11sup.sofortchancen.de Open in urlscan Pro
188.95.252.36 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tracking.antiktugla.eu/tracking/click?d=V1T2xYo7Pq4U-pj17ZK_A1_z1kPw1d13zSmlxugD78NER2yUvNqs0s6NfMl_y8TrsDhTshW2X0RwJYi...
Effective URL:
https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
Submission: On August 03 via api (August 3rd 2022, 5:39:26 am UTC) from DE — Scanned from DE

Summary HTTP 60 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 15 domains to perform 60 HTTP transactions. The main IP is 188.95.252.36, located in Spain and belongs to RACKMARKT, ES. The main domain is 11sup.sofortchancen.de.
TLS certificate: Issued by cPanel, Inc. Certification Authority on June 15th 2022. Valid for: 3 months.

This is the only time 11sup.sofortchancen.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	94.23.161.19 94.23.161.19	16276 (OVH) (OVH)
1 1	52.21.33.16 52.21.33.16	14618 (AMAZON-AES) (AMAZON-AES)
1	147.135.167.155 147.135.167.155	16276 (OVH) (OVH)
1 18	188.95.252.36 188.95.252.36	197518 (RACKMARKT) (RACKMARKT)
7	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
1	18.66.121.27 18.66.121.27	16509 (AMAZON-02) (AMAZON-02)
12	2606:4700:20:... 2606:4700:20::ac43:47b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	159.69.145.0 159.69.145.0	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:310... 2606:4700:3108::ac42:28e7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:e1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
60	15

1 94.23.161.19 (Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: api.elasticemail.com

tracking.antiktugla.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.33.16 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: us-ip-1.short.io

burguerst.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.167.155 (France)

ASN16276 (OVH, FR)
PTR: dyw7.techexpect.info

laudypauty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 188.95.252.36 (Spain) 1 redirects

ASN197518 (RACKMARKT, ES)

ihre-tageschance.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
11sup.sofortchancen.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.121.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-121-27.fra60.r.cloudfront.net

d1cr9zxt7u0sgu.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:47b8 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.145.0 (Pfaffenhofen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.0.145.69.159.clients.your-server.de

arctollceoo.mycleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:28e7 (United States)

ASN13335 (CLOUDFLARENET, US)

218a2560b3a2774254c9535b5e63c482d14d5e20.csftr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:e1f (United States)

ASN13335 (CLOUDFLARENET, US)

api.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	sofortchancen.de 11sup.sofortchancen.de	1 MB
16	cleverpush.com static.cleverpush.com — Cisco Umbrella Rank: 15984 api.cleverpush.com — Cisco Umbrella Rank: 16154	115 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	403 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 61	20 KB
4	google.com www.google.com — Cisco Umbrella Rank: 15	23 KB
1	csftr.com 218a2560b3a2774254c9535b5e63c482d14d5e20.csftr.com — Cisco Umbrella Rank: 771243	497 B
1	mycleverpush.com arctollceoo.mycleverpush.com	26 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4674	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 131	446 B
1	cloudfront.net d1cr9zxt7u0sgu.cloudfront.net	26 KB
1	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 482	30 KB
1	ihre-tageschance.de 1 redirects ihre-tageschance.de	717 B
1	laudypauty.com laudypauty.com	488 B
1	burguerst.eu 1 redirects burguerst.eu	344 B
1	antiktugla.eu 1 redirects tracking.antiktugla.eu	591 B
60	15

	Domain	Requested by
17	11sup.sofortchancen.de	laudypauty.com 11sup.sofortchancen.de
12	static.cleverpush.com	11sup.sofortchancen.de static.cleverpush.com arctollceoo.mycleverpush.com
7	www.google-analytics.com	11sup.sofortchancen.de www.google-analytics.com
5	fonts.gstatic.com	11sup.sofortchancen.de www.google.com
4	api.cleverpush.com	static.cleverpush.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	11sup.sofortchancen.de www.gstatic.com www.google.com
1	218a2560b3a2774254c9535b5e63c482d14d5e20.csftr.com	d1cr9zxt7u0sgu.cloudfront.net
1	arctollceoo.mycleverpush.com	static.cleverpush.com
1	www.google.de	11sup.sofortchancen.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	d1cr9zxt7u0sgu.cloudfront.net	11sup.sofortchancen.de
1	ajax.aspnetcdn.com	11sup.sofortchancen.de
1	ihre-tageschance.de	1 redirects
1	laudypauty.com
1	burguerst.eu	1 redirects
1	tracking.antiktugla.eu	1 redirects
60	17

This site contains links to these domains. Also see Links.

Domain
zahnschutztarif.de
www.daydreams.de
www.mirabo.at
www.mirabo.ch
www.burda-versichert.de
www.super-sparfuechse.com
de.testclub.com
www.meinungsclub.de
elitepremiumservice.com
www.makromedia-online.de
www.pmiprivacy.com
www.affili-partner.com

Subject Issuer	Validity	Valid
www.laudypauty.com Go Daddy Secure Certificate Authority - G2	`2022-05-31` - `2023-06-29`	a year	crt.sh
11sup.sofortchancen.de cPanel, Inc. Certification Authority	`2022-06-15` - `2022-09-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-11` - `2023-06-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.mycleverpush.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-06` - `2023-06-06`	a year	crt.sh
*.csftr.com E1	`2022-07-10` - `2022-10-08`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
Frame ID: 29770431CD630BF05DCB1216CE4E2A51
Requests: 49 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly8xMXN1cC5zb2ZvcnRjaGFuY2VuLmRlOjQ0Mw..&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=e69ydr66azeg
Frame ID: 25FC224670AAC03A4C5601157395780C
Requests: 7 HTTP requests in this frame

Frame: https://arctollceoo.mycleverpush.com/iframe?origin=https%3A%2F%2F11sup.sofortchancen.de
Frame ID: 3B8502C1CCD7E09AF9BEE138B616ABDB
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Edeka Gutschein

Page URL History Show full URLs

http://tracking.antiktugla.eu/tracking/click?d=V1T2xYo7Pq4U-pj17ZK_A1_z1kPw1d13zSmlxugD78NER2yUvNqs0s6NfMl... HTTP 302
https://burguerst.eu/v9HtFV HTTP 302
https://laudypauty.com/100f6aea1a9e5cb7000 Page URL
https://ihre-tageschance.de/de,edeka,aff,2021,arctoll_1723.html?idPartner=1484&idCampaignAd=0&subId=4740... HTTP 302
https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326& Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

60
Requests

100 %
HTTPS

56 %
IPv6

15
Domains

17
Subdomains

15
IPs

5
Countries

1741 kB
Transfer

2788 kB
Size

11
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: http://zahnschutztarif.de/
Title: Zahnschutztarif.de

