urlscan.io logo urlscan.io
SecurityTrails logo

suche.guenstiger.de Open in urlscan Pro
2606:4700::6812:19c3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.joutube.de/
Effective URL: https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=21621026684&origin=yieldkit_nextag_traffic&p=362644&clickSource=...
Submission: On February 02 via manual from NL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 19 HTTP transactions. The main IP is 2606:4700::6812:19c3, located in United States and belongs to CLOUDFLARENET, US. The main domain is suche.guenstiger.de. The Cisco Umbrella rank of the primary domain is 330235.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 14th 2021. Valid for: a year.
This is the only time suche.guenstiger.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 185.53.177.72 61969 (TEAMINTER...)
1 2600:9000:20e... 16509 (AMAZON-02)
2 34.234.89.47 14618 (AMAZON-AES)
1 52.218.62.211 16509 (AMAZON-02)
1 1 3.209.174.37 14618 (AMAZON-AES)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
8 2606:4700::68... 13335 (CLOUDFLAR...)
19 7
4    185.53.177.72 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)
www.joutube.de
1    2600:9000:20eb:7000:1f:4100:9540:21 (United States)

ASN16509 (AMAZON-02, US)
d1lxhc4jvstzrp.cloudfront.net
2    34.234.89.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-89-47.compute-1.amazonaws.com
katie.v4.omgtnc.com
1    52.218.62.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
1    3.209.174.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-174-37.compute-1.amazonaws.com
api.apptap.com
2    2606:4700::6813:a960 (United States)

ASN13335 (CLOUDFLARENET, US)
r.srvtrck.com
8    2606:4700::6812:19c3 (United States)

ASN13335 (CLOUDFLARENET, US)
suche.guenstiger.de
Apex Domain
Subdomains		 Transfer
8 guenstiger.de
suche.guenstiger.de — Cisco Umbrella Rank: 330235
432 KB
4 joutube.de
www.joutube.de
5 KB
2 srvtrck.com
r.srvtrck.com — Cisco Umbrella Rank: 50036
1 KB
2 omgtnc.com
katie.v4.omgtnc.com — Cisco Umbrella Rank: 294095
3 KB
1 apptap.com
api.apptap.com — Cisco Umbrella Rank: 201553
729 B
1 amazonaws.com
s3-eu-west-1.amazonaws.com
7 KB
1 cloudfront.net
d1lxhc4jvstzrp.cloudfront.net
2 KB
19 7
Domain Requested by
8 suche.guenstiger.de r.srvtrck.com
suche.guenstiger.de
www.joutube.de
4 www.joutube.de d1lxhc4jvstzrp.cloudfront.net
www.joutube.de
2 r.srvtrck.com 1 redirects katie.v4.omgtnc.com
2 katie.v4.omgtnc.com www.joutube.de
katie.v4.omgtnc.com
1 api.apptap.com 1 redirects
1 s3-eu-west-1.amazonaws.com katie.v4.omgtnc.com
1 d1lxhc4jvstzrp.cloudfront.net www.joutube.de
19 7

This site contains no links.

Subject Issuer Validity Valid
omgtnc.com
Amazon		 2021-04-03 -
2022-05-02		 a year crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon		 2021-12-17 -
2022-12-07		 a year crt.sh
*.srvtrck.com
Go Daddy Secure Certificate Authority - G2		 2021-12-23 -
2023-01-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-14 -
2022-09-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=21621026684&origin=yieldkit_nextag_traffic&p=362644&clickSource=v0304000130907f84b5d869624be6ab1d767072792747
Frame ID: BF189DD1DA69E36500B9DB9B592794F7
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Guenstiger.de - Der große Preisvergleich im Internet

