024 12:10:03 GMT
cache-control: max-age=300
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2

20winlp.com/barcelona-bayer/de/img/bg.jpg

37.252.8.161

200 OK

1.5 MB

URL GET HTTP/2
20winlp.com/barcelona-bayer/de/img/bg.jpg
IP
37.252.8.161:443
ASN
#42708 GleSYS AB

Requested by
https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Certificate
IssuerLet's Encrypt
Subject20winlp.com
Fingerprint89:29:90:91:29:7C:9E:CB:1E:84:7D:35:18:28:AB:0B:CA:77:FC:69
ValiditySun, 14 Apr 2024 23:04:13 GMT - Sat, 13 Jul 2024 23:04:12 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x1081, components 3
Size
1.5 MB (1452823 bytes)
Hash
af94285296a8964d3d7a915ae4c77f59
f0c035cb2ea52479e9a27977d238720479a5d0a8
8db38d17c2ed62e6cf1bb8252881ab715efa8767e7e86d1ccfe404894db25878

HTTP Headers

GET /barcelona-bayer/de/img/bg.jpg HTTP/1.1
Host: 20winlp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://20winlp.com/barcelona-bayer/de/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.1
date: Fri, 10 May 2024 12:05:03 GMT
content-type: image/jpeg
content-length: 1452823
last-modified: Thu, 10 Aug 2023 10:00:36 GMT
etag: "64d4b544-162b17"
expires: Fri, 10 May 2024 12:10:03 GMT
cache-control: max-age=300
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2

20winlp.com/barcelona-bayer/de/img/favicon.png

37.252.8.161

200 OK

2.2 kB

URL GET HTTP/2
20winlp.com/barcelona-bayer/de/img/favicon.png
IP
37.252.8.161:443
ASN
#42708 GleSYS AB

Requested by
https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Certificate
IssuerLet's Encrypt
Subject20winlp.com
Fingerprint89:29:90:91:29:7C:9E:CB:1E:84:7D:35:18:28:AB:0B:CA:77:FC:69
ValiditySun, 14 Apr 2024 23:04:13 GMT - Sat, 13 Jul 2024 23:04:12 GMT

File type
PNG image data, 32 x 29, 8-bit colormap, non-interlaced
Size
2.2 kB (2161 bytes)
Hash
036e0f36b5a13f1fa5ab0dd3241693ff
603c662bc6f6df4adfc53b0ee2b46c2e37bf8e61
432c7a05fd30a114d2edad7833b393a3a5077ca364fbbca7eb256385072f844e

HTTP Headers

GET /barcelona-bayer/de/img/favicon.png HTTP/1.1
Host: 20winlp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.1
date: Fri, 10 May 2024 12:05:03 GMT
content-type: image/png
content-length: 2161
last-modified: Thu, 10 Aug 2023 10:00:36 GMT
etag: "64d4b544-871"
expires: Fri, 10 May 2024 12:10:03 GMT
cache-control: max-age=300
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Exo+2:ital,wght@1,700;1,900&family=Montserrat:ital,wght@1,500&display=swap

142.250.74.106

200 OK

5.4 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Exo+2:ital,wght@1,700;1,900&family=Montserrat:ital,wght@1,500&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (5575), with no line terminators
Size
5.4 kB (5440 bytes)
Hash
839215a8bf1d90b5bf0a14253654545e
e2428c4a32509864c5472e8fadac59036140bbdf
0dd75046eec4d8441dd6b43523ece2f68d6b28c741910ed11c63109c189a3ef7

HTTP Headers

GET /css2?family=Exo+2:ital,wght@1,700;1,900&family=Montserrat:ital,wght@1,500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://20winlp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 12:05:03 GMT
date: Fri, 10 May 2024 12:05:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

20winlp.com/barcelona-bayer/de/css/main.css

37.252.8.161

200 OK

3.7 kB

URL GET HTTP/2
20winlp.com/barcelona-bayer/de/css/main.css
IP
37.252.8.161:443
ASN
#42708 GleSYS AB

