media1000-mehr-01.gewinn24-7.de Open in urlscan Pro
188.95.252.33 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fnoaqcvrmd.blob.core.windows.net/fnoaqcvrmd/fnoaqcvrmd.html#qs=r-afjcdaihdkicgicafeiikjgajijdkhbaefhkcabababageachfaccacdkdadegea...
Effective URL:
https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&
Submission: On June 06 via manual (June 6th 2022, 4:49:17 pm UTC) from US — Scanned from DE

Summary HTTP 44 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 17 domains to perform 44 HTTP transactions. The main IP is 188.95.252.33, located in Spain and belongs to RACKMARKT, ES. The main domain is media1000-mehr-01.gewinn24-7.de.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 31st 2022. Valid for: 3 months.

This is the only time media1000-mehr-01.gewinn24-7.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	20.60.220.36 20.60.220.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	62.244.29.71 62.244.29.71	3254 (LUCKYNET ...) (LUCKYNET Lucky Net Ltd)
1	64.22.104.126 64.22.104.126	11042 (NTHL) (NTHL)
4	2606:4700:303... 2606:4700:3031::ac43:92ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::ac43:bfdd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	188.95.252.33 188.95.252.33	197518 (RACKMARKT) (RACKMARKT)
7	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
1	13.225.84.173 13.225.84.173	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:e1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700:20:... 2606:4700:20::ac43:47b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:310... 2606:4700:3108::ac42:2b19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	159.69.145.0 159.69.145.0	24940 (HETZNER-AS) (HETZNER-AS)
44	16

1 20.60.220.36 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

fnoaqcvrmd.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.244.29.71 (Kyiv, Ukraine) 1 redirects

ASN3254 (LUCKYNET Lucky Net Ltd, UA)
PTR: speedrude.net

speedrude.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.22.104.126 (United States)

ASN11042 (NTHL, US)

fiendbrood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3031::ac43:92ee (United States)

ASN13335 (CLOUDFLARENET, US)

lynku.jukminung.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:bfdd (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.addlnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.95.252.33 (Spain) 1 redirects

ASN197518 (RACKMARKT, ES)
PTR: master.ceoo.cli.rackmarkt.com

gewinn-ometer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media1000-mehr-01.gewinn24-7.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-173.fra2.r.cloudfront.net

d1cr9zxt7u0sgu.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:e1f (United States)

ASN13335 (CLOUDFLARENET, US)

static.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::ac43:47b8 (United States)

ASN13335 (CLOUDFLARENET, US)

api.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2b19 (United States)

ASN13335 (CLOUDFLARENET, US)

218a2560b3a2774254c9535b5e63c482d14d5e20.csftr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.145.0 (Munich, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.0.145.69.159.clients.your-server.de

deaffiliateceoo.mycleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	cleverpush.com static.cleverpush.com — Cisco Umbrella Rank: 17863 api.cleverpush.com — Cisco Umbrella Rank: 18166	118 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
5	gewinn24-7.de media1000-mehr-01.gewinn24-7.de	266 KB
4	jukminung.com lynku.jukminung.com	25 KB
1	mycleverpush.com deaffiliateceoo.mycleverpush.com	26 KB
1	csftr.com 218a2560b3a2774254c9535b5e63c482d14d5e20.csftr.com	505 B
1	google.de www.google.de — Cisco Umbrella Rank: 6117	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84	453 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	1 KB
1	cloudfront.net d1cr9zxt7u0sgu.cloudfront.net	26 KB
1	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 497	30 KB
1	gewinn-ometer.com 1 redirects gewinn-ometer.com — Cisco Umbrella Rank: 602269	726 B
1	addlnk.com cdn.addlnk.com — Cisco Umbrella Rank: 276900	1 KB
1	fiendbrood.com fiendbrood.com	450 B
1	speedrude.net 1 redirects speedrude.net	326 B
1	windows.net fnoaqcvrmd.blob.core.windows.net	504 B
44	17

	Domain	Requested by
12	static.cleverpush.com	media1000-mehr-01.gewinn24-7.de static.cleverpush.com deaffiliateceoo.mycleverpush.com
7	www.google-analytics.com	media1000-mehr-01.gewinn24-7.de www.google-analytics.com
5	api.cleverpush.com	static.cleverpush.com
5	media1000-mehr-01.gewinn24-7.de	lynku.jukminung.com media1000-mehr-01.gewinn24-7.de
4	lynku.jukminung.com	fiendbrood.com lynku.jukminung.com
1	deaffiliateceoo.mycleverpush.com	static.cleverpush.com
1	218a2560b3a2774254c9535b5e63c482d14d5e20.csftr.com	d1cr9zxt7u0sgu.cloudfront.net
1	www.google.de	media1000-mehr-01.gewinn24-7.de
1	www.google.com	media1000-mehr-01.gewinn24-7.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.googleapis.com	media1000-mehr-01.gewinn24-7.de
1	d1cr9zxt7u0sgu.cloudfront.net	media1000-mehr-01.gewinn24-7.de
1	ajax.aspnetcdn.com	media1000-mehr-01.gewinn24-7.de
1	gewinn-ometer.com	1 redirects
1	cdn.addlnk.com	lynku.jukminung.com
1	fiendbrood.com	fnoaqcvrmd.blob.core.windows.net
1	speedrude.net	1 redirects
1	fnoaqcvrmd.blob.core.windows.net
44	18

This site contains links to these domains. Also see Links.

Domain
www.affili-partner.com
www.pmiprivacy.com
zahnschutztarif.de
www.mirabo.at
www.mirabo.ch
elitepremiumservice.com
tools.google.com

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2022-04-18` - `2023-04-18`	a year	crt.sh
fiendbrood.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-29` - `2023-01-17`	a year	crt.sh
*.jukminung.com E1	`2022-05-22` - `2022-08-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-15` - `2023-05-15`	a year	crt.sh
media1000-mehr-01.gewinn24-7.de cPanel, Inc. Certification Authority	`2022-03-31` - `2022-06-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2021-08-06` - `2022-08-06`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.csftr.com E1	`2022-05-12` - `2022-08-10`	3 months	crt.sh
*.mycleverpush.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-06` - `2023-06-06`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&
Frame ID: 3B3618D0F6F538DD856AEFEEB83773B3
Requests: 38 HTTP requests in this frame

Frame: https://deaffiliateceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Fmedia1000-mehr-01.gewinn24-7.de
Frame ID: 0063117A19C053D0CEA90D720EE051B7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Media Markt - 1000€ Gutscheine und mehr

Page URL History Show full URLs

https://fnoaqcvrmd.blob.core.windows.net/fnoaqcvrmd/fnoaqcvrmd.html Page URL
http://speedrude.net/qs=r-afjcdaihdkicgicafeiikjgajijdkhbaefhkcabababageachfaccacdkdadegeacdhejhacb HTTP 302
https://fiendbrood.com/176389ab6a512254000/34691_8782960_11/4812_762971571_0_0_0_4377985_53_2353_12... Page URL
https://lynku.jukminung.com/rc/9e8aef8068?affclick=1267267655&pubid=690316 Page URL
https://gewinn-ometer.com/de,popup_1890.html?idPartner=1490&idCampaignAd=0&subId=c283d9f6_690316&subId... HTTP 302
https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842& Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

