www.cashper.de Open in urlscan Pro
2a02:e980:107::50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://superdry.com.in/
Effective URL:
https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affi...
Submission Tags: demotag1 demotag2 Search All
Submission: On August 14 via api (August 14th 2022, 12:23:33 pm UTC) from IN — Scanned from DE

Summary HTTP 85 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 19 domains to perform 85 HTTP transactions. The main IP is 2a02:e980:107::50, located in United States and belongs to INCAPSULA, US. The main domain is www.cashper.de.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q2 on July 4th 2022. Valid for: 6 months.

This is the only time www.cashper.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.224.182.210 103.224.182.210	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 5	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1	78.46.197.88 78.46.197.88	24940 (HETZNER-AS) (HETZNER-AS)
2	157.90.169.168 157.90.169.168	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2606:4700::68... 2606:4700::6813:a960	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.117.151.98 34.117.151.98	15169 (GOOGLE) (GOOGLE)
1 1	52.210.2.133 52.210.2.133	16509 (AMAZON-02) (AMAZON-02)
32	2a02:e980:107... 2a02:e980:107::50	19551 (INCAPSULA) (INCAPSULA)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:80c::200a	15169 (GOOGLE) (GOOGLE)
1	52.222.236.94 52.222.236.94	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
12	18.66.97.62 18.66.97.62	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	18.66.97.50 18.66.97.50	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	() ()
1	142.250.186.34 142.250.186.34	() ()
1	2a00:1450:400... 2a00:1450:4001:829::2002	() ()
1	2a00:1450:400... 2a00:1450:4001:813::2002	() ()
2	2a00:1450:400... 2a00:1450:400c:c08::9c	() ()
1	2a00:1450:400... 2a00:1450:4001:810::2004	() ()
1	2a00:1450:400... 2a00:1450:4001:803::2003	() ()
85	22

1 103.224.182.210 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-210.above.com

superdry.com.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.224.182.206 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

1redirc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.197.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de

clever-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.169.168 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de

lookandfind.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:a960 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.srvtrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.151.98 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 98.151.117.34.bc.googleusercontent.com

online.adservicemedia.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.2.133 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-2-133.eu-west-1.compute.amazonaws.com

cashper.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a02:e980:107::50 (United States)

ASN19551 (INCAPSULA, US)

www.cashper.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-94.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.66.97.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-62.fra56.r.cloudfront.net

sw-assets.ekomiapps.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
smart-widget-assets.ekomiapps.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.97.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-50.fra56.r.cloudfront.net

smart-widget-assets.ekomiapps.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (None, )

ASN- ()

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (None, )

ASN- ()

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (None, )

ASN- ()

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (None, )

ASN- ()

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9c (None, )

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (None, )

ASN- ()

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	cashper.de www.cashper.de	816 KB
16	ekomiapps.de sw-assets.ekomiapps.de — Cisco Umbrella Rank: 108197 smart-widget-assets.ekomiapps.de — Cisco Umbrella Rank: 114960	55 KB
5	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 tpc.googlesyndication.com Failed	187 KB
5	1redirc.com 1 redirects 1redirc.com — Cisco Umbrella Rank: 158453	8 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net	5 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com	20 KB
4	gstatic.com fonts.gstatic.com	63 KB
2	google.com adservice.google.com www.google.com	1 KB
2	google.de adservice.google.de www.google.de	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	150 KB
2	srvtrck.com 1 redirects r.srvtrck.com — Cisco Umbrella Rank: 58911	1 KB
2	lookandfind.me lookandfind.me — Cisco Umbrella Rank: 850745	1 KB
1	googleadservices.com partner.googleadservices.com	644 B
1	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5349	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
1	go2cloud.org 1 redirects cashper.go2cloud.org	2 KB
1	adservicemedia.dk 1 redirects online.adservicemedia.dk — Cisco Umbrella Rank: 595071	919 B
1	clever-redirect.com clever-redirect.com — Cisco Umbrella Rank: 955687	670 B
1	superdry.com.in 1 redirects superdry.com.in	1 KB
85	19

	Domain	Requested by
32	www.cashper.de	r.srvtrck.com www.cashper.de
10	sw-assets.ekomiapps.de	www.cashper.de
6	smart-widget-assets.ekomiapps.de	sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de client
5	pagead2.googlesyndication.com	www.cashper.de pagead2.googlesyndication.com
5	1redirc.com	1 redirects 1redirc.com
4	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.googletagmanager.com	www.cashper.de www.googletagmanager.com
2	r.srvtrck.com	1 redirects lookandfind.me
2	lookandfind.me	clever-redirect.com
1	www.google.de	www.cashper.de
1	www.google.com	www.cashper.de
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	widget.trustpilot.com	www.cashper.de
1	fonts.googleapis.com	www.cashper.de
1	cashper.go2cloud.org	1 redirects
1	online.adservicemedia.dk	1 redirects
1	clever-redirect.com	1redirc.com
1	superdry.com.in	1 redirects
0	tpc.googlesyndication.com Failed	pagead2.googlesyndication.com
85	25

This site contains links to these domains. Also see Links.

Domain
www.ekomi.de

Subject Issuer	Validity	Valid
tracker.clever-redirect.com R3	`2022-08-05` - `2022-11-03`	3 months	crt.sh
lookandfind.me R3	`2022-07-02` - `2022-09-30`	3 months	crt.sh
*.srvtrck.com Go Daddy Secure Certificate Authority - G2	`2021-12-23` - `2023-01-24`	a year	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-04` - `2022-12-31`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.trustpilot.com Amazon	`2022-03-04` - `2023-04-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
ekomiapps.de Amazon	`2021-12-15` - `2023-01-12`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
Frame ID: 2EF93B5635D7C2FBC827DCAA3CA3914D
Requests: 83 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/zrt_lookup.html
Frame ID: 6B742511ABD8EDEF16CCE2AB5B25B2B3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270039995008809&output=html&adk=522671305&adf=1178619241&lmt=1660479812&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.cashper.de%2F%3Fcid%3D212%26utm_source%3DAdservice_AS%26utm_content%3Dmail2%26utm_medium%3Dreferral%26utm_campaign%3D122016M%26affiliate_id%3D860%26offer_id%3D95%26trans_id%3D102576ac9364cfb15468f9182c1225%26aff_sub2%3D%26aff_sub4%3D&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660479812244&bpp=3&bdt=406&idt=253&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7977986705952&frm=20&pv=2&ga_vid=1788595021.1660479812&ga_sid=1660479813&ga_hid=1038109282&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=3183054076087966&tmod=791588711&uas=0&nvt=1&ref=https%3A%2F%2Fr.srvtrck.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=268
Frame ID: B9A021FA04E31113A1C2D641884572B9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cashper.de - Minikredit mit 0% Zinsen bis 1500€

Page URL History Show full URLs

http://superdry.com.in/ HTTP 302
http://1redirc.com/r2.php?e=5Q2rAGWQfp0QtDLQs0vnAH49fitGQiszdjNpMGRNdTRQNHFZZUpENGN2dFQrekRWVSs... Page URL
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D65224... HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=652247263&sid=2022081422232757b8b3bdb5c2ad70a4 Page URL
https://lookandfind.me/s/a?t=14&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=cashper.de&s1=721614&s2=&s... Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Fr.srvtrck.com%2Fv1%2Fredirect%3Ftype%3DlinkId%26id%3D887... Page URL
https://r.srvtrck.com/v1/redirect?type=linkId&id=8876e5892d58483d82e7acff8c0b1663&api_key=d35c1f42... HTTP 302
https://r.srvtrck.com/v2/go?t=et.pn%3Af%2Fnnkioe%3Dabssr2i7e5e9i5.4k0c0i5b1necfifk4pe%3Ffi0%3D5412... Page URL
https://online.adservicemedia.dk/cgi-bin/click.pl?bid=1422168&sub=v030400013510ef2e548f1f0e413580a0344519e537... HTTP 302
https://cashper.go2cloud.org/aff_c?offer_id=95&aff_id=860&aff_sub=mail2&source=122016M&subid=10478&coid=1... HTTP 302
https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_c... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Page Statistics

85
Requests

92 %
HTTPS

58 %
IPv6

19
Domains

25
Subdomains

22
IPs

4
Countries

1317 kB
Transfer

2897 kB
Size

23
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.ekomi.de/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://superdry.com.in/ HTTP 302
http://1redirc.com/r2.php?e=5Q2rAGWQfp0QtDLQs0vnAH49fitGQiszdjNpMGRNdTRQNHFZZUpENGN2dFQrekRWVSs2OXlnQnZIRkRQRDFtSDBCN1VjNVNUcTI5VVBWL3IrZEtOMit4WERSUFBwVjJleGt4bTZpNTVHeUl0ejZGUWtBbzhDWHVWcUFReEczdnJ4UnVMNVpFWFZXTThNWW02NmVLVGRxZE1ya0ZXSW5IZ0o3L2dUcW4wMlp4MkRkaUI3RHcrRG1aZ1A1WU1aWWFOS1Jqb1NtY0t1ZUwzNHlmYmwzZ3IrUm1PTmFHdHlINVN5b1NJYUhRRTlQeGtvaDRIdC9WdE1UQmRoTk1md3VVMkRJQXBsUlFiT0ppVkpIdTJ5ZHBOQmFwMmhRNVFRNkVPZm9obmFKUHZ6ME13YVVDUDlXdGZHK2xYTktFUUhrN250eGhuM2dacXJTNUtVblczdXhtVzRzcnNrQzRQSW0zSHBtMGk2cmVXeDBTeFNINEx1LzNodnd4SWNJSWhZaGRWaU5WeHU3NWpXYWVsdkgyQW1wSXNXeTNRK0RFTSs5TU1zNEZza3BKMDlyTmw0dXBDczdRTlEyVGM0WU5sOWhOclEwYUNNTzRDNVBmSzlKT3dvU29xbFRoNXNRek80UVNCMFhycW5vNjdjK1pDaEtxcVlZdE9ZQWd0VkdIRTFwaUl5MDNhMy8rclM3dmRmaG5DeTBHeW9tRUpGUW5GdHNBZGN4cWcyM3dlUkMwZU9vRmRnRlJnWjA4TjMwb2crL0V3YWtyM0FOWUkxa0o2N0w1YXdheEJrTjdYZ0ErNTBzNDd1V0NGMjl6V1ZvZFRyeEhRREdCZERHNFkrTmJtckNBUVdSRTVYRWpkUkhldis2RXZOMXJwR29QZXJyRy9YTUNFYTZxK1dld1NrZm5jRVpFb2Y0SG0xVktLck1YbjVVWjVKR0ZnQXpWQW9TeTVudXlZVXN5YWsvRFlBYUJ1SjZWNFpuOGlsRHlXK0kxK3NTN2FKMjk0QW5vMnVSb1RKWlVza21CNEFVZENxaEdwb2o1RjNHb2tudEdiazl2cnk4eU9UNGlTWFkvNkE9PQ%3D%3D Page URL
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D652247263%26sid%3D2022081422232757b8b3bdb5c2ad70a4&s=j&enc=hyquvUs972nMeppxjzOBeH49fjAyUWhXSGwwdTVTQWtsT1NJSGlJcjA3OXllNXl3RXR3b2c4S1RYTG9vYUNvbmYyS2RWbGdqZGdBTnFVbmdkZkQvVDFZcGtXcXdJd05oeXRvS0krd0o4MkhaUGFUVTFMbEJ5QmJBaGU1Y1pqS2ZPQUtVMUF2d2JhTlhKTEVzRkxneGcyNFhvNlg1a2JzLzZmTkI2NERrZG1MUS9hQVFIcDdEWVdxSEcySjM2VmRoREpxWUZ4UjgxY016amU2QTEySUM1eERmUVdUTDM4ZE5mOTFUWEFaQVIxRTBDbXp1cXlzL3NDeUhtODkxaXVjc29ObkMzVklVbEhPU1grVjFSZEZXeXF3cm1oWk1ndUo1enF6ZWt6dEF6Y3hvdk1uMGVYQmdxV2o3VHhZUTRVNmhRYWJBQVpDbG96VGVsRWxWL2xUa0l2SytqcHc2NlNQcTZMcTZSZmVQMkRqQzlKajdhaGpuNE0yT2o3MzAzd01mOTJoMFhEVjZVNW9sbXpBL0NOdUJBYUlFU1k3L2pYSHlmd0o3dDZqUDQ2L3FEbko3bFN2TkZGbGl0d2ppS1puMVMvQjNpeHhSVzB4QXh5WHdXSVJZNlNqSkpld251bmlkakNCY3lKR3VEVXZ5ZkhEU29VQlZVTTltWTRKcWtlYnVreHpkVU0yTk53ek43YlA5b005dkRmQk9YU0pxczBtWHd0TWxzSW5sQ0RvYk5tY0VBMERUa2lnSkxFNG5Rc1ljMXN0OWdRK3Vob2gxRUZQTjRrT2xUTDlKR0JiaFJsd3JrYVRzR0NVV2FObkNDRGNFeDZodG5PTnNmUFpNL1BiU2d0QWlESWZaQzBmVVhpbkJMMkt2YytZTUQxZW1iWWxvSEROeHV1ZmZLRGtHUTlkUWVZSzZVczZjTXlrT0pDbGlCc0doV2pMaDM5MzAxZWhSUVFtVkk4ZUY5U28xc1Rad3JQTTBITVdSU2NhRThCMkdpaVNibnFac0lwRUwrQWhqaEd6QlIwdjMwVHB0NFBnUkJFRFpkUU12WVBnbjZ6RjMwR29YNHgvZ0RJcHdwZlZGbFIrT2NuN21sOXVCTDRhWjgveGdSTmRaRjZRL2IySzZDajluTldkODF5OWFRT0FlRkVzRFkvSmdnPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=652247263&sid=2022081422232757b8b3bdb5c2ad70a4 Page URL
https://lookandfind.me/s/a?t=14&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=cashper.de&s1=721614&s2=&s3=652247263&s5=cf Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Fr.srvtrck.com%2Fv1%2Fredirect%3Ftype%3DlinkId%26id%3D8876e5892d58483d82e7acff8c0b1663%26api_key%3Dd35c1f4292afde1e9fb345dc83743d87%26site_id%3Dd39d1304c4dc46fd8b97e5fd5300bb65%26dch%3Dfeed%26ad_t%3Dadvertiser%26yk_tag%3D4f3c674252059001d797370e50e1d998&h=73e8ce280fc0e5fa706d11390f77ff62 Page URL
https://r.srvtrck.com/v1/redirect?type=linkId&id=8876e5892d58483d82e7acff8c0b1663&api_key=d35c1f4292afde1e9fb345dc83743d87&site_id=d39d1304c4dc46fd8b97e5fd5300bb65&dch=feed&ad_t=advertiser&yk_tag=4f3c674252059001d797370e50e1d998 HTTP 302
https://r.srvtrck.com/v2/go?t=et.pn%3Af%2Fnnkioe%3Dabssr2i7e5e9i5.4k0c0i5b1necfifk4pe%3Ffi0%3D5412064%263uv%3Db0s080102311deb2l5.8c1l0%2F4i3-8ga%2F3d4a1dem3c4v%26eud2.lnolaod%2Fisdtmh&s=https%3A%2F%2Flookandfind.me%2F&e=1&ai=043b3b733059418b97611ba1a8374bac&sct=0&ct=1660479810935&cu=ef2e548f1f0e413580a0344519e53742&ykuid=c66b425757de46e6a1f050e37b7d466c&sc=1&cs=fe381d690c1098381f4b5f8cb50f40cc Page URL
https://online.adservicemedia.dk/cgi-bin/click.pl?bid=1422168&sub=v030400013510ef2e548f1f0e413580a0344519e53742&sub2=lookandfind.me HTTP 302
https://cashper.go2cloud.org/aff_c?offer_id=95&aff_id=860&aff_sub=mail2&source=122016M&subid=10478&coid=1962281004&utm_source=adservice&utm_medium=affiliate&utm_content=adservice-10478&utm_campaign=adservice HTTP 302
https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://superdry.com.in/ HTTP 302
http://1redirc.com/r2.php?e=5Q2rAGWQfp0QtDLQs0vnAH49fitGQiszdjNpMGRNdTRQNHFZZUpENGN2dFQrekRWVSs2OXlnQnZIRkRQRDFtSDBCN1VjNVNUcTI5VVBWL3IrZEtOMit4WERSUFBwVjJleGt4bTZpNTVHeUl0ejZGUWtBbzhDWHVWcUFReEczdnJ4UnVMNVpFWFZXTThNWW02NmVLVGRxZE1ya0ZXSW5IZ0o3L2dUcW4wMlp4MkRkaUI3RHcrRG1aZ1A1WU1aWWFOS1Jqb1NtY0t1ZUwzNHlmYmwzZ3IrUm1PTmFHdHlINVN5b1NJYUhRRTlQeGtvaDRIdC9WdE1UQmRoTk1md3VVMkRJQXBsUlFiT0ppVkpIdTJ5ZHBOQmFwMmhRNVFRNkVPZm9obmFKUHZ6ME13YVVDUDlXdGZHK2xYTktFUUhrN250eGhuM2dacXJTNUtVblczdXhtVzRzcnNrQzRQSW0zSHBtMGk2cmVXeDBTeFNINEx1LzNodnd4SWNJSWhZaGRWaU5WeHU3NWpXYWVsdkgyQW1wSXNXeTNRK0RFTSs5TU1zNEZza3BKMDlyTmw0dXBDczdRTlEyVGM0WU5sOWhOclEwYUNNTzRDNVBmSzlKT3dvU29xbFRoNXNRek80UVNCMFhycW5vNjdjK1pDaEtxcVlZdE9ZQWd0VkdIRTFwaUl5MDNhMy8rclM3dmRmaG5DeTBHeW9tRUpGUW5GdHNBZGN4cWcyM3dlUkMwZU9vRmRnRlJnWjA4TjMwb2crL0V3YWtyM0FOWUkxa0o2N0w1YXdheEJrTjdYZ0ErNTBzNDd1V0NGMjl6V1ZvZFRyeEhRREdCZERHNFkrTmJtckNBUVdSRTVYRWpkUkhldis2RXZOMXJwR29QZXJyRy9YTUNFYTZxK1dld1NrZm5jRVpFb2Y0SG0xVktLck1YbjVVWjVKR0ZnQXpWQW9TeTVudXlZVXN5YWsvRFlBYUJ1SjZWNFpuOGlsRHlXK0kxK3NTN2FKMjk0QW5vMnVSb1RKWlVza21CNEFVZENxaEdwb2o1RjNHb2tudEdiazl2cnk4eU9UNGlTWFkvNkE9PQ%3D%3D

