tracking.s24.com Open in urlscan Pro
2a00:12c0:101b:200::19 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://customerserviceatoz.com/
Effective URL:
https://tracking.s24.com/v3/proceed?cor_b=CiQ4NWQxMGZmOS1hOTljLTQ5ZTYtODU5ZC00MzU2NDU0NmQwZTQaCDEwMTE4ZDhjIKAoKIXAk7AGMgk...
Submission: On December 02 via automatic, source certstream-suspicious (December 2nd 2021, 7:44:51 am UTC) — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 10 HTTP transactions. The main IP is 2a00:12c0:101b:200::19, located in Germany and belongs to FILOO-ASN Rhedaer Strasse 25, DE. The main domain is tracking.s24.com.
TLS certificate: Issued by R3 on October 28th 2021. Valid for: 3 months.

This is the only time tracking.s24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	212.32.237.91 212.32.237.91	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	173.192.101.30 173.192.101.30	36351 (SOFTLAYER) (SOFTLAYER)
5	52.35.242.20 52.35.242.20	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2 3	2a00:12c0:101... 2a00:12c0:101b:200::19	47215 (FILOO-ASN...) (FILOO-ASN Rhedaer Strasse 25)
1	2606:4700:20:... 2606:4700:20::ac43:47b5	() ()
10	6

2 212.32.237.91 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

customerserviceatoz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.192.101.30 (Dallas, United States) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: 1e.65.c0ad.ip4.static.sl-reverse.com

mybestdl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p185689.mybestdl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.35.242.20 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-242-20.us-west-2.compute.amazonaws.com

click.cartageous.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:12c0:101b:200::19 (Germany) 2 redirects

ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE)

tracking.s24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:47b5 (None, )

ASN- ()

wickey.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	cartageous.de click.cartageous.de	58 KB
3	s24.com 2 redirects tracking.s24.com	3 KB
2	mybestdl.com 2 redirects mybestdl.com p185689.mybestdl.com	1 KB
2	customerserviceatoz.com 1 redirects customerserviceatoz.com	2 KB
1	wickey.de wickey.de
1	gstatic.com fonts.gstatic.com	20 KB
1	googleapis.com fonts.googleapis.com	1 KB
10	7

	Domain	Requested by
5	click.cartageous.de	customerserviceatoz.com click.cartageous.de
3	tracking.s24.com	2 redirects click.cartageous.de
2	customerserviceatoz.com	1 redirects
1	wickey.de
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	click.cartageous.de
1	p185689.mybestdl.com	1 redirects
1	mybestdl.com	1 redirects
10	8

This site contains no links.

Subject Issuer	Validity	Valid
customerserviceatoz.com R3	`2021-12-02` - `2022-03-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.s24.com R3	`2021-10-28` - `2022-01-26`	3 months	crt.sh
wickey.de Cloudflare Inc ECC CA-3	`2021-07-18` - `2022-07-17`	a year	crt.sh

This page contains 1 frames:

Frame: https://wickey.de/spielturm-mit-schaukel-ghostflyer?s24clid=85d10ff9-a99c-49e6-859d-43564546d0e4
Frame ID: AB347C8E81F12E7D00FF5AE24408F99F
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://customerserviceatoz.com/ Page URL
https://customerserviceatoz.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzODQ... HTTP 302
https://mybestdl.com/aS/feedclick?s=EUEFNSLDhHumWmlDZSlwro8uDhK_8R6jT46ZjpstHTZv70XeqvOOcGPzN2c9f... HTTP 302
https://p185689.mybestdl.com/adServe/domainClick?ai=W6LwHsBtbbFZTZAUAWurt0o0yMGDVk1kwFhHioAWypVxcdNAIvzvM... HTTP 302
http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_438775870|010_1... Page URL
https://tracking.s24.com/v3/clickout/10118d8c/5152/1711595525/1214a72276c20ad22f29b3f95b6ac199a8b361e... HTTP 303
https://tracking.s24.com/v3/proceed?cor_b=CiQ4NWQxMGZmOS1hOTljLTQ5ZTYtODU5ZC00MzU2NDU0NmQwZTQaCDEwMTE... Page URL

Page Statistics

10
Requests

50 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

6
IPs

3
Countries

81 kB
Transfer

131 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://customerserviceatoz.com/ Page URL
https://customerserviceatoz.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzODQzODI4MSwiaWF0IjoxNjM4NDMxMDgxLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycXVlMG9yNmM3cGlramxuODAycW1qb2wiLCJuYmYiOjE2Mzg0MzEwODEsInRzIjoxNjM4NDMxMDgxOTc5OTg1fQ.gNRHQiYNetyGRnF_HxO7ezOuhVslDN6hQEja-UMv3SQ&sid=b5b8ffee-5343-11ec-bfc1-37ca50d3d26b HTTP 302
https://mybestdl.com/aS/feedclick?s=EUEFNSLDhHumWmlDZSlwro8uDhK_8R6jT46ZjpstHTZv70XeqvOOcGPzN2c9f2E7_vAN-6p8GpmDZG8TCuTZ6pDoEwlyap2k_k9jsMCbZfE6Qd6XhTil-hGnrRszKh8-phn_x0BlwTgwt6QWV9axOl8GNGGraCko5g65_MXHJiXG-0XiCfezMe-x2jaRAM0nfrp5GVFenNDvDCR45cLZaFQ7Z8Py6UFSvKB4nsP1ZjogBBw_HVBsJc8Xq_VKD-wAJa7O-_tri5_fAazKvy3SkMUlBgR0A807DRHXt90x6vL8BE8wgCiyAJECftwZjAyBqMj9PkNW9zZFN4eDasfNzymLQFdIiwgtwdFPYTwXf44bKxfBQGR8MR4uTbArMyc3lzvXOSt7T7IEx9cGfbk9K46KVzCH6fhKO0wdIkYPanqoMhJqgwO0ebka4bsciIbA81w7550n49B4dC2v6E_zAlb3ah6LIYuF603o43snf7O5-93HrYS8H26eHCjkzURvIOk47GCouTBA9um-N0lBudEwi2oaZptrQ1coXOoyLN8Y7QFMumJtD0zRkCJmOWo_4394Lm2KdSwwqaTCAQmMFRM25fIP2Iaea4Gc7L3iFEbfbnGGtAJDVpDzG9oYmBKXhyTn0mpPfJ3V5KjxTXxeGZAAQABd4P5G1wn1tAk05fWUbV_nI8MNe_jsFuwbGh12gYrIXIN944HplDQIrCvK9hOzFB1o33Q3Fe7U76YGwvAZCFGVEx6MgaOn3z1wbdhSxOXXbSrQsDLubuGWReJOjRVDiLnm-55WMKlGCxI0Kj6ZVbCu9VpqkxhQHZwgqcpeVdqoPKOQ2v440z-rXhBEnHqOozwK_Ck1RzdD9nZNwmbjq-cCkj28kpJAxNmBHWq8AAwA-EtanC0V_80YEKjdHnkI3te2YYSrUpLdONynEpcqgSa18uEjF8Ur9rlABscdcFZk9FSC0skXKZLbNLOQfuHxHeN3pBA4FZRXc_6obQAxHp2DWtr9ZefgMhodgNxnbZxoI2LYFi_nL3YEYB8PclUV204bVSQKoJ4APUi-E1o_yxSmkH3QiFe8xg5F04Ren8Uc18SEqighuvhJwj6443fqfX5UL4K4qJ8fAe9ZegjFvy2RKG2XybIEmZbsRwc9O6YB5OljvHjaaqL0RwPAOYUKOEDmShzPh1_MuuhOjCA4xaYzvjfiurbxDi-tQxV6HV0hWra6LVmGFGCXXWTRhBR5kHBtJAU6L_AgS7boAVyo8glEZyW3byNQqgQPpRJCUdf6yqlbEszWBwy7PURLV8n6aneVDzpYR0q1LKeaL4qV8UdHH3pzdPj9BQdvjSoXZgHaZfkx9E4D-RtqD0DhJ4BQqyVrejcN49YHuWdFkWiXkpNBIXSm6kjQWt8Eo4F9Gr44xTlpswmjIQ6n-5BK5k6DBU_V4UN5dXKgMrbsU-om8utQIcahvOX0n8xxvGXEl8aNw_ZvjvKGG7hZiOB5bH9Jb4T7HJxDrd0OcIEX6rl2JzJ81BT7WoQnCIq4l1T5MMo4X_oBgCbdAM6fo_EBoQ HTTP 302
https://p185689.mybestdl.com/adServe/domainClick?ai=W6LwHsBtbbFZTZAUAWurt0o0yMGDVk1kwFhHioAWypVxcdNAIvzvMPEd_i3-Ytjc7wPUy8eZpGo7S3vae-fIToGsMAW5-jC9Bp8N1Cqk3GlqgEE0f5Fjh8XnLiFpVgC8Bvf4RIcbQkdSSoPLKhvaakjQWt8Eo4F9kuAE1dSkiNqrQarODB6s1TdmkZQqqBbU121J_5rvautP8x8RvEiaOCmDkZ9wGU-PrBZwfnlpzJkVzUDlBPdhPjS4W39x3PYrhWoR4FhhVDFrXZ7fy64Z_MSDPhdk_SCbAOiOAfLKc3X6tVUHBRtKv-3MVfKXZeqnjZ1KsGQdcLbXy9rWOEYUYjyN2o-3EfhQIlDjxDeukss2V8Z1_cNyh9cIHqGMuP9gcBeRmJ93EJu5kygdpabC421p2h3hBQbn7HyBEOo_2tJ52jM6-Hyv0q0DJl3IPlddNwtRf0FDw053_DBO88WArg&ui=EUEFNSLDhHumWmlDZSlwrvbWwvziNp_1xLgNeF8Zj-iPMNr7q3Wv6UU8hj8Rx7esNEl5SWsQp94Pfqte5141pzcZMYJPrxSWptJ-t_zbJ20VHoA_R-TD8g&si=1&oref=59f89acc715ddd0cd822cd1de76fce7b&optunit=mxN5N-km0l4xZU5RQpQz_AdlkgfcxOUr&rb=bBYvYlMrmMM&rr=1&abtg=0 HTTP 302
http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_438775870|010_1_inf_df_s24_de_merchant_Wickey|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_438775870%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wickey Page URL
https://tracking.s24.com/v3/clickout/10118d8c/5152/1711595525/1214a72276c20ad22f29b3f95b6ac199a8b361ed?s24cid=949029720 HTTP 303
https://tracking.s24.com/v3/proceed?cor_b=CiQ4NWQxMGZmOS1hOTljLTQ5ZTYtODU5ZC00MzU2NDU0NmQwZTQaCDEwMTE4ZDhjIKAoKIXAk7AGMgk5NDkwMjk3MjBAtqrp0NcvSiBlWDRSa09vYjYycjBUM0VpRWMxQ1FHMUZPZlFOOFlhalJyTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2WhMyYTBmOjk0NDE6NTowOmVhOjoxYhtodHRwOi8vY2xpY2suY2FydGFnZW91cy5kZS-CASRmZDQwYjIyMS0zNGZjLTQxMjYtOTkxOC0yMWUwNmQzOTU5MDKQAQA%3D&cor_h=_MU9s3Gzf8c2le4Vs2Z_psMW6pDJjEWk8Ri6YjbFIiI%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://customerserviceatoz.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzODQzODI4MSwiaWF0IjoxNjM4NDMxMDgxLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycXVlMG9yNmM3cGlramxuODAycW1qb2wiLCJuYmYiOjE2Mzg0MzEwODEsInRzIjoxNjM4NDMxMDgxOTc5OTg1fQ.gNRHQiYNetyGRnF_HxO7ezOuhVslDN6hQEja-UMv3SQ&sid=b5b8ffee-5343-11ec-bfc1-37ca50d3d26b HTTP 302
https://mybestdl.com/aS/feedclick?s=EUEFNSLDhHumWmlDZSlwro8uDhK_8R6jT46ZjpstHTZv70XeqvOOcGPzN2c9f2E7_vAN-6p8GpmDZG8TCuTZ6pDoEwlyap2k_k9jsMCbZfE6Qd6XhTil-hGnrRszKh8-phn_x0BlwTgwt6QWV9axOl8GNGGraCko5g65_MXHJiXG-0XiCfezMe-x2jaRAM0nfrp5GVFenNDvDCR45cLZaFQ7Z8Py6UFSvKB4nsP1ZjogBBw_HVBsJc8Xq_VKD-wAJa7O-_tri5_fAazKvy3SkMUlBgR0A807DRHXt90x6vL8BE8wgCiyAJECftwZjAyBqMj9PkNW9zZFN4eDasfNzymLQFdIiwgtwdFPYTwXf44bKxfBQGR8MR4uTbArMyc3lzvXOSt7T7IEx9cGfbk9K46KVzCH6fhKO0wdIkYPanqoMhJqgwO0ebka4bsciIbA81w7550n49B4dC2v6E_zAlb3ah6LIYuF603o43snf7O5-93HrYS8H26eHCjkzURvIOk47GCouTBA9um-N0lBudEwi2oaZptrQ1coXOoyLN8Y7QFMumJtD0zRkCJmOWo_4394Lm2KdSwwqaTCAQmMFRM25fIP2Iaea4Gc7L3iFEbfbnGGtAJDVpDzG9oYmBKXhyTn0mpPfJ3V5KjxTXxeGZAAQABd4P5G1wn1tAk05fWUbV_nI8MNe_jsFuwbGh12gYrIXIN944HplDQIrCvK9hOzFB1o33Q3Fe7U76YGwvAZCFGVEx6MgaOn3z1wbdhSxOXXbSrQsDLubuGWReJOjRVDiLnm-55WMKlGCxI0Kj6ZVbCu9VpqkxhQHZwgqcpeVdqoPKOQ2v440z-rXhBEnHqOozwK_Ck1RzdD9nZNwmbjq-cCkj28kpJAxNmBHWq8AAwA-EtanC0V_80YEKjdHnkI3te2YYSrUpLdONynEpcqgSa18uEjF8Ur9rlABscdcFZk9FSC0skXKZLbNLOQfuHxHeN3pBA4FZRXc_6obQAxHp2DWtr9ZefgMhodgNxnbZxoI2LYFi_nL3YEYB8PclUV204bVSQKoJ4APUi-E1o_yxSmkH3QiFe8xg5F04Ren8Uc18SEqighuvhJwj6443fqfX5UL4K4qJ8fAe9ZegjFvy2RKG2XybIEmZbsRwc9O6YB5OljvHjaaqL0RwPAOYUKOEDmShzPh1_MuuhOjCA4xaYzvjfiurbxDi-tQxV6HV0hWra6LVmGFGCXXWTRhBR5kHBtJAU6L_AgS7boAVyo8glEZyW3byNQqgQPpRJCUdf6yqlbEszWBwy7PURLV8n6aneVDzpYR0q1LKeaL4qV8UdHH3pzdPj9BQdvjSoXZgHaZfkx9E4D-RtqD0DhJ4BQqyVrejcN49YHuWdFkWiXkpNBIXSm6kjQWt8Eo4F9Gr44xTlpswmjIQ6n-5BK5k6DBU_V4UN5dXKgMrbsU-om8utQIcahvOX0n8xxvGXEl8aNw_ZvjvKGG7hZiOB5bH9Jb4T7HJxDrd0OcIEX6rl2JzJ81BT7WoQnCIq4l1T5MMo4X_oBgCbdAM6fo_EBoQ HTTP 302
https://p185689.mybestdl.com/adServe/domainClick?ai=W6LwHsBtbbFZTZAUAWurt0o0yMGDVk1kwFhHioAWypVxcdNAIvzvMPEd_i3-Ytjc7wPUy8eZpGo7S3vae-fIToGsMAW5-jC9Bp8N1Cqk3GlqgEE0f5Fjh8XnLiFpVgC8Bvf4RIcbQkdSSoPLKhvaakjQWt8Eo4F9kuAE1dSkiNqrQarODB6s1TdmkZQqqBbU121J_5rvautP8x8RvEiaOCmDkZ9wGU-PrBZwfnlpzJkVzUDlBPdhPjS4W39x3PYrhWoR4FhhVDFrXZ7fy64Z_MSDPhdk_SCbAOiOAfLKc3X6tVUHBRtKv-3MVfKXZeqnjZ1KsGQdcLbXy9rWOEYUYjyN2o-3EfhQIlDjxDeukss2V8Z1_cNyh9cIHqGMuP9gcBeRmJ93EJu5kygdpabC421p2h3hBQbn7HyBEOo_2tJ52jM6-Hyv0q0DJl3IPlddNwtRf0FDw053_DBO88WArg&ui=EUEFNSLDhHumWmlDZSlwrvbWwvziNp_1xLgNeF8Zj-iPMNr7q3Wv6UU8hj8Rx7esNEl5SWsQp94Pfqte5141pzcZMYJPrxSWptJ-t_zbJ20VHoA_R-TD8g&si=1&oref=59f89acc715ddd0cd822cd1de76fce7b&optunit=mxN5N-km0l4xZU5RQpQz_AdlkgfcxOUr&rb=bBYvYlMrmMM&rr=1&abtg=0 HTTP 302
http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_438775870|010_1_inf_df_s24_de_merchant_Wickey|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_438775870%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wickey

Request Chain 8

https://tracking.s24.com/v3/commit?cor_b=CiQ4NWQxMGZmOS1hOTljLTQ5ZTYtODU5ZC00MzU2NDU0NmQwZTQaCDEwMTE4ZDhjIKAoKIXAk7AGMgk5NDkwMjk3MjBAtqrp0NcvSiBlWDRSa09vYjYycjBUM0VpRWMxQ1FHMUZPZlFOOFlhalJyTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2WhMyYTBmOjk0NDE6NTowOmVhOjoxYhtodHRwOi8vY2xpY2suY2FydGFnZW91cy5kZS-CASRmZDQwYjIyMS0zNGZjLTQxMjYtOTkxOC0yMWUwNmQzOTU5MDKQAQA%3D&cor_h=_MU9s3Gzf8c2le4Vs2Z_psMW6pDJjEWk8Ri6YjbFIiI%3D HTTP 303
https://wickey.de/spielturm-mit-schaukel-ghostflyer?s24clid=85d10ff9-a99c-49e6-859d-43564546d0e4

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
customerserviceatoz.com/ 480 B
700 B 304ms
215ms Document
text/html 212.32.237.91
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://customerserviceatoz.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.32.237.91 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: Cowboy /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-length: 480
content-type: text/html; charset=utf-8
date: Thu, 02 Dec 2021 07:44:41 GMT
server: Cowboy

GET
H/1.1

200
OK

/ Show response
click.cartageous.de/
Redirect Chain

https://customerserviceatoz.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzODQzODI4MSwiaWF0IjoxNjM4NDMxMDgxLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycXVlMG9yNmM3cGlramxu...
https://mybestdl.com/aS/feedclick?s=EUEFNSLDhHumWmlDZSlwro8uDhK_8R6jT46ZjpstHTZv70XeqvOOcGPzN2c9f2E7_vAN-6p8GpmDZG8TCuTZ6pDoEwlyap2k_k9jsMCbZfE6Qd6XhTil-hGnrRszKh8-phn_x0BlwTgwt6QWV9axOl8GNGGraCko5...
https://p185689.mybestdl.com/adServe/domainClick?ai=W6LwHsBtbbFZTZAUAWurt0o0yMGDVk1kwFhHioAWypVxcdNAIvzvMPEd_i3-Ytjc7wPUy8eZpGo7S3vae-fIToGsMAW5-jC9Bp8N1Cqk3GlqgEE0f5Fjh8XnLiFpVgC8Bvf4RIcbQkdSSoPLK...
http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_438775870|010_1_inf_df_s24_de_merchant_Wickey|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DB...

3 KB
2 KB

369ms
363ms

Document
text/html

52.35.242.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_438775870|010_1_inf_df_s24_de_merchant_Wickey|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_438775870%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wickey

Requested by

Host: customerserviceatoz.com
URL: https://customerserviceatoz.com/

Protocol

HTTP/1.1

Server

52.35.242.20 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-242-20.us-west-2.compute.amazonaws.com

Software

Resource Hash

f3f2ed70b77edf5a36fd62a2eefd107a2d037542b5fe9b72e2279ed6acdef977

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://customerserviceatoz.com/

Response headers

Date: Thu, 02 Dec 2021 07:44:44 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
ETag: W/"b7b-p3bQxy25/RY4oySpXpe/nrc9LR4"
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

server: nginx
date: Thu, 02 Dec 2021 07:44:44 GMT
content-length: 0
location: http://click.cartageous.de?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_438775870|010_1_inf_df_s24_de_merchant_Wickey|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_438775870%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wickey

GET
H/1.1 200
OK rt.min.js Show response
click.cartageous.de/js/ 14 KB
6 KB 186ms
186ms Script
application/javascript 52.35.242.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://click.cartageous.de/js/rt.min.js

Requested by

Host: click.cartageous.de
URL: http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_438775870|010_1_inf_df_s24_de_merchant_Wickey|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_438775870%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wickey

Protocol

HTTP/1.1

Server

52.35.242.20 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-242-20.us-west-2.compute.amazonaws.com

Software

Resource Hash

9226ae3cd96905b7393ea2b1d9982d5b405ea8554c3b95f1a6a219f71da41ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_438775870|010_1_inf_df_s24_de_merchant_Wickey|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_438775870%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wickey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 02 Dec 2021 07:44:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-DNS-Prefetch-Control: off
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 02 Dec 2021 07:16:00 GMT
X-Frame-Options: SAMEORIGIN
ETag: W/"365e-17d7a000225"
X-Download-Options: noopen
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H/1.1 200
OK landing.min.js Show response
click.cartageous.de/js/ 66 KB
23 KB 372ms
367ms Script
application/javascript 52.35.242.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://click.cartageous.de/js/landing.min.js

Requested by

Protocol

HTTP/1.1

Server

52.35.242.20 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-242-20.us-west-2.compute.amazonaws.com

Software

Resource Hash

d847109e96105ec05c66bf906afe2e498370ad4c363c1406d9c4a964f1188e31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_438775870|010_1_inf_df_s24_de_merchant_Wickey|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_438775870%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wickey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 02 Dec 2021 07:44:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-DNS-Prefetch-Control: off
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 24 Nov 2021 09:37:54 GMT
X-Frame-Options: SAMEORIGIN
ETag: W/"107ea-17d514f0950"
X-Download-Options: noopen
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

afbb224757994ccc20b0ab6ceb60eab144cd8825a392613861045e393632ec81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://click.cartageous.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 06:08:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 02 Dec 2021 07:44:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Dec 2021 07:44:44 GMT

GET
H/1.1 200
OK bcloader.gif
click.cartageous.de/images/ 26 KB
27 KB 185ms
185ms Image
image/gif 52.35.242.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://click.cartageous.de/images/bcloader.gif

Requested by

Protocol

HTTP/1.1

Server

52.35.242.20 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-242-20.us-west-2.compute.amazonaws.com

Software

Resource Hash

6697a4e88a23706a4b0e2eada7b346b7e5839d71d07505987582f48e810784f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://click.cartageous.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 02 Dec 2021 07:44:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Nov 2021 09:37:54 GMT
ETag: W/"6816-17d514f0950"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Strict-Transport-Security: max-age=15552000; includeSubDomains
Accept-Ranges: bytes
X-DNS-Prefetch-Control: off
Content-Length: 26646
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK updateClickStatus Show response
click.cartageous.de/ 174 B
635 B 824ms
823ms Fetch
application/json 52.35.242.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://click.cartageous.de/updateClickStatus

Requested by

Host: click.cartageous.de
URL: http://click.cartageous.de/js/landing.min.js

Protocol

HTTP/1.1

Server

52.35.242.20 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-242-20.us-west-2.compute.amazonaws.com

Software

Resource Hash

991f58359d7156f1be04075ee263379fa13dc59f8b2190c334a79b7bb14433da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://click.cartageous.de/?fct=true&psid=13237&auth=tJuNe&kw=&mfid=5152&env=2&subid=ch_438775870|010_1_inf_df_s24_de_merchant_Wickey|&passback=http%3A%2F%2Fcartageous.de%2Fdarn%2F%3Futm_source%3DBN_010_438775870%26utm_medium%3Dcpc%26utm_term%3D%26utm_content%3Ds24_C_DE%26utm_campaign%3Dm_Wickey
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 02 Dec 2021 07:44:45 GMT
X-Content-Type-Options: nosniff
ETag: W/"ae-tu+xiCA0c7X+4WcM6V1OkjEMV3I"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-DNS-Prefetch-Control: off
Vary: Accept-Encoding
Content-Length: 174
X-XSS-Protection: 1; mode=block

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 37ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://click.cartageous.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 15:40:37 GMT
x-content-type-options: nosniff
age: 57848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 15:40:37 GMT

GET
H2

200

Primary Request proceed Show response
tracking.s24.com/v3/
Redirect Chain

https://tracking.s24.com/v3/clickout/10118d8c/5152/1711595525/1214a72276c20ad22f29b3f95b6ac199a8b361ed?s24cid=949029720
https://tracking.s24.com/v3/proceed?cor_b=CiQ4NWQxMGZmOS1hOTljLTQ5ZTYtODU5ZC00MzU2NDU0NmQwZTQaCDEwMTE4ZDhjIKAoKIXAk7AGMgk5NDkwMjk3MjBAtqrp0NcvSiBlWDRSa09vYjYycjBUM0VpRWMxQ1FHMUZPZlFOOFlhalJyTW96aWx...

1 KB
1 KB

10ms
10ms

Document
text/html

2a00:12c0:101b:200::19
FILOO-ASN Rhedaer...

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.s24.com/v3/proceed?cor_b=CiQ4NWQxMGZmOS1hOTljLTQ5ZTYtODU5ZC00MzU2NDU0NmQwZTQaCDEwMTE4ZDhjIKAoKIXAk7AGMgk5NDkwMjk3MjBAtqrp0NcvSiBlWDRSa09vYjYycjBUM0VpRWMxQ1FHMUZPZlFOOFlhalJyTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2WhMyYTBmOjk0NDE6NTowOmVhOjoxYhtodHRwOi8vY2xpY2suY2FydGFnZW91cy5kZS-CASRmZDQwYjIyMS0zNGZjLTQxMjYtOTkxOC0yMWUwNmQzOTU5MDKQAQA%3D&cor_h=_MU9s3Gzf8c2le4Vs2Z_psMW6pDJjEWk8Ri6YjbFIiI%3D

Requested by

Host: click.cartageous.de
URL: http://click.cartageous.de/js/landing.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:12c0:101b:200::19 , Germany, ASN47215 (FILOO-ASN Rhedaer Strasse 25, DE),

Reverse DNS

Software

Resource Hash

05266844ab5d82edc844571f3b61cc621e18a9141ce2276857d8b0ec81ab6203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://click.cartageous.de/

Response headers

content-language: de-DE
content-type: text/html;charset=UTF-8
date: Thu, 02 Dec 2021 07:44:45 GMT
etag: W/"0db8a0a62957e124607633953e5e16b90"
p3p: CP="NOI DSP LAW NID CURa ADMa PSAa OUR LEG PUR COM NAV STA"
x-robots-tag: noindex, nofollow
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://cspreport.s24.com/;
strict-transport-security: max-age=31536000;
vary: Accept-Encoding Accept-Encoding
content-encoding: gzip