100 %
HTTPS

59 %
IPv6

17
Domains

18
Subdomains

16
IPs

5
Countries

517 kB
Transfer

1156 kB
Size

13
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://www.affili-partner.com/en/registration.html
Title: www.Affiliate-Partner.com

Search URL Search Domain Scan URL

URL: https://www.pmiprivacy.com/de-de/consumer/
Title: https://www.pmiprivacy.com/de-de/consumer/

Search URL Search Domain Scan URL

URL: http://zahnschutztarif.de/
Title: Zahnschutztarif.de

Search URL Search Domain Scan URL

URL: https://www.mirabo.at/nvg-at/content/datenschutzinformation-nach-art-14-dsgvo,549/
Title: https://www.mirabo.at/nvg-at/datenschutzinformation

Search URL Search Domain Scan URL

URL: https://www.mirabo.at/datenschutzinformation
Title: Datenschutzinfo AT

Search URL Search Domain Scan URL

URL: https://www.mirabo.ch/datenschutzinformation
Title: Datenschutzinfo CH

Search URL Search Domain Scan URL

URL: https://elitepremiumservice.com/datenschutz.html
Title: Datenschutzinformation nach Art. 14 DSGVO

Search URL Search Domain Scan URL

URL: https://tools.google.com/dlpage/gaoptout?hl=de
Title: https://tools.google.com/dlpage/gaoptout?hl=de

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fnoaqcvrmd.blob.core.windows.net/fnoaqcvrmd/fnoaqcvrmd.html Page URL
http://speedrude.net/qs=r-afjcdaihdkicgicafeiikjgajijdkhbaefhkcabababageachfaccacdkdadegeacdhejhacb HTTP 302
https://fiendbrood.com/176389ab6a512254000/34691_8782960_11/4812_762971571_0_0_0_4377985_53_2353_126386_8782960_10_1292/53 Page URL
https://lynku.jukminung.com/rc/9e8aef8068?affclick=1267267655&pubid=690316 Page URL
https://gewinn-ometer.com/de,popup_1890.html?idPartner=1490&idCampaignAd=0&subId=c283d9f6_690316&subIdentifier=pubb15c0371fd974913914ece67b89545a7 HTTP 302
https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://speedrude.net/qs=r-afjcdaihdkicgicafeiikjgajijdkhbaefhkcabababageachfaccacdkdadegeacdhejhacb HTTP 302
https://fiendbrood.com/176389ab6a512254000/34691_8782960_11/4812_762971571_0_0_0_4377985_53_2353_126386_8782960_10_1292/53

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK fnoaqcvrmd.html
fnoaqcvrmd.blob.core.windows.net/fnoaqcvrmd/ 101 B
504 B 468ms
129ms Document
text/html 20.60.220.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://fnoaqcvrmd.blob.core.windows.net/fnoaqcvrmd/fnoaqcvrmd.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 101
Content-MD5: YV/3Mr0TWqsDybcao/Zijw==
Content-Type: text/html
Date: Mon, 06 Jun 2022 16:49:10 GMT
ETag: 0x8DA3E64A55539FA
Last-Modified: Wed, 25 May 2022 15:38:41 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: df4c1380-a01e-0008-3dc5-795802000000
x-ms-version: 2009-09-19

GET
H/1.1

200
OK

53
fiendbrood.com/176389ab6a512254000/34691_8782960_11/4812_762971571_0_0_0_4377985_53_2353_126386_8782960_10_1292/
Redirect Chain

http://speedrude.net/qs=r-afjcdaihdkicgicafeiikjgajijdkhbaefhkcabababageachfaccacdkdadegeacdhejhacb
https://fiendbrood.com/176389ab6a512254000/34691_8782960_11/4812_762971571_0_0_0_4377985_53_2353_126386_8782960_10_1292/53

137 B
450 B

1342ms
398ms

Document
text/html

64.22.104.126
NTHL

General

Check archive.org

Show headers Download Go to

Full URL: https://fiendbrood.com/176389ab6a512254000/34691_8782960_11/4812_762971571_0_0_0_4377985_53_2353_126386_8782960_10_1292/53
Requested by: Host: fnoaqcvrmd.blob.core.windows.net
URL: https://fnoaqcvrmd.blob.core.windows.net/fnoaqcvrmd/fnoaqcvrmd.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.22.104.126 , United States, ASN11042 (NTHL, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://fnoaqcvrmd.blob.core.windows.net/fnoaqcvrmd/fnoaqcvrmd.html#qs=r-afjcdaihdkicgicafeiikjgajijdkhbaefhkcabababageachfaccacdkdadegeacdhejhacb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Length: 137
Content-Type: text/html; charset=UTF-8
Date: Mon, 06 Jun 2022 16:49:12 GMT
Server: Apache

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 06 Jun 2022 16:49:11 GMT
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/7.1.33
location: https://fiendbrood.com/176389ab6a512254000/34691_8782960_11/4812_762971571_0_0_0_4377985_53_2353_126386_8782960_10_1292/53

GET
H2 200 9e8aef8068 Show response
lynku.jukminung.com/rc/ 2 KB
2 KB 154ms
117ms Document
text/html 2606:4700:3031::ac43:92ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1267267655&pubid=690316
Requested by: Host: fiendbrood.com
URL: https://fiendbrood.com/176389ab6a512254000/34691_8782960_11/4812_762971571_0_0_0_4377985_53_2353_126386_8782960_10_1292/53
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9d74269a7a7dd4027c05ab6917e7a2966bc09115e9b3eb987166e5ec41e7726

Request headers

Referer: https://fiendbrood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7172a3d73ce39a39-FRA
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
date: Mon, 06 Jun 2022 16:49:12 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zV2%2BczfahFo%2B%2Bmxw2EG9QON74Z0%2FwwOVlkwbll%2F2BcBU%2BNn5gzsZaXhm4OZRiG%2FqM8khsAzj9smwrPIabCYsrzJ9XG0tYLnlruAnhu8IBHB7WPchs5Dv3jBxqx12p5AB8ILrP6Ag8XFgUBfwfSIpejb5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Language, Cookie

GET
H2 200 redirect.css
cdn.addlnk.com/ 1 KB
1 KB 72ms
33ms Stylesheet
text/css 2606:4700:3030::ac43:bfdd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addlnk.com/redirect.css
Requested by: Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1267267655&pubid=690316
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:bfdd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:49:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5636
cf-polished: origSize=1680
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: NG3WEQ5NJ4PQVZ4F
x-amz-id-2: QxX22n6jD9gBrjBZ6ohlWbPu+une0ezSYrlZ/gpY7cQk926tnR/U/t0VdL75pShx4aODRqNqN5k=
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
server: cloudflare
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yiMBEfnWGR1YpWNMD%2Bnd5aHnVBYX4RW7ITdy7CSkx9oVbCbVd7juvwXRssin5aQUBCYtGAD6raz19E55PUJGKgJTn%2BKZv7K1353zKsVOBHqZrgGRaNvVGI3oGJQUzs79bLmffq1n4%2BwSIJQQRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 7172a3d83dae927f-FRA
cf-bgj: minify

