urlscan.io logo urlscan.io
SecurityTrails logo

r.srvtrck.com Open in urlscan Pro
2606:4700::6813:a860  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.bcbsgs.com/
Effective URL: https://r.srvtrck.com/v2/go?ai=f5a8266e01574598a5ac1019f3524c73&eu=et.pe%2Fnwhwtmhnsdcuu.zwa%2Fd%3Altdh&t=6t8p4%3A7%2F...
Submission: On February 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 19 HTTP transactions. The main IP is 2606:4700::6813:a860, located in United States and belongs to CLOUDFLARENET, US. The main domain is r.srvtrck.com. The Cisco Umbrella rank of the primary domain is 49556.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 23rd 2021. Valid for: a year.
This is the only time r.srvtrck.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 185.53.177.74 61969 (TEAMINTER...)
1 2600:9000:225... 16509 (AMAZON-02)
2 52.6.190.221 14618 (AMAZON-AES)
1 52.218.40.163 16509 (AMAZON-02)
1 2 108.168.193.189 36351 (SOFTLAYER)
5 52.11.180.133 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
19 10
4    185.53.177.74 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)
app.bcbsgs.com
1    2600:9000:2250:ac00:1f:4100:9540:21 (United States)

ASN16509 (AMAZON-02, US)
d1lxhc4jvstzrp.cloudfront.net
2    52.6.190.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-190-221.compute-1.amazonaws.com
katie.v4.omgtnc.com
1    52.218.40.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
2    108.168.193.189 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: bd.c1.a86c.ip4.static.sl-reverse.com
beta.mybetterck.com
5    52.11.180.133 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-180-133.us-west-2.compute.amazonaws.com
click.cartageous.de
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2606:4700::6813:a860 (United States)

ASN13335 (CLOUDFLARENET, US)
r.srvtrck.com
Apex Domain
Subdomains		 Transfer
5 cartageous.de
click.cartageous.de
59 KB
4 bcbsgs.com
app.bcbsgs.com
5 KB
3 srvtrck.com
r.srvtrck.com — Cisco Umbrella Rank: 49556
5 KB
2 mybetterck.com
beta.mybetterck.com — Cisco Umbrella Rank: 202441
2 KB
2 omgtnc.com
katie.v4.omgtnc.com — Cisco Umbrella Rank: 248621
5 KB
1 gstatic.com
fonts.gstatic.com
13 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 amazonaws.com
s3-eu-west-1.amazonaws.com
7 KB
1 cloudfront.net
d1lxhc4jvstzrp.cloudfront.net
2 KB
0 mundschutzhandel.de Failed
www.mundschutzhandel.de Failed
19 10
Domain Requested by
5 click.cartageous.de beta.mybetterck.com
click.cartageous.de
4 app.bcbsgs.com d1lxhc4jvstzrp.cloudfront.net
app.bcbsgs.com
3 r.srvtrck.com 1 redirects click.cartageous.de
r.srvtrck.com
2 beta.mybetterck.com 1 redirects katie.v4.omgtnc.com
2 katie.v4.omgtnc.com app.bcbsgs.com
katie.v4.omgtnc.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com click.cartageous.de
1 s3-eu-west-1.amazonaws.com katie.v4.omgtnc.com
1 d1lxhc4jvstzrp.cloudfront.net app.bcbsgs.com
0 www.mundschutzhandel.de Failed r.srvtrck.com
19 10

This site contains links to these domains. Also see Links.

Domain
www.mundschutzhandel.de
Subject Issuer Validity Valid
omgtnc.com
Amazon		 2021-04-03 -
2022-05-02		 a year crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon		 2021-12-17 -
2022-12-07		 a year crt.sh
*.mybetterck.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-06 -
2023-02-06		 a year crt.sh
*.cartageous.de
Amazon		 2022-01-12 -
2023-02-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.srvtrck.com
Go Daddy Secure Certificate Authority - G2		 2021-12-23 -
2023-01-24		 a year crt.sh

This page contains 2 frames:

Primary Page: https://r.srvtrck.com/v2/go?ai=f5a8266e01574598a5ac1019f3524c73&eu=et.pe%2Fnwhwtmhnsdcuu.zwa%2Fd%3Altdh&t=6t8p4%3A7%2F0w4.diel6g9rcd6%2Ffo5mandm%3Adilesia_i3c7obu4%3F5%3D2Vch8DbD4ha01b6MaH1b3_1H3c0L0t0I0I%3DooR%26m3F1V6I263Jdr%26oc4nk7To3H89qcj%26V3y1V6o273udKmMzAdMAD2505XyrZK9SdtHeN6o0OXEmQw5Kxp3BbsWIwl56BSQmwTLyqw%26jiz%3Dh4h4t035V6omM%3DlNeb4hQBGVrMRiv%3Ds40450f5V69lJg3v43N4_0b1W6A3P2o18a45KeCdN5MbK1nfc9p6lbdbm1%2F3ps%2Fte_udo2%2F7o7m8c9ea.4e5i9lfb0w4wb%2Fdsetch&sct=0&ct=1644581503294&cu=3211aa651ead45bb81cf29564bbb7133&w=4&e=1&ykuid=4ccc606cad7444f1a8e3f28243b4f35e&sc=1&cs=a9245377969b6923b1cdb867d651d389
Frame ID: 1B4CA4D2CC57F75C2111021498355563
Requests: 18 HTTP requests in this frame

Frame: https://www.mundschutzhandel.de/sonstiges/clungene-covid-19-antigen-schnelltest-25-stueck_210_1179/?ReferrerID=10
Frame ID: B609CCDBDF2BE14607C857671A2EC479
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bitte warten

Page URL History Show full URLs

  1. http://app.bcbsgs.com/ Page URL
  2. https://katie.v4.omgtnc.com/api/user/01e9e1085caf0a9b6f8f99fe1b7cf7a73818d69106.r?tk=eyJhbGciOiJIUzI1NiI... Page URL
  3. https://beta.mybetterck.com/aS/feedclick?s=7BsrmHcakyIm4llC-UeSH63dDnCBF-q5Hbw7jypZ-P1ok1jbuQOPXf-5cgJn_... HTTP 302
    https://beta.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn7n14G9bkf8F9BOkFRlxIx2PeqeyJhg-n_4lo0ajkp2-... Page URL
  4. https://click.cartageous.de/?fct=true&psid=13299&kw=&auth=DwaWR&mfid=f5a8266e01574598a5ac1019f3524c73&su... Page URL
  5. https://r.srvtrck.com/v1/redirect?type=linkId&id=c1c0cec798254ab8be0dd37655be4701&api_key=faa583b5... HTTP 302
    https://r.srvtrck.com/v2/go?ai=f5a8266e01574598a5ac1019f3524c73&eu=et.pe%2Fnwhwtmhnsdcuu.zwa%2Fd%3... Page URL

