urlscan.io logo urlscan.io
SecurityTrails logo

r.srvtrck.com Open in urlscan Pro
2606:4700::6813:a860  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://capitallonne.com/
Effective URL: https://r.srvtrck.com/v2/go?t=6t7p2%2F6l%3DnI.nymicel.fo%26%2FIpnbmichlrfd%26613822%265rd%3Det1p93c%254F528wcwdg8odp3n...
Submission: On May 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 9 domains to perform 12 HTTP transactions. The main IP is 2606:4700::6813:a860, located in United States and belongs to CLOUDFLARENET, US. The main domain is r.srvtrck.com. The Cisco Umbrella rank of the primary domain is 58000.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 23rd 2021. Valid for: a year.
This is the only time r.srvtrck.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 81.171.28.44 60781 (LEASEWEB-...)
1 2 209.15.13.136 13768 (COGECO-PEER1)
1 2 108.168.193.189 36351 (SOFTLAYER)
5 54.191.15.136 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 192.138.218.207 ()
12 8
2    81.171.28.44 (Vianen, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
capitallonne.com
2    209.15.13.136 (Toronto, Canada)

ASN13768 (COGECO-PEER1, CA)
btpnative.com
2    108.168.193.189 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: bd.c1.a86c.ip4.static.sl-reverse.com
mybetterck.com
p274639.mybetterck.com
5    54.191.15.136 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-15-136.us-west-2.compute.amazonaws.com
click.cartageous.de
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700::6813:a860 (United States)

ASN13335 (CLOUDFLARENET, US)
r.srvtrck.com
2    192.138.218.207 (None, )

ASN- ()
link.sylikes.com
rd.bizrate.com
Apex Domain
Subdomains		 Transfer
5 cartageous.de
click.cartageous.de
59 KB
2 srvtrck.com
r.srvtrck.com — Cisco Umbrella Rank: 58000
1 KB
2 mybetterck.com
mybetterck.com — Cisco Umbrella Rank: 41135
p274639.mybetterck.com
2 KB
2 btpnative.com
btpnative.com — Cisco Umbrella Rank: 372451
5 KB
2 capitallonne.com
capitallonne.com
1 KB
1 bizrate.com
rd.bizrate.com
1 sylikes.com
link.sylikes.com
794 B
1 gstatic.com
fonts.gstatic.com
13 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
12 9
Domain Requested by
5 click.cartageous.de p274639.mybetterck.com
click.cartageous.de
2 r.srvtrck.com 1 redirects click.cartageous.de
2 btpnative.com 1 redirects capitallonne.com
2 capitallonne.com 1 redirects
1 rd.bizrate.com r.srvtrck.com
1 link.sylikes.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com click.cartageous.de
1 p274639.mybetterck.com
1 mybetterck.com 1 redirects
12 10

This site contains no links.

Subject Issuer Validity Valid
*.mybetterck.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-06 -
2023-02-06		 a year crt.sh
*.cartageous.de
Amazon		 2022-01-12 -
2023-02-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.srvtrck.com
Go Daddy Secure Certificate Authority - G2		 2021-12-23 -
2023-01-24		 a year crt.sh
*.bizrate.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-29 -
2022-08-28		 a year crt.sh

This page contains 1 frames:

Frame: https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.groupon.de%3FtsToken%3DDE_AFF_0_202117_508_0%26utm_source%3DGPN%26utm_medium%3Dafl%26utm_campaign%3D202117%26szredirectid%3DSZ_REDIRECT_ID&mid=308485&dMid=308485&tokenId=18P&bId=314&bidType=11&a=3279186d3588c4bef4e1fd9233788e0a&af_id=693528&af_rid=null&af_permalink_id=121d89a4027774134ec08e3aeb5e4285e494956d&cobrand=1&af_placement_id=,66620766&afCampaignId=v030400011630d08edfc08c5740c59117e8df572f8d1a&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Frame ID: 269B37E6424483808AA716F4D4E0B0BC
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://capitallonne.com/ Page URL
  2. http://capitallonne.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY1MzQ... HTTP 302
    http://btpnative.com/click?data=RHRnOTdSa0I1YTVYRWlYVTNkZjNCMzQ2ZWJiT3NXeGdfb0pvQ2FHcktqWU93R3o4Q... Page URL
  3. http://btpnative.com/Redirect/ HTTP 302
    https://mybetterck.com/aS/feedclick?s=7BsrmHcakyKTjXt548WSd63dDnCBF-q5Hbw7jypZ-P3w8j6lgF_tYsy4VhBg5... HTTP 302
    https://p274639.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn7_nWTJROiplNKId4yj9-6ugc-YBagYIEmralelkpYR2... Page URL
  4. https://click.cartageous.de/?fct=true&psid=12396&kw=&auth=319N1&mfid=be89cb0217f948ed89034770c37f5bb8&su... Page URL
  5. https://r.srvtrck.com/v1/redirect?type=linkId&id=cd4dce1940634ca097133f8b8541bdae&api_key=84d7b077... HTTP 302
    https://r.srvtrck.com/v2/go?t=6t7p2%2F6l%3DnI.nymicel.fo%26%2FIpnbmichlrfd%26613822%265rd%3Det1p93... Page URL

Page Statistics

12
Requests

83 %
HTTPS

38 %
IPv6

9
Domains

10
Subdomains

8
IPs

4
Countries

78 kB
Transfer

136 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://capitallonne.com/ Page URL
  2. http://capitallonne.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY1MzQ3NzA2NCwiaWF0IjoxNjUzNDY5ODY0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycnA0czU2bzVva3Y4ZWM0YWsyN2EzMjEiLCJuYmYiOjE2NTM0Njk4NjQsInRzIjoxNjUzNDY5ODY0NjMxNTM2fQ.RVmtr1OrmMdnAexKUcRVETMu-nkrwZ3t5EMf3E54cQY&sid=9a71f308-dc0a-11ec-95ad-99ec578d3c90 HTTP 302
    http://btpnative.com/click?data=RHRnOTdSa0I1YTVYRWlYVTNkZjNCMzQ2ZWJiT3NXeGdfb0pvQ2FHcktqWU93R3o4QndIUnBnMDB1WUdnUENtWjFhLVZMQTd2aUtOREdTclJCUW1xeURwRXhLcEFObU44a09OdDJIWmpyMnF5OWt1Y2JkX3pxOVYxTWlXQXhfTE1UUGRFSVMweDV6UXRGd2Ftd0lPWmJnMg2&id=f16f9d8a-240d-4998-8d16-4a3d4997bed8 Page URL
  3. http://btpnative.com/Redirect/ HTTP 302
    https://mybetterck.com/aS/feedclick?s=7BsrmHcakyKTjXt548WSd63dDnCBF-q5Hbw7jypZ-P3w8j6lgF_tYsy4VhBg5laHkUYvcc0zaJmktJmalqtYdZgW00lHZuA6GY-JEsN51T6L7HrzGR__5aYZ_8dAZcE4MLekFlfWsTpfBjRhq2gpKFIBD9uD2ixCisbLnZmA-5VpRgrnYjnm5U_mT8UQrvPd7f-LiQoF_z45q7IiqOhRrkfcYJjWojCY2rTzciZ-s5_OLbfvU0_D8BOMTmt0a3qNyyVC81nXJdBWoPgw1g-0Sa_wvR02p0KJZF0VIllWxK3JmjVaBthRx9ugpTXQJlvGNO4dTDLhBdTXdyuUFdKBdpcf-_0xF6Vs8wpWsYOV0NZ1C1q_xqAu9sZuCQ0jeSPuz0mtkjDWHvfc_9dM76AwyCyLZxydleauslwJsId3HB-82caYflQuygNYqEJHPuj8yzNxy4KsMEn47N8Drx-6-cm0VTslQ4e7PMyDarKD1WEXLBLeAF9d2CjxIBjHzRINASt-FmeyXeoN7QqZ2oKqlFStO4Mx9q1t20Opyiik4IkTknFldVtsPcq70jjD0Hv10Dd6XCOgbIXMzC4-RGaNX7bEU_cqDJwauQvFMP87SaADJpSaCwVwk137EuwtkbvAtp3S6dTyh4vzfpLuxfQVFnXDG58-nR34Pfm6wymJl5nu7LHMsX34RxaDOQHsIS41hRDHEsbZYlJGP66MnZl0_ItAdK12qRXFA-F_YQtV4MD31Txo9JIqDADdhy5Lb68cjlF-NBfmDizRrijc5PK2_PU6Vw_XdF1GnaSxiV1OMLLqFNAz9wmtPzmUW-I3-6rF62R_7zcLGJYfu1_nB3I1PrjGLRfKCSEtW-2HuTLODxWcFg4g8qrXHSn_OFrjblrtBY5DjQtgv-VGjXmcYIePtTjyBu50LvF0Tj3bLPjoK6EZ1KO2mxbXx0rAzgWVA5-TVNLPswRY8paaJngqcWPdtx5JrDYWFsew3IHlull0i6cus2isG9WRtCV0vookrlb74NxPSzbz1pgzMMIcgKCnbQLfW1TT28PR4OhKdXdJr2gBiXLyW6wrLXrT2toZnZUvCAPJzjPd61Smr0lyylQRZcBZSNEwknsiHuupQZ62GHzyyeYGgpB6Ep7tY9GaJXwJIoftI2QENtLJMwEzAyRqg9NfRa7V2B2KIAWEBhyNtkyA0_n-GDNTeVntT2tSShN6FymS2zSzkH7h8R3jd6QQOEN50_0CqiiqjWGELRWKdTQMpwYxByd6lw8LmLTiWO7EgKNm5HUY_GV4pC3kKao4vwFIWn31oeH147NpDM-Ikm622jrfeEIvGu5mHSollN8_R_t7s-Wbdx2iW8yKyuTfRJpQ2ge7Uo-9Z8QWW7j6bn4GMSBKAdhU8Q2VuoNeNSdBVDDgrUT4dOz4V5q3rSKM3NQG0tD0l2adFcezebfb8QRpP3LxTo2OwrMtwo6kBcJI1C98Rypr1NhxYLZKDNoYyoti_uAjrFnU5SD-abU_6WIqr4i5jwwfpiBPedo82mWQYYq2TIPdPHg61P5wy06liTs1qfRgi4RJ9t3eZaFrvzZUOJLp4KDuL9QqSpPT7rP5EbY1EfnMFmMTGTrmgDhGuje0LJr7Opdn8upSvDxb25Rpl8E0iHZQQA_ja59ZXhg3u0tUoFgSX2xozEoLuAKtYwBW_pEB6xMYVR9nIk1O9aCt2ZSDHv1Dqs6fV5Sb1M0uSsZKS83ZiUYpkKWw6oHPY_f9h8toqBG9R_DdQsZOvxPnCUCBZ1IvOw3n8pvxWr6r1alm6qjyDCpKxkpLzdmJRocanTJypjPGWlThA3efw1zwzJyg8aKOt6E3neeF-XeQavrN34ClNKEZiqeaniTNrBng2BQ6PDt87lePxzD8FZo2bp2IOsBTjXn9a2tSmx61xHB_-SGS6UV-Nxp7RqeYI-xMV99RRwgm2YJ4NA3UB77dAM6fo_EBoQ HTTP 302
