urlscan.io logo urlscan.io
SecurityTrails logo

suche.guenstiger.de Open in urlscan Pro
2606:4700::6812:e5c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://criagslist.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY5MjIyMjQzMywiaWF0Ij...
Effective URL: https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&origin=cartageous%20de%20affiliate&p=364184&tagId=21540101650&clickS...
Submission: On August 17 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 18 HTTP transactions. The main IP is 2606:4700::6812:e5c, located in United States and belongs to CLOUDFLARENET, US. The main domain is suche.guenstiger.de.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2023. Valid for: a year.
This is the only time suche.guenstiger.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 78.41.204.39 62370 (SNEL)
1 2 52.117.247.211 36351 (SOFTLAYER)
1 1 35.160.245.119 16509 (AMAZON-02)
4 34.213.38.78 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
18 7
1    78.41.204.39 (Netherlands)

ASN62370 (SNEL, NL)
PTR: server368.snel.com
criagslist.com
2    52.117.247.211 (United States)

ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com
myckdom.com
p185689.myckdom.com
1    35.160.245.119 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-245-119.us-west-2.compute.amazonaws.com
click.cartageous.de
4    34.213.38.78 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-38-78.us-west-2.compute.amazonaws.com
click.cartageous.de
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2606:4700::6812:e5c (United States)

ASN13335 (CLOUDFLARENET, US)
suche.guenstiger.de
3    2606:4700::6811:3b8 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
6 guenstiger.de
suche.guenstiger.de
346 KB
5 cartageous.de
click.cartageous.de
53 KB
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 6270
20 KB
2 myckdom.com
myckdom.com — Cisco Umbrella Rank: 118289
p185689.myckdom.com
1 KB
1 gstatic.com
fonts.gstatic.com
13 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
981 B
1 criagslist.com
criagslist.com
1 KB
18 7
Domain Requested by
6 suche.guenstiger.de click.cartageous.de
suche.guenstiger.de
5 click.cartageous.de 1 redirects p185689.myckdom.com
click.cartageous.de
3 challenges.cloudflare.com suche.guenstiger.de
challenges.cloudflare.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com click.cartageous.de
1 p185689.myckdom.com
1 myckdom.com 1 redirects
1 criagslist.com 1 redirects
18 8

This site contains no links.

Subject Issuer Validity Valid
*.myckdom.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-20 -
2024-03-20		 a year crt.sh
*.cartageous.de
Amazon RSA 2048 M01		 2023-02-08 -
2024-01-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-15 -
2024-07-14		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&origin=cartageous%20de%20affiliate&p=364184&tagId=21540101650&clickSource=1133094829
Frame ID: 5A60D6CAAB179A99E7C9F51902248087
Requests: 21 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/jq6l8/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: DE9780D3993FB70E3BBFA3746EEAF064
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Guenstiger.de - Der große Preisvergleich im Internet

Page URL History Show full URLs

  1. https://criagslist.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MT... HTTP 302
    https://myckdom.com/aS/feedclick?s=ebx9GOHwD8GJBHvaHHYs2o8uDhK_8R6jZgEmKxZ3C-sThY23hVd_bH5XPU-DA... HTTP 302
    https://p185689.myckdom.com/adServe/domainClick?ai=XZ-fZYaF_CwwA4kBTUzzpjgCubBofCnuA2WZLfKglLH96-QkmDk-z... Page URL
  2. http://click.cartageous.de/?fct=true&psid=14683&auth=oAHrJ&kw=&mfid=19239&env=2&subid=ch_63025849|010_i... HTTP 301
    https://click.cartageous.de/?fct=true&psid=14683&auth=oAHrJ&kw=&mfid=19239&env=2&subid=ch_63025849|010_i... Page URL
  3. https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&origin=cartageous%20de%20affiliate&p=364184&tagI... Page URL
  4. https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&origin=cartageous%20de%20affiliate&p=364184&tagI... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • tracker\.js

