Submitted URL: https://jacqueskrier2324.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZub2luZm90cmFja2luZy5jb20lMkZmdHMlMkYweTZxOGlTaF...
Effective URL: https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60...
Submission: On April 22 via manual from FR

Summary

This website contacted 5 IPs in 3 countries across 12 domains to perform 27 HTTP transactions. The main IP is 130.255.79.215, located in Germany and belongs to BKVG-AS, DE. The main domain is otupia.de.
TLS certificate: Issued by R3 on April 14th 2021. Valid for: 3 months.
This is the only time otupia.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.204.143.53 14618 (AMAZON-AES)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 46.137.70.201 16509 (AMAZON-02)
1 5 130.255.79.215 29141 (BKVG-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
14 65.9.68.72 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 85.13.149.2 34788 (NMM-AS D)
27 5
Domain Requested by
14 rlmgws-data.s3-accelerate.amazonaws.com otupia.de
rlmgws-data.s3-accelerate.amazonaws.com
5 www.rltools.de rlmgws-data.s3-accelerate.amazonaws.com
3 otupia.de rlmgws-data.s3-accelerate.amazonaws.com
otupia.de
2 maxcdn.bootstrapcdn.com otupia.de
maxcdn.bootstrapcdn.com
2 noinfotracking.com 2 redirects
1 www.rlcontrol.de otupia.de
1 rltools.de otupia.de
1 cdn.onesignal.com otupia.de
1 www.exklusive-preise.de 1 redirects
1 prisaik.com 1 redirects
1 dealbunnyde.com 1 redirects
1 jacqueskrier2324.activehosted.com 1 redirects
1 jacqueskrier2324.lt.acemlnb.com 1 redirects
27 13

This site contains links to these domains. Also see Links.

Domain
blueleads.online
odoki.de
my-promobox.de
www.rlcontrol.de
Subject Issuer Validity Valid
www.otupia.de
R3
2021-04-14 -
2021-07-13
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-04 -
2021-08-04
a year crt.sh
*.s3-accelerate.amazonaws.com
Amazon
2021-02-25 -
2022-02-02
a year crt.sh
rltools.de
R3
2021-04-02 -
2021-07-01
3 months crt.sh
www.rlcontrol.de
R3
2021-03-24 -
2021-06-22
3 months crt.sh

This page contains 1 frames:

Primary Page: https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60zgvkg0m2004h&
Frame ID: 01CED4812FFAD768C60BC757F8DB3B73
Requests: 27 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://jacqueskrier2324.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZub2luZm90cmFja2luZy5jb20lMk... HTTP 302
    https://jacqueskrier2324.activehosted.com/lt.php?s=3dc6f3d9e93aebddad6ac81752a5e743&i=90A127A18A347 HTTP 302
    https://noinfotracking.com/fts/0y6q8iShWgvx-0tT1604vcfK1?mail=holger.oesterle@bnpparibas.com HTTP 307
    https://noinfotracking.com/redirect/umr/68747470733a2f2f6465616c62756e6e7964652e636f6d2f7375626d69742d6... HTTP 307
    https://dealbunnyde.com/submit-ac.php?adv=bestshoppingvoucher&id=14mvp7jh60zgvkg0m2004h&list=2&mail=... HTTP 302
    https://prisaik.com/?a=14658&c=39982&s2=14mvp7jh60zgvkg0m2004h&tid=14mvp7jh60zgvkg0m2004h HTTP 302
    https://www.exklusive-preise.de/de,onepager,responsive_892.html?idPartner=162&idCampaignAd=0&rlmset=kaffeevo... HTTP 302
    https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