Requested by
https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Certificate
IssuerLet's Encrypt
Subject20winlp.com
Fingerprint89:29:90:91:29:7C:9E:CB:1E:84:7D:35:18:28:AB:0B:CA:77:FC:69
ValiditySun, 14 Apr 2024 23:04:13 GMT - Sat, 13 Jul 2024 23:04:12 GMT

File type
ASCII text, with very long lines (4140), with no line terminators
Size
3.7 kB (3726 bytes)
Hash
05c59f2159d0dd40af1fc6bbe5773db4
eabef4b568ccaccfe24306037bc078394064a484
c7eaaec2a72478eb2a1c2443e25df419ade54301169f3df73df2bf43e7928322

HTTP Headers

GET /barcelona-bayer/de/css/main.css HTTP/1.1
Host: 20winlp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Fri, 10 May 2024 12:05:03 GMT
content-type: text/css
last-modified: Thu, 10 Aug 2023 10:00:36 GMT
etag: W/"64d4b544-e8e"
expires: Fri, 10 May 2024 12:10:03 GMT
cache-control: max-age=300
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2

20winlp.com/barcelona-bayer/de/js/refers.js

37.252.8.161

200 OK

1.1 kB

URL GET HTTP/2
20winlp.com/barcelona-bayer/de/js/refers.js
IP
37.252.8.161:443
ASN
#42708 GleSYS AB

Requested by
https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Certificate
IssuerLet's Encrypt
Subject20winlp.com
Fingerprint89:29:90:91:29:7C:9E:CB:1E:84:7D:35:18:28:AB:0B:CA:77:FC:69
ValiditySun, 14 Apr 2024 23:04:13 GMT - Sat, 13 Jul 2024 23:04:12 GMT

File type
JavaScript source, ASCII text, with very long lines (1112), with no line terminators
Size
1.1 kB (1078 bytes)
Hash
bb591a29452c3a415d88cf3a10b93a5e
6c8acb8a50fc0dda5d537cf0b947048f7861b784
60124dd9ed0289d1fc0db80c0e50022c1f75aab83e072c134480fcb2d4a67447

HTTP Headers

GET /barcelona-bayer/de/js/refers.js HTTP/1.1
Host: 20winlp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Fri, 10 May 2024 12:05:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 10 Aug 2023 10:00:36 GMT
etag: W/"64d4b544-436"
expires: Fri, 10 May 2024 12:10:03 GMT
cache-control: max-age=300
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2

20winlp.com/barcelona-bayer/de/css/reset.css

37.252.8.161

200 OK

2.5 kB

URL GET HTTP/2
20winlp.com/barcelona-bayer/de/css/reset.css
IP
37.252.8.161:443
ASN
#42708 GleSYS AB

Requested by
https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Certificate
IssuerLet's Encrypt
Subject20winlp.com
Fingerprint89:29:90:91:29:7C:9E:CB:1E:84:7D:35:18:28:AB:0B:CA:77:FC:69
ValiditySun, 14 Apr 2024 23:04:13 GMT - Sat, 13 Jul 2024 23:04:12 GMT

File type
ASCII text, with very long lines (2839), with no line terminators
Size
2.5 kB (2486 bytes)
Hash
de17beb25102a40ecf1ceb16d6252f43
a49c75a7ee24b88716fde2229b6c93a5d5aab346
7946b53cf0dbb8b31a2de461e2f527717b7282820d069cde1d0a56f0f4eed1e8

HTTP Headers

GET /barcelona-bayer/de/css/reset.css HTTP/1.1
Host: 20winlp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Fri, 10 May 2024 12:05:02 GMT
content-type: text/css
last-modified: Thu, 10 Aug 2023 10:00:36 GMT
etag: W/"64d4b544-9b6"
expires: Fri, 10 May 2024 12:10:02 GMT
cache-control: max-age=300
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2

20winlp.com/barcelona-bayer/de/css/media.css

37.252.8.161

200 OK

929 B

URL GET HTTP/2
20winlp.com/barcelona-bayer/de/css/media.css
IP
37.252.8.161:443
ASN
#42708 GleSYS AB

Requested by
https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Certificate
IssuerLet's Encrypt
Subject20winlp.com
Fingerprint89:29:90:91:29:7C:9E:CB:1E:84:7D:35:18:28:AB:0B:CA:77:FC:69
ValiditySun, 14 Apr 2024 23:04:13 GMT - Sat, 13 Jul 2024 23:04:12 GMT