Search URL Search Domain Scan URL

URL: https://www.daydreams.de/datenschutzinformation_Artikel_14
Title: Datenschutzinformation nach Art. 14 EU-DSGVO

Search URL Search Domain Scan URL

URL: https://www.mirabo.at/nvg-at/content/datenschutzinformation-nach-art-14-dsgvo,549/
Title: https://www.mirabo.at/nvg-at/datenschutzinformation

Search URL Search Domain Scan URL

URL: https://www.mirabo.at/datenschutzinformation
Title: Datenschutzinfo AT

Search URL Search Domain Scan URL

URL: https://www.mirabo.ch/datenschutzinformation
Title: Datenschutzinfo CH

Search URL Search Domain Scan URL

URL: https://www.burda-versichert.de/de/cms/datenschutzinformation-art-14.html
Title: Informationen nach Art. 14 EU-DSGVO

Search URL Search Domain Scan URL

URL: https://www.super-sparfuechse.com/nutzungsbedingungen/
Title: https://www.super-sparfuechse.com/nutzungsbedingungen/

Search URL Search Domain Scan URL

URL: https://de.testclub.com/terms-of-use/
Title: https://de.testclub.com/terms-of-use/

Search URL Search Domain Scan URL

URL: https://www.meinungsclub.de/static/privacy
Title: https://www.meinungsclub.de/static/privacy

Search URL Search Domain Scan URL

URL: https://elitepremiumservice.com/datenschutz.html
Title: Datenschutzinformation nach Art. 14 DSGVO

Search URL Search Domain Scan URL

URL: https://www.makromedia-online.de/
Title: https://www.makromedia-online.de/

Search URL Search Domain Scan URL

URL: https://www.pmiprivacy.com/de-de/consumer/
Title: https://www.pmiprivacy.com/de-de/consumer/

Search URL Search Domain Scan URL

URL: http://www.affili-partner.com/en/registration.html
Title: www.Affiliate-Partner.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tracking.antiktugla.eu/tracking/click?d=V1T2xYo7Pq4U-pj17ZK_A1_z1kPw1d13zSmlxugD78NER2yUvNqs0s6NfMl_y8TrsDhTshW2X0RwJYid7TrphtHQOHTVqzzrml54-r2waqtPM4wtn3DgSds3Kxhm1sKSOuofQin_vIpxPXXJL4eDhS01 HTTP 302
https://burguerst.eu/v9HtFV HTTP 302
https://laudypauty.com/100f6aea1a9e5cb7000 Page URL
https://ihre-tageschance.de/de,edeka,aff,2021,arctoll_1723.html?idPartner=1484&idCampaignAd=0&subId=474014&subIdentifier=1226850702 HTTP 302
https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://tracking.antiktugla.eu/tracking/click?d=V1T2xYo7Pq4U-pj17ZK_A1_z1kPw1d13zSmlxugD78NER2yUvNqs0s6NfMl_y8TrsDhTshW2X0RwJYid7TrphtHQOHTVqzzrml54-r2waqtPM4wtn3DgSds3Kxhm1sKSOuofQin_vIpxPXXJL4eDhS01 HTTP 302
https://burguerst.eu/v9HtFV HTTP 302
https://laudypauty.com/100f6aea1a9e5cb7000

60 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

100f6aea1a9e5cb7000
laudypauty.com/
Redirect Chain

http://tracking.antiktugla.eu/tracking/click?d=V1T2xYo7Pq4U-pj17ZK_A1_z1kPw1d13zSmlxugD78NER2yUvNqs0s6NfMl_y8TrsDhTshW2X0RwJYid7TrphtHQOHTVqzzrml54-r2waqtPM4wtn3DgSds3Kxhm1sKSOuofQin_vIpxPXXJL4eDhS01
https://burguerst.eu/v9HtFV
https://laudypauty.com/100f6aea1a9e5cb7000

194 B
488 B

431ms
359ms

Document
text/html

147.135.167.155
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://laudypauty.com/100f6aea1a9e5cb7000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.135.167.155 , France, ASN16276 (OVH, FR),
Reverse DNS: dyw7.techexpect.info
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 194
Content-Type: text/html; charset=UTF-8
Date: Wed, 03 Aug 2022 05:39:18 GMT
Server: Apache

Redirect headers

Date: Wed, 03 Aug 2022 05:39:18 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
connection: close
content-length: 0
content-type: text/html; charset=utf-8
location: https://laudypauty.com/100f6aea1a9e5cb7000
pragma: no-cache
x-content-type-options: nosniff
x-powered-by: Short.io link shortener

GET
H/1.1

200
OK

Primary Request campaign_2728.html Show response
11sup.sofortchancen.de/
Redirect Chain

https://ihre-tageschance.de/de,edeka,aff,2021,arctoll_1723.html?idPartner=1484&idCampaignAd=0&subId=474014&subIdentifier=1226850702
https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&

183 KB
183 KB

544ms
466ms

Document
text/html

188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
Requested by: Host: laudypauty.com
URL: https://laudypauty.com/100f6aea1a9e5cb7000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: bad1717a32e0ce95412cb41bb0717f08423a5a96058d0147cd387b84c19006e6

Request headers

Referer: https://laudypauty.com/100f6aea1a9e5cb7000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Wed, 03 Aug 2022 05:39:18 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Wed, 03 Aug 2022 05:39:18 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2002
date: Wed, 03 Aug 2022 05:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 03 Aug 2022 07:05:57 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 86 KB
30 KB 39ms
9ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.1.min.js

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E90) /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 05:39:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19390
x-cache: HIT
content-length: 30737
x-xss-protection: 1; mode=block
last-modified: Thu, 02 May 2019 18:32:11 GMT
server: ECAcc (frc/8E90)
etag: "808705b151d51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 shdfp.js Show response
d1cr9zxt7u0sgu.cloudfront.net/ 84 KB
26 KB 40ms
9ms Script
application/javascript 18.66.121.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1cr9zxt7u0sgu.cloudfront.net/shdfp.js?SITE_ID=218a2560b3a2774254c9535b5e63c482d14d5e20&TYPE=JS&DE=1
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.121.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-121-27.fra60.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: 84bab018c3c5a57e389a625460a3777f504fa37e6230fd68ceab4c9e007d347a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 05:38:37 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 09:40:08 GMT
server: nginx/1.14.2
age: 46
etag: W/"6225d2f8-14ec8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: Q4q_ylIHJUyPbwzRROV_DPoEKrogj6N2EXKrzkIHESfOh0eZMe37nQ==