Request Chain 4

http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D652247263%26sid%3D2022081422232757b8b3bdb5c2ad70a4&s=j&enc=hyquvUs972nMeppxjzOBeH49fjAyUWhXSGwwdTVTQWtsT1NJSGlJcjA3OXllNXl3RXR3b2c4S1RYTG9vYUNvbmYyS2RWbGdqZGdBTnFVbmdkZkQvVDFZcGtXcXdJd05oeXRvS0krd0o4MkhaUGFUVTFMbEJ5QmJBaGU1Y1pqS2ZPQUtVMUF2d2JhTlhKTEVzRkxneGcyNFhvNlg1a2JzLzZmTkI2NERrZG1MUS9hQVFIcDdEWVdxSEcySjM2VmRoREpxWUZ4UjgxY016amU2QTEySUM1eERmUVdUTDM4ZE5mOTFUWEFaQVIxRTBDbXp1cXlzL3NDeUhtODkxaXVjc29ObkMzVklVbEhPU1grVjFSZEZXeXF3cm1oWk1ndUo1enF6ZWt6dEF6Y3hvdk1uMGVYQmdxV2o3VHhZUTRVNmhRYWJBQVpDbG96VGVsRWxWL2xUa0l2SytqcHc2NlNQcTZMcTZSZmVQMkRqQzlKajdhaGpuNE0yT2o3MzAzd01mOTJoMFhEVjZVNW9sbXpBL0NOdUJBYUlFU1k3L2pYSHlmd0o3dDZqUDQ2L3FEbko3bFN2TkZGbGl0d2ppS1puMVMvQjNpeHhSVzB4QXh5WHdXSVJZNlNqSkpld251bmlkakNCY3lKR3VEVXZ5ZkhEU29VQlZVTTltWTRKcWtlYnVreHpkVU0yTk53ek43YlA5b005dkRmQk9YU0pxczBtWHd0TWxzSW5sQ0RvYk5tY0VBMERUa2lnSkxFNG5Rc1ljMXN0OWdRK3Vob2gxRUZQTjRrT2xUTDlKR0JiaFJsd3JrYVRzR0NVV2FObkNDRGNFeDZodG5PTnNmUFpNL1BiU2d0QWlESWZaQzBmVVhpbkJMMkt2YytZTUQxZW1iWWxvSEROeHV1ZmZLRGtHUTlkUWVZSzZVczZjTXlrT0pDbGlCc0doV2pMaDM5MzAxZWhSUVFtVkk4ZUY5U28xc1Rad3JQTTBITVdSU2NhRThCMkdpaVNibnFac0lwRUwrQWhqaEd6QlIwdjMwVHB0NFBnUkJFRFpkUU12WVBnbjZ6RjMwR29YNHgvZ0RJcHdwZlZGbFIrT2NuN21sOXVCTDRhWjgveGdSTmRaRjZRL2IySzZDajluTldkODF5OWFRT0FlRkVzRFkvSmdnPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=652247263&sid=2022081422232757b8b3bdb5c2ad70a4

Request Chain 7

https://r.srvtrck.com/v1/redirect?type=linkId&id=8876e5892d58483d82e7acff8c0b1663&api_key=d35c1f4292afde1e9fb345dc83743d87&site_id=d39d1304c4dc46fd8b97e5fd5300bb65&dch=feed&ad_t=advertiser&yk_tag=4f3c674252059001d797370e50e1d998 HTTP 302
https://r.srvtrck.com/v2/go?t=et.pn%3Af%2Fnnkioe%3Dabssr2i7e5e9i5.4k0c0i5b1necfifk4pe%3Ffi0%3D5412064%263uv%3Db0s080102311deb2l5.8c1l0%2F4i3-8ga%2F3d4a1dem3c4v%26eud2.lnolaod%2Fisdtmh&s=https%3A%2F%2Flookandfind.me%2F&e=1&ai=043b3b733059418b97611ba1a8374bac&sct=0&ct=1660479810935&cu=ef2e548f1f0e413580a0344519e53742&ykuid=c66b425757de46e6a1f050e37b7d466c&sc=1&cs=fe381d690c1098381f4b5f8cb50f40cc

85 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

r2.php Show response
1redirc.com/
Redirect Chain

http://superdry.com.in/
http://1redirc.com/r2.php?e=5Q2rAGWQfp0QtDLQs0vnAH49fitGQiszdjNpMGRNdTRQNHFZZUpENGN2dFQrekRWVSs2OXlnQnZIRkRQRDFtSDBCN1VjNVNUcTI5VVBWL3IrZEtOMit4WERSUFBwVjJleGt4bTZpNTVHeUl0ejZGUWtBbzhDWHVWcUFReEczd...

4 KB
2 KB

379ms
188ms

Document
text/html

103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/r2.php?e=5Q2rAGWQfp0QtDLQs0vnAH49fitGQiszdjNpMGRNdTRQNHFZZUpENGN2dFQrekRWVSs2OXlnQnZIRkRQRDFtSDBCN1VjNVNUcTI5VVBWL3IrZEtOMit4WERSUFBwVjJleGt4bTZpNTVHeUl0ejZGUWtBbzhDWHVWcUFReEczdnJ4UnVMNVpFWFZXTThNWW02NmVLVGRxZE1ya0ZXSW5IZ0o3L2dUcW4wMlp4MkRkaUI3RHcrRG1aZ1A1WU1aWWFOS1Jqb1NtY0t1ZUwzNHlmYmwzZ3IrUm1PTmFHdHlINVN5b1NJYUhRRTlQeGtvaDRIdC9WdE1UQmRoTk1md3VVMkRJQXBsUlFiT0ppVkpIdTJ5ZHBOQmFwMmhRNVFRNkVPZm9obmFKUHZ6ME13YVVDUDlXdGZHK2xYTktFUUhrN250eGhuM2dacXJTNUtVblczdXhtVzRzcnNrQzRQSW0zSHBtMGk2cmVXeDBTeFNINEx1LzNodnd4SWNJSWhZaGRWaU5WeHU3NWpXYWVsdkgyQW1wSXNXeTNRK0RFTSs5TU1zNEZza3BKMDlyTmw0dXBDczdRTlEyVGM0WU5sOWhOclEwYUNNTzRDNVBmSzlKT3dvU29xbFRoNXNRek80UVNCMFhycW5vNjdjK1pDaEtxcVlZdE9ZQWd0VkdIRTFwaUl5MDNhMy8rclM3dmRmaG5DeTBHeW9tRUpGUW5GdHNBZGN4cWcyM3dlUkMwZU9vRmRnRlJnWjA4TjMwb2crL0V3YWtyM0FOWUkxa0o2N0w1YXdheEJrTjdYZ0ErNTBzNDd1V0NGMjl6V1ZvZFRyeEhRREdCZERHNFkrTmJtckNBUVdSRTVYRWpkUkhldis2RXZOMXJwR29QZXJyRy9YTUNFYTZxK1dld1NrZm5jRVpFb2Y0SG0xVktLck1YbjVVWjVKR0ZnQXpWQW9TeTVudXlZVXN5YWsvRFlBYUJ1SjZWNFpuOGlsRHlXK0kxK3NTN2FKMjk0QW5vMnVSb1RKWlVza21CNEFVZENxaEdwb2o1RjNHb2tudEdiazl2cnk4eU9UNGlTWFkvNkE9PQ%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 0335edef37820a2a21005b785fb1c17d9ab3774abd7adc8fa54a5f6ad22d9459

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Length: 2031
Content-Type: text/html; charset=UTF-8
Date: Sun, 14 Aug 2022 12:23:28 GMT
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sun, 14 Aug 2022 12:23:27 GMT
Location: http://1redirc.com/r2.php?e=5Q2rAGWQfp0QtDLQs0vnAH49fitGQiszdjNpMGRNdTRQNHFZZUpENGN2dFQrekRWVSs2OXlnQnZIRkRQRDFtSDBCN1VjNVNUcTI5VVBWL3IrZEtOMit4WERSUFBwVjJleGt4bTZpNTVHeUl0ejZGUWtBbzhDWHVWcUFReEczdnJ4UnVMNVpFWFZXTThNWW02NmVLVGRxZE1ya0ZXSW5IZ0o3L2dUcW4wMlp4MkRkaUI3RHcrRG1aZ1A1WU1aWWFOS1Jqb1NtY0t1ZUwzNHlmYmwzZ3IrUm1PTmFHdHlINVN5b1NJYUhRRTlQeGtvaDRIdC9WdE1UQmRoTk1md3VVMkRJQXBsUlFiT0ppVkpIdTJ5ZHBOQmFwMmhRNVFRNkVPZm9obmFKUHZ6ME13YVVDUDlXdGZHK2xYTktFUUhrN250eGhuM2dacXJTNUtVblczdXhtVzRzcnNrQzRQSW0zSHBtMGk2cmVXeDBTeFNINEx1LzNodnd4SWNJSWhZaGRWaU5WeHU3NWpXYWVsdkgyQW1wSXNXeTNRK0RFTSs5TU1zNEZza3BKMDlyTmw0dXBDczdRTlEyVGM0WU5sOWhOclEwYUNNTzRDNVBmSzlKT3dvU29xbFRoNXNRek80UVNCMFhycW5vNjdjK1pDaEtxcVlZdE9ZQWd0VkdIRTFwaUl5MDNhMy8rclM3dmRmaG5DeTBHeW9tRUpGUW5GdHNBZGN4cWcyM3dlUkMwZU9vRmRnRlJnWjA4TjMwb2crL0V3YWtyM0FOWUkxa0o2N0w1YXdheEJrTjdYZ0ErNTBzNDd1V0NGMjl6V1ZvZFRyeEhRREdCZERHNFkrTmJtckNBUVdSRTVYRWpkUkhldis2RXZOMXJwR29QZXJyRy9YTUNFYTZxK1dld1NrZm5jRVpFb2Y0SG0xVktLck1YbjVVWjVKR0ZnQXpWQW9TeTVudXlZVXN5YWsvRFlBYUJ1SjZWNFpuOGlsRHlXK0kxK3NTN2FKMjk0QW5vMnVSb1RKWlVza21CNEFVZENxaEdwb2o1RjNHb2tudEdiazl2cnk4eU9UNGlTWFkvNkE9PQ%3D%3D
Server: Apache/2.4.38 (Debian)

