Submitted URL: https://track.emlrckr.com/CrjEndKiDC
Effective URL: https://de1543.gutschein-gewinner.de/campaign_1543.html?coyoteAffiliTokenId=88275939&
Submission: On November 06 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 14 HTTP transactions. The main IP is 45.156.91.33, located in Germany and belongs to ABUNTIS, DE. The main domain is de1543.gutschein-gewinner.de.
TLS certificate: Issued by R10 on September 20th 2024. Valid for: 3 months.
This is the only time de1543.gutschein-gewinner.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 45.89.245.10 31469 (XOSTING-AS)
1 1 34.111.143.46 396982 (GOOGLE-CL...)
1 8 45.156.91.33 211823 (ABUNTIS)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f08... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
14 7
Apex Domain
Subdomains
Transfer
7 gutschein-gewinner.de
de1543.gutschein-gewinner.de
678 KB
2 gstatic.com
fonts.gstatic.com
28 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
ajax.googleapis.com — Cisco Umbrella Rank: 412
36 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1222
27 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
61 KB
1 cplmax.com
cplmax.com
806 B
1 tgnk.de
www.tgnk.de
721 B
1 emlrckr.com
track.emlrckr.com
3 KB
14 8
Domain Requested by
7 de1543.gutschein-gewinner.de de1543.gutschein-gewinner.de
2 fonts.gstatic.com fonts.googleapis.com
2 use.fontawesome.com de1543.gutschein-gewinner.de
use.fontawesome.com
1 connect.facebook.net de1543.gutschein-gewinner.de
1 ajax.googleapis.com de1543.gutschein-gewinner.de
1 fonts.googleapis.com de1543.gutschein-gewinner.de
1 cplmax.com 1 redirects
1 www.tgnk.de 1 redirects
1 track.emlrckr.com 1 redirects
14 9
Subject Issuer Validity Valid
*.gutschein-gewinner.de
R10
2024-09-20 -
2024-12-19
3 months crt.sh
use.fontawesome.com
WE1
2024-09-09 -
2024-12-09
3 months crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-08-15 -
2024-11-13
3 months crt.sh
*.gstatic.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://de1543.gutschein-gewinner.de/campaign_1543.html?coyoteAffiliTokenId=88275939&
Frame ID: F68FE2AF10657403BC0344E5AE9D5A93
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

Kaufland Gutschein & eBike Gewinnen!

Page URL History Show full URLs

  1. https://track.emlrckr.com/CrjEndKiDC HTTP 302
    https://www.tgnk.de/47SM8MB/29H36MT/?sub1=258575&sub2=&sub3=0bfbf29b43be4d88a2c5bca69ba0b36c277c3 HTTP 302
    https://cplmax.com/de03,kaufland,gutschein,und,ebike_1171.html?idPartner=37&idCampaignAd=0&subI... HTTP 302
    https://de1543.gutschein-gewinner.de/campaign_1543.html?coyoteAffiliTokenId=88275939& Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

9
Subdomains

7
IPs

3
Countries

829 kB
Transfer

1243 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://track.emlrckr.com/CrjEndKiDC HTTP 302
    https://www.tgnk.de/47SM8MB/29H36MT/?sub1=258575&sub2=&sub3=0bfbf29b43be4d88a2c5bca69ba0b36c277c3 HTTP 302
    https://cplmax.com/de03,kaufland,gutschein,und,ebike_1171.html?idPartner=37&idCampaignAd=0&subId=2001_258575&subIdentifier=dc1b03e7470c43bf835e7c8d33020958_ HTTP 302
    https://de1543.gutschein-gewinner.de/campaign_1543.html?coyoteAffiliTokenId=88275939& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request campaign_1543.html
de1543.gutschein-gewinner.de/
Redirect Chain
  • https://track.emlrckr.com/CrjEndKiDC
  • https://www.tgnk.de/47SM8MB/29H36MT/?sub1=258575&sub2=&sub3=0bfbf29b43be4d88a2c5bca69ba0b36c277c3
  • https://cplmax.com/de03,kaufland,gutschein,und,ebike_1171.html?idPartner=37&idCampaignAd=0&subId=2001_258575&subIdentifier=dc1b03e7470c43bf835e7c8d33020958_
  • https://de1543.gutschein-gewinner.de/campaign_1543.html?coyoteAffiliTokenId=88275939&
171 KB
38 KB
Document
General
Full URL
https://de1543.gutschein-gewinner.de/campaign_1543.html?coyoteAffiliTokenId=88275939&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c07311678425d0a46951ad9da719c15239d7df91d2adfd2e00aeb0f685149618