GET
H/1.1 200
OK reset.css
11sup.sofortchancen.de/ftp/o2o_umfrageTemplate/ 1 KB
1 KB 96ms
32ms Stylesheet
text/css 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://11sup.sofortchancen.de/ftp/o2o_umfrageTemplate/reset.css
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: c8f4db5cb5de6f37e5c8c89b69a21092e444ce66d65da692f2b297007a0c2963

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 05:39:19 GMT
Last-Modified: Thu, 29 Sep 2016 12:39:41 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1073
Content-Type: text/css

GET
H/1.1 200
OK custom.css
11sup.sofortchancen.de/ftp/o2o_umfrageTemplate/ 21 KB
22 KB 97ms
34ms Stylesheet
text/css 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://11sup.sofortchancen.de/ftp/o2o_umfrageTemplate/custom.css
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: eb3eb3234394fd402890dd7269e4e35ffb9b4df7d0caba5eccc84f2cced2fbb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 05:39:19 GMT
Last-Modified: Fri, 24 Aug 2018 10:36:34 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 21826
Content-Type: text/css

GET
H/1.1 200
OK series.css
11sup.sofortchancen.de/ftp/o2o_umfrageTemplate/ 41 KB
41 KB 99ms
35ms Stylesheet
text/css 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://11sup.sofortchancen.de/ftp/o2o_umfrageTemplate/series.css
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 895562fb3ab5dec78b28196e26938382110e8d1b109d54e99f736581d3f9bfaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 05:39:19 GMT
Last-Modified: Thu, 05 Jan 2017 15:26:26 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 42281
Content-Type: text/css

GET
H/1.1 200
OK button.js Show response
11sup.sofortchancen.de/ftp/o2o_umfrageTemplate/ 4 KB
4 KB 96ms
32ms Script
application/javascript 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://11sup.sofortchancen.de/ftp/o2o_umfrageTemplate/button.js
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 4a4c46b8a193ff0825d07a0f3fe6c3b9df535ce9b26371a81be2384afbf0b30b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 05:39:19 GMT
Last-Modified: Thu, 06 Apr 2017 07:50:57 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 3824
Content-Type: application/javascript

GET
H2 200 4BPm8eKCLLtycAJE8.js Show response
static.cleverpush.com/channel/loader/ 263 KB
52 KB 50ms
22ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74a96413e485cd35fbda080005625c69c520aacdf231da78697e17142ec8b0ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 05:39:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17132
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 3Z3WRDXHTR1NWEE3
x-amz-id-2: ua4pgxULbYWEuJidxclYdjx3PUhnBVS5DTgh/Z5ovCqJ9lvQAIqsmTnoHsOJRH/EXKgbka6YTL4=
last-modified: Tue, 02 Aug 2022 00:29:54 GMT
server: cloudflare
etag: W/"393846631d917e8fa02614b5cb2b1a08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V78AsV31Owe%2F0izrAH6ncc84Px0xr%2FLWVZWBYoPYPWaoi2Lj6LSINQRN6F1Vk6w9WB0KKYQsngY%2B0hymDMaViKFrhkGj34KSgKsZt6ap%2F0%2FYM4xwNBWOKWhedlw5r8BE9qVnSBTtOSdGvbkAVM7rp0IXOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=21600
cf-ray: 734cb6514b33bbbf-FRA

GET
H/1.1 200
OK edeka,mobile,prize,a.png
11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/ 65 KB
65 KB 99ms
32ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/edeka,mobile,prize,a.png
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: ed3686f157f542dd6350eebe1cb91b236f2030532c0c358974edccb65fab12d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 05:39:19 GMT
Last-Modified: Thu, 28 Jan 2021 16:20:09 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 66264
Content-Type: image/png

GET
H/1.1 200
OK edeka,desk,header.png
11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/ 47 KB
47 KB 99ms
32ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/edeka,desk,header.png
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 79e06f1eed12d69174cf42a5e498858f9aa4dc6adaa9ad7043d387d3ef1e3c7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 05:39:19 GMT
Last-Modified: Wed, 27 Jan 2021 13:31:14 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 47647
Content-Type: image/png

GET
H/1.1 200
OK edeka,desk,prize,a.png
11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/ 85 KB
85 KB 99ms
32ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/edeka,desk,prize,a.png
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: d8d7032bfb124576109d7c30ee7704ebda7ca9d649e6b91e372d2d6d2761983e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 05:39:19 GMT
Last-Modified: Thu, 28 Jan 2021 16:20:09 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 86950
Content-Type: image/png

GET
H/1.1 200
OK edeka,pb,done.png
11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/ 1 KB
1 KB 182ms
32ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/edeka,pb,done.png
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 18fd591fd0c632708863aacb644fbe4b791def15db3a585dca2bb3669b710b76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 05:39:19 GMT
Last-Modified: Wed, 27 Jan 2021 13:31:14 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1289
Content-Type: image/png

GET
H/1.1 200
OK edeka,pb,2.png
11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/ 1 KB
1 KB 95ms
32ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/edeka,pb,2.png
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: b71af4aacfcf6686ecc6f95f30cfed1038c4bcb1a91229cd2cd3e44387f447e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 05:39:19 GMT
Last-Modified: Wed, 27 Jan 2021 13:31:14 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1324
Content-Type: image/png

GET
H/1.1 200
OK edeka,pb,3.png
11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/ 1 KB
1 KB 97ms
32ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/edeka,pb,3.png
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 855aad4742594f975c954db8924161495778d924cca3fb34a1aaea075f766621

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 05:39:19 GMT
Last-Modified: Wed, 27 Jan 2021 13:31:14 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1326
Content-Type: image/png

GET
H/1.1 200
OK edeka,pb,4.png
11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/ 1 KB
1 KB 98ms
32ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/edeka,pb,4.png
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 4cb18a88ad0c38c0fd96673a51c77df277826ee27a05d97263e8344541eab70b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 05:39:19 GMT
Last-Modified: Wed, 27 Jan 2021 13:31:14 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1274
Content-Type: image/png

GET
H/1.1 200
OK edeka,pb,prize.png
11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/ 845 B
1 KB 97ms
32ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/edeka,pb,prize.png
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 7a3b23ef6057020443c65826159fbd95ab2648616acc583af05bec3c4a47e04b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 05:39:19 GMT
Last-Modified: Wed, 27 Jan 2021 13:31:14 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 845
Content-Type: image/png

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
1000 B 41ms
15ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

75dd4d530ca7eea0398dfd9bb329cbf5e5aa055568f80e0592f92cd59a352853

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 05:39:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 587
x-xss-protection: 1; mode=block
expires: Wed, 03 Aug 2022 05:39:19 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
213 B 15ms
14ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1983085779&t=pageview&_s=1&dl=https%3A%2F%2F11sup.sofortchancen.de%2Fcampaign_2728.html%3FcoyoteAffiliTokenId%3D467561326%26&dr=https%3A%2F%2Flaudypauty.com%2F&dp=2728%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=979395563&gjid=248471685&cid=684918732.1659505160&tid=UA-68861802-12&_gid=928423608.1659505160&_r=1&_slc=1&cg1=2728&cg2=191&cg3=1484&cg4=474014&cg5=1226850702&cd1=2728&cd2=191&cd3=1484&cd4=474014&cd5=1226850702&cd6=2421&z=559632391

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://11sup.sofortchancen.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 05:39:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://11sup.sofortchancen.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
7ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1983085779&t=event&_s=2&dl=https%3A%2F%2F11sup.sofortchancen.de%2Fcampaign_2728.html%3FcoyoteAffiliTokenId%3D467561326%26&dr=https%3A%2F%2Flaudypauty.com%2F&dp=2728%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=191&ea=pageview&el=2728%2Fadressdata1%2F&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=684918732.1659505160&tid=UA-68861802-12&_gid=928423608.1659505160&cg1=2728&cg2=191&cg3=1484&cg4=474014&cg5=1226850702&cd1=2728&cd2=191&cd3=1484&cd4=474014&cd5=1226850702&cd6=2421&z=1125869353

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Aug 2022 23:52:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20816
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1983085779&t=event&_s=3&dl=https%3A%2F%2F11sup.sofortchancen.de%2Fcampaign_2728.html%3FcoyoteAffiliTokenId%3D467561326%26&dr=https%3A%2F%2Flaudypauty.com%2F&dp=2728%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=191&ea=idPartner&el=1484&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=684918732.1659505160&tid=UA-68861802-12&_gid=928423608.1659505160&cg1=2728&cg2=191&cg3=1484&cg4=474014&cg5=1226850702&cd1=2728&cd2=191&cd3=1484&cd4=474014&cd5=1226850702&cd6=2421&z=2118994318

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Aug 2022 23:52:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20816
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
8ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1983085779&t=event&_s=4&dl=https%3A%2F%2F11sup.sofortchancen.de%2Fcampaign_2728.html%3FcoyoteAffiliTokenId%3D467561326%26&dr=https%3A%2F%2Flaudypauty.com%2F&dp=2728%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=191&ea=idAmKampagne&el=2728&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=684918732.1659505160&tid=UA-68861802-12&_gid=928423608.1659505160&cg1=2728&cg2=191&cg3=1484&cg4=474014&cg5=1226850702&cd1=2728&cd2=191&cd3=1484&cd4=474014&cd5=1226850702&cd6=2421&z=273253432

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Aug 2022 23:52:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20816
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
8ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1983085779&t=event&_s=5&dl=https%3A%2F%2F11sup.sofortchancen.de%2Fcampaign_2728.html%3FcoyoteAffiliTokenId%3D467561326%26&dr=https%3A%2F%2Flaudypauty.com%2F&dp=2728%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=191&ea=wgname&el=Edeka%20Gutschein&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=684918732.1659505160&tid=UA-68861802-12&_gid=928423608.1659505160&cg1=2728&cg2=191&cg3=1484&cg4=474014&cg5=1226850702&cd1=2728&cd2=191&cd3=1484&cd4=474014&cd5=1226850702&cd6=2421&z=79551453

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Aug 2022 23:52:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20816
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
8ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1983085779&t=event&_s=6&dl=https%3A%2F%2F11sup.sofortchancen.de%2Fcampaign_2728.html%3FcoyoteAffiliTokenId%3D467561326%26&dr=https%3A%2F%2Flaudypauty.com%2F&dp=2728%2Fadressdata1%2F&ul=en-us&de=UTF-8&dt=adressdata1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=191&ea=1484&el=474014&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=684918732.1659505160&tid=UA-68861802-12&_gid=928423608.1659505160&cg1=2728&cg2=191&cg3=1484&cg4=474014&cg5=1226850702&cd1=2728&cd2=191&cd3=1484&cd4=474014&cd5=1226850702&cd6=2421&z=2117141968

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Aug 2022 23:52:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20816
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 68ms
20ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-68861802-12&cid=684918732.1659505160&jid=979395563&gjid=248471685&_gid=928423608.1659505160&_u=YEBAAEAAAAAAAC~&z=119659111

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://11sup.sofortchancen.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 03 Aug 2022 05:39:19 GMT
content-type: text/plain
access-control-allow-origin: https://11sup.sofortchancen.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK main_layout_logo.png
11sup.sofortchancen.de/media/adresseManager/microSiteImg/ 7 KB
7 KB 97ms
32ms Image
image/png 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11sup.sofortchancen.de/media/adresseManager/microSiteImg/main_layout_logo.png
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 2a4d605dd6458a3aac55b7b19e22ea4de2832085f54fce11729ba0762b3d4dae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 05:39:19 GMT
Last-Modified: Mon, 08 May 2017 07:24:36 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 7333
Content-Type: image/png

GET
H/1.1 200
OK coyoteDefaultLibrary.css
11sup.sofortchancen.de/templates/coyoteDefaultLibrary/ 2 KB
3 KB 100ms
32ms Stylesheet
text/css 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://11sup.sofortchancen.de/templates/coyoteDefaultLibrary/coyoteDefaultLibrary.css
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 15e9a4546d5ac8af8c3b083aa33a81541a69691625ce72cdb5e6fc1475b0c8c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 05:39:19 GMT
Last-Modified: Tue, 04 May 2021 04:37:20 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 2458
Content-Type: text/css

GET
H/1.1 200
OK coyoteDefaultLibrary.js Show response
11sup.sofortchancen.de/templates/coyoteDefaultLibrary/ 17 KB
18 KB 107ms
32ms Script
application/javascript 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to

Full URL: https://11sup.sofortchancen.de/templates/coyoteDefaultLibrary/coyoteDefaultLibrary.js
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 425afd9a7a5108ad89c3ee927323884bfe7d43d9eba87195e19d88f1e2c99853

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 05:39:19 GMT
Last-Modified: Tue, 04 May 2021 04:37:20 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 17749
Content-Type: application/javascript

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 42ms
18ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-68861802-12&cid=684918732.1659505160&jid=979395563&_u=YEBAAEAAAAAAAC~&z=1344977587

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 05:39:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 42ms
20ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-68861802-12&cid=684918732.1659505160&jid=979395563&_u=YEBAAEAAAAAAAC~&z=1344977587

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 05:39:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK edeka,desk,bg,a.jpg
11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/ 613 KB
613 KB 70ms
32ms Image
image/jpeg 188.95.252.36
RACKMARKT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11sup.sofortchancen.de/media/adresseManager/microSiteImg/2728/edeka,desk,bg,a.jpg
Requested by: Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 188.95.252.36 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
Software: Apache /
Resource Hash: 157dfbc5e774868f99481fdcfaf1f3f171e9af31bf4e26e5e4638d14eed1b89e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 05:39:19 GMT
Last-Modified: Wed, 27 Jan 2021 13:31:14 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 627290
Content-Type: image/jpeg