GET
H/1.1 200
OK jscheck.js Show response
1redirc.com/javascript/ 899 B
718 B 364ms
182ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/javascript/jscheck.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=5Q2rAGWQfp0QtDLQs0vnAH49fitGQiszdjNpMGRNdTRQNHFZZUpENGN2dFQrekRWVSs2OXlnQnZIRkRQRDFtSDBCN1VjNVNUcTI5VVBWL3IrZEtOMit4WERSUFBwVjJleGt4bTZpNTVHeUl0ejZGUWtBbzhDWHVWcUFReEczdnJ4UnVMNVpFWFZXTThNWW02NmVLVGRxZE1ya0ZXSW5IZ0o3L2dUcW4wMlp4MkRkaUI3RHcrRG1aZ1A1WU1aWWFOS1Jqb1NtY0t1ZUwzNHlmYmwzZ3IrUm1PTmFHdHlINVN5b1NJYUhRRTlQeGtvaDRIdC9WdE1UQmRoTk1md3VVMkRJQXBsUlFiT0ppVkpIdTJ5ZHBOQmFwMmhRNVFRNkVPZm9obmFKUHZ6ME13YVVDUDlXdGZHK2xYTktFUUhrN250eGhuM2dacXJTNUtVblczdXhtVzRzcnNrQzRQSW0zSHBtMGk2cmVXeDBTeFNINEx1LzNodnd4SWNJSWhZaGRWaU5WeHU3NWpXYWVsdkgyQW1wSXNXeTNRK0RFTSs5TU1zNEZza3BKMDlyTmw0dXBDczdRTlEyVGM0WU5sOWhOclEwYUNNTzRDNVBmSzlKT3dvU29xbFRoNXNRek80UVNCMFhycW5vNjdjK1pDaEtxcVlZdE9ZQWd0VkdIRTFwaUl5MDNhMy8rclM3dmRmaG5DeTBHeW9tRUpGUW5GdHNBZGN4cWcyM3dlUkMwZU9vRmRnRlJnWjA4TjMwb2crL0V3YWtyM0FOWUkxa0o2N0w1YXdheEJrTjdYZ0ErNTBzNDd1V0NGMjl6V1ZvZFRyeEhRREdCZERHNFkrTmJtckNBUVdSRTVYRWpkUkhldis2RXZOMXJwR29QZXJyRy9YTUNFYTZxK1dld1NrZm5jRVpFb2Y0SG0xVktLck1YbjVVWjVKR0ZnQXpWQW9TeTVudXlZVXN5YWsvRFlBYUJ1SjZWNFpuOGlsRHlXK0kxK3NTN2FKMjk0QW5vMnVSb1RKWlVza21CNEFVZENxaEdwb2o1RjNHb2tudEdiazl2cnk4eU9UNGlTWFkvNkE9PQ%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=5Q2rAGWQfp0QtDLQs0vnAH49fitGQiszdjNpMGRNdTRQNHFZZUpENGN2dFQrekRWVSs2OXlnQnZIRkRQRDFtSDBCN1VjNVNUcTI5VVBWL3IrZEtOMit4WERSUFBwVjJleGt4bTZpNTVHeUl0ejZGUWtBbzhDWHVWcUFReEczdnJ4UnVMNVpFWFZXTThNWW02NmVLVGRxZE1ya0ZXSW5IZ0o3L2dUcW4wMlp4MkRkaUI3RHcrRG1aZ1A1WU1aWWFOS1Jqb1NtY0t1ZUwzNHlmYmwzZ3IrUm1PTmFHdHlINVN5b1NJYUhRRTlQeGtvaDRIdC9WdE1UQmRoTk1md3VVMkRJQXBsUlFiT0ppVkpIdTJ5ZHBOQmFwMmhRNVFRNkVPZm9obmFKUHZ6ME13YVVDUDlXdGZHK2xYTktFUUhrN250eGhuM2dacXJTNUtVblczdXhtVzRzcnNrQzRQSW0zSHBtMGk2cmVXeDBTeFNINEx1LzNodnd4SWNJSWhZaGRWaU5WeHU3NWpXYWVsdkgyQW1wSXNXeTNRK0RFTSs5TU1zNEZza3BKMDlyTmw0dXBDczdRTlEyVGM0WU5sOWhOclEwYUNNTzRDNVBmSzlKT3dvU29xbFRoNXNRek80UVNCMFhycW5vNjdjK1pDaEtxcVlZdE9ZQWd0VkdIRTFwaUl5MDNhMy8rclM3dmRmaG5DeTBHeW9tRUpGUW5GdHNBZGN4cWcyM3dlUkMwZU9vRmRnRlJnWjA4TjMwb2crL0V3YWtyM0FOWUkxa0o2N0w1YXdheEJrTjdYZ0ErNTBzNDd1V0NGMjl6V1ZvZFRyeEhRREdCZERHNFkrTmJtckNBUVdSRTVYRWpkUkhldis2RXZOMXJwR29QZXJyRy9YTUNFYTZxK1dld1NrZm5jRVpFb2Y0SG0xVktLck1YbjVVWjVKR0ZnQXpWQW9TeTVudXlZVXN5YWsvRFlBYUJ1SjZWNFpuOGlsRHlXK0kxK3NTN2FKMjk0QW5vMnVSb1RKWlVza21CNEFVZENxaEdwb2o1RjNHb2tudEdiazl2cnk4eU9UNGlTWFkvNkE9PQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 12:23:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jul 2022 02:14:38 GMT
Server: Apache/2.4.38 (Debian)
ETag: "383-5e43329b8df80-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 405

GET
H/1.1 200
OK swfobject.js Show response
1redirc.com/javascript/ 10 KB
4 KB 368ms
185ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/javascript/swfobject.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=5Q2rAGWQfp0QtDLQs0vnAH49fitGQiszdjNpMGRNdTRQNHFZZUpENGN2dFQrekRWVSs2OXlnQnZIRkRQRDFtSDBCN1VjNVNUcTI5VVBWL3IrZEtOMit4WERSUFBwVjJleGt4bTZpNTVHeUl0ejZGUWtBbzhDWHVWcUFReEczdnJ4UnVMNVpFWFZXTThNWW02NmVLVGRxZE1ya0ZXSW5IZ0o3L2dUcW4wMlp4MkRkaUI3RHcrRG1aZ1A1WU1aWWFOS1Jqb1NtY0t1ZUwzNHlmYmwzZ3IrUm1PTmFHdHlINVN5b1NJYUhRRTlQeGtvaDRIdC9WdE1UQmRoTk1md3VVMkRJQXBsUlFiT0ppVkpIdTJ5ZHBOQmFwMmhRNVFRNkVPZm9obmFKUHZ6ME13YVVDUDlXdGZHK2xYTktFUUhrN250eGhuM2dacXJTNUtVblczdXhtVzRzcnNrQzRQSW0zSHBtMGk2cmVXeDBTeFNINEx1LzNodnd4SWNJSWhZaGRWaU5WeHU3NWpXYWVsdkgyQW1wSXNXeTNRK0RFTSs5TU1zNEZza3BKMDlyTmw0dXBDczdRTlEyVGM0WU5sOWhOclEwYUNNTzRDNVBmSzlKT3dvU29xbFRoNXNRek80UVNCMFhycW5vNjdjK1pDaEtxcVlZdE9ZQWd0VkdIRTFwaUl5MDNhMy8rclM3dmRmaG5DeTBHeW9tRUpGUW5GdHNBZGN4cWcyM3dlUkMwZU9vRmRnRlJnWjA4TjMwb2crL0V3YWtyM0FOWUkxa0o2N0w1YXdheEJrTjdYZ0ErNTBzNDd1V0NGMjl6V1ZvZFRyeEhRREdCZERHNFkrTmJtckNBUVdSRTVYRWpkUkhldis2RXZOMXJwR29QZXJyRy9YTUNFYTZxK1dld1NrZm5jRVpFb2Y0SG0xVktLck1YbjVVWjVKR0ZnQXpWQW9TeTVudXlZVXN5YWsvRFlBYUJ1SjZWNFpuOGlsRHlXK0kxK3NTN2FKMjk0QW5vMnVSb1RKWlVza21CNEFVZENxaEdwb2o1RjNHb2tudEdiazl2cnk4eU9UNGlTWFkvNkE9PQ%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=5Q2rAGWQfp0QtDLQs0vnAH49fitGQiszdjNpMGRNdTRQNHFZZUpENGN2dFQrekRWVSs2OXlnQnZIRkRQRDFtSDBCN1VjNVNUcTI5VVBWL3IrZEtOMit4WERSUFBwVjJleGt4bTZpNTVHeUl0ejZGUWtBbzhDWHVWcUFReEczdnJ4UnVMNVpFWFZXTThNWW02NmVLVGRxZE1ya0ZXSW5IZ0o3L2dUcW4wMlp4MkRkaUI3RHcrRG1aZ1A1WU1aWWFOS1Jqb1NtY0t1ZUwzNHlmYmwzZ3IrUm1PTmFHdHlINVN5b1NJYUhRRTlQeGtvaDRIdC9WdE1UQmRoTk1md3VVMkRJQXBsUlFiT0ppVkpIdTJ5ZHBOQmFwMmhRNVFRNkVPZm9obmFKUHZ6ME13YVVDUDlXdGZHK2xYTktFUUhrN250eGhuM2dacXJTNUtVblczdXhtVzRzcnNrQzRQSW0zSHBtMGk2cmVXeDBTeFNINEx1LzNodnd4SWNJSWhZaGRWaU5WeHU3NWpXYWVsdkgyQW1wSXNXeTNRK0RFTSs5TU1zNEZza3BKMDlyTmw0dXBDczdRTlEyVGM0WU5sOWhOclEwYUNNTzRDNVBmSzlKT3dvU29xbFRoNXNRek80UVNCMFhycW5vNjdjK1pDaEtxcVlZdE9ZQWd0VkdIRTFwaUl5MDNhMy8rclM3dmRmaG5DeTBHeW9tRUpGUW5GdHNBZGN4cWcyM3dlUkMwZU9vRmRnRlJnWjA4TjMwb2crL0V3YWtyM0FOWUkxa0o2N0w1YXdheEJrTjdYZ0ErNTBzNDd1V0NGMjl6V1ZvZFRyeEhRREdCZERHNFkrTmJtckNBUVdSRTVYRWpkUkhldis2RXZOMXJwR29QZXJyRy9YTUNFYTZxK1dld1NrZm5jRVpFb2Y0SG0xVktLck1YbjVVWjVKR0ZnQXpWQW9TeTVudXlZVXN5YWsvRFlBYUJ1SjZWNFpuOGlsRHlXK0kxK3NTN2FKMjk0QW5vMnVSb1RKWlVza21CNEFVZENxaEdwb2o1RjNHb2tudEdiazl2cnk4eU9UNGlTWFkvNkE9PQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 12:23:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jul 2022 02:14:38 GMT
Server: Apache/2.4.38 (Debian)
ETag: "27ef-5e43329b8df80-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 3949

GET
H/1.1 200
OK jscheck.php
1redirc.com/ 0
166 B 902ms
717ms XHR
text/html 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/jscheck.php?enc=hyquvUs972nMeppxjzOBeH49fjAyUWhXSGwwdTVTQWtsT1NJSGlJcjA3OXllNXl3RXR3b2c4S1RYTG9vYUNvbmYyS2RWbGdqZGdBTnFVbmdkZkQvVDFZcGtXcXdJd05oeXRvS0krd0o4MkhaUGFUVTFMbEJ5QmJBaGU1Y1pqS2ZPQUtVMUF2d2JhTlhKTEVzRkxneGcyNFhvNlg1a2JzLzZmTkI2NERrZG1MUS9hQVFIcDdEWVdxSEcySjM2VmRoREpxWUZ4UjgxY016amU2QTEySUM1eERmUVdUTDM4ZE5mOTFUWEFaQVIxRTBDbXp1cXlzL3NDeUhtODkxaXVjc29ObkMzVklVbEhPU1grVjFSZEZXeXF3cm1oWk1ndUo1enF6ZWt6dEF6Y3hvdk1uMGVYQmdxV2o3VHhZUTRVNmhRYWJBQVpDbG96VGVsRWxWL2xUa0l2SytqcHc2NlNQcTZMcTZSZmVQMkRqQzlKajdhaGpuNE0yT2o3MzAzd01mOTJoMFhEVjZVNW9sbXpBL0NOdUJBYUlFU1k3L2pYSHlmd0o3dDZqUDQ2L3FEbko3bFN2TkZGbGl0d2ppS1puMVMvQjNpeHhSVzB4QXh5WHdXSVJZNlNqSkpld251bmlkakNCY3lKR3VEVXZ5ZkhEU29VQlZVTTltWTRKcWtlYnVreHpkVU0yTk53ek43YlA5b005dkRmQk9YU0pxczBtWHd0TWxzSW5sQ0RvYk5tY0VBMERUa2lnSkxFNG5Rc1ljMXN0OWdRK3Vob2gxRUZQTjRrT2xUTDlKR0JiaFJsd3JrYVRzR0NVV2FObkNDRGNFeDZodG5PTnNmUFpNL1BiU2d0QWlESWZaQzBmVVhpbkJMMkt2YytZTUQxZW1iWWxvSEROeHV1ZmZLRGtHUTlkUWVZSzZVczZjTXlrT0pDbGlCc0doV2pMaDM5MzAxZWhSUVFtVkk4ZUY5U28xc1Rad3JQTTBITVdSU2NhRThCMkdpaVNibnFac0lwRUwrQWhqaEd6QlIwdjMwVHB0NFBnUkJFRFpkUU12WVBnbjZ6RjMwR29YNHgvZ0RJcHdwZlZGbFIrT2NuN21sOXVCTDRhWjgveGdSTmRaRjZRL2IySzZDajluTldkODF5OWFRT0FlRkVzRFkvSmdnPT0%3D&rand=0.17469291150172506
Requested by: Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=5Q2rAGWQfp0QtDLQs0vnAH49fitGQiszdjNpMGRNdTRQNHFZZUpENGN2dFQrekRWVSs2OXlnQnZIRkRQRDFtSDBCN1VjNVNUcTI5VVBWL3IrZEtOMit4WERSUFBwVjJleGt4bTZpNTVHeUl0ejZGUWtBbzhDWHVWcUFReEczdnJ4UnVMNVpFWFZXTThNWW02NmVLVGRxZE1ya0ZXSW5IZ0o3L2dUcW4wMlp4MkRkaUI3RHcrRG1aZ1A1WU1aWWFOS1Jqb1NtY0t1ZUwzNHlmYmwzZ3IrUm1PTmFHdHlINVN5b1NJYUhRRTlQeGtvaDRIdC9WdE1UQmRoTk1md3VVMkRJQXBsUlFiT0ppVkpIdTJ5ZHBOQmFwMmhRNVFRNkVPZm9obmFKUHZ6ME13YVVDUDlXdGZHK2xYTktFUUhrN250eGhuM2dacXJTNUtVblczdXhtVzRzcnNrQzRQSW0zSHBtMGk2cmVXeDBTeFNINEx1LzNodnd4SWNJSWhZaGRWaU5WeHU3NWpXYWVsdkgyQW1wSXNXeTNRK0RFTSs5TU1zNEZza3BKMDlyTmw0dXBDczdRTlEyVGM0WU5sOWhOclEwYUNNTzRDNVBmSzlKT3dvU29xbFRoNXNRek80UVNCMFhycW5vNjdjK1pDaEtxcVlZdE9ZQWd0VkdIRTFwaUl5MDNhMy8rclM3dmRmaG5DeTBHeW9tRUpGUW5GdHNBZGN4cWcyM3dlUkMwZU9vRmRnRlJnWjA4TjMwb2crL0V3YWtyM0FOWUkxa0o2N0w1YXdheEJrTjdYZ0ErNTBzNDd1V0NGMjl6V1ZvZFRyeEhRREdCZERHNFkrTmJtckNBUVdSRTVYRWpkUkhldis2RXZOMXJwR29QZXJyRy9YTUNFYTZxK1dld1NrZm5jRVpFb2Y0SG0xVktLck1YbjVVWjVKR0ZnQXpWQW9TeTVudXlZVXN5YWsvRFlBYUJ1SjZWNFpuOGlsRHlXK0kxK3NTN2FKMjk0QW5vMnVSb1RKWlVza21CNEFVZENxaEdwb2o1RjNHb2tudEdiazl2cnk4eU9UNGlTWFkvNkE9PQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 12:23:29 GMT
Server: Apache/2.4.38 (Debian)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

r6
clever-redirect.com/s/
Redirect Chain

http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D652247263%26sid%3D2022081422232757b8b3bdb5c2ad70a4&s=j&enc=hyquvUs972nMeppxjzOBeH49fjAyUWhXSGwwdTVTQWtsT1NJ...
https://clever-redirect.com/s/r6?s=721614&s3=652247263&sid=2022081422232757b8b3bdb5c2ad70a4