Page Statistics

18
Requests

89 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

433 kB
Transfer

1081 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://criagslist.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY5MjIyMjQzMywiaWF0IjoxNjkyMjE1MjMzLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydHR2OWlnaGMwMnFhbTdrZ3MwNzIxcTgiLCJuYmYiOjE2OTIyMTUyMzMsInRzIjoxNjkyMjE1MjMzNzE5NzM3fQ.scrA_kM9DuBtA3WqjAsS2hG2wx7m7ihLheDpkpAn8Os&sid=b263b482-3c6d-11ee-96d1-92a56856f63c HTTP 302
    https://myckdom.com/aS/feedclick?s=ebx9GOHwD8GJBHvaHHYs2o8uDhK_8R6jZgEmKxZ3C-sThY23hVd_bH5XPU-DAmA9J-J_MlxHbnZPYJMKbc_lPFsLtTfRMmnZlp2cijH7GOpiTdYYEA44WYlJzChtcb99a-hz6nOf0-V35hDWF21szTZekRk7AUpJJK36v7c9Uf6ugswIHMQ6pH2C2ebDwRJ_5x-5wnUuiG7EHyZoOor0CxATFmlVgLAFdDZt3g0aWCiQTfqTFVs9mJq42MixqqzuZOXgfdhLNOtRH3p_L6qOqAg2OPgZm36bOneyMWpwyGPRzrZcrXlUmB-Gyfe7wRwfCxPbskovmNga7tWtfczGqrebtW9KZnMUfZ3WqdRCNZo2ZoC7vXYfclMYw5Ih6n-CHe0AbEb9l3nhVfMtq8Ngo809iozZBXwIPCfruu6u3HlyZPIkb5-uwbYMREN09WU8yfcxkOD5SdZN96JNcDWdqGdYSB2lRDq0JAwhIkRtXousODJ76nicFg5ahn2-w4DsBEdaPO9A8ibvn8ua7wFVVbTbLqAndNoJiWnygGECgXE6h0m2JaHTNJpU0BsO23Nzg1h2D1fPFmsdKbUIxkwMKnzhsaiHMdhrs6PzHzf0KM7O-R2qDurz9X6kju_GDQp_JjQ8UuCCjQleOllsMJLqKvpNSI0edhqmXt_gKGo87p2Uw-NXh5hXJCaIpLel7GtTORr9-t6-jV7v_u4pbH6AA-RR1T5mYGIsph7Xppmb3dXg_nvHHwjRmGOPJN6uA3DjsT7b5fkzx6h7iUvIBUe-NdiHUscOi_-Rf-YznLUBTBH5JG1xc019Uo9nk9eDMwtd8vNun0FCd41MjY54y1b0KZENj81vKmg8KLYk13NcLQd-TDK73IZqzjX5j8oi-zEoONM_q14QRJyXgCc2aEFjjAV80_HtzuNh7yj1VBcTB_C9YuXDs3_tVBrgm-tlkrMOtnlllxTUS1DOxTKWSB7-tljXZil7EmFwPzasjqOo8adaMInQ9THHvTqtSgf5w2xGFymS2zSzkH7h8R3jd6QQOBWUV3P-qG0AMR6dg1ra_WXn4DIaHYDcZ73hunQ-6KTDFz1Io8XYRe9HQJpsyxV7m4MRXfqc9uZLa4fRBFckWAOikJqB5W6FAL90j4MI3tBeZISyGMJqezdY4GXqWgil0a5iKz9pTYVV3NUyS2OY4LGBq4r66DLXDHKpzb4RnYcMWoUrD5b5-r7l2lDkdfbcBI3p5qNoq8FWUywVSpu9I9FpHC1Pm6jwA4YUYJddZNGEFHmQcG0kBTrGqjQ4v9qV-4Fhtws00dPVnNb4n2pV-OSN8jWje1-Oh-hqYEOvyyCz_e1gCULJpB1irSA3YbGb26dwwJurhD5PxhIlqXXQajgFBO1vVWn-LDvLbXwTIzfDLI6DSwn_foLnqG5RdVzcY0O4Eofc9-cgZxgIzp-9ZatvpZPL4C1DlUeGb3mUb06cb3Nsez4BY9wtFSR2v0xeiwiqLByLyoHDU20d3kIwsixv6bnyZ7KuFL6LSfOD2wZMoB6msQOA8-fp6t2Df9GS88aqNDi_2pX7gWG3CzTR09WNOntyGiJLUKkWpz4StF2PrJf4YwqSXZJh-TQ0TzP3C9iAbtp9NeTI HTTP 302