Page URL History Show full URLs

  1. http://www.joutube.de/ Page URL
  2. https://katie.v4.omgtnc.com/api/user/015b219bcaee288bce0f0b41f98d84eb1fcf5c3367.r?tk=eyJhbGciOiJIUzI1NiI... Page URL
  3. https://api.apptap.com/link/buy/android/tile.steinehelden/e1?clinkID=xKX18YO8juhqakGN-fMKU_fzWfJ4Pi... HTTP 302
    https://r.srvtrck.com/v1/redirect?api_key=7f492f7e98f9f621f520ab0fb797464f&yk_tag=OFNDEWLZINCE2TC7... HTTP 302
    https://r.srvtrck.com/v2/go?t=7t7p9%3A2%2F0u6hd.bu6nbt2g9r8d5%2F4ofo0%2F0l1c0T4a3kvrejrpodk%3Di%26... Page URL
  4. https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=21621026684&origin=yieldkit_nextag_traffic&p... Page URL
  5. https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=21621026684&origin=yieldkit_nextag_traffic&p... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • tracker\.js

Page Statistics

19
Requests

63 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

449 kB
Transfer

758 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.joutube.de/ Page URL
  2. https://katie.v4.omgtnc.com/api/user/015b219bcaee288bce0f0b41f98d84eb1fcf5c3367.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjAyMDIxMjQzIiwiZCI6ImpvdXR1YmUuZGUifQ.ijxejbEFjmvLYaz2xUUod6rPZufuqF3zMRY4U_wxGZI Page URL
  3. https://api.apptap.com/link/buy/android/tile.steinehelden/e1?clinkID=xKX18YO8juhqakGN-fMKU_fzWfJ4Pimck4AEjrVAeNWR-enJ3ibnOBkbL6hjO3T42oQkIQPf&pubID=nKyjr9D70bZGbkXQz-Q6Sff8&siteID=gvqpqdE&placementID=5025128121fca70a09000078&trackingID=015b219bcaee288bce0f0b41f98d84eb1fcf5c3367.r.1643805814.1cfab6967f148de67e8059a90afe37ed&pub.keyword=entertainment&loc.country=DE&cost.cpc=0.046 HTTP 302
    https://r.srvtrck.com/v1/redirect?api_key=7f492f7e98f9f621f520ab0fb797464f&yk_tag=OFNDEWLZINCE2TC7INAWKNDZMN3XE2COJNATUZTSOAZE2MCN_ORUWYZJOON2GK2LOMVUGK3DEMVXB6ODFNN2WSMLHPF5GC5TGGRZUO3DIKZTWKNCBD5AVI2RXON3GQ4ZQHE4GY6LJOVXDQ3DOOB4GOYRSMZ3DA_4e125356957b450889a5d4c5b18156e9&site_id=4e125356957b450889a5d4c5b18156e9&source=&type=url&url=https%3A%2F%2Fsteinehelden.de%2F HTTP 302