321 B
670 B

187ms
98ms

Document
text/html

78.46.197.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clever-redirect.com/s/r6?s=721614&s3=652247263&sid=2022081422232757b8b3bdb5c2ad70a4
Requested by: Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.197.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.197.46.78.clients.your-server.de
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 / PHP/7.4.27
Resource Hash

Request headers

Referer: http://1redirc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 321
content-type: text/html; charset=UTF-8
date: Sun, 14 Aug 2022 12:23:30 GMT
referrer-policy: no-referrer
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
x-powered-by: PHP/7.4.27

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sun, 14 Aug 2022 12:23:30 GMT
Location: https://clever-redirect.com/s/r6?s=721614&s3=652247263&sid=2022081422232757b8b3bdb5c2ad70a4
Server: Apache/2.4.38 (Debian)

GET
H2 200 a
lookandfind.me/s/ 517 B
688 B 245ms
143ms Document
text/html 157.90.169.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lookandfind.me/s/a?t=14&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=cashper.de&s1=721614&s2=&s3=652247263&s5=cf
Requested by: Host: clever-redirect.com
URL: https://clever-redirect.com/s/r6?s=721614&s3=652247263&sid=2022081422232757b8b3bdb5c2ad70a4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.169.90.157.clients.your-server.de
Software: Apache/2.4.54 (codeit) OpenSSL/1.1.1q+quic PHP/7.4.30 / PHP/7.4.30
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 517
content-type: text/html; charset=UTF-8
date: Sun, 14 Aug 2022 12:23:30 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache/2.4.54 (codeit) OpenSSL/1.1.1q+quic PHP/7.4.30
x-powered-by: PHP/7.4.30

GET
H2 200 r
lookandfind.me/s/ 433 B
463 B 51ms
50ms Document
text/html 157.90.169.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lookandfind.me/s/r?u=https%3A%2F%2Fr.srvtrck.com%2Fv1%2Fredirect%3Ftype%3DlinkId%26id%3D8876e5892d58483d82e7acff8c0b1663%26api_key%3Dd35c1f4292afde1e9fb345dc83743d87%26site_id%3Dd39d1304c4dc46fd8b97e5fd5300bb65%26dch%3Dfeed%26ad_t%3Dadvertiser%26yk_tag%3D4f3c674252059001d797370e50e1d998&h=73e8ce280fc0e5fa706d11390f77ff62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.169.90.157.clients.your-server.de
Software: Apache/2.4.54 (codeit) OpenSSL/1.1.1q+quic PHP/7.4.30 / PHP/7.4.30
Resource Hash

Request headers

Referer: https://lookandfind.me/s/a?t=14&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=cashper.de&s1=721614&s2=&s3=652247263&s5=cf
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 433
content-type: text/html; charset=UTF-8
date: Sun, 14 Aug 2022 12:23:30 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache/2.4.54 (codeit) OpenSSL/1.1.1q+quic PHP/7.4.30
x-powered-by: PHP/7.4.30

GET
H2

200

go Show response
r.srvtrck.com/v2/
Redirect Chain

https://r.srvtrck.com/v1/redirect?type=linkId&id=8876e5892d58483d82e7acff8c0b1663&api_key=d35c1f4292afde1e9fb345dc83743d87&site_id=d39d1304c4dc46fd8b97e5fd5300bb65&dch=feed&ad_t=advertiser&yk_tag=4...
https://r.srvtrck.com/v2/go?t=et.pn%3Af%2Fnnkioe%3Dabssr2i7e5e9i5.4k0c0i5b1necfifk4pe%3Ffi0%3D5412064%263uv%3Db0s080102311deb2l5.8c1l0%2F4i3-8ga%2F3d4a1dem3c4v%26eud2.lnolaod%2Fisdtmh&s=https%3A%2F...

1 KB
619 B

62ms
60ms

Document
text/html

2606:4700::6813:a960
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.srvtrck.com/v2/go?t=et.pn%3Af%2Fnnkioe%3Dabssr2i7e5e9i5.4k0c0i5b1necfifk4pe%3Ffi0%3D5412064%263uv%3Db0s080102311deb2l5.8c1l0%2F4i3-8ga%2F3d4a1dem3c4v%26eud2.lnolaod%2Fisdtmh&s=https%3A%2F%2Flookandfind.me%2F&e=1&ai=043b3b733059418b97611ba1a8374bac&sct=0&ct=1660479810935&cu=ef2e548f1f0e413580a0344519e53742&ykuid=c66b425757de46e6a1f050e37b7d466c&sc=1&cs=fe381d690c1098381f4b5f8cb50f40cc
Requested by: Host: lookandfind.me
URL: https://lookandfind.me/s/r?u=https%3A%2F%2Fr.srvtrck.com%2Fv1%2Fredirect%3Ftype%3DlinkId%26id%3D8876e5892d58483d82e7acff8c0b1663%26api_key%3Dd35c1f4292afde1e9fb345dc83743d87%26site_id%3Dd39d1304c4dc46fd8b97e5fd5300bb65%26dch%3Dfeed%26ad_t%3Dadvertiser%26yk_tag%3D4f3c674252059001d797370e50e1d998&h=73e8ce280fc0e5fa706d11390f77ff62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:a960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0991b25109e58dc934bbc36b62c899202d83f5b45208a054e2457527a44c095

Request headers

Referer: https://lookandfind.me/s/r?u=https%3A%2F%2Fr.srvtrck.com%2Fv1%2Fredirect%3Ftype%3DlinkId%26id%3D8876e5892d58483d82e7acff8c0b1663%26api_key%3Dd35c1f4292afde1e9fb345dc83743d87%26site_id%3Dd39d1304c4dc46fd8b97e5fd5300bb65%26dch%3Dfeed%26ad_t%3Dadvertiser%26yk_tag%3D4f3c674252059001d797370e50e1d998&h=73e8ce280fc0e5fa706d11390f77ff62
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73a9a982a9fc9182-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Sun, 14 Aug 2022 12:23:31 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73a9a98229399182-FRA
content-length: 0
date: Sun, 14 Aug 2022 12:23:30 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: /v2/go?t=et.pn%3Af%2Fnnkioe%3Dabssr2i7e5e9i5.4k0c0i5b1necfifk4pe%3Ffi0%3D5412064%263uv%3Db0s080102311deb2l5.8c1l0%2F4i3-8ga%2F3d4a1dem3c4v%26eud2.lnolaod%2Fisdtmh&s=https%3A%2F%2Flookandfind.me%2F&e=1&ai=043b3b733059418b97611ba1a8374bac&sct=0&ct=1660479810935&cu=ef2e548f1f0e413580a0344519e53742&ykuid=c66b425757de46e6a1f050e37b7d466c&sc=1&cs=fe381d690c1098381f4b5f8cb50f40cc
p3p: CP="CAO PSA OUR"
server: cloudflare

GET
H2

200

Primary Request / Show response
www.cashper.de/
Redirect Chain

https://online.adservicemedia.dk/cgi-bin/click.pl?bid=1422168&sub=v030400013510ef2e548f1f0e413580a0344519e53742&sub2=lookandfind.me
https://cashper.go2cloud.org/aff_c?offer_id=95&aff_id=860&aff_sub=mail2&source=122016M&subid=10478&coid=1962281004&utm_source=adservice&utm_medium=affiliate&utm_content=adservice-10478&utm_campaign...
https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff...

83 KB
24 KB

274ms
159ms

Document
text/html

2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=

Requested by

Host: r.srvtrck.com
URL: https://r.srvtrck.com/v2/go?t=et.pn%3Af%2Fnnkioe%3Dabssr2i7e5e9i5.4k0c0i5b1necfifk4pe%3Ffi0%3D5412064%263uv%3Db0s080102311deb2l5.8c1l0%2F4i3-8ga%2F3d4a1dem3c4v%26eud2.lnolaod%2Fisdtmh&s=https%3A%2F%2Flookandfind.me%2F&e=1&ai=043b3b733059418b97611ba1a8374bac&sct=0&ct=1660479810935&cu=ef2e548f1f0e413580a0344519e53742&ykuid=c66b425757de46e6a1f050e37b7d466c&sc=1&cs=fe381d690c1098381f4b5f8cb50f40cc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

28d2802f5a614098a488d893a1b697dbb7aa25f5c3d84a274837cdd72488de3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://r.srvtrck.com/v2/go?t=et.pn%3Af%2Fnnkioe%3Dabssr2i7e5e9i5.4k0c0i5b1necfifk4pe%3Ffi0%3D5412064%263uv%3Db0s080102311deb2l5.8c1l0%2F4i3-8ga%2F3d4a1dem3c4v%26eud2.lnolaod%2Fisdtmh&s=https%3A%2F%2Flookandfind.me%2F&e=1&ai=043b3b733059418b97611ba1a8374bac&sct=0&ct=1660479810935&cu=ef2e548f1f0e413580a0344519e53742&ykuid=c66b425757de46e6a1f050e37b7d466c&sc=1&cs=fe381d690c1098381f4b5f8cb50f40cc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-language: de-de
content-type: text/html; charset=utf-8
date: Sun, 14 Aug 2022 12:23:28 GMT
expires: -1
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 9-26819486-26819496 NNNN CT(13 30 0) RT(1660479810855 50) q(0 0 0 2) r(1 1) U12

Redirect headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 423
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 14 Aug 2022 12:23:31 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx
Tracking_id: 102576ac9364cfb15468f9182c1225
X-Request-Id: bb1e0877c9f51cc2c45e76bd7247bd77
X-Robots-Tag: noindex, nofollow

GET
H2 200 home.less
www.cashper.de/css/Cashper/default/ 45 KB
7 KB 131ms
121ms Stylesheet
text/css 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cashper.de/css/Cashper/default/home.less

Requested by

Host: www.cashper.de
URL: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b737349ef2b91b65eb4efef460befd3ddabe3d211ab14273ca90216e3756036e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
content-encoding: gzip
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
x-iinfo: 9-26819486-26819496 PNNN RT(1660479810855 232) q(0 0 0 -1) r(1 1) U2
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6852

GET
H2 200 cashper-css-fonts
www.cashper.de/bundles/ 21 KB
6 KB 54ms
43ms Stylesheet
text/css 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cashper.de/bundles/cashper-css-fonts?v=RKoR_5ytMEGtIm-XweHC9TySEljVnVJ_YwGMGJ8o9_Q1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

67811507b56a894f836776d0abc284498e31dbd91ce0bd8f3ae554e431bfd790

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:31 GMT
content-encoding: gzip
last-modified: Tue, 19 Jul 2022 23:20:23 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-iinfo: 9-26819486-0 0CNN RT(1660479810855 236) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=29329012, public
content-length: 5653
expires: Wed, 19 Jul 2023 23:20:23 GMT

GET
H2 200 cashper-desktop-css-home-top
www.cashper.de/bundles/ 138 KB
32 KB 55ms
46ms Stylesheet
text/css 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cashper.de/bundles/cashper-desktop-css-home-top?v=unLIMe1OktVqZvyfeHRXlINhjw1II-O6Eub38CgMXW81

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a3827d63c04852dcc6fe4cb889e025134d83e1a2d3b4f62377a5af6917d3da8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:31 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 04:37:58 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-iinfo: 9-26819486-0 0CNN RT(1660479810855 240) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=29348067, public
content-length: 32662
expires: Thu, 20 Jul 2023 04:37:58 GMT

GET
H2 200 cashper-desktop-script-home-top Show response
www.cashper.de/bundles/ 99 KB
34 KB 89ms
80ms Script
text/javascript 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cashper.de/bundles/cashper-desktop-script-home-top?v=KCiZIQjyPIpY2jJSYJaNg17osKfAsRJxi9QbdOlC8DQ1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

83500c916e662e636c068162cbf26d33c4b06b0f7075cfb81d1d4f166350cfe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:31 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 04:37:58 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=utf-8
x-iinfo: 9-26819486-0 0CNN RT(1660479810855 246) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=29348067, public
content-length: 34931
expires: Thu, 20 Jul 2023 04:37:58 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 170 KB
57 KB 176ms
80ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cf9e023a1329e30ce75b5484c866b1b30c83ea157db348e98d63558a5634c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57431
x-xss-protection: 0
server: cafe
etag: 16270570620057094813
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 12:23:32 GMT

GET
H2 200 style_patch_DE.less
www.cashper.de/css/Cashper/default/ 27 KB
4 KB 127ms
120ms Stylesheet
text/css 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cashper.de/css/Cashper/default/style_patch_DE.less

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f87e2f5e043bae07c9cfffa30ee52c7e58b2d5ccb1903cbc032cc3217001883f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
content-encoding: gzip
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
x-iinfo: 9-26819486-26819507 NNNY CT(14 33 0) RT(1660479810855 243) q(0 1 1 -1) r(1 1) U2
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 4480