Page Statistics

19
Requests

68 %
HTTPS

44 %
IPv6

10
Domains

10
Subdomains

10
IPs

3
Countries

97 kB
Transfer

152 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.bcbsgs.com/ Page URL
  2. https://katie.v4.omgtnc.com/api/user/01e9e1085caf0a9b6f8f99fe1b7cf7a73818d69106.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjAyMTExMjExIiwiZCI6ImJjYnNncy5jb20ifQ.l0ZJ2wYHAwyRqRgRsR_pN23czrXlY3CzHhk3cy6guxs Page URL
  3. https://beta.mybetterck.com/aS/feedclick?s=7BsrmHcakyIm4llC-UeSH63dDnCBF-q5Hbw7jypZ-P1ok1jbuQOPXf-5cgJn_QpsVVH-ImtJpPaG_Nh80WMmwqfTqqBykvhw6dH2_md3Y9YZj4kSw3nVPovsevMZH__lphn_x0BlwTgwt6QWV9axOl8GNGGraCkoUgEP24PaLEKKxsudmYD7lVs8nTO5044MyjYWSD4ztHf3ytLXB0NINTfdRVrPpaLInUkiFKqnUwrTSABiFzf_dqOVQ0TPvablv--pJONPHlgUFeJZSAqfL3HkZTrfeVke-Y85Wdhn2Wnbx4IrZ5OUfiSW_132LQTBo7SGgpOTRM4vEMtdjy_-gbLCTKpM-a1nLYlAvSXOmk-ydVuDlJfoT3VqVc9j0eaGluUOntFDl8sgrVbliXLfvSbl8rG3LtcciMSKqJfibW8p4YUdxY9KLX0li7ixT6FCgsUMQxzi9hkNjqNlm5GTIFjaDX7yD6b69GtNLh7qLzRbMxmNhdWjTMn1Yr7Zli1_QWzniQPGITS4VNXV09VxBMak_CtNbzyTssK_C5a_A3Nkla0ypzPHzcxLPbdo6Rudy4yGAw6cgcRywo9zG3e-IpMSIe0ItOCeltWJz4sGACJg50VI_8BAJpppwgfctetZvFE990BJ0wILKukQpaJyFxjXFiKj9iMC1KO-CiGMH6qdMxjkwzW8j49erYEW6wvGoC7UqFQIEBYsYQCn0PY4k500jKbpkDRpWuXxlFV4l_uEJBE4XHge1F1A1Xbde0h1L39i_dzSBD7utwu-3GJL_m9SR7kZMBHrq6i-wFnRhLIGCx4SZimFAmQBPLxLghpwTkxsyAqLDuMfqWLfY5Dd1vbXfZdx8DnqcvqElw-idBnlrTGHSZUFaDthevHlmuO11S6A0Or7gFxcNY3xwiIRqVA1sdM0DOEuGNtttTHrejupJoJ6T3Seo3IekPx37dOJ-UxobhfX1q9HTVedjraUf7I7MNyv1_3sfJKYdMnv-gfPCkDgPGRi_SUx1uw960dqbh8LibweKUAXFWdyCUtxL0lRqOHHLv6SWFbNLPDAQebSt39pBRcPqncfFf78nHOYeAvBHBIEFebua2G5I--icRgI8uZ2XHW6nNj0XMWpnh831V0xPxnMfu7tmIEsWP5IX3tNcukh-_N6gKfDEekuybAzz1qFHdkfIC2oAXbuOPngc2IwUPjJ50_XCJZRoTAj57w6pi4P5W3v0TTq9zfreqgejVIrehRGC0Wy4qwZ9KUUarbi3qQuL6Vt6MB0aHGGdnzrgE3949rvoRqryCfQvf7H_JHQbHjME9X3AYQsCpAEn3pdnGSoQpHTA7Kz9fo94mKnTULy2teQgTesP9hhxGDRHWG4uWWICXGwoH8sHHIMxYMRwisSyW4UKVXLIUgDq2oIlaUhe4-JeKaP7K1ewgmFxxcjfl2jWjRlBavzIZ9OeYGVfsA2k6TpNs4Uh1SK7zUSx6YdtpqLYv7gI6xZ1OUg_mm1P-liUQFXqejF91JLyUZ9RAQQf7De_yEZ5AxwXqIRreUkRLG_um1tumweiTiKREhgojBfHNmslU-berSWKDITWOBRGuexS4FJt6-ArXtVVrcM9JHTV5pxNbzlVkGSb7tDeP237ldQlwu08sxFdzPQvfx_YM0Xx_XkFadwSjIM7s1Ldt1L3abLUIplq4uIv1jTEmzxawvJ6vt07vntQPK8E631yArjM4qCBPRUdnNYZ9tpJJvX3u1i3ifmg8aafnoW8zSle3Chyp32JhdMLqVbdV2Ogn1tuiUYyxRPNINTowTcKpAv_IMk0koDlL8T7OPgUULMxtk6K0fL2yuz1fJ-m1tujQ0rOdbBoCdEuj_hi7IZAcHhDbSvuIB87l5YGm876aVIgTzHXvYk-07PhRc2NPB18nglEi2Po94J0IfD9Crt7rkrEiVXvpkv61R63G4gdbXTaluCYQ7clBpzzJfZKe-3peBybpyqSvYhQZD7qZ3Y_3YJej0mUMZUemWSQsQHXjql HTTP 302
    https://beta.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn7n14G9bkf8F9BOkFRlxIx2PeqeyJhg-n_4lo0ajkp2-MdUWTCtqRqAVjsX5ovN31pF9lelgb8Xld1lPCZhZBjMPwVltbsfU7Nxns7rRyrIubiOYXU-pqgJcUWCNcIuooU3cwyWE-FHHCHBrchvCfdIFNpyw9oG_BVTTSgkDDTwJTwuJUPKJ6oW_XR4ywqbXlh4v7Y18DLKx7A8E-dnjgoR_LumuRTNBUbkMZt38gz09AKjPK8yG_j41Vs-V_YXEEZdK3dADRpUp57b6Qy9a1mHTiLNxNNj-322hqdZTX-fudCHw_Qq7e65AUgheKjLQ6KwCMoixrppYh5NTl-mejrjf6gmL4f0BkOLbo1gk_eF9tNXmnE1vOVWzysMWtLAym-OF0SokHo2PZeYO9hdbD2Gn6oVmfmCmc-q0T2xsmJwnBfZ8RtWPEH2SnZADPOdLz_p-OGBQW3exAhKJncPyYXssKbYd4jRL3fz-AbClJeve1IAxxj8fbHTscWi84ZIOk0qJeEuaLJ-WEdDYOEm2_ns-Cm35MG9zEITCssQBo5b-FYvFm50aelMwNFsuIXEbFRvXAPfVvfiSy1REgMcEr-N-yF-Piv972XMui_t2aF8P-6B4Cs_xTbC44ZJD9HpMOL1HKJ7VqIJC2WSQsQHXjql&ui=7BsrmHcakyIm4llC-UeSH1Y37AsT2Aew7m_wPj9vKQdEDYOOjGnEg8ROz2mwcrcaOu2OMklYKaPOOTtC98N4E8Ukhq0ocSQNBnXF-v_aYvcn7SZSEoWg1w&si=1&oref=ee394368d437fb34fa28252eda047704&optunit=iHs9CBhdBNDbEItyw-irrg&rb=lW92lAWMXHs&rr=4&isco=t&abtg=0 Page URL
  4. https://click.cartageous.de/?fct=true&psid=13299&kw=&auth=DwaWR&mfid=f5a8266e01574598a5ac1019f3524c73&subid=ch|010_1_db_yieldkit_de_cpc_merchant_Mundschutzhandel|medical&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Dmedical%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_Mundschutzhandel Page URL
  5. https://r.srvtrck.com/v1/redirect?type=linkId&id=c1c0cec798254ab8be0dd37655be4701&api_key=faa583b5a2fd25cd2c02e7ff18c26924&site_id=2d7a758f96ac49569efd0440b7d4e8c6&dch=feed&ad_t=advertiser&yk_tag=2112844159 HTTP 302
