urlscan.io logo urlscan.io
SecurityTrails logo

wwc.triff-mich-heute.com Open in urlscan Pro
52.222.169.96  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ehbemrn.com/
Effective URL: https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
Submission: On February 01 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 21 HTTP transactions. The main IP is 52.222.169.96, located in United States and belongs to AMAZON-02, US. The main domain is wwc.triff-mich-heute.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 8th 2023. Valid for: a year.
This is the only time wwc.triff-mich-heute.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 44.230.85.241 16509 (AMAZON-02)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
3 5 172.255.248.125 7979 (SERVERS-COM)
2 2 54.220.167.226 16509 (AMAZON-02)
1 1 52.51.89.4 16509 (AMAZON-02)
12 52.222.169.96 16509 (AMAZON-02)
2 52.49.160.24 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
21 6
1    44.230.85.241 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-85-241.us-west-2.compute.amazonaws.com
ehbemrn.com
1    2606:4700:3035::6815:4f5e (United States)

ASN13335 (CLOUDFLARENET, US)
kexkex.net
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
scbika.uno
1    2606:4700:3035::ac43:cecd (United States)

ASN13335 (CLOUDFLARENET, US)
15j.bugagash1.top
5    172.255.248.125 (Luxembourg, Luxembourg)

ASN7979 (SERVERS-COM, US)
go.gkrtmc.com
2    54.220.167.226 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-167-226.eu-west-1.compute.amazonaws.com
www3secure.com
1    52.51.89.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-89-4.eu-west-1.compute.amazonaws.com
wwv.triff-mich-heute.com
12    52.222.169.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-169-96.cdg52.r.cloudfront.net
wwc.triff-mich-heute.com
2    52.49.160.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-160-24.eu-west-1.compute.amazonaws.com
triff-mich-heute.com
4    2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
1    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
Apex Domain
Subdomains		 Transfer
15 triff-mich-heute.com
wwv.triff-mich-heute.com
wwc.triff-mich-heute.com
triff-mich-heute.com
647 KB
5 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4149
onesignal.com — Cisco Umbrella Rank: 1446
83 KB
5 gkrtmc.com
go.gkrtmc.com — Cisco Umbrella Rank: 505488
6 KB
2 www3secure.com
www3secure.com
1 KB
1 bugagash1.top
15j.bugagash1.top
920 B
1 scbika.uno
scbika.uno
800 B
1 kexkex.net
kexkex.net
791 B
1 ehbemrn.com
ehbemrn.com
242 B
21 8
Domain Requested by
12 wwc.triff-mich-heute.com go.gkrtmc.com
wwc.triff-mich-heute.com
5 go.gkrtmc.com 3 redirects go.gkrtmc.com
3 onesignal.com cdn.onesignal.com
2 cdn.onesignal.com go.gkrtmc.com
cdn.onesignal.com
2 triff-mich-heute.com go.gkrtmc.com
2 www3secure.com 2 redirects
1 wwv.triff-mich-heute.com 1 redirects
1 15j.bugagash1.top 1 redirects
1 scbika.uno 1 redirects
1 kexkex.net 1 redirects
1 ehbemrn.com 1 redirects
21 11

This site contains links to these domains. Also see Links.

Domain
triff-mich-heute.com
Subject Issuer Validity Valid
track.cpamatica.com
R3		 2024-01-31 -
2024-04-30		 3 months crt.sh
triff-mich-heute.com
Amazon RSA 2048 M02		 2023-08-08 -
2024-09-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
onesignal.com
E1		 2023-12-25 -
2024-03-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
Frame ID: DA139EE1BBF1B919290AAC2D65877287
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Triff-mich-heute.com - heute noch treffen

Page URL History Show full URLs

  1. http://ehbemrn.com/ HTTP 307
    https://kexkex.net/w19dXx HTTP 302
    https://scbika.uno/click?o=2&a=585&aff_click_id=2soar9vfgnpk31u0 HTTP 302
    https://15j.bugagash1.top/click.php?key=lav6t81woikcpgjtxpyd&externalid=6c6d0887051ab5a64aa6066e1ed4e3... HTTP 302
    https://go.gkrtmc.com/aff_c?offer_id=5577&aff_id=52468&aff_sub5=other&click_id=ede5bk2du7sa8wj86d&... HTTP 302
    https://go.gkrtmc.com/cl?offer_id=5577&aff_id=52468&aff_sub5=other&click_id=ede5bk2du7sa8wj86d&aff... Page URL
  2. https://go.gkrtmc.com/aff_c?offer_id=5577&aff_id=52468&aff_sub5=other&click_id=ede5bk2du7sa8wj86d&... HTTP 302
    https://go.gkrtmc.com/aff_c?offer_id=5576&aff_id=52468&aff_sub5=other&click_id=ede5bk2du7sa8wj86d&... HTTP 302
    https://go.gkrtmc.com/rd.html?go=https%3A%2F%2Fwww3secure.com%2F%3Fa%3D449%26c%3D4117%26s1%3D52468... Page URL
  3. https://www3secure.com/?a=449&c=4117&s1=52468&s2=37_52468_5576_2521a08cbf37483ee3ceaf1a39cd407e&s3=585 HTTP 302
    https://www3secure.com/?a=449&c=4117&s1=52468&s2=37_52468_5576_2521a08cbf37483ee3ceaf1a39cd407e&s3=... HTTP 302
    https://wwv.triff-mich-heute.com/lps/?lppnr=501&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=30050144900... HTTP 302
    https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=3... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Page Statistics