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 138ms
47ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0ae09929605e6f45470f62f9ec51e9ec846c70ba08947c673728468044ca1f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 14 Aug 2022 11:30:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 14 Aug 2022 12:23:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Aug 2022 12:23:31 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 19 KB
6 KB 143ms
37ms Script
application/x-javascript 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-94.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 34821
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Sun, 14 Aug 2022 02:43:12 GMT
content-length: 6124
x-xss-protection: 1; mode=block
last-modified: Mon, 30 May 2022 14:38:02 GMT
server: AmazonS3
etag: "5add60196e5f96a414fb4b9586764e5d"
content-type: application/x-javascript
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: xZNGjAkSwRof5yrhVjnO3FkcV2MODcduppRXyL4LNkMZdfi3BmWX-A==

GET
H2 200 calculator Show response
www.cashper.de/cashperBundle/ 27 KB
6 KB 67ms
65ms Script
text/javascript 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cashper.de/cashperBundle/calculator?v=HNjE178ChYLNCWuJyqYVZjCMbwg2Cd1PUxrwisf3p2o1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f4cbf8e2633a412cc904d91c09aa420c704d3bebf8d42439d49beaebf6a55c58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:31 GMT
content-encoding: gzip
last-modified: Tue, 19 Jul 2022 23:20:23 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=utf-8
x-iinfo: 9-26819486-0 0CNN RT(1660479810855 253) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=29329012, public
content-length: 6059
expires: Wed, 19 Jul 2023 23:20:23 GMT

GET
H2 200 cashper-desktop-script-home-bottom Show response
www.cashper.de/bundles/ 322 KB
87 KB 67ms
66ms Script
text/javascript 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cashper.de/bundles/cashper-desktop-script-home-bottom?v=Ey1GWFL7dsvIGlGDeMFVSrTCKyd54AN56goYnJ6kLQI1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1dfa52d607443e3122bc6ce4fc406c3399180e9e05d0962aa93a17308d006819

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:31 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 04:37:58 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=utf-8
x-iinfo: 9-26819486-0 0CNN RT(1660479810855 256) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=29348067, public
content-length: 89468
expires: Thu, 20 Jul 2023 04:37:58 GMT

GET
H2 200 _Incapsula_Resource Show response
www.cashper.de/ 138 KB
20 KB 45ms
44ms Script
application/javascript 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cashper.de/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=2016899858

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8c989b35eb95f93d4d37fca4a5caf3a0a9ddfc0144f5056cabcf34b3502eeeb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 19995
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 245 KB
78 KB 142ms
59ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T8NTW4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f30121e454822f43a2e366c6f13c78eed0cbfdde8735a4e6edc5f036d611e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79634
x-xss-protection: 0
last-modified: Sun, 14 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Aug 2022 12:23:32 GMT

GET
H2 200 home_banner_NL.ashx
www.cashper.de/-/media/Upload/ 53 KB
53 KB 63ms
63ms Image
image/jpeg 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cashper.de/-/media/Upload/home_banner_NL.ashx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

410645da79463eb8e93be26b0a65b911e1aa9119d65719be54042cca8961238c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
last-modified: Fri, 27 Nov 2015 13:23:45 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-iinfo: 9-26819486-26819507 PNNy RT(1660479810855 382) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="home_banner_NL.jpg"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 54157
expires: Sun, 21 Aug 2022 12:23:28 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 123ms
38ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cashper.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 274901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 08:01:51 GMT

GET
H2 200 icomoon.ttf
www.cashper.de/css/fonts/Icomoon/ 145 KB
146 KB 43ms
43ms Font
application/octet-stream 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cashper.de/css/fonts/Icomoon/icomoon.ttf?6g4u98

Requested by

Host: www.cashper.de
URL: https://www.cashper.de/bundles/cashper-css-fonts?v=RKoR_5ytMEGtIm-XweHC9TySEljVnVJ_YwGMGJ8o9_Q1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7e2635f66e8670392b99e671649614c3dbaf0fe6f7f0121b4de3867e4470f235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cashper.de/bundles/cashper-css-fonts?v=RKoR_5ytMEGtIm-XweHC9TySEljVnVJ_YwGMGJ8o9_Q1
Origin: https://www.cashper.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:31 GMT
last-modified: Tue, 09 Aug 2022 12:19:56 GMT
x-cdn: Imperva
etag: "03ef155eaabd81:0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/octet-stream
x-iinfo: 9-26819486-0 0CNN RT(1660479810855 383) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=2010, public
content-length: 148800
expires: Sun, 14 Aug 2022 12:57:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 133ms
49ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cashper.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 24831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 05:29:41 GMT

GET
H2 200 cashper_logo_2017_nopayoff.ashx
www.cashper.de/-/media/Images/Logo-Cashper/ 7 KB
3 KB 56ms
56ms Image
image/svg+xml 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cashper.de/-/media/Images/Logo-Cashper/cashper_logo_2017_nopayoff.ashx?h=69&la=de-DE&w=285&hash=32419EA55663E75C31E2C1DF5BDE836736D9CE29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

920dc7970c3e71c15c566d28cbfac0ad73945245f61c377370b376f56edbb423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
content-encoding: gzip
last-modified: Fri, 27 Oct 2017 12:40:50 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-iinfo: 9-26819486-26819496 PNYN RT(1660479810855 401) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="cashper_logo_2017_nopayoff.svg"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
expires: Sun, 21 Aug 2022 12:23:28 GMT

GET
H2 200 widget.js Show response
sw-assets.ekomiapps.de/static_resources/ 346 B
702 B 124ms
37ms Script
application/javascript 18.66.97.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sw-assets.ekomiapps.de/static_resources/widget.js
Requested by: Host: www.cashper.de
URL: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-62.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f51590d5dc8f61cfc0c025dfc89f35c726bef31ec33664ff8bebbb73e4fae660

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 12:13:47 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified: Wed, 08 Jun 2022 09:33:56 GMT
server: AmazonS3
age: 4147786
etag: "87cc6c5e2b6611d43a3e35da657e4751"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 346
x-amz-cf-id: 9QME6ECwtdtty-_ECeJyjbQG2-frscd5UV6MRkWYlOQT3w_cbsZYQg==

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 112ms
78ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cashper.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 520575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 11:47:17 GMT

GET
H2 200 comodossl_sm.ashx
www.cashper.de/-/media/Images/CashperDE/ 3 KB
3 KB 61ms
57ms Image
image/png 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cashper.de/-/media/Images/CashperDE/comodossl_sm.ashx?h=38&la=de-DE&w=121&hash=B2AFFA21EFC908129A49CFBD30C1916F4D1AE84F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6f3f25169739a16e485aa9dcadc960ac53e71e795255938e3030ab26dccc98cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
last-modified: Tue, 31 Jul 2018 15:19:24 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 9-26819486-26819507 PNNy RT(1660479810855 461) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="comodossl_sm.png"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 2796
expires: Sun, 21 Aug 2022 12:23:29 GMT

GET
H2 200 pillar1.ashx
www.cashper.de/-/media/Images/Cashper-mobile/ 3 KB
3 KB 62ms
57ms Image
image/png 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cashper.de/-/media/Images/Cashper-mobile/pillar1.ashx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ef7b282d71f7213abef62368e513792f7fc1f795fda50c66a80f9e346a484892

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
last-modified: Tue, 11 Dec 2018 10:43:20 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 9-26819486-26819496 PNNN RT(1660479810855 464) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="pillar1.png"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 2787
expires: Sun, 21 Aug 2022 12:23:29 GMT

GET
H2 200 pillar2.ashx
www.cashper.de/-/media/Images/Cashper-mobile/ 2 KB
2 KB 64ms
59ms Image
image/png 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cashper.de/-/media/Images/Cashper-mobile/pillar2.ashx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

fd120d61c7adb231fce1c16f6e3be19581f3d6f1c29ab585d4642351de847d90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
last-modified: Tue, 31 Jul 2018 15:19:24 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 9-26819486-26819529 NNNY CT(13 31 0) RT(1660479810855 467) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="pillar2.png"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 2390
expires: Sun, 21 Aug 2022 12:23:29 GMT

GET
H2 200 pillar3.ashx
www.cashper.de/-/media/Images/Cashper-mobile/ 3 KB
3 KB 65ms
60ms Image
image/png 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cashper.de/-/media/Images/Cashper-mobile/pillar3.ashx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2fdf5b8b53f5e535ed48b8f041c867cdadedd1ea04c17e4c8ed9f0bba13c3136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
last-modified: Tue, 31 Jul 2018 15:19:23 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 9-26819486-26819531 NNNY CT(14 30 0) RT(1660479810855 468) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="pillar3.png"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 3001
expires: Sun, 21 Aug 2022 12:23:29 GMT

GET
H2 200 pillar4.ashx
www.cashper.de/-/media/Images/Cashper-mobile/ 3 KB
4 KB 66ms
62ms Image
image/png 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cashper.de/-/media/Images/Cashper-mobile/pillar4.ashx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

064652006fbaf1459baea4e48875d78fc2a7356b7a342e9f3be186e80e2704d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
last-modified: Tue, 31 Jul 2018 15:19:24 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 9-26819486-26819533 NNNY CT(13 30 0) RT(1660479810855 469) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="pillar4.png"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 3492
expires: Sun, 21 Aug 2022 12:23:29 GMT

GET
H2 200 bankingcheck_logo.ashx
www.cashper.de/-/media/Images/CashperDE/ 7 KB
7 KB 95ms
91ms Image
image/png 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cashper.de/-/media/Images/CashperDE/bankingcheck_logo.ashx?h=71&la=de-DE&w=370&hash=8B6B98CE334B4C9D803322ACD3E2C24C4005C41C

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

de08ab63c7e84f0d6783c83580924c60b33b979a5bf9ba313547819dfcecfdda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
last-modified: Tue, 25 Jul 2017 15:00:08 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 9-26819486-26819535 NNNN CT(12 15 0) RT(1660479810855 470) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="bankingcheck_logo.png"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 7177
expires: Sun, 21 Aug 2022 12:23:29 GMT

GET
H2 200 DesktopNewsletterLoveMessage.ashx
www.cashper.de/-/media/Images/CashperDE/ 2 KB
3 KB 82ms
78ms Image
image/png 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cashper.de/-/media/Images/CashperDE/DesktopNewsletterLoveMessage.ashx?h=91&la=de-DE&w=128&hash=9D623A09DC6B7CF4BBF6A55D6F4C2BDABD79C9E1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a2abf155f4572195ab13f9f1542171a18a298d373fc08ad3d7c160ea1191101c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
last-modified: Tue, 22 Jun 2021 09:56:24 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 9-26819486-26819507 PNNy RT(1660479810855 472) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="DesktopNewsletterLoveMessage.png"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 2534
expires: Sun, 21 Aug 2022 12:23:29 GMT

GET
H2 200 BankingCheck_Award2022_Cashper-web.ashx
www.cashper.de/-/media/Images/CashperDE/ 11 KB
11 KB 92ms
88ms Image
image/png 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cashper.de/-/media/Images/CashperDE/BankingCheck_Award2022_Cashper-web.ashx?h=265&la=de-DE&w=135&hash=68C29E19C0EE85AC513CA9449ACF29179CC7AB89

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5b52fd947e30fe54e2d7bdab537fee8d5ad98307a324f15d734df3b90361057f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
last-modified: Tue, 28 Jun 2022 08:10:57 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 9-26819486-26819496 PNNN RT(1660479810855 473) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="BankingCheck_Award2022_Cashper-web.png"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 11602
expires: Sun, 21 Aug 2022 12:23:29 GMT

GET
H2 200 BankingCheck_Award2021_Cashper-web.ashx
www.cashper.de/-/media/Images/CashperDE/ 11 KB
11 KB 96ms
93ms Image
image/png 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cashper.de/-/media/Images/CashperDE/BankingCheck_Award2021_Cashper-web.ashx?h=265&la=de-DE&w=135&hash=24188A6DE406AE34838914F2A09EDE95E67A2D8F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2747bd521504adc33cb63262b27e04745bdb4f2bdf2d963dc45c5da6a964bab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
last-modified: Tue, 27 Jul 2021 07:08:18 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 9-26819486-26819529 PNNy RT(1660479810855 475) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="BankingCheck_Award2021_Cashper-web.png"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 10773
expires: Sun, 21 Aug 2022 12:23:29 GMT

GET
H2 200 LZT_Siegel_CashperDE21.ashx
www.cashper.de/-/media/Images/CashperDE/ 9 KB
9 KB 83ms
80ms Image
image/jpeg 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cashper.de/-/media/Images/CashperDE/LZT_Siegel_CashperDE21.ashx?h=265&la=de-DE&w=135&hash=41661172668096CB06EE9559BBCA17E7B14B1172

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

fa2795dcd711a977a5d338bdfacef8877c53bbb23a479c9bf3a6f7186618ddee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
last-modified: Tue, 18 Jan 2022 09:49:28 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-iinfo: 9-26819486-26819531 PNNy RT(1660479810855 477) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="LZT_Siegel_CashperDE21.jpg"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 9325
expires: Sun, 21 Aug 2022 12:23:29 GMT

GET
H2 200 eKomi-Seal.ashx
www.cashper.de/-/media/Images/CashperDE/ 14 KB
14 KB 84ms
80ms Image
image/png 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cashper.de/-/media/Images/CashperDE/eKomi-Seal.ashx?h=149&la=de-DE&w=148&hash=FC42900927C45D53BB378097DACBBF104D7902E7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e479c7d39bb45647da16ed1722f2fde9499aa01099b90e390c6e8b3412fe80ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
last-modified: Wed, 16 Jan 2019 13:13:58 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 9-26819486-26819533 PNNy RT(1660479810855 478) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="eKomi Seal.png"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 14253
expires: Sun, 21 Aug 2022 12:23:29 GMT

GET
H2 200 pillar2a.ashx
www.cashper.de/-/media/Images/Cashper-mobile/ 2 KB
2 KB 100ms
97ms Image
image/png 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cashper.de/-/media/Images/Cashper-mobile/pillar2a.ashx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4859c25a89f5316aa1f06e4abb14cae0b3b87b6b7553595d86ea9b2d2ec54e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
last-modified: Tue, 31 Jul 2018 15:19:24 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 9-26819486-26819507 PNNy RT(1660479810855 479) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="pillar2a.png"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 2423
expires: Sun, 21 Aug 2022 12:23:29 GMT

GET
H2 200 pillar2b.ashx
www.cashper.de/-/media/Images/Cashper-mobile/ 2 KB
2 KB 101ms
98ms Image
image/png 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cashper.de/-/media/Images/Cashper-mobile/pillar2b.ashx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7ce136d17ff50c689102e5e5f1688041ba001a18330c5da81ca6ce687206c527