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
38423
Content-Type
text/html; charset=UTF-8
Date
Wed, 06 Nov 2024 02:00:31 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
2
Content-Type
text/html; charset=UTF-8
Date
Wed, 06 Nov 2024 02:00:31 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Location
https://de1543.gutschein-gewinner.de/campaign_1543.html?coyoteAffiliTokenId=88275939&
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
all.css
use.fontawesome.com/releases/v5.5.0/css/
50 KB
12 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: de1543.gutschein-gewinner.de
URL: https://de1543.gutschein-gewinner.de/campaign_1543.html?coyoteAffiliTokenId=88275939&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
age
659
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lRYYP8hx%2FXNBLk07FDyXVykYW%2FNdHaiSu5USzEtvOlBsys2WIarXYtA1HFIkyZImD0OxlV%2Fdl1C8F0%2BOx0soTuBBjHcj1AIFbRWU5Z0lm3RSDE9UfpP733V7yI8C%2BMvhoO2X5XrdBGL%2FXcwUwkZ7BYAQ"}],"group":"cf-nel","max_age":604800}
cf-ray
8de17d91bbb4373e-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=22069&sent=6&recv=10&lost=0&retrans=0&sent_bytes=4026&recv_bytes=2252&delivery_rate=201161&cwnd=252&unsent_bytes=0&cid=3c8103c1312ac3fb&ts=206&x=0"
date
Wed, 06 Nov 2024 02:00:32 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 01:45:37 GMT
vary
Accept-Encoding
server
cloudflare
css
fonts.googleapis.com/
6 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans&display=swap
Requested by
Host: de1543.gutschein-gewinner.de
URL: https://de1543.gutschein-gewinner.de/campaign_1543.html?coyoteAffiliTokenId=88275939&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
719d2fc548145fa8d8361205f6fcb49eefc54c71fbb18e6320a60a263f40637a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 06 Nov 2024 02:00:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 02:00:32 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 06 Nov 2024 01:33:06 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/
95 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: de1543.gutschein-gewinner.de
URL: https://de1543.gutschein-gewinner.de/campaign_1543.html?coyoteAffiliTokenId=88275939&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
36348
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Wed, 05 Nov 2025 15:54:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 15:54:44 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
33951
x-xss-protection
0
server
sffe
kaufland,ebikemv.jpg
de1543.gutschein-gewinner.de/media/adresseManager/microSiteImg/1543/
105 KB
105 KB
Image
General
Full URL
https://de1543.gutschein-gewinner.de/media/adresseManager/microSiteImg/1543/kaufland,ebikemv.jpg
Requested by
Host: de1543.gutschein-gewinner.de
URL: https://de1543.gutschein-gewinner.de/campaign_1543.html?coyoteAffiliTokenId=88275939&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c64982c0969a66a086539c6899a0c627f184907cacd5a9beba0a5654e83ac41f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

ETag
"1a48c-613106b4a2656"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
107660
Keep-Alive
timeout=5, max=99
Date
Wed, 06 Nov 2024 02:00:31 GMT
Last-Modified
Thu, 07 Mar 2024 11:31:40 GMT
Content-Type
image/jpeg
Server
Apache/2.4.41 (Ubuntu)
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: de1543.gutschein-gewinner.de
URL: https://de1543.gutschein-gewinner.de/campaign_1543.html?coyoteAffiliTokenId=88275939&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55270971fdc4172d5cbba95dadd779074eadb9c50bf16c2b3253ccc6bc8fc363
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-WJZ2JFRR' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 06 Nov 2024 02:00:32 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-WJZ2JFRR' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4462, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
3e8VhHsuxtgtxJa5j+Le3o8rh/KgQce1YMRl/YSsAVpQ6zKCtltF/msQfMsgiqdgdMMBwl46rLrzEu1X2EVtBw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62086
x-xss-protection
0
origin-agent-cluster
?1
kaufland,ebikebg.jpg
de1543.gutschein-gewinner.de/media/adresseManager/microSiteImg/1543/
509 KB
509 KB
Image
General
Full URL
https://de1543.gutschein-gewinner.de/media/adresseManager/microSiteImg/1543/kaufland,ebikebg.jpg
Requested by
Host: de1543.gutschein-gewinner.de
URL: https://de1543.gutschein-gewinner.de/campaign_1543.html?coyoteAffiliTokenId=88275939&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
efcdd968f8a0287c31336014a4b9337cbca8e7e24dafb5fa5e44e3d19a415013