    https://r.srvtrck.com/v2/go?ai=f5a8266e01574598a5ac1019f3524c73&eu=et.pe%2Fnwhwtmhnsdcuu.zwa%2Fd%3Altdh&t=6t8p4%3A7%2F0w4.diel6g9rcd6%2Ffo5mandm%3Adilesia_i3c7obu4%3F5%3D2Vch8DbD4ha01b6MaH1b3_1H3c0L0t0I0I%3DooR%26m3F1V6I263Jdr%26oc4nk7To3H89qcj%26V3y1V6o273udKmMzAdMAD2505XyrZK9SdtHeN6o0OXEmQw5Kxp3BbsWIwl56BSQmwTLyqw%26jiz%3Dh4h4t035V6omM%3DlNeb4hQBGVrMRiv%3Ds40450f5V69lJg3v43N4_0b1W6A3P2o18a45KeCdN5MbK1nfc9p6lbdbm1%2F3ps%2Fte_udo2%2F7o7m8c9ea.4e5i9lfb0w4wb%2Fdsetch&sct=0&ct=1644581503294&cu=3211aa651ead45bb81cf29564bbb7133&w=4&e=1&ykuid=4ccc606cad7444f1a8e3f28243b4f35e&sc=1&cs=a9245377969b6923b1cdb867d651d389 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://beta.mybetterck.com/aS/feedclick?s=7BsrmHcakyIm4llC-UeSH63dDnCBF-q5Hbw7jypZ-P1ok1jbuQOPXf-5cgJn_QpsVVH-ImtJpPaG_Nh80WMmwqfTqqBykvhw6dH2_md3Y9YZj4kSw3nVPovsevMZH__lphn_x0BlwTgwt6QWV9axOl8GNGGraCkoUgEP24PaLEKKxsudmYD7lVs8nTO5044MyjYWSD4ztHf3ytLXB0NINTfdRVrPpaLInUkiFKqnUwrTSABiFzf_dqOVQ0TPvablv--pJONPHlgUFeJZSAqfL3HkZTrfeVke-Y85Wdhn2Wnbx4IrZ5OUfiSW_132LQTBo7SGgpOTRM4vEMtdjy_-gbLCTKpM-a1nLYlAvSXOmk-ydVuDlJfoT3VqVc9j0eaGluUOntFDl8sgrVbliXLfvSbl8rG3LtcciMSKqJfibW8p4YUdxY9KLX0li7ixT6FCgsUMQxzi9hkNjqNlm5GTIFjaDX7yD6b69GtNLh7qLzRbMxmNhdWjTMn1Yr7Zli1_QWzniQPGITS4VNXV09VxBMak_CtNbzyTssK_C5a_A3Nkla0ypzPHzcxLPbdo6Rudy4yGAw6cgcRywo9zG3e-IpMSIe0ItOCeltWJz4sGACJg50VI_8BAJpppwgfctetZvFE990BJ0wILKukQpaJyFxjXFiKj9iMC1KO-CiGMH6qdMxjkwzW8j49erYEW6wvGoC7UqFQIEBYsYQCn0PY4k500jKbpkDRpWuXxlFV4l_uEJBE4XHge1F1A1Xbde0h1L39i_dzSBD7utwu-3GJL_m9SR7kZMBHrq6i-wFnRhLIGCx4SZimFAmQBPLxLghpwTkxsyAqLDuMfqWLfY5Dd1vbXfZdx8DnqcvqElw-idBnlrTGHSZUFaDthevHlmuO11S6A0Or7gFxcNY3xwiIRqVA1sdM0DOEuGNtttTHrejupJoJ6T3Seo3IekPx37dOJ-UxobhfX1q9HTVedjraUf7I7MNyv1_3sfJKYdMnv-gfPCkDgPGRi_SUx1uw960dqbh8LibweKUAXFWdyCUtxL0lRqOHHLv6SWFbNLPDAQebSt39pBRcPqncfFf78nHOYeAvBHBIEFebua2G5I--icRgI8uZ2XHW6nNj0XMWpnh831V0xPxnMfu7tmIEsWP5IX3tNcukh-_N6gKfDEekuybAzz1qFHdkfIC2oAXbuOPngc2IwUPjJ50_XCJZRoTAj57w6pi4P5W3v0TTq9zfreqgejVIrehRGC0Wy4qwZ9KUUarbi3qQuL6Vt6MB0aHGGdnzrgE3949rvoRqryCfQvf7H_JHQbHjME9X3AYQsCpAEn3pdnGSoQpHTA7Kz9fo94mKnTULy2teQgTesP9hhxGDRHWG4uWWICXGwoH8sHHIMxYMRwisSyW4UKVXLIUgDq2oIlaUhe4-JeKaP7K1ewgmFxxcjfl2jWjRlBavzIZ9OeYGVfsA2k6TpNs4Uh1SK7zUSx6YdtpqLYv7gI6xZ1OUg_mm1P-liUQFXqejF91JLyUZ9RAQQf7De_yEZ5AxwXqIRreUkRLG_um1tumweiTiKREhgojBfHNmslU-berSWKDITWOBRGuexS4FJt6-ArXtVVrcM9JHTV5pxNbzlVkGSb7tDeP237ldQlwu08sxFdzPQvfx_YM0Xx_XkFadwSjIM7s1Ldt1L3abLUIplq4uIv1jTEmzxawvJ6vt07vntQPK8E631yArjM4qCBPRUdnNYZ9tpJJvX3u1i3ifmg8aafnoW8zSle3Chyp32JhdMLqVbdV2Ogn1tuiUYyxRPNINTowTcKpAv_IMk0koDlL8T7OPgUULMxtk6K0fL2yuz1fJ-m1tujQ0rOdbBoCdEuj_hi7IZAcHhDbSvuIB87l5YGm876aVIgTzHXvYk-07PhRc2NPB18nglEi2Po94J0IfD9Crt7rkrEiVXvpkv61R63G4gdbXTaluCYQ7clBpzzJfZKe-3peBybpyqSvYhQZD7qZ3Y_3YJej0mUMZUemWSQsQHXjql HTTP 302
  • https://beta.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn7n14G9bkf8F9BOkFRlxIx2PeqeyJhg-n_4lo0ajkp2-MdUWTCtqRqAVjsX5ovN31pF9lelgb8Xld1lPCZhZBjMPwVltbsfU7Nxns7rRyrIubiOYXU-pqgJcUWCNcIuooU3cwyWE-FHHCHBrchvCfdIFNpyw9oG_BVTTSgkDDTwJTwuJUPKJ6oW_XR4ywqbXlh4v7Y18DLKx7A8E-dnjgoR_LumuRTNBUbkMZt38gz09AKjPK8yG_j41Vs-V_YXEEZdK3dADRpUp57b6Qy9a1mHTiLNxNNj-322hqdZTX-fudCHw_Qq7e65AUgheKjLQ6KwCMoixrppYh5NTl-mejrjf6gmL4f0BkOLbo1gk_eF9tNXmnE1vOVWzysMWtLAym-OF0SokHo2PZeYO9hdbD2Gn6oVmfmCmc-q0T2xsmJwnBfZ8RtWPEH2SnZADPOdLz_p-OGBQW3exAhKJncPyYXssKbYd4jRL3fz-AbClJeve1IAxxj8fbHTscWi84ZIOk0qJeEuaLJ-WEdDYOEm2_ns-Cm35MG9zEITCssQBo5b-FYvFm50aelMwNFsuIXEbFRvXAPfVvfiSy1REgMcEr-N-yF-Piv972XMui_t2aF8P-6B4Cs_xTbC44ZJD9HpMOL1HKJ7VqIJC2WSQsQHXjql&ui=7BsrmHcakyIm4llC-UeSH1Y37AsT2Aew7m_wPj9vKQdEDYOOjGnEg8ROz2mwcrcaOu2OMklYKaPOOTtC98N4E8Ukhq0ocSQNBnXF-v_aYvcn7SZSEoWg1w&si=1&oref=ee394368d437fb34fa28252eda047704&optunit=iHs9CBhdBNDbEItyw-irrg&rb=lW92lAWMXHs&rr=4&isco=t&abtg=0
Request Chain 17
  • https://www.billiger.de/common/modules/api/cmodul?p=cVnhKDMDNhC0Kb4M8HobP_AHWcbL_tNI4I3oJR9mVFfV5I06sJvrRor4GkQT43e8lqMjoVVy3Vtoh7huzKjMwAyMTDm5S56ylZI9sdBHpNKowOmEXQ056xe3tbSWKwr5XB0Q2wALdqz&mid=3424601536&mc=9NHboh7BnVcM&id=3424601536&log=v0304000136133211aa651ead45bb81cf29564bbb7133_site_id:2d7a758f96ac49569efd0440b7d4e8c6 HTTP 302
  • https://www.mundschutzhandel.de/sonstiges/clungene-covid-19-antigen-schnelltest-25-stueck_210_1179?ReferrerID=10 HTTP 301
  • https://www.mundschutzhandel.de/sonstiges/clungene-covid-19-antigen-schnelltest-25-stueck_210_1179/?ReferrerID=10