File type
ASCII text, with very long lines (1133), with no line terminators
Size
929 B (929 bytes)
Hash
d39840ff915c55eec2599a233a40abd8
8305b1d64908cd28403019187282420f10d06bbb
6bc94822303b3b1fc0e465ac9c1e11274d31a64ceb48af56692aa15c8601fbc4

HTTP Headers

GET /barcelona-bayer/de/css/media.css HTTP/1.1
Host: 20winlp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://20winlp.com/barcelona-bayer/de/?btag=670183_779e743d7995411d8e05fd42263305a3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Fri, 10 May 2024 12:05:03 GMT
content-type: text/css
last-modified: Thu, 10 Aug 2023 10:00:36 GMT
etag: W/"64d4b544-3a1"
expires: Fri, 10 May 2024 12:10:03 GMT
cache-control: max-age=300
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2

platdom-1.online/api/v1/pxcheck?impId=GaE3HhrGXG0rzlBUB2SiqmzwuEgmV9dEk1G3yE6j&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cHM6Ly9wbGF0ZG9tLTEub25saW5lL2FwaS92MS9weD94bWxpZD1HYUUzSGhyR1hHMHJ6bEJVQjJTaXFtend1RWdtVjlkRWsxRzN5RTZqIiwiZGV2aWNlU3JlZW5TaXplIjoiMTAyNHgxMjgwIiwiZGV2aWNlV2luZG93U2l6ZSI6IjEwMjR4MTI4MCIsInduZDJzcmNSYXRpb0x3cjA2IjpmYWxzZSwiaXNCb3QiOiJvZmYifQ==

3.33.192.145

302 Found

2.5 kB

URL User Request GET HTTP/2
platdom-1.online/api/v1/pxcheck?impId=GaE3HhrGXG0rzlBUB2SiqmzwuEgmV9dEk1G3yE6j&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cHM6Ly9wbGF0ZG9tLTEub25saW5lL2FwaS92MS9weD94bWxpZD1HYUUzSGhyR1hHMHJ6bEJVQjJTaXFtend1RWdtVjlkRWsxRzN5RTZqIiwiZGV2aWNlU3JlZW5TaXplIjoiMTAyNHgxMjgwIiwiZGV2aWNlV2luZG93U2l6ZSI6IjEwMjR4MTI4MCIsInduZDJzcmNSYXRpb0x3cjA2IjpmYWxzZSwiaXNCb3QiOiJvZmYifQ==
IP
3.33.192.145:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjectplatdom-1.online
FingerprintE9:C7:14:62:BA:F3:A3:36:62:08:37:81:D0:9C:4B:CA:89:31:00:E8
ValidityTue, 30 Apr 2024 00:00:00 GMT - Thu, 29 May 2025 23:59:59 GMT

File type

Size
2.5 kB (2463 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/v1/pxcheck?impId=GaE3HhrGXG0rzlBUB2SiqmzwuEgmV9dEk1G3yE6j&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cHM6Ly9wbGF0ZG9tLTEub25saW5lL2FwaS92MS9weD94bWxpZD1HYUUzSGhyR1hHMHJ6bEJVQjJTaXFtend1RWdtVjlkRWsxRzN5RTZqIiwiZGV2aWNlU3JlZW5TaXplIjoiMTAyNHgxMjgwIiwiZGV2aWNlV2luZG93U2l6ZSI6IjEwMjR4MTI4MCIsInduZDJzcmNSYXRpb0x3cjA2IjpmYWxzZSwiaXNCb3QiOiJvZmYifQ== HTTP/1.1
Host: platdom-1.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://platdom-1.online/api/v1/px?xmlid=GaE3HhrGXG0rzlBUB2SiqmzwuEgmV9dEk1G3yE6j
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 10 May 2024 12:05:01 GMT
content-type: text/html; charset=utf-8
content-length: 182
location: http://xml-v4.clouback-2.online/click?seat=368919&i=2pP553L9qnA_0
access-control-allow-origin: *
vary: Accept, Accept-Encoding
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (30)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers