click.cartageous.de Open in urlscan Pro
54.186.22.189 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.rediffmail.com/cgi-bin/red.cgi?red=https%3A%2F%2Fus%2Dwest%2D2%2Eprotection%2Esophos%2Ecom%3Fd%3Dsimplsmile%2En...
Effective URL:
https://click.cartageous.de/?fct=true&psid=13299&kw=&auth=DwaWR&mfid=f5a8266e01574598a5ac1019f3524c73&subid=ch|010_1_db_yiel...
Submission: On April 20 via api (April 20th 2022, 7:16:34 pm UTC) from US — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 10 HTTP transactions. The main IP is 54.186.22.189, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is click.cartageous.de.
TLS certificate: Issued by Amazon on January 12th 2022. Valid for: a year.

This is the only time click.cartageous.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	202.137.235.71 202.137.235.71	38224 (REDIFF-AS...) (REDIFF-AS Rediff.com India Limited)
1 1	52.222.236.26 52.222.236.26	16509 (AMAZON-02) (AMAZON-02)
1 1	5.79.68.109 5.79.68.109	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	108.168.193.189 108.168.193.189	36351 (SOFTLAYER) (SOFTLAYER)
5	54.186.22.189 54.186.22.189	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1 2	52.33.195.141 52.33.195.141	() ()
10	6

1 202.137.235.71 (India)

ASN38224 (REDIFF-AS Rediff.com India Limited, IN)
PTR: f4mail-235-71.rediffmail.com

www.rediffmail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.26 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-26.fra56.r.cloudfront.net

us-west-2.protection.sophos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.79.68.109 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

class.simplsmile.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.168.193.189 (Dallas, United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: bd.c1.a86c.ip4.static.sl-reverse.com

mybetterck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p185689.mybetterck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.186.22.189 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-22-189.us-west-2.compute.amazonaws.com

click.cartageous.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.33.195.141 (None, ) 1 redirects

ASN- ()

cartageous.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cartageous.de 1 redirects click.cartageous.de cartageous.de	60 KB
2	mybetterck.com 1 redirects mybetterck.com — Cisco Umbrella Rank: 41245 p185689.mybetterck.com — Cisco Umbrella Rank: 411789	2 KB
1	gstatic.com fonts.gstatic.com	13 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	simplsmile.net 1 redirects class.simplsmile.net	3 KB
1	sophos.com 1 redirects us-west-2.protection.sophos.com — Cisco Umbrella Rank: 68715	449 B
1	rediffmail.com www.rediffmail.com — Cisco Umbrella Rank: 478904	740 B
10	7

	Domain	Requested by
5	click.cartageous.de	p185689.mybetterck.com click.cartageous.de
2	cartageous.de	1 redirects click.cartageous.de
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	click.cartageous.de
1	p185689.mybetterck.com
1	mybetterck.com	1 redirects
1	class.simplsmile.net	1 redirects
1	us-west-2.protection.sophos.com	1 redirects
1	www.rediffmail.com
10	9

This site contains no links.

Subject Issuer	Validity	Valid
*.rediffmail.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-18` - `2022-10-15`	a year	crt.sh
*.mybetterck.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-06` - `2023-02-06`	a year	crt.sh
*.cartageous.de Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
cartageous.de Amazon	`2021-07-01` - `2022-07-30`	a year	crt.sh

This page contains 1 frames:

Frame: https://cartageous.de/darn/?utm_source=BN001_&utm_medium=cpc&utm_term=medical&utm_content=yieldkit_C_de&utm_campaign=m_Mundschutzhandel
Frame ID: 9A9EF87241E90EECAC8BE4DABAD1EA7B
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.rediffmail.com/cgi-bin/red.cgi?red=https%3A%2F%2Fus%2Dwest%2D2%2Eprotection%2Esophos%2Ecom%... Page URL
https://us-west-2.protection.sophos.com/?d=simplsmile.net&u=aHR0cDovL2NsYXNzLnNpbXBsc21pbGUubmV0L2xpdmUvdW5zdWJzY3Jp... HTTP 302
http://class.simplsmile.net/live/unsubscribe.php?M=233451&C=3ed1ec5b56ea82842a46e12627d70994&L=12&N=423 HTTP 302
https://mybetterck.com/aS/feedclick?s=7BsrmHcakyLBCyDxXx5U948uDhK_8R6jT46ZjpstHTZv70XeqvOOcGPzN2c9f... HTTP 302
https://p185689.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn7n14G9bkf8F49AeD2eX56M2zuodL2g_pEvFE6EqlPUM... Page URL
https://click.cartageous.de/?fct=true&psid=13299&kw=&auth=DwaWR&mfid=f5a8266e01574598a5ac1019f3524c73&su... Page URL