GET
H2 200 invisible.js Show response
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/cb/ 39 KB
14 KB 25ms
25ms Script
application/javascript 2606:4700:3031::ac43:92ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=7172a3d73ce39a39
Requested by: Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1267267655&pubid=690316
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab89f8fc7fb4a556a41d80586cce4cb6bc0631a43bae7682ff04244ce3ba76a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:49:12 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EO7uGsLExS77wgGs%2FLR4z%2Br%2Fsa9nKTcgeCXSMbeQCdC2HDUNx4t1KTW%2F87lPoHg%2BtRKWWCKX2BOG0HXWeQ4aqnsqpDIDenlP%2Bp899MA0fK%2BeFiXV6KO1eeeBdY%2By5RDv86LW%2BP8pb5BSWoTW7bzTPBOB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7172a3d80e549a39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/ 23 KB
8 KB 43ms
42ms Other
application/javascript 2606:4700:3031::ac43:92ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6f30fc75e5af01d5abbcff91b5f199f4b0005b268f94e104c26352d9a865cbe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:49:13 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsG3YGQBiw%2FwlEtVxUOme%2FkHkLfLgdZNjNf52e9CaS0bHnHmLq1AeRcunSbbUZYo6olFmabbMz%2BjTpOd9PRQTMOuYqHkt9mFc42mbK1DiL%2Fflk2fbU8xBF8Jjp7QGIiCnpYqehBZX3dUuerpNw8S5pX2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 7172a3d8ada85a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

Primary Request campaign_2995.html Show response
media1000-mehr-01.gewinn24-7.de/
Redirect Chain

https://gewinn-ometer.com/de,popup_1890.html?idPartner=1490&idCampaignAd=0&subId=c283d9f6_690316&subIdentifier=pubb15c0371fd974913914ece67b89545a7
https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&

113 KB
113 KB

959ms
868ms

Document
text/html

188.95.252.33
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&
Requested by: Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1267267655&pubid=690316
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS: master.ceoo.cli.rackmarkt.com
Software: Apache /
Resource Hash: 0e316c0259261f121f15c9df673eb6c53f2c7ed18ce879243decc8efac00c03f

Request headers

Referer: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1267267655&pubid=690316
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Mon, 06 Jun 2022 16:49:13 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Mon, 06 Jun 2022 16:49:12 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

POST
H3 200 7172a3d73ce39a39
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/ 2 B
728 B 50ms
50ms XHR
text/plain 2606:4700:3031::ac43:92ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/7172a3d73ce39a39
Requested by: Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=7172a3d73ce39a39
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Jun 2022 16:49:13 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPRgdfB2eA%2FJcd%2FCna1hWHJzcPCDYLUNYI%2FhPJpJHhVay8FZG%2BabSisngKw5B%2B0SNbaLXIvd7wPllsuuC9kAIjWYFCSKZPJOgpAcxncm3iWhCKLno4VPLSYZA4nrloRxHnOVidmUnEzKeNSukjmboiio"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7172a3db5c915a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: media1000-mehr-01.gewinn24-7.de
URL: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1806
date: Mon, 06 Jun 2022 16:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 06 Jun 2022 18:19:08 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 86 KB
30 KB 39ms
8ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.1.min.js

Requested by

Host: media1000-mehr-01.gewinn24-7.de
URL: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E90) /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:49:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26584386
x-cache: HIT
content-length: 30737
x-xss-protection: 1; mode=block
last-modified: Thu, 02 May 2019 18:32:11 GMT
server: ECAcc (frc/8E90)
etag: "808705b151d51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 shdfp.js Show response
d1cr9zxt7u0sgu.cloudfront.net/ 84 KB
26 KB 319ms
8ms Script
application/javascript 13.225.84.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1cr9zxt7u0sgu.cloudfront.net/shdfp.js?SITE_ID=218a2560b3a2774254c9535b5e63c482d14d5e20&TYPE=JS&DE=1
Requested by: Host: media1000-mehr-01.gewinn24-7.de
URL: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-173.fra2.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: 84bab018c3c5a57e389a625460a3777f504fa37e6230fd68ceab4c9e007d347a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:49:12 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 09:40:08 GMT
server: nginx/1.14.2
age: 2
etag: W/"6225d2f8-14ec8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Q2LDHAMz46Oc7TzBk8Hh1kM17mApUP2TmvLULbQZClsSFoJu7GwH7g==

GET
H/1.1 200
OK 190.css
media1000-mehr-01.gewinn24-7.de/media/adresseManager/microSiteCss/ 45 KB
45 KB 120ms
40ms Stylesheet
text/css 188.95.252.33
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://media1000-mehr-01.gewinn24-7.de/media/adresseManager/microSiteCss/190.css
Requested by: Host: media1000-mehr-01.gewinn24-7.de
URL: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS: master.ceoo.cli.rackmarkt.com
Software: Apache /
Resource Hash: ab7cba4e6e43fc0e55d3b434299a0055c9895ec640e8f9f30a1f1266415e15fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 16:49:14 GMT
Last-Modified: Mon, 30 May 2022 13:14:20 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 46195
Content-Type: text/css

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 41ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Teko:300,400,500,600,700

Requested by

Host: media1000-mehr-01.gewinn24-7.de
URL: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c41599fa01a641b5c5a646a8320a7a48e70c9ed0b6a806f791340954d7e266e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 16:45:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Jun 2022 16:49:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Jun 2022 16:49:14 GMT

GET
H2 200 NK8GfGNLpAYfKeg38.js Show response
static.cleverpush.com/channel/loader/ 254 KB
51 KB 252ms
81ms Script
application/javascript 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Requested by: Host: media1000-mehr-01.gewinn24-7.de
URL: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79475fd1c6d1b016bed9baeabeff94c02ffcb05906924c254ccd2542d964aa8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:49:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6176
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: C1XN2ZABFQJSN4MZ
x-amz-id-2: 7799+VZNx+nAAcl0s7RL1YipqJjGWAJbsbEsUO4MVZ0m3P4Inh75VX+gKm/eanVXDmpl0coNyiQ=
last-modified: Sun, 05 Jun 2022 00:29:05 GMT
server: cloudflare
etag: W/"2ec3e6cc09a2c6ca61e0076ac95cd4fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHEUvDp38TGF7wuxl6PIqCYHTr5YSdRYGQIviRFbilaFxo5snq9ys%2BvZ0w3n0j97ktiUrMKBJj%2BvMd0zixyWGZWpP1f5pFaE6jjMVdTwJA0JWXCLz4zUaa1SEYJ%2F0Pb0PKqn423kzDkOxvKxIX3BgLP%2BQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=21600
cf-ray: 7172a3e2bd4c59bf-MXP