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
app.bcbsgs.com/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://app.bcbsgs.com/
Protocol
HTTP/1.1
Server
185.53.177.74 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
a652e36f6dfdfd87b557b03d4b241acb8b99d346e2a1f5a04589f1b442ba0bc4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Fri, 11 Feb 2022 12:11:38 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Redirect
adtonic
X-Template
tpl_CleanPeppermintBlack_twoclick
X-Language
german
Accept-CH
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime
30
Content-Encoding
gzip
js3.js
d1lxhc4jvstzrp.cloudfront.net/scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d1lxhc4jvstzrp.cloudfront.net/scripts/js3.js
Requested by
Host: app.bcbsgs.com
URL: http://app.bcbsgs.com/
Protocol
HTTP/1.1
Server
2600:9000:2250:ac00:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c57e9feec209e3ea5eb1d75a1ba6fa277242a3df250055be8446052b51e58637

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://app.bcbsgs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 10:43:56 GMT
Via
1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront)
Last-Modified
Tue, 17 Aug 2021 09:17:22 GMT
Server
nginx
Age
5262
ETag
"611b7ea2-46e"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA60-P2
Accept-Ranges
bytes
Content-Length
1134
X-Amz-Cf-Id
epZfGUQYXuvdYFR0HuJDizPSqfdbVwKRnRwMpn8n_8TgQmxmrpjLLg==
track.php
app.bcbsgs.com/ 		0
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://app.bcbsgs.com/track.php?domain=bcbsgs.com&toggle=browserjs&uid=MTY0NDU4MTQ5OC4yMjM0OmNmMjhjYmM4NGUzODVjOGUxMzUxMWRiMWZjYzg2YTY0NzU1OTMxYzBmYjYxNGE3OTgxZWY0OGJmZWI1NjJiZGI6NjIwNjUyN2EzNjg4Mw%3D%3D
Requested by
Host: d1lxhc4jvstzrp.cloudfront.net
URL: http://d1lxhc4jvstzrp.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
185.53.177.74 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://app.bcbsgs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 12:11:38 GMT
Content-Encoding
gzip
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
browserjs
Vary
Accept-Encoding
Accept-CH-Lifetime
30
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
ls.php
app.bcbsgs.com/ 		0
905 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://app.bcbsgs.com/ls.php
Requested by
Host: app.bcbsgs.com
URL: http://app.bcbsgs.com/
Protocol
HTTP/1.1
Server
185.53.177.74 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://app.bcbsgs.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 11 Feb 2022 12:11:38 GMT
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, OPTIONS
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_lsa0LXWy8JA1oo6tY0RnxI+LNXoevuWcQRAsGa4Dw6yv541VQioaZD0lieiJ2k2sbIEjImvwyMWiFRlQ8kvH6A==
Access-Control-Allow-Origin
http://app.bcbsgs.com
X-Log-Success
6206527a229fc977dd22feb7
Charset
utf-8
Accept-CH-Lifetime
30
Access-Control-Max-Age
86400
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Server
nginx
track.php
app.bcbsgs.com/ 		0
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://app.bcbsgs.com/track.php?click=7d21c813f75995877009b954353314f53e1c990a&domain=bcbsgs.com&uid=MTY0NDU4MTQ5OC4yMjM0OmNmMjhjYmM4NGUzODVjOGUxMzUxMWRiMWZjYzg2YTY0NzU1OTMxYzBmYjYxNGE3OTgxZWY0OGJmZWI1NjJiZGI6NjIwNjUyN2EzNjg4Mw%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2MjA2NTI3YTM2ODY5fHx8MTY0NDU4MTQ5OC41Nzd8MjQ5YTdjNTJlNjQwZjY2M2MyNjA0YjhiNjY2NGEwZjRmZjJmYTVhMnx8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDF8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDZjNTNkOTk1OGFiNjYxYTk2MzhlOTk3ZjQwOGI1YTczNDFiNDUzNzZ8MHxkcC10ZWFtaW50ZXJuZXQwOV8zcGh8MA%3D%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off
Requested by
Host: d1lxhc4jvstzrp.cloudfront.net
URL: http://d1lxhc4jvstzrp.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
185.53.177.74 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://app.bcbsgs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 12:11:38 GMT
Content-Encoding
gzip
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Vary
Accept-Encoding
Accept-CH-Lifetime
30
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
X-View-Match
true
Connection
keep-alive
Transfer-Encoding
chunked
Server
nginx
01e9e1085caf0a9b6f8f99fe1b7cf7a73818d69106.r
katie.v4.omgtnc.com/api/user/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://katie.v4.omgtnc.com/api/user/01e9e1085caf0a9b6f8f99fe1b7cf7a73818d69106.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjAyMTExMjExIiwiZCI6ImJjYnNncy5jb20ifQ.l0ZJ2wYHAwyRqRgRsR_pN23czrXlY3CzHhk3cy6guxs
Requested by
Host: app.bcbsgs.com
URL: http://app.bcbsgs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.190.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-190-221.compute-1.amazonaws.com
Software
/
Resource Hash
2ac7884329ffcaa1d0067cdb7a1378e75c930e86130800ecf9ea81939de1d061