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
last-modified: Tue, 31 Jul 2018 15:19:23 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 9-26819486-26819531 PNNy RT(1660479810855 480) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="pillar2b.png"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 2329
expires: Sun, 21 Aug 2022 12:23:29 GMT

GET
H2 200 pillar2c.ashx
www.cashper.de/-/media/Images/Cashper-mobile/ 3 KB
3 KB 112ms
109ms Image
image/png 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cashper.de/-/media/Images/Cashper-mobile/pillar2c.ashx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d49bf490a005f1664191f94fece5eb1aac6d88fc2d8064bec75ec278a0d05461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
last-modified: Fri, 10 Aug 2018 14:10:30 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 9-26819486-26819496 PNNN RT(1660479810855 481) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="pillar2c.png"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 3304
expires: Sun, 21 Aug 2022 12:23:29 GMT

GET
H2 200 pillar2d.ashx
www.cashper.de/-/media/Images/Cashper-mobile/ 5 KB
5 KB 112ms
109ms Image
image/png 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cashper.de/-/media/Images/Cashper-mobile/pillar2d.ashx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

649f960bc413a047ed2f68ea68a86c456adda9e432a3df7d187b4ba00417d60a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
last-modified: Tue, 31 Jul 2018 15:19:24 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 9-26819486-26819535 PNNN RT(1660479810855 482) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="pillar2d.png"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 4614
expires: Sun, 21 Aug 2022 12:23:29 GMT

GET
H2 200 0-prozent-seal-top.ashx
www.cashper.de/-/media/Images/CashperDE/840/ 67 KB
67 KB 129ms
126ms Image
image/jpeg 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cashper.de/-/media/Images/CashperDE/840/0-prozent-seal-top.ashx?h=470&la=de-DE&w=840&hash=E89DF8B7B78AB42A387F51F550863D7C496E4306

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

738c2f3f46f7bd7392962b24b33e18cbfb408b5391f2f07a72a541aae987df5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
last-modified: Mon, 30 Nov 2020 11:11:50 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-iinfo: 9-26819486-26819529 PNNy RT(1660479810855 500) q(0 0 0 -1) r(1 1) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="0-prozent-seal-top.jpg"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 68188
expires: Sun, 21 Aug 2022 12:23:29 GMT

GET
H2 200 iStock_000051658064_XXXLarge_840.ashx
www.cashper.de/-/media/Images/CashperDE/840/ 58 KB
58 KB 117ms
115ms Image
image/jpeg 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cashper.de/-/media/Images/CashperDE/840/iStock_000051658064_XXXLarge_840.ashx?h=470&la=de-DE&w=840&hash=A6188D78B9DD4E76B8D79E2EB237F51836ED18CF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

db5a54caa2e84783e8993d1a0bba1fb3461ef847ac17ef649091b70eb4f4f8c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
last-modified: Wed, 07 Oct 2015 07:48:37 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-iinfo: 9-26819486-26819507 PNNy RT(1660479810855 502) q(0 0 0 -1) r(0 0) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="iStock_000051658064_XXXLarge_840.jpg"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 59104
expires: Sun, 21 Aug 2022 12:23:29 GMT

GET
H2 200 calculo-intereses-del-prestamo.ashx
www.cashper.de/-/media/Images/ 185 KB
186 KB 120ms
119ms Image
image/png 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cashper.de/-/media/Images/calculo-intereses-del-prestamo.ashx?h=572&la=de-DE&w=792&hash=DE05BFDF38FE10D297A94859AFDA42696C77CCD9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7807b12ebc0c56fec534e8832b3208369f4643879b74ab05bdbea4dda19bcf20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
last-modified: Tue, 31 Jul 2018 15:19:24 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 9-26819486-26819531 PNNy RT(1660479810855 504) q(0 0 0 -1) r(1 1) U2
cache-control: private, max-age=604800
content-disposition: inline; filename="calculo intereses del prestamo.png"
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 189619
expires: Sun, 21 Aug 2022 12:23:29 GMT

POST
H2 200 GetInstallmentAndDealFee Show response
www.cashper.de/cashper_api/Handlers/ 39 B
260 B 132ms
132ms XHR
application/json 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cashper.de/cashper_api/Handlers/GetInstallmentAndDealFee

Requested by

Host: www.cashper.de
URL: https://www.cashper.de/bundles/cashper-desktop-script-home-top?v=KCiZIQjyPIpY2jJSYJaNg17osKfAsRJxi9QbdOlC8DQ1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

33fc32c651c1f7ea6f2dafcf22ccb7f5f3b3a2107c374c79bc052515f7b25668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Aug 2022 12:23:28 GMT
content-encoding: gzip
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-iinfo: 9-26819486-26819533 PNYy RT(1660479810855 506) q(0 0 0 -1) r(1 1) U6
cache-control: private
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 60ms
60ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cashper.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 317587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2023 20:10:25 GMT

GET
H2 200 _Incapsula_Resource
www.cashper.de/ 1 B
66 B 40ms
40ms Image
text/plain 2a02:e980:107::50
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cashper.de/_Incapsula_Resource?SWKMTFSR=1&e=0.8568452214038089

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:107::50 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 f-widget.js Show response
smart-widget-assets.ekomiapps.de/static_resources/ 43 KB
12 KB 53ms
42ms Script
application/javascript 18.66.97.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smart-widget-assets.ekomiapps.de/static_resources/f-widget.js
Requested by: Host: sw-assets.ekomiapps.de
URL: https://sw-assets.ekomiapps.de/static_resources/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-62.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 335e159e9a2d4f05a61d2c9d416a56c560ba8c7d887b8997be94990f30e252e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:20:14 GMT
content-encoding: gzip
last-modified: Tue, 05 Jul 2022 05:44:08 GMT
server: AmazonS3
age: 1573399
etag: W/"8f14298774cbe23a43adde2dfc98276f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000,public
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: u6mLG0oLkUaxbJwctsJK6ibo8rUL6ELe8jhEF8ZSXx7P5nTtydGijw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
72 KB 130ms
54ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BK42P9ZCRP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8NTW4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

23c1f7d6cb5c6fb01ec37362734a6d2d40ba02cde142af20fc2064a1346ecc07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:32 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73753
x-xss-protection: 0
expires: Sun, 14 Aug 2022 12:23:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 121ms
37ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8NTW4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4655
date: Sun, 14 Aug 2022 11:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 14 Aug 2022 13:05:57 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/ 340 KB
120 KB 161ms
84ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4270039995008809&plah=www.cashper.de

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a63823d7c26c10cc1de086f5ad9597514380e9daf68bd787eea7d25599da4d47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122753
x-xss-protection: 0
server: cafe
etag: 12769276033021616541
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 12:23:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/ Frame 6B74 10 KB
5 KB 126ms
37ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cashper.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22184
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 06:13:48 GMT
etag: 8616628553774171045
expires: Sun, 28 Aug 2022 06:13:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sf691435ccab861e5d43.json Show response
smart-widget-assets.ekomiapps.de/data_files/widget/ 6 KB
2 KB 118ms
37ms Fetch
application/json 18.66.97.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smart-widget-assets.ekomiapps.de/data_files/widget/sf691435ccab861e5d43.json
Requested by: Host: smart-widget-assets.ekomiapps.de
URL: https://smart-widget-assets.ekomiapps.de/static_resources/f-widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-50.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54770326c9ab8bf5dd51ffa3869ea7370bf485c262af7fe00a434a5c3cf8324b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 08:24:58 GMT
content-encoding: gzip
last-modified: Sat, 13 Aug 2022 16:29:40 GMT
server: AmazonS3
age: 14314
etag: W/"4b74a32ec3ace2b3ef8c0eb25feaf1ab"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=43200,public
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: -hMk3Os5wNspcrPghVZPGyOnAZ6OWhjekNtoiWOgYmkGBCvJJ4kI9g==
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)

GET
H2 200 sf691435f291a2b6db98.json Show response
smart-widget-assets.ekomiapps.de/data_files/widget/ 6 KB
2 KB 119ms
38ms Fetch
application/json 18.66.97.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smart-widget-assets.ekomiapps.de/data_files/widget/sf691435f291a2b6db98.json
Requested by: Host: smart-widget-assets.ekomiapps.de
URL: https://smart-widget-assets.ekomiapps.de/static_resources/f-widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-50.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3654737263ce03c3e2ea0d8fb9bea7d6e9053bba354777c52f71a13e3a429710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 06:14:05 GMT
content-encoding: gzip
last-modified: Thu, 11 Aug 2022 17:39:47 GMT
server: AmazonS3
age: 22168
etag: W/"3965da64e01f82e2843e89d1e411112a"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=43200,public
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: _64TB10mYsGECoMKxz7uPyv9HyHo4_SLoNjG0uEi4ErTplzqmwX1LQ==
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 121ms
45ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1038109282&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cashper.de%2F%3Fcid%3D212%26utm_source%3DAdservice_AS%26utm_content%3Dmail2%26utm_medium%3Dreferral%26utm_campaign%3D122016M%26affiliate_id%3D860%26offer_id%3D95%26trans_id%3D102576ac9364cfb15468f9182c1225%26aff_sub2%3D%26aff_sub4%3D&dr=https%3A%2F%2Fr.srvtrck.com%2F&ul=en-us&de=UTF-8&dt=Cashper.de%20-%20Minikredit%20mit%200%25%20Zinsen%20bis%201500%E2%82%AC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=19576244&gjid=411325000&cid=1788595021.1660479812&tid=UA-40425645-6&_gid=1715521985.1660479812&_r=1&gtm=2wg880T8NTW4&z=219983557

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cashper.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 12:23:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cashper.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ekomi-slick.min.css
smart-widget-assets.ekomiapps.de/static_resources/ 2 KB
875 B 37ms
37ms Stylesheet
text/css 18.66.97.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smart-widget-assets.ekomiapps.de/static_resources/ekomi-slick.min.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-62.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50202b25adc5f2d81a3fe0b19a6d83bcac9feb4ece6626208f9cc5e3bce7aedc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 00:26:28 GMT
content-encoding: gzip
last-modified: Tue, 19 Nov 2019 20:26:08 GMT
server: AmazonS3
age: 388625
etag: W/"a48ab2f807c5dda92f940b1789944387"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
cache-control: max-age=604800,public
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: oSxfx4zhPkWF9oiLG0uGlsAyJI0CwDzLpWmJvVBdkaZaLSbTOwSOFg==

GET
H2 200 widget.css
sw-assets.ekomiapps.de/static_resources/ 155 KB
19 KB 45ms
45ms Stylesheet
text/css 18.66.97.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sw-assets.ekomiapps.de/static_resources/widget.css
Requested by: Host: www.cashper.de
URL: https://www.cashper.de/bundles/cashper-desktop-script-home-top?v=KCiZIQjyPIpY2jJSYJaNg17osKfAsRJxi9QbdOlC8DQ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-62.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59df6220fbd943e8cc4fd226f0174e5ddd07c60f0b30a1312fe797139cdb93b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 05:38:08 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 19:45:01 GMT
server: AmazonS3
age: 10824324
etag: W/"b380c60d7d560b269c16c4b63ab64f7e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
cache-control: max-age=31536000,public
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: LSOViYzCVhaJF8vCM5TChYKZrGArCeEy96-cBe5fSSPQ6taZ03HOIg==

GET
H2 200 69143_seller_summary.json Show response
smart-widget-assets.ekomiapps.de/data_files/json/ 217 B
686 B 37ms
37ms Fetch
application/json 18.66.97.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smart-widget-assets.ekomiapps.de/data_files/json/69143_seller_summary.json
Requested by: Host: smart-widget-assets.ekomiapps.de
URL: https://smart-widget-assets.ekomiapps.de/static_resources/f-widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-50.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 347de57f9eff9b720da8493d27619439fef219ba67cf16a95567031e5d68c703

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 01:35:58 GMT
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
age: 38855
x-cache: Hit from cloudfront
content-length: 217
last-modified: Sat, 13 Aug 2022 04:50:49 GMT
server: AmazonS3
etag: "1c3043c40ad2fa98b840d588ab7d91ca"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=43200,public
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: AsfLGnkHUwYGUKnSHKJO4qFzxwhWR3KwCuty270Ty2IjzzeRx4UClg==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 133ms
44ms Ping
text/plain 2001:4860:4802:32::36

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BK42P9ZCRP&gtm=2oe880&_p=1038109282&cid=1788595021.1660479812&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660479812&sct=1&seg=0&dl=https%3A%2F%2Fwww.cashper.de%2F%3Fcid%3D212%26utm_source%3DAdservice_AS%26utm_content%3Dmail2%26utm_medium%3Dreferral%26utm_campaign%3D122016M%26affiliate_id%3D860%26offer_id%3D95%26trans_id%3D102576ac9364cfb15468f9182c1225%26aff_sub2%3D%26aff_sub4%3D&dr=https%3A%2F%2Fr.srvtrck.com%2F&dt=Cashper.de%20-%20Minikredit%20mit%200%25%20Zinsen%20bis%201500%E2%82%AC&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BK42P9ZCRP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 12:23:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cashper.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 69143_positive_1.json Show response
smart-widget-assets.ekomiapps.de/data_files/json/ 3 KB
1 KB 37ms
37ms Fetch
application/json 18.66.97.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smart-widget-assets.ekomiapps.de/data_files/json/69143_positive_1.json
Requested by: Host: smart-widget-assets.ekomiapps.de
URL: https://smart-widget-assets.ekomiapps.de/static_resources/f-widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-50.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 135812a4ff40b4fc17d59c1c452fba976fc0836c012943327920fce587c6ddd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:12:14 GMT
content-encoding: gzip
last-modified: Sun, 14 Aug 2022 04:59:05 GMT
server: AmazonS3
age: 18679
etag: W/"953a253d3de972ccb4f3e1d2729975db"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=43200,public
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 3JIX-_KWSW46mGBL6kuNnKm6TjJM8-0L5jAZQDZgpVrWxJlt-IJpHw==
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
644 B 380ms
45ms Script
text/javascript 142.250.186.34

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.cashper.de&callback=_gfp_s_&client=ca-pub-4270039995008809

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4270039995008809&plah=www.cashper.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

1d9252cfa99740f0d6336739c735cb8348196a2e1320e5f338dde8f719252918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 375ms
46ms Script
application/javascript 2a00:1450:4001:829::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cashper.de

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 12:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 378ms
47ms Script
application/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cashper.de