    https://p274639.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn7_nWTJROiplNKId4yj9-6ugc-YBagYIEmralelkpYR24ZUU1_ocq9Oc3ijuqeD_M0j-iYVfM22olTbYYFMAhD2nht67Mjd-miggBdZbu4CrKMxYVdl3sAm5M1nD86s0ocxhEv2vS3fRvAXzXJe5ZDcJyuNzOFBGkiDZaSW8IU6jxQZ-FM7jeHs3TBi4hayG7sRYlwNG4KCsGZ6SykyVsf4dOAadnGy3Nnt3zUhZGKLn15RPYmwyFiOhr9EYrC65eTUxcPdRIHuog92Eaff8LU-aej3qIbWNqEUdS8i9AhbIwb3-ESHG0JHg2RvEwrk2epbC7U30TJp2VIF_UqDQ88cM8aFaorTKD8yd1PStxuG0qMhDqf7kErmmA6WwZQCkcwgT3naPNplkJScUWzLbIQ2Ve_03nTv7jwplSp4sodY4d-gjbGYOcDr3fjuZ-GA1vFm4Mr4OTbR5CVVEUSS1AFYFp_hfKZ9J0BA4ZJwa0lO9PCseOjB5bqQFNGElOvfVPqzPoTh8kp0S2soK2PQR3cP1HanXB3kwMrUDctBB5bK4AzpxF2ezqEJkRZoDkTN6TQuDi9ZpyJrxP09V6ZFcdrqcc3-XZakKfPsTFffUUcIJvG9Ksk5SjJDxHB_-SGS6UXNvzGrE8jh_g&ui=7BsrmHcakyKTjXt548WSd1Y37AsT2AewvOFsyv_SbDGYhyBKqNe6gyT_tPFbwSgYwqBbfzwuMVElgGditaQgh-YT8K3RGdHqMqg34nU5v4EAgmSnzDDKKA&si=1&oref=eb816c1225fd245d9a1cc1e0af73e803&optunit=SpcFOrl2YkqebDgPsBpQsGWSQsQHXjql&rb=uHfLan3MXZk&rr=0&abtg=0 Page URL
  4. https://click.cartageous.de/?fct=true&psid=12396&kw=&auth=319N1&mfid=be89cb0217f948ed89034770c37f5bb8&subid=ch|010_1_db_yieldkit_de_merchant_GrouponGermany|discount&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Ddiscount%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_GrouponGermany Page URL
  5. https://r.srvtrck.com/v1/redirect?type=linkId&id=cd4dce1940634ca097133f8b8541bdae&api_key=84d7b077ee35bd6b6fcc363d01f86dff&site_id=87a885fb727147d092b5642b83813aed&dch=feed&ad_t=advertiser&yk_tag=1919138984 HTTP 302
    https://r.srvtrck.com/v2/go?t=6t7p2%2F6l%3DnI.nymicel.fo%26%2FIpnbmichlrfd%26613822%265rd%3Det1p93c%254F528wcwdg8odp3n1d0%260f0a0p%3DiIngdavm3C4a0e1.6o0u0re.fw0Fc%25720A5%251t7h8lfu78f5d9a%3DaIPeaseleut%3FdmacPsakelestkdi6%2F6%3A0t6h&s=https%3A%2F%2Fclick.cartageous.de%2F&e=1&ai=be89cb0217f948ed89034770c37f5bb8&sct=1&ct=1653469869143&cu=d08edfc08c5740c59117e8df572f8d1a&ykuid=cc3e58cb49694dea9a72c6686c312a30&sc=1&cs=a72b59bd28237697595f182c6af303c1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://capitallonne.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY1MzQ3NzA2NCwiaWF0IjoxNjUzNDY5ODY0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycnA0czU2bzVva3Y4ZWM0YWsyN2EzMjEiLCJuYmYiOjE2NTM0Njk4NjQsInRzIjoxNjUzNDY5ODY0NjMxNTM2fQ.RVmtr1OrmMdnAexKUcRVETMu-nkrwZ3t5EMf3E54cQY&sid=9a71f308-dc0a-11ec-95ad-99ec578d3c90 HTTP 302
  • http://btpnative.com/click?data=RHRnOTdSa0I1YTVYRWlYVTNkZjNCMzQ2ZWJiT3NXeGdfb0pvQ2FHcktqWU93R3o4QndIUnBnMDB1WUdnUENtWjFhLVZMQTd2aUtOREdTclJCUW1xeURwRXhLcEFObU44a09OdDJIWmpyMnF5OWt1Y2JkX3pxOVYxTWlXQXhfTE1UUGRFSVMweDV6UXRGd2Ftd0lPWmJnMg2&id=f16f9d8a-240d-4998-8d16-4a3d4997bed8
Request Chain 2
  • http://btpnative.com/Redirect/ HTTP 302
  • https://mybetterck.com/aS/feedclick?s=7BsrmHcakyKTjXt548WSd63dDnCBF-q5Hbw7jypZ-P3w8j6lgF_tYsy4VhBg5laHkUYvcc0zaJmktJmalqtYdZgW00lHZuA6GY-JEsN51T6L7HrzGR__5aYZ_8dAZcE4MLekFlfWsTpfBjRhq2gpKFIBD9uD2ixCisbLnZmA-5VpRgrnYjnm5U_mT8UQrvPd7f-LiQoF_z45q7IiqOhRrkfcYJjWojCY2rTzciZ-s5_OLbfvU0_D8BOMTmt0a3qNyyVC81nXJdBWoPgw1g-0Sa_wvR02p0KJZF0VIllWxK3JmjVaBthRx9ugpTXQJlvGNO4dTDLhBdTXdyuUFdKBdpcf-_0xF6Vs8wpWsYOV0NZ1C1q_xqAu9sZuCQ0jeSPuz0mtkjDWHvfc_9dM76AwyCyLZxydleauslwJsId3HB-82caYflQuygNYqEJHPuj8yzNxy4KsMEn47N8Drx-6-cm0VTslQ4e7PMyDarKD1WEXLBLeAF9d2CjxIBjHzRINASt-FmeyXeoN7QqZ2oKqlFStO4Mx9q1t20Opyiik4IkTknFldVtsPcq70jjD0Hv10Dd6XCOgbIXMzC4-RGaNX7bEU_cqDJwauQvFMP87SaADJpSaCwVwk137EuwtkbvAtp3S6dTyh4vzfpLuxfQVFnXDG58-nR34Pfm6wymJl5nu7LHMsX34RxaDOQHsIS41hRDHEsbZYlJGP66MnZl0_ItAdK12qRXFA-F_YQtV4MD31Txo9JIqDADdhy5Lb68cjlF-NBfmDizRrijc5PK2_PU6Vw_XdF1GnaSxiV1OMLLqFNAz9wmtPzmUW-I3-6rF62R_7zcLGJYfu1_nB3I1PrjGLRfKCSEtW-2HuTLODxWcFg4g8qrXHSn_OFrjblrtBY5DjQtgv-VGjXmcYIePtTjyBu50LvF0Tj3bLPjoK6EZ1KO2mxbXx0rAzgWVA5-TVNLPswRY8paaJngqcWPdtx5JrDYWFsew3IHlull0i6cus2isG9WRtCV0vookrlb74NxPSzbz1pgzMMIcgKCnbQLfW1TT28PR4OhKdXdJr2gBiXLyW6wrLXrT2toZnZUvCAPJzjPd61Smr0lyylQRZcBZSNEwknsiHuupQZ62GHzyyeYGgpB6Ep7tY9GaJXwJIoftI2QENtLJMwEzAyRqg9NfRa7V2B2KIAWEBhyNtkyA0_n-GDNTeVntT2tSShN6FymS2zSzkH7h8R3jd6QQOEN50_0CqiiqjWGELRWKdTQMpwYxByd6lw8LmLTiWO7EgKNm5HUY_GV4pC3kKao4vwFIWn31oeH147NpDM-Ikm622jrfeEIvGu5mHSollN8_R_t7s-Wbdx2iW8yKyuTfRJpQ2ge7Uo-9Z8QWW7j6bn4GMSBKAdhU8Q2VuoNeNSdBVDDgrUT4dOz4V5q3rSKM3NQG0tD0l2adFcezebfb8QRpP3LxTo2OwrMtwo6kBcJI1C98Rypr1NhxYLZKDNoYyoti_uAjrFnU5SD-abU_6WIqr4i5jwwfpiBPedo82mWQYYq2TIPdPHg61P5wy06liTs1qfRgi4RJ9t3eZaFrvzZUOJLp4KDuL9QqSpPT7rP5EbY1EfnMFmMTGTrmgDhGuje0LJr7Opdn8upSvDxb25Rpl8E0iHZQQA_ja59ZXhg3u0tUoFgSX2xozEoLuAKtYwBW_pEB6xMYVR9nIk1O9aCt2ZSDHv1Dqs6fV5Sb1M0uSsZKS83ZiUYpkKWw6oHPY_f9h8toqBG9R_DdQsZOvxPnCUCBZ1IvOw3n8pvxWr6r1alm6qjyDCpKxkpLzdmJRocanTJypjPGWlThA3efw1zwzJyg8aKOt6E3neeF-XeQavrN34ClNKEZiqeaniTNrBng2BQ6PDt87lePxzD8FZo2bp2IOsBTjXn9a2tSmx61xHB_-SGS6UV-Nxp7RqeYI-xMV99RRwgm2YJ4NA3UB77dAM6fo_EBoQ HTTP 302
  • https://p274639.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn7_nWTJROiplNKId4yj9-6ugc-YBagYIEmralelkpYR24ZUU1_ocq9Oc3ijuqeD_M0j-iYVfM22olTbYYFMAhD2nht67Mjd-miggBdZbu4CrKMxYVdl3sAm5M1nD86s0ocxhEv2vS3fRvAXzXJe5ZDcJyuNzOFBGkiDZaSW8IU6jxQZ-FM7jeHs3TBi4hayG7sRYlwNG4KCsGZ6SykyVsf4dOAadnGy3Nnt3zUhZGKLn15RPYmwyFiOhr9EYrC65eTUxcPdRIHuog92Eaff8LU-aej3qIbWNqEUdS8i9AhbIwb3-ESHG0JHg2RvEwrk2epbC7U30TJp2VIF_UqDQ88cM8aFaorTKD8yd1PStxuG0qMhDqf7kErmmA6WwZQCkcwgT3naPNplkJScUWzLbIQ2Ve_03nTv7jwplSp4sodY4d-gjbGYOcDr3fjuZ-GA1vFm4Mr4OTbR5CVVEUSS1AFYFp_hfKZ9J0BA4ZJwa0lO9PCseOjB5bqQFNGElOvfVPqzPoTh8kp0S2soK2PQR3cP1HanXB3kwMrUDctBB5bK4AzpxF2ezqEJkRZoDkTN6TQuDi9ZpyJrxP09V6ZFcdrqcc3-XZakKfPsTFffUUcIJvG9Ksk5SjJDxHB_-SGS6UXNvzGrE8jh_g&ui=7BsrmHcakyKTjXt548WSd1Y37AsT2AewvOFsyv_SbDGYhyBKqNe6gyT_tPFbwSgYwqBbfzwuMVElgGditaQgh-YT8K3RGdHqMqg34nU5v4EAgmSnzDDKKA&si=1&oref=eb816c1225fd245d9a1cc1e0af73e803&optunit=SpcFOrl2YkqebDgPsBpQsGWSQsQHXjql&rb=uHfLan3MXZk&rr=0&abtg=0
Request Chain 10
  • http://link.sylikes.com/?publisherId=693528&url=http%3A%2F%2Fwww.groupon.de&afCampaignId=v030400011630d08edfc08c5740c59117e8df572f8d1a&afPlacementId&afPlacementId=66620766 HTTP 302
  • https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.groupon.de%3FtsToken%3DDE_AFF_0_202117_508_0%26utm_source%3DGPN%26utm_medium%3Dafl%26utm_campaign%3D202117%26szredirectid%3DSZ_REDIRECT_ID&mid=308485&dMid=308485&tokenId=18P&bId=314&bidType=11&a=3279186d3588c4bef4e1fd9233788e0a&af_id=693528&af_rid=null&af_permalink_id=121d89a4027774134ec08e3aeb5e4285e494956d&cobrand=1&af_placement_id=,66620766&afCampaignId=v030400011630d08edfc08c5740c59117e8df572f8d1a&rf_code=af1&af_assettype_id=14&af_creative_id=2913