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://de1543.gutschein-gewinner.de/campaign_1543.html?coyoteAffiliTokenId=88275939&

Response headers

ETag
"7f2cc-613108062598d"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
520908
Keep-Alive
timeout=5, max=98
Date
Wed, 06 Nov 2024 02:00:32 GMT
Last-Modified
Thu, 07 Mar 2024 11:37:34 GMT
Content-Type
image/jpeg
Server
Apache/2.4.41 (Ubuntu)
banner,offer.jpg
de1543.gutschein-gewinner.de/media/adresseManager/microSiteImg/1543/
8 KB
8 KB
Image
General
Full URL
https://de1543.gutschein-gewinner.de/media/adresseManager/microSiteImg/1543/banner,offer.jpg
Requested by
Host: de1543.gutschein-gewinner.de
URL: https://de1543.gutschein-gewinner.de/campaign_1543.html?coyoteAffiliTokenId=88275939&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
efce2f3b0d83b59cc5ba48aa01b87ffd72af8c18df0dac6d0abc018dc7904705

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://de1543.gutschein-gewinner.de/campaign_1543.html?coyoteAffiliTokenId=88275939&

Response headers

ETag
"209a-61310678b27d0"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
8346
Keep-Alive
timeout=5, max=100
Date
Wed, 06 Nov 2024 02:00:32 GMT
Last-Modified
Thu, 07 Mar 2024 11:30:37 GMT
Content-Type
image/jpeg
Server
Apache/2.4.41 (Ubuntu)
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b271f0f1080ed8ed4c8e884d846bf9d94a41d7c86f13145c66769f6b5a16adbb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B5OaVIGxA.woff2
fonts.gstatic.com/s/opensans/v40/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B5OaVIGxA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37c813e5c95a107d3992c300f1b03a488e70570166eb45687fedab8d1f3b6c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://de1543.gutschein-gewinner.de
Referer
https://fonts.googleapis.com/

Response headers

age
554655
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:56:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:56:17 GMT
last-modified
Thu, 14 Dec 2023 02:49:42 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
10180
x-xss-protection
0
server
sffe
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://de1543.gutschein-gewinner.de
Referer
https://fonts.googleapis.com/

Response headers

age
556157
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:31:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:31:15 GMT
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18668
x-xss-protection
0
server
sffe
m.png
de1543.gutschein-gewinner.de/media/adresseManager/microSiteImg/1543/
698 B
983 B
Image
General
Full URL
https://de1543.gutschein-gewinner.de/media/adresseManager/microSiteImg/1543/m.png
Requested by
Host: de1543.gutschein-gewinner.de
URL: https://de1543.gutschein-gewinner.de/campaign_1543.html?coyoteAffiliTokenId=88275939&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d0a889307baa6e03ada994a637cbe7a9c6bec66728867070c56d36edf9683040

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

ETag
"2ba-61310678b27d0"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
698
Keep-Alive
timeout=5, max=100
Date
Wed, 06 Nov 2024 02:00:32 GMT
Last-Modified
Thu, 07 Mar 2024 11:30:37 GMT
Content-Type
image/png
Server
Apache/2.4.41 (Ubuntu)
f.png
de1543.gutschein-gewinner.de/media/adresseManager/microSiteImg/1543/
625 B
910 B
Image
General
Full URL
https://de1543.gutschein-gewinner.de/media/adresseManager/microSiteImg/1543/f.png
Requested by
Host: de1543.gutschein-gewinner.de
URL: https://de1543.gutschein-gewinner.de/campaign_1543.html?coyoteAffiliTokenId=88275939&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e118fcf9e18fa7989806454c9b5292bc3430ebe9fdeeed1357a7b9983ce6175e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

ETag
"271-61310678b27d0"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
625
Keep-Alive
timeout=5, max=100
Date
Wed, 06 Nov 2024 02:00:32 GMT
Last-Modified
Thu, 07 Mar 2024 11:30:37 GMT
Content-Type
image/png
Server
Apache/2.4.41 (Ubuntu)
fa-regular-400.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/
14 KB
15 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92ba7bfaa43a35c94353e96860d99376313ee9b5fce6124d4e64067280f9a841

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://de1543.gutschein-gewinner.de
Referer
https://use.fontawesome.com/releases/v5.5.0/css/all.css