    https://r.srvtrck.com/v2/go?t=7t7p9%3A2%2F0u6hd.bu6nbt2g9r8d5%2F4ofo0%2F0l1c0T4a3kvrejrpodk%3Di%26ca4%3D6162%3D0%266i8f%26rr_ganxynetdkil_ie%3Dtigitoa4f6c2p136224g%26tlpcsS%3Fusc.%3De0c0r0k0i3C9b7r8nbed.6e6i4seeag1e7c7s7%2F7s2t4h&e=1&ai=b5229627abb04e76aa8649ee851db2b7&sct=0&ct=1643805816609&cu=7f84b5d869624be6ab1d767072792747&ykuid=6b2437bcc370497b9663391a6a492918&sc=1&cs=ebbb78fab6450e7bc8a9bb18c414b805 Page URL
  4. https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=21621026684&origin=yieldkit_nextag_traffic&p=362644&clickSource=v0304000130907f84b5d869624be6ab1d767072792747 Page URL
  5. https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=21621026684&origin=yieldkit_nextag_traffic&p=362644&clickSource=v0304000130907f84b5d869624be6ab1d767072792747 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://api.apptap.com/link/buy/android/tile.steinehelden/e1?clinkID=xKX18YO8juhqakGN-fMKU_fzWfJ4Pimck4AEjrVAeNWR-enJ3ibnOBkbL6hjO3T42oQkIQPf&pubID=nKyjr9D70bZGbkXQz-Q6Sff8&siteID=gvqpqdE&placementID=5025128121fca70a09000078&trackingID=015b219bcaee288bce0f0b41f98d84eb1fcf5c3367.r.1643805814.1cfab6967f148de67e8059a90afe37ed&pub.keyword=entertainment&loc.country=DE&cost.cpc=0.046 HTTP 302
  • https://r.srvtrck.com/v1/redirect?api_key=7f492f7e98f9f621f520ab0fb797464f&yk_tag=OFNDEWLZINCE2TC7INAWKNDZMN3XE2COJNATUZTSOAZE2MCN_ORUWYZJOON2GK2LOMVUGK3DEMVXB6ODFNN2WSMLHPF5GC5TGGRZUO3DIKZTWKNCBD5AVI2RXON3GQ4ZQHE4GY6LJOVXDQ3DOOB4GOYRSMZ3DA_4e125356957b450889a5d4c5b18156e9&site_id=4e125356957b450889a5d4c5b18156e9&source=&type=url&url=https%3A%2F%2Fsteinehelden.de%2F HTTP 302
  • https://r.srvtrck.com/v2/go?t=7t7p9%3A2%2F0u6hd.bu6nbt2g9r8d5%2F4ofo0%2F0l1c0T4a3kvrejrpodk%3Di%26ca4%3D6162%3D0%266i8f%26rr_ganxynetdkil_ie%3Dtigitoa4f6c2p136224g%26tlpcsS%3Fusc.%3De0c0r0k0i3C9b7r8nbed.6e6i4seeag1e7c7s7%2F7s2t4h&e=1&ai=b5229627abb04e76aa8649ee851db2b7&sct=0&ct=1643805816609&cu=7f84b5d869624be6ab1d767072792747&ykuid=6b2437bcc370497b9663391a6a492918&sc=1&cs=ebbb78fab6450e7bc8a9bb18c414b805

