suche.guenstiger.de
Open in
urlscan Pro
2606:4700:4400::6812:2ace
Public Scan
Submitted URL: http://cbsnees.com/
Effective URL: https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=3463330329&origin=yadore_nextag_traffic&p=360894&origin=yadore&c...
Submission: On June 29 via api from US — Scanned from DE
Effective URL: https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=3463330329&origin=yadore_nextag_traffic&p=360894&origin=yadore&c...
Submission: On June 29 via api from US — Scanned from DE
Summary
This website contacted 8 IPs
in 4 countries
across 9 domains to perform 16 HTTP transactions.
The main IP is 2606:4700:4400::6812:2ace, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is suche.guenstiger.de.
The Cisco Umbrella rank of the primary domain is 755925.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 14th 2021. Valid for: a year.
This is the only time suche.guenstiger.de was scanned on urlscan.io!
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 14th 2021. Valid for: a year.
This is the only time suche.guenstiger.de was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 78.41.204.27 78.41.204.27 | 62370 (SNEL) (SNEL) | |
| 1 2 | 209.15.13.136 209.15.13.136 | 13768 (COGECO-PEER1) (COGECO-PEER1) | |
| 1 2 | 108.168.193.189 108.168.193.189 | 36351 (SOFTLAYER) (SOFTLAYER) | |
| 5 | 54.71.226.183 54.71.226.183 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:812::200a | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:806::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 1 2 | 2606:4700::68... 2606:4700::6813:a860 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 1 | 88.99.112.6 88.99.112.6 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 6 | 2606:4700:440... 2606:4700:4400::6812:2ace | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 16 | 8 |
2
108.168.193.189
(Dallas, United States)
ASN36351 (SOFTLAYER, US)
PTR: bd.c1.a86c.ip4.static.sl-reverse.com
ASN36351 (SOFTLAYER, US)
PTR: bd.c1.a86c.ip4.static.sl-reverse.com
| mybetterck.com | |
| p274639.mybetterck.com |
5
54.71.226.183
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-226-183.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-226-183.us-west-2.compute.amazonaws.com
| click.cartageous.de |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 6 |
guenstiger.de
suche.guenstiger.de — Cisco Umbrella Rank: 755925 |
253 KB |
| 5 |
cartageous.de
click.cartageous.de |
59 KB |
| 2 |
srvtrck.com
1 redirects
r.srvtrck.com — Cisco Umbrella Rank: 61559 |
2 KB |
| 2 |
mybetterck.com
1 redirects
mybetterck.com — Cisco Umbrella Rank: 66229 p274639.mybetterck.com |
2 KB |
| 2 |
btpnative.com
1 redirects
btpnative.com — Cisco Umbrella Rank: 312958 |
6 KB |
| 1 |
yadore.com
1 redirects
api.yadore.com — Cisco Umbrella Rank: 373286 |
234 B |
| 1 |
gstatic.com
fonts.gstatic.com |
13 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71 |
1 KB |
| 1 |
cbsnees.com
1 redirects
cbsnees.com |
604 B |
| 16 | 9 |
| Domain | Requested by | |
|---|---|---|
| 6 | suche.guenstiger.de |
r.srvtrck.com
suche.guenstiger.de |
| 5 | click.cartageous.de |
p274639.mybetterck.com
click.cartageous.de |
| 2 | r.srvtrck.com |
1 redirects
click.cartageous.de
|
| 2 | btpnative.com | 1 redirects |
| 1 | api.yadore.com | 1 redirects |
| 1 | fonts.gstatic.com |
fonts.googleapis.com
|
| 1 | fonts.googleapis.com |
click.cartageous.de
|
| 1 | p274639.mybetterck.com | |
| 1 | mybetterck.com | 1 redirects |
| 1 | cbsnees.com | 1 redirects |
| 16 | 10 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.mybetterck.com Sectigo RSA Domain Validation Secure Server CA |
2022-02-06 - 2023-02-06 |
a year | crt.sh |
| *.cartageous.de Amazon |
2022-01-12 - 2023-02-10 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
| *.srvtrck.com Go Daddy Secure Certificate Authority - G2 |
2021-12-23 - 2023-01-24 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-14 - 2022-09-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=3463330329&origin=yadore_nextag_traffic&p=360894&origin=yadore&clickSource=411e2ca37546820c133cb8ff4fada198877fabe9692135fda6abb97d0c7a13b8
Frame ID: EB958CD577DE939AAB4112A726CC7C13
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
Guenstiger.de - Der große Preisvergleich im InternetPage URL History Show full URLs
-
http://cbsnees.com/
HTTP 302
http://btpnative.com/click?data=LTNtQkM0aEhsMWU4Q1RNT0dWN1BkWlJPenJpdUVlYWpOVllnWTFMM2JmQ1p5c25JN... Page URL
-
http://btpnative.com/Redirect/
HTTP 302
https://mybetterck.com/aS/feedclick?s=9XmSB6CFggS6IfcT-kj6SUy6mHFWYZhhfSMU3tyux_xZ3oH-8dDp2GdNRMz_d... HTTP 302
https://p274639.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn5gu8T-TV4QyE8x9hIz7vAOhBHFvsW5ADFRTfsTgwqTq... Page URL
- https://click.cartageous.de/?fct=true&psid=12396&kw=&auth=319N1&mfid=228b155870e046e0a7034a510f0e3b35&su... Page URL
-
https://r.srvtrck.com/v1/redirect?type=linkId&id=0f708229411c46059fb070623a2b7410&api_key=84d7b077...