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
capitallonne.com/ 		472 B
832 B 		Document
General
Check archive.org
Download Go to
Full URL
http://capitallonne.com/
Protocol
HTTP/1.1
Server
81.171.28.44 Vianen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
472
content-type
text/html; charset=utf-8
date
Wed, 25 May 2022 09:11:04 GMT
server
nginx
click
btpnative.com/
Redirect Chain
  • http://capitallonne.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY1MzQ3NzA2NCwiaWF0IjoxNjUzNDY5ODY0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycnA0czU2bzVva3Y4ZWM0YWsyN2Ez...
  • http://btpnative.com/click?data=RHRnOTdSa0I1YTVYRWlYVTNkZjNCMzQ2ZWJiT3NXeGdfb0pvQ2FHcktqWU93R3o4QndIUnBnMDB1WUdnUENtWjFhLVZMQTd2aUtOREdTclJCUW1xeURwRXhLcEFObU44a09OdDJIWmpyMnF5OWt1Y2JkX3pxOVYxTWlXQ...
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://btpnative.com/click?data=RHRnOTdSa0I1YTVYRWlYVTNkZjNCMzQ2ZWJiT3NXeGdfb0pvQ2FHcktqWU93R3o4QndIUnBnMDB1WUdnUENtWjFhLVZMQTd2aUtOREdTclJCUW1xeURwRXhLcEFObU44a09OdDJIWmpyMnF5OWt1Y2JkX3pxOVYxTWlXQXhfTE1UUGRFSVMweDV6UXRGd2Ftd0lPWmJnMg2&id=f16f9d8a-240d-4998-8d16-4a3d4997bed8
Requested by
Host: capitallonne.com
URL: http://capitallonne.com/
Protocol
HTTP/1.1
Server
209.15.13.136 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
fb5693bd6652704880442d9a566c5396c1f58d32c9220c1297d8c6051a4132c0