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.joutube.de/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.joutube.de/
Protocol
HTTP/1.1
Server
185.53.177.72 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
98d29a3f9f4523bfd9438813ecfa849b946a230236bd4f0006af3ec754af90bd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Wed, 02 Feb 2022 12:43:34 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Redirect
adtonic
X-Template
tpl_CleanPeppermintBlack_twoclick
X-Language
swedish
Accept-CH
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime
30
Content-Encoding
gzip
js3.js
d1lxhc4jvstzrp.cloudfront.net/scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d1lxhc4jvstzrp.cloudfront.net/scripts/js3.js
Requested by
Host: www.joutube.de
URL: http://www.joutube.de/
Protocol
HTTP/1.1
Server
2600:9000:20eb:7000:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c57e9feec209e3ea5eb1d75a1ba6fa277242a3df250055be8446052b51e58637

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.joutube.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 10:43:44 GMT
Via
1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
Last-Modified
Tue, 17 Aug 2021 09:17:22 GMT
Server
nginx
Age
7190
ETag
"611b7ea2-46e"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
1134
X-Amz-Cf-Id
OAV_cfLYYVvsiHwc5gIQGsEklOF0vhX1z_mvGAgWA0SCdq4zKrOsmg==
track.php
www.joutube.de/ 		0
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.joutube.de/track.php?domain=joutube.de&toggle=browserjs&uid=MTY0MzgwNTgxNC4xODI1OmI4ZWFlYjY0MjUxZDkzYjE0MWM0Yjc0N2QxODE3ZjhiN2FiMGIwZGIyM2IxYzJiMjJmMzM3NjBlNjY5NTUwY2E6NjFmYTdjNzYyYzhiMw%3D%3D
Requested by
Host: d1lxhc4jvstzrp.cloudfront.net
URL: http://d1lxhc4jvstzrp.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
185.53.177.72 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.joutube.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 12:43:34 GMT
Content-Encoding
gzip
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
browserjs
Vary
Accept-Encoding
Accept-CH-Lifetime
30
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
ls.php
www.joutube.de/ 		0
905 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.joutube.de/ls.php
Requested by
Host: www.joutube.de
URL: http://www.joutube.de/
Protocol
HTTP/1.1
Server
185.53.177.72 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://www.joutube.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 02 Feb 2022 12:43:34 GMT
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, OPTIONS
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_JbA14lR31FnovICO7aMhfc/yccgjcWNOPpiYe4as7+kAkL7UyR33rHi6zX3PRsCJAuMxXOrKdLqUYpOWeRCH1w==
Access-Control-Allow-Origin
http://www.joutube.de
X-Log-Success
61fa7c763298813ae976176b
Charset
utf-8
Accept-CH-Lifetime
30
Access-Control-Max-Age
86400
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Server
nginx
track.php
www.joutube.de/ 		0
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.joutube.de/track.php?click=f1d53c3dc76480eabd46161d8e5529eea5a25221&domain=joutube.de&uid=MTY0MzgwNTgxNC4xODI1OmI4ZWFlYjY0MjUxZDkzYjE0MWM0Yjc0N2QxODE3ZjhiN2FiMGIwZGIyM2IxYzJiMjJmMzM3NjBlNjY5NTUwY2E6NjFmYTdjNzYyYzhiMw%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2MWZhN2M3NjJjODlmfHx8MTY0MzgwNTgxNC41MjA3fGMyMDA2YWVlMjg1YzFkMDU2NjIwZGEyMmY5ZmJkNWM4MDVhYzE2YmV8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwxfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxkNDBlYTk1ODNiZWQ0Mzg4MmQ0NTUyYjAyYTUwNTE1MjQ3ZDFjNmY0fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDA%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off
Requested by
Host: d1lxhc4jvstzrp.cloudfront.net
URL: http://d1lxhc4jvstzrp.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
185.53.177.72 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.joutube.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 12:43:34 GMT
Content-Encoding
gzip
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Vary
Accept-Encoding
Accept-CH-Lifetime
30
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
X-View-Match
true
Connection
keep-alive
Transfer-Encoding
chunked
Server
nginx
015b219bcaee288bce0f0b41f98d84eb1fcf5c3367.r
katie.v4.omgtnc.com/api/user/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://katie.v4.omgtnc.com/api/user/015b219bcaee288bce0f0b41f98d84eb1fcf5c3367.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjAyMDIxMjQzIiwiZCI6ImpvdXR1YmUuZGUifQ.ijxejbEFjmvLYaz2xUUod6rPZufuqF3zMRY4U_wxGZI
Requested by
Host: www.joutube.de
URL: http://www.joutube.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.89.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-89-47.compute-1.amazonaws.com
Software
/
Resource Hash
3e4f2d2eda8337fc58a0b2ed328c8a4923535c96cc330dea7af08b48b834405e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.joutube.de/