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 12:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
71ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.cashper.de%2F%3Fcid%3D212%26utm_source%3DAdservice_AS%26utm_content%3Dmail2%26utm_medium%3Dreferral%26utm_campaign%3D122016M%26affiliate_id%3D860%26offer_id%3D95%26trans_id%3D102576ac9364cfb15468f9182c1225%26aff_sub2%3D%26aff_sub4%3D&tn=DIV&cls=modal%20fade%20in%20cookie-modal&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 12:23:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 12:23:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B9A0 0
19 B 175ms
100ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270039995008809&output=html&adk=522671305&adf=1178619241&lmt=1660479812&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.cashper.de%2F%3Fcid%3D212%26utm_source%3DAdservice_AS%26utm_content%3Dmail2%26utm_medium%3Dreferral%26utm_campaign%3D122016M%26affiliate_id%3D860%26offer_id%3D95%26trans_id%3D102576ac9364cfb15468f9182c1225%26aff_sub2%3D%26aff_sub4%3D&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660479812244&bpp=3&bdt=406&idt=253&shv=r20220810&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7977986705952&frm=20&pv=2&ga_vid=1788595021.1660479812&ga_sid=1660479813&ga_hid=1038109282&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=3183054076087966&tmod=791588711&uas=0&nvt=1&ref=https%3A%2F%2Fr.srvtrck.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=268

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cashper.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Aug 2022 12:23:32 GMT
expires: Sun, 14 Aug 2022 12:23:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 slick.js Show response
sw-assets.ekomiapps.de/static_resources/ 40 KB
10 KB 59ms
59ms Script
application/javascript 18.66.97.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sw-assets.ekomiapps.de/static_resources/slick.js?_=1660479811952
Requested by: Host: www.cashper.de
URL: https://www.cashper.de/bundles/cashper-desktop-script-home-top?v=KCiZIQjyPIpY2jJSYJaNg17osKfAsRJxi9QbdOlC8DQ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-62.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 337290f29a7c1923ee4724b0bbae869e478e2b4cf883474bae2ff93216bd7ead

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 12:23:33 GMT
content-encoding: gzip
last-modified: Tue, 19 Nov 2019 20:26:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
etag: W/"1b5480640c5cab41c19f0652dd557860"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
cache-control: max-age=604800,public
x-amz-cf-id: Tvnf81qIqL3AsSaPqcYfVKaJ81lRJC5jYyOKsiaFCF_rgPH-5inx6Q==

GET
H2 200 ekomi-logo-2-transparent.png
sw-assets.ekomiapps.de/resources/ 1 KB
2 KB 38ms
37ms Image
image/png 18.66.97.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw-assets.ekomiapps.de/resources/ekomi-logo-2-transparent.png
Requested by: Host: www.cashper.de
URL: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-62.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d8dcbacf7f07f7ab6eb46463bae8f31136611ec2296da9ce53512837cce0ca9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 03:26:43 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified: Wed, 25 Nov 2020 11:43:19 GMT
server: AmazonS3
age: 377810
etag: "2f1c474e05b44ed1c9c3eab25b3e9a23"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,public
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 1478
x-amz-cf-id: he0xv51lkzGr_m_iHyAwwpKCeVMKEkqs4AmUlq4_CUxb9IF4cpQLiw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 361ms
46ms XHR
text/plain 2a00:1450:400c:c08::9c

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-40425645-6&cid=1788595021.1660479812&jid=19576244&gjid=411325000&_gid=1715521985.1660479812&_u=YEBAAAAAAAAAAC~&z=1830567657

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cashper.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 14 Aug 2022 12:23:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.cashper.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lg-stars-grey-136x23.png
sw-assets.ekomiapps.de/resources/ 403 B
766 B 38ms
37ms Image
image/png 18.66.97.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw-assets.ekomiapps.de/resources/lg-stars-grey-136x23.png
Requested by: Host: www.cashper.de
URL: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-62.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a5415b56c5a5181236611d1712980147013415451fec7ecf730fc4160b6a3b4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 05:20:03 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified: Tue, 19 Nov 2019 20:25:59 GMT
server: AmazonS3
age: 371010
etag: "961441794419be4952b7b7218e321602"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,public
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 403
x-amz-cf-id: O3ydCH0XXN_UxqX8Sa5yc2vuEXyDbKVoGMPrtS3a6bmgj4vLjO4nZQ==

GET
H2 200 lg-stars-yellow-136x23.png
sw-assets.ekomiapps.de/resources/ 420 B
785 B 38ms
37ms Image
image/png 18.66.97.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw-assets.ekomiapps.de/resources/lg-stars-yellow-136x23.png
Requested by: Host: www.cashper.de
URL: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-62.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a291facb6a1b1edcaef05bf69a512f5f258e554198c8df45baf0120b49b3917

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 00:26:18 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified: Tue, 19 Nov 2019 20:25:59 GMT
server: AmazonS3
age: 388635
etag: "f830bca5f386b9967a86495da5bd4634"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,public
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 420
x-amz-cf-id: Sghkomueuv7ndjGbW4QX8jjyXlCEaDGHEcBCSCJbWbjTkhwnCnEBUQ==

GET
H2 200 mini-stars-grey-122x21.png
sw-assets.ekomiapps.de/resources/ 382 B
745 B 38ms
38ms Image
image/png 18.66.97.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw-assets.ekomiapps.de/resources/mini-stars-grey-122x21.png
Requested by: Host: www.cashper.de
URL: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-62.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bee692d70ffca7ee26788730954f820298ad0ffceea962d95a7e132b73cdc189

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 00:26:18 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified: Tue, 19 Nov 2019 20:25:59 GMT
server: AmazonS3
age: 388635
etag: "29c725a0c2e8c6a9350eccef91d44ecf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,public
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 382
x-amz-cf-id: w3zC5x_0xDtfbk07AzVww0xKVkWcsmfCYB9I62fW-bDwKifg4BxtCQ==

GET
H2 200 mini-stars-yellow-122x21.png
sw-assets.ekomiapps.de/resources/ 396 B
759 B 39ms
38ms Image
image/png 18.66.97.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw-assets.ekomiapps.de/resources/mini-stars-yellow-122x21.png
Requested by: Host: www.cashper.de
URL: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-62.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b9319bfeebe31cc1cbfa9bc6d3a72b4f81647ae8164dcda396112c659810744

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 00:26:18 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified: Tue, 19 Nov 2019 20:25:59 GMT
server: AmazonS3
age: 388635
etag: "3017f19de00725931262dc3582a2fbfa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,public
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 396
x-amz-cf-id: 4pXlEYTE7wQhbHVbIik-Ag23N-74Z1BaiN3jtln7CnkhajufvQ6NAg==

GET
H2 200 slider-previous-icon-arrow.png
sw-assets.ekomiapps.de/resources/ 303 B
666 B 37ms
37ms Image
image/png 18.66.97.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw-assets.ekomiapps.de/resources/slider-previous-icon-arrow.png
Requested by: Host: www.cashper.de
URL: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-62.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f57c72f10af251b51da424d3b0cb9cfb75ab7ab4e4b6edbcaa5b5aecaaabcde4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 02:22:07 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified: Tue, 19 Nov 2019 20:26:02 GMT
server: AmazonS3
age: 381686
etag: "004a926490a6aab44ddd8ee3e074543a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,public
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 303
x-amz-cf-id: TWXvLbJH6jTqtvqA-L8jgybdzktvBugfftt-nE7Ia4fmjeUegB30NA==

GET
H2 200 slider-next-icon-arrow.png
sw-assets.ekomiapps.de/resources/ 296 B
659 B 38ms
37ms Image
image/png 18.66.97.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw-assets.ekomiapps.de/resources/slider-next-icon-arrow.png
Requested by: Host: www.cashper.de
URL: https://www.cashper.de/?cid=212&utm_source=Adservice_AS&utm_content=mail2&utm_medium=referral&utm_campaign=122016M&affiliate_id=860&offer_id=95&trans_id=102576ac9364cfb15468f9182c1225&aff_sub2=&aff_sub4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-62.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2cf93af00945521238ff5b763e8dcc47077d4602fe2c394ffeea13c4c4bba5ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 00:26:18 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified: Tue, 19 Nov 2019 20:26:02 GMT
server: AmazonS3
age: 388635
etag: "019e56790cf8fb35a6e2ff718408f2dc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,public
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 296
x-amz-cf-id: 0yH8sgRrsCaaT4m0QUTlwMTb2NQvAmArOIRMhSNGJfnn296_LvJjww==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 243ms
61ms Image
image/gif 2a00:1450:4001:810::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-40425645-6&cid=1788595021.1660479812&jid=19576244&_u=YEBAAAAAAAAAAC~&z=1835371057

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 12:23:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 244ms
62ms Image
image/gif 2a00:1450:4001:803::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-40425645-6&cid=1788595021.1660479812&jid=19576244&_u=YEBAAAAAAAAAAC~&z=1835371057

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 12:23:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 162ms
86ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220810&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0b127fc3cd1fc45bdf6b74eb838c0eceecafc2f7ad565cfac9a3c5a1e469f81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cashper.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Aug 2022 12:23:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11122
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 44ms
44ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1038109282&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cashper.de%2F%3Fcid%3D212%26utm_source%3DAdservice_AS%26utm_content%3Dmail2%26utm_medium%3Dreferral%26utm_campaign%3D122016M%26affiliate_id%3D860%26offer_id%3D95%26trans_id%3D102576ac9364cfb15468f9182c1225%26aff_sub2%3D%26aff_sub4%3D&dr=https%3A%2F%2Fr.srvtrck.com%2F&ul=en-us&de=UTF-8&dt=Cashper.de%20-%20Minikredit%20mit%200%25%20Zinsen%20bis%201500%E2%82%AC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAAAABAAAAAC~&jid=1082490535&gjid=1644539674&cid=1788595021.1660479812&tid=UA-40425645-6&_gid=1715521985.1660479812&_r=1&gtm=2wg880T8NTW4&cd5=1788595021.1660479812&z=385833777

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cashper.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 Aug 2022 12:23:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cashper.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 141ms
46ms XHR
text/plain 2a00:1450:400c:c08::9c

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-40425645-6&cid=1788595021.1660479812&jid=1082490535&gjid=1644539674&_gid=1715521985.1660479812&_u=aHDAAAABAAAAAC~&z=1995034792

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9c -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cashper.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 14 Aug 2022 12:23:33 GMT
content-type: text/plain
access-control-allow-origin: https://www.cashper.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sodar2.js
tpc.googlesyndication.com/sodar/ 0
0

GET ga-audiences
www.google.com/ads/ 0
0

GET ga-audiences
www.google.de/ads/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-40425645-6&cid=1788595021.1660479812&jid=1082490535&_u=aHDAAAABAAAAAC~&z=1313505461

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-40425645-6&cid=1788595021.1660479812&jid=1082490535&_u=aHDAAAABAAAAAC~&z=1313505461