21
Requests

100 %
HTTPS

45 %
IPv6

8
Domains

11
Subdomains

6
IPs

3
Countries

732 kB
Transfer

1022 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ehbemrn.com/ HTTP 307
    https://kexkex.net/w19dXx HTTP 302
    https://scbika.uno/click?o=2&a=585&aff_click_id=2soar9vfgnpk31u0 HTTP 302
    https://15j.bugagash1.top/click.php?key=lav6t81woikcpgjtxpyd&externalid=6c6d0887051ab5a64aa6066e1ed4e335&a=585&landing=&sub_id1= HTTP 302
    https://go.gkrtmc.com/aff_c?offer_id=5577&aff_id=52468&aff_sub5=other&click_id=ede5bk2du7sa8wj86d&aff_sub=585&source=585 HTTP 302
    https://go.gkrtmc.com/cl?offer_id=5577&aff_id=52468&aff_sub5=other&click_id=ede5bk2du7sa8wj86d&aff_sub=585&source=585&bofc=aff_c Page URL
  2. https://go.gkrtmc.com/aff_c?offer_id=5577&aff_id=52468&aff_sub5=other&click_id=ede5bk2du7sa8wj86d&aff_sub=585&source=585&bofc=aff_c HTTP 302
    https://go.gkrtmc.com/aff_c?offer_id=5576&aff_id=52468&aff_sub5=other&click_id=ede5bk2du7sa8wj86d&aff_sub=585&source=585&bofc=aff_c&url_id= HTTP 302
    https://go.gkrtmc.com/rd.html?go=https%3A%2F%2Fwww3secure.com%2F%3Fa%3D449%26c%3D4117%26s1%3D52468%26s2%3D37_52468_5576_2521a08cbf37483ee3ceaf1a39cd407e%26s3%3D585 Page URL
  3. https://www3secure.com/?a=449&c=4117&s1=52468&s2=37_52468_5576_2521a08cbf37483ee3ceaf1a39cd407e&s3=585 HTTP 302
    https://www3secure.com/?a=449&c=4117&s1=52468&s2=37_52468_5576_2521a08cbf37483ee3ceaf1a39cd407e&s3=585&ckm-x=cmtqs826bkiseboklu80 HTTP 302
    https://wwv.triff-mich-heute.com/lps/?lppnr=501&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1 HTTP 302
    https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ehbemrn.com/ HTTP 307
  • https://kexkex.net/w19dXx HTTP 302
  • https://scbika.uno/click?o=2&a=585&aff_click_id=2soar9vfgnpk31u0 HTTP 302
  • https://15j.bugagash1.top/click.php?key=lav6t81woikcpgjtxpyd&externalid=6c6d0887051ab5a64aa6066e1ed4e335&a=585&landing=&sub_id1= HTTP 302
  • https://go.gkrtmc.com/aff_c?offer_id=5577&aff_id=52468&aff_sub5=other&click_id=ede5bk2du7sa8wj86d&aff_sub=585&source=585 HTTP 302
  • https://go.gkrtmc.com/cl?offer_id=5577&aff_id=52468&aff_sub5=other&click_id=ede5bk2du7sa8wj86d&aff_sub=585&source=585&bofc=aff_c
Request Chain 1
  • https://go.gkrtmc.com/aff_c?offer_id=5577&aff_id=52468&aff_sub5=other&click_id=ede5bk2du7sa8wj86d&aff_sub=585&source=585&bofc=aff_c HTTP 302
  • https://go.gkrtmc.com/aff_c?offer_id=5576&aff_id=52468&aff_sub5=other&click_id=ede5bk2du7sa8wj86d&aff_sub=585&source=585&bofc=aff_c&url_id= HTTP 302
  • https://go.gkrtmc.com/rd.html?go=https%3A%2F%2Fwww3secure.com%2F%3Fa%3D449%26c%3D4117%26s1%3D52468%26s2%3D37_52468_5576_2521a08cbf37483ee3ceaf1a39cd407e%26s3%3D585