Response headers

date
Wed, 02 Feb 2022 12:43:34 GMT
content-type
text/html; charset=utf-8
content-length
2140
p3p
CP="CUR NOI NID STA STP"
x-robots-tag
noindex, nofollow
accept-ch
UA,UA-Full-Version,UA-Platform,UA-Arch,UA-Model,UA-Mobile,Width,Viewport-Width,Downlink,DPR,Save-Data
ajax-loader.gif
s3-eu-west-1.amazonaws.com/pxgif/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/pxgif/ajax-loader.gif
Requested by
Host: katie.v4.omgtnc.com
URL: https://katie.v4.omgtnc.com/api/user/015b219bcaee288bce0f0b41f98d84eb1fcf5c3367.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjAyMDIxMjQzIiwiZCI6ImpvdXR1YmUuZGUifQ.ijxejbEFjmvLYaz2xUUod6rPZufuqF3zMRY4U_wxGZI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.62.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 12:43:36 GMT
Last-Modified
Fri, 12 Aug 2016 15:23:54 GMT
Server
AmazonS3
x-amz-request-id
FW8991X5CN2ZQ5NP
ETag
"dc5b98ed1c3c7959cdcb76113e7442cd"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
6820
x-amz-id-2
5RBvbuOC4yKBpd/YYWY6sVM5jN69AIPwffpGxBjxPYkfsBKciOwpvODqtdoUkPFCxjADArDqmQw=
015b219bcaee288bce0f0b41f98d84eb1fcf5c3367.r
katie.v4.omgtnc.com/api/product/ 		380 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://katie.v4.omgtnc.com/api/product/015b219bcaee288bce0f0b41f98d84eb1fcf5c3367.r?confirm=9ba6fd827c395a6b1dc69b40e4129f33&size=1920000&noframe=1&tnc_ref=http%3A%2F%2Fwww.joutube.de%2F&reftaken=feed&refEqual=true
Requested by
Host: katie.v4.omgtnc.com
URL: https://katie.v4.omgtnc.com/api/user/015b219bcaee288bce0f0b41f98d84eb1fcf5c3367.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjAyMDIxMjQzIiwiZCI6ImpvdXR1YmUuZGUifQ.ijxejbEFjmvLYaz2xUUod6rPZufuqF3zMRY4U_wxGZI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.89.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-89-47.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 12:43:35 GMT
referrer-policy
no-referrer
p3p
CP="CUR NOI NID STA STP"
x-robots-tag
noindex, nofollow
content-length
380
content-type
text/html; charset=utf-8
go
r.srvtrck.com/v2/
Redirect Chain
  • https://api.apptap.com/link/buy/android/tile.steinehelden/e1?clinkID=xKX18YO8juhqakGN-fMKU_fzWfJ4Pimck4AEjrVAeNWR-enJ3ibnOBkbL6hjO3T42oQkIQPf&pubID=nKyjr9D70bZGbkXQz-Q6Sff8&siteID=gvqpqdE&placement...
  • https://r.srvtrck.com/v1/redirect?api_key=7f492f7e98f9f621f520ab0fb797464f&yk_tag=OFNDEWLZINCE2TC7INAWKNDZMN3XE2COJNATUZTSOAZE2MCN_ORUWYZJOON2GK2LOMVUGK3DEMVXB6ODFNN2WSMLHPF5GC5TGGRZUO3DIKZTWKNCBD5...
  • https://r.srvtrck.com/v2/go?t=7t7p9%3A2%2F0u6hd.bu6nbt2g9r8d5%2F4ofo0%2F0l1c0T4a3kvrejrpodk%3Di%26ca4%3D6162%3D0%266i8f%26rr_ganxynetdkil_ie%3Dtigitoa4f6c2p136224g%26tlpcsS%3Fusc.%3De0c0r0k0i3C9b7r...
2 KB
630 B 		Document
General
Check archive.org
Download Go to
Full URL
https://r.srvtrck.com/v2/go?t=7t7p9%3A2%2F0u6hd.bu6nbt2g9r8d5%2F4ofo0%2F0l1c0T4a3kvrejrpodk%3Di%26ca4%3D6162%3D0%266i8f%26rr_ganxynetdkil_ie%3Dtigitoa4f6c2p136224g%26tlpcsS%3Fusc.%3De0c0r0k0i3C9b7r8nbed.6e6i4seeag1e7c7s7%2F7s2t4h&e=1&ai=b5229627abb04e76aa8649ee851db2b7&sct=0&ct=1643805816609&cu=7f84b5d869624be6ab1d767072792747&ykuid=6b2437bcc370497b9663391a6a492918&sc=1&cs=ebbb78fab6450e7bc8a9bb18c414b805
Requested by
Host: katie.v4.omgtnc.com
URL: https://katie.v4.omgtnc.com/api/user/015b219bcaee288bce0f0b41f98d84eb1fcf5c3367.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjAyMDIxMjQzIiwiZCI6ImpvdXR1YmUuZGUifQ.ijxejbEFjmvLYaz2xUUod6rPZufuqF3zMRY4U_wxGZI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c684f290c4ab036cc5930e6751bf13ee31d21974dea97c67f8aeb17d79ecc22

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://katie.v4.omgtnc.com/api/user/015b219bcaee288bce0f0b41f98d84eb1fcf5c3367.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjAyMDIxMjQzIiwiZCI6ImpvdXR1YmUuZGUifQ.ijxejbEFjmvLYaz2xUUod6rPZufuqF3zMRY4U_wxGZI

