de17.mein-gewinn-portal.de Open in urlscan Pro
45.156.91.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://g1.trackclickslinksclocking.com/8f16b73f-c7ca-4a9a-b82e-030d5e73ea91
Effective URL:
https://de17.mein-gewinn-portal.de/campaign_17.html?coyoteAffiliTokenId=49869104&
Submission: On May 20 via api (May 20th 2023, 8:07:30 am UTC) from JP — Scanned from NL

Summary HTTP 11 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 9 domains to perform 11 HTTP transactions. The main IP is 45.156.91.34, located in Germany and belongs to ABUNTIS, DE. The main domain is de17.mein-gewinn-portal.de.
TLS certificate: Issued by R3 on May 19th 2023. Valid for: 3 months.

This is the only time de17.mein-gewinn-portal.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	185.32.28.133 185.32.28.133	15699 (AS_ADAM A...) (AS_ADAM Adam Datacenter)
1 1	34.250.254.121 34.250.254.121	16509 (AMAZON-02) (AMAZON-02)
1 6	45.156.91.34 45.156.91.34	211823 (ABUNTIS) (ABUNTIS)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	23.88.7.145 23.88.7.145	24940 (HETZNER-AS) (HETZNER-AS)
2	35.158.79.89 35.158.79.89	16509 (AMAZON-02) (AMAZON-02)
11	6

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

g1.trackclickslinksclocking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.32.28.133 (Spain) 1 redirects

ASN15699 (AS_ADAM Adam Datacenter, ES)

mermototta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.254.121 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-254-121.eu-west-1.compute.amazonaws.com

ads.trcde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.156.91.34 (Germany) 1 redirects

ASN211823 (ABUNTIS, DE)

trckde01.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de17.mein-gewinn-portal.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.7.145 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.7.88.23.clients.your-server.de

static.neopush.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.79.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-79-89.eu-central-1.compute.amazonaws.com

meine.pixelweiche.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	mein-gewinn-portal.de de17.mein-gewinn-portal.de	187 KB
2	pixelweiche.de meine.pixelweiche.de	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com — Cisco Umbrella Rank: 320	35 KB
1	neopush.io static.neopush.io — Cisco Umbrella Rank: 526390	27 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 868	12 KB
1	trckde01.de 1 redirects trckde01.de	800 B
1	trcde.com 1 redirects ads.trcde.com	2 KB
1	mermototta.com 1 redirects mermototta.com	959 B
1	trackclickslinksclocking.com 1 redirects g1.trackclickslinksclocking.com	972 B
11	9

	Domain	Requested by
5	de17.mein-gewinn-portal.de	de17.mein-gewinn-portal.de
2	meine.pixelweiche.de	de17.mein-gewinn-portal.de meine.pixelweiche.de
1	static.neopush.io	de17.mein-gewinn-portal.de
1	ajax.googleapis.com	de17.mein-gewinn-portal.de
1	use.fontawesome.com	de17.mein-gewinn-portal.de
1	fonts.googleapis.com	de17.mein-gewinn-portal.de
1	trckde01.de	1 redirects
1	ads.trcde.com	1 redirects
1	mermototta.com	1 redirects
1	g1.trackclickslinksclocking.com	1 redirects
11	10

This site contains links to these domains. Also see Links.

Domain
lifestyle-club-online.de
couponarena.de
www.burda-versicherung.de
www.zeitschriften-abo.de
dailytravel.de
www.super-sparfuechse.com
www.suedstern-interaction.de
www.trendtours.de
www.daydreams.de
www.pmiprivacy.com
signalize.com
www.burda-versichert.de

Subject Issuer	Validity	Valid
*.mein-gewinn-portal.de R3	`2023-05-19` - `2023-08-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
use.fontawesome.com GTS CA 1P5	`2023-05-06` - `2023-08-04`	3 months	crt.sh
static.neopush.io R3	`2023-04-06` - `2023-07-05`	3 months	crt.sh
coyote.pixel-weiche.de R3	`2023-04-09` - `2023-07-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://de17.mein-gewinn-portal.de/campaign_17.html?coyoteAffiliTokenId=49869104&
Frame ID: BC411320805879B0CC12169552F66709
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Aldi

Page URL History Show full URLs

https://g1.trackclickslinksclocking.com/8f16b73f-c7ca-4a9a-b82e-030d5e73ea91 HTTP 302
https://mermototta.com/?clientId=459&productId=2318&domainType=2&publisher_id=&tracking=w1r7b0bmv04... HTTP 302
https://ads.trcde.com/aff_c?offer_id=1&aff_id=1054&aff_sub2=FBID&aff_sub=459&aff_click_id=50021333... HTTP 302
https://trckde01.de/aldi,einkaufsgutschein_12.html?idPartner=45&idCampaignAd=0&subId=1054_459&su... HTTP 302
https://de17.mein-gewinn-portal.de/campaign_17.html?coyoteAffiliTokenId=49869104& Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

44 %
IPv6

9
Domains

10
Subdomains

6
IPs

4
Countries

262 kB
Transfer

671 kB
Size

10
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://lifestyle-club-online.de/
Title: https://lifestyle-club-online.de/

Search URL Search Domain Scan URL

URL: https://couponarena.de/
Title: https://couponarena.de

Search URL Search Domain Scan URL

URL: http://www.burda-versicherung.de/datenschutz
Title: Datenschutzinformation nach Art. 14 EU-DSGVO

Search URL Search Domain Scan URL

URL: https://www.zeitschriften-abo.de/datenschutzinformation
Title: Datenschutzinformation nach Art. 14 EU-DSGVO

Search URL Search Domain Scan URL

URL: https://dailytravel.de/
Title: https://dailytravel.de

Search URL Search Domain Scan URL

URL: https://www.super-sparfuechse.com/nutzungsbedingungen/
Title: https://www.super-sparfuechse.com/nutzungsbedingungen/

Search URL Search Domain Scan URL

URL: http://www.suedstern-interaction.de/
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://www.trendtours.de/datenschutz
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://www.daydreams.de/datenschutzinformation_Artikel_14
Title: Datenschutzinformation nach Art. 14 EU-DSGVO

Search URL Search Domain Scan URL

URL: https://www.pmiprivacy.com/de-de/consumer
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://signalize.com/docs/sonstiges/opt-out-info/
Title: hier

Search URL Search Domain Scan URL

URL: https://www.burda-versichert.de/de/cms/datenschutzinformation-art-14.html
Title: Datenschutzinformation nach Art. 14 EU-DSGVO

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://g1.trackclickslinksclocking.com/8f16b73f-c7ca-4a9a-b82e-030d5e73ea91 HTTP 302
https://mermototta.com/?clientId=459&productId=2318&domainType=2&publisher_id=&tracking=w1r7b0bmv04ecgro23ttao44 HTTP 302
https://ads.trcde.com/aff_c?offer_id=1&aff_id=1054&aff_sub2=FBID&aff_sub=459&aff_click_id=5002133338143451 HTTP 302
https://trckde01.de/aldi,einkaufsgutschein_12.html?idPartner=45&idCampaignAd=0&subId=1054_459&subIdentifier=102ebbfbdd17b16b11f52cbc8b9e6c_FBID HTTP 302
https://de17.mein-gewinn-portal.de/campaign_17.html?coyoteAffiliTokenId=49869104& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request campaign_17.html Show response
de17.mein-gewinn-portal.de/
Redirect Chain

https://g1.trackclickslinksclocking.com/8f16b73f-c7ca-4a9a-b82e-030d5e73ea91
https://mermototta.com/?clientId=459&productId=2318&domainType=2&publisher_id=&tracking=w1r7b0bmv04ecgro23ttao44
https://ads.trcde.com/aff_c?offer_id=1&aff_id=1054&aff_sub2=FBID&aff_sub=459&aff_click_id=5002133338143451
https://trckde01.de/aldi,einkaufsgutschein_12.html?idPartner=45&idCampaignAd=0&subId=1054_459&subIdentifier=102ebbfbdd17b16b11f52cbc8b9e6c_FBID
https://de17.mein-gewinn-portal.de/campaign_17.html?coyoteAffiliTokenId=49869104&