27
Requests

100 %
HTTPS

50 %
IPv6

12
Domains

13
Subdomains

5
IPs

3
Countries

923 kB
Transfer

1070 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://jacqueskrier2324.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZub2luZm90cmFja2luZy5jb20lMkZmdHMlMkYweTZxOGlTaFdndngtMHRUMTYwNHZjZksxJTNGbWFpbCUzRGhvbGdlci5vZXN0ZXJsZSU0MGJucHBhcmliYXMuY29t&a=476670867&account=jacqueskrier2324%2Eactivehosted%2Ecom&email=QooOAo2C6rcqADbSCEslxt6x%2FFW8VAJEsSsqCOeJPkE%3D&s=3dc6f3d9e93aebddad6ac81752a5e743&i=90A127A18A347 HTTP 302
    https://jacqueskrier2324.activehosted.com/lt.php?s=3dc6f3d9e93aebddad6ac81752a5e743&i=90A127A18A347 HTTP 302
    https://noinfotracking.com/fts/0y6q8iShWgvx-0tT1604vcfK1?mail=holger.oesterle@bnpparibas.com HTTP 307
    https://noinfotracking.com/redirect/umr/68747470733a2f2f6465616c62756e6e7964652e636f6d2f7375626d69742d61632e7068703f6164763d6265737473686f7070696e67766f75636865722669643d31346d7670376a6836307a67766b67306d3230303468266c6973743d32266d61696c3d686f6c6765722e6f65737465726c65253430626e70706172696261732e636f6d266f666665723d68617269626f2672656469726563743d747275652675726c3d68747470732533412532462532467072697361696b2e636f6d253246253346612533443134363538253236632533443339393832/0?vid=fju5mUtYkXI75kGARUOtByFFex HTTP 307
    https://dealbunnyde.com/submit-ac.php?adv=bestshoppingvoucher&id=14mvp7jh60zgvkg0m2004h&list=2&mail=holger.oesterle%40bnpparibas.com&offer=haribo&redirect=true&url=https%3A%2F%2Fprisaik.com%2F%3Fa%3D14658%26c%3D39982&vid=fju5mUtYkXI75kGARUOtByFFex HTTP 302
    https://prisaik.com/?a=14658&c=39982&s2=14mvp7jh60zgvkg0m2004h&tid=14mvp7jh60zgvkg0m2004h HTTP 302
    https://www.exklusive-preise.de/de,onepager,responsive_892.html?idPartner=162&idCampaignAd=0&rlmset=kaffeevollautomat_de&subId=33627-633256012&subIdentifier=14658&aps=&tid=14mvp7jh60zgvkg0m2004h HTTP 302
    https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60zgvkg0m2004h& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request campaign_1109.html
otupia.de/
Redirect Chain
  • https://jacqueskrier2324.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZub2luZm90cmFja2luZy5jb20lMkZmdHMlMkYweTZxOGlTaFdndngtMHRUMTYwNHZjZksxJTNGbWFpbCUzRGhvbGdlci5vZXN0ZXJsZSU0MGJ...
  • https://jacqueskrier2324.activehosted.com/lt.php?s=3dc6f3d9e93aebddad6ac81752a5e743&i=90A127A18A347
  • https://noinfotracking.com/fts/0y6q8iShWgvx-0tT1604vcfK1?mail=holger.oesterle@bnpparibas.com
  • https://noinfotracking.com/redirect/umr/68747470733a2f2f6465616c62756e6e7964652e636f6d2f7375626d69742d61632e7068703f6164763d6265737473686f7070696e67766f75636865722669643d31346d7670376a6836307a67766...
  • https://dealbunnyde.com/submit-ac.php?adv=bestshoppingvoucher&id=14mvp7jh60zgvkg0m2004h&list=2&mail=holger.oesterle%40bnpparibas.com&offer=haribo&redirect=true&url=https%3A%2F%2Fprisaik.com%2F%3Fa%...
  • https://prisaik.com/?a=14658&c=39982&s2=14mvp7jh60zgvkg0m2004h&tid=14mvp7jh60zgvkg0m2004h
  • https://www.exklusive-preise.de/de,onepager,responsive_892.html?idPartner=162&idCampaignAd=0&rlmset=kaffeevollautomat_de&subId=33627-633256012&subIdentifier=14658&aps=&tid=14mvp7jh60zgvkg0m2004h
  • https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60zgvkg0m2004h&
100 KB
17 KB
Document
General
Full URL
https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60zgvkg0m2004h&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.215 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
77f7757908889db32d97995de130b80cbda45cad2b57986e6e48da5b082561be

Request headers

:method
GET
:authority
otupia.de
:scheme
https
:path
/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60zgvkg0m2004h&
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 14:55:36 GMT
server
Apache
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=6i3r4bc5huprc3s41kuhtq6g69; path=/ coyoteAffiliTokenId1109=412935849; expires=Thu, 22-Apr-2021 18:55:36 GMT; Max-Age=14400; path=/
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
16911
content-type
text/html; charset=UTF-8