Response headers

date
Wed, 02 Feb 2022 12:43:36 GMT
content-type
text/html;charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d738191f8d35a43-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Wed, 02 Feb 2022 12:43:36 GMT
content-length
0
p3p
CP="CAO PSA OUR"
location
/v2/go?t=7t7p9%3A2%2F0u6hd.bu6nbt2g9r8d5%2F4ofo0%2F0l1c0T4a3kvrejrpodk%3Di%26ca4%3D6162%3D0%266i8f%26rr_ganxynetdkil_ie%3Dtigitoa4f6c2p136224g%26tlpcsS%3Fusc.%3De0c0r0k0i3C9b7r8nbed.6e6i4seeag1e7c7s7%2F7s2t4h&e=1&ai=b5229627abb04e76aa8649ee851db2b7&sct=0&ct=1643805816609&cu=7f84b5d869624be6ab1d767072792747&ykuid=6b2437bcc370497b9663391a6a492918&sc=1&cs=ebbb78fab6450e7bc8a9bb18c414b805
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d738191afeb5a43-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ClickTracker.jsp
suche.guenstiger.de/norob/ 		171 KB
172 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=21621026684&origin=yieldkit_nextag_traffic&p=362644&clickSource=v0304000130907f84b5d869624be6ab1d767072792747
Requested by
Host: r.srvtrck.com
URL: https://r.srvtrck.com/v2/go?t=7t7p9%3A2%2F0u6hd.bu6nbt2g9r8d5%2F4ofo0%2F0l1c0T4a3kvrejrpodk%3Di%26ca4%3D6162%3D0%266i8f%26rr_ganxynetdkil_ie%3Dtigitoa4f6c2p136224g%26tlpcsS%3Fusc.%3De0c0r0k0i3C9b7r8nbed.6e6i4seeag1e7c7s7%2F7s2t4h&e=1&ai=b5229627abb04e76aa8649ee851db2b7&sct=0&ct=1643805816609&cu=7f84b5d869624be6ab1d767072792747&ykuid=6b2437bcc370497b9663391a6a492918&sc=1&cs=ebbb78fab6450e7bc8a9bb18c414b805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8206525e14a79841de54c5b39d6fe571f086926c6d4866f3253fd5bfa77649d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://r.srvtrck.com/

Response headers

date
Wed, 02 Feb 2022 12:43:36 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6d738192f90b5a31-MXP
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f4d68883424d8bcf3c15f6ec7c665694b214ff04f1cb6a570da843c517d363c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		111 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b4c724b0cc41e5106fc4d32b48bcce768085d277853c7aadbc2acc81ac4b59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
v1
suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=6d738192f90b5a31
Requested by
Host: suche.guenstiger.de
URL: https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=21621026684&origin=yieldkit_nextag_traffic&p=362644&clickSource=v0304000130907f84b5d869624be6ab1d767072792747
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c4f2ce8c7323e17d7084eb973d07ae699705e1f917d18e24822d04ff427a67d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=21621026684&origin=yieldkit_nextag_traffic&p=362644&clickSource=v0304000130907f84b5d869624be6ab1d767072792747&__cf_chl_rt_tk=rTZWTp9r42FZv3EKqPAGDmI4CJCV5zaHMS_JlEhY8Vs-1643805816-0-gaNycGzNCGU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 12:43:36 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, must-revalidate
cf-ray
6d738193bb565a31-MXP
transparent.gif
suche.guenstiger.de/cdn-cgi/images/trace/jschal/js/ 		42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://suche.guenstiger.de/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=6d738192f90b5a31
Requested by
Host: suche.guenstiger.de
URL: https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=21621026684&origin=yieldkit_nextag_traffic&p=362644&clickSource=v0304000130907f84b5d869624be6ab1d767072792747&__cf_chl_rt_tk=rTZWTp9r42FZv3EKqPAGDmI4CJCV5zaHMS_JlEhY8Vs-1643805816-0-gaNycGzNCGU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=21621026684&origin=yieldkit_nextag_traffic&p=362644&clickSource=v0304000130907f84b5d869624be6ab1d767072792747&__cf_chl_rt_tk=rTZWTp9r42FZv3EKqPAGDmI4CJCV5zaHMS_JlEhY8Vs-1643805816-0-gaNycGzNCGU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 12:43:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Jan 2022 10:00:59 GMT
server
cloudflare
etag
"61f26d5b-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
6d738193bb5c5a31-MXP
vary
Accept-Encoding
content-length
42
expires
Wed, 02 Feb 2022 14:43:36 GMT
9e1cd833d934d33
suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/flow/ov1/0.6328495138173539:1643803818:3e11861d9cf9245a7034872f8cc711c108f75a0c8c1a697da6f9f1579378863a/6d738192f90b5a31/ 		110 KB
63 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/flow/ov1/0.6328495138173539:1643803818:3e11861d9cf9245a7034872f8cc711c108f75a0c8c1a697da6f9f1579378863a/6d738192f90b5a31/9e1cd833d934d33
Requested by
Host: suche.guenstiger.de
URL: https://suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=6d738192f90b5a31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78cf654f8fd6f6891c631bae21f9958bb43e418b44e8f448fb99491ab40933de