Page Statistics

10
Requests

100 %
HTTPS

25 %
IPv6

7
Domains

9
Subdomains

6
IPs

4
Countries

75 kB
Transfer

129 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.rediffmail.com/cgi-bin/red.cgi?red=https%3A%2F%2Fus%2Dwest%2D2%2Eprotection%2Esophos%2Ecom%3Fd%3Dsimplsmile%2Enet%26amp%3Bu%3DaHR0cDovL2NsYXNzLnNpbXBsc21pbGUubmV0L2xpdmUvdW5zdWJzY3JpYmUucGhwP009MjMzNDUxJkM9M2VkMWVjNWI1NmVhODI4NDJhNDZlMTI2MjdkNzA5OTQmTD0xMiZOPTQyMw%3D%3D%26amp%3Be%3DZmlubGF5bUA0N2JyYW5kLmNvbQ%3D%3D%26amp%3Bt%3DM0hpQ0pKZ2VTdHU1T0RQZ1hwQ2ZrWXVrUGJ2bGsxTFhXdFdhQjZmeXY3cz0%3D&isImage=0&BlockImage=0&rediffng=0&rogue=f9262fa3acb7f18b860f2582330a19637b5113da&rdf=UGcHZFUxXzFSegElBiUHIVtpB3VbZQVlBDJefVc5ATFRNQ== Page URL
https://us-west-2.protection.sophos.com/?d=simplsmile.net&u=aHR0cDovL2NsYXNzLnNpbXBsc21pbGUubmV0L2xpdmUvdW5zdWJzY3JpYmUucGhwP009MjMzNDUxJkM9M2VkMWVjNWI1NmVhODI4NDJhNDZlMTI2MjdkNzA5OTQmTD0xMiZOPTQyMw==&e=ZmlubGF5bUA0N2JyYW5kLmNvbQ==&t=M0hpQ0pKZ2VTdHU1T0RQZ1hwQ2ZrWXVrUGJ2bGsxTFhXdFdhQjZmeXY3cz0= HTTP 302
http://class.simplsmile.net/live/unsubscribe.php?M=233451&C=3ed1ec5b56ea82842a46e12627d70994&L=12&N=423 HTTP 302
https://mybetterck.com/aS/feedclick?s=7BsrmHcakyLBCyDxXx5U948uDhK_8R6jT46ZjpstHTZv70XeqvOOcGPzN2c9f2E7_vAN-6p8GpmDZG8TCuTZ6pDoEwlyap2k_k9jsMCbZfF3Ys-xo4FSmcx7OeVXJCwRHWVUL2gXgUyatsBFMaSTc1RQ5RxkQPBqyyTn3ctXNy-DomC2_uys6ctPMl8ToHClgVl6a6IFPmIhox5_czhBIeQnufZZFy1PfNuVK5o-GKk7hP7V-IQIGmPDKskNU3xEzDdFO5iwfqgkRwpk_t_SEMVzZGnV_XuECqD2Ik80H4H88Wp2tc45T3nS2M3hqgn4Tn_7h_AtNdYzFa4plT3Ag0ooLQbGh8h3fueHiKty-N_GniOmCY_jRZ0NKaaIL68Kq4VDcCnaHzBnL8PEsbiBXeyLQ7qz06z1TbGbtwj7_hDtrv5vePE8y1edLAG-zpdnGEsP8uRjVMDBDpLKACY_1K9H8mRCZjrIKfT_N5LagTf9OlO_KjgVYu1gJrSgKf144byHFL7qOffYUs9z4zY0uYg15GNS2ZaR-VUZ4i50XjzpagFC-Q9aB5wJi-_6OJ0o36HHTxC9Qa5PBXVPNB1b3fJQDbofXQkHa9wMI6GuQ1jtwCG6BY1IRbpbiEiSncJSZXEc2JCpRPHbEV0blrficn4tKMZhBOL7zK863VJ00PJRxx1OCtQVnS1yOuomwApXmdDLYVLvKZkynXcRpsQVNFo7e9aFjmlj8u3lakE9rLMbZLjxh6RKpZ0NKaaIL68KiglIDbLocQN2VYkIKmHhybmuIPbiKGzBJvJrcZa5mIyrNKDvG-iivXpaO2gdwsojDLwzIIfp_9ElfsM3d7hGYAuL3ZLEwiTdzFVMQo3fsiQR75i0AAvKrSl0uREMkuRRODY81gCuBYHWF_Y1coMfGRRhKRvrY84l_sW8kFvAO5ivgaHxnzj_FzCNCKgKzeL5hV63e0ZzrzpYhhfnHu7E4CeVTSRj8lW9bCoxbMEeYNMpD7G1hgLQRL52sSSAI5rVsxDOVUbWE3P0oqOwgxoAmozAGmWEVKePo-IU-FfESOhQ3L55i-ZF9xuqfsK8m11eyhrD3NbPE8HR1cIU_myfjyVX7QqIorejtLM6ERW8kuM_H0y1Ji5QblXqG3vH-IIWu0uikYji7lKXJJmM0F7LD9rZfEzlqSXPXLkQM_5rwHMcom4Mvr84ZBSYZkHSHNKIHQPQAcecbRez-BO3nhGGU4b0ZTwJdVcua6--KkgbuExCi1mqMYBt0c30vDUgVZNMxw1e-ICZeIXB_UL87OQxCzLkhpDNSNKdJa7NUQSed7eThIcX4Bu5Q8FBp8J6sf4Rp0OzqLUHfaX3pdCaeWk5uRuxlExe89mNmY0cdcddbvxIIkXpzPGaqfvmig8sGLrZWdPxVOtdnGntnfbMZLsZC2kB5XDehuly-yA7v6lc1q8UA2JukiOkBdNpew5ulx-cGxqNRqSBnH4VBWrfHH8WNZF3unI10_ysRj4O3aKfYybvmIVSh7A3EVEyzUCwTYVGC70Qvrjo85oBEtFuaQveBSQPtXcJTecQHYnF_uGKIhf9i8RXIBPiaHC6EZ1O5NZDuNOx_OGrEsE2A9iGtkFiTh2TGqGLvXUjufsZRntBDqVPNC_OJaKrruNNVC9UvhJwljCoRyouWo1FrxW_XL0h9YLdDyfApm4RAVBoHw3O1Gpopyec5UJrWC1Wh3KHXo275meCTasL7X8TY03EDqJv4hUwjJBAo8FARU_6cwqzIu_XcxkDvgB_f0Riitsoje51RzairRdZvBjVK0wZbkaWbp5R1pl__-0AeulqasrsFTPkZOFdjuBEUc12CZsrAnOzaAnwZCTWfpxmJHaIqHJRtJCP8wGPeBgVLq1hASh2WjUjn4ZUC8E4sPNDQHSK7m9n3ynD5UObBi5x6kVPQedp7K6OIiYjPcxmj0B4PZ5fnozbO6h0vaD-kS8UToSqU9QyRWvzficolRvu--4qsugEwPlAaGpwF5xJjIi395sMi-_XW8JGuh02Qcmyc6im5qrNTmd9cKja-7yVL4p0M9yz_fsDmltKRG8u197tYt4n5oOJNxtuujOTLY3nT4y20vFBDPfd6YvOVrolx9Ee8khUiCGo--TBfMXvBNL_vb2qHzcZt3r8duo9vTQNYun7A3E0AglMCFd-CoP5ID9peQ4GXU3mTKrgUj1WQzHlw9foU9rmbR7b-zflXgeJ2ZlkJ8fJD0RVGwY93HNM-8Dr-0AmG6mciHMvyRq7A85kfdte7mTmMWS1KUCCT-_u6p3Nt-wPreZMckeui2XoIyUNetJPruswprCrklI6f3OXBN-1pPvQ7ZIb1Q_Ti1n3-dgzjDwL197tYt4n5oOln4utSqikIm7Hq_7fZGPeYONsVUuBAbnY-WcFdvbTDwPOZH3bXu5khY_JJPyzp0hJCYry8F0XdVP9KVupSslbSyxQffT4vL7p6t2Df9GS84wltJenpF1Mbs1JD30xe-mNOntyGiJLUP2m2uOhuSOHuRwRwBiPGktC0X7aBu1VlNiAbtp9NeTI HTTP 302
https://p185689.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn7n14G9bkf8F49AeD2eX56M2zuodL2g_pEvFE6EqlPUMkVr834nKJUb7vvuKrLoBMD5QGhqcBecSYyIt_ebDIvv11vCRrodNkHJsnOopuaqzU5nfXCo2vu8lS-KdDPcs_37A5pbSkRvLtfe7WLeJ-aDiTcbbrozky2N50-MttLxQQz33emLzla6JcfRHvJIVIghqPvkwXzF7wTS_729qh83Gbd6_HbqPb00DWLp-wNxNAIJTAhXfgqD-SA_aXkOBl1N5kyq4FI9VkMx5cPX6FPa5m0e2_s35V4HidmZZCfHyQ9EVRsGPdxzTPvA6_tAJhupnIhzL8kauwPOZH3bXu5k5jFktSlAgk_v7uqdzbfsD63mTHJHrotl6CMlDXrST67rMKawq5JSOn9zlwTftaT70O2SG9UP04tZ9_nYM4w8C9fe7WLeJ-aDpZ-LrUqopCJux6v-32Rj3mDjbFVLgQG52PlnBXb20w8DzmR9217uZIWPyST8s6dIPyhL1jZXXPapEy85WQjTEQp7KgPPc86W95Dpi3RrdK44_hj3LKCP20wfejooXsGXktxZKrThHDWWWmDgWFl_FPOvqWGqhFc6HXEwMHfrP_Yrv21SAAaN4zdmkZQqqBbUshk0Oqjn3V1rSJVwKiRc4mZ8DwEAVB_SsYmH1exPUVWB1ex7l22BViBgopxn20GxJmCCRov00lFk38X7NSW9FaHwd9wVvpvaQxvgOjvL5v4N7Ssv4XmSKZZXpgFk2j54e8rROKEv96SS-CpzjmCCRSkbjTnD0JcoWrkuEiZvcEKC67YP62osaVKsh-dcjcrEf7X8aqNKDMBICUQx8RHS_UFuyjOQLz4P4HJunKpK9iFBkPupndj_dlw8gxgHHwp8CTF8xdfU0PM&ui=7BsrmHcakyLBCyDxXx5U9_bWwvziNp_1xLgNeF8Zj-jboOfZonjWIlpWeFB82jA-5qS9VcUsjYKxSuH8IcPeYbwNC3O0--uEeyrqjC--wLyNusQ992zxiA&si=1&oref=c7580a6cdea365ebf50089826f2c1dbc&optunit=eulqasrsFTMsHIc3Wt93SQ&rb=bBYvYlMrmMM&rr=1&isco=t&abtg=0 Page URL
https://click.cartageous.de/?fct=true&psid=13299&kw=&auth=DwaWR&mfid=f5a8266e01574598a5ac1019f3524c73&subid=ch|010_1_db_yieldkit_de_cpc_merchant_Mundschutzhandel|medical&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Dmedical%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_Mundschutzhandel Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://us-west-2.protection.sophos.com/?d=simplsmile.net&u=aHR0cDovL2NsYXNzLnNpbXBsc21pbGUubmV0L2xpdmUvdW5zdWJzY3JpYmUucGhwP009MjMzNDUxJkM9M2VkMWVjNWI1NmVhODI4NDJhNDZlMTI2MjdkNzA5OTQmTD0xMiZOPTQyMw==&e=ZmlubGF5bUA0N2JyYW5kLmNvbQ==&t=M0hpQ0pKZ2VTdHU1T0RQZ1hwQ2ZrWXVrUGJ2bGsxTFhXdFdhQjZmeXY3cz0= HTTP 302
http://class.simplsmile.net/live/unsubscribe.php?M=233451&C=3ed1ec5b56ea82842a46e12627d70994&L=12&N=423 HTTP 302
https://mybetterck.com/aS/feedclick?s=7BsrmHcakyLBCyDxXx5U948uDhK_8R6jT46ZjpstHTZv70XeqvOOcGPzN2c9f2E7_vAN-6p8GpmDZG8TCuTZ6pDoEwlyap2k_k9jsMCbZfF3Ys-xo4FSmcx7OeVXJCwRHWVUL2gXgUyatsBFMaSTc1RQ5RxkQPBqyyTn3ctXNy-DomC2_uys6ctPMl8ToHClgVl6a6IFPmIhox5_czhBIeQnufZZFy1PfNuVK5o-GKk7hP7V-IQIGmPDKskNU3xEzDdFO5iwfqgkRwpk_t_SEMVzZGnV_XuECqD2Ik80H4H88Wp2tc45T3nS2M3hqgn4Tn_7h_AtNdYzFa4plT3Ag0ooLQbGh8h3fueHiKty-N_GniOmCY_jRZ0NKaaIL68Kq4VDcCnaHzBnL8PEsbiBXeyLQ7qz06z1TbGbtwj7_hDtrv5vePE8y1edLAG-zpdnGEsP8uRjVMDBDpLKACY_1K9H8mRCZjrIKfT_N5LagTf9OlO_KjgVYu1gJrSgKf144byHFL7qOffYUs9z4zY0uYg15GNS2ZaR-VUZ4i50XjzpagFC-Q9aB5wJi-_6OJ0o36HHTxC9Qa5PBXVPNB1b3fJQDbofXQkHa9wMI6GuQ1jtwCG6BY1IRbpbiEiSncJSZXEc2JCpRPHbEV0blrficn4tKMZhBOL7zK863VJ00PJRxx1OCtQVnS1yOuomwApXmdDLYVLvKZkynXcRpsQVNFo7e9aFjmlj8u3lakE9rLMbZLjxh6RKpZ0NKaaIL68KiglIDbLocQN2VYkIKmHhybmuIPbiKGzBJvJrcZa5mIyrNKDvG-iivXpaO2gdwsojDLwzIIfp_9ElfsM3d7hGYAuL3ZLEwiTdzFVMQo3fsiQR75i0AAvKrSl0uREMkuRRODY81gCuBYHWF_Y1coMfGRRhKRvrY84l_sW8kFvAO5ivgaHxnzj_FzCNCKgKzeL5hV63e0ZzrzpYhhfnHu7E4CeVTSRj8lW9bCoxbMEeYNMpD7G1hgLQRL52sSSAI5rVsxDOVUbWE3P0oqOwgxoAmozAGmWEVKePo-IU-FfESOhQ3L55i-ZF9xuqfsK8m11eyhrD3NbPE8HR1cIU_myfjyVX7QqIorejtLM6ERW8kuM_H0y1Ji5QblXqG3vH-IIWu0uikYji7lKXJJmM0F7LD9rZfEzlqSXPXLkQM_5rwHMcom4Mvr84ZBSYZkHSHNKIHQPQAcecbRez-BO3nhGGU4b0ZTwJdVcua6--KkgbuExCi1mqMYBt0c30vDUgVZNMxw1e-ICZeIXB_UL87OQxCzLkhpDNSNKdJa7NUQSed7eThIcX4Bu5Q8FBp8J6sf4Rp0OzqLUHfaX3pdCaeWk5uRuxlExe89mNmY0cdcddbvxIIkXpzPGaqfvmig8sGLrZWdPxVOtdnGntnfbMZLsZC2kB5XDehuly-yA7v6lc1q8UA2JukiOkBdNpew5ulx-cGxqNRqSBnH4VBWrfHH8WNZF3unI10_ysRj4O3aKfYybvmIVSh7A3EVEyzUCwTYVGC70Qvrjo85oBEtFuaQveBSQPtXcJTecQHYnF_uGKIhf9i8RXIBPiaHC6EZ1O5NZDuNOx_OGrEsE2A9iGtkFiTh2TGqGLvXUjufsZRntBDqVPNC_OJaKrruNNVC9UvhJwljCoRyouWo1FrxW_XL0h9YLdDyfApm4RAVBoHw3O1Gpopyec5UJrWC1Wh3KHXo275meCTasL7X8TY03EDqJv4hUwjJBAo8FARU_6cwqzIu_XcxkDvgB_f0Riitsoje51RzairRdZvBjVK0wZbkaWbp5R1pl__-0AeulqasrsFTPkZOFdjuBEUc12CZsrAnOzaAnwZCTWfpxmJHaIqHJRtJCP8wGPeBgVLq1hASh2WjUjn4ZUC8E4sPNDQHSK7m9n3ynD5UObBi5x6kVPQedp7K6OIiYjPcxmj0B4PZ5fnozbO6h0vaD-kS8UToSqU9QyRWvzficolRvu--4qsugEwPlAaGpwF5xJjIi395sMi-_XW8JGuh02Qcmyc6im5qrNTmd9cKja-7yVL4p0M9yz_fsDmltKRG8u197tYt4n5oOJNxtuujOTLY3nT4y20vFBDPfd6YvOVrolx9Ee8khUiCGo--TBfMXvBNL_vb2qHzcZt3r8duo9vTQNYun7A3E0AglMCFd-CoP5ID9peQ4GXU3mTKrgUj1WQzHlw9foU9rmbR7b-zflXgeJ2ZlkJ8fJD0RVGwY93HNM-8Dr-0AmG6mciHMvyRq7A85kfdte7mTmMWS1KUCCT-_u6p3Nt-wPreZMckeui2XoIyUNetJPruswprCrklI6f3OXBN-1pPvQ7ZIb1Q_Ti1n3-dgzjDwL197tYt4n5oOln4utSqikIm7Hq_7fZGPeYONsVUuBAbnY-WcFdvbTDwPOZH3bXu5khY_JJPyzp0hJCYry8F0XdVP9KVupSslbSyxQffT4vL7p6t2Df9GS84wltJenpF1Mbs1JD30xe-mNOntyGiJLUP2m2uOhuSOHuRwRwBiPGktC0X7aBu1VlNiAbtp9NeTI HTTP 302
https://p185689.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn7n14G9bkf8F49AeD2eX56M2zuodL2g_pEvFE6EqlPUMkVr834nKJUb7vvuKrLoBMD5QGhqcBecSYyIt_ebDIvv11vCRrodNkHJsnOopuaqzU5nfXCo2vu8lS-KdDPcs_37A5pbSkRvLtfe7WLeJ-aDiTcbbrozky2N50-MttLxQQz33emLzla6JcfRHvJIVIghqPvkwXzF7wTS_729qh83Gbd6_HbqPb00DWLp-wNxNAIJTAhXfgqD-SA_aXkOBl1N5kyq4FI9VkMx5cPX6FPa5m0e2_s35V4HidmZZCfHyQ9EVRsGPdxzTPvA6_tAJhupnIhzL8kauwPOZH3bXu5k5jFktSlAgk_v7uqdzbfsD63mTHJHrotl6CMlDXrST67rMKawq5JSOn9zlwTftaT70O2SG9UP04tZ9_nYM4w8C9fe7WLeJ-aDpZ-LrUqopCJux6v-32Rj3mDjbFVLgQG52PlnBXb20w8DzmR9217uZIWPyST8s6dIPyhL1jZXXPapEy85WQjTEQp7KgPPc86W95Dpi3RrdK44_hj3LKCP20wfejooXsGXktxZKrThHDWWWmDgWFl_FPOvqWGqhFc6HXEwMHfrP_Yrv21SAAaN4zdmkZQqqBbUshk0Oqjn3V1rSJVwKiRc4mZ8DwEAVB_SsYmH1exPUVWB1ex7l22BViBgopxn20GxJmCCRov00lFk38X7NSW9FaHwd9wVvpvaQxvgOjvL5v4N7Ssv4XmSKZZXpgFk2j54e8rROKEv96SS-CpzjmCCRSkbjTnD0JcoWrkuEiZvcEKC67YP62osaVKsh-dcjcrEf7X8aqNKDMBICUQx8RHS_UFuyjOQLz4P4HJunKpK9iFBkPupndj_dlw8gxgHHwp8CTF8xdfU0PM&ui=7BsrmHcakyLBCyDxXx5U9_bWwvziNp_1xLgNeF8Zj-jboOfZonjWIlpWeFB82jA-5qS9VcUsjYKxSuH8IcPeYbwNC3O0--uEeyrqjC--wLyNusQ992zxiA&si=1&oref=c7580a6cdea365ebf50089826f2c1dbc&optunit=eulqasrsFTMsHIc3Wt93SQ&rb=bBYvYlMrmMM&rr=1&isco=t&abtg=0