Redirect headers

date
Thu, 22 Apr 2021 14:55:36 GMT
server
Apache
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=0m6lj5nd0hg3578qtecdonukln; path=/ coyoteTrackingCookie_892=412935849; expires=Sat, 22-May-2021 14:55:36 GMT; Max-Age=2592000; path=/;samesite=None; Secure coyoteSimpleTrackingCookie=412935849; expires=Sat, 22-May-2021 14:55:36 GMT; Max-Age=2592000; path=/;SameSite=None; Secure
location
https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60zgvkg0m2004h&
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
22
content-type
text/html; charset=UTF-8
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: otupia.de
URL: https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60zgvkg0m2004h&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb603ea16e1b6fa84e78a18ca96bc753323f0c1e28f1690be7d96a89958cdbdc

Request headers

Referer
https://otupia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 14:55:36 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
905
etag
W/"edca9adaaa77b1e70f406381fd662135"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
643fb1ac8d8b4e0d-FRA
cf-request-id
099bad5fd900004e0d85389000000001
expires
Sun, 25 Apr 2021 14:55:36 GMT
style_single_regpage_progressbar.css
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/
91 KB
91 KB
Stylesheet
General
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_single_regpage_progressbar.css
Requested by
Host: otupia.de
URL: https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60zgvkg0m2004h&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8e8eb35e01950b90b4d272e1de27cc7c7171ad2974c5d505a6301ec56893d2c

Request headers

Referer
https://otupia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 14:55:37 GMT
Via
1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
Last-Modified
Thu, 11 Mar 2021 16:29:59 GMT
Server
AmazonS3
x-amz-request-id
9XN7PEDZ2PD5CT0P
ETag
"92c4ab93f6283b3c039c7b6138022394"
X-Cache
Miss from cloudfront
Content-Type
text/css
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
92674
x-amz-id-2
ebDbnfU0wefubpumc0euivqw4RwrXgoIOnRfbqVEcyIjczyS7oHvyCJkdvk/KSMZi2BS9RRrxTc=
X-Amz-Cf-Id
FEEo2dzdrMK-bd4rH8WpwjW_oppeSnoj8k838ctqoUtH0nHGki27TA==
spinner.css
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/
1 KB
2 KB
Stylesheet
General
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/spinner.css
Requested by
Host: otupia.de
URL: https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60zgvkg0m2004h&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54f7c8623cf0f0cf760385a22a4a5d20db7b2e3dfaecaab38ddf25ace848b171

Request headers

Referer
https://otupia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 14:55:37 GMT
Via
1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Feb 2018 10:07:16 GMT
Server
AmazonS3
x-amz-request-id
9XN3DM70TGAS66N5
ETag
"308609aca6938598a1390b47ec576e97"
X-Cache
Miss from cloudfront
Content-Type
text/css
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
1295
x-amz-id-2
xXASqsymwxTTgTk6GedE4Qeiio+xCIKubg1AQgnVz11gsHYeHlqoVygB4ef9VTMyagHSkwgVQwI=
X-Amz-Cf-Id
A_AJMZDOZyLTJtaOplBmWyCntw-Ba6v3g_42hcgI6ND0cPBCjYOvVA==
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: otupia.de
URL: https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60zgvkg0m2004h&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://otupia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 14:55:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
722, 617
age
3698885
cdn-cachedat
2021-03-10 20:26:20
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
099bad5fca0000d6cdc2203000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
ac51d65409f7a6c773e04411dc506557
cf-ray
643fb1ac7d05d6cd-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
balloon.min.css
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/
5 KB
6 KB
Stylesheet
General
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/balloon.min.css
Requested by
Host: otupia.de
URL: https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60zgvkg0m2004h&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4122f214f47bf170342826a86092121db1a8ac7cb3c0f899a1ede8b6b96f27c8

Request headers

Referer
https://otupia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 14:55:37 GMT
Via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Feb 2018 10:07:16 GMT
Server
AmazonS3
x-amz-request-id
9XNECSYZQNN9TVTN
ETag
"acd37f0b3be30c6cefff2ed8117e5938"
X-Cache
Miss from cloudfront
Content-Type
text/css
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
5489
x-amz-id-2
H3j/WbQgrF0aSF2oHWhpfYZs7c++IVYbXtnDBohho8tUSBj4da/4sN490DEGQg3JJ3qYIdNwJ24=
X-Amz-Cf-Id
KkNFjhhMQuYNHiFseiCawL0DFvDV6M5EKipOZzbN6PHhaNA-sIgbPA==
jquery-3.4.1.js
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/
274 KB
274 KB
Script
General
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Requested by
Host: otupia.de
URL: https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60zgvkg0m2004h&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

Referer
https://otupia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 14:55:37 GMT
Via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
Last-Modified
Wed, 28 Aug 2019 14:45:01 GMT
Server
AmazonS3
x-amz-request-id
9XN4XA2X1XJW0JCP
ETag
"11c05eb286ed576526bf4543760785b9"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
280364
x-amz-id-2
DoovbZqLHwJ2Ozhy+9qa4DPaHIrLdho303T6AJ1AesvLdSGIBDyBH4yy7x0iaJaAubQNi5uBZ/o=
X-Amz-Cf-Id
6QtoVLLiPx3kjJRMKDY9Q5VewW9p03CoIcNM3WRc_Bgsq4qlGl7B6w==
logic_single_regpage_progressbar.js
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/scripts/
240 KB
240 KB
Script
General
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/scripts/logic_single_regpage_progressbar.js
Requested by
Host: otupia.de
URL: https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60zgvkg0m2004h&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5356fff7e1979412c2a49b25fad0a65014235fdd5dcf0062ec04008004a13893

Request headers

Referer
https://otupia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 14:55:37 GMT
Via
1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
Last-Modified
Mon, 12 Apr 2021 12:51:14 GMT
Server
AmazonS3
x-amz-request-id
9XNF02WFTPFE8NM5
ETag
"a34eb935aeb05e987bc84c0a39a724b9"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
245621
x-amz-id-2
zHZf14JzoGNKP373WQrqTiKER6ilnaIX6dc0tTyDlq+q1ttVax56nM5aKZhM+vRYTCdudwAcvns=
X-Amz-Cf-Id
w_lPSt_x7-5zOO4vgZ09g9bXf_CGfX4i1YEDcAycNzroDW2nyu4TaQ==
md5.min.js
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/
4 KB
4 KB
Script
General
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/md5.min.js
Requested by
Host: otupia.de
URL: https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60zgvkg0m2004h&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9265ea6ee06a36211ef80e33821b309020e5c40c972cf70a07f10577c0cce549

Request headers

Referer
https://otupia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 14:55:37 GMT
Via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
Last-Modified
Tue, 08 Oct 2019 09:23:31 GMT
Server
AmazonS3
x-amz-request-id
9XNFMKAWYXXH4ACT
ETag
"d42ff83c2d527cdab773855cfe523561"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
3767
x-amz-id-2
nOOL0650xcoipeU9ceIuHzWPhBytOb+wRWirNhpaA80Z8KKvMkS6HQFsW2/tSTJzc7Xuy+HZDo0=
X-Amz-Cf-Id
EQmBQ8SS03g9PnV9uG1SRVmSW6Gjo-wm-10VDNNC-jdkHtJfaQFziA==
rlm_stat.js
rltools.de/rlm_analytics/scripts/
13 KB
3 KB
Script
General
Full URL
https://rltools.de/rlm_analytics/scripts/rlm_stat.js
Requested by
Host: otupia.de
URL: https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60zgvkg0m2004h&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.149.2 Neusalza-Spremberg, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software
Apache /
Resource Hash
64dc9dd977411f4bacc844545671fd94d51bc15be31753a4479883c61640220c

Request headers

Referer
https://otupia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 14:55:36 GMT
content-encoding
br
last-modified
Tue, 21 Jul 2020 16:01:32 GMT
server
Apache
etag
"35fa-5aaf5bca2492e-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
2918
adressDeOrt.js
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/scripts/
10 KB
10 KB
Script
General
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/scripts/adressDeOrt.js
Requested by
Host: otupia.de
URL: https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60zgvkg0m2004h&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b4088bfcf66aabe95d2781a1deda475fd2103fe9341916a2568b59bd9183de9

Request headers

Referer
https://otupia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 14:55:37 GMT
Via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
Last-Modified
Thu, 20 Aug 2020 10:52:07 GMT
Server
AmazonS3
x-amz-request-id
9XN2J0QK6Z2GXPHS
ETag
"f27bf73696475a931df4f92fb97cae2f"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
9770
x-amz-id-2
ndTeVzASj8GiefpTqMabAUp29LsVikSpdL9nAv5SFZttnYWuPw5zSeikEKdMVgqfxn/e+dgGSpE=
X-Amz-Cf-Id
Ul82-ipNiTZx8xkDwqGSJCIrTDup42BP1eCgybo_4c4_q-6JM5nxHA==
moment.min.js
www.rlcontrol.de/ftp/flexblocks/scripts/lib/
50 KB
17 KB
Script
General
Full URL
https://www.rlcontrol.de/ftp/flexblocks/scripts/lib/moment.min.js
Requested by
Host: otupia.de
URL: https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60zgvkg0m2004h&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.215 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49

Request headers

Referer
https://otupia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 14:55:36 GMT
content-encoding
gzip
last-modified
Tue, 24 Jul 2018 14:05:29 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16804
expires
Sat, 22 May 2021 14:55:36 GMT
rlm_stat.php
www.rltools.de/rlm_analytics/
37 B
276 B
XHR
General
Full URL
https://www.rltools.de/rlm_analytics/rlm_stat.php
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.149.2 Neusalza-Spremberg, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software
Apache /
Resource Hash
b61b4ba8f6df40b4ed98f203d67ea0727273ac6cb59e089d1248e8821ebb011a

Request headers

Accept
*/*
Referer
https://otupia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 22 Apr 2021 14:55:36 GMT
content-encoding
br
server
Apache
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
1000
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
outer_slice_top.png
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/images/
136 B
713 B
Image
General
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/images/outer_slice_top.png
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_single_regpage_progressbar.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf37f0c405389fda13867faa69cf36ffe1b8764f3e0460f2caade056a36d2483

Request headers

Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_single_regpage_progressbar.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 14:55:37 GMT
Via
1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Feb 2018 10:07:18 GMT
Server
AmazonS3
x-amz-request-id
9XN70BQFCSG26QVJ
ETag
"b3cd71c3db91f48dfd8b00d472022dc0"
X-Cache
Miss from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
136
x-amz-id-2
rTMlECp8C37Sme7PoiY/SU5Xd7y2qUR15p+/Eff/x5BLNVr2A74RobK0V9PcLeLwNtx3+evEydM=
X-Amz-Cf-Id
m69CgRqEiLrDmsK666_OitMJiiWBRhXzBpCrq0wRrcmxpCMYOK_dpA==
outer_slice_bottom.png
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/images/
143 B
720 B
Image
General
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/images/outer_slice_bottom.png
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_single_regpage_progressbar.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c86ac9a90aafd6aa025eeb2d1d6de20c03df782ef151c9d2515b23407768f134

Request headers

Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_single_regpage_progressbar.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 14:55:37 GMT
Via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Feb 2018 10:07:18 GMT
Server
AmazonS3
x-amz-request-id
9XN68T2GSBWZRK0H
ETag
"cdfb089c7a2ffb19106f0553ad115375"
X-Cache
Miss from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
143
x-amz-id-2
lIMOVL7xBvfmRud2m1eHIdpC9cqlQIbey4+AiZODl/KZVx4Wym2OkZb/06BW1uxNlPdgoEump+k=
X-Amz-Cf-Id
eTMAECEMwMcLXNj5xNuo8usYeXOE4yL97lQ620lo-MB6W7oyZKUlRQ==
Aileron-Regular.woff
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/
21 KB
22 KB
Font
General
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/Aileron-Regular.woff
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_single_regpage_progressbar.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d6ec731c7579bb3420bdd0ec8ac80682ac44b1fbe1ffa8429b736e644f2be69

Request headers

Origin
https://otupia.de
Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_single_regpage_progressbar.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 14:55:37 GMT
Via
1.1 f58d1aa3b3b084adbea41c7523e2047f.cloudfront.net (CloudFront)
x-amz-request-id
9XNASX28XMY1Y2D3
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
21776
x-amz-id-2
XnUv9ECM9su2S1m8qXT61f/hK1D6i1ApBo3HPeh4J0O17mqo5Ai0lIH6kcf98AtBDg3MWxuQP0w=
Last-Modified
Wed, 14 Feb 2018 10:07:17 GMT
Server
AmazonS3
ETag
"4309f5e6504ab4404a1c909a5ef8457f"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
U969UqojSf8ra84hXxdZkPyIVxZhFamrf3HdROdMnz4e-7_e-8UV-g==
Aileron-Bold.woff
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/
23 KB
23 KB
Font
General
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/Aileron-Bold.woff
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_single_regpage_progressbar.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac249b9af121f1a9bf29b7c611b5986a5f1088da276a72a1e96b77fec1020aad

Request headers

Origin
https://otupia.de
Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_single_regpage_progressbar.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 14:55:37 GMT
Via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
x-amz-request-id
9XNC2EWG9SM5582M
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
23108
x-amz-id-2
COowuaQQu5ra8FIsL/i7QEWIoALEuf1OwzTjAaDlIMLpNrwBIuuwrE/YwE+bXokJkJqR25FPnxY=
Last-Modified
Wed, 14 Feb 2018 10:07:17 GMT
Server
AmazonS3
ETag
"317ed94a878c8d8ea413f51e575513f4"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
24mylnA-dcCLTeeYEupoXaSTQEVHAWLEAivlPj10R42zF-vmOWCAeg==
Candal.woff
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/
24 KB
25 KB
Font
General
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/Candal.woff
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_single_regpage_progressbar.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80a2aa3ffeb789ffaa34b6a0b738e7baed24396c4656dd1224c8c0ba0f4ddf84