Response headers

cf-cache-status
HIT
etag
"bdadb6ce95c5a2e7b673940721450d3c"
age
1157122
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vpy9bA%2B6rEgfBKcvOsYZ1O2XKXCpyHHQt9EzuwirAA7bulUkb6AYloiOqpuZcmcQUjyb0bAj4InsLiD3MeY25czLE3C2oBFI1%2FAPnFxvsBCOP2w2exx3Ix%2FPSoaJ0Syrjnwb22rZkoDIq4gXs3p0Og4X"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=22041&sent=6&recv=10&lost=0&retrans=0&sent_bytes=4004&recv_bytes=2326&delivery_rate=177690&cwnd=252&unsent_bytes=0&cid=0d6047564e0ab242&ts=36&x=0"
date
Wed, 06 Nov 2024 02:00:32 GMT
content-type
font/woff2
last-modified
Fri, 22 Sep 2023 01:45:39 GMT
vary
Origin, Accept-Encoding
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8de17d9388a391ed-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
14844
server
cloudflare
happybox,beeld.png
de1543.gutschein-gewinner.de/media/adresseManager/microSiteImg/1543/
15 KB
15 KB
Other
General
Full URL
https://de1543.gutschein-gewinner.de/media/adresseManager/microSiteImg/1543/happybox,beeld.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2db3f32545e9678179e48db41b47903fdff3c35a32792eecc5e9735677326db3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

ETag
"3b85-61310678b1830"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
15237
Keep-Alive
timeout=5, max=99
Date
Wed, 06 Nov 2024 02:00:33 GMT
Last-Modified
Thu, 07 Mar 2024 11:30:37 GMT
Content-Type
image/png
Server
Apache/2.4.41 (Ubuntu)

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| optinBoxActive function| selectSalutation function| fbq function| _fbq