Request headers

Referer
http://capitallonne.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Encoding
gzip
Content-Length
2153
Content-Type
text/html; charset=utf-8
Date
Wed, 25 May 2022 09:11:04 GMT
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Server
web02

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Wed, 25 May 2022 09:11:05 GMT
location
http://btpnative.com/click?data=RHRnOTdSa0I1YTVYRWlYVTNkZjNCMzQ2ZWJiT3NXeGdfb0pvQ2FHcktqWU93R3o4QndIUnBnMDB1WUdnUENtWjFhLVZMQTd2aUtOREdTclJCUW1xeURwRXhLcEFObU44a09OdDJIWmpyMnF5OWt1Y2JkX3pxOVYxTWlXQXhfTE1UUGRFSVMweDV6UXRGd2Ftd0lPWmJnMg2&id=f16f9d8a-240d-4998-8d16-4a3d4997bed8
server
nginx
domainClick
p274639.mybetterck.com/adServe/
Redirect Chain
  • http://btpnative.com/Redirect/
  • https://mybetterck.com/aS/feedclick?s=7BsrmHcakyKTjXt548WSd63dDnCBF-q5Hbw7jypZ-P3w8j6lgF_tYsy4VhBg5laHkUYvcc0zaJmktJmalqtYdZgW00lHZuA6GY-JEsN51T6L7HrzGR__5aYZ_8dAZcE4MLekFlfWsTpfBjRhq2gpKFIBD9uD2ix...
  • https://p274639.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn7_nWTJROiplNKId4yj9-6ugc-YBagYIEmralelkpYR24ZUU1_ocq9Oc3ijuqeD_M0j-iYVfM22olTbYYFMAhD2nht67Mjd-miggBdZbu4CrKMxYVdl3sAm5M1nD86s0ocxhEv...
533 B
748 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p274639.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn7_nWTJROiplNKId4yj9-6ugc-YBagYIEmralelkpYR24ZUU1_ocq9Oc3ijuqeD_M0j-iYVfM22olTbYYFMAhD2nht67Mjd-miggBdZbu4CrKMxYVdl3sAm5M1nD86s0ocxhEv2vS3fRvAXzXJe5ZDcJyuNzOFBGkiDZaSW8IU6jxQZ-FM7jeHs3TBi4hayG7sRYlwNG4KCsGZ6SykyVsf4dOAadnGy3Nnt3zUhZGKLn15RPYmwyFiOhr9EYrC65eTUxcPdRIHuog92Eaff8LU-aej3qIbWNqEUdS8i9AhbIwb3-ESHG0JHg2RvEwrk2epbC7U30TJp2VIF_UqDQ88cM8aFaorTKD8yd1PStxuG0qMhDqf7kErmmA6WwZQCkcwgT3naPNplkJScUWzLbIQ2Ve_03nTv7jwplSp4sodY4d-gjbGYOcDr3fjuZ-GA1vFm4Mr4OTbR5CVVEUSS1AFYFp_hfKZ9J0BA4ZJwa0lO9PCseOjB5bqQFNGElOvfVPqzPoTh8kp0S2soK2PQR3cP1HanXB3kwMrUDctBB5bK4AzpxF2ezqEJkRZoDkTN6TQuDi9ZpyJrxP09V6ZFcdrqcc3-XZakKfPsTFffUUcIJvG9Ksk5SjJDxHB_-SGS6UXNvzGrE8jh_g&ui=7BsrmHcakyKTjXt548WSd1Y37AsT2AewvOFsyv_SbDGYhyBKqNe6gyT_tPFbwSgYwqBbfzwuMVElgGditaQgh-YT8K3RGdHqMqg34nU5v4EAgmSnzDDKKA&si=1&oref=eb816c1225fd245d9a1cc1e0af73e803&optunit=SpcFOrl2YkqebDgPsBpQsGWSQsQHXjql&rb=uHfLan3MXZk&rr=0&abtg=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
bd.c1.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
http://btpnative.com
Referer
http://btpnative.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 25 May 2022 09:11:06 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
0
date
Wed, 25 May 2022 09:11:06 GMT
location
https://p274639.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn7_nWTJROiplNKId4yj9-6ugc-YBagYIEmralelkpYR24ZUU1_ocq9Oc3ijuqeD_M0j-iYVfM22olTbYYFMAhD2nht67Mjd-miggBdZbu4CrKMxYVdl3sAm5M1nD86s0ocxhEv2vS3fRvAXzXJe5ZDcJyuNzOFBGkiDZaSW8IU6jxQZ-FM7jeHs3TBi4hayG7sRYlwNG4KCsGZ6SykyVsf4dOAadnGy3Nnt3zUhZGKLn15RPYmwyFiOhr9EYrC65eTUxcPdRIHuog92Eaff8LU-aej3qIbWNqEUdS8i9AhbIwb3-ESHG0JHg2RvEwrk2epbC7U30TJp2VIF_UqDQ88cM8aFaorTKD8yd1PStxuG0qMhDqf7kErmmA6WwZQCkcwgT3naPNplkJScUWzLbIQ2Ve_03nTv7jwplSp4sodY4d-gjbGYOcDr3fjuZ-GA1vFm4Mr4OTbR5CVVEUSS1AFYFp_hfKZ9J0BA4ZJwa0lO9PCseOjB5bqQFNGElOvfVPqzPoTh8kp0S2soK2PQR3cP1HanXB3kwMrUDctBB5bK4AzpxF2ezqEJkRZoDkTN6TQuDi9ZpyJrxP09V6ZFcdrqcc3-XZakKfPsTFffUUcIJvG9Ksk5SjJDxHB_-SGS6UXNvzGrE8jh_g&ui=7BsrmHcakyKTjXt548WSd1Y37AsT2AewvOFsyv_SbDGYhyBKqNe6gyT_tPFbwSgYwqBbfzwuMVElgGditaQgh-YT8K3RGdHqMqg34nU5v4EAgmSnzDDKKA&si=1&oref=eb816c1225fd245d9a1cc1e0af73e803&optunit=SpcFOrl2YkqebDgPsBpQsGWSQsQHXjql&rb=uHfLan3MXZk&rr=0&abtg=0
server
nginx
/
click.cartageous.de/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://click.cartageous.de/?fct=true&psid=12396&kw=&auth=319N1&mfid=be89cb0217f948ed89034770c37f5bb8&subid=ch|010_1_db_yieldkit_de_merchant_GrouponGermany|discount&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Ddiscount%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_GrouponGermany
Requested by
Host: p274639.mybetterck.com
URL: https://p274639.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn7_nWTJROiplNKId4yj9-6ugc-YBagYIEmralelkpYR24ZUU1_ocq9Oc3ijuqeD_M0j-iYVfM22olTbYYFMAhD2nht67Mjd-miggBdZbu4CrKMxYVdl3sAm5M1nD86s0ocxhEv2vS3fRvAXzXJe5ZDcJyuNzOFBGkiDZaSW8IU6jxQZ-FM7jeHs3TBi4hayG7sRYlwNG4KCsGZ6SykyVsf4dOAadnGy3Nnt3zUhZGKLn15RPYmwyFiOhr9EYrC65eTUxcPdRIHuog92Eaff8LU-aej3qIbWNqEUdS8i9AhbIwb3-ESHG0JHg2RvEwrk2epbC7U30TJp2VIF_UqDQ88cM8aFaorTKD8yd1PStxuG0qMhDqf7kErmmA6WwZQCkcwgT3naPNplkJScUWzLbIQ2Ve_03nTv7jwplSp4sodY4d-gjbGYOcDr3fjuZ-GA1vFm4Mr4OTbR5CVVEUSS1AFYFp_hfKZ9J0BA4ZJwa0lO9PCseOjB5bqQFNGElOvfVPqzPoTh8kp0S2soK2PQR3cP1HanXB3kwMrUDctBB5bK4AzpxF2ezqEJkRZoDkTN6TQuDi9ZpyJrxP09V6ZFcdrqcc3-XZakKfPsTFffUUcIJvG9Ksk5SjJDxHB_-SGS6UXNvzGrE8jh_g&ui=7BsrmHcakyKTjXt548WSd1Y37AsT2AewvOFsyv_SbDGYhyBKqNe6gyT_tPFbwSgYwqBbfzwuMVElgGditaQgh-YT8K3RGdHqMqg34nU5v4EAgmSnzDDKKA&si=1&oref=eb816c1225fd245d9a1cc1e0af73e803&optunit=SpcFOrl2YkqebDgPsBpQsGWSQsQHXjql&rb=uHfLan3MXZk&rr=0&abtg=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.191.15.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-191-15-136.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d620cce39463d97fc03333908c8384894e7a6c04bb8e10874d4cd2553f4acdf2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 25 May 2022 09:11:07 GMT
etag
W/"c07-DUzZ4UK7K/X2kGmomtcXCoh0IoM"
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
rt.min.js
click.cartageous.de/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://click.cartageous.de/js/rt.min.js
Requested by
Host: click.cartageous.de
URL: https://click.cartageous.de/?fct=true&psid=12396&kw=&auth=319N1&mfid=be89cb0217f948ed89034770c37f5bb8&subid=ch|010_1_db_yieldkit_de_merchant_GrouponGermany|discount&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Ddiscount%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_GrouponGermany
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.191.15.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-191-15-136.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7a1a83aa2ce4040eb81d3a5f22486580481e9512e02150555242906b6ff9f7a8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://click.cartageous.de/?fct=true&psid=12396&kw=&auth=319N1&mfid=be89cb0217f948ed89034770c37f5bb8&subid=ch|010_1_db_yieldkit_de_merchant_GrouponGermany|discount&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Ddiscount%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_GrouponGermany