Request headers

Origin
https://otupia.de
Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_single_regpage_progressbar.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 14:55:37 GMT
Via
1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
x-amz-request-id
9XNEZEGVE8YHPN7P
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
25000
x-amz-id-2
cX31hriUkdQziehHZAmswbC9RA6REl+87EGtSdXLS/A1dVB/lB/Rw6Ujp1igFooWYOBINg0grYA=
Last-Modified
Wed, 14 Feb 2018 10:07:18 GMT
Server
AmazonS3
ETag
"e29c6ae99d1f2dc8d6a607b46c082b74"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
ikIRibow7piFaXNdNxT09fPamKkT2Kjpep312pPqMOpSJwLLKD-n-g==
resource.php
otupia.de/ftp/flexfancy/services/
1 KB
652 B
XHR
General
Full URL
https://otupia.de/ftp/flexfancy/services/resource.php?rlmset=kaffeevollautomat_de
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.215 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
5f5b15832a332a0760ec641158c17d4158d3757126643e87f5d872b8dbbbfab9

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
PHPSESSID=6i3r4bc5huprc3s41kuhtq6g69; coyoteAffiliTokenId1109=412935849
:path
/ftp/flexfancy/services/resource.php?rlmset=kaffeevollautomat_de
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
otupia.de
referer
https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60zgvkg0m2004h&
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60zgvkg0m2004h&
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 14:55:36 GMT
content-encoding
gzip
server
Apache
content-length
599
vary
Accept-Encoding,User-Agent
content-type
application/json; charset=utf-8
Aileron-Heavy.woff
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/
23 KB
23 KB
Font
General
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/Aileron-Heavy.woff
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_single_regpage_progressbar.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67bb015ac96fd86bc355f22829c7c4e7ed5c288176c2ec013c356eef07b1ae87

Request headers

Origin
https://otupia.de
Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_single_regpage_progressbar.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 14:55:37 GMT
Via
1.1 f58d1aa3b3b084adbea41c7523e2047f.cloudfront.net (CloudFront)
x-amz-request-id
9XNFFKJKWMGRV860
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
23280
x-amz-id-2
7othd3O9Qci6FHnZgGlHQ3yWpT0BNvXr4jdTUvG2uQj4W/v47ehIPU7wHJWBE+TxapNF/um26zk=
Last-Modified
Wed, 14 Feb 2018 10:07:17 GMT
Server
AmazonS3
ETag
"977a8badf138ba0183b618103fbea86a"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
93bYS3GJGjd4wzaV5c57pZnkOy7yFrYicBLgpEkBPxJbm8YIaC626g==
checkbox.png
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/images/gui/
1 KB
2 KB
Image
General
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/images/gui/checkbox.png
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_single_regpage_progressbar.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d59fddd512526f62fc744ca6b79c807d3d972795686d00b6b87e69e706546e77

Request headers

Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_single_regpage_progressbar.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 14:55:37 GMT
Via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
Last-Modified
Mon, 04 Jun 2018 15:08:55 GMT
Server
AmazonS3
x-amz-request-id
9XND5C0HDPSC9P30
ETag
"46b1a02714406cd093dfe9a7af57997d"
X-Cache
Miss from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
1509
x-amz-id-2
mwAv1WlzHEnVicChELL8pjPcx2n6ssEqC7kxOm3U9JMBqQuxri5XMrT9w4vinNsSfF41xfjIeaE=
X-Amz-Cf-Id
4pQ-WXjooBppHlii4ykP9zEyYvZYhDRGaTEjqhdtXZulcauh3ofNQA==
Kaffemaschinefinal.png
otupia.de/ftp/flexfancy/build/promotion/
73 KB
74 KB
Image
General
Full URL
https://otupia.de/ftp/flexfancy/build/promotion/Kaffemaschinefinal.png
Requested by
Host: otupia.de
URL: https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60zgvkg0m2004h&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.215 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
4e44716822480f8c0049a31d16358a1b7c597a0f1ae292f30909552a71947851