GET
H2 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v13/ 16 KB
17 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f164941997fbc7f7ed7d2a7c3e86b997d647f1910d93fdc2462dd86fd5affa48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11sup.sofortchancen.de/
Origin: https://11sup.sofortchancen.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 15:45:16 GMT
x-content-type-options: nosniff
age: 222843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16276
x-xss-protection: 0
last-modified: Mon, 27 Apr 2015 23:45:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 31 Jul 2023 15:45:16 GMT

GET
H2 200 cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v13/ 15 KB
15 KB 31ms
10ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11sup.sofortchancen.de/
Origin: https://11sup.sofortchancen.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:52:37 GMT
x-content-type-options: nosniff
age: 74802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15572
x-xss-protection: 0
last-modified: Mon, 27 Apr 2015 23:46:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Aug 2023 08:52:37 GMT

GET
DATA 200
OK truncated
/ 213 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e8e0e58a0c5a5e3f02b9167ed381b7cd5cd9907d8e29d2f4a01b9673e92fea2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7b187b31119631622a0de2ca08cd3b2e63ac43edc3baa4b75d404da01e41e64

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/ 381 KB
152 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee16f3ddf9a9263254797764cbefb769d06e772345ccf658d13951a64318af34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11sup.sofortchancen.de/
Origin: https://11sup.sofortchancen.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 15:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 154709
x-xss-protection: 0
last-modified: Mon, 25 Jul 2022 04:02:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Aug 2023 15:58:55 GMT

GET
H3 200 728.188cae3b14a4e94d70da.js Show response
static.cleverpush.com/sdk/chunk/ 18 KB
6 KB 26ms
16ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/728.188cae3b14a4e94d70da.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc3377d915aecca25ce35744d51ad645537a289381907ec6a09465f47df2c052

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 05:39:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9043
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: MQMM01FN2TA08CPT
x-amz-id-2: mr21/Et7m5I5KCyMywplF+x9vrx70DfuPu4yaKtG2PuggpPB404UCYnotc0K2Y1i53Pu1SZe4es=
last-modified: Mon, 01 Aug 2022 15:08:23 GMT
server: cloudflare
etag: W/"f4ad17ce3a7d08d54f3f40153f7339c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZtlHIy8AHZmD8ye1oTtIcI3u78pLOcbYDVap05DtKw34UDRIyqVNl4yEbf%2FiZHDt0MXW%2FGaB8Aai%2FFx5eF8uI6Wu84vE%2B5QCG648LaoM7pmj2ZdHMM6FBC0%2BuZeozLOh4pgYhun5ll%2F7hcU1rgc8l4yMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 734cb651a940917c-FRA

GET
H3 200 499.9879bc1951e60da1f80c.js Show response
static.cleverpush.com/sdk/chunk/ 2 KB
1 KB 18ms
18ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/499.9879bc1951e60da1f80c.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b6ee93a2476563632ddae3a1cb06f21f15dbfa567879bda2bcb31a0db5b8e03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 05:39:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9036
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CRS7TQD6JZQXZKS4
x-amz-id-2: C3p95Pm+W3GFlmvsgtZedeYy/rz0R/H8EY5kvizEMmWULGFhfvNIzRgJLC3M9LuB3SSvNreVpAE=
last-modified: Mon, 01 Aug 2022 15:08:23 GMT
server: cloudflare
etag: W/"dbe326b30ea070afd5d0403392ac9d36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHwv8VIHNMUSGnK7IwvtJpACcd5bVGFNFtLQTnSh4QbjpLybaHORc3pvNRNORIw1eps3EWr56srxnt6gm6ZaYq1ihJ4myDseWL37KHAInoHJaRk5qaX4nRgtvCCI08tGCwWjiriB00eLomkEEA4CA3itAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 734cb651c96e917c-FRA

GET
H3 200 5.bbab6591cc5d58361989.js Show response
static.cleverpush.com/sdk/chunk/ 34 KB
9 KB 16ms
16ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/5.bbab6591cc5d58361989.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da792e6af3a69f64458cc23db3a7cfbaf3d3fa8fbc458e1757386c1afb1dbb20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 05:39:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9046
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: MQMGSW2NFF6S1BJW
x-amz-id-2: 5vCF3iJj3b5r2XfAkFS6GmWQidS9pZ1lB6i1F92DnFaq5pNYveYTS0QVdv/0X/PEp83Xctu2nLA=
last-modified: Mon, 01 Aug 2022 15:08:23 GMT
server: cloudflare
etag: W/"ff120cdd4b0005f3931bdd56dc23c016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25jj4bI1RsbJHudEddiumqLXN3%2BkcpW94WFtUPPe33q5EaJOGAnY6u%2BQIDFu1EFq0T0iNQcYnI0sViAWuOn1T0qBlQSh2cdqVFYpdO5MVOqLIK%2BSTTiRnoFyY1fgBawYgABEIyzQrLorvP9s3nLR2bVW4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 734cb65209a9917c-FRA

GET
H3 200 251.90ad76a663f3b3850ba0.js Show response
static.cleverpush.com/sdk/chunk/ 6 KB
3 KB 14ms
14ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/251.90ad76a663f3b3850ba0.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5998c4e35c3c10a968ea65a2e658f3efd907290f782178d10195699423e0c903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 05:39:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9046
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: MQMV8TMC9J39EA9M
x-amz-id-2: DmUSH2EwiS9BGv1neXMA9Z0XAnR2PgQ/dWxr3DsBDYh7BReA1Bgqr1vf8Xen1NtwFqgjqlv9IJI=
last-modified: Mon, 01 Aug 2022 15:08:23 GMT
server: cloudflare
etag: W/"6a7967b77385a26f48658efa53820786"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48WcCCqhD5Vv63fiEHT3G0t3ZTPX6yWA1Sf4rO193lrytRREEjy1Lno79WyzbzhEMtM8pq1fWBJmK4ChkQcZ4nBxMUL%2BOIvATv%2F01Tjj6Qtmqsz%2F8ePSy0o03xqkBdYHSERuohTpsUzBs4vnj93lVbDRFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 734cb65209aa917c-FRA