Request Chain 8

http://cartageous.de/darn/?utm_source=BN001_&utm_medium=cpc&utm_term=medical&utm_content=yieldkit_C_de&utm_campaign=m_Mundschutzhandel HTTP 301
https://cartageous.de/darn/?utm_source=BN001_&utm_medium=cpc&utm_term=medical&utm_content=yieldkit_C_de&utm_campaign=m_Mundschutzhandel

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK red.cgi
www.rediffmail.com/cgi-bin/ 390 B
740 B 673ms
180ms Document
text/html 202.137.235.71
REDIFF-AS Rediff....

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rediffmail.com/cgi-bin/red.cgi?red=https%3A%2F%2Fus%2Dwest%2D2%2Eprotection%2Esophos%2Ecom%3Fd%3Dsimplsmile%2Enet%26amp%3Bu%3DaHR0cDovL2NsYXNzLnNpbXBsc21pbGUubmV0L2xpdmUvdW5zdWJzY3JpYmUucGhwP009MjMzNDUxJkM9M2VkMWVjNWI1NmVhODI4NDJhNDZlMTI2MjdkNzA5OTQmTD0xMiZOPTQyMw%3D%3D%26amp%3Be%3DZmlubGF5bUA0N2JyYW5kLmNvbQ%3D%3D%26amp%3Bt%3DM0hpQ0pKZ2VTdHU1T0RQZ1hwQ2ZrWXVrUGJ2bGsxTFhXdFdhQjZmeXY3cz0%3D&isImage=0&BlockImage=0&rediffng=0&rogue=f9262fa3acb7f18b860f2582330a19637b5113da&rdf=UGcHZFUxXzFSegElBiUHIVtpB3VbZQVlBDJefVc5ATFRNQ==
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 202.137.235.71 , India, ASN38224 (REDIFF-AS Rediff.com India Limited, IN),
Reverse DNS: f4mail-235-71.rediffmail.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 341
Content-Type: text/html
Date: Wed, 20 Apr 2022 19:16:29 GMT
Keep-Alive: timeout=50, max=100
P3P: CP="ALL DSP COR LAW CUR DEVi TAI PSAi PSD IVA IVD CONo HIS TELo OUR DEL SAM BUS LOC" policyref="http://www.rediff.com/w3c/p3p.xml"
Server: Apache
Vary: Accept-Encoding

GET
H2

200

domainClick
p185689.mybetterck.com/adServe/
Redirect Chain

https://us-west-2.protection.sophos.com/?d=simplsmile.net&u=aHR0cDovL2NsYXNzLnNpbXBsc21pbGUubmV0L2xpdmUvdW5zdWJzY3JpYmUucGhwP009MjMzNDUxJkM9M2VkMWVjNWI1NmVhODI4NDJhNDZlMTI2MjdkNzA5OTQmTD0xMiZOPTQyM...
http://class.simplsmile.net/live/unsubscribe.php?M=233451&C=3ed1ec5b56ea82842a46e12627d70994&L=12&N=423
https://mybetterck.com/aS/feedclick?s=7BsrmHcakyLBCyDxXx5U948uDhK_8R6jT46ZjpstHTZv70XeqvOOcGPzN2c9f2E7_vAN-6p8GpmDZG8TCuTZ6pDoEwlyap2k_k9jsMCbZfF3Ys-xo4FSmcx7OeVXJCwRHWVUL2gXgUyatsBFMaSTc1RQ5RxkQPB...
https://p185689.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn7n14G9bkf8F49AeD2eX56M2zuodL2g_pEvFE6EqlPUMkVr834nKJUb7vvuKrLoBMD5QGhqcBecSYyIt_ebDIvv11vCRrodNkHJsnOopuaqzU5nfXCo2vu8lS-KdDPcs_37A5p...