GET
H/1.1 200
OK blank.png
media1000-mehr-01.gewinn24-7.de/media/adresseManager/microSiteImg/2995/ 928 B
1 KB 123ms
41ms Image
image/png 188.95.252.33
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media1000-mehr-01.gewinn24-7.de/media/adresseManager/microSiteImg/2995/blank.png
Requested by: Host: media1000-mehr-01.gewinn24-7.de
URL: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS: master.ceoo.cli.rackmarkt.com
Software: Apache /
Resource Hash: 808ae8844e5f26252997ea223a219829f9cc2e20e7114ca6f1cb192c46209a2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 16:49:14 GMT
Last-Modified: Mon, 10 May 2021 07:42:58 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 928
Content-Type: image/png

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 29ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1740381985&t=pageview&_s=1&dl=https%3A%2F%2Fmedia1000-mehr-01.gewinn24-7.de%2Fcampaign_2995.html%3FcoyoteAffiliTokenId%3D459370842%26&dp=2995%2FstartPage%2F&ul=en-us&de=UTF-8&dt=startPage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1473340931&gjid=2041773459&cid=1208251546.1654534154&tid=UA-68861802-12&_gid=1057421461.1654534154&_r=1&_slc=1&cg1=2995&cg2=190&cg3=1490&cg4=c283d9f6_690316&cg5=pubb15c0371fd974913914ece67b89545a7&cd1=2995&cd2=190&cd3=1490&cd4=c283d9f6_690316&cd5=pubb15c0371fd974913914ece67b89545a7&cd6=2684&z=2002659166

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://media1000-mehr-01.gewinn24-7.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 16:49:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://media1000-mehr-01.gewinn24-7.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1740381985&t=event&_s=2&dl=https%3A%2F%2Fmedia1000-mehr-01.gewinn24-7.de%2Fcampaign_2995.html%3FcoyoteAffiliTokenId%3D459370842%26&dp=2995%2FstartPage%2F&ul=en-us&de=UTF-8&dt=startPage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=190&ea=pageview&el=2995%2FstartPage%2F&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=1208251546.1654534154&tid=UA-68861802-12&_gid=1057421461.1654534154&cg1=2995&cg2=190&cg3=1490&cg4=c283d9f6_690316&cg5=pubb15c0371fd974913914ece67b89545a7&cd1=2995&cd2=190&cd3=1490&cd4=c283d9f6_690316&cd5=pubb15c0371fd974913914ece67b89545a7&cd6=2684&z=902920350

Requested by

Host: media1000-mehr-01.gewinn24-7.de
URL: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 04:10:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45504
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1740381985&t=event&_s=3&dl=https%3A%2F%2Fmedia1000-mehr-01.gewinn24-7.de%2Fcampaign_2995.html%3FcoyoteAffiliTokenId%3D459370842%26&dp=2995%2FstartPage%2F&ul=en-us&de=UTF-8&dt=startPage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=190&ea=idPartner&el=1490&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=1208251546.1654534154&tid=UA-68861802-12&_gid=1057421461.1654534154&cg1=2995&cg2=190&cg3=1490&cg4=c283d9f6_690316&cg5=pubb15c0371fd974913914ece67b89545a7&cd1=2995&cd2=190&cd3=1490&cd4=c283d9f6_690316&cd5=pubb15c0371fd974913914ece67b89545a7&cd6=2684&z=1797972775

Requested by

Host: media1000-mehr-01.gewinn24-7.de
URL: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 04:10:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45504
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1740381985&t=event&_s=4&dl=https%3A%2F%2Fmedia1000-mehr-01.gewinn24-7.de%2Fcampaign_2995.html%3FcoyoteAffiliTokenId%3D459370842%26&dp=2995%2FstartPage%2F&ul=en-us&de=UTF-8&dt=startPage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=190&ea=idAmKampagne&el=2995&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=1208251546.1654534154&tid=UA-68861802-12&_gid=1057421461.1654534154&cg1=2995&cg2=190&cg3=1490&cg4=c283d9f6_690316&cg5=pubb15c0371fd974913914ece67b89545a7&cd1=2995&cd2=190&cd3=1490&cd4=c283d9f6_690316&cd5=pubb15c0371fd974913914ece67b89545a7&cd6=2684&z=436215567

Requested by

Host: media1000-mehr-01.gewinn24-7.de
URL: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 04:10:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45504
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1740381985&t=event&_s=5&dl=https%3A%2F%2Fmedia1000-mehr-01.gewinn24-7.de%2Fcampaign_2995.html%3FcoyoteAffiliTokenId%3D459370842%26&dp=2995%2FstartPage%2F&ul=en-us&de=UTF-8&dt=startPage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=190&ea=wgname&el=Media%20Markt%20-%201000%E2%82%AC%20Gutscheine%20und%20mehr&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=1208251546.1654534154&tid=UA-68861802-12&_gid=1057421461.1654534154&cg1=2995&cg2=190&cg3=1490&cg4=c283d9f6_690316&cg5=pubb15c0371fd974913914ece67b89545a7&cd1=2995&cd2=190&cd3=1490&cd4=c283d9f6_690316&cd5=pubb15c0371fd974913914ece67b89545a7&cd6=2684&z=1189680455

Requested by

Host: media1000-mehr-01.gewinn24-7.de
URL: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 04:10:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45504
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1740381985&t=event&_s=6&dl=https%3A%2F%2Fmedia1000-mehr-01.gewinn24-7.de%2Fcampaign_2995.html%3FcoyoteAffiliTokenId%3D459370842%26&dp=2995%2FstartPage%2F&ul=en-us&de=UTF-8&dt=startPage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=190&ea=1490&el=c283d9f6_690316&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=1208251546.1654534154&tid=UA-68861802-12&_gid=1057421461.1654534154&cg1=2995&cg2=190&cg3=1490&cg4=c283d9f6_690316&cg5=pubb15c0371fd974913914ece67b89545a7&cd1=2995&cd2=190&cd3=1490&cd4=c283d9f6_690316&cd5=pubb15c0371fd974913914ece67b89545a7&cd6=2684&z=1039433459

Requested by

Host: media1000-mehr-01.gewinn24-7.de
URL: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 04:10:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45504
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK main_layout_logo.png
media1000-mehr-01.gewinn24-7.de/media/adresseManager/microSiteImg/ 7 KB
7 KB 122ms
41ms Image
image/png 188.95.252.33
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media1000-mehr-01.gewinn24-7.de/media/adresseManager/microSiteImg/main_layout_logo.png
Requested by: Host: media1000-mehr-01.gewinn24-7.de
URL: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS: master.ceoo.cli.rackmarkt.com
Software: Apache /
Resource Hash: 2a4d605dd6458a3aac55b7b19e22ea4de2832085f54fce11729ba0762b3d4dae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 16:49:14 GMT
Last-Modified: Mon, 08 May 2017 07:24:36 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 7333
Content-Type: image/png