GET
H3 200 115.9617625893760382ecfe.js Show response
static.cleverpush.com/sdk/chunk/ 13 KB
4 KB 15ms
15ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/115.9617625893760382ecfe.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6366f01fa6a51d50fd23bdcc9eea9cdd7f62e27222d0c7bce85d61bf94f68c50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 05:39:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9046
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: MQMQD75MJD6NJD34
x-amz-id-2: 1KpOBt0C0vXPYIX4umNVjk63kT0ZmXOWwo0oKpL1cdoA3349mlMEy1G5sRk4gzvwzuXoQ0hFRug=
last-modified: Mon, 01 Aug 2022 15:08:23 GMT
server: cloudflare
etag: W/"2d0255b28b16d117b6e740f281d07091"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UeD8a0BpUrzCduY%2FXGwe1Y0UtdV1ZG8jJ4%2Fj1Map83BF4pVJUkFvm00DPdfaPyPiDO%2FvrWfhY0ZNS7IXM1b2PbrHETPa5CiFXLrTLmBZYWlwW4iIfSAm4QtSjqI3VeTkxPKfA1PDoe%2BZfh%2BTGToA%2B1QNZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 734cb65209ac917c-FRA

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 25FC 42 KB
22 KB 45ms
26ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly8xMXN1cC5zb2ZvcnRjaGFuY2VuLmRlOjQ0Mw..&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=e69ydr66azeg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4aead7f6d3b427390e00d8182df9fbf855d57661f00a38dd030882e9f0e1df06

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-agj9T04jP5J8fnDpFIJZLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://11sup.sofortchancen.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22120
content-security-policy: script-src 'report-sample' 'nonce-agj9T04jP5J8fnDpFIJZLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 03 Aug 2022 05:39:20 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 u-WUoqrET9fUeobQW7jkRRJtnKITppOI_IvcXXDNrsc.woff2
fonts.gstatic.com/s/opensans/v13/ 12 KB
12 KB 24ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/u-WUoqrET9fUeobQW7jkRRJtnKITppOI_IvcXXDNrsc.woff2

Requested by

Host: 11sup.sofortchancen.de
URL: https://11sup.sofortchancen.de/campaign_2728.html?coyoteAffiliTokenId=467561326&

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a846f7af6f32f2be5cb922158882116af42816a0ff71506920e18a3ba89456b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11sup.sofortchancen.de/
Origin: https://11sup.sofortchancen.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 16:56:35 GMT
x-content-type-options: nosniff
age: 45765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12288
x-xss-protection: 0
last-modified: Mon, 27 Apr 2015 23:46:52 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 02 Aug 2023 16:56:35 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/ Frame 25FC 51 KB
24 KB 24ms
8ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly8xMXN1cC5zb2ZvcnRjaGFuY2VuLmRlOjQ0Mw..&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=e69ydr66azeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 15:58:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 25 Jul 2022 04:02:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Aug 2023 15:58:46 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/ Frame 25FC 381 KB
151 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee16f3ddf9a9263254797764cbefb769d06e772345ccf658d13951a64318af34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 15:58:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 154709
x-xss-protection: 0
last-modified: Mon, 25 Jul 2022 04:02:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Aug 2023 15:58:55 GMT

GET
H2 200 iframe Show response
arctollceoo.mycleverpush.com/ Frame 3B85 69 KB
26 KB 49ms
9ms Document
text/html 159.69.145.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://arctollceoo.mycleverpush.com/iframe?origin=https%3A%2F%2F11sup.sofortchancen.de

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/251.90ad76a663f3b3850ba0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.145.0 Pfaffenhofen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.0.145.69.159.clients.your-server.de

Software

Resource Hash

8961e4be2ef62533996d4f821f9fff0f36da8aa30242aeb5039322e1cf81d544

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://11sup.sofortchancen.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept
cache-control: public, max-age=1800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 03 Aug 2022 05:39:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-backend-server: cleverpush-worker-3
x-cache-status: HIT
x-robots-tag: noindex

POST
H2 200 web Show response
218a2560b3a2774254c9535b5e63c482d14d5e20.csftr.com/shield-fp/v1/api/ 74 B
497 B 127ms
93ms XHR
application/json 2606:4700:3108::ac42:28e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://218a2560b3a2774254c9535b5e63c482d14d5e20.csftr.com/shield-fp/v1/api/web
Requested by: Host: d1cr9zxt7u0sgu.cloudfront.net
URL: https://d1cr9zxt7u0sgu.cloudfront.net/shdfp.js?SITE_ID=218a2560b3a2774254c9535b5e63c482d14d5e20&TYPE=JS&DE=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bf3e1f6d9f6cd22f465c0b202ed398d227dc51e67c981de7f0606f6e022b603

Request headers

Referer: https://11sup.sofortchancen.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Aug 2022 05:39:20 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://11sup.sofortchancen.de
access-control-allow-credentials: true
x-envoy-upstream-service-time: 44
cf-ray: 734cb6571b6a9130-FRA
access-control-allow-headers: Content-Type

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 25FC 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 38372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 09 Aug 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 25FC 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 45159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 02 Aug 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 25FC 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 112681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Aug 2023 22:21:19 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 25FC 102 B
134 B 18ms
17ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1e6c1ada8a36b7a73bdab54507668e5f123c29a3300d19a82fa6a532ef731021

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcxXPQUAAAAAIbrqXusuiyRVrf7m0SQs9B1vsY6&co=aHR0cHM6Ly8xMXN1cC5zb2ZvcnRjaGFuY2VuLmRlOjQ0Mw..&hl=de&v=5JGZgxkKwe0uOXDdUvSaNtk_&size=invisible&cb=e69ydr66azeg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 05:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 03 Aug 2022 05:39:20 GMT

GET
H3 200 5.bbab6591cc5d58361989.js Show response
static.cleverpush.com/sdk/chunk/ Frame 3B85 34 KB
9 KB 17ms
16ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/5.bbab6591cc5d58361989.js
Requested by: Host: arctollceoo.mycleverpush.com
URL: https://arctollceoo.mycleverpush.com/iframe?origin=https%3A%2F%2F11sup.sofortchancen.de
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da792e6af3a69f64458cc23db3a7cfbaf3d3fa8fbc458e1757386c1afb1dbb20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arctollceoo.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 05:39:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9046
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: MQMGSW2NFF6S1BJW
x-amz-id-2: 5vCF3iJj3b5r2XfAkFS6GmWQidS9pZ1lB6i1F92DnFaq5pNYveYTS0QVdv/0X/PEp83Xctu2nLA=
last-modified: Mon, 01 Aug 2022 15:08:23 GMT
server: cloudflare
etag: W/"ff120cdd4b0005f3931bdd56dc23c016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RpG2YpxTINyjK4vsEiJH4QP7R8cN5fNvm8zAr%2FZlafWNCvW1xvSZHz7GhB%2FZuC4pnuItRyqGmQvHVd28HOW7G7blP4oF%2BmrTUiFUv09j7t0pg6bIsykh%2B9btittgX%2BAfDPUTK0sPb7uK2GaLngMpq8CGuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 734cb657a903917c-FRA