539 B
741 B

157ms
148ms

Document
text/html

108.168.193.189
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://p185689.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn7n14G9bkf8F49AeD2eX56M2zuodL2g_pEvFE6EqlPUMkVr834nKJUb7vvuKrLoBMD5QGhqcBecSYyIt_ebDIvv11vCRrodNkHJsnOopuaqzU5nfXCo2vu8lS-KdDPcs_37A5pbSkRvLtfe7WLeJ-aDiTcbbrozky2N50-MttLxQQz33emLzla6JcfRHvJIVIghqPvkwXzF7wTS_729qh83Gbd6_HbqPb00DWLp-wNxNAIJTAhXfgqD-SA_aXkOBl1N5kyq4FI9VkMx5cPX6FPa5m0e2_s35V4HidmZZCfHyQ9EVRsGPdxzTPvA6_tAJhupnIhzL8kauwPOZH3bXu5k5jFktSlAgk_v7uqdzbfsD63mTHJHrotl6CMlDXrST67rMKawq5JSOn9zlwTftaT70O2SG9UP04tZ9_nYM4w8C9fe7WLeJ-aDpZ-LrUqopCJux6v-32Rj3mDjbFVLgQG52PlnBXb20w8DzmR9217uZIWPyST8s6dIPyhL1jZXXPapEy85WQjTEQp7KgPPc86W95Dpi3RrdK44_hj3LKCP20wfejooXsGXktxZKrThHDWWWmDgWFl_FPOvqWGqhFc6HXEwMHfrP_Yrv21SAAaN4zdmkZQqqBbUshk0Oqjn3V1rSJVwKiRc4mZ8DwEAVB_SsYmH1exPUVWB1ex7l22BViBgopxn20GxJmCCRov00lFk38X7NSW9FaHwd9wVvpvaQxvgOjvL5v4N7Ssv4XmSKZZXpgFk2j54e8rROKEv96SS-CpzjmCCRSkbjTnD0JcoWrkuEiZvcEKC67YP62osaVKsh-dcjcrEf7X8aqNKDMBICUQx8RHS_UFuyjOQLz4P4HJunKpK9iFBkPupndj_dlw8gxgHHwp8CTF8xdfU0PM&ui=7BsrmHcakyLBCyDxXx5U9_bWwvziNp_1xLgNeF8Zj-jboOfZonjWIlpWeFB82jA-5qS9VcUsjYKxSuH8IcPeYbwNC3O0--uEeyrqjC--wLyNusQ992zxiA&si=1&oref=c7580a6cdea365ebf50089826f2c1dbc&optunit=eulqasrsFTMsHIc3Wt93SQ&rb=bBYvYlMrmMM&rr=1&isco=t&abtg=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: bd.c1.a86c.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.rediffmail.com/cgi-bin/red.cgi?red=https%3A%2F%2Fus%2Dwest%2D2%2Eprotection%2Esophos%2Ecom%3Fd%3Dsimplsmile%2Enet%26amp%3Bu%3DaHR0cDovL2NsYXNzLnNpbXBsc21pbGUubmV0L2xpdmUvdW5zdWJzY3JpYmUucGhwP009MjMzNDUxJkM9M2VkMWVjNWI1NmVhODI4NDJhNDZlMTI2MjdkNzA5OTQmTD0xMiZOPTQyMw%3D%3D%26amp%3Be%3DZmlubGF5bUA0N2JyYW5kLmNvbQ%3D%3D%26amp%3Bt%3DM0hpQ0pKZ2VTdHU1T0RQZ1hwQ2ZrWXVrUGJ2bGsxTFhXdFdhQjZmeXY3cz0%3D&isImage=0&BlockImage=0&rediffng=0&rogue=f9262fa3acb7f18b860f2582330a19637b5113da&rdf=UGcHZFUxXzFSegElBiUHIVtpB3VbZQVlBDJefVc5ATFRNQ==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Wed, 20 Apr 2022 19:16:31 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

content-length: 0
date: Wed, 20 Apr 2022 19:16:31 GMT
location: https://p185689.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn7n14G9bkf8F49AeD2eX56M2zuodL2g_pEvFE6EqlPUMkVr834nKJUb7vvuKrLoBMD5QGhqcBecSYyIt_ebDIvv11vCRrodNkHJsnOopuaqzU5nfXCo2vu8lS-KdDPcs_37A5pbSkRvLtfe7WLeJ-aDiTcbbrozky2N50-MttLxQQz33emLzla6JcfRHvJIVIghqPvkwXzF7wTS_729qh83Gbd6_HbqPb00DWLp-wNxNAIJTAhXfgqD-SA_aXkOBl1N5kyq4FI9VkMx5cPX6FPa5m0e2_s35V4HidmZZCfHyQ9EVRsGPdxzTPvA6_tAJhupnIhzL8kauwPOZH3bXu5k5jFktSlAgk_v7uqdzbfsD63mTHJHrotl6CMlDXrST67rMKawq5JSOn9zlwTftaT70O2SG9UP04tZ9_nYM4w8C9fe7WLeJ-aDpZ-LrUqopCJux6v-32Rj3mDjbFVLgQG52PlnBXb20w8DzmR9217uZIWPyST8s6dIPyhL1jZXXPapEy85WQjTEQp7KgPPc86W95Dpi3RrdK44_hj3LKCP20wfejooXsGXktxZKrThHDWWWmDgWFl_FPOvqWGqhFc6HXEwMHfrP_Yrv21SAAaN4zdmkZQqqBbUshk0Oqjn3V1rSJVwKiRc4mZ8DwEAVB_SsYmH1exPUVWB1ex7l22BViBgopxn20GxJmCCRov00lFk38X7NSW9FaHwd9wVvpvaQxvgOjvL5v4N7Ssv4XmSKZZXpgFk2j54e8rROKEv96SS-CpzjmCCRSkbjTnD0JcoWrkuEiZvcEKC67YP62osaVKsh-dcjcrEf7X8aqNKDMBICUQx8RHS_UFuyjOQLz4P4HJunKpK9iFBkPupndj_dlw8gxgHHwp8CTF8xdfU0PM&ui=7BsrmHcakyLBCyDxXx5U9_bWwvziNp_1xLgNeF8Zj-jboOfZonjWIlpWeFB82jA-5qS9VcUsjYKxSuH8IcPeYbwNC3O0--uEeyrqjC--wLyNusQ992zxiA&si=1&oref=c7580a6cdea365ebf50089826f2c1dbc&optunit=eulqasrsFTMsHIc3Wt93SQ&rb=bBYvYlMrmMM&rr=1&isco=t&abtg=0
server: nginx