    https://p185689.myckdom.com/adServe/domainClick?ai=XZ-fZYaF_CwwA4kBTUzzpjgCubBofCnuA2WZLfKglLH96-QkmDk-zUAVfbRwc7vpvuRQbgY79wPpeebdC9lQCNVSAuRigA5jJUObnMYTWCJ81QnSSro97Gk5RrA-Xl15zKAmxdShVX5I_r29xbvEWgK8sczUyG_Fzx_tkR21trw6xxVcWm9llIse9SJQKGL722Ydr6xcDoGrbImx2zmcSZxopPDQXKLIS_sQnzFC-Jp7Jl4Hi3-y6r6LSfOD2wZMoB6msQOA8-esFnB-eWnMmXp4Xm2qP2EFO8ttfBMjN8Oca_YbCUpqoCZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxH-1_GqjSgzASAlEMfER0v1BbsozkC8-D-BybpyqSvYhR-KVGX4dMWedgYjjs-cZjuidSuX2eF84&ui=ebx9GOHwD8GJBHvaHHYs2vbWwvziNp_1xLgNeF8Zj-ha9tH3vZsWfHcFhm6roA_t6GpgQ6_LILP97WAJQsmkHWKtIDdhsZvbp3DAm6uEPk8seMjTGjmULw&si=1&oref=1484d0862381f2ee0ce983d7650efea7&optunit=VEppjN3n49pvTcY6XlsYvQ&rb=1Av0aQZj4s0&rr=1&isco=t&abtg=0 Page URL
  2. http://click.cartageous.de/?fct=true&psid=14683&auth=oAHrJ&kw=&mfid=19239&env=2&subid=ch_63025849|010_inf_df_guenstiger_de_merchant_leuchtenland|furniture&rn=true HTTP 301
    https://click.cartageous.de/?fct=true&psid=14683&auth=oAHrJ&kw=&mfid=19239&env=2&subid=ch_63025849|010_inf_df_guenstiger_de_merchant_leuchtenland|furniture&rn=true Page URL
  3. https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&origin=cartageous%20de%20affiliate&p=364184&tagId=21540101650&clickSource=1133094829 Page URL
  4. https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&origin=cartageous%20de%20affiliate&p=364184&tagId=21540101650&clickSource=1133094829 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://criagslist.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY5MjIyMjQzMywiaWF0IjoxNjkyMjE1MjMzLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydHR2OWlnaGMwMnFhbTdrZ3MwNzIxcTgiLCJuYmYiOjE2OTIyMTUyMzMsInRzIjoxNjkyMjE1MjMzNzE5NzM3fQ.scrA_kM9DuBtA3WqjAsS2hG2wx7m7ihLheDpkpAn8Os&sid=b263b482-3c6d-11ee-96d1-92a56856f63c HTTP 302
  • https://myckdom.com/aS/feedclick?s=ebx9GOHwD8GJBHvaHHYs2o8uDhK_8R6jZgEmKxZ3C-sThY23hVd_bH5XPU-DAmA9J-J_MlxHbnZPYJMKbc_lPFsLtTfRMmnZlp2cijH7GOpiTdYYEA44WYlJzChtcb99a-hz6nOf0-V35hDWF21szTZekRk7AUpJJK36v7c9Uf6ugswIHMQ6pH2C2ebDwRJ_5x-5wnUuiG7EHyZoOor0CxATFmlVgLAFdDZt3g0aWCiQTfqTFVs9mJq42MixqqzuZOXgfdhLNOtRH3p_L6qOqAg2OPgZm36bOneyMWpwyGPRzrZcrXlUmB-Gyfe7wRwfCxPbskovmNga7tWtfczGqrebtW9KZnMUfZ3WqdRCNZo2ZoC7vXYfclMYw5Ih6n-CHe0AbEb9l3nhVfMtq8Ngo809iozZBXwIPCfruu6u3HlyZPIkb5-uwbYMREN09WU8yfcxkOD5SdZN96JNcDWdqGdYSB2lRDq0JAwhIkRtXousODJ76nicFg5ahn2-w4DsBEdaPO9A8ibvn8ua7wFVVbTbLqAndNoJiWnygGECgXE6h0m2JaHTNJpU0BsO23Nzg1h2D1fPFmsdKbUIxkwMKnzhsaiHMdhrs6PzHzf0KM7O-R2qDurz9X6kju_GDQp_JjQ8UuCCjQleOllsMJLqKvpNSI0edhqmXt_gKGo87p2Uw-NXh5hXJCaIpLel7GtTORr9-t6-jV7v_u4pbH6AA-RR1T5mYGIsph7Xppmb3dXg_nvHHwjRmGOPJN6uA3DjsT7b5fkzx6h7iUvIBUe-NdiHUscOi_-Rf-YznLUBTBH5JG1xc019Uo9nk9eDMwtd8vNun0FCd41MjY54y1b0KZENj81vKmg8KLYk13NcLQd-TDK73IZqzjX5j8oi-zEoONM_q14QRJyXgCc2aEFjjAV80_HtzuNh7yj1VBcTB_C9YuXDs3_tVBrgm-tlkrMOtnlllxTUS1DOxTKWSB7-tljXZil7EmFwPzasjqOo8adaMInQ9THHvTqtSgf5w2xGFymS2zSzkH7h8R3jd6QQOBWUV3P-qG0AMR6dg1ra_WXn4DIaHYDcZ73hunQ-6KTDFz1Io8XYRe9HQJpsyxV7m4MRXfqc9uZLa4fRBFckWAOikJqB5W6FAL90j4MI3tBeZISyGMJqezdY4GXqWgil0a5iKz9pTYVV3NUyS2OY4LGBq4r66DLXDHKpzb4RnYcMWoUrD5b5-r7l2lDkdfbcBI3p5qNoq8FWUywVSpu9I9FpHC1Pm6jwA4YUYJddZNGEFHmQcG0kBTrGqjQ4v9qV-4Fhtws00dPVnNb4n2pV-OSN8jWje1-Oh-hqYEOvyyCz_e1gCULJpB1irSA3YbGb26dwwJurhD5PxhIlqXXQajgFBO1vVWn-LDvLbXwTIzfDLI6DSwn_foLnqG5RdVzcY0O4Eofc9-cgZxgIzp-9ZatvpZPL4C1DlUeGb3mUb06cb3Nsez4BY9wtFSR2v0xeiwiqLByLyoHDU20d3kIwsixv6bnyZ7KuFL6LSfOD2wZMoB6msQOA8-fp6t2Df9GS88aqNDi_2pX7gWG3CzTR09WNOntyGiJLUKkWpz4StF2PrJf4YwqSXZJh-TQ0TzP3C9iAbtp9NeTI HTTP 302
  • https://p185689.myckdom.com/adServe/domainClick?ai=XZ-fZYaF_CwwA4kBTUzzpjgCubBofCnuA2WZLfKglLH96-QkmDk-zUAVfbRwc7vpvuRQbgY79wPpeebdC9lQCNVSAuRigA5jJUObnMYTWCJ81QnSSro97Gk5RrA-Xl15zKAmxdShVX5I_r29xbvEWgK8sczUyG_Fzx_tkR21trw6xxVcWm9llIse9SJQKGL722Ydr6xcDoGrbImx2zmcSZxopPDQXKLIS_sQnzFC-Jp7Jl4Hi3-y6r6LSfOD2wZMoB6msQOA8-esFnB-eWnMmXp4Xm2qP2EFO8ttfBMjN8Oca_YbCUpqoCZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxH-1_GqjSgzASAlEMfER0v1BbsozkC8-D-BybpyqSvYhR-KVGX4dMWedgYjjs-cZjuidSuX2eF84&ui=ebx9GOHwD8GJBHvaHHYs2vbWwvziNp_1xLgNeF8Zj-ha9tH3vZsWfHcFhm6roA_t6GpgQ6_LILP97WAJQsmkHWKtIDdhsZvbp3DAm6uEPk8seMjTGjmULw&si=1&oref=1484d0862381f2ee0ce983d7650efea7&optunit=VEppjN3n49pvTcY6XlsYvQ&rb=1Av0aQZj4s0&rr=1&isco=t&abtg=0
Request Chain 1
  • http://click.cartageous.de/?fct=true&psid=14683&auth=oAHrJ&kw=&mfid=19239&env=2&subid=ch_63025849|010_inf_df_guenstiger_de_merchant_leuchtenland|furniture&rn=true HTTP 301
  • https://click.cartageous.de/?fct=true&psid=14683&auth=oAHrJ&kw=&mfid=19239&env=2&subid=ch_63025849|010_inf_df_guenstiger_de_merchant_leuchtenland|furniture&rn=true