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
cl
go.gkrtmc.com/
Redirect Chain
  • http://ehbemrn.com/
  • https://kexkex.net/w19dXx
  • https://scbika.uno/click?o=2&a=585&aff_click_id=2soar9vfgnpk31u0
  • https://15j.bugagash1.top/click.php?key=lav6t81woikcpgjtxpyd&externalid=6c6d0887051ab5a64aa6066e1ed4e335&a=585&landing=&sub_id1=
  • https://go.gkrtmc.com/aff_c?offer_id=5577&aff_id=52468&aff_sub5=other&click_id=ede5bk2du7sa8wj86d&aff_sub=585&source=585
  • https://go.gkrtmc.com/cl?offer_id=5577&aff_id=52468&aff_sub5=other&click_id=ede5bk2du7sa8wj86d&aff_sub=585&source=585&bofc=aff_c
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.gkrtmc.com/cl?offer_id=5577&aff_id=52468&aff_sub5=other&click_id=ede5bk2du7sa8wj86d&aff_sub=585&source=585&bofc=aff_c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
172.255.248.125 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store no-store, no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
Content-Type
text/html; charset=utf-8
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Resource-Policy
same-origin
Date
Thu, 01 Feb 2024 14:43:44 GMT
ETag
W/"5c0-hJoth3V5sifmxa4R/2fOg6Mo6M8"
Origin-Agent-Cluster
?1
Referrer-Policy
no-referrer
Server
nginx
Strict-Transport-Security
max-age=15552000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
0

Redirect headers

Cache-Control
no-store, no-cache
Connection
keep-alive
Content-Length
348
Content-Security-Policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Content-Type
text/html; charset=utf-8
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Resource-Policy
same-origin
Date
Thu, 01 Feb 2024 14:43:44 GMT
Location
https://go.gkrtmc.com/cl?offer_id=5577&aff_id=52468&aff_sub5=other&click_id=ede5bk2du7sa8wj86d&aff_sub=585&source=585&bofc=aff_c
Origin-Agent-Cluster
?1
Referrer-Policy
no-referrer
Server
nginx
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Accept
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
0
rd.html
go.gkrtmc.com/
Redirect Chain
  • https://go.gkrtmc.com/aff_c?offer_id=5577&aff_id=52468&aff_sub5=other&click_id=ede5bk2du7sa8wj86d&aff_sub=585&source=585&bofc=aff_c
  • https://go.gkrtmc.com/aff_c?offer_id=5576&aff_id=52468&aff_sub5=other&click_id=ede5bk2du7sa8wj86d&aff_sub=585&source=585&bofc=aff_c&url_id=
  • https://go.gkrtmc.com/rd.html?go=https%3A%2F%2Fwww3secure.com%2F%3Fa%3D449%26c%3D4117%26s1%3D52468%26s2%3D37_52468_5576_2521a08cbf37483ee3ceaf1a39cd407e%26s3%3D585
329 B
566 B 		Document
General
Check archive.org
Download Go to
Full URL
https://go.gkrtmc.com/rd.html?go=https%3A%2F%2Fwww3secure.com%2F%3Fa%3D449%26c%3D4117%26s1%3D52468%26s2%3D37_52468_5576_2521a08cbf37483ee3ceaf1a39cd407e%26s3%3D585
Requested by
Host: go.gkrtmc.com
URL: https://go.gkrtmc.com/cl?offer_id=5577&aff_id=52468&aff_sub5=other&click_id=ede5bk2du7sa8wj86d&aff_sub=585&source=585&bofc=aff_c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
172.255.248.125 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://go.gkrtmc.com/cl?offer_id=10170&aff_id=47487&aff_sub5=other&click_id=ede5bk2du7sa8wj86d&aff_sub=52468&source=585&bofc=aff_c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 01 Feb 2024 14:43:44 GMT
ETag
W/"61168831-149"
Last-Modified
Fri, 13 Aug 2021 14:56:49 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache
Connection
keep-alive
Content-Length
328
Content-Security-Policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Content-Type
text/html; charset=utf-8
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Resource-Policy
same-origin
Date
Thu, 01 Feb 2024 14:43:44 GMT
Location
/rd.html?go=https%3A%2F%2Fwww3secure.com%2F%3Fa%3D449%26c%3D4117%26s1%3D52468%26s2%3D37_52468_5576_2521a08cbf37483ee3ceaf1a39cd407e%26s3%3D585
Origin-Agent-Cluster
?1
Referrer-Policy
no-referrer
Server
nginx
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Accept
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
0
Primary Request index.htm
wwc.triff-mich-heute.com/v30001/
Redirect Chain
  • https://www3secure.com/?a=449&c=4117&s1=52468&s2=37_52468_5576_2521a08cbf37483ee3ceaf1a39cd407e&s3=585
  • https://www3secure.com/?a=449&c=4117&s1=52468&s2=37_52468_5576_2521a08cbf37483ee3ceaf1a39cd407e&s3=585&ckm-x=cmtqs826bkiseboklu80
  • https://wwv.triff-mich-heute.com/lps/?lppnr=501&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
  • https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
Requested by
Host: go.gkrtmc.com
URL: https://go.gkrtmc.com/rd.html?go=https%3A%2F%2Fwww3secure.com%2F%3Fa%3D449%26c%3D4117%26s1%3D52468%26s2%3D37_52468_5576_2521a08cbf37483ee3ceaf1a39cd407e%26s3%3D585
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.169.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-169-96.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
feb240360f22d67e23ea1b34cfb9f6140642236799f259e4c2c0529cc8071f3f

Request headers

Referer
https://go.gkrtmc.com/rd.html?go=https%3A%2F%2Fwww3secure.com%2F%3Fa%3D449%26c%3D4117%26s1%3D52468%26s2%3D37_52468_5576_2521a08cbf37483ee3ceaf1a39cd407e%26s3%3D585
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4467
content-length
4181
content-type
text/html
date
Thu, 01 Feb 2024 14:43:45 GMT
etag
"f892842a64bb1a3772067b5151604cec"
last-modified
Mon, 04 May 2020 08:35:21 GMT
server
AmazonS3
via
1.1 127aaaaca740f298a4c887357ec047b4.cloudfront.net (CloudFront)
x-amz-cf-id
0ZQgxg-qhiM09hTK2lvggGVGDV_E667_DcRFA0EfDliUaD0ITK05Wg==
x-amz-cf-pop
CDG52-P2
x-amz-meta-s3b-last-modified
20200205T090510Z
x-cache
Hit from cloudfront

Redirect headers

cache-control
private
content-length
265
content-type
text/html; charset=utf-8
date
Thu, 01 Feb 2024 14:43:45 GMT
location
https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
x-frame-options
SAMEORIGIN
bootstrap_4.0.min.css
wwc.triff-mich-heute.com/css/ 		141 KB
142 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wwc.triff-mich-heute.com/css/bootstrap_4.0.min.css
Requested by
Host: wwc.triff-mich-heute.com
URL: https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.169.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-169-96.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f9f1ce2a9079ebe7445ff10ac12b8f049abc43c499f4978297ec5dd23283a2e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 07:15:07 GMT
via
1.1 127aaaaca740f298a4c887357ec047b4.cloudfront.net (CloudFront)
last-modified
Fri, 24 Jan 2020 10:10:54 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P2
age
26919
etag
"5db9bf474749433451939873c137c467"
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
144835
x-amz-cf-id
VQ53YxIUJXwFAvjD_YiPj8vrv7rWBaUCdH7MZuDyzXH0RdNRZ5ISjw==
x-amz-meta-s3b-last-modified
20180814T070342Z
layout000.css
wwc.triff-mich-heute.com/css/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wwc.triff-mich-heute.com/css/layout000.css
Requested by
Host: wwc.triff-mich-heute.com
URL: https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.169.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-169-96.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
169a5245c4331d7050f8be8651ff14c11fe0ed1a805cb44a2d459d6b4c332f3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 04:10:09 GMT
via
1.1 127aaaaca740f298a4c887357ec047b4.cloudfront.net (CloudFront)
last-modified
Wed, 05 Feb 2020 10:36:26 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P2
age
38017
etag
"5e35668479cdadea5c09eb2bbd4952f6"
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
4302
x-amz-cf-id
SWmlZEO5GrPbjQ4Od80PHSOObwiBE5zEMf5L_TTlymLGWuTeM42TbQ==
x-amz-meta-s3b-last-modified
20200205T103553Z
layout000.css
wwc.triff-mich-heute.com/css/s01_p30/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wwc.triff-mich-heute.com/css/s01_p30/layout000.css
Requested by
Host: wwc.triff-mich-heute.com
URL: https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.169.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-169-96.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3fb05284c67ada494e163a860d16e130eb64378b16206005803864e5a8a5a233