Request headers

:path
/ftp/flexfancy/build/promotion/Kaffemaschinefinal.png
pragma
no-cache
cookie
PHPSESSID=6i3r4bc5huprc3s41kuhtq6g69; coyoteAffiliTokenId1109=412935849
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
otupia.de
referer
https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60zgvkg0m2004h&
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://otupia.de/campaign_1109.html?coyoteAffiliTokenId=412935849&rlmset=kaffeevollautomat_de&aps=&tid=14mvp7jh60zgvkg0m2004h&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 14:55:36 GMT
last-modified
Fri, 18 Sep 2020 11:23:52 GMT
server
Apache
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
75017
expires
Sat, 22 May 2021 14:55:36 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://otupia.de
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 14:55:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617, 617
age
3698857
cdn-cachedat
2021-03-10 20:26:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
cf-request-id
099bad609f00004e7f4c3b4000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
eff1ee56880066d569610788f1874986
accept-ranges
bytes
cf-ray
643fb1adcec04e7f-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
rlm_stat.php
www.rltools.de/rlm_analytics/
12 B
44 B
XHR
General
Full URL
https://www.rltools.de/rlm_analytics/rlm_stat.php
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.149.2 Neusalza-Spremberg, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software
Apache /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Accept
*/*
Referer
https://otupia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 22 Apr 2021 14:55:36 GMT
content-encoding
br
server
Apache
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
1000
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
rlm_stat.php
www.rltools.de/rlm_analytics/
12 B
44 B
XHR
General
Full URL
https://www.rltools.de/rlm_analytics/rlm_stat.php
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.149.2 Neusalza-Spremberg, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software
Apache /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Accept
*/*
Referer
https://otupia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 22 Apr 2021 14:55:36 GMT
content-encoding
br
server
Apache
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
1000
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
rlm_stat.php
www.rltools.de/rlm_analytics/
12 B
249 B
XHR
General
Full URL
https://www.rltools.de/rlm_analytics/rlm_stat.php
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.149.2 Neusalza-Spremberg, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software
Apache /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Accept
*/*
Referer
https://otupia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 22 Apr 2021 14:55:41 GMT
content-encoding
br
server
Apache
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
1000
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
rlm_stat.php
www.rltools.de/rlm_analytics/
12 B
249 B
XHR
General
Full URL
https://www.rltools.de/rlm_analytics/rlm_stat.php
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.149.2 Neusalza-Spremberg, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
Software
Apache /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Accept
*/*
Referer
https://otupia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 22 Apr 2021 14:55:46 GMT
content-encoding
br
server
Apache
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
1000
access-control-allow-headers
Content-Type, Authorization, X-Requested-With

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| OneSignal function| $ function| jQuery boolean| secondCoregStage number| totalCoregCount number| clickedCoregCount number| coregCount boolean| coregsUncovered boolean| coregSlider object| currentCoregParent number| lastPercentage number| currentPercentage object| percentInterval number| weightedCoregCount number| initProgress string| prepageProcessingMessage object| globalConfigData function| OnCoregDoiPage function| OnFirstRegPage function| OnSecondRegPage function| OnCoregPage function| OnPromoPage1 function| OnThankYouPage function| SetPromotionImage function| set_progress function| apply_coreg_highlights function| transform_tile_coregs function| DrawProgressIndicator function| DecodeBase64 function| HexDigitToDec function| SimpleHexToDec function| HexColorToRgb function| IsEnglishVersion function| GetLocale object| messageStrings function| Translate function| GetCookie function| SetCookie function| FinishPrepageSection function| InitPrepageQuiz string| originalContinueButtonLabel string| originalPromoImage function| InitPrepageImageSelector function| PadNumber function| FormatClockTime function| RunCountdownClock function| UpdateUserProgress function| InitTextSwitchControls function| show_info_popup function| BrandbueroBuyButtonCallback function| apply_frank_coreg_changes function| InRange function| CheckMaxAge function| FP_ShowMessage function| FP_MessageBoxIsVisible function| apply_fisherprice_coreg_changes function| apply_o2_coreg_changes function| assign_coreg_indices function| show_first_coreg function| get_coreg_container_by_index function| show_next_coreg function| hide_coreg_and_show_next function| InitGui function| ShowMessage function| ShowPromoConsentMessage function| InputValidator object| inputValidators function| VerifyInputFields function| ShowSecondRegPage number| agbNum number| unknownAttemptCount number| maxUnknownAttemptCount boolean| emailErrorShown string| textInputColor boolean| skipSecondRegPage function| ShowKickboxError function| HideKickboxErrorMessage function| IsValidTonlineAddress function| SetupContinueButton function| SetupPromoConsentInfoWindow function| AssignInputProxies function| AttachShowSponsorsHandlers function| SetupSponsorsList function| AssignInputValidator function| AssignInputValidators function| CreateDefaultConfig function| ConfigureContinueButton function| DrawCoregProgressShape number| basePercent number| totalPercent number| currentProgressStage number| targetProgressWidth object| coregProgressInterval number| currentCoregStep function| UpdateCoregProgress function| GetCoregCount function| GetNextCoregId function| FinalizeCoreg object| lastSelectedRadio boolean| blitzCoregClicked function| build_radio_buttons function| InitCoregs function| ConfigureSweepstake function| ConfigureSimplePage function| OnRegistrationPage function| OnRegistrationPage1 function| OnRegistrationPage2 function| InitSweepstake function| ApplyFazTweaks function| RebuildBlitzCoreg function| IsMobileBrowser function| showArrowHint function| ModifySpiegelCoreg function| ApplyAdjustments function| ShowCoregStoerer function| HideCoregStoerer function| SetupStoerer function| SetupNewProgressbar function| AssignInputCounterparts function| HighlightErrors function| add_coreg_images function| apply_agb_coreg_changes function| apply_selection_list_coreg_changes function| apply_iframe_coreg_changes function| apply_nicey_coreg_changes function| GetCoregIdFromElement function| md5 function| RlmStat number| globalStatisticJavaSciptFunctionsLoaded string| globalAjaxUrl function| setAjaxUrl function| CopyStreetValue function| moment function| CalcCalendarWeek number| calendarWeek