133 KB
31 KB

246ms
136ms

Document
text/html

45.156.91.34
ABUNTIS

General

Check archive.org

Show headers Download Go to

Full URL: https://de17.mein-gewinn-portal.de/campaign_17.html?coyoteAffiliTokenId=49869104&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.156.91.34 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 5551140e89974a5d8b2d97b4177d5bf482c5f0b3d95bc5e40ae535fdbe6c40c2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 31584
Content-Type: text/html; charset=UTF-8
Date: Sat, 20 May 2023 08:07:25 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Length: 2
Content-Type: text/html; charset=UTF-8
Date: Sat, 20 May 2023 08:07:25 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Location: https://de17.mein-gewinn-portal.de/campaign_17.html?coyoteAffiliTokenId=49869104&
Pragma: no-cache
Server: Apache/2.4.41 (Ubuntu)

GET
H/1.1 200
OK cpa_style.css
de17.mein-gewinn-portal.de/media/adresseManager/microSiteFiles/17/ 248 KB
39 KB 77ms
43ms Stylesheet
text/css 45.156.91.34
ABUNTIS

General

Check archive.org

Show headers Download Go to

Full URL: https://de17.mein-gewinn-portal.de/media/adresseManager/microSiteFiles/17/cpa_style.css
Requested by: Host: de17.mein-gewinn-portal.de
URL: https://de17.mein-gewinn-portal.de/campaign_17.html?coyoteAffiliTokenId=49869104&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.156.91.34 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 9d6ec8ac7a0322113c02d9cf34f6102e6092fd6c64c312c0d9e6552c417c5a7d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://de17.mein-gewinn-portal.de/campaign_17.html?coyoteAffiliTokenId=49869104&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 08:07:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Feb 2019 13:45:37 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "3e0cd-581dadf97c009-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 40035

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
981 B 144ms
70ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap

Requested by

Host: de17.mein-gewinn-portal.de
URL: https://de17.mein-gewinn-portal.de/campaign_17.html?coyoteAffiliTokenId=49869104&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

860284eb37ebe66c8cb719b4d561973f50904e4de35e0a7b67123031ef53047f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://de17.mein-gewinn-portal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 May 2023 08:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 May 2023 07:23:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 May 2023 08:07:26 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.5.0/css/ 50 KB
12 KB 91ms
34ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by: Host: de17.mein-gewinn-portal.de
URL: https://de17.mein-gewinn-portal.de/campaign_17.html?coyoteAffiliTokenId=49869104&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Referer: https://de17.mein-gewinn-portal.de/
Origin: https://de17.mein-gewinn-portal.de
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:07:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: H44TQZDSCNX0RTG5
age: 271865
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: LVBms6OF1ohM2ylU7itwq7d7wmkQy5NKtExXjDZT8SKSxOLK4M52t3P8EtlGM7duWlD2nva9aZM=
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
server: cloudflare
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMBjdPDBHE1XbyygoTJFVJIyMUYG%2FeW%2Fze285GHs87YTS1YrI%2BUHhaglp6Vh%2F%2BjPi7jKe%2F%2F%2Ff43HjOOcUjNQbpVJewKlEt%2BPn0DBuQ9UQip56TJCR0COfepzBndRxdZZORAHfjDoW0f7SSPHwhVuIC7c"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7ca316048ce7b8eb-AMS

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 142ms
60ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: de17.mein-gewinn-portal.de
URL: https://de17.mein-gewinn-portal.de/campaign_17.html?coyoteAffiliTokenId=49869104&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://de17.mein-gewinn-portal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 06:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 06:17:49 GMT

GET
H/1.1 200
OK sdk.js Show response
static.neopush.io/sdk/ 26 KB
27 KB 196ms
91ms Script
application/javascript 23.88.7.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.neopush.io/sdk/sdk.js
Requested by: Host: de17.mein-gewinn-portal.de
URL: https://de17.mein-gewinn-portal.de/campaign_17.html?coyoteAffiliTokenId=49869104&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.88.7.145 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.7.88.23.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ab60c16ff9f9bc6a87547c5814ce7715eb6ec29c68ea18d87b6457415fcb126f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://de17.mein-gewinn-portal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 08:07:26 GMT
Last-Modified: Mon, 15 May 2023 20:31:38 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "646296aa-6954"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26964

GET
H/1.1 200
OK large,aldi,5.png
de17.mein-gewinn-portal.de/media/adresseManager/microSiteImg/17/ 69 KB
69 KB 39ms
39ms Image
image/png 45.156.91.34
ABUNTIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de17.mein-gewinn-portal.de/media/adresseManager/microSiteImg/17/large,aldi,5.png
Requested by: Host: de17.mein-gewinn-portal.de
URL: https://de17.mein-gewinn-portal.de/campaign_17.html?coyoteAffiliTokenId=49869104&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.156.91.34 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 9bd46ba3f0925a7dbbd9b56cdf2b80a3b17ed00c5847e52830c8013edf51e047