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://app.bcbsgs.com/

Response headers

date
Fri, 11 Feb 2022 12:11:38 GMT
content-type
text/html; charset=utf-8
content-length
2140
p3p
CP="CUR NOI NID STA STP"
x-robots-tag
noindex, nofollow
accept-ch
UA,UA-Full-Version,UA-Platform,UA-Arch,UA-Model,UA-Mobile,Width,Viewport-Width,Downlink,DPR,Save-Data
ajax-loader.gif
s3-eu-west-1.amazonaws.com/pxgif/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/pxgif/ajax-loader.gif
Requested by
Host: katie.v4.omgtnc.com
URL: https://katie.v4.omgtnc.com/api/user/01e9e1085caf0a9b6f8f99fe1b7cf7a73818d69106.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjAyMTExMjExIiwiZCI6ImJjYnNncy5jb20ifQ.l0ZJ2wYHAwyRqRgRsR_pN23czrXlY3CzHhk3cy6guxs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.40.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 12:11:40 GMT
Last-Modified
Fri, 12 Aug 2016 15:23:54 GMT
Server
AmazonS3
x-amz-request-id
JHDBYXGNZRKCTGEY
ETag
"dc5b98ed1c3c7959cdcb76113e7442cd"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
6820
x-amz-id-2
dkq5RSbM033ZGCJS4wLU7kPLX6PG8Wdi6VZc10pYbliSWo1Oi3xM4Lm8dKpQTfVU9O7MjwQQcNM=
01e9e1085caf0a9b6f8f99fe1b7cf7a73818d69106.r
katie.v4.omgtnc.com/api/product/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://katie.v4.omgtnc.com/api/product/01e9e1085caf0a9b6f8f99fe1b7cf7a73818d69106.r?confirm=c4e729deaa2d4cc0184350c1d4f2943e&size=1920000&noframe=1&tnc_ref=http%3A%2F%2Fapp.bcbsgs.com%2F&reftaken=feed&refEqual=true
Requested by
Host: katie.v4.omgtnc.com
URL: https://katie.v4.omgtnc.com/api/user/01e9e1085caf0a9b6f8f99fe1b7cf7a73818d69106.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjAyMTExMjExIiwiZCI6ImJjYnNncy5jb20ifQ.l0ZJ2wYHAwyRqRgRsR_pN23czrXlY3CzHhk3cy6guxs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.190.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-190-221.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 12:11:39 GMT
referrer-policy
no-referrer
p3p
CP="CUR NOI NID STA STP"
x-robots-tag
noindex, nofollow
content-length
2059
content-type
text/html; charset=utf-8
domainClick
beta.mybetterck.com/adServe/
Redirect Chain
  • https://beta.mybetterck.com/aS/feedclick?s=7BsrmHcakyIm4llC-UeSH63dDnCBF-q5Hbw7jypZ-P1ok1jbuQOPXf-5cgJn_QpsVVH-ImtJpPaG_Nh80WMmwqfTqqBykvhw6dH2_md3Y9YZj4kSw3nVPovsevMZH__lphn_x0BlwTgwt6QWV9axOl8GNG...
  • https://beta.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn7n14G9bkf8F9BOkFRlxIx2PeqeyJhg-n_4lo0ajkp2-MdUWTCtqRqAVjsX5ovN31pF9lelgb8Xld1lPCZhZBjMPwVltbsfU7Nxns7rRyrIubiOYXU-pqgJcUWCNcIuooU3cwyWE-...
539 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beta.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn7n14G9bkf8F9BOkFRlxIx2PeqeyJhg-n_4lo0ajkp2-MdUWTCtqRqAVjsX5ovN31pF9lelgb8Xld1lPCZhZBjMPwVltbsfU7Nxns7rRyrIubiOYXU-pqgJcUWCNcIuooU3cwyWE-FHHCHBrchvCfdIFNpyw9oG_BVTTSgkDDTwJTwuJUPKJ6oW_XR4ywqbXlh4v7Y18DLKx7A8E-dnjgoR_LumuRTNBUbkMZt38gz09AKjPK8yG_j41Vs-V_YXEEZdK3dADRpUp57b6Qy9a1mHTiLNxNNj-322hqdZTX-fudCHw_Qq7e65AUgheKjLQ6KwCMoixrppYh5NTl-mejrjf6gmL4f0BkOLbo1gk_eF9tNXmnE1vOVWzysMWtLAym-OF0SokHo2PZeYO9hdbD2Gn6oVmfmCmc-q0T2xsmJwnBfZ8RtWPEH2SnZADPOdLz_p-OGBQW3exAhKJncPyYXssKbYd4jRL3fz-AbClJeve1IAxxj8fbHTscWi84ZIOk0qJeEuaLJ-WEdDYOEm2_ns-Cm35MG9zEITCssQBo5b-FYvFm50aelMwNFsuIXEbFRvXAPfVvfiSy1REgMcEr-N-yF-Piv972XMui_t2aF8P-6B4Cs_xTbC44ZJD9HpMOL1HKJ7VqIJC2WSQsQHXjql&ui=7BsrmHcakyIm4llC-UeSH1Y37AsT2Aew7m_wPj9vKQdEDYOOjGnEg8ROz2mwcrcaOu2OMklYKaPOOTtC98N4E8Ukhq0ocSQNBnXF-v_aYvcn7SZSEoWg1w&si=1&oref=ee394368d437fb34fa28252eda047704&optunit=iHs9CBhdBNDbEItyw-irrg&rb=lW92lAWMXHs&rr=4&isco=t&abtg=0
Requested by
Host: katie.v4.omgtnc.com
URL: https://katie.v4.omgtnc.com/api/user/01e9e1085caf0a9b6f8f99fe1b7cf7a73818d69106.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjAyMTExMjExIiwiZCI6ImJjYnNncy5jb20ifQ.l0ZJ2wYHAwyRqRgRsR_pN23czrXlY3CzHhk3cy6guxs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
bd.c1.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://katie.v4.omgtnc.com/api/user/01e9e1085caf0a9b6f8f99fe1b7cf7a73818d69106.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjAyMTExMjExIiwiZCI6ImJjYnNncy5jb20ifQ.l0ZJ2wYHAwyRqRgRsR_pN23czrXlY3CzHhk3cy6guxs