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 07:56:52 GMT
via
1.1 127aaaaca740f298a4c887357ec047b4.cloudfront.net (CloudFront)
last-modified
Mon, 04 May 2020 08:11:37 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P2
age
24414
etag
"3a24759e402b4c38723c70c9fdcf5204"
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
4645
x-amz-cf-id
SnAPcLD7UxOVmCPYM1MtfaIDJtFmPHxmhYh8h5X8sPAaQJRqVgb51w==
x-amz-meta-s3b-last-modified
20200430T092352Z
1-Step_v01.css
wwc.triff-mich-heute.com/css/s01_p30/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wwc.triff-mich-heute.com/css/s01_p30/1-Step_v01.css
Requested by
Host: wwc.triff-mich-heute.com
URL: https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.169.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-169-96.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a45cde2077e3bfcebedc7e77d903d30ff8808a935e3af37086ff32db6435a79a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 08:11:50 GMT
via
1.1 127aaaaca740f298a4c887357ec047b4.cloudfront.net (CloudFront)
last-modified
Wed, 05 Feb 2020 10:23:22 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P2
age
23516
etag
"e47a870ec099fa562f4fac31644f4d51"
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
1393
x-amz-cf-id
fd12RvYLEkeCqercck2Ds0IbdmepdxA1_dsFa2W2ZPPtNyB9dcrjzQ==
x-amz-meta-s3b-last-modified
20200130T083140Z
lib_v01.js
wwc.triff-mich-heute.com/ 		126 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwc.triff-mich-heute.com/lib_v01.js
Requested by
Host: wwc.triff-mich-heute.com
URL: https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.169.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-169-96.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
69a020a341069798b881cb32492682197e30b9b9f63f3ecf5e2d6ffacc5b678d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 08:45:48 GMT
via
1.1 127aaaaca740f298a4c887357ec047b4.cloudfront.net (CloudFront)
last-modified
Tue, 26 Apr 2022 11:22:15 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P2
age
21478
etag
"02fd9bf25563d8fbf653b6015cd4248b"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
128824
x-amz-cf-id
nyKKkS-C71ohaRTOSBCS1WrODirfxiDdFIFe45jWNDC_PTn5tqqrPg==
x-amz-meta-s3b-last-modified
20220421T111324Z
layout_v01.js
wwc.triff-mich-heute.com/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwc.triff-mich-heute.com/layout_v01.js
Requested by
Host: wwc.triff-mich-heute.com
URL: https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.169.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-169-96.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d065192361ae3798b806825a15238b9acb92e92bcad102ad933f22e42633987e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 02:51:01 GMT
via
1.1 127aaaaca740f298a4c887357ec047b4.cloudfront.net (CloudFront)
last-modified
Fri, 26 Feb 2021 11:45:16 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P2
age
42765
etag
"53d6c73c8c88adc3a32327d951c70991"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4683
x-amz-cf-id
EoqguvGs1BM7jFKWXyTcIMY1HQoSxJj0U48DxrZ1S117OOlmRF6XuA==
x-amz-meta-s3b-last-modified
20210226T104723Z
script_v01.js
wwc.triff-mich-heute.com/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwc.triff-mich-heute.com/script_v01.js
Requested by
Host: wwc.triff-mich-heute.com
URL: https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.169.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-169-96.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cd55eed41e7fa36600cfae59bd6b32fc47c74fdd3eba29846f9ddb9efd16153

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 08:13:06 GMT
via
1.1 127aaaaca740f298a4c887357ec047b4.cloudfront.net (CloudFront)
last-modified
Fri, 24 Jan 2020 10:13:25 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P2
age
23440
etag
"aead8f9a8872bbcbf8bc04f2c369443c"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6502
x-amz-cf-id
50yml62CF720SdVxy8hbVY_wJ_dTLeVsS0xeOWTQOKdbHG1nl82g4g==
x-amz-meta-s3b-last-modified
20200110T123341Z
escape_stop_v01.js
wwc.triff-mich-heute.com/js/escape_stop/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwc.triff-mich-heute.com/js/escape_stop/escape_stop_v01.js?escapeeffect=1
Requested by
Host: wwc.triff-mich-heute.com
URL: https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.169.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-169-96.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab54937d864c602eee97d7bc06dc4d91f642bf17421bf95ee1e80c4b16b407c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 08:01:02 GMT
via
1.1 127aaaaca740f298a4c887357ec047b4.cloudfront.net (CloudFront)
last-modified
Fri, 24 Jan 2020 10:11:07 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P2
age
24164
etag
"f5cc17383d5f91273e38248ca2823c62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3611
x-amz-cf-id
lBmtIxBPB8khz-Ezg7fxhnihV2mjSkctVGv_1Dhcql5VoWtNA2ahVw==
x-amz-meta-s3b-last-modified
20181129T123929Z
bg.jpg
wwc.triff-mich-heute.com/v30001/img/ 		341 KB
342 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwc.triff-mich-heute.com/v30001/img/bg.jpg
Requested by
Host: wwc.triff-mich-heute.com
URL: https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.169.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-169-96.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09a8abf0f428f08a440cfb2a40548629d37b7addcaea5d5df82bd080b117f88c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 14:43:45 GMT
via
1.1 127aaaaca740f298a4c887357ec047b4.cloudfront.net (CloudFront)
last-modified
Mon, 04 May 2020 08:35:22 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P2
age
31288
etag
"97cfc627f7539ca15d9e0b19fedf64e3"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
349360
x-amz-cf-id
BYuAcgNjK-v71MXugHdWCm0kuNruFxf5a6677qBMdJeA6bTzzKN-og==
x-amz-meta-s3b-last-modified
20200427T095842Z
S3PortalSettings.js
wwc.triff-mich-heute.com/ 		243 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wwc.triff-mich-heute.com/S3PortalSettings.js?_=1706798625556
Requested by
Host: wwc.triff-mich-heute.com
URL: https://wwc.triff-mich-heute.com/lib_v01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.169.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-169-96.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb3918ab489a99eb276214d6017fa50082f4d3fc293ca6ada21048df1c36419a