HTTP 302
https://r.srvtrck.com/v2/go?t=1t2pa%3Ab%2F1p1.ba0o9e4c5mcva%2Fa%3F3%3D7l0K6m1o0z4Q3Hvwd1tVeze5a3po... Page URL
-
https://api.yadore.com/v2/r?e=ZlhKUmloSzRQTHZwM1VVazc5Q3BoU2NhbGhFS0JOTG5JcVFLNi9DZTNpb1B1dTlxejFwW...
HTTP 302
https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=3463330329&origin=yadore_nextag_traffic&p=36... Page URL
Detected technologies
TrackJs
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- tracker\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://cbsnees.com/
HTTP 302
http://btpnative.com/click?data=LTNtQkM0aEhsMWU4Q1RNT0dWN1BkWlJPenJpdUVlYWpOVllnWTFMM2JmQ1p5c25JN3FtOUpEek9fOEh3V3ZDLVpmejBPVmtxZmpvUnZ0OHlKVzRoR3dKSkV3UE40c2ZvaExZZjkwVkxXZFU3LWd1dWZWWnJ0MHNNc2JnZ1dRaG1QQ2FzRGVrZkRIcDc1VTUyUDFON1hBMg2&id=56c766e2-b921-473e-b29d-980f9e9fd92e Page URL
-
http://btpnative.com/Redirect/
HTTP 302
https://mybetterck.com/aS/feedclick?s=9XmSB6CFggS6IfcT-kj6SUy6mHFWYZhhfSMU3tyux_xZ3oH-8dDp2GdNRMz_dvhc29XXvCS9-JLFXNSHgbbvMDcVgn291AC8YBoQL_cnsAH98M0aES-8Hfb5np8cxJs0YFos_XX7JtPGVWViaJip_or8xMsUNp2ZhE49meKl9WI1ldPmKGcR-lr3XtaybE-QjSgvUf51tzlrADLptbgJNCHTo9rQDTS0WUiM4mivWrSulyjY5-DIeK4iyIMr1Kv9n95nXu9sfylOojsa2Ug-qU9FxqA8SvWjrhtqQQL44sUmk_P48Z6jOPMEFIixR2DD_3Pulep01qs3YVnPYeSRLkRlOijRPXaK-8hyt6dNQFyMoHwD5p5SEFNj1qXpfe1Udc_T82Zm694PR8EHPCGTvFqsYFWx50QobaQomZOS-bbv2Gqrc78XDydV2NLGT8R0U9tdqgpy-89_FdEnGLM61JCLuRruSNpuSMylMYhmJ64UebroIV5f-gn6KoMCSwWd1wvQ0BXe-ur5IbS4qrvkpfSqT5SKx9KYBFpaPSXVCmYCBLpXTD1IisSUkRpnvObOoNL636UEtjV9sE9pg5d1EAYAg1WjAE16X_GQ2W44wCqnY7NyF8U37EPkLYTzIPSnP_NrGaPNnP4KVIzWAcqphOjWmPl561Hlbqgs-_Ra2aT7CxnsQwbx2Eqy1VCG-iug_s81UkAMgb1eJaXcfvEJhVblmvccB_Ol-516ycwEnZL-Di4nK2AZ-krewH6Pvye3i1wJqkX9TRsrNgGTaOHCWa_uWNWv-jdD3rHyFrj46Or3LKjkQkJPaYr6B90F-pbmkF_-NtQEBHAQdZdsV77XORgmtk33kEp7FBWYwjYvQTA778LG2-YudnC1wPsK3ZjYgtH6WNBmvn6zp5fZI7qS5JfwZQRKYBIhcC0DEB1MNcKHu2HyVptsSs9827r0a61oyHqMKMtbq8IvbFPw_IF49ZjHNi_U5cCb77hzLE7wzgdt3cxQ9t4F6yeFlDBFM8beKzFNP5v9Q7Hys5FerPxLpkXRB8vmj_Oe4hPuNyU-e9KczIZLDzEnL9COa17clZyzO9TQaZth4odToaHk1MEEdutH9SpMvtSp8cCMYxBKbDrjrTi-EOcpV4l8iUTo01G1C9UgZqszPLmYSK9jFOKnlD6uI7Nj2y9_WHVdI7gFJdvP0Wc6TA_R0hdIiDKfAJ2qY4iekvtbl4rrC8Afv1loNTdnnJrrGY3cLyN4qiZYMEZ6yQUbyrgexl8UcQqLFG-UHYAR2_WpBx-Jih2B4DxOwTPAWnw9pUDRkDdVIcEvA24GKdCpEXMuL_qriXjlMIBEc00imiFRcxGk__HhN7xpY5qBY5tn3DGIJ3HeQ8bahUeSmkEAL2zxPWOIvC_XGVH_DZV11KuuOhtrKFKLIR7TUMkrKO8yfotuKtzOqOWNc-Eu2-je_9fYcEZyGktRgczJpvEdtb2P-k_gVVbwZKoErZMEQ1IxiNxRjKl6YoNEdk4MRRK1am2Cnmjsyw1wcEjIKm3K_maep6K2klVveZ970SzY9MiOb-Hl12T6Neh_5nH5xQdrUYfnARWrHWpS1ceH3FN0RAenWBbeajMAw3X-ODelccyyxeBLcxw_n7Ehr3WeYEzfNHFnxj-gM8Kx4jMv3plMmTV-x4h52jM6-Hyv0qWx6t6hyPOehOz4ZaXrrQmrMpOsADnH7XQ_3TB5vaPsP_CDFFuVtd-cFG1HlqSCRDLLaTfRhq2FZOCvUV5-lWWgngA9SL4TWj_LFKaQfdCIV7zGDkXThF6fxRzXxISqKCG6-EnCPrjjd-p9flQvgrionx8B71l6CMW_LZEobZfJsgSZluxHBz07pgHk6WO8eNpqovRHA8A5hQo4QOZKHM-HX8y66E6MIDjFpjO-N-K6Bd7lz0j1TDNoSAUVTYlBYlHaauiSvts47WwBM7LF7_bKTvKGg4ax0kvJRn1EBBB_YB2Z10CWRhUx5M2FB69xgTFieyQatg8DaAxz7OniVgeEMG7_BQSVwiGuy6XSjwE1bi63TeE7w5ite1VWtwz0kWAcL5pU4ioP4zO6H7H8EJT5CuqkwTRLhCJKT7sNyHttCZR9GpC8OKXiFLjRWdXl4VSeAwOPlII0uBHGvzKMe2jnGjxMnnrOeKZh2C_QiHUWRHio_TwsgeADb8upbP9WVClR6A4cKxLdr3RHr76u7fspiRbevglEoDDoPKhiTtrylncyIRxNngVWEOPLy2OuHH_A33hLUvIxfDdMdKMVUe61OVr4nUatnU60pZtkCwUZIGDrg-H9m7Rg9vBbyGyytaKLnIBFJtGVf4fq3DDa0NrcArNvgpO8nwU0gs3cMF4wLQF1RdGU_Z64QbVI_Omfm9VSAuRigA5jG11PpJt5LQExc5M2NNClLMHUexsYbru5j-9G70Dv9VcEq4I2TZ3E_CdQ0xlpwKUXM_Ta1CH3HgzpryXxFah0HHsSK_WdCnsFdsgnxoqnT3OYwj_ujUsrC5hjmAi0XyUf2kOo1rKEGcztQ72-X1vFLIKXA8I08ijloi-QgZdaZ8uAaqj5KnHU5LFlOkA5XI19p_PlFrd2jcwRzJDDLPnNjq7xNxQbL6I7SnwPa-v25XvAhEitx0UbeIyuaiNKuLarJTu6AXYz7K5AhsDUssfirW1NYJhrG_A2oL-4hDDdJRFxN2O27TmmL406e3IaIktQ5NfFna4JuMy5HBHAGI8aS7DDe6SN19l72IBu2n015Mg HTTP 302
https://p274639.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn5gu8T-TV4QyE8x9hIz7vAOhBHFvsW5ADFRTfsTgwqTqPIs-eVSu3UhJR65dZP9P6IBn-6lteLOAiybjrPggY3JTpETfv8ysBd3SvBTA7mnHJWZk8y7v7fJwdR7Gxhuu7kCjOSica0A1WSYOQEdHvqdOA3rZJs3dB1Oy5B36DHmDukqyvQ2fGaaclM8dOiUnFopAXSiLQG3peKGEtg4yd9U4cY7I7GjN37xSvZafx17nB5UFm8PDYvoizutE0qA9G3N9q6KIJqy5DjO_04-Vd4n-9syjyW0LcZ7F1U6mdrkXQHIJXwyd7QBeC4SWWQU23p38KxoTfNA0oGQftCKgBzp6a8l8RWodByskbXeAZ2LwIou0n_HdIkQCE3ZWrWWjlv3Inrr62SKm0OxydjkZiG1E44R1OBZtbO56xahWXdSoBK78oR35i6pOcREm55cwIlj7aZpfxj0fB-RFHq-GlAl8XoPmTBzkQ1NwUJbZCEwFZz3PXmLbsj9rm03zEEikOW-7V9Y6GmwLOxpL0sisbzR-39klbubsOq9U4ILimfJsx0JexQ2Sy1U_X_6gBr488XIzzh0hp6ogLk5cPDOZUgYPy4bgR7VVke2h20lcRrHus9LCz5E8ciHT2L9NFyVXF5Z3D3Ds6JC7qF0LAergHJ4bM7TR-A6o2LnrG8E1DfQ9Y0YoNg3I5480l7vLB5E2Ugyd1PStxuG0qMhDqf7kErmd4DskR14KyRdhiQucknxxg8B78vhYDGt1ncdoqbvEUfiGk6D6i_OaFx3z9WPb7-DW2jB4zFuRTFWdau7IN9FdV9I9zFVCeL5p92cp-vkcPmEf3qd4ONyUKC7q00sm1d_81VZTL6WTs8WO4QP-Vi7zRe7zzBJbLAQvEGFQ0jWJkN4bvlPQArirXHpAiEoSXb7bgejlzf67IHJhBqnpFAYjy8XSwgU20thPr3DzM-L5AsSUNiMZYItZYgqsUMnR3TtWPvkYpBcq78&ui=9XmSB6CFggTENzPKQVSHVYBVNmK1S2tVKO6JjE9NF2Iju17w_uqskA1Mn8jDkdgIMWJ7JBq2DwNoDHPs6eJWB4Qwbv8FBJXCIa7LpdKPATW8zcnmLEb5bA&si=1&oref=b43b9a5e149d9f68bc62c393d3080cda&optunit=QIbA1LLH4q3omJ5wtw7vIA&rb=uHfLan3MXZk&rr=0&abtg=0 Page URL