Verdicts & Comments Add Verdict or Comment

193 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
superdry.com.in/	1970-01-20 14:50:39	Name: __tad Value: 1660479807.1170330
.1redirc.com/	1970-01-20 14:00:15	Name: __dsnsid Value: 2022081422232757b8b3bdb5c2ad70a4
clever-redirect.com/	1970-01-20 05:16:06	Name: b1b8db69d7d761003cdbb6362d66eb69 Value: a888102effa71108debdfcd2fd68a1f98d1fea8faf3a4366057361f173b52c08a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22b1b8db69d7d761003cdbb6362d66eb69%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
.srvtrck.com/	1970-01-20 14:00:15	Name: ykuid Value: c66b425757de46e6a1f050e37b7d466c
.adservicemedia.dk/	1970-01-20 13:53:03	Name: cookie_user_id Value: 1962281004
.adservicemedia.dk/	1970-01-20 13:53:03	Name: cookie_user_id_sig Value: 69a6bcc0ea17615e9231824f9892cab2
.adservicemedia.dk/	1970-01-20 05:57:51	Name: AdServiceTrackCookie25994 Value: 10478-0-v030400013510ef2e548f1f0e413580a0344519e53742%2F%21%21%2Flookandfind.me%2F%21%21%2F%2F%21%21%2F%2F%21%21%2F%2F%21%21%2F
.adservicemedia.dk/	1970-01-20 13:53:03	Name: AdServiceTrackCookie_Agent_5994 Value: 10478-365868-1422168-
.adservicemedia.dk/	1970-01-20 13:53:03	Name: AdServiceTrackCookie_Stamp_5994 Value: 2022-08-14%2014%3A23%3A31
cashper.go2cloud.org/	1970-01-20 05:59:18	Name: enc_aff_session_95 Value: ENC03243864e0281b4ce842c899470031d3da094f8bb4cba4b22eacd4d899eb4a59828d558f0279206fe29ad63f979ef063da7b74e035f1744e46d199ade93168b6089afe8998f1d9d2a50ca1ff57dbd1d6af71cd312f8e68213672d1cadaef075deb333bdd8fcfbc1dbd6815d55d8eef7755b7d00c6ee22a3709010ef864c13b2fb396b1b5300c6ef0173407e4e59d52ae55fefd2d5b442bd400e92b8fa8c303a4631d09b524
cashper.go2cloud.org/	1970-01-20 14:50:39	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDQiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwNC4wLjUxMTIuNzkgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImRlLURFLGRlO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
www.cashper.de/	1970-01-20 05:57:51	Name: CashperCookie Value: CID=212&UTM_SOURCE=Adservice_AS&UTM_CONTENT=mail2&UTM_MEDIUM=referral&UTM_CAMPAIGN=122016M&AFFILIATE_ID=860&OFFER_ID=95&TRANS_ID=102576ac9364cfb15468f9182c1225&AFF_SUB2=&AFF_SUB4=&ApplicationGUIDMarketing=04da6a8c-0b51-4e74-ada5-4d6acb08a5cb&LandingPageURL=http%3a%2f%2fwww.cashper.de%2f&ReferrerURL=https%3a%2f%2fr.srvtrck.com%2f
www.cashper.de/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: mdva20m4y5uvecezm2zhhscr
www.cashper.de/	1970-01-20 14:50:39	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: b822edb14528421784ce3c0874512e06\|False
www.cashper.de/	1969-12-31 23:59:59	Name: Anti_Xsrf_Token Value: 84af0db2b7bd4542bbf16f459052911c
.cashper.de/	1970-01-20 13:59:25	Name: visid_incap_1979232 Value: eFpTMgc6SJOEWd5aE80650Lp+GIAAAAAQUIPAAAAAAButuRVeWOeZ52hG0ldf7jP
.cashper.de/	1969-12-31 23:59:59	Name: incap_ses_245_1979232 Value: SThcduaZpQqixLKu5GpmA0Pp+GIAAAAAkeqkJtWK8W1wLYYZTpWc2g==
www.cashper.de/	1970-01-20 05:14:39	Name: ___utmvc Value: PehTWfqSR+5PNZSopWPdaap3BmPD37Z5D1ZVHpsQY5QhmR1pMW3l9oHgEQnzuICjSgkJt4LEIgbQowxwI3YK0HmOdLzJ2PzlhizlAhCLuTTgw6qyGS3PueB2XtgRQqtCI0bsiGcqfGOOCc8wTP9qv1jP8Ctw68YGXB5QTyag+3du6wNfjll+fCBVRUKXa5HrCkCbohUbTQsJpirU2xbQK40wAjFlXOFVpSNyI6c7jGdwEvIb4cFYCDEUW20Ta0rL6o87zPaZkLZjPcyf0vXwbZcBIFKQd+4pN64RENtPXNGxPGmzXKZirb7jxTwbghd72heOnSNEiCh8WZ2JyiQKtHq6N7F8CaGf0dEVyN7pXjTN84Wx5+c0Ha1A/I8kUHaFOrZid83NruXam1V1dp+oaeoIltFkP9p+t2g5flbmvX6oPKcGWdNinak1OtLr8Jyrh6Adbu3UZMCSh+qMCSbSe6E2bt61mB3vajhwWlZX8cqege4v9qc6pUUA/63T3cWL7hS+WYK9p1X0uUR8Mw26npdm8gBLjpfSCXQkEViOKKDbEcAoyxRPp24OLk+5xTbAlSuZoL6Ir7vydlX+zhLN+yYky6hCJRq9uZ/3iOqzPvLe1R5xWJyROwkCz2RHVaJBIKeD8H92pYr5PZgD/WM4ER3RHKU1uj1bT+2LB9T6QIp3C5ZaXjueo2yPVTgXruY5/mTvj+s/oDT2ZSlXBOtBMQH9iCEAUcnLjjqqHsoAIiSDMFB9Zv3/ojS7b7iY+PY21h0IBBSPpvX/XKwl7ZfoYcanu8bYQjqS0/AjFELNpdOtJUistYgppYRi1r/v85V/p05+Ie4QZhyyQ2lATDAY8TCg2SV3drkZgI1B2a1yTjPBWhG0Er6t0ZPMp2okB5q4DN3rfhQIroLVgLhFt/bRi69AmI1/0Rn9K5Jdwf5b/6f/vjt9hTg4dqKnknKmnLSRia8sdDdP4wTpacPV3Oa7Lzf2/MXe8ts27QKaIGDe0XfSqZhBUi8zhKaIhHjBB2UT8DTkmzfyBZ2Rp9PRLWgP98bonQzmV9CS4tXk777oTnMffyLppLIgbb6Qn1zSpLRb3sgoHTUV+Spn9J147lrBXT1l/jTK2fj8zwk0dKdXMGeBh0qb/cVVhpkUx5quARbKpdE+5YV5toTpO0V8qBIysfXm0ufInZd+oKTcecSOQIhV97nYg4z7CiuwBzntBf4xMJC0estLryrTZW5W0fXxf5yU0zi2X4xDIYVN6HCS+nd38QhqOKsdzcMPZeWIXgGjNs/0p97k5fCXhKnmppAAhtgp0jexSVYZ9mNnD5YQdBYRRfXtRFW/lJcYlams4cLyjs6v2r8wwLuib4XCQ+eZJSTVBfxCvIrynfztF291Y/DMTba4FxbsMd6f4P8NnYFcBTblENs/hULBflDeRQOfO9yiCq/Mry/KFXv+c86BpYjBj/JGn6gi9q1oNlta4VyWqvdox1a3xFqNO0xJSPvzRhFk2L0BgNQlIYvtMexr8UFo/Xxq3vDihdkJ9b2BdTyYxOok1WqZAcGvjq/XTbJQVLtv58iZSLBSntCaVaHtTb8/QzYNEq98YuVLGJLTOV2F9P19f3yL/cRPbG2PMGPOohopuvhRGDwaHib4gvQXjJiW8RiPYrzbX4ahjupWGZpVnIMJ/scsH/9GVgMtCNWwo9TM1hcMHX9GLf52s5nc/kd/vFCdKD2NFnF76DsA5FJFmTXjkYDXc/yIavx9b/uEW83Cr8XKIf6btxTv1UFxE2FJCmWq+iAgFq5TwB84jDMpKrbPlLK6syNiELVJmg4mOIDoiO5foQr3FxbwNXew8GBSF995b5z57LABg42UJLfRVIod59dG0OlVQLa0zv0bNI/DBx+1v3oN44jSY6xlQHcO39uiRuPmhfEakOp861V1F3O/xqSKss943V+J6lDn/Pi48ZwPl/3M506eMaBhAuHoYVz0+iafW53dT/9FdahWjvvyFbH3nkjH6gaOl3P07vMzGFSa8Pxpn1uRyKzTui/zX1i/pZw4KUn7jgF67ya+3VG+1GSHmMDJEyn2G3Fh8DxOnMQgZ0G8YjtqJg+tCCHF5WYnIv3qLQzmysRPjVlLoLjgOdYIXCopPYpBqSyOC99nGe3CQ8qhDvuNgcAPHS9wUSy/+3M73o0gAD0HHFirXkLn0vE+UGmpaUkQEI1beX7UiwMOrR0CnpaUuipbce/cGeeem9OrHe+gcHQFj3iUvOASVkMc3K637UgirxL6j4jlpDEOTkOc5a0TWgEDWtoLhDYiFI2O0HerbA8MvEcskj06WwhhZrjH2cODZ2U8BQhBtXH2yqYLPujD7+khn1VdDftGVXMmPNi1LB7mOhN/3FbFjkeFhZMPjHDAyO/00ua1psHqxRcCplkSWWkKgwSRlvTXSo1T1ul0jLzBgouncaNsnBX4jowpAbq6+l1v/TR6Qx32a3PBM6nrm83j4RlZ8JschdUnbp7NprQYhmAl/QUDBSHcyCeg5OavZoZODMGYg+mV8GLayJMILj7UB1oNQEE6w233VB7uRdzU2ZYoAlmdcHGL3wgc6lebRwpWk97TYc2whPGIZMbZLTicYrOwh8Mo1+kqsktptoghoBjaQrVWY4Z3TRVIEJHSxn30ZFlxAbxvPwGsxLglPkw6qFKncxVok4VQhW5PcJmkv6RDLGRpZ2VzdD0xODQ4OTUscz04YWE5YTlhNjg0N2E3ZTllOGNhMTljOWM3NTdhODg2YzkyOThhNDZkOGE2M2E1NmVhOWFlN2M4MDgxNzc2OTgyN2RhMjliOWM4YjlmNzE3NQ==
.cashper.de/	1970-01-20 07:24:15	Name: _gcl_au Value: 1.1.123691455.1660479812
.cashper.de/	1970-01-20 05:16:06	Name: _gid Value: GA1.2.1715521985.1660479812
.cashper.de/	1970-01-20 05:14:39	Name: _gat Value: 1
.cashper.de/	1970-01-20 14:50:39	Name: _ga_BK42P9ZCRP Value: GS1.1.1660479812.1.0.1660479812.0
.cashper.de/	1970-01-20 14:50:39	Name: _ga Value: GA1.1.1788595021.1660479812

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1redirc.com
adservice.google.com
adservice.google.de
cashper.go2cloud.org
clever-redirect.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
lookandfind.me
online.adservicemedia.dk
pagead2.googlesyndication.com
partner.googleadservices.com
r.srvtrck.com
region1.google-analytics.com
smart-widget-assets.ekomiapps.de
stats.g.doubleclick.net
superdry.com.in
sw-assets.ekomiapps.de
tpc.googlesyndication.com
widget.trustpilot.com
www.cashper.de
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
tpc.googlesyndication.com
www.google.com
www.google.de
103.224.182.206
103.224.182.210
142.250.186.34
157.90.169.168
18.66.97.50
18.66.97.62
2001:4860:4802:32::178
2001:4860:4802:32::36
2606:4700::6813:a960
2a00:1450:4001:803::2003
2a00:1450:4001:806::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2008
2a00:1450:4001:829::2002
2a00:1450:400c:c08::9c
2a00:1450:400e:80c::200a
2a02:e980:107::50
34.117.151.98
52.210.2.133
52.222.236.94
78.46.197.88
0335edef37820a2a21005b785fb1c17d9ab3774abd7adc8fa54a5f6ad22d9459
064652006fbaf1459baea4e48875d78fc2a7356b7a342e9f3be186e80e2704d2
135812a4ff40b4fc17d59c1c452fba976fc0836c012943327920fce587c6ddd8
1d9252cfa99740f0d6336739c735cb8348196a2e1320e5f338dde8f719252918
1dfa52d607443e3122bc6ce4fc406c3399180e9e05d0962aa93a17308d006819
23c1f7d6cb5c6fb01ec37362734a6d2d40ba02cde142af20fc2064a1346ecc07
2747bd521504adc33cb63262b27e04745bdb4f2bdf2d963dc45c5da6a964bab8
28d2802f5a614098a488d893a1b697dbb7aa25f5c3d84a274837cdd72488de3f
2cf93af00945521238ff5b763e8dcc47077d4602fe2c394ffeea13c4c4bba5ab
2f30121e454822f43a2e366c6f13c78eed0cbfdde8735a4e6edc5f036d611e76
2fdf5b8b53f5e535ed48b8f041c867cdadedd1ea04c17e4c8ed9f0bba13c3136
335e159e9a2d4f05a61d2c9d416a56c560ba8c7d887b8997be94990f30e252e3
337290f29a7c1923ee4724b0bbae869e478e2b4cf883474bae2ff93216bd7ead
33fc32c651c1f7ea6f2dafcf22ccb7f5f3b3a2107c374c79bc052515f7b25668
347de57f9eff9b720da8493d27619439fef219ba67cf16a95567031e5d68c703
3654737263ce03c3e2ea0d8fb9bea7d6e9053bba354777c52f71a13e3a429710
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
410645da79463eb8e93be26b0a65b911e1aa9119d65719be54042cca8961238c
4859c25a89f5316aa1f06e4abb14cae0b3b87b6b7553595d86ea9b2d2ec54e8b
4b9319bfeebe31cc1cbfa9bc6d3a72b4f81647ae8164dcda396112c659810744
50202b25adc5f2d81a3fe0b19a6d83bcac9feb4ece6626208f9cc5e3bce7aedc
54770326c9ab8bf5dd51ffa3869ea7370bf485c262af7fe00a434a5c3cf8324b
59df6220fbd943e8cc4fd226f0174e5ddd07c60f0b30a1312fe797139cdb93b9
5a291facb6a1b1edcaef05bf69a512f5f258e554198c8df45baf0120b49b3917
5b52fd947e30fe54e2d7bdab537fee8d5ad98307a324f15d734df3b90361057f
649f960bc413a047ed2f68ea68a86c456adda9e432a3df7d187b4ba00417d60a
67811507b56a894f836776d0abc284498e31dbd91ce0bd8f3ae554e431bfd790
6f3f25169739a16e485aa9dcadc960ac53e71e795255938e3030ab26dccc98cf
738c2f3f46f7bd7392962b24b33e18cbfb408b5391f2f07a72a541aae987df5e
7807b12ebc0c56fec534e8832b3208369f4643879b74ab05bdbea4dda19bcf20
7ce136d17ff50c689102e5e5f1688041ba001a18330c5da81ca6ce687206c527
7e2635f66e8670392b99e671649614c3dbaf0fe6f7f0121b4de3867e4470f235
83500c916e662e636c068162cbf26d33c4b06b0f7075cfb81d1d4f166350cfe0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c989b35eb95f93d4d37fca4a5caf3a0a9ddfc0144f5056cabcf34b3502eeeb4
920dc7970c3e71c15c566d28cbfac0ad73945245f61c377370b376f56edbb423
9cf9e023a1329e30ce75b5484c866b1b30c83ea157db348e98d63558a5634c48
9d8dcbacf7f07f7ab6eb46463bae8f31136611ec2296da9ce53512837cce0ca9
a0ae09929605e6f45470f62f9ec51e9ec846c70ba08947c673728468044ca1f0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2abf155f4572195ab13f9f1542171a18a298d373fc08ad3d7c160ea1191101c
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
a3827d63c04852dcc6fe4cb889e025134d83e1a2d3b4f62377a5af6917d3da8e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5415b56c5a5181236611d1712980147013415451fec7ecf730fc4160b6a3b4c
a63823d7c26c10cc1de086f5ad9597514380e9daf68bd787eea7d25599da4d47
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0991b25109e58dc934bbc36b62c899202d83f5b45208a054e2457527a44c095
b0b127fc3cd1fc45bdf6b74eb838c0eceecafc2f7ad565cfac9a3c5a1e469f81
b737349ef2b91b65eb4efef460befd3ddabe3d211ab14273ca90216e3756036e
bee692d70ffca7ee26788730954f820298ad0ffceea962d95a7e132b73cdc189
d49bf490a005f1664191f94fece5eb1aac6d88fc2d8064bec75ec278a0d05461
db5a54caa2e84783e8993d1a0bba1fb3461ef847ac17ef649091b70eb4f4f8c3
de08ab63c7e84f0d6783c83580924c60b33b979a5bf9ba313547819dfcecfdda
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e479c7d39bb45647da16ed1722f2fde9499aa01099b90e390c6e8b3412fe80ef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7b282d71f7213abef62368e513792f7fc1f795fda50c66a80f9e346a484892
f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb
f4cbf8e2633a412cc904d91c09aa420c704d3bebf8d42439d49beaebf6a55c58
f51590d5dc8f61cfc0c025dfc89f35c726bef31ec33664ff8bebbb73e4fae660
f57c72f10af251b51da424d3b0cb9cfb75ab7ab4e4b6edbcaa5b5aecaaabcde4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f87e2f5e043bae07c9cfffa30ee52c7e58b2d5ccb1903cbc032cc3217001883f
fa2795dcd711a977a5d338bdfacef8877c53bbb23a479c9bf3a6f7186618ddee
fd120d61c7adb231fce1c16f6e3be19581f3d6f1c29ab585d4642351de847d90

www.cashper.de Open in urlscan Pro 2a02:e980:107::50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

85 Requests

92 %HTTPS

58 %IPv6

19 Domains

25 Subdomains

22 IPs

4 Countries

1317 kBTransfer

2897 kBSize

23 Cookies

1 Outgoing links

Page URL History

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cashper.de Open in urlscan Pro
2a02:e980:107::50 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

92 %
HTTPS

58 %
IPv6

19
Domains

25
Subdomains

22
IPs

4
Countries

1317 kB
Transfer

2897 kB
Size

23
Cookies

85 HTTP transactions
0 data transactions