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://de17.mein-gewinn-portal.de/campaign_17.html?coyoteAffiliTokenId=49869104&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 08:07:26 GMT
Last-Modified: Thu, 02 Jun 2022 11:45:38 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "11462-5e0758b6af249"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 70754

GET
H/1.1 200
OK aldimobile1.jpg
de17.mein-gewinn-portal.de/media/adresseManager/microSiteImg/17/ 29 KB
30 KB 38ms
38ms Image
image/jpeg 45.156.91.34
ABUNTIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de17.mein-gewinn-portal.de/media/adresseManager/microSiteImg/17/aldimobile1.jpg
Requested by: Host: de17.mein-gewinn-portal.de
URL: https://de17.mein-gewinn-portal.de/campaign_17.html?coyoteAffiliTokenId=49869104&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.156.91.34 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 65024d44c7dc619771a2255e4b1c86dba89b0922d0d8caa4531742708df16ccd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://de17.mein-gewinn-portal.de/campaign_17.html?coyoteAffiliTokenId=49869104&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 08:07:26 GMT
Last-Modified: Thu, 02 Jun 2022 11:45:38 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "7521-5e0758b6af249"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 29985

GET
H/1.1 200
OK script.js Show response
meine.pixelweiche.de/ 964 B
1 KB 158ms
32ms Script
text/javascript 35.158.79.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://meine.pixelweiche.de/script.js
Requested by: Host: de17.mein-gewinn-portal.de
URL: https://de17.mein-gewinn-portal.de/campaign_17.html?coyoteAffiliTokenId=49869104&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.158.79.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30 /
Resource Hash: 141fb3f5cfe662d76c077d73ab421f8756a6aae698f86614b10e129b8a151437

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://de17.mein-gewinn-portal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 08:07:26 GMT
Last-Modified: Fri, 01 Sep 2017 06:01:35 GMT
Server: Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30
ETag: "3c4-5581a7e5699e1;5f8de1d05bbdb"
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 964

GET
H/1.1 200
OK bg.jpg
de17.mein-gewinn-portal.de/media/adresseManager/microSiteImg/17/ 17 KB
17 KB 84ms
38ms Image
image/jpeg 45.156.91.34
ABUNTIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de17.mein-gewinn-portal.de/media/adresseManager/microSiteImg/17/bg.jpg
Requested by: Host: de17.mein-gewinn-portal.de
URL: https://de17.mein-gewinn-portal.de/campaign_17.html?coyoteAffiliTokenId=49869104&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.156.91.34 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 10912954a5878c79453e33d93058d7d45e3ee81314d3c15f73d4b42f60ccfc67

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://de17.mein-gewinn-portal.de/campaign_17.html?coyoteAffiliTokenId=49869104&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 08:07:26 GMT
Last-Modified: Thu, 02 Jun 2022 11:45:38 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "4413-5e0758b6af249"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 17427