- https://click.cartageous.de/?fct=true&psid=12396&kw=&auth=319N1&mfid=228b155870e046e0a7034a510f0e3b35&subid=ch|010_1_db_yieldkit_de_merchant_elektroradar|safety&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN001_%26utm_medium%3Dcpc%26utm_term%3Dsafety%26utm_content%3Dyieldkit_C_de%26utm_campaign%3Dm_elektroradar Page URL
-
https://r.srvtrck.com/v1/redirect?type=linkId&id=0f708229411c46059fb070623a2b7410&api_key=84d7b077ee35bd6b6fcc363d01f86dff&site_id=87a885fb727147d092b5642b83813aed&dch=feed&ad_t=advertiser&yk_tag=1330009737
HTTP 302
https://r.srvtrck.com/v2/go?t=1t2pa%3Ab%2F1p1.ba0o9e4c5mcva%2Fa%3F3%3D7l0K6m1o0z4Q3Hvwd1tVeze5a3po72%2FhSGyFm0MOhGHJ%3DV%26L%3DiPDcTUpN1R1FTSxhjQwEmMyhFM2tDRFhWR3p0eml0Q4VWQ2Q0bmgGN5BkLkJVNqx1QapkV2hTe5J0WNkzTj8EWvdTS190ZVZkO2B3Q3Z0ahZ0UvMTKTRjbZ90e2t2Y4U0YJV1SGpVb3h2TsNzewcEYR5UT3AlNydSM5d2MaFzU0VzW1IUKD90SsJHN1MDezlTQLBTc1UHTh9DaZVGNBxFV0RWZHUFKtxUNLoFUv1lYlFkWJ8lV0FmMrVUQ6llU5ZnaXl1MupFYO9zZhpVbmdGYw9XcEV2THJENz5WTVV3TwhzQYckM5h0TJBSaRFGRyIFQXhlWXJFV2ZTbQp2MnJ1RrcFVtM0RFl1Rw8HSCc1cwYmN55mcrgHYQJjZPc3OvlFb2Z2NvY0Qw5STKZXZlB3c0NlayRmcSBTUpJGbB5SYkIGb61mRxlUR25lcUhWSGh0MsZ0TvZjOzR3WhYDd3RlL5RzS0VkTNdWLMdENRV2cGgzMucTW1FWeTl1dMBHbqNHZ99QN%3DFicM5hT_JdSQhnbgN%2FU%26BlQccmanVIM%3DZ0T0R0S0l1U3hbZcedre2c%2F4o4.9radey5ieac%2F3sft0h&s=https%3A%2F%2Fclick.cartageous.de%2F&e=1&ai=228b155870e046e0a7034a510f0e3b35&sct=0&ct=1656520442403&cu=b7c3daeacc454499a0eb51e1cb3af201&ykuid=df347aee1a034a688c9f49c6ec75f0ef&sc=1&cs=226166ad37b8035b847307b24b979d58 Page URL
-
https://api.yadore.com/v2/r?e=ZlhKUmloSzRQTHZwM1VVazc5Q3BoU2NhbGhFS0JOTG5JcVFLNi9DZTNpb1B1dTlxejFwWmcyMFg2cDVFNWd3L0dmT0V4SWR2L0RmdGY5WkRkOVZqT1ZaMkh2STh5c05NRzljRE1vbTI1Y05VbkJ2U3B3c0Rha0NvcTBTZjZZT052Q2Y4N0ZJb1lGOVc3Z2JsYzgwcE5RNUY3clcySS85R2laRzM0Vzc1RUJDM0psbHZ1VDJzWThLQTI1RHFhaDBZTGhBMFc0QWhHTFVtTU5LNFJvTlVlck9JYld0bmprZU96Ylp5MnlXa1ZuUFlOQzVhMVFmVG8wWXFEY21HUEozNWxVK3UwZzRYVkx5N0VJaS9RTGUycFBXQllXeFM2NTJQS29nK1IrWFVtU0FFM1dwMHdCN1AwTm55YmcreHNQTjhPb3pvSFV2Y2UvY0tweS9KbXRlK3M0UlZyamZSQTBpOGZBZS9kSGd6Wm8xTUk2WlJUeWhGV0psQ0xvNjJzL3BhNDg3blQ5QzV0QklNeWpMREhRR2tGMzhuMTE1QWhTS1FMRHNqUHc9PQ==&i=MHhh_MdmQynSg//7&placementId=v030400011630b7c3daeacc454499a0eb51e1cb3af201
HTTP 302
https://suche.guenstiger.de/norob/ClickTracker.jsp?ds=p&tag=3463330329&origin=yadore_nextag_traffic&p=360894&origin=yadore&clickSource=411e2ca37546820c133cb8ff4fada198877fabe9692135fda6abb97d0c7a13b8 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://cbsnees.com/ HTTP 302