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
453 B 309ms
19ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-68861802-12&cid=1208251546.1654534154&jid=1473340931&gjid=2041773459&_gid=1057421461.1654534154&_u=YEBAAEAAAAAAAC~&z=1557608677

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://media1000-mehr-01.gewinn24-7.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 06 Jun 2022 16:49:14 GMT
content-type: text/plain
access-control-allow-origin: https://media1000-mehr-01.gewinn24-7.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK media,background,1000.jpg
media1000-mehr-01.gewinn24-7.de/media/adresseManager/microSiteImg/2995/ 99 KB
99 KB 122ms
40ms Image
image/jpeg 188.95.252.33
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media1000-mehr-01.gewinn24-7.de/media/adresseManager/microSiteImg/2995/media,background,1000.jpg
Requested by: Host: media1000-mehr-01.gewinn24-7.de
URL: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS: master.ceoo.cli.rackmarkt.com
Software: Apache /
Resource Hash: cbd686cc61f0f4048152c39cf0a642611f80efffa61e83a1d3c718719636ef68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 16:49:14 GMT
Last-Modified: Mon, 10 May 2021 07:48:15 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 101250
Content-Type: image/jpeg

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 66ms
44ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-68861802-12&cid=1208251546.1654534154&jid=1473340931&_u=YEBAAEAAAAAAAC~&z=1204071621

Requested by

Host: media1000-mehr-01.gewinn24-7.de
URL: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 16:49:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 65ms
44ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-68861802-12&cid=1208251546.1654534154&jid=1473340931&_u=YEBAAEAAAAAAAC~&z=1204071621

Requested by

Host: media1000-mehr-01.gewinn24-7.de
URL: https://media1000-mehr-01.gewinn24-7.de/campaign_2995.html?coyoteAffiliTokenId=459370842&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 16:49:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config Show response
api.cleverpush.com/channel/NK8GfGNLpAYfKeg38/ 71 KB
5 KB 286ms
232ms Fetch
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/NK8GfGNLpAYfKeg38/config?confirmAlertTestsEnabled=true&platformName=Windows

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad071ac41cf84fc733aaf0da1c7a7a57f679bc227cdb3fc4ca4801f117614bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json
Referer: https://media1000-mehr-01.gewinn24-7.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:49:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: EXPIRED
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
x-backend-server: cleverpush-worker-2
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d94MLZf%2FpAbiqSYlZoboxr1dCJzUnoUGjq0APhhlHKILyeI94GR3C4OXpsxlM4jlvaC7dRbqyTEenS5WXkQbDdtt%2FXog%2FOlx70vZFAT1L41Gj%2FFFnDaO21zGz40lvzV2uxjdYj%2BTWhC3FDtalnmpIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=60
cf-ray: 7172a3e82d8d0f6e-MXP
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
expires: Mon, 06 Jun 2022 16:50:15 GMT

POST
H2 200 web Show response
218a2560b3a2774254c9535b5e63c482d14d5e20.csftr.com/shield-fp/v1/api/ 74 B
505 B 108ms
78ms XHR
application/json 2606:4700:3108::ac42:2b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://218a2560b3a2774254c9535b5e63c482d14d5e20.csftr.com/shield-fp/v1/api/web
Requested by: Host: d1cr9zxt7u0sgu.cloudfront.net
URL: https://d1cr9zxt7u0sgu.cloudfront.net/shdfp.js?SITE_ID=218a2560b3a2774254c9535b5e63c482d14d5e20&TYPE=JS&DE=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bf3e1f6d9f6cd22f465c0b202ed398d227dc51e67c981de7f0606f6e022b603

Request headers

Referer: https://media1000-mehr-01.gewinn24-7.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 06 Jun 2022 16:49:15 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://media1000-mehr-01.gewinn24-7.de
access-control-allow-credentials: true
x-envoy-upstream-service-time: 29
cf-ray: 7172a3e7e935903a-FRA
access-control-allow-headers: Content-Type

GET
H3 200 728.7b6f54f3930606b9c19d.js Show response
static.cleverpush.com/sdk/chunk/ 18 KB
6 KB 38ms
22ms Script
application/javascript 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/728.7b6f54f3930606b9c19d.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42b1b3d284411a4f2164ef22085d232ff946cdaf5a4a4790ec64624044e2f4ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:49:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25001
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7YDGWR533Z4BYMPJ
x-amz-id-2: HkYf9gzXsxbJbafXZ008jvSyLrw9r3+fJ3NgY8MLO/yHBpxdlIwc/7Zu3k2Cz7i6FN+H0iSF5Ks=
last-modified: Wed, 01 Jun 2022 21:52:17 GMT
server: cloudflare
etag: W/"ab5471f250bdb04c696eac3a94780da6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYTMWt6gW7atVhZrFc%2BYUbva0yhYXyh3vMKxoHhFoCwL4hDIQBYuj5efXTjKgAnXLLFItkQLgYBBOeoJGX%2FxZOzFWImUATYELr4nLIK3KKwZfzgjDwCRuPc4fMSRiia3T%2FOilEPflGL5EcUjQRiyaWv1Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7172a3e9aeea9bee-FRA

GET
H3 200 5.b738fc1eca74daada2dc.js Show response
static.cleverpush.com/sdk/chunk/ 33 KB
9 KB 24ms
23ms Script
application/javascript 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/5.b738fc1eca74daada2dc.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 965511942be24112b06616f804d33d896aa25e08779f8a2ffbeba29799eaaaae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:49:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25001
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7YDKHZW13WVNCKAK
x-amz-id-2: +NwB9OxiL9p9Kpue7rWFQNlzbpDe/dJC7VZHcn7fiKUEDzQy1g2OeiYqSCfpkdZMwQU+6sfixyE=
last-modified: Wed, 01 Jun 2022 21:52:17 GMT
server: cloudflare
etag: W/"ff02bec18bb1dd97ec556474fc9f0ef1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SodnMaaMEZAj4lemmvo9mtDiidhyhYdqjE3IcLnBWTAmIB0joow93D3eHnu6KTejg%2Fmom5QjPnnvENUpjYb7Jh%2F1%2FwXfwjvcgRa0hydxfEr3EYiAq5LBXLcuquSR33aTzyr%2B7i334rd9XsqFA1TxP42LzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7172a3e9aeee9bee-FRA