GET
H3 200 251.90ad76a663f3b3850ba0.js Show response
static.cleverpush.com/sdk/chunk/ Frame 3B85 6 KB
3 KB 15ms
14ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/251.90ad76a663f3b3850ba0.js
Requested by: Host: arctollceoo.mycleverpush.com
URL: https://arctollceoo.mycleverpush.com/iframe?origin=https%3A%2F%2F11sup.sofortchancen.de
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5998c4e35c3c10a968ea65a2e658f3efd907290f782178d10195699423e0c903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arctollceoo.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 05:39:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9046
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: MQMV8TMC9J39EA9M
x-amz-id-2: DmUSH2EwiS9BGv1neXMA9Z0XAnR2PgQ/dWxr3DsBDYh7BReA1Bgqr1vf8Xen1NtwFqgjqlv9IJI=
last-modified: Mon, 01 Aug 2022 15:08:23 GMT
server: cloudflare
etag: W/"6a7967b77385a26f48658efa53820786"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFavUmWE3NaaX0rrIo0I3wH0BENv3kGkBTtMlcwh0tuXAwXbVDH%2BFQuNVa8NU%2B5ojM6Zf5703SMpSYg%2Fv1jama2KibYHzonckXp8fseged8AgmOIxmtJRJtE9Zvd3EriABxwHWnZVcLaC7Kz%2FmnBEMCH9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 734cb657a906917c-FRA

GET
H3 200 818.eb9c2f673c0740fe15b1.js Show response
static.cleverpush.com/sdk/chunk/ Frame 3B85 7 KB
3 KB 14ms
13ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/818.eb9c2f673c0740fe15b1.js
Requested by: Host: arctollceoo.mycleverpush.com
URL: https://arctollceoo.mycleverpush.com/iframe?origin=https%3A%2F%2F11sup.sofortchancen.de
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b20d3ab2d5f4e45ca38fec4f63aa5af36974abef278c23faeeff4761f48d3607

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arctollceoo.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 05:39:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9045
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CRS66P5RSSHCN9JX
x-amz-id-2: TME6J6vebNzJs0KuOC+2KeVTGqTZHHNlXaGwEbF32pShqCrkZ7JuweLz7hOWrhf3/Xj1TF2ujqU=
last-modified: Mon, 01 Aug 2022 15:08:23 GMT
server: cloudflare
etag: W/"68c2bb7d514ce21564a0606a85608cf4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzLlSHwC6WZp4YcSkaiXg8eo7ROav3iDDvTKT4MO1brfUeea59JR8mBzLI3100JEZ9CESDtrc3gNOSsk%2BpioAQmBf7SKdmSUQbsWmdHxu0Pb9splPpAZEc%2BVlTyqT6ovddyknKkMj%2FnodYMXEXy%2Fa6wfBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 734cb657a907917c-FRA

GET
H3 200 970.0d0d16fedbf4b4f13bed.js Show response
static.cleverpush.com/sdk/chunk/ 46 KB
10 KB 15ms
14ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/970.0d0d16fedbf4b4f13bed.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f04cad72831d4df0301b50ff6a8acfbb4301d6341c35721913268dd9d0b7da7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 05:39:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9045
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CRSFTKXV8GDR6MQS
x-amz-id-2: RkXVkccs4+5GiOFKtpgCScQadHngKcYqIozdqMQsDSzCqyi7U5ONTubn8t1I+FLxH4+/fmtxBMM=
last-modified: Mon, 01 Aug 2022 15:08:23 GMT
server: cloudflare
etag: W/"7526dc78259f02ba5565af3371bcac74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMRQ3NgxfJFj8XsrrnNJuYgocwVRSH%2FnhH3EDfxoMneswv9B1g8MVqEbqvSltKz2sVUsVQPciYZ7h6HzAQ59NfF0vC3A2u1G5kKGuZK2tgHmj%2BUUOUbrFZ8KNJkDlRZeS9alD83zBXA%2B5L%2Bdkc3VxE3JWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 734cb657d949917c-FRA

GET
H3 200 720.c053c26a1d9727fc1c4b.js Show response
static.cleverpush.com/sdk/chunk/ 46 KB
11 KB 16ms
16ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/720.c053c26a1d9727fc1c4b.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0862569f05e0683c2c23eff4024e17b147cbeeae4621cab03c195ff924c5f185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 05:39:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9045
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CRS7DNF7QW4ASR57
x-amz-id-2: Tvuj+LaTWF+/qiL/EsdCjYlLEHSOUhTfKSfF6pDizJcaokljoIBEFeyn4i/BjipRIp3sl5ZDBcA=
last-modified: Mon, 01 Aug 2022 15:08:23 GMT
server: cloudflare
etag: W/"9e65f97cea3671c77873d1f34b504c8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1K8f%2B%2BkI6DYfKMwbBY09oxuh0vzCfT6Q8Mv70MT%2BWMmeHC5UKlR8vIHfCQ%2BodPJprigWrVP36CRWE%2FtmYSvmsPUa7v9Xf%2BjLRjFb1yuo5%2Bqppull460L4Xx0FdA0BWNvmVmHQO9whRzGxjNaHmLW5N2Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 734cb657d94a917c-FRA

POST
H3 200 optin-visitor Show response
api.cleverpush.com/channel/ 16 B
716 B 47ms
29ms Fetch
application/json 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/optin-visitor

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json
Referer: https://11sup.sofortchancen.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Aug 2022 05:39:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
x-backend-server: cleverpush-worker-3
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BaY4aPdcxst5E96cocEyU6A%2Fqq0Kl5ofRNpENpMJ%2F0AFuTdh5efKPijYVJsEvMsmrHdYyG5VWe9bw41BPiiBCvOVqsa2zNm5ajkKYuza04in0v%2FL5dIPGQUiM8qsduNqYgNzYZqYwrD%2BpWqBhm5F6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-ray: 734cb6588e209b98-FRA
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language

OPTIONS
H2 200 optin-visitor
api.cleverpush.com/channel/ Frame 0
0 60ms
21ms Preflight
application/json 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/optin-visitor

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://11sup.sofortchancen.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 734cb6583f3390b5-FRA
content-length: 0
content-type: application/json; charset=utf-8
date: Wed, 03 Aug 2022 05:39:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KuvhIHIKxl6%2FUZcuWknDCmIrxf4jc%2BCN0%2BrPy57cmnR%2BTZ1u0xlaAFCOCOICC8UvNvo5OTpxdI8YRXiilza%2FdD9jiEy85KI59m38bdmOX0rrlcloxACvXkcy6mT6oHP5TwK74WZOsqYANHgoZAbtA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