- http://btpnative.com/click?data=LTNtQkM0aEhsMWU4Q1RNT0dWN1BkWlJPenJpdUVlYWpOVllnWTFMM2JmQ1p5c25JN3FtOUpEek9fOEh3V3ZDLVpmejBPVmtxZmpvUnZ0OHlKVzRoR3dKSkV3UE40c2ZvaExZZjkwVkxXZFU3LWd1dWZWWnJ0MHNNc2JnZ1dRaG1QQ2FzRGVrZkRIcDc1VTUyUDFON1hBMg2&id=56c766e2-b921-473e-b29d-980f9e9fd92e
- http://btpnative.com/Redirect/ HTTP 302
- https://mybetterck.com/aS/feedclick?s=9XmSB6CFggS6IfcT-kj6SUy6mHFWYZhhfSMU3tyux_xZ3oH-8dDp2GdNRMz_dvhc29XXvCS9-JLFXNSHgbbvMDcVgn291AC8YBoQL_cnsAH98M0aES-8Hfb5np8cxJs0YFos_XX7JtPGVWViaJip_or8xMsUNp2ZhE49meKl9WI1ldPmKGcR-lr3XtaybE-QjSgvUf51tzlrADLptbgJNCHTo9rQDTS0WUiM4mivWrSulyjY5-DIeK4iyIMr1Kv9n95nXu9sfylOojsa2Ug-qU9FxqA8SvWjrhtqQQL44sUmk_P48Z6jOPMEFIixR2DD_3Pulep01qs3YVnPYeSRLkRlOijRPXaK-8hyt6dNQFyMoHwD5p5SEFNj1qXpfe1Udc_T82Zm694PR8EHPCGTvFqsYFWx50QobaQomZOS-bbv2Gqrc78XDydV2NLGT8R0U9tdqgpy-89_FdEnGLM61JCLuRruSNpuSMylMYhmJ64UebroIV5f-gn6KoMCSwWd1wvQ0BXe-ur5IbS4qrvkpfSqT5SKx9KYBFpaPSXVCmYCBLpXTD1IisSUkRpnvObOoNL636UEtjV9sE9pg5d1EAYAg1WjAE16X_GQ2W44wCqnY7NyF8U37EPkLYTzIPSnP_NrGaPNnP4KVIzWAcqphOjWmPl561Hlbqgs-_Ra2aT7CxnsQwbx2Eqy1VCG-iug_s81UkAMgb1eJaXcfvEJhVblmvccB_Ol-516ycwEnZL-Di4nK2AZ-krewH6Pvye3i1wJqkX9TRsrNgGTaOHCWa_uWNWv-jdD3rHyFrj46Or3LKjkQkJPaYr6B90F-pbmkF_-NtQEBHAQdZdsV77XORgmtk33kEp7FBWYwjYvQTA778LG2-YudnC1wPsK3ZjYgtH6WNBmvn6zp5fZI7qS5JfwZQRKYBIhcC0DEB1MNcKHu2HyVptsSs9827r0a61oyHqMKMtbq8IvbFPw_IF49ZjHNi_U5cCb77hzLE7wzgdt3cxQ9t4F6yeFlDBFM8beKzFNP5v9Q7Hys5FerPxLpkXRB8vmj_Oe4hPuNyU-e9KczIZLDzEnL9COa17clZyzO9TQaZth4odToaHk1MEEdutH9SpMvtSp8cCMYxBKbDrjrTi-EOcpV4l8iUTo01G1C9UgZqszPLmYSK9jFOKnlD6uI7Nj2y9_WHVdI7gFJdvP0Wc6TA_R0hdIiDKfAJ2qY4iekvtbl4rrC8Afv1loNTdnnJrrGY3cLyN4qiZYMEZ6yQUbyrgexl8UcQqLFG-UHYAR2_WpBx-Jih2B4DxOwTPAWnw9pUDRkDdVIcEvA24GKdCpEXMuL_qriXjlMIBEc00imiFRcxGk__HhN7xpY5qBY5tn3DGIJ3HeQ8bahUeSmkEAL2zxPWOIvC_XGVH_DZV11KuuOhtrKFKLIR7TUMkrKO8yfotuKtzOqOWNc-Eu2-je_9fYcEZyGktRgczJpvEdtb2P-k_gVVbwZKoErZMEQ1IxiNxRjKl6YoNEdk4MRRK1am2Cnmjsyw1wcEjIKm3K_maep6K2klVveZ970SzY9MiOb-Hl12T6Neh_5nH5xQdrUYfnARWrHWpS1ceH3FN0RAenWBbeajMAw3X-ODelccyyxeBLcxw_n7Ehr3WeYEzfNHFnxj-gM8Kx4jMv3plMmTV-x4h52jM6-Hyv0qWx6t6hyPOehOz4ZaXrrQmrMpOsADnH7XQ_3TB5vaPsP_CDFFuVtd-cFG1HlqSCRDLLaTfRhq2FZOCvUV5-lWWgngA9SL4TWj_LFKaQfdCIV7zGDkXThF6fxRzXxISqKCG6-EnCPrjjd-p9flQvgrionx8B71l6CMW_LZEobZfJsgSZluxHBz07pgHk6WO8eNpqovRHA8A5hQo4QOZKHM-HX8y66E6MIDjFpjO-N-K6Bd7lz0j1TDNoSAUVTYlBYlHaauiSvts47WwBM7LF7_bKTvKGg4ax0kvJRn1EBBB_YB2Z10CWRhUx5M2FB69xgTFieyQatg8DaAxz7OniVgeEMG7_BQSVwiGuy6XSjwE1bi63TeE7w5ite1VWtwz0kWAcL5pU4ioP4zO6H7H8EJT5CuqkwTRLhCJKT7sNyHttCZR9GpC8OKXiFLjRWdXl4VSeAwOPlII0uBHGvzKMe2jnGjxMnnrOeKZh2C_QiHUWRHio_TwsgeADb8upbP9WVClR6A4cKxLdr3RHr76u7fspiRbevglEoDDoPKhiTtrylncyIRxNngVWEOPLy2OuHH_A33hLUvIxfDdMdKMVUe61OVr4nUatnU60pZtkCwUZIGDrg-H9m7Rg9vBbyGyytaKLnIBFJtGVf4fq3DDa0NrcArNvgpO8nwU0gs3cMF4wLQF1RdGU_Z64QbVI_Omfm9VSAuRigA5jG11PpJt5LQExc5M2NNClLMHUexsYbru5j-9G70Dv9VcEq4I2TZ3E_CdQ0xlpwKUXM_Ta1CH3HgzpryXxFah0HHsSK_WdCnsFdsgnxoqnT3OYwj_ujUsrC5hjmAi0XyUf2kOo1rKEGcztQ72-X1vFLIKXA8I08ijloi-QgZdaZ8uAaqj5KnHU5LFlOkA5XI19p_PlFrd2jcwRzJDDLPnNjq7xNxQbL6I7SnwPa-v25XvAhEitx0UbeIyuaiNKuLarJTu6AXYz7K5AhsDUssfirW1NYJhrG_A2oL-4hDDdJRFxN2O27TmmL406e3IaIktQ5NfFna4JuMy5HBHAGI8aS7DDe6SN19l72IBu2n015Mg HTTP 302
- https://p274639.mybetterck.com/adServe/domainClick?ai=kWFaCUptNn5gu8T-TV4QyE8x9hIz7vAOhBHFvsW5ADFRTfsTgwqTqPIs-eVSu3UhJR65dZP9P6IBn-6lteLOAiybjrPggY3JTpETfv8ysBd3SvBTA7mnHJWZk8y7v7fJwdR7Gxhuu7kCjOSica0A1WSYOQEdHvqdOA3rZJs3dB1Oy5B36DHmDukqyvQ2fGaaclM8dOiUnFopAXSiLQG3peKGEtg4yd9U4cY7I7GjN37xSvZafx17nB5UFm8PDYvoizutE0qA9G3N9q6KIJqy5DjO_04-Vd4n-9syjyW0LcZ7F1U6mdrkXQHIJXwyd7QBeC4SWWQU23p38KxoTfNA0oGQftCKgBzp6a8l8RWodByskbXeAZ2LwIou0n_HdIkQCE3ZWrWWjlv3Inrr62SKm0OxydjkZiG1E44R1OBZtbO56xahWXdSoBK78oR35i6pOcREm55cwIlj7aZpfxj0fB-RFHq-GlAl8XoPmTBzkQ1NwUJbZCEwFZz3PXmLbsj9rm03zEEikOW-7V9Y6GmwLOxpL0sisbzR-39klbubsOq9U4ILimfJsx0JexQ2Sy1U_X_6gBr488XIzzh0hp6ogLk5cPDOZUgYPy4bgR7VVke2h20lcRrHus9LCz5E8ciHT2L9NFyVXF5Z3D3Ds6JC7qF0LAergHJ4bM7TR-A6o2LnrG8E1DfQ9Y0YoNg3I5480l7vLB5E2Ugyd1PStxuG0qMhDqf7kErmd4DskR14KyRdhiQucknxxg8B78vhYDGt1ncdoqbvEUfiGk6D6i_OaFx3z9WPb7-DW2jB4zFuRTFWdau7IN9FdV9I9zFVCeL5p92cp-vkcPmEf3qd4ONyUKC7q00sm1d_81VZTL6WTs8WO4QP-Vi7zRe7zzBJbLAQvEGFQ0jWJkN4bvlPQArirXHpAiEoSXb7bgejlzf67IHJhBqnpFAYjy8XSwgU20thPr3DzM-L5AsSUNiMZYItZYgqsUMnR3TtWPvkYpBcq78&ui=9XmSB6CFggTENzPKQVSHVYBVNmK1S2tVKO6JjE9NF2Iju17w_uqskA1Mn8jDkdgIMWJ7JBq2DwNoDHPs6eJWB4Qwbv8FBJXCIa7LpdKPATW8zcnmLEb5bA&si=1&oref=b43b9a5e149d9f68bc62c393d3080cda&optunit=QIbA1LLH4q3omJ5wtw7vIA&rb=uHfLan3MXZk&rr=0&abtg=0
- https://r.srvtrck.com/v1/redirect?type=linkId&id=0f708229411c46059fb070623a2b7410&api_key=84d7b077ee35bd6b6fcc363d01f86dff&site_id=87a885fb727147d092b5642b83813aed&dch=feed&ad_t=advertiser&yk_tag=1330009737 HTTP 302
- https://r.srvtrck.com/v2/go?t=1t2pa%3Ab%2F1p1.ba0o9e4c5mcva%2Fa%3F3%3D7l0K6m1o0z4Q3Hvwd1tVeze5a3po72%2FhSGyFm0MOhGHJ%3DV%26L%3DiPDcTUpN1R1FTSxhjQwEmMyhFM2tDRFhWR3p0eml0Q4VWQ2Q0bmgGN5BkLkJVNqx1QapkV2hTe5J0WNkzTj8EWvdTS190ZVZkO2B3Q3Z0ahZ0UvMTKTRjbZ90e2t2Y4U0YJV1SGpVb3h2TsNzewcEYR5UT3AlNydSM5d2MaFzU0VzW1IUKD90SsJHN1MDezlTQLBTc1UHTh9DaZVGNBxFV0RWZHUFKtxUNLoFUv1lYlFkWJ8lV0FmMrVUQ6llU5ZnaXl1MupFYO9zZhpVbmdGYw9XcEV2THJENz5WTVV3TwhzQYckM5h0TJBSaRFGRyIFQXhlWXJFV2ZTbQp2MnJ1RrcFVtM0RFl1Rw8HSCc1cwYmN55mcrgHYQJjZPc3OvlFb2Z2NvY0Qw5STKZXZlB3c0NlayRmcSBTUpJGbB5SYkIGb61mRxlUR25lcUhWSGh0MsZ0TvZjOzR3WhYDd3RlL5RzS0VkTNdWLMdENRV2cGgzMucTW1FWeTl1dMBHbqNHZ99QN%3DFicM5hT_JdSQhnbgN%2FU%26BlQccmanVIM%3DZ0T0R0S0l1U3hbZcedre2c%2F4o4.9radey5ieac%2F3sft0h&s=https%3A%2F%2Fclick.cartageous.de%2F&e=1&ai=228b155870e046e0a7034a510f0e3b35&sct=0&ct=1656520442403&cu=b7c3daeacc454499a0eb51e1cb3af201&ykuid=df347aee1a034a688c9f49c6ec75f0ef&sc=1&cs=226166ad37b8035b847307b24b979d58
16 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
click
btpnative.com/ Redirect Chain
|
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
domainClick
p274639.mybetterck.com/adServe/ Redirect Chain
|
525 B 736 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
click.cartageous.de/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rt.min.js
click.cartageous.de/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
landing.min.js
click.cartageous.de/js/ |
71 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bcloader.gif
click.cartageous.de/images/ |
26 KB 26 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
updateClickStatus
click.cartageous.de/ |
298 B 616 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v24/ |
12 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
go
r.srvtrck.com/v2/ Redirect Chain
|
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
ClickTracker.jsp
suche.guenstiger.de/norob/ Redirect Chain
|
171 KB 172 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
111 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
v1
suche.guenstiger.de/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/ |
37 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
transparent.gif
suche.guenstiger.de/cdn-cgi/images/trace/jschal/js/ |
42 B 219 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
c8e83515a9ca2ab
suche.guenstiger.de/cdn-cgi/challenge-platform/h/b/flow/ov1/0.3155232069986743:1656518945:ix3ZTnmQ0daKoprQaaqlkP3klE5OnjH4DKfbfPNHnMQ/7230113eac09bb77/ |
139 KB 66 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Kk7d_eQllRUiMqY
suche.guenstiger.de/cdn-cgi/challenge-platform/h/b/img/7230113eac09bb77/1656520442892/ |
61 B 142 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
c8e83515a9ca2ab
suche.guenstiger.de/cdn-cgi/challenge-platform/h/b/flow/ov1/0.3155232069986743:1656518945:ix3ZTnmQ0daKoprQaaqlkP3klE5OnjH4DKfbfPNHnMQ/7230113eac09bb77/ |