GET
H3 200 251.f96a23c8ba1a163ea93d.js Show response
static.cleverpush.com/sdk/chunk/ 6 KB
3 KB 19ms
19ms Script
application/javascript 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/251.f96a23c8ba1a163ea93d.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af640a8153133f37b8c4ef2de2facaf13ebeaa773480478059ce877f757bee5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:49:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25001
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7YDQXENF6FX2MQAS
x-amz-id-2: eOEshUkl/AltjncJikSbeCRvpvMYhYPRiF/9NZXY9D5qgTplUWrnQ2r9oWBvZoJQQN11czWRtXA=
last-modified: Wed, 01 Jun 2022 21:52:16 GMT
server: cloudflare
etag: W/"1507072c0e1ace5a68459e4b88b5c3ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJlLWud7qXvf7Leaeixg8XfNJChUpUEP9ANt79wvy8i8qTNFawDKU9mMI6TcMKyGBPtrPMTAfvfHN%2F5RIxrZ2ApTnxpC0wDHQpeurYx%2Fz%2B4pHCyyF9LT6UXegrSS88GOpsfXvD1hQGnj7Ms6oMUocI6WBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7172a3e9aefc9bee-FRA

GET
H3 200 115.9508b246af235e813a76.js Show response
static.cleverpush.com/sdk/chunk/ 13 KB
4 KB 27ms
26ms Script
application/javascript 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/115.9508b246af235e813a76.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f8cae5d2bb50d5dcf09a19abd7b8972dc4596be92848a7ce58d94f29f238a25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:49:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25002
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 83YAVSBAWQW46KKQ
x-amz-id-2: xc5e2+8aCQJu2byaZSJoLJu/sA+PVs3uUMZ+Y6ADI8EuJ/xnxiquNOmLhr6bQnC2BidB1CFu0KI=
last-modified: Wed, 01 Jun 2022 21:52:16 GMT
server: cloudflare
etag: W/"9b02b7b343d12ce5283ac11a275c6f19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfm0HjDnbQDI42fgtpa9anhpEXsnYNSHgxkBsic4veKP52Ob802yii5uDzJ0o0GD9clAoEehDp9XnaRokcTF4kP0Ixf%2BwptFHZU9cg0Yr8zZeiCborXA7Wi%2FykVCQXVGCemrpl7RVN%2BwxsBq1Z94mSlGYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7172a3e9aefe9bee-FRA

GET
H3 200 499.e9fcb2f5be467a404b0b.js Show response
static.cleverpush.com/sdk/chunk/ 2 KB
1 KB 53ms
52ms Script
application/javascript 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/499.e9fcb2f5be467a404b0b.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a5bcfd4d13d15c3a4f057cfc613b3130453b9df904eb4496a56799ca6ffdd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:49:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24990
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZJAMV88V7N6RV5KV
x-amz-id-2: OSZGPHaEqc+tWPC82srV/8K2MuGmqpzyPCQEXMd90iIGgmER6YhZtZvvGE2GoFqpA2u6l1cLtZw=
last-modified: Wed, 01 Jun 2022 21:52:17 GMT
server: cloudflare
etag: W/"d5d3f5df0818ad23e150fbaa35ef6160"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KbnavYCZ9dAdSJA1mgyoewJpGYSC%2FdcAsxTPYYOhPsVueabNHLOyJaLWeW15xLvfQuTMG9O52SI51ixss387RXtaYkwgRQ6unZy4DqkIYMvNkoVvUhURe%2BCN4ZjXvYulpd4nrjEeB4QcVbvK%2FPTWEx8SWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7172a3e9df899bee-FRA

GET
H2 200 iframe Show response
deaffiliateceoo.mycleverpush.com/ Frame 0063 68 KB
26 KB 79ms
19ms Document
text/html 159.69.145.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://deaffiliateceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Fmedia1000-mehr-01.gewinn24-7.de

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/251.f96a23c8ba1a163ea93d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.145.0 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.0.145.69.159.clients.your-server.de

Software

Resource Hash

fe4af472f3a2d791865c494dd24432cef28321422968a69ecc396b45b05d5cc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://media1000-mehr-01.gewinn24-7.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept
cache-control: public, max-age=1800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 06 Jun 2022 16:49:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-backend-server: cleverpush-worker-3
x-cache-status: HIT
x-robots-tag: noindex

GET
H3 200 5.b738fc1eca74daada2dc.js Show response
static.cleverpush.com/sdk/chunk/ Frame 0063 33 KB
9 KB 41ms
40ms Script
application/javascript 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/5.b738fc1eca74daada2dc.js
Requested by: Host: deaffiliateceoo.mycleverpush.com
URL: https://deaffiliateceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Fmedia1000-mehr-01.gewinn24-7.de
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 965511942be24112b06616f804d33d896aa25e08779f8a2ffbeba29799eaaaae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deaffiliateceoo.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:49:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25001
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7YDKHZW13WVNCKAK
x-amz-id-2: +NwB9OxiL9p9Kpue7rWFQNlzbpDe/dJC7VZHcn7fiKUEDzQy1g2OeiYqSCfpkdZMwQU+6sfixyE=
last-modified: Wed, 01 Jun 2022 21:52:17 GMT
server: cloudflare
etag: W/"ff02bec18bb1dd97ec556474fc9f0ef1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fGiib14SD36j0J54tWmsTmrKwtj%2B9BID%2BzMKOzTOMGRT6Krt%2FLSN9fOIHBQnAnWyg5mMn7t4P00MsjgH7YpICKWjjJM9wlX4KG5xqwnxe5WY%2Ft8jsM5%2FOd9xF%2BCmw69RCk1wgV5jSCXlnl7B9vouLZ6hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7172a3eada549bee-FRA

GET
H3 200 251.f96a23c8ba1a163ea93d.js Show response
static.cleverpush.com/sdk/chunk/ Frame 0063 6 KB
3 KB 56ms
56ms Script
application/javascript 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/251.f96a23c8ba1a163ea93d.js
Requested by: Host: deaffiliateceoo.mycleverpush.com
URL: https://deaffiliateceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Fmedia1000-mehr-01.gewinn24-7.de
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af640a8153133f37b8c4ef2de2facaf13ebeaa773480478059ce877f757bee5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deaffiliateceoo.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:49:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25002
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7YDQXENF6FX2MQAS
x-amz-id-2: eOEshUkl/AltjncJikSbeCRvpvMYhYPRiF/9NZXY9D5qgTplUWrnQ2r9oWBvZoJQQN11czWRtXA=
last-modified: Wed, 01 Jun 2022 21:52:16 GMT
server: cloudflare
etag: W/"1507072c0e1ace5a68459e4b88b5c3ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNKShMTYOJXR4hVOESLP7E0tgDDqmHUYuBE%2BVhZzZEs6CuoCpFtj4B%2F%2FwgWy6MNeGvlHNcouEgJZgTMZjMRzB1dJyqGWlRB4hDZn2oKWQ6ENsbPgrw7AashGuML%2FLVdvFFsOizNLa6yOzlaUc3ShrgtCxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7172a3eada589bee-FRA