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 14:43:45 GMT
via
1.1 127aaaaca740f298a4c887357ec047b4.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
8ZvEV6PHAD0YwtI4nc6fJdLXfRyDptQgt4piU7jA-3RObO3oWa9CYw==
x-cache
Error from cloudfront
content-type
application/xml
S3LandingPages_v01.js
wwc.triff-mich-heute.com/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wwc.triff-mich-heute.com/S3LandingPages_v01.js?_=1706798625694
Requested by
Host: wwc.triff-mich-heute.com
URL: https://wwc.triff-mich-heute.com/lib_v01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.169.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-169-96.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
602a3c1aed763b185e0446ccff6a32c8d464e5a6b2e7854376c7be3171218ad6

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 07:25:03 GMT
via
1.1 127aaaaca740f298a4c887357ec047b4.cloudfront.net (CloudFront)
last-modified
Fri, 24 Jan 2020 10:09:37 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P2
age
26323
etag
"7598dada14041048fb1d05325875be00"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2967
x-amz-cf-id
geRhKnHQ781bpRNA4fOpS_UWh7QC6uEGqCB2SixEoPeckp7l9-IuCQ==
x-amz-meta-s3b-last-modified
20190516T090438Z
S3LandingPages.ashx
triff-mich-heute.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://triff-mich-heute.com/S3LandingPages.ashx?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1&pageNumber=30001&inServer=false&urlReferrer=https://go.gkrtmc.com/&url=https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.160.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-160-24.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://wwc.triff-mich-heute.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
OPTIONS, TRACE, GET, HEAD, POST
content-length
0
date
Thu, 01 Feb 2024 14:43:45 GMT
public
OPTIONS, TRACE, GET, HEAD, POST
server
Microsoft-IIS/10.0
S3LandingPages.ashx
triff-mich-heute.com/ 		525 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://triff-mich-heute.com/S3LandingPages.ashx?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1&pageNumber=30001&inServer=false&urlReferrer=https://go.gkrtmc.com/&url=https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
Requested by
Host: go.gkrtmc.com
URL: https://go.gkrtmc.com/cl?offer_id=5577&aff_id=52468&aff_sub5=other&click_id=ede5bk2du7sa8wj86d&aff_sub=585&source=585&bofc=aff_c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.160.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-160-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6df998b7a6da90fb855efa261c6995bcd708913ac1426a58dade68bcd9240a85