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
domainClick
p185689.myckdom.com/adServe/
Redirect Chain
  • https://criagslist.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY5MjIyMjQzMywiaWF0IjoxNjkyMjE1MjMzLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydHR2OWlnaGMwMnFhbTdrZ3Mw...
  • https://myckdom.com/aS/feedclick?s=ebx9GOHwD8GJBHvaHHYs2o8uDhK_8R6jZgEmKxZ3C-sThY23hVd_bH5XPU-DAmA9J-J_MlxHbnZPYJMKbc_lPFsLtTfRMmnZlp2cijH7GOpiTdYYEA44WYlJzChtcb99a-hz6nOf0-V35hDWF21szTZekRk7AUpJJK...
  • https://p185689.myckdom.com/adServe/domainClick?ai=XZ-fZYaF_CwwA4kBTUzzpjgCubBofCnuA2WZLfKglLH96-QkmDk-zUAVfbRwc7vpvuRQbgY79wPpeebdC9lQCNVSAuRigA5jJUObnMYTWCJ81QnSSro97Gk5RrA-Xl15zKAmxdShVX5I_r29xb...
357 B
639 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p185689.myckdom.com/adServe/domainClick?ai=XZ-fZYaF_CwwA4kBTUzzpjgCubBofCnuA2WZLfKglLH96-QkmDk-zUAVfbRwc7vpvuRQbgY79wPpeebdC9lQCNVSAuRigA5jJUObnMYTWCJ81QnSSro97Gk5RrA-Xl15zKAmxdShVX5I_r29xbvEWgK8sczUyG_Fzx_tkR21trw6xxVcWm9llIse9SJQKGL722Ydr6xcDoGrbImx2zmcSZxopPDQXKLIS_sQnzFC-Jp7Jl4Hi3-y6r6LSfOD2wZMoB6msQOA8-esFnB-eWnMmXp4Xm2qP2EFO8ttfBMjN8Oca_YbCUpqoCZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxH-1_GqjSgzASAlEMfER0v1BbsozkC8-D-BybpyqSvYhR-KVGX4dMWedgYjjs-cZjuidSuX2eF84&ui=ebx9GOHwD8GJBHvaHHYs2vbWwvziNp_1xLgNeF8Zj-ha9tH3vZsWfHcFhm6roA_t6GpgQ6_LILP97WAJQsmkHWKtIDdhsZvbp3DAm6uEPk8seMjTGjmULw&si=1&oref=1484d0862381f2ee0ce983d7650efea7&optunit=VEppjN3n49pvTcY6XlsYvQ&rb=1Av0aQZj4s0&rr=1&isco=t&abtg=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.117.247.211 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
d3.f7.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 17 Aug 2023 12:52:51 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
0
date
Thu, 17 Aug 2023 12:52:51 GMT
location
https://p185689.myckdom.com/adServe/domainClick?ai=XZ-fZYaF_CwwA4kBTUzzpjgCubBofCnuA2WZLfKglLH96-QkmDk-zUAVfbRwc7vpvuRQbgY79wPpeebdC9lQCNVSAuRigA5jJUObnMYTWCJ81QnSSro97Gk5RrA-Xl15zKAmxdShVX5I_r29xbvEWgK8sczUyG_Fzx_tkR21trw6xxVcWm9llIse9SJQKGL722Ydr6xcDoGrbImx2zmcSZxopPDQXKLIS_sQnzFC-Jp7Jl4Hi3-y6r6LSfOD2wZMoB6msQOA8-esFnB-eWnMmXp4Xm2qP2EFO8ttfBMjN8Oca_YbCUpqoCZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxH-1_GqjSgzASAlEMfER0v1BbsozkC8-D-BybpyqSvYhR-KVGX4dMWedgYjjs-cZjuidSuX2eF84&ui=ebx9GOHwD8GJBHvaHHYs2vbWwvziNp_1xLgNeF8Zj-ha9tH3vZsWfHcFhm6roA_t6GpgQ6_LILP97WAJQsmkHWKtIDdhsZvbp3DAm6uEPk8seMjTGjmULw&si=1&oref=1484d0862381f2ee0ce983d7650efea7&optunit=VEppjN3n49pvTcY6XlsYvQ&rb=1Av0aQZj4s0&rr=1&isco=t&abtg=0
server
nginx
/
click.cartageous.de/
Redirect Chain
  • http://click.cartageous.de/?fct=true&psid=14683&auth=oAHrJ&kw=&mfid=19239&env=2&subid=ch_63025849|010_inf_df_guenstiger_de_merchant_leuchtenland|furniture&rn=true
  • https://click.cartageous.de/?fct=true&psid=14683&auth=oAHrJ&kw=&mfid=19239&env=2&subid=ch_63025849|010_inf_df_guenstiger_de_merchant_leuchtenland|furniture&rn=true
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://click.cartageous.de/?fct=true&psid=14683&auth=oAHrJ&kw=&mfid=19239&env=2&subid=ch_63025849|010_inf_df_guenstiger_de_merchant_leuchtenland|furniture&rn=true
Requested by
Host: p185689.myckdom.com
URL: https://p185689.myckdom.com/adServe/domainClick?ai=XZ-fZYaF_CwwA4kBTUzzpjgCubBofCnuA2WZLfKglLH96-QkmDk-zUAVfbRwc7vpvuRQbgY79wPpeebdC9lQCNVSAuRigA5jJUObnMYTWCJ81QnSSro97Gk5RrA-Xl15zKAmxdShVX5I_r29xbvEWgK8sczUyG_Fzx_tkR21trw6xxVcWm9llIse9SJQKGL722Ydr6xcDoGrbImx2zmcSZxopPDQXKLIS_sQnzFC-Jp7Jl4Hi3-y6r6LSfOD2wZMoB6msQOA8-esFnB-eWnMmXp4Xm2qP2EFO8ttfBMjN8Oca_YbCUpqoCZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxH-1_GqjSgzASAlEMfER0v1BbsozkC8-D-BybpyqSvYhR-KVGX4dMWedgYjjs-cZjuidSuX2eF84&ui=ebx9GOHwD8GJBHvaHHYs2vbWwvziNp_1xLgNeF8Zj-ha9tH3vZsWfHcFhm6roA_t6GpgQ6_LILP97WAJQsmkHWKtIDdhsZvbp3DAm6uEPk8seMjTGjmULw&si=1&oref=1484d0862381f2ee0ce983d7650efea7&optunit=VEppjN3n49pvTcY6XlsYvQ&rb=1Av0aQZj4s0&rr=1&isco=t&abtg=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.38.78 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-38-78.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ffb5dfd628757f9fb8db73733e5d3de7ec5e47b1c83f744d807d53a10b2303b3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://p185689.myckdom.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 12:52:52 GMT
etag
W/"95d-CsvDmcForuZhlqyJuTIPdo9ynSE"
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
134
Content-Type
text/html
Date
Thu, 17 Aug 2023 12:52:51 GMT
Location
https://click.cartageous.de:443/?fct=true&psid=14683&auth=oAHrJ&kw=&mfid=19239&env=2&subid=ch_63025849|010_inf_df_guenstiger_de_merchant_leuchtenland|furniture&rn=true
Server
awselb/2.0
landing.min.js
click.cartageous.de/js/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://click.cartageous.de/js/landing.min.js
Requested by