1 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _cf_chl_opt function| _cf_chl_enter function| sendRequest function| _cf_atob boolean| _cf_chl_done_ran function| _cf_chl_done function| SHA256 object| _cf_chl_ctx object| _ number| NlMboD9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .cbsnees.com/ | Name: sid Value: 468ade0a-f7c9-11ec-ae57-591f50862f6d |
|
| btpnative.com/ | Name: sNbCHrPXFHIImbi Value: sNbCHrPXFHIImbi |
|
| .mybetterck.com/ | Name: rhid Value: 81577709151 |
|
| .mybetterck.com/ | Name: loi Value: ad_1149178_off_593258_aff_11683_cid_274639-155311900-CBSNEES.COM_ts_1656520440 |
|
| .srvtrck.com/ | Name: ykuid Value: df347aee1a034a688c9f49c6ec75f0ef |
|
| .guenstiger.de/ | Name: __cf_bm Value: NPGgNCS2Yui6W1s9ZICB2RImWVtpvEXMtD5znz5cbfw-1656520442-0-ARuMFM3SRNlX0HDHkyV5+gmGCP6GtPXmtYPdu15OWMFaKrQ6uEw53h1wRLgdLFuEiFTHgBXpM0jbpCjknqXzOyA= |
|
| suche.guenstiger.de/ | Name: cf_chl_2 Value: c8e83515a9ca2ab |
|
| suche.guenstiger.de/ | Name: cf_chl_prog Value: F15 |
|
| suche.guenstiger.de/ | Name: cf_chl_rc_ni Value: 1 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.yadore.com
btpnative.com
cbsnees.com
click.cartageous.de
fonts.googleapis.com
fonts.gstatic.com
mybetterck.com
p274639.mybetterck.com
r.srvtrck.com
suche.guenstiger.de
108.168.193.189
209.15.13.136
2606:4700:4400::6812:2ace
2606:4700::6813:a860
2a00:1450:4001:806::2003
2a00:1450:4001:812::200a
54.71.226.183
78.41.204.27
88.99.112.6
13cf946ccfe2354d265e6b05298ae1dfc5bbd0b7eef291b142b49c6af2e49b59
2fb0f896fb1849c72a54db8fdf2cbff64b3f27fbf36a8989e94dcbbfe1daf044
44f88582ad537e84b9c1e3b622aa64e7845cc7a3efc33e6fced96dd60ddc6712
4d853175d1e7dcec631bfa4c1287ca8adec8cdfc3d010aaf9aaf6f705adf6ee4
59d09721ef5d6a8a6aa8cf8100a1eaa2ef1644bd196fc1a788ad31e16a505734
6697a4e88a23706a4b0e2eada7b346b7e5839d71d07505987582f48e810784f8
8c4d66c11b6859363989028e6ad4b3d291d0d3851a2a10a1fab8105fe2f26202
8f4d68883424d8bcf3c15f6ec7c665694b214ff04f1cb6a570da843c517d363c
9895356115881d572ff1b57bb1690cd8602841be0926d55d1f5f35db15dd05db
98b4c724b0cc41e5106fc4d32b48bcce768085d277853c7aadbc2acc81ac4b59
9d323ba24ce2c917cdec93c3a5be2baac574558fe5e108b51432df6f8db6a392
a055169967154899019357c39c2b60251300c7283550f1c88904afb62b26e493
c8eede253747040123c6f88f44c784eaa8b0d675147bd978b4284ab3783c5c55
d3b0e433e57344ff8fd185858a924d093d5c41112e7815f7f5b50fe2f9271313
d5184b49201d9ca12a23f95330f9b9276f6f43579d9f40df204867b17d2ed682
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629