Redirect headers

cache-control: no-cache, no-store
content-language: de-DE
content-length: 0
date: Thu, 02 Dec 2021 07:44:45 GMT
location: https://tracking.s24.com/v3/proceed?cor_b=CiQ4NWQxMGZmOS1hOTljLTQ5ZTYtODU5ZC00MzU2NDU0NmQwZTQaCDEwMTE4ZDhjIKAoKIXAk7AGMgk5NDkwMjk3MjBAtqrp0NcvSiBlWDRSa09vYjYycjBUM0VpRWMxQ1FHMUZPZlFOOFlhalJyTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2WhMyYTBmOjk0NDE6NTowOmVhOjoxYhtodHRwOi8vY2xpY2suY2FydGFnZW91cy5kZS-CASRmZDQwYjIyMS0zNGZjLTQxMjYtOTkxOC0yMWUwNmQzOTU5MDKQAQA%3D&cor_h=_MU9s3Gzf8c2le4Vs2Z_psMW6pDJjEWk8Ri6YjbFIiI%3D
p3p: CP="NOI DSP LAW NID CURa ADMa PSAa OUR LEG PUR COM NAV STA"
x-robots-tag: noindex, nofollow
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://cspreport.s24.com/;
strict-transport-security: max-age=31536000;

GET
H2

200

spielturm-mit-schaukel-ghostflyer
wickey.de/
Redirect Chain

https://tracking.s24.com/v3/commit?cor_b=CiQ4NWQxMGZmOS1hOTljLTQ5ZTYtODU5ZC00MzU2NDU0NmQwZTQaCDEwMTE4ZDhjIKAoKIXAk7AGMgk5NDkwMjk3MjBAtqrp0NcvSiBlWDRSa09vYjYycjBUM0VpRWMxQ1FHMUZPZlFOOFlhalJyTW96aWxs...
https://wickey.de/spielturm-mit-schaukel-ghostflyer?s24clid=85d10ff9-a99c-49e6-859d-43564546d0e4

0
0

5350ms
5310ms

Document
text/html

2606:4700:20::ac43:47b5

General

Check archive.org

Show headers Download Go to

Full URL

https://wickey.de/spielturm-mit-schaukel-ghostflyer?s24clid=85d10ff9-a99c-49e6-859d-43564546d0e4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47b5 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://tracking.s24.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tracking.s24.com/

Response headers

date: Thu, 02 Dec 2021 07:44:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy-report-only: font-src *.gstatic.com 'unsafe-inline' data: *.fontawesome.com maxcdn.bootstrapcdn.com *.cloudflare.com *.bootstrapcdn.com *.cloudfront.net data: 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.ogone.com *.ingenico.com *.v-psp.com *.epdq.co.uk *.postfinance.ch *.paypage.be *.payengine.de *.eupayglobe.com *.tpvecommerce.es *.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https://www.google.com/recaptcha/ www.google.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.dotdigital-pages.com *.dotdigital.com cdn.dnky.co webchat.dotdigital.com *.ogone.com *.ingenico.com *.v-psp.com *.epdq.co.uk *.postfinance.ch *.paypage.be *.payengine.de *.eupayglobe.com *.tpvecommerce.es *.weltpixel.com *.facebook.com *.hotjar.com *.doubleclick.net *.cookieinformation.com squarelovin.com *.pinimg.com *.pinterest.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.gstatic.com *.googleapis.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de https://www.mollie.com *.cloudflare.com *.bing.com *.facebook.com *.linkedin.com *.pinterest.com *.google.com *.google.nl *.google.rs *.trustedshops.com *.wickey.nl wickey.nl *.adsymptotic.com *.squarelovin.com squarelovin.com *.azureedge.net *.google.de *.youtube.com *.wickey.de wickey.de data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.sandbox.paypal.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ *.googleapis.com maps.googleapis.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com cdn.dnky.co webchat.dotdigital.com js.mollie.com https://www.googletagmanager.com tagmanager.google.com *.cloudflare.com *.twitter.com *.fontawesome.com *.bing.com *.wickey.nl wickey.nl *.trustedshops.com *.licdn.com *.pinimg.com *.hotjar.com *.facebook.net *.doubleclick.net *.google.com *.s24.com *.newrelic.com *.nr-data.net *.cloudflareinsights.com *.cookieinformation.com *.amazonaws.com userlike-cdn-widgets.s3-eu-west-1.amazonaws.com *.squarelovin.com squarelovin.com *.cloudfront.net *.userlike.com *.youtube.com *.wickey.de wickey.de 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com cdn.dnky.co webchat.dotdigital.com *.fontawesome.com maxcdn.bootstrapcdn.com tagmanager.google.com *.cloudflare.com *.bootstrapcdn.com squarelovin.com *.youtube.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com *.ogone.com *.ingenico.com *.v-psp.com *.epdq.co.uk *.postfinance.ch *.paypage.be *.payengine.de *.eupayglobe.com *.tpvecommerce.es *.cloudflare.com *.doubleclick.net *.google-analytics.com *.pinterest.com *.wickey.nl wickey.nl *.hotjar.com *.hotjar.io *.facebook.com *.nr-data.net *.userlike.com *.youtube.com userlike-cdn-widgets.s3-eu-west-1.amazonaws.com *.wickey.de wickey.de 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-environment: Hipex/3 main Hipex/3 general
x-server: app-1
age: 0
x-magento-cache-debug: MISS
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GP6EUs3Azz0g8Uc9F2Z%2BfgG%2F3z8JeFLk0XvFoDTp%2FH2b3limQHAMn3HjfMZIAyayIge11W18gstVLECY5oKDzHVLisSTdCFyhyDAmhMd1LpeDkyraNjvxxU2bkQplHyCu9br1kMRtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b72ee8f3ba72bc2-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