Host: click.cartageous.de
URL: https://click.cartageous.de/?fct=true&psid=14683&auth=oAHrJ&kw=&mfid=19239&env=2&subid=ch_63025849|010_inf_df_guenstiger_de_merchant_leuchtenland|furniture&rn=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.38.78 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-38-78.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
f86941ddd37c9824e12d130b44bbdd7c14637160aac9f17322e97e32cf1e20be
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://click.cartageous.de/?fct=true&psid=14683&auth=oAHrJ&kw=&mfid=19239&env=2&subid=ch_63025849|010_inf_df_guenstiger_de_merchant_leuchtenland|furniture&rn=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 12:52:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 09 Mar 2023 13:21:53 GMT
content-encoding
gzip
etag
W/"10ae6-186c6890168"
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
vary
Accept-Encoding
accept-ranges
bytes
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		2 KB
981 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat&display=swap
Requested by
Host: click.cartageous.de
URL: https://click.cartageous.de/?fct=true&psid=14683&auth=oAHrJ&kw=&mfid=19239&env=2&subid=ch_63025849|010_inf_df_guenstiger_de_merchant_leuchtenland|furniture&rn=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b0a7896b676327b0104f57fb692a30bd23c98e54df1c0d893c544f652e573d50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://click.cartageous.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Aug 2023 12:52:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 11:37:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Aug 2023 12:52:52 GMT
bcloader.gif
click.cartageous.de/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://click.cartageous.de/images/bcloader.gif
Requested by
Host: click.cartageous.de
URL: https://click.cartageous.de/?fct=true&psid=14683&auth=oAHrJ&kw=&mfid=19239&env=2&subid=ch_63025849|010_inf_df_guenstiger_de_merchant_leuchtenland|furniture&rn=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.38.78 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-38-78.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6697a4e88a23706a4b0e2eada7b346b7e5839d71d07505987582f48e810784f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://click.cartageous.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 12:52:52 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 09 Mar 2023 13:21:53 GMT
etag
W/"6816-186c6890168"
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
content-length
26646
x-xss-protection
1; mode=block
updateClickStatus
click.cartageous.de/ 		236 B
552 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://click.cartageous.de/updateClickStatus
Requested by
Host: click.cartageous.de
URL: https://click.cartageous.de/js/landing.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.38.78 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-38-78.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://click.cartageous.de/?fct=true&psid=14683&auth=oAHrJ&kw=&mfid=19239&env=2&subid=ch_63025849|010_inf_df_guenstiger_de_merchant_leuchtenland|furniture&rn=true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 17 Aug 2023 12:52:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
etag
W/"ec-nGJtFii8Jb+0NGJ1TsQgTzSFx/g"
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
content-length
236
x-xss-protection
1; mode=block
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://click.cartageous.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 06:25:13 GMT
x-content-type-options
nosniff
age
455259
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12708
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:55:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 06:25:13 GMT
ClickTracker.jsp
suche.guenstiger.de/norob/ 		169 KB
113 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&origin=cartageous%20de%20affiliate&p=364184&tagId=21540101650&clickSource=1133094829
Requested by
Host: click.cartageous.de
URL: https://click.cartageous.de/js/landing.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05cb56a98969d5c81830b812d91629c9551c8fde08da47eec6d5529c80d13864
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://click.cartageous.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7f820e89adb21c15-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Thu, 17 Aug 2023 12:52:53 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-robots-tag
noindex, nofollow
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f4d68883424d8bcf3c15f6ec7c665694b214ff04f1cb6a570da843c517d363c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		111 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b4c724b0cc41e5106fc4d32b48bcce768085d277853c7aadbc2acc81ac4b59