Request headers

Referer
https://wwc.triff-mich-heute.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Feb 2024 14:43:45 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
525
expires
-1
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: go.gkrtmc.com
URL: https://go.gkrtmc.com/cl?offer_id=5577&aff_id=52468&aff_sub5=other&click_id=ede5bk2du7sa8wj86d&aff_sub=585&source=585&bofc=aff_c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwc.triff-mich-heute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 14:43:46 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
430
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
84eaf7f4bf329960-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sun, 04 Feb 2024 14:43:46 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwc.triff-mich-heute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 14:43:46 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
430
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
84eaf7f50f7e9960-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sun, 04 Feb 2024 14:43:46 GMT
web
onesignal.com/api/v1/sync/d8b87d73-ad10-49f4-b62e-db75ebd10921/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/d8b87d73-ad10-49f4-b62e-db75ebd10921/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79796d8eb99ceac997ce20b3c80e1f44fa5ba4050cbe208da0efca91ed16fb47
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwc.triff-mich-heute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 14:43:46 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
441
cf-polished
origSize=4219
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
a680af34-d134-4adc-abae-e0d132cf0425
x-runtime
0.035594
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"0ce900516963d69a500bcd08de0d9616"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
84eaf7f5980f9960-FRA
access-control-allow-headers
SDK-Version
expires
Thu, 01 Feb 2024 15:43:46 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwc.triff-mich-heute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 14:43:46 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
429
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
84eaf7f60c389226-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sat, 02 Mar 2024 14:43:46 GMT
icon
onesignal.com/api/v1/apps/d8b87d73-ad10-49f4-b62e-db75ebd10921/ 		44 B
707 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/d8b87d73-ad10-49f4-b62e-db75ebd10921/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwc.triff-mich-heute.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 01 Feb 2024 14:43:46 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
content-length
44
x-xss-protection
1; mode=block
x-request-id
ff498d0f-ce1a-49ee-8108-377086857287
x-runtime
0.016292
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"e51140cdcd044ad76335646936ec5319"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
accept-ranges
bytes
cf-ray
84eaf7f72a71bb61-FRA
access-control-allow-headers
SDK-Version
truncated
/ 		582 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| cookieEnabled string| cookieValidationErrorText string| maxmind_geo_url string| PortalUrl string| PortalDomain number| PageNumber string| registFormId string| registButtonSelector boolean| mousedownHappened object| ControlsArray object| ErrorsArray object| validationresult function| validateform function| callbackFunction function| getResultErrorForIndex function| getResultErrorForCtrl function| ctrlIsValide function| isVarDefined function| isFuncDefined function| showFormResult function| updateControlError function| setLPInfo function| checkIsIPV4 function| OnDocumentReady function| SetGenderValue function| SetSearchGenderValue function| SetSelectedGender function| setCityInPage function| ValidateDOB function| GetValideDate function| MinAgeIsValide function| FillYearSelect function| SetDateInPage function| ReplaceImagesInPage string| strSliderHtml string| strTimerFormat string| strPersonenFormat string| strRegistrierungenFormat function| rand function| addLeading0 function| getOpposite function| startsWith function| endsWith function| getQuerystring function| getQuerystringParam function| jsonp function| $ function| jQuery number| StepsCount number| stepNr boolean| staticBg boolean| changeBg boolean| changeStepClass string| submitButtonSelector string| errorMessageContainerSelector string| stepsSelector string| progressStepsSelector string| stepEmotionImage string| attributValidationCtrlID function| GetStepContainer function| GetProgressItem function| SetStepEmotionImage function| ValidateStep function| DisableSubmitOnLastStep function| CallValidateForm function| ShowStepResult function| ShowError function| HideError function| ValidateDOBStep function| IsLastStep function| ShowNextStep function| InitAdditionalStepElements function| SetBg function| GetStepClassName function| SetBodyClassName number| idleTime number| maxTime number| viewTimes boolean| has_man_frau_ico boolean| has_timer_dimmer boolean| has_one_step_timer boolean| has_back_icon_box boolean| is_10er boolean| dim_on_step2 number| yes_counter undefined| StepCount function| ToggleClass function| SetTimer function| SetTimer_OneStep function| SetTimer_BackIconBox function| ChangeBodyClass function| imgchanger function| changeImages function| changeBack function| replaceImage function| UnbindBeforeUnloadWnd object| scripts object| myScript string| queryString object| params function| parseQuery function| getScriptParam function| getUrlVars object| alert_strings string| escape_message object| jQuery18105646111436004546 function| S3LandingPages function| ChangeHrefs function| CallLandingHandler function| OneSignal number| __oneSignalSdkLoadCount function| __jp0

18 Cookies

Domain/Path Name / Value
.kexkex.net/ Name: 847ba
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzA2Nzk4NjIyfSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzA2Nzk4NjIyfSxcInRpbWVcIjoxNzA2Nzk4NjIyfSJ9.ksHk5GVTtykCpFNNwfgGPE-vHAgTqRm4B7PlGKDql-M
scbika.uno/ Name: U-c81e728d9d4c2f636f067f89cc14862c
Value: unique
scbika.uno/ Name: o_c81e728d9d4c2f636f067f89cc14862c
Value: cd381d04-34fe-44e3-be78-57e8e00220be
15j.bugagash1.top/ Name: uclick
Value: k2du7sa8i4
15j.bugagash1.top/ Name: uclickhash
Value: k2du7sa8i4-k2du7sa8wj-vr-ibwj-oci4-h9vcwj-2t5m3y-d96322
.go.gkrtmc.com/ Name: language
Value: de
.go.gkrtmc.com/ Name: 5576
Value: 37_52468_5576_2521a08cbf37483ee3ceaf1a39cd407e
.go.gkrtmc.com/ Name: op_5576
Value:
.go.gkrtmc.com/ Name: user_id
Value: 51e205d0-6588-4240-8654-dfb6826576cf_8160409ca5ebfbfd8c4ded30b3773c32
.www3secure.com/ Name: trk
Value: DzUPxoIE+s4o0nK7XZlepWviDrEe1TkGMJ7nurRLJMh+LsyJ4ny4f4NLTZFI0J0dgsCfjixP8lk=
.www3secure.com/ Name: sid
Value: DzUPxoIE+s4o0nK7XZlepfx0vakt5L43MJ7nurRLJMhiS9YJhGAEooNLTZFI0J0dFyJObbNJ9rg=
.www3secure.com/ Name: c186
Value: DzUPxoIE+s4o0nK7XZlepYQyIZJhOM7dOZBMyB6Zr2WfRiqWRjd3Zxb9BpDk2rYq+qhyZ2eEcidTKoL1Wydxs07hsDudIB7V
wwv.triff-mich-heute.com/ Name: AWSALBTG
Value: GpIfj84ICNNrBjo1rxOk9wu3uLqrYuG6QhpJu71ueZhGu8uv45vnifpJC3IIpIgHkx2i5VubeDPLhIjxI2cfaBuz0O1/HeV13AuViiqhlZO32mDG79DiaUwpftfi1hYDbPjMM/PEglpvNT/kSTJAnPDeRtWEOHHLg+x7zAJTNOdsyP0IEco=
wwv.triff-mich-heute.com/ Name: AWSALBTGCORS
Value: GpIfj84ICNNrBjo1rxOk9wu3uLqrYuG6QhpJu71ueZhGu8uv45vnifpJC3IIpIgHkx2i5VubeDPLhIjxI2cfaBuz0O1/HeV13AuViiqhlZO32mDG79DiaUwpftfi1hYDbPjMM/PEglpvNT/kSTJAnPDeRtWEOHHLg+x7zAJTNOdsyP0IEco=
wwv.triff-mich-heute.com/ Name: AWSALB
Value: pImh7vMQTa5qu5lyafYDITwl4TnwyJFzCix4uP3TT7Za1c2BQ2PoQSdt3RVXXRlrxis6gcC3TkzG8CP+wz60JsvlAmkE2LGWfULwaNeYNXvOTywHf0gBG3y1lQAX
wwv.triff-mich-heute.com/ Name: AWSALBCORS
Value: pImh7vMQTa5qu5lyafYDITwl4TnwyJFzCix4uP3TT7Za1c2BQ2PoQSdt3RVXXRlrxis6gcC3TkzG8CP+wz60JsvlAmkE2LGWfULwaNeYNXvOTywHf0gBG3y1lQAX
.triff-mich-heute.com/ Name: LPCallUrl
Value: https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
.onesignal.com/ Name: __cf_bm
Value: HgDImN7P_y7gnWua2IS2AiWLHjlVm5BAte1j2LAfM28-1706798626-1-Ae+uL3FOep+RpEcrX23r/evGc3auuPTsRJLZlMZ9bePwwyB5xkXbN3/oWQfI8GUFsbDGPZkSxd3WhbrCTbDGJ88=