GET
H2 200 Primary Request / Show response
click.cartageous.de/ 3 KB
2 KB 524ms
166ms Document
text/html 54.186.22.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://click.cartageous.de/?fct=true&psid=13299&kw=&auth=DwaWR&mfid=f5a8266e01574598a5ac1019f3524c73&subid=ch|010_1_db_yieldkit_de_cpc_merchant_Mundschutzhandel|medical&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Dmedical%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_Mundschutzhandel

Requested by

Host: p185689.mybetterck.com
URL: https://p185689.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn7n14G9bkf8F49AeD2eX56M2zuodL2g_pEvFE6EqlPUMkVr834nKJUb7vvuKrLoBMD5QGhqcBecSYyIt_ebDIvv11vCRrodNkHJsnOopuaqzU5nfXCo2vu8lS-KdDPcs_37A5pbSkRvLtfe7WLeJ-aDiTcbbrozky2N50-MttLxQQz33emLzla6JcfRHvJIVIghqPvkwXzF7wTS_729qh83Gbd6_HbqPb00DWLp-wNxNAIJTAhXfgqD-SA_aXkOBl1N5kyq4FI9VkMx5cPX6FPa5m0e2_s35V4HidmZZCfHyQ9EVRsGPdxzTPvA6_tAJhupnIhzL8kauwPOZH3bXu5k5jFktSlAgk_v7uqdzbfsD63mTHJHrotl6CMlDXrST67rMKawq5JSOn9zlwTftaT70O2SG9UP04tZ9_nYM4w8C9fe7WLeJ-aDpZ-LrUqopCJux6v-32Rj3mDjbFVLgQG52PlnBXb20w8DzmR9217uZIWPyST8s6dIPyhL1jZXXPapEy85WQjTEQp7KgPPc86W95Dpi3RrdK44_hj3LKCP20wfejooXsGXktxZKrThHDWWWmDgWFl_FPOvqWGqhFc6HXEwMHfrP_Yrv21SAAaN4zdmkZQqqBbUshk0Oqjn3V1rSJVwKiRc4mZ8DwEAVB_SsYmH1exPUVWB1ex7l22BViBgopxn20GxJmCCRov00lFk38X7NSW9FaHwd9wVvpvaQxvgOjvL5v4N7Ssv4XmSKZZXpgFk2j54e8rROKEv96SS-CpzjmCCRSkbjTnD0JcoWrkuEiZvcEKC67YP62osaVKsh-dcjcrEf7X8aqNKDMBICUQx8RHS_UFuyjOQLz4P4HJunKpK9iFBkPupndj_dlw8gxgHHwp8CTF8xdfU0PM&ui=7BsrmHcakyLBCyDxXx5U9_bWwvziNp_1xLgNeF8Zj-jboOfZonjWIlpWeFB82jA-5qS9VcUsjYKxSuH8IcPeYbwNC3O0--uEeyrqjC--wLyNusQ992zxiA&si=1&oref=c7580a6cdea365ebf50089826f2c1dbc&optunit=eulqasrsFTMsHIc3Wt93SQ&rb=bBYvYlMrmMM&rr=1&isco=t&abtg=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.22.189 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-22-189.us-west-2.compute.amazonaws.com

Software

Resource Hash

b3f025aa027e867ff4e4fe980ea8813b6af91b2cbab53f7566a5e2e1d6942ae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 20 Apr 2022 19:16:32 GMT
etag: W/"c1d-AReQZUZHT/5D3nu4lUNOVQ1IGJU"
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 rt.min.js Show response
click.cartageous.de/js/ 14 KB
5 KB 161ms
160ms Script
application/javascript 54.186.22.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://click.cartageous.de/js/rt.min.js

Requested by

Host: click.cartageous.de
URL: https://click.cartageous.de/?fct=true&psid=13299&kw=&auth=DwaWR&mfid=f5a8266e01574598a5ac1019f3524c73&subid=ch|010_1_db_yieldkit_de_cpc_merchant_Mundschutzhandel|medical&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Dmedical%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_Mundschutzhandel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.22.189 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-22-189.us-west-2.compute.amazonaws.com

Software

Resource Hash

7614bc2c981b52ecd39ee4b68e2ed11bb4ed911ef1131491c643a658cb871ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.cartageous.de/?fct=true&psid=13299&kw=&auth=DwaWR&mfid=f5a8266e01574598a5ac1019f3524c73&subid=ch|010_1_db_yieldkit_de_cpc_merchant_Mundschutzhandel|medical&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Dmedical%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_Mundschutzhandel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 19:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Apr 2022 19:16:00 GMT
etag: W/"3649-180486722e1"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 landing.min.js Show response
click.cartageous.de/js/ 71 KB
25 KB 164ms
164ms Script
application/javascript 54.186.22.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://click.cartageous.de/js/landing.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.22.189 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-22-189.us-west-2.compute.amazonaws.com

Software

Resource Hash

bcb1b14ab9a1743109f310b8f44840563a6d12528a7d1a48c6eb139cf4370957

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.cartageous.de/?fct=true&psid=13299&kw=&auth=DwaWR&mfid=f5a8266e01574598a5ac1019f3524c73&subid=ch|010_1_db_yieldkit_de_cpc_merchant_Mundschutzhandel|medical&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Dmedical%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_Mundschutzhandel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 19:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Mar 2022 15:12:57 GMT
etag: W/"11da9-17f6f3d84a8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 41ms
19ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