POST
H3 200 confirm-alert Show response
api.cleverpush.com/channel/ 16 B
680 B 22ms
21ms Fetch
application/json 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/confirm-alert

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/4BPm8eKCLLtycAJE8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json
Referer: https://11sup.sofortchancen.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Aug 2022 05:39:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
x-backend-server: cleverpush-worker-3
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQ4yFvaAmxU3escxDUosQszE1%2FXtDxb9Z3K2iu3Pb9tSy%2BbcBUCHpbt97HgZ5j2IKUv%2F22T6EmRIgZ2KKh0UFpg4d3d4%2FEEuVCEES5MeBkMyuED3DU1YlJJJbK4q5Gp02xvt16aboENZUFSMv8bnFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-ray: 734cb65e8dae9b98-FRA
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language

GET
H3 200 defaultChannelIcon.png
static.cleverpush.com/app/images/ 732 B
1 KB 17ms
15ms Image
image/png 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cleverpush.com/app/images/defaultChannelIcon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11sup.sofortchancen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 05:39:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112771
cf-ray: 734cb65e69ad917c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 732
x-amz-id-2: oSx/7ONxgCLea1rVoYV6RQmgK+4auVuqqBwy/MRfEJZs4FvkuyRwAiVAZFzHuBxE/N3JHmRAfjw=
last-modified: Mon, 21 Oct 2019 13:42:31 GMT
server: cloudflare
etag: "dada142d4861c864d8d63e8cd5dd22dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGy5cwYcitCvokhIPhS%2F0xmQNu2bfWXZmDotf7fp8%2B8l%2F8f%2F6WD0CsFrk7ZtfmlytV244t94jzf%2Ffn6dWCFMAvnHOh2h%2FQ4dg%2FgsADogczONSPTvbomTv30FgwXOdgNVyZ9%2B0tMcNIpxS8PjoyYniGS9aA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: SRKAVG4XMRQ30HTZ
cache-control: max-age=2628000
accept-ranges: bytes
content-type: image/png

OPTIONS
H3 200 confirm-alert
api.cleverpush.com/channel/ Frame 0
0 26ms
24ms Preflight
application/json 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/confirm-alert

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://11sup.sofortchancen.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 734cb65e6d339b98-FRA
content-length: 0
content-type: application/json; charset=utf-8
date: Wed, 03 Aug 2022 05:39:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GMI6fKNrnU7xIunHcPWMGJZHcm3q6Lgyn4zgoaswaaPQbbUerbseAaSwwy%2BC64L1c9SCJws7mYngIwGSEi6hc%2Fg7dKyBAuWoSpSqOhPiY4J5RGiWVZfFUszomWc%2Bxgk6PivCoaSlDUHg%2FY%2BrsViag%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
laudypauty.com/	1970-01-20 04:58:28	Name: uid18054 Value: 1226850702-20220803003918-ebb75a0d9412a2766096dfa88eb0e04d-
ihre-tageschance.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: e1e477804d32d576bbd42f3fefb64626
ihre-tageschance.de/	1970-01-20 05:41:37	Name: coyoteTrackingCookie_1723 Value: 467561326
ihre-tageschance.de/	1970-01-20 05:41:37	Name: coyoteSimpleTrackingCookie Value: 467561326
11sup.sofortchancen.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: d9de7fc3f0afd32cfae714159a913ba1
11sup.sofortchancen.de/	1970-01-20 04:58:39	Name: coyoteAffiliTokenId2728 Value: 467561326
.sofortchancen.de/	1970-01-20 22:29:37	Name: _ga Value: GA1.2.684918732.1659505160
.sofortchancen.de/	1970-01-20 04:59:51	Name: _gid Value: GA1.2.928423608.1659505160
.sofortchancen.de/	1970-01-20 04:58:25	Name: _gat Value: 1
11sup.sofortchancen.de/	1970-01-20 13:44:01	Name: shield_FPC Value: SCIcnMLNxLHNsoIM7oxLgvTC1zwFsUjm6e
218a2560b3a2774254c9535b5e63c482d14d5e20.csftr.com/	1970-01-20 22:29:37	Name: shd_persistent Value: 6127709d-e7e4-4b59-a8dc-3ace872b6d04

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11sup.sofortchancen.de
218a2560b3a2774254c9535b5e63c482d14d5e20.csftr.com
ajax.aspnetcdn.com
api.cleverpush.com
arctollceoo.mycleverpush.com
burguerst.eu
d1cr9zxt7u0sgu.cloudfront.net
fonts.gstatic.com
ihre-tageschance.de
laudypauty.com
static.cleverpush.com
stats.g.doubleclick.net
tracking.antiktugla.eu
www.google-analytics.com
www.google.com
www.google.de
www.gstatic.com
147.135.167.155
152.199.19.160
159.69.145.0
18.66.121.27
188.95.252.36
2606:4700:20::681a:e1f
2606:4700:20::ac43:47b8
2606:4700:3108::ac42:28e7
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2004
2a00:1450:400c:c07::9c
52.21.33.16
94.23.161.19
0862569f05e0683c2c23eff4024e17b147cbeeae4621cab03c195ff924c5f185
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0e8e0e58a0c5a5e3f02b9167ed381b7cd5cd9907d8e29d2f4a01b9673e92fea2
157dfbc5e774868f99481fdcfaf1f3f171e9af31bf4e26e5e4638d14eed1b89e
15e9a4546d5ac8af8c3b083aa33a81541a69691625ce72cdb5e6fc1475b0c8c8
18fd591fd0c632708863aacb644fbe4b791def15db3a585dca2bb3669b710b76
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e6c1ada8a36b7a73bdab54507668e5f123c29a3300d19a82fa6a532ef731021
24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897
2a4d605dd6458a3aac55b7b19e22ea4de2832085f54fce11729ba0762b3d4dae
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
425afd9a7a5108ad89c3ee927323884bfe7d43d9eba87195e19d88f1e2c99853
4a4c46b8a193ff0825d07a0f3fe6c3b9df535ce9b26371a81be2384afbf0b30b
4aead7f6d3b427390e00d8182df9fbf855d57661f00a38dd030882e9f0e1df06
4bf3e1f6d9f6cd22f465c0b202ed398d227dc51e67c981de7f0606f6e022b603
4cb18a88ad0c38c0fd96673a51c77df277826ee27a05d97263e8344541eab70b
4f04cad72831d4df0301b50ff6a8acfbb4301d6341c35721913268dd9d0b7da7
5998c4e35c3c10a968ea65a2e658f3efd907290f782178d10195699423e0c903
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
6366f01fa6a51d50fd23bdcc9eea9cdd7f62e27222d0c7bce85d61bf94f68c50
74a96413e485cd35fbda080005625c69c520aacdf231da78697e17142ec8b0ff
75dd4d530