GET
H/1.1 200
OK script.js Show response
meine.pixelweiche.de/tg/ 0
485 B 190ms
94ms XHR
application/javascript 35.158.79.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://meine.pixelweiche.de/tg/script.js?idPartner=&subId=&subIdentifier=&postbackToken=&zielseite=adressdata1
Requested by: Host: meine.pixelweiche.de
URL: https://meine.pixelweiche.de/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.158.79.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30 / PHP/5.6.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://de17.mein-gewinn-portal.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 May 2023 08:07:26 GMT
Server: Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30
X-Powered-By: PHP/5.6.30
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.g1.trackclickslinksclocking.com/	1970-01-20 11:57:36	Name: 8f16b73f-c7ca-4a9a-b82e-030d5e73ea91-v4 Value: z_EREfI5uZh0jEDLYVx0qS6PwljYrk-aEP5Zn89W3H0
.g1.trackclickslinksclocking.com/	1970-01-20 20:41:46	Name: cc-v4 Value: Roi7FbkGCkEr02rWXZmTs%2FX5c2oISz%2Fa8gFRN02ooJU6tGbvrOp8jhgj6Q%2FmZ8q9M1pY77Ql8F%2BxPlnE6LY7SVcuiH6EAYJdsZ%2BGbXtrtmOHkzZsUWNahVrPxMZphC3GyhW8kFi8N4PSSCRS9yng4Q%3D%3D
mermototta.com/	1970-01-20 11:56:10	Name: redirect_user_data Value: %7B%22country%22%3A%22NL%22%2C%22city%22%3Anull%2C%22isp%22%3A%22i3d.net+b.v%22%2C%22netspeed%22%3A%22%22%7D
mermototta.com/	1970-01-20 11:56:10	Name: _tracker_ikangoo Value: a%3A5%3A%7Bs%3A4%3A%22_key%22%3Bs%3A7%3A%22IKPANEL%22%3Bs%3A6%3A%22_subid%22%3Bs%3A16%3A%225002133338143451%22%3Bs%3A8%3A%22_country%22%3Bs%3A2%3A%22NL%22%3Bs%3A4%3A%22_isp%22%3Bs%3A11%3A%22i3d.net+b.v%22%3Bs%3A5%3A%22_time%22%3Bi%3A1684570044%3B%7D
ads.trcde.com/	1970-01-20 12:40:48	Name: enc_aff_session_1 Value: ENC033ba3fffefac4b14e67341150282bde018370fc25e58b416f3ed310a1b5fac5bf77fdaa709425f00faf6902e8d2f8d926c3873756cd41da72d6a0a3f5df2d820fc2a2d322b39d95f1d9c21aa6f3c491d36d268f7c8273bc55ac8d47eb06ddd244cb9d001869726105d4bfc01ebcc29a185e8c18f087e428a11b49ff82cf62269b07185064
ads.trcde.com/	1970-01-20 21:32:10	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTMiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzExMy4wLjU2NzIuMTI2IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJubC1OTCxubDtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
trckde01.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: lsg6kcv8h47iqddqi2ftt1loe6
de17.mein-gewinn-portal.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6h5ai3t9j8vs5o4jdp19douhl9
de17.mein-gewinn-portal.de/	1970-01-20 11:56:24	Name: coyoteAffiliTokenId17 Value: 49869104
de17.mein-gewinn-portal.de/	1970-01-20 21:32:10	Name: coyoteVisitor Value: 38885740

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.trcde.com
ajax.googleapis.com
de17.mein-gewinn-portal.de
fonts.googleapis.com
g1.trackclickslinksclocking.com
meine.pixelweiche.de
mermototta.com
static.neopush.io
trckde01.de
use.fontawesome.com
185.32.28.133
23.88.7.145
2606:4700:e2::ac40:850f
2a00:1450:4001:80b::200a
2a00:1450:4001:829::200a
2a06:98c1:3121::3
34.250.254.121
35.158.79.89
45.156.91.34
10912954a5878c79453e33d93058d7d45e3ee81314d3c15f73d4b42f60ccfc67
141fb3f5cfe662d76c077d73ab421f8756a6aae698f86614b10e129b8a151437
5551140e89974a5d8b2d97b4177d5bf482c5f0b3d95bc5e40ae535fdbe6c40c2
65024d44c7dc619771a2255e4b1c86dba89b0922d0d8caa4531742708df16ccd
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
860284eb37ebe66c8cb719b4d561973f50904e4de35e0a7b67123031ef53047f
9bd46ba3f0925a7dbbd9b56cdf2b80a3b17ed00c5847e52830c8013edf51e047
9d6ec8ac7a0322113c02d9cf34f6102e6092fd6c64c312c0d9e6552c417c5a7d
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
ab60c16ff9f9bc6a87547c5814ce7715eb6ec29c68ea18d87b6457415fcb126f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

de17.mein-gewinn-portal.de Open in urlscan Pro 45.156.91.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

44 %IPv6

9 Domains

10 Subdomains

6 IPs

4 Countries

262 kBTransfer

671 kBSize

10 Cookies

12 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

10 Cookies

Indicators

de17.mein-gewinn-portal.de Open in urlscan Pro
45.156.91.34 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

44 %
IPv6

9
Domains

10
Subdomains

6
IPs

4
Countries

262 kB
Transfer

671 kB
Size

10
Cookies

11 HTTP transactions
0 data transactions