15 Cookies

Domain/Path Name / Value
.emlrckr.com/ Name: gdm_click_freq_v1_1_001
Value: ua0uRV0e2CTy0NNnK6pby88t9fbx0XpJg6J1Q7BmRSVjgIlBc5HY7FJKT7orI/54
.emlrckr.com/ Name: gdm_click_freq_v2_1_001
Value: ua0uRV0e2CTy0NNnK6pby88t9fbx0XpJg6J1Q7BmRSVjgIlBc5HY7FJKT7orI/54
.emlrckr.com/ Name: gdm_sid_v2_3_001
Value: vaaS3L+SVyi+8cg7cGfxx/onDRiP5wa5mWNHolCaJd6hYMFXUHNibVMJjN/uTpplgaq6o78B0fcAs9eZM7ARDcv1Ap/Mrou6g/kxdddM0WxdPM73oKyKSikY27zlQFJ2iPOZS2DR6YOt5DLXzr+0BhqQXkTVncTCMidWyJST3PumpZWWrH8AFkMgfu7FcOgzA8+cQwqmzfoTGLjtxJ46TXT7kg5HWvLdWIH5W8zK5v+nAlOxXloXE9hjSxdZScwt92eKhJ2ZP4q76P/RfZtcvAVxpxRlw90BinozV1vAMinpW8v9gxkuiJtA/phG69WWVG44VWfbOTkbOu5h1q6Z4B6y7vx0oOQgXzyosFMHTcuYW+4OdDH8P3jVaskkeHpaMLNbfhOVXtKiVgLimdDIqYtz55WYcfBGO7AM/3dy2epZhmghxtBOOGcspeNhi506y2uN6PFLmgE3iMS1BRLWVTrvrw+To5RHrcUd8V/ixPbSbZ0szMKzmhVKh1UENsTfm0kqO7JJssISP5JZLtuvCSZCjdwHCTGX3c2KOdJjbl8u1/F10cavJPGpUUEtJ8yOPb9AdpFFfBsC8MNYqw7+F29vA+J0mNjaP6t+m7pPpLeJwULg+wG4T9Pes5aSMBPqcLjYc8jGMcEONvqKcQffOT4hdqSxAwjPkNXnG/Z43CdC5n55XZHnncgsDCmcaND+IdDc1J1ukne8YPRs8A1OqusRMojzbbh5yFTB4si8az7rfvfr78Ll8MoYMjToTHYgxjYr/GsWmfKUGM45i/yMDtwWkoaLJtMDHhSzgdMHouG/xsYu0HcFIg5ISCY+P38BD07xDj8S2xrb/iBcAJPpCqz9H2qpoSGrgumLG0i4PijUhLa8Nm/mc8UCyWypZ/S8HecDdu5WvTTpxT3EX3Jofe16Rz535sgBODTF+imUu46sb8BG3pFkwaQhnGwLZl3Me1g6sd60S7tOoXlEv4ss4XEkv5Tbi2cUIBQ55sOUcWce2ekEX2cGYZW5eL5ZqaGyDFm4NFUsmq6RnUK5m6sAmMMyW72b4aHTDf0amGBmaL8=
.emlrckr.com/ Name: gdm_sid_v1_3_001
Value: vaaS3L+SVyi+8cg7cGfxx/onDRiP5wa5mWNHolCaJd6hYMFXUHNibVMJjN/uTpplgaq6o78B0fcAs9eZM7ARDcv1Ap/Mrou6g/kxdddM0WxdPM73oKyKSikY27zlQFJ2iPOZS2DR6YOt5DLXzr+0BhqQXkTVncTCMidWyJST3PumpZWWrH8AFkMgfu7FcOgzA8+cQwqmzfoTGLjtxJ46TXT7kg5HWvLdWIH5W8zK5v+nAlOxXloXE9hjSxdZScwt92eKhJ2ZP4q76P/RfZtcvAVxpxRlw90BinozV1vAMinpW8v9gxkuiJtA/phG69WWVG44VWfbOTkbOu5h1q6Z4B6y7vx0oOQgXzyosFMHTcuYW+4OdDH8P3jVaskkeHpaMLNbfhOVXtKiVgLimdDIqYtz55WYcfBGO7AM/3dy2epZhmghxtBOOGcspeNhi506y2uN6PFLmgE3iMS1BRLWVTrvrw+To5RHrcUd8V/ixPbSbZ0szMKzmhVKh1UENsTfm0kqO7JJssISP5JZLtuvCSZCjdwHCTGX3c2KOdJjbl8u1/F10cavJPGpUUEtJ8yOPb9AdpFFfBsC8MNYqw7+F29vA+J0mNjaP6t+m7pPpLeJwULg+wG4T9Pes5aSMBPqcLjYc8jGMcEONvqKcQffOT4hdqSxAwjPkNXnG/Z43CdC5n55XZHnncgsDCmcaND+IdDc1J1ukne8YPRs8A1OqusRMojzbbh5yFTB4si8az7rfvfr78Ll8MoYMjToTHYgxjYr/GsWmfKUGM45i/yMDtwWkoaLJtMDHhSzgdMHouG/xsYu0HcFIg5ISCY+P38BD07xDj8S2xrb/iBcAJPpCqz9H2qpoSGrgumLG0i4PijUhLa8Nm/mc8UCyWypZ/S8HecDdu5WvTTpxT3EX3Jofe16Rz535sgBODTF+imUu46sb8BG3pFkwaQhnGwLZl3Me1g6sd60S7tOoXlEv4ss4XEkv5Tbi2cUIBQ55sOUcWce2ekEX2cGYZW5eL5ZqaGyDFm4NFUsmq6RnUK5m6sAmMMyW72b4aHTDf0amGBmaL8=
.emlrckr.com/ Name: gdm_click_adv_freq_v2_1_001
Value: vGURX6J4+QHbmkWCFM4ZncLDFwa+1D/gW4TE/I+XHhRiha7YqlIq093qcKDJAgxV
.emlrckr.com/ Name: gdm_click_adv_freq_v1_1_001
Value: vGURX6J4+QHbmkWCFM4ZncLDFwa+1D/gW4TE/I+XHhRiha7YqlIq093qcKDJAgxV
.emlrckr.com/ Name: gdm_suid_v2_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.emlrckr.com/ Name: gdm_uid_v1_1_001
Value: 5ySd2msUuz+rZyLQ5NNwqXGwRNQrktQ2iw/ZDJ+UGWRAlK9V1LXf5erVLxtM+jax
.emlrckr.com/ Name: gdm_uid_v2_1_001
Value: 5ySd2msUuz+rZyLQ5NNwqXGwRNQrktQ2iw/ZDJ+UGWRAlK9V1LXf5erVLxtM+jax
.emlrckr.com/ Name: gdm_suid_v1_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
www.tgnk.de/ Name: uniqueClick_29H36MT
Value: 821e641f-ac40-4c06-a0b0-4290e29cc031:1730858430
www.tgnk.de/ Name: transaction_id
Value: dc1b03e7470c43bf835e7c8d33020958
cplmax.com/ Name: PHPSESSID
Value: irohk8fhjpo802i4kct9v7ogl4
de1543.gutschein-gewinner.de/ Name: PHPSESSID
Value: fil4v0ug80ebkh7uv6pa00oj8o
de1543.gutschein-gewinner.de/ Name: coyoteAffiliTokenId1543
Value: 88275939