2 Cookies

Domain/Path Name / Value
otupia.de/ Name: coyoteAffiliTokenId1109
Value: 412935849
otupia.de/ Name: PHPSESSID
Value: 6i3r4bc5huprc3s41kuhtq6g69

1 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.onesignal.com
dealbunnyde.com
jacqueskrier2324.activehosted.com
jacqueskrier2324.lt.acemlnb.com
maxcdn.bootstrapcdn.com
noinfotracking.com
otupia.de
prisaik.com
rlmgws-data.s3-accelerate.amazonaws.com
rltools.de
www.exklusive-preise.de
www.rlcontrol.de
www.rltools.de
130.255.79.215
2606:4700:3034::6815:254a
2606:4700:3035::6815:40c1
2606:4700::6811:5b6d
2606:4700::6812:acf
2606:4700::6812:e134
46.137.70.201
52.204.143.53
65.9.68.72
85.13.149.2
0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
4122f214f47bf170342826a86092121db1a8ac7cb3c0f899a1ede8b6b96f27c8
4e44716822480f8c0049a31d16358a1b7c597a0f1ae292f30909552a71947851
5356fff7e1979412c2a49b25fad0a65014235fdd5dcf0062ec04008004a13893
54f7c8623cf0f0cf760385a22a4a5d20db7b2e3dfaecaab38ddf25ace848b171
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
5f5b15832a332a0760ec641158c17d4158d3757126643e87f5d872b8dbbbfab9
64dc9dd977411f4bacc844545671fd94d51bc15be31753a4479883c61640220c
67bb015ac96fd86bc355f22829c7c4e7ed5c288176c2ec013c356eef07b1ae87
6d6ec731c7579bb3420bdd0ec8ac80682ac44b1fbe1ffa8429b736e644f2be69
77f7757908889db32d97995de130b80cbda45cad2b57986e6e48da5b082561be
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b4088bfcf66aabe95d2781a1deda475fd2103fe9341916a2568b59bd9183de9
80a2aa3ffeb789ffaa34b6a0b738e7baed24396c4656dd1224c8c0ba0f4ddf84
9265ea6ee06a36211ef80e33821b309020e5c40c972cf70a07f10577c0cce549
ac249b9af121f1a9bf29b7c611b5986a5f1088da276a72a1e96b77fec1020aad
b61b4ba8f6df40b4ed98f203d67ea0727273ac6cb59e089d1248e8821ebb011a
bf37f0c405389fda13867faa69cf36ffe1b8764f3e0460f2caade056a36d2483
c86ac9a90aafd6aa025eeb2d1d6de20c03df782ef151c9d2515b23407768f134
d59fddd512526f62fc744ca6b79c807d3d972795686d00b6b87e69e706546e77
e8e8eb35e01950b90b4d272e1de27cc7c7171ad2974c5d505a6301ec56893d2c
fb603ea16e1b6fa84e78a18ca96bc753323f0c1e28f1690be7d96a89958cdbdc