content-language: de-DE
content-length: 0
date: Thu, 02 Dec 2021 07:44:45 GMT
location: https://wickey.de/spielturm-mit-schaukel-ghostflyer?s24clid=85d10ff9-a99c-49e6-859d-43564546d0e4
p3p: CP="NOI DSP LAW NID CURa ADMa PSAa OUR LEG PUR COM NAV STA"
x-robots-tag: noindex, nofollow
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://cspreport.s24.com/;
strict-transport-security: max-age=31536000;

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.customerserviceatoz.com/	1970-02-13 19:38:34	Name: sid Value: b5b8ffee-5343-11ec-bfc1-37ca50d3d26b
.mybestdl.com/	1970-01-20 03:26:23	Name: rhid Value: 80223595155
.mybestdl.com/	1970-01-19 23:07:14	Name: loi Value: ad_1135726_off_580125_aff_11683_cid_185689-CUSTOMERSERVICEATOZ.COM_ts_1638431084
.s24.com/	1970-01-19 23:07:12	Name: co-session Value: eX4RkOob62r0T3EiEc1CQG1FOfQN8Yaj
.s24.com/	1970-01-20 07:52:47	Name: s24uid Value: fd40b221-34fc-4126-9918-21e06d395902
.s24.com/	1970-01-19 23:50:23	Name: co-revn Value: H4sIAAAAAAAAAAXBsQ5AMBQF0B96Q2/b116zlE1TMTBSJBgk/n9wjkKtIALaqFoVGIA7qxyzH5/8bsF+ZnLpShVt6dHlswxc1lsQHL2DoTLyB9x53PJHAAAA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.cartageous.de
customerserviceatoz.com
fonts.googleapis.com
fonts.gstatic.com
mybestdl.com
p185689.mybestdl.com
tracking.s24.com
wickey.de
173.192.101.30
212.32.237.91
2606:4700:20::ac43:47b5
2a00:12c0:101b:200::19
2a00:1450:4001:80f::2003
2a00:1450:4001:82f::200a
52.35.242.20
05266844ab5d82edc844571f3b61cc621e18a9141ce2276857d8b0ec81ab6203
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
6697a4e88a23706a4b0e2eada7b346b7e5839d71d07505987582f48e810784f8
9226ae3cd96905b7393ea2b1d9982d5b405ea8554c3b95f1a6a219f71da41ac5
991f58359d7156f1be04075ee263379fa13dc59f8b2190c334a79b7bb14433da
afbb224757994ccc20b0ab6ceb60eab144cd8825a392613861045e393632ec81
d847109e96105ec05c66bf906afe2e498370ad4c363c1406d9c4a964f1188e31
f3f2ed70b77edf5a36fd62a2eefd107a2d037542b5fe9b72e2279ed6acdef977

tracking.s24.com Open in urlscan Pro 2a00:12c0:101b:200::19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

10 Requests

50 %HTTPS

57 %IPv6

7 Domains

8 Subdomains

6 IPs

3 Countries

81 kBTransfer

131 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

6 Cookies

Indicators

tracking.s24.com Open in urlscan Pro
2a00:12c0:101b:200::19 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

50 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

6
IPs

3
Countries

81 kB
Transfer

131 kB
Size

6
Cookies

10 HTTP transactions
0 data transactions