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 25 May 2022 08:16:00 GMT
etag
W/"3659-180fa4978be"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
landing.min.js
click.cartageous.de/js/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://click.cartageous.de/js/landing.min.js
Requested by
Host: click.cartageous.de
URL: https://click.cartageous.de/?fct=true&psid=12396&kw=&auth=319N1&mfid=be89cb0217f948ed89034770c37f5bb8&subid=ch|010_1_db_yieldkit_de_merchant_GrouponGermany|discount&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Ddiscount%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_GrouponGermany
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.191.15.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-191-15-136.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
9d323ba24ce2c917cdec93c3a5be2baac574558fe5e108b51432df6f8db6a392
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://click.cartageous.de/?fct=true&psid=12396&kw=&auth=319N1&mfid=be89cb0217f948ed89034770c37f5bb8&subid=ch|010_1_db_yieldkit_de_merchant_GrouponGermany|discount&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Ddiscount%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_GrouponGermany
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 18 May 2022 13:27:46 GMT
etag
W/"11d89-180d75a6050"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat&display=swap
Requested by
Host: click.cartageous.de
URL: https://click.cartageous.de/?fct=true&psid=12396&kw=&auth=319N1&mfid=be89cb0217f948ed89034770c37f5bb8&subid=ch|010_1_db_yieldkit_de_merchant_GrouponGermany|discount&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Ddiscount%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_GrouponGermany
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ed8be9aeeed0344f042d92f6c9fc87a8e04515c9548533bb4da208ffdc8d1c01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://click.cartageous.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 25 May 2022 08:04:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 25 May 2022 09:11:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 May 2022 09:11:07 GMT
bcloader.gif
click.cartageous.de/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://click.cartageous.de/images/bcloader.gif
Requested by
Host: click.cartageous.de
URL: https://click.cartageous.de/?fct=true&psid=12396&kw=&auth=319N1&mfid=be89cb0217f948ed89034770c37f5bb8&subid=ch|010_1_db_yieldkit_de_merchant_GrouponGermany|discount&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Ddiscount%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_GrouponGermany
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.191.15.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-191-15-136.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6697a4e88a23706a4b0e2eada7b346b7e5839d71d07505987582f48e810784f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://click.cartageous.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:11:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 18 May 2022 13:27:46 GMT
etag
W/"6816-180d75a6050"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
26646
x-xss-protection
1; mode=block
updateClickStatus
click.cartageous.de/ 		298 B
615 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://click.cartageous.de/updateClickStatus
Requested by
Host: click.cartageous.de
URL: https://click.cartageous.de/js/landing.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.191.15.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-191-15-136.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://click.cartageous.de/?fct=true&psid=12396&kw=&auth=319N1&mfid=be89cb0217f948ed89034770c37f5bb8&subid=ch|010_1_db_yieldkit_de_merchant_GrouponGermany|discount&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Ddiscount%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_GrouponGermany
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 25 May 2022 09:11:08 GMT
x-content-type-options
nosniff
etag
W/"12a-rM5miJ+id1yQP+bgJpIrlkruCQc"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
298
x-xss-protection
1; mode=block
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v24/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v24/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59d09721ef5d6a8a6aa8cf8100a1eaa2ef1644bd196fc1a788ad31e16a505734
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://click.cartageous.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 17:08:28 GMT
x-content-type-options
nosniff
age
57759
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12708
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:37:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 May 2023 17:08:28 GMT
Primary Request go
r.srvtrck.com/v2/
Redirect Chain
  • https://r.srvtrck.com/v1/redirect?type=linkId&id=cd4dce1940634ca097133f8b8541bdae&api_key=84d7b077ee35bd6b6fcc363d01f86dff&site_id=87a885fb727147d092b5642b83813aed&dch=feed&ad_t=advertiser&yk_tag=1...
  • https://r.srvtrck.com/v2/go?t=6t7p2%2F6l%3DnI.nymicel.fo%26%2FIpnbmichlrfd%26613822%265rd%3Det1p93c%254F528wcwdg8odp3n1d0%260f0a0p%3DiIngdavm3C4a0e1.6o0u0re.fw0Fc%25720A5%251t7h8lfu78f5d9a%3DaIPeas...
2 KB
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://r.srvtrck.com/v2/go?t=6t7p2%2F6l%3DnI.nymicel.fo%26%2FIpnbmichlrfd%26613822%265rd%3Det1p93c%254F528wcwdg8odp3n1d0%260f0a0p%3DiIngdavm3C4a0e1.6o0u0re.fw0Fc%25720A5%251t7h8lfu78f5d9a%3DaIPeaseleut%3FdmacPsakelestkdi6%2F6%3A0t6h&s=https%3A%2F%2Fclick.cartageous.de%2F&e=1&ai=be89cb0217f948ed89034770c37f5bb8&sct=1&ct=1653469869143&cu=d08edfc08c5740c59117e8df572f8d1a&ykuid=cc3e58cb49694dea9a72c6686c312a30&sc=1&cs=a72b59bd28237697595f182c6af303c1
Requested by
Host: click.cartageous.de
URL: https://click.cartageous.de/js/landing.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611a09c8a90e269e3fb0bf735c17179aec91b4aafe62008c7c59144ae8bf9ae0