89e8f2e632f9752a6c13d9018e54c77c5ede81990b73fc587768424e978b0bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.cartageous.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 18:58:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Apr 2022 19:16:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Apr 2022 19:16:32 GMT

GET
H2 200 bcloader.gif
click.cartageous.de/images/ 26 KB
26 KB 317ms
316ms Image
image/gif 54.186.22.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://click.cartageous.de/images/bcloader.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.22.189 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-22-189.us-west-2.compute.amazonaws.com

Software

Resource Hash

6697a4e88a23706a4b0e2eada7b346b7e5839d71d07505987582f48e810784f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.cartageous.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 19:16:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 09 Mar 2022 15:12:57 GMT
etag: W/"6816-17f6f3d84a8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
x-dns-prefetch-control: off
content-length: 26646
x-xss-protection: 1; mode=block

POST
H2 200 updateClickStatus Show response
click.cartageous.de/ 149 B
466 B 425ms
425ms Fetch
application/json 54.186.22.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://click.cartageous.de/updateClickStatus

Requested by

Host: click.cartageous.de
URL: https://click.cartageous.de/js/landing.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.22.189 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-22-189.us-west-2.compute.amazonaws.com

Software

Resource Hash

bd64f279915b2ab84579c31c1d0de8431a9488e75afc8f84c7ada27ddf711876

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://click.cartageous.de/?fct=true&psid=13299&kw=&auth=DwaWR&mfid=f5a8266e01574598a5ac1019f3524c73&subid=ch|010_1_db_yieldkit_de_cpc_merchant_Mundschutzhandel|medical&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Dmedical%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_Mundschutzhandel
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 20 Apr 2022 19:16:33 GMT
x-content-type-options: nosniff
etag: W/"95-rJxD7HhD+iU5TlADkM0j5bT2R/Y"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 149
x-xss-protection: 1; mode=block

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v23/ 12 KB
13 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://click.cartageous.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 06:04:00 GMT
x-content-type-options: nosniff
age: 133952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12648
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 19 Apr 2023 06:04:00 GMT

GET
H2

200

/
cartageous.de/darn/
Redirect Chain

http://cartageous.de/darn/?utm_source=BN001_&utm_medium=cpc&utm_term=medical&utm_content=yieldkit_C_de&utm_campaign=m_Mundschutzhandel
https://cartageous.de/darn/?utm_source=BN001_&utm_medium=cpc&utm_term=medical&utm_content=yieldkit_C_de&utm_campaign=m_Mundschutzhandel

0
0

1245ms
918ms

Document
text/html

52.33.195.141

General

Check archive.org

Show headers Download Go to

Full URL: https://cartageous.de/darn/?utm_source=BN001_&utm_medium=cpc&utm_term=medical&utm_content=yieldkit_C_de&utm_campaign=m_Mundschutzhandel
Requested by: Host: click.cartageous.de
URL: https://click.cartageous.de/js/landing.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.33.195.141 -, , ASN (),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash

Request headers

Referer: https://click.cartageous.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 20382
content-type: text/html; charset=UTF-8
date: Wed, 20 Apr 2022 19:16:34 GMT
link: <https://cartageous.de/wp-json/>; rel="https://api.w.org/", <https://cartageous.de/wp-json/wp/v2/pages/1957>; rel="alternate"; type="application/json", <https://cartageous.de/?p=1957>; rel=shortlink
server: Apache/2.4.52 (Ubuntu)
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Wed, 20 Apr 2022 19:16:33 GMT
Location: https://cartageous.de:443/darn/?utm_source=BN001_&utm_medium=cpc&utm_term=medical&utm_content=yieldkit_C_de&utm_campaign=m_Mundschutzhandel
Server: awselb/2.0

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.simplsmile.net/	1970-02-13 22:59:25	Name: sid Value: 62351534-c0de-11ec-b467-2fa67618039b
.mybetterck.com/	1970-01-20 06:47:14	Name: rhid Value: 81127118385
.mybetterck.com/	1970-01-20 02:28:05	Name: loi Value: ad_1141572_off_585789_aff_11683_cid_185689-SIMPLSMILE.NET_ts_1650482191

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cartageous.de
class.simplsmile.net
click.cartageous.de
fonts.googleapis.com
fonts.gstatic.com
mybetterck.com
p185689.mybetterck.com
us-west-2.protection.sophos.com
www.rediffmail.com
108.168.193.189
202.137.235.71
2a00:1450:4001:808::2003
2a00:1450:4001:812::200a
5.79.68.109
52.222.236.26
52.33.195.141
54.186.22.189
6697a4e88a23706a4b0e2eada7b346b7e5839d71d07505987582f48e810784f8
7614bc2c981b52ecd39ee4b68e2ed11bb4ed911ef1131491c643a658cb871ee3
89e8f2e632f9752a6c13d9018e54c77c5ede81990b73fc587768424e978b0bfd
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
b3f025aa027e867ff4e4fe980ea8813b6af91b2cbab53f7566a5e2e1d6942ae7
bcb1b14ab9a1743109f310b8f44840563a6d12528a7d1a48c6eb139cf4370957
bd64f279915b2ab84579c31c1d0de8431a9488e75afc8f84c7ada27ddf711876

click.cartageous.de Open in urlscan Pro 54.186.22.189 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

25 %IPv6

7 Domains

9 Subdomains

6 IPs

4 Countries

75 kBTransfer

129 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

3 Cookies

Indicators

click.cartageous.de Open in urlscan Pro
54.186.22.189 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

25 %
IPv6

7
Domains

9
Subdomains

6
IPs

4
Countries

75 kB
Transfer

129 kB
Size

3
Cookies

10 HTTP transactions
0 data transactions