GET
H3 200 818.ee6d94e6219278dc8193.js Show response
static.cleverpush.com/sdk/chunk/ Frame 0063 7 KB
3 KB 21ms
21ms Script
application/javascript 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/818.ee6d94e6219278dc8193.js
Requested by: Host: deaffiliateceoo.mycleverpush.com
URL: https://deaffiliateceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Fmedia1000-mehr-01.gewinn24-7.de
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2df21830f652a9bd3908df74aea4be9277d831197546aec3e7f8a187dd829b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deaffiliateceoo.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:49:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZJAH6AEXK14JGQ1Q
x-amz-id-2: wmu2CqvpogIw79XwHXJIvgi/TvvfKkG4retf1R4cv9FMrWroROT7dmbRo7gc9DqVQHeFZ0NLfNM=
last-modified: Wed, 01 Jun 2022 21:52:17 GMT
server: cloudflare
etag: W/"5236f86fd6254391e4171a5f40ac5d63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rw6PScnTJ%2BWBTX0kFC4PHtLfUGhK3hztrJDh02fIDEumbyL76Zeo30DwtHrJFRkqJNv6lSdv2pxxLp8un6WKcicIComZwq5NFWnDLoSwSy243WoKpfaVLHEtjPDcWM5kjIs4BzX%2Fij2aSIQBS6yXqr2qig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7172a3eada5b9bee-FRA

GET
H3 200 970.c702097df918c99b9081.js Show response
static.cleverpush.com/sdk/chunk/ 46 KB
10 KB 23ms
22ms Script
application/javascript 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/970.c702097df918c99b9081.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73c9603859745af9f6558c825d261e2ef14d854cd9c918348abe00d611b7cc50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:49:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25002
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7YDX2YSX958C5N43
x-amz-id-2: uFBRK0S76z4pkBdrvM5T4sCsdd21TNQNYF/RA7m6NI8KgMOujvYWiPWCKFZu0TEs5HVLHILAbFI=
last-modified: Wed, 01 Jun 2022 21:52:17 GMT
server: cloudflare
etag: W/"d6912ae616aadb40fa17fb1188cd8a9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EzoRzXft6beQ4AVprD1aiFVtNfw93ssVAeeNJNa1V1a9zDMCUKW44%2BzwllYuaGyfd3gOcyjjZwuySuM%2FopWLCd4T%2F%2F0yyLc0rQaJlElYSOyivCuzeFL98lQG62YlhXAFwl8psT8auvtWr2Vp7qV5SFcZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7172a3eb5c419bee-FRA

GET
H3 200 720.829247d9f5a3f987ec18.js Show response
static.cleverpush.com/sdk/chunk/ 46 KB
11 KB 24ms
23ms Script
application/javascript 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/720.829247d9f5a3f987ec18.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 270414565d3b2ad31907a5bb5b6d99c624ecb18bfd564326e72c8ea9eaf14473

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:49:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25002
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7YDWYRN1YMCV83EF
x-amz-id-2: Bp9oi72LhuF9zdCy/qRHu/YQtvcP/E+8p55b/m3qOeIgMMXp+xkoO74fZgIRxxTTAG3zJ6bV+Uw=
last-modified: Wed, 01 Jun 2022 21:52:17 GMT
server: cloudflare
etag: W/"59bc65f58b9e9ea5c7fbf6f6eb335c78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czLHrRDYUzlrPmhdT%2Fw5wd4FbfMuMnjSTLdRgFUoNoiSOaZk8jgW3qBcPRUMGDrPAyWBhWoTO0ON2g%2BP4mz%2BMIRvZgXBi8L4Ke7jzubp7I39piyIrHxSsS3t03yI92LqVoU9Cbk%2BZQ7KZmZzPdxAZgw8zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7172a3eb5c469bee-FRA

POST
H3 200 optin-visitor Show response
api.cleverpush.com/channel/ 16 B
678 B 37ms
36ms Fetch
application/json 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/optin-visitor

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json
Referer: https://media1000-mehr-01.gewinn24-7.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Jun 2022 16:49:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
x-backend-server: cleverpush-worker-2
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plGA3woozLHkkQaP5H7mnN0bM0kL%2F8EFJXuyldrVeZbTG2ZxculLHmWWiyY7KUOqmxBC0sUubLmHYIm1rxwn%2BKadKooL6GpUuVnkKw0U8PwJUXMPtB8cYXVgAgp42iSperVOX6%2BMutL9961Ya2rP1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-ray: 7172a3ec29129948-FRA
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language

OPTIONS
H3 200 optin-visitor
api.cleverpush.com/channel/ Frame 0
0 77ms
62ms Preflight
application/json 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/optin-visitor

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://media1000-mehr-01.gewinn24-7.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7172a3ebb8439948-FRA
content-encoding: br
content-type: application/json; charset=utf-8
date: Mon, 06 Jun 2022 16:49:16 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5L0jof3AfA5HnRhua9a7UZwRZnd3xPwYr3snC4blkVxiCXPHo6YjtGOA20r0nqpR7b1SapqGGEJyWDJuKrzRXkyT5LG9gv%2Bwu%2BMon0O%2BBEXTp1S83ZJ1Bjssa7K%2BQtwg3ZZvw68o6QG%2FVSbrULUCqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-backend-server: cleverpush-worker-2

OPTIONS
H3 200 confirm-alert
api.cleverpush.com/channel/ Frame 0
0 30ms
29ms Preflight
application/json 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/confirm-alert

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://media1000-mehr-01.gewinn24-7.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7172a3f1ed529948-FRA
content-encoding: br
content-type: application/json; charset=utf-8
date: Mon, 06 Jun 2022 16:49:17 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MoU%2BKIKSpyNSiuirEdSCVLUN2dK8gVgVTWCyjGpT7T0W3EaxEXQ7bwJpGEDCaoDeTVzHhZ7GFdST3xBBkqnwtMvvWWZtUDAS%2Bme21AYltB1G6HrBJhfPEUHXfUdZRKWvctp%2F%2BvRjpHaKjyQkAY99w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-backend-server: cleverpush-worker-2

POST
H3 200 confirm-alert Show response
api.cleverpush.com/channel/ 16 B
679 B 49ms
49ms Fetch
application/json 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/confirm-alert

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json
Referer: https://media1000-mehr-01.gewinn24-7.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Jun 2022 16:49:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
x-backend-server: cleverpush-worker-2
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzmC0CMSu0FZdjuc5xEYx%2BZdvcE4c4KgRlthGmia%2FHSSV0y8MYUOVUixk9VPlRwzKBDLD%2FOwBQtV78oc0UFNoDVqii27Fgh04ZD90mFvoGTC5AB1uH37IcddDr0uPv6YUed2md2tftihYsxevxql%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-ray: 7172a3f21d9b9948-FRA
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language