Request headers

Referer
https://click.cartageous.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
710d245a49b6cc46-ZRH
content-encoding
br
content-type
text/html;charset=UTF-8
date
Wed, 25 May 2022 09:11:09 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
710d2459d938cc46-ZRH
content-length
0
date
Wed, 25 May 2022 09:11:09 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
/v2/go?t=6t7p2%2F6l%3DnI.nymicel.fo%26%2FIpnbmichlrfd%26613822%265rd%3Det1p93c%254F528wcwdg8odp3n1d0%260f0a0p%3DiIngdavm3C4a0e1.6o0u0re.fw0Fc%25720A5%251t7h8lfu78f5d9a%3DaIPeaseleut%3FdmacPsakelestkdi6%2F6%3A0t6h&s=https%3A%2F%2Fclick.cartageous.de%2F&e=1&ai=be89cb0217f948ed89034770c37f5bb8&sct=1&ct=1653469869143&cu=d08edfc08c5740c59117e8df572f8d1a&ykuid=cc3e58cb49694dea9a72c6686c312a30&sc=1&cs=a72b59bd28237697595f182c6af303c1
p3p
CP="CAO PSA OUR"
server
cloudflare
rd2
rd.bizrate.com/
Redirect Chain
  • http://link.sylikes.com/?publisherId=693528&url=http%3A%2F%2Fwww.groupon.de&afCampaignId=v030400011630d08edfc08c5740c59117e8df572f8d1a&afPlacementId&afPlacementId=66620766
  • https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.groupon.de%3FtsToken%3DDE_AFF_0_202117_508_0%26utm_source%3DGPN%26utm_medium%3Dafl%26utm_campaign%3D202117%26szredirectid%3DSZ_REDIRECT_ID&mid=308485&d...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.groupon.de%3FtsToken%3DDE_AFF_0_202117_508_0%26utm_source%3DGPN%26utm_medium%3Dafl%26utm_campaign%3D202117%26szredirectid%3DSZ_REDIRECT_ID&mid=308485&dMid=308485&tokenId=18P&bId=314&bidType=11&a=3279186d3588c4bef4e1fd9233788e0a&af_id=693528&af_rid=null&af_permalink_id=121d89a4027774134ec08e3aeb5e4285e494956d&cobrand=1&af_placement_id=,66620766&afCampaignId=v030400011630d08edfc08c5740c59117e8df572f8d1a&rf_code=af1&af_assettype_id=14&af_creative_id=2913
Requested by
Host: r.srvtrck.com
URL: https://r.srvtrck.com/v2/go?t=6t7p2%2F6l%3DnI.nymicel.fo%26%2FIpnbmichlrfd%26613822%265rd%3Det1p93c%254F528wcwdg8odp3n1d0%260f0a0p%3DiIngdavm3C4a0e1.6o0u0re.fw0Fc%25720A5%251t7h8lfu78f5d9a%3DaIPeaseleut%3FdmacPsakelestkdi6%2F6%3A0t6h&s=https%3A%2F%2Fclick.cartageous.de%2F&e=1&ai=be89cb0217f948ed89034770c37f5bb8&sct=1&ct=1653469869143&cu=d08edfc08c5740c59117e8df572f8d1a&ykuid=cc3e58cb49694dea9a72c6686c312a30&sc=1&cs=a72b59bd28237697595f182c6af303c1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.138.218.207 -, , ASN (),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Referer
https://r.srvtrck.com/v2/go?t=6t7p2%2F6l%3DnI.nymicel.fo%26%2FIpnbmichlrfd%26613822%265rd%3Det1p93c%254F528wcwdg8odp3n1d0%260f0a0p%3DiIngdavm3C4a0e1.6o0u0re.fw0Fc%25720A5%251t7h8lfu78f5d9a%3DaIPeaseleut%3FdmacPsakelestkdi6%2F6%3A0t6h&s=https%3A%2F%2Fclick.cartageous.de%2F&e=1&ai=be89cb0217f948ed89034770c37f5bb8&sct=1&ct=1653469869143&cu=d08edfc08c5740c59117e8df572f8d1a&ykuid=cc3e58cb49694dea9a72c6686c312a30&sc=1&cs=a72b59bd28237697595f182c6af303c1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache no-store
Connection
keep-alive
Content-Language
de-DE
Content-Type
text/html;charset=UTF-8
Date
Wed, 25 May 2022 09:11:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3P
CP="NON DSP ADM DEV PSD TAI OUR IND STP PRE NAV UNI"
Pragma
no-cache
Server
nginx/1.20.1
Transfer-Encoding
chunked

Redirect headers

Date
Wed, 25 May 2022 09:11:09 GMT
Location
https://rd.bizrate.com/rd2?t=http%3A%2F%2Fwww.groupon.de%3FtsToken%3DDE_AFF_0_202117_508_0%26utm_source%3DGPN%26utm_medium%3Dafl%26utm_campaign%3D202117%26szredirectid%3DSZ_REDIRECT_ID&mid=308485&dMid=308485&tokenId=18P&bId=314&bidType=11&a=3279186d3588c4bef4e1fd9233788e0a&af_id=693528&af_rid=null&af_permalink_id=121d89a4027774134ec08e3aeb5e4285e494956d&cobrand=1&af_placement_id=,66620766&afCampaignId=v030400011630d08edfc08c5740c59117e8df572f8d1a&rf_code=af1&af_assettype_id=14&af_creative_id=2913
P3P
CP="NON DSP ADM DEV PSD TAI OUR IND STP PRE NAV UNI"
Server
Apache-Coyote/1.1
Transfer-Encoding
chunked

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails

5 Cookies

Domain/Path Name / Value
.capitallonne.com/ Name: sid
Value: 9a71f308-dc0a-11ec-95ad-99ec578d3c90
btpnative.com/ Name: vroWCBDEfKtCmJx
Value: vroWCBDEfKtCmJx
.mybetterck.com/ Name: rhid
Value: 81363679998
.mybetterck.com/ Name: loi
Value: ad_1149204_off_593284_aff_11683_cid_274639-572719098-CAPITALLONNE.COM_ts_1653469866
.srvtrck.com/ Name: ykuid
Value: cc3e58cb49694dea9a72c6686c312a30