Request headers

Referer
https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=21621026684&origin=yieldkit_nextag_traffic&p=362644&clickSource=v0304000130907f84b5d869624be6ab1d767072792747
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
CF-Challenge
9e1cd833d934d33
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Feb 2022 12:43:37 GMT
content-encoding
br
server
cloudflare
cf-ray
6d7381951f315a31-MXP
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
ff9b6861-3f01-451a-9eba-ca298b2e6d19
https://suche.guenstiger.de/ 		120 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://suche.guenstiger.de/ff9b6861-3f01-451a-9eba-ca298b2e6d19
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
120
Content-Type
application/javascript
fd8adce6e2e9b93-1643805817173
suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/img/6d738192f90b5a31/e323db4f/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/img/6d738192f90b5a31/e323db4f/fd8adce6e2e9b93-1643805817173
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5860874b49830f5ff2196265577529d8797d2da9910e1e4f6ca1c2b8ef5fffc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=21621026684&origin=yieldkit_nextag_traffic&p=362644&clickSource=v0304000130907f84b5d869624be6ab1d767072792747
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 12:43:38 GMT
server
cloudflare
cf-ray
6d73819cae335a31-MXP
content-length
9244
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
9e1cd833d934d33
suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/flow/ov1/0.6328495138173539:1643803818:3e11861d9cf9245a7034872f8cc711c108f75a0c8c1a697da6f9f1579378863a/6d738192f90b5a31/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/flow/ov1/0.6328495138173539:1643803818:3e11861d9cf9245a7034872f8cc711c108f75a0c8c1a697da6f9f1579378863a/6d738192f90b5a31/9e1cd833d934d33
Requested by
Host: suche.guenstiger.de
URL: https://suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=6d738192f90b5a31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5a25b8fb438a2da235a4e698c451be048f5c4db9115537c6c24fcf92b1da11c

Request headers

Referer
https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=21621026684&origin=yieldkit_nextag_traffic&p=362644&clickSource=v0304000130907f84b5d869624be6ab1d767072792747
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
CF-Challenge
9e1cd833d934d33
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 02 Feb 2022 12:43:38 GMT
content-encoding
br
server
cloudflare
cf_chl_out
E/A+QXawvTi6itCMtuZXKyO0Rd3auAdqZIO75nlwuZPIoVcDOT+EoL6qX7fc5IXgBPDxOwddliPREvDIHuLDUA==$Hfoa6QJO9TYtJ7VxUAonIA==
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain;charset=UTF-8
cf_chl_out_s
8sUreXUJVk63k009Znc2qdq4/R9d3PmCPw13K9UTwj5DTUsGSocR3iy9Kg1kKOiiqNrDFb+Hg/VQy8d0zAThr4fdxeM0d5s0f/UZBvx2YZiebeiT8M83NGCmC4I8Ol7yM5xGTqRezBHV/83oECRvFu435jh7+OquTYCbRMg4e6WmhxQoQAvJeaa46wVUd6GeWJ968BKQQSUoI35TB2UK0P2+ahBm8mHyE8jmdllXeu8utiNPkrIYqHz+IRKFEVk8QKni3hQQuZ7eRdzv0Jw4OtqM5IcIKWoqetHkOUfEX5vGQUo/xhBHvWerw7ShZmPgkKR0YZEayIJf7gpiEIak3dAHlFghQs+pS4DXhYTG+mkb7/mlHlemjHG58ytgv1onzZ9hsMpwQQ+XD5ytqjPuF0xU34bTZc8oUY0TYu39J3Cz965byrRsJ4mf0374ckBVGksBra18dmdIY3Odl2za3xvZkdckJG2gzX8RvvjZMA0=$JIMTjc6x0a5fnYYixN0HgA==
cf-ray
6d73819d890c5a31-MXP
Primary Request ClickTracker.jsp
suche.guenstiger.de/norob/ 		171 KB
171 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=21621026684&origin=yieldkit_nextag_traffic&p=362644&clickSource=v0304000130907f84b5d869624be6ab1d767072792747
Requested by
Host: www.joutube.de
URL: http://www.joutube.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a54bc9383aa3f2a693eb566352345bf9e2a46b30394e89eb7c5202948f9507bb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=21621026684&origin=yieldkit_nextag_traffic&p=362644&clickSource=v0304000130907f84b5d869624be6ab1d767072792747