Response headers

server
nginx
date
Fri, 11 Feb 2022 12:11:39 GMT
content-type
text/html;charset=ISO-8859-1
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

server
nginx
date
Fri, 11 Feb 2022 12:11:39 GMT
content-length
0
location
https://beta.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn7n14G9bkf8F9BOkFRlxIx2PeqeyJhg-n_4lo0ajkp2-MdUWTCtqRqAVjsX5ovN31pF9lelgb8Xld1lPCZhZBjMPwVltbsfU7Nxns7rRyrIubiOYXU-pqgJcUWCNcIuooU3cwyWE-FHHCHBrchvCfdIFNpyw9oG_BVTTSgkDDTwJTwuJUPKJ6oW_XR4ywqbXlh4v7Y18DLKx7A8E-dnjgoR_LumuRTNBUbkMZt38gz09AKjPK8yG_j41Vs-V_YXEEZdK3dADRpUp57b6Qy9a1mHTiLNxNNj-322hqdZTX-fudCHw_Qq7e65AUgheKjLQ6KwCMoixrppYh5NTl-mejrjf6gmL4f0BkOLbo1gk_eF9tNXmnE1vOVWzysMWtLAym-OF0SokHo2PZeYO9hdbD2Gn6oVmfmCmc-q0T2xsmJwnBfZ8RtWPEH2SnZADPOdLz_p-OGBQW3exAhKJncPyYXssKbYd4jRL3fz-AbClJeve1IAxxj8fbHTscWi84ZIOk0qJeEuaLJ-WEdDYOEm2_ns-Cm35MG9zEITCssQBo5b-FYvFm50aelMwNFsuIXEbFRvXAPfVvfiSy1REgMcEr-N-yF-Piv972XMui_t2aF8P-6B4Cs_xTbC44ZJD9HpMOL1HKJ7VqIJC2WSQsQHXjql&ui=7BsrmHcakyIm4llC-UeSH1Y37AsT2Aew7m_wPj9vKQdEDYOOjGnEg8ROz2mwcrcaOu2OMklYKaPOOTtC98N4E8Ukhq0ocSQNBnXF-v_aYvcn7SZSEoWg1w&si=1&oref=ee394368d437fb34fa28252eda047704&optunit=iHs9CBhdBNDbEItyw-irrg&rb=lW92lAWMXHs&rr=4&isco=t&abtg=0
/
click.cartageous.de/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://click.cartageous.de/?fct=true&psid=13299&kw=&auth=DwaWR&mfid=f5a8266e01574598a5ac1019f3524c73&subid=ch|010_1_db_yieldkit_de_cpc_merchant_Mundschutzhandel|medical&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Dmedical%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_Mundschutzhandel
Requested by
Host: beta.mybetterck.com
URL: https://beta.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn7n14G9bkf8F9BOkFRlxIx2PeqeyJhg-n_4lo0ajkp2-MdUWTCtqRqAVjsX5ovN31pF9lelgb8Xld1lPCZhZBjMPwVltbsfU7Nxns7rRyrIubiOYXU-pqgJcUWCNcIuooU3cwyWE-FHHCHBrchvCfdIFNpyw9oG_BVTTSgkDDTwJTwuJUPKJ6oW_XR4ywqbXlh4v7Y18DLKx7A8E-dnjgoR_LumuRTNBUbkMZt38gz09AKjPK8yG_j41Vs-V_YXEEZdK3dADRpUp57b6Qy9a1mHTiLNxNNj-322hqdZTX-fudCHw_Qq7e65AUgheKjLQ6KwCMoixrppYh5NTl-mejrjf6gmL4f0BkOLbo1gk_eF9tNXmnE1vOVWzysMWtLAym-OF0SokHo2PZeYO9hdbD2Gn6oVmfmCmc-q0T2xsmJwnBfZ8RtWPEH2SnZADPOdLz_p-OGBQW3exAhKJncPyYXssKbYd4jRL3fz-AbClJeve1IAxxj8fbHTscWi84ZIOk0qJeEuaLJ-WEdDYOEm2_ns-Cm35MG9zEITCssQBo5b-FYvFm50aelMwNFsuIXEbFRvXAPfVvfiSy1REgMcEr-N-yF-Piv972XMui_t2aF8P-6B4Cs_xTbC44ZJD9HpMOL1HKJ7VqIJC2WSQsQHXjql&ui=7BsrmHcakyIm4llC-UeSH1Y37AsT2Aew7m_wPj9vKQdEDYOOjGnEg8ROz2mwcrcaOu2OMklYKaPOOTtC98N4E8Ukhq0ocSQNBnXF-v_aYvcn7SZSEoWg1w&si=1&oref=ee394368d437fb34fa28252eda047704&optunit=iHs9CBhdBNDbEItyw-irrg&rb=lW92lAWMXHs&rr=4&isco=t&abtg=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.180.133 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-180-133.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a99b4730027abeb660e0a13cb697b5dc3a1525e4f242720ea8db8d6ff0f8247c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 11 Feb 2022 12:11:40 GMT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
etag
W/"c1d-KEjazPtQf0gPeVS292UG78BIgDo"
vary
Accept-Encoding
content-encoding
gzip
rt.min.js
click.cartageous.de/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://click.cartageous.de/js/rt.min.js
Requested by
Host: click.cartageous.de
URL: https://click.cartageous.de/?fct=true&psid=13299&kw=&auth=DwaWR&mfid=f5a8266e01574598a5ac1019f3524c73&subid=ch|010_1_db_yieldkit_de_cpc_merchant_Mundschutzhandel|medical&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Dmedical%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_Mundschutzhandel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.180.133 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-180-133.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
fd26b18841c29e163b45c583259e77451115ed368bff3596719d52598d570f2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://click.cartageous.de/?fct=true&psid=13299&kw=&auth=DwaWR&mfid=f5a8266e01574598a5ac1019f3524c73&subid=ch|010_1_db_yieldkit_de_cpc_merchant_Mundschutzhandel|medical&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Dmedical%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_Mundschutzhandel
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 12:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 11 Feb 2022 11:16:01 GMT
etag
W/"3650-17ee87f41c8"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
landing.min.js
click.cartageous.de/js/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://click.cartageous.de/js/landing.min.js
Requested by
Host: click.cartageous.de
URL: https://click.cartageous.de/?fct=true&psid=13299&kw=&auth=DwaWR&mfid=f5a8266e01574598a5ac1019f3524c73&subid=ch|010_1_db_yieldkit_de_cpc_merchant_Mundschutzhandel|medical&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Dmedical%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_Mundschutzhandel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.180.133 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-180-133.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
bcb1b14ab9a1743109f310b8f44840563a6d12528a7d1a48c6eb139cf4370957
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://click.cartageous.de/?fct=true&psid=13299&kw=&auth=DwaWR&mfid=f5a8266e01574598a5ac1019f3524c73&subid=ch|010_1_db_yieldkit_de_cpc_merchant_Mundschutzhandel|medical&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Dmedical%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_Mundschutzhandel