GET
H3 200 defaultChannelIcon.png
static.cleverpush.com/app/images/ 732 B
1 KB 21ms
21ms Image
image/png 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cleverpush.com/app/images/defaultChannelIcon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media1000-mehr-01.gewinn24-7.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:49:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 397810
cf-ray: 7172a3f1e8699bee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 732
x-amz-id-2: oSx/7ONxgCLea1rVoYV6RQmgK+4auVuqqBwy/MRfEJZs4FvkuyRwAiVAZFzHuBxE/N3JHmRAfjw=
last-modified: Mon, 21 Oct 2019 13:42:31 GMT
server: cloudflare
etag: "dada142d4861c864d8d63e8cd5dd22dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3wFKcQnBTbFjm9Oo9BTT73c23YRPT6%2BzYPFxlcEhFkjAw%2BrdsD6HAb5tlTnkizumdbUr%2B4CzZWxmUqlHLPD9H0xQE%2BRNAHtR3PEpB8Kr%2FlD3M3etTNCUPlw%2ByheRGn44b0MWJPiJZNqMHn%2F7uee47De3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: SRKAVG4XMRQ30HTZ
cache-control: max-age=2628000
accept-ranges: bytes
content-type: image/png

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fiendbrood.com/	1970-01-20 04:18:46	Name: uid15295 Value: 1267267655-20220606124912-b285b185dac87bcb83a2d4c8ca3fa55a-
lynku.jukminung.com/	1970-01-20 03:45:38	Name: AWSALB Value: WrhIlJDaQLRshmkJLAPnZgBJiJonrx8KK5DZRlGo1MvAUmNjmzMWp5XVcN1qnskCoT1bcc+sp8arHYpDZeg6oDWdf8W6P/zH3UbFyYxZZ84/XhxoyjujXAE6RTlC
gewinn-ometer.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9205157fdb675474cd66153d4b9b3ded
gewinn-ometer.com/	1970-01-20 04:18:46	Name: coyoteTrackingCookie_1890 Value: 459370842
gewinn-ometer.com/	1970-01-20 04:18:46	Name: coyoteSimpleTrackingCookie Value: 459370842
.jukminung.com/	1970-01-20 03:35:35	Name: __cf_bm Value: ESIRBRel14KXfA2Te_154oWfYqP9Ds3iCRfpGqrnC18-1654534153-0-AcQQqQbGuOZUUbUHzJ1oG0aYQtvsS2aamW35zYGtJpQdpOBTLVOxpNSaPlO0WrQHFQ04wG9bqOSWzJQAhT/YqgPKk5B5F2qXpRyReDrCMRJy+zIO67Pk4oLPwYYKlWqHxw==
media1000-mehr-01.gewinn24-7.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: 72b12856cc9df2da8cc3182aafd635b3
media1000-mehr-01.gewinn24-7.de/	1970-01-20 03:35:48	Name: coyoteAffiliTokenId2995 Value: 459370842
.gewinn24-7.de/	1970-01-20 21:06:46	Name: _ga Value: GA1.2.1208251546.1654534154
.gewinn24-7.de/	1970-01-20 03:37:00	Name: _gid Value: GA1.2.1057421461.1654534154
.gewinn24-7.de/	1970-01-20 03:35:34	Name: _gat Value: 1
media1000-mehr-01.gewinn24-7.de/	1970-01-20 12:21:10	Name: shield_FPC Value: SCUUH0lJJ18padJDoS8yqiWJ6vKsJVeIeL
218a2560b3a2774254c9535b5e63c482d14d5e20.csftr.com/	1970-01-20 21:06:46	Name: shd_persistent Value: 5b9f7b53-f1bf-4853-bc67-eed4a0bb204b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

218a2560b3a2774254c9535b5e63c482d14d5e20.csftr.com
ajax.aspnetcdn.com
api.cleverpush.com
cdn.addlnk.com
d1cr9zxt7u0sgu.cloudfront.net
deaffiliateceoo.mycleverpush.com
fiendbrood.com
fnoaqcvrmd.blob.core.windows.net
fonts.googleapis.com
gewinn-ometer.com
lynku.jukminung.com
media1000-mehr-01.gewinn24-7.de
speedrude.net
static.cleverpush.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
13.225.84.173
152.199.19.160
159.69.145.0
188.95.252.33
20.60.220.36
2606:4700:20::681a:e1f
2606:4700:20::ac43:47b8
2606:4700:3030::ac43:bfdd
2606:4700:3031::ac43:92ee
2606:4700:3108::ac42:2b19
2a00:1450:4001:800::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:400c:c07::9a
62.244.29.71
64.22.104.126
07a5bcfd4d13d15c3a4f057cfc613b3130453b9df904eb4496a56799ca6ffdd4
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0e316c0259261f121f15c9df673eb6c53f2c7ed18ce879243decc8efac00c03f
24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897
270414565d3b2ad31907a5bb5b6d99c624ecb18bfd564326e72c8ea9eaf14473
2a4d605dd6458a3aac55b7b19e22ea4de2832085f54fce11729ba0762b3d4dae
42b1b3d284411a4f2164ef22085d232ff946cdaf5a4a4790ec64624044e2f4ce
4bf3e1f6d9f6cd22f465c0b202ed398d227dc51e67c981de7f0606f6e022b603
4f8cae5d2bb50d5dcf09a19abd7b8972dc4596be92848a7ce58d94f29f238a25
73c9603859745af9f6558c825d261e2ef14d854cd9c918348abe00d611b7cc50
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
79475fd1c6d1b016bed9baeabeff94c02ffcb05906924c254ccd2542d964aa8a
808ae8844e5f26252997ea223a219829f9cc2e20e7114ca6f1cb192c46209a2e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84bab018c3c5a57e389a625460a3777f504fa37e6230fd68ceab4c9e007d347a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
965511942be24112b06616f804d33d896aa25e08779f8a2ffbeba29799eaaaae
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ab7cba4e6e43fc0e55d3b434299a0055c9895ec640e8f9f30a1f1266415e15fb
ab89f8fc7fb4a556a41d80586cce4cb6bc0631a43bae7682ff04244ce3ba76a3
ad071ac41cf84fc733aaf0da1c7a7a57f679bc227cdb3fc4ca4801f117614bde
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af640a8153133f37b8c4ef2de2facaf13ebeaa773480478059ce877f757bee5a
c41599fa01a641b5c5a646a8320a7a48e70c9ed0b6a806f791340954d7e266e0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9d74269a7a7dd4027c05ab6917e7a2966bc09115e9b3eb987166e5ec41e7726
cbd686cc61f0f4048152c39cf0a642611f80efffa61e83a1d3c718719636ef68
d2df21830f652a9bd3908df74aea4be9277d831197546aec3e7f8a187dd829b9
e6f30fc75e5af01d5abbcff91b5f199f4b0005b268f94e104c26352d9a865cbe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe4af472f3a2d791865c494dd24432cef28321422968a69ecc396b45b05d5cc2

media1000-mehr-01.gewinn24-7.de Open in urlscan Pro 188.95.252.33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

59 %IPv6

17 Domains

18 Subdomains

16 IPs

5 Countries

517 kBTransfer

1156 kBSize

13 Cookies

8 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

media1000-mehr-01.gewinn24-7.de Open in urlscan Pro
188.95.252.33 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

59 %
IPv6

17
Domains

18
Subdomains

16
IPs

5
Countries

517 kB
Transfer

1156 kB
Size

13
Cookies

44 HTTP transactions
0 data transactions