6 Console Messages

Source Level URL
Text
network error URL: https://wwc.triff-mich-heute.com/lib_v01.js(Line 381)
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
deprecation warning URL: https://wwc.triff-mich-heute.com/v30001/index.htm?lpdev=0&cidnr=ck191118v01x&r=3-cmtqs8fffbose9bfhr9g&pctnr=300501449000152468&sid=1
Message:
The keyword 'push-button' specified to an 'appearance' property is not standardized. It will be removed in the future.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15j.bugagash1.top
cdn.onesignal.com
ehbemrn.com
go.gkrtmc.com
kexkex.net
onesignal.com
scbika.uno
triff-mich-heute.com
wwc.triff-mich-heute.com
wwv.triff-mich-heute.com
www3secure.com
172.255.248.125
2606:4700:3035::6815:4f5e
2606:4700:3035::ac43:cecd
2606:4700::6812:d63b
2606:4700::6812:d73b
2a06:98c1:3120::3
44.230.85.241
52.222.169.96
52.49.160.24
52.51.89.4
54.220.167.226
09a8abf0f428f08a440cfb2a40548629d37b7addcaea5d5df82bd080b117f88c
169a5245c4331d7050f8be8651ff14c11fe0ed1a805cb44a2d459d6b4c332f3b
3fb05284c67ada494e163a860d16e130eb64378b16206005803864e5a8a5a233
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
602a3c1aed763b185e0446ccff6a32c8d464e5a6b2e7854376c7be3171218ad6
69a020a341069798b881cb32492682197e30b9b9f63f3ecf5e2d6ffacc5b678d
6cd55eed41e7fa36600cfae59bd6b32fc47c74fdd3eba29846f9ddb9efd16153
6df998b7a6da90fb855efa261c6995bcd708913ac1426a58dade68bcd9240a85
79796d8eb99ceac997ce20b3c80e1f44fa5ba4050cbe208da0efca91ed16fb47
a45cde2077e3bfcebedc7e77d903d30ff8808a935e3af37086ff32db6435a79a
ab54937d864c602eee97d7bc06dc4d91f642bf17421bf95ee1e80c4b16b407c7
c1f6b66e052e0dba3f115f59a94d7304a27a73848db4b8995e2a2017ba79046b
cb3918ab489a99eb276214d6017fa50082f4d3fc293ca6ada21048df1c36419a
d065192361ae3798b806825a15238b9acb92e92bcad102ad933f22e42633987e
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
e51140cdcd044ad76335646936ec53196a169aace83a8b266bc1c182a944609b
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
f9f1ce2a9079ebe7445ff10ac12b8f049abc43c499f4978297ec5dd23283a2e5
feb240360f22d67e23ea1b34cfb9f6140642236799f259e4c2c0529cc8071f3f