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 12:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 01 Feb 2022 10:29:53 GMT
etag
W/"11da9-17eb4d56ce8"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
x-dns-prefetch-control
off
vary
Accept-Encoding
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat&display=swap
Requested by
Host: click.cartageous.de
URL: https://click.cartageous.de/?fct=true&psid=13299&kw=&auth=DwaWR&mfid=f5a8266e01574598a5ac1019f3524c73&subid=ch|010_1_db_yieldkit_de_cpc_merchant_Mundschutzhandel|medical&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Dmedical%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_Mundschutzhandel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89e8f2e632f9752a6c13d9018e54c77c5ede81990b73fc587768424e978b0bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://click.cartageous.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 11 Feb 2022 11:40:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 11 Feb 2022 12:11:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 11 Feb 2022 12:11:40 GMT
bcloader.gif
click.cartageous.de/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://click.cartageous.de/images/bcloader.gif
Requested by
Host: click.cartageous.de
URL: https://click.cartageous.de/?fct=true&psid=13299&kw=&auth=DwaWR&mfid=f5a8266e01574598a5ac1019f3524c73&subid=ch|010_1_db_yieldkit_de_cpc_merchant_Mundschutzhandel|medical&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Dmedical%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_Mundschutzhandel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.180.133 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-180-133.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6697a4e88a23706a4b0e2eada7b346b7e5839d71d07505987582f48e810784f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://click.cartageous.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 12:11:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Feb 2022 10:29:53 GMT
etag
W/"6816-17eb4d56ce8"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
x-dns-prefetch-control
off
content-length
26646
x-xss-protection
1; mode=block
updateClickStatus
click.cartageous.de/ 		302 B
619 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://click.cartageous.de/updateClickStatus
Requested by
Host: click.cartageous.de
URL: https://click.cartageous.de/js/landing.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.180.133 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-180-133.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
01a813fa123a6a360bcead7bb0c7634e806b7318090406bf49e798168c71f23d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://click.cartageous.de/?fct=true&psid=13299&kw=&auth=DwaWR&mfid=f5a8266e01574598a5ac1019f3524c73&subid=ch|010_1_db_yieldkit_de_cpc_merchant_Mundschutzhandel|medical&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Dmedical%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_Mundschutzhandel
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 11 Feb 2022 12:11:41 GMT
x-content-type-options
nosniff
etag
W/"12e-P0LNcTJpeR6EGpIVU25z21ir4+A"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
vary
Accept-Encoding
content-length
302
x-xss-protection
1; mode=block
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v23/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://click.cartageous.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 21:26:13 GMT
x-content-type-options
nosniff
age
225927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12648
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 21:26:13 GMT
Primary Request go
r.srvtrck.com/v2/
Redirect Chain
  • https://r.srvtrck.com/v1/redirect?type=linkId&id=c1c0cec798254ab8be0dd37655be4701&api_key=faa583b5a2fd25cd2c02e7ff18c26924&site_id=2d7a758f96ac49569efd0440b7d4e8c6&dch=feed&ad_t=advertiser&yk_tag=2...
  • https://r.srvtrck.com/v2/go?ai=f5a8266e01574598a5ac1019f3524c73&eu=et.pe%2Fnwhwtmhnsdcuu.zwa%2Fd%3Altdh&t=6t8p4%3A7%2F0w4.diel6g9rcd6%2Ffo5mandm%3Adilesia_i3c7obu4%3F5%3D2Vch8DbD4ha01b6MaH1b3_1H3c0...
4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.srvtrck.com/v2/go?ai=f5a8266e01574598a5ac1019f3524c73&eu=et.pe%2Fnwhwtmhnsdcuu.zwa%2Fd%3Altdh&t=6t8p4%3A7%2F0w4.diel6g9rcd6%2Ffo5mandm%3Adilesia_i3c7obu4%3F5%3D2Vch8DbD4ha01b6MaH1b3_1H3c0L0t0I0I%3DooR%26m3F1V6I263Jdr%26oc4nk7To3H89qcj%26V3y1V6o273udKmMzAdMAD2505XyrZK9SdtHeN6o0OXEmQw5Kxp3BbsWIwl56BSQmwTLyqw%26jiz%3Dh4h4t035V6omM%3DlNeb4hQBGVrMRiv%3Ds40450f5V69lJg3v43N4_0b1W6A3P2o18a45KeCdN5MbK1nfc9p6lbdbm1%2F3ps%2Fte_udo2%2F7o7m8c9ea.4e5i9lfb0w4wb%2Fdsetch&sct=0&ct=1644581503294&cu=3211aa651ead45bb81cf29564bbb7133&w=4&e=1&ykuid=4ccc606cad7444f1a8e3f28243b4f35e&sc=1&cs=a9245377969b6923b1cdb867d651d389
Requested by
Host: click.cartageous.de
URL: https://click.cartageous.de/js/landing.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae0eeb8843b491a0e84eef97823a098ea85b0baec4544fe87e22b0ce82ed361c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://click.cartageous.de/