Response headers

date
Wed, 02 Feb 2022 12:43:40 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6d7381ab2c415a31-MXP
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f4d68883424d8bcf3c15f6ec7c665694b214ff04f1cb6a570da843c517d363c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		111 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b4c724b0cc41e5106fc4d32b48bcce768085d277853c7aadbc2acc81ac4b59

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
v1
suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 		0
0
transparent.gif
suche.guenstiger.de/cdn-cgi/images/trace/jschal/js/ 		42 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://suche.guenstiger.de/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=6d7381ab2c415a31
Requested by
Host: suche.guenstiger.de
URL: https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=21621026684&origin=yieldkit_nextag_traffic&p=362644&clickSource=v0304000130907f84b5d869624be6ab1d767072792747&__cf_chl_rt_tk=HFoQ6xvEnyWYNhgR9geULkwFZPN5MrfjLRLig0jo3CQ-1643805820-0-gaNycGzNCGU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=21621026684&origin=yieldkit_nextag_traffic&p=362644&clickSource=v0304000130907f84b5d869624be6ab1d767072792747&__cf_chl_rt_tk=HFoQ6xvEnyWYNhgR9geULkwFZPN5MrfjLRLig0jo3CQ-1643805820-0-gaNycGzNCGU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 12:43:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Jan 2022 10:00:59 GMT
server
cloudflare
etag
"61f26d5b-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
6d7381ab9d705a31-MXP
vary
Accept-Encoding
content-length
42
expires
Wed, 02 Feb 2022 14:43:40 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
suche.guenstiger.de
URL
https://suche.guenstiger.de/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=6d7381ab2c415a31

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| sendRequest function| _cf_atob function| SHA256 object| _cf_chl_ctx function| _ string| prop

8 Cookies

Domain/Path Name / Value
katie.v4.omgtnc.com/ Name: checkme
Value: 9ba6fd827c395a6b1dc69b40e4129f33b789
.apptap.com/ Name: apt
Value: 317bfafbbbb64140b92b7204ee3e04d4
.apptap.com/ Name: fv
Value: 1
.srvtrck.com/ Name: ykuid
Value: 6b2437bcc370497b9663391a6a492918
.guenstiger.de/ Name: __cf_bm
Value: 6tGUg8r6IeSjqb.t.BELU3dlmDB81AjrCXkQ3BfU.bk-1643805816-0-ATRmpC/B5nlh/oEcNwD+b1IncoobgVoISF0nP4IxC61/itjnvmGLz1Ksq9LWuq/R6BfKucERg5DeROtxxhzl3EE=
suche.guenstiger.de/ Name: cf_chl_2
Value: 9e1cd833d934d33
suche.guenstiger.de/ Name: cf_chl_prog
Value: F12
suche.guenstiger.de/ Name: cf_chl_rc_ni
Value: 1

4 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=21621026684&origin=yieldkit_nextag_traffic&p=362644&clickSource=v0304000130907f84b5d869624be6ab1d767072792747
Message:
Failed to load resource: the server responded with a status of 503 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=21621026684&origin=yieldkit_nextag_traffic&p=362644&clickSource=v0304000130907f84b5d869624be6ab1d767072792747
Message:
Failed to load resource: the server responded with a status of 503 ()