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
v1
suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		165 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f820e89adb21c15
Requested by
Host: suche.guenstiger.de
URL: https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&origin=cartageous%20de%20affiliate&p=364184&tagId=21540101650&clickSource=1133094829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cfe5d7b3cc909a1f19a81c918548f0fa0512cf49fb045eb02c48443dd0d46c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&origin=cartageous%20de%20affiliate&p=364184&tagId=21540101650&clickSource=1133094829&__cf_chl_rt_tk=2hzUe7HwYXU2GjxYIfW._t65D1YJefpNweZOPOaWHFI-1692276773-0-gaNycGzNDDs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 12:52:53 GMT
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
server
cloudflare
cf-ray
7f820e8a4ebe1c15-FRA
content-type
application/javascript; charset=UTF-8
api.js
challenges.cloudflare.com/turnstile/v0/g/313d8a27/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/313d8a27/api.js?onload=URXdVe4&render=explicit
Requested by
Host: suche.guenstiger.de
URL: https://suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f820e89adb21c15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae488283b6cebf52b5bd97cd3dbe44e84ab7e87234525258a07e59a1904c2ed

Request headers

Referer
Origin
https://suche.guenstiger.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 12:52:53 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7f820e8aa9e49191-FRA
alt-svc
h3=":443"; ma=86400
d22dae7e-cb2f-4b6d-a197-00c11548c44e
https://suche.guenstiger.de/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://suche.guenstiger.de/d22dae7e-cb2f-4b6d-a197-00c11548c44e
Requested by
Host: suche.guenstiger.de
URL: https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&origin=cartageous%20de%20affiliate&p=364184&tagId=21540101650&clickSource=1133094829
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&origin=cartageous%20de%20affiliate&p=364184&tagId=21540101650&clickSource=1133094829
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
ba0f0505b873ccc
suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/flow/ov1/1953451998:1692274061:TOykbtgEwRYzkw4oaCDSKw4wolTJ4xFBeoXA4JVC3B0/7f820e89adb21c15/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/flow/ov1/1953451998:1692274061:TOykbtgEwRYzkw4oaCDSKw4wolTJ4xFBeoXA4JVC3B0/7f820e89adb21c15/ba0f0505b873ccc
Requested by
Host: suche.guenstiger.de
URL: https://suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f820e89adb21c15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfb9185312c80f4477620db57d3cf9f48c26f32cd02d9e350889e66ef2f6913f

Request headers

Referer
https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&origin=cartageous%20de%20affiliate&p=364184&tagId=21540101650&clickSource=1133094829
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
CF-Challenge
ba0f0505b873ccc
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
9vG4aepkMPWeKI4sI/SLUmuxHM4v3NzNoa8Go1oQQQ7iPbCq6M0b5sZeOKG4xcYV$c+fajlxcBz2Kp67igIxOLA==
date
Thu, 17 Aug 2023 12:52:53 GMT
content-encoding
br
server
cloudflare
cf-ray
7f820e8b386f1c15-FRA
content-type
text/plain; charset=UTF-8
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/jq6l8/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame DE97 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/jq6l8/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/313d8a27/api.js?onload=URXdVe4&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7f820e8b9b5e9010-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 12:52:53 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
ba0f0505b873ccc
suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/flow/ov1/1953451998:1692274061:TOykbtgEwRYzkw4oaCDSKw4wolTJ4xFBeoXA4JVC3B0/7f820e89adb21c15/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/flow/ov1/1953451998:1692274061:TOykbtgEwRYzkw4oaCDSKw4wolTJ4xFBeoXA4JVC3B0/7f820e89adb21c15/ba0f0505b873ccc
Requested by
Host: suche.guenstiger.de
URL: https://suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f820e89adb21c15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c14771e1f0be3d39e475482b9e60257ef86a14340a4f70a688050e8d87de400f