Response headers

date
Fri, 11 Feb 2022 12:11:43 GMT
content-type
text/html;charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6dbd7b3bcb928397-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Fri, 11 Feb 2022 12:11:43 GMT
content-length
0
p3p
CP="CAO PSA OUR"
location
/v2/go?ai=f5a8266e01574598a5ac1019f3524c73&eu=et.pe%2Fnwhwtmhnsdcuu.zwa%2Fd%3Altdh&t=6t8p4%3A7%2F0w4.diel6g9rcd6%2Ffo5mandm%3Adilesia_i3c7obu4%3F5%3D2Vch8DbD4ha01b6MaH1b3_1H3c0L0t0I0I%3DooR%26m3F1V6I263Jdr%26oc4nk7To3H89qcj%26V3y1V6o273udKmMzAdMAD2505XyrZK9SdtHeN6o0OXEmQw5Kxp3BbsWIwl56BSQmwTLyqw%26jiz%3Dh4h4t035V6omM%3DlNeb4hQBGVrMRiv%3Ds40450f5V69lJg3v43N4_0b1W6A3P2o18a45KeCdN5MbK1nfc9p6lbdbm1%2F3ps%2Fte_udo2%2F7o7m8c9ea.4e5i9lfb0w4wb%2Fdsetch&sct=0&ct=1644581503294&cu=3211aa651ead45bb81cf29564bbb7133&w=4&e=1&ykuid=4ccc606cad7444f1a8e3f28243b4f35e&sc=1&cs=a9245377969b6923b1cdb867d651d389
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6dbd7b2fae908397-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax-loader.gif
r.srvtrck.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.srvtrck.com/ajax-loader.gif
Requested by
Host: r.srvtrck.com
URL: https://r.srvtrck.com/v2/go?ai=f5a8266e01574598a5ac1019f3524c73&eu=et.pe%2Fnwhwtmhnsdcuu.zwa%2Fd%3Altdh&t=6t8p4%3A7%2F0w4.diel6g9rcd6%2Ffo5mandm%3Adilesia_i3c7obu4%3F5%3D2Vch8DbD4ha01b6MaH1b3_1H3c0L0t0I0I%3DooR%26m3F1V6I263Jdr%26oc4nk7To3H89qcj%26V3y1V6o273udKmMzAdMAD2505XyrZK9SdtHeN6o0OXEmQw5Kxp3BbsWIwl56BSQmwTLyqw%26jiz%3Dh4h4t035V6omM%3DlNeb4hQBGVrMRiv%3Ds40450f5V69lJg3v43N4_0b1W6A3P2o18a45KeCdN5MbK1nfc9p6lbdbm1%2F3ps%2Fte_udo2%2F7o7m8c9ea.4e5i9lfb0w4wb%2Fdsetch&sct=0&ct=1644581503294&cu=3211aa651ead45bb81cf29564bbb7133&w=4&e=1&ykuid=4ccc606cad7444f1a8e3f28243b4f35e&sc=1&cs=a9245377969b6923b1cdb867d651d389
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:a860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://r.srvtrck.com/v2/go?ai=f5a8266e01574598a5ac1019f3524c73&eu=et.pe%2Fnwhwtmhnsdcuu.zwa%2Fd%3Altdh&t=6t8p4%3A7%2F0w4.diel6g9rcd6%2Ffo5mandm%3Adilesia_i3c7obu4%3F5%3D2Vch8DbD4ha01b6MaH1b3_1H3c0L0t0I0I%3DooR%26m3F1V6I263Jdr%26oc4nk7To3H89qcj%26V3y1V6o273udKmMzAdMAD2505XyrZK9SdtHeN6o0OXEmQw5Kxp3BbsWIwl56BSQmwTLyqw%26jiz%3Dh4h4t035V6omM%3DlNeb4hQBGVrMRiv%3Ds40450f5V69lJg3v43N4_0b1W6A3P2o18a45KeCdN5MbK1nfc9p6lbdbm1%2F3ps%2Fte_udo2%2F7o7m8c9ea.4e5i9lfb0w4wb%2Fdsetch&sct=0&ct=1644581503294&cu=3211aa651ead45bb81cf29564bbb7133&w=4&e=1&ykuid=4ccc606cad7444f1a8e3f28243b4f35e&sc=1&cs=a9245377969b6923b1cdb867d651d389
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 12:11:43 GMT
cf-cache-status
HIT
last-modified
Wed, 09 Feb 2022 09:55:34 GMT
server
cloudflare
age
224
etag
W/"3208-1644400534000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
6dbd7b3c2e963746-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3208
expires
Fri, 11 Feb 2022 13:11:43 GMT
/
www.mundschutzhandel.de/sonstiges/clungene-covid-19-antigen-schnelltest-25-stueck_210_1179/ Frame B609
Redirect Chain
  • https://www.billiger.de/common/modules/api/cmodul?p=cVnhKDMDNhC0Kb4M8HobP_AHWcbL_tNI4I3oJR9mVFfV5I06sJvrRor4GkQT43e8lqMjoVVy3Vtoh7huzKjMwAyMTDm5S56ylZI9sdBHpNKowOmEXQ056xe3tbSWKwr5XB0Q2wALdqz&mid=3...
  • https://www.mundschutzhandel.de/sonstiges/clungene-covid-19-antigen-schnelltest-25-stueck_210_1179?ReferrerID=10
  • https://www.mundschutzhandel.de/sonstiges/clungene-covid-19-antigen-schnelltest-25-stueck_210_1179/?ReferrerID=10
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.mundschutzhandel.de
URL
https://www.mundschutzhandel.de/sonstiges/clungene-covid-19-antigen-schnelltest-25-stueck_210_1179/?ReferrerID=10

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone

8 Cookies

Domain/Path Name / Value
katie.v4.omgtnc.com/ Name: checkme
Value: c4e729deaa2d4cc0184350c1d4f2943eb789
.mybetterck.com/ Name: rhid
Value: 80691595301
.mybetterck.com/ Name: loi
Value: ad_1141572_off_585789_aff_11683_cid_235715-BCBSGS.COM_ts_1644581499
.srvtrck.com/ Name: ykuid
Value: 4ccc606cad7444f1a8e3f28243b4f35e
www.billiger.de/ Name: billigerderevisit
Value: tag%3D6KRCUNa8X54lo9MoIgQf3guNfRL4nqjRrTM0BD6q
www.billiger.de/ Name: 3LUzYn9iLIhbsLgOWCFTpDXybEMSt8GfF8dCe_n0Wll1I22X7ncs8A
Value: MS1wApdHNtfOE310lo-qoFJHUryFmnJug
www.billiger.de/ Name: billiger_session
Value: w07C-SC3wTI6KRCUNa8X54lo9MoIgQf3guNfRL4nqjRrTM0BD6q
.billiger.de/ Name: __cf_bm
Value: Vau1JULl.hsmhudp4oSsC6hXf.VYFZ8zaWsBgwD23ok-1644581503-0-AWGeUn81Lry/uV7jdyTOjzlq3TW2/8L6fFp9bE+ic9R0mUb6SsQ+zPFZqmC4+DgnDOb+zC+9YddILDoQ8s7X0T0h+4XL0AMgciPHD2WmzNeN