Request headers

Referer
https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&origin=cartageous%20de%20affiliate&p=364184&tagId=21540101650&clickSource=1133094829
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
CF-Challenge
ba0f0505b873ccc
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-out
Ma631whYl4TZwcDPcM8Rt3WxhywNLam2d1gz78wQoUsec3dExWr7484ag4POCDWtFTX2ERhAHAqFHmi+8TW/8ZA7kGfqnkXg56zWKFCTVhM=$pKaCrstyOHEN8BOHFjAD2w==
cf-chl-out-s
Xoi8KNgPBAAKCt2rr2sjSAOIP3mfAfcGus1jJEQGcSDZfYeA+IglgbPsG7zdrbX8ZPwWjyJm/2Y9BOLwTnLBMpnMdjugJJ7fywCWeWV+hj/f/nS4HRhDSjYal/xJQ2Qf42ANr8Vx+XwPihUN65OdQrUsxtXWQEdh1K4Vgv7XJyNbQkPqxDvIuEmFHNndr91c$VE8RuVyzssQI9AEZEDGYyw==
date
Thu, 17 Aug 2023 12:52:53 GMT
content-encoding
br
server
cloudflare
cf-ray
7f820e8d0acb1c15-FRA
content-type
text/html; charset=UTF-8
Primary Request ClickTracker.jsp
suche.guenstiger.de/norob/ 		169 KB
113 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&origin=cartageous%20de%20affiliate&p=364184&tagId=21540101650&clickSource=1133094829
Requested by
Host: suche.guenstiger.de
URL: https://suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f820e89adb21c15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
155a4cbc374e45ce3f3717b88876c48f68ff1229759e142e372aa0b5e0d27b48
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&origin=cartageous%20de%20affiliate&p=364184&tagId=21540101650&clickSource=1133094829
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7f820e9d49ca1c15-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Thu, 17 Aug 2023 12:52:56 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-robots-tag
noindex, nofollow
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f4d68883424d8bcf3c15f6ec7c665694b214ff04f1cb6a570da843c517d363c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		111 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b4c724b0cc41e5106fc4d32b48bcce768085d277853c7aadbc2acc81ac4b59

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
v1
suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		159 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f820e9d49ca1c15
Requested by
Host: suche.guenstiger.de
URL: https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&origin=cartageous%20de%20affiliate&p=364184&tagId=21540101650&clickSource=1133094829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bbb35e3f8401e2a2556bd09bc814c9371a2845599b63763d9ffd5010c4da55c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&origin=cartageous%20de%20affiliate&p=364184&tagId=21540101650&clickSource=1133094829&__cf_chl_rt_tk=AQjBXjA6VT__1kj83HEDDlFGxxNLfknIHNkzRG2KP4k-1692276776-0-gaNycGzNDBA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 12:52:56 GMT
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
server
cloudflare
cf-ray
7f820e9d9a4e1c15-FRA
content-type
application/javascript; charset=UTF-8
api.js
challenges.cloudflare.com/turnstile/v0/g/313d8a27/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/313d8a27/api.js?onload=URXdVe4&render=explicit
Requested by
Host: suche.guenstiger.de
URL: https://suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7f820e9d49ca1c15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae488283b6cebf52b5bd97cd3dbe44e84ab7e87234525258a07e59a1904c2ed

Request headers

Referer
Origin
https://suche.guenstiger.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 12:52:56 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7f820e9ddfaa9191-FRA
alt-svc
h3=":443"; ma=86400
9e3b6236-baef-483a-a282-24e0505613b1
https://suche.guenstiger.de/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://suche.guenstiger.de/9e3b6236-baef-483a-a282-24e0505613b1
Requested by
Host: suche.guenstiger.de
URL: https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&origin=cartageous%20de%20affiliate&p=364184&tagId=21540101650&clickSource=1133094829
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&origin=cartageous%20de%20affiliate&p=364184&tagId=21540101650&clickSource=1133094829
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| _cf_chl_opt function| QlFv6 function| TwZwupsVWD function| URXdVe4 boolean| KdU6 function| vQGSCb7 function| ICY6 function| ozlfeI1 function| aw3 object| Rkiqk9 object| YSIJaU7 object| turnstile boolean| HVYp3 string| qja6

6 Cookies

Domain/Path Name / Value
.criagslist.com/ Name: sid
Value: b263b482-3c6d-11ee-96d1-92a56856f63c
.myckdom.com/ Name: rhid
Value: 83550443483
.myckdom.com/ Name: loi
Value: ad_1610097_off_1052777_aff_11683_cid_185689-CRIAGSLIST.COM_ts_1692276771
.guenstiger.de/ Name: __cf_bm
Value: Op0XjTuhAQErMNX7Xm3Kpw3XbHUN2kI4kGRtPaVnH78-1692276773-0-AUdm0qfhxLNAV5M3pEwrNr4otMOK4nJhKZKkcRtgZct813bZ4NTr2L6IpiGTuBWGmZjOx/YgNlfcyzm2guTjIRE=
suche.guenstiger.de/ Name: cf_chl_2
Value: ba0f0505b873ccc
suche.guenstiger.de/ Name: cf_chl_rc_ni
Value: 1

4 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&origin=cartageous%20de%20affiliate&p=364184&tagId=21540101650&clickSource=1133094829
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&origin=cartageous%20de%20affiliate&p=364184&tagId=21540101650&clickSource=1133094829
Message:
Failed to load resource: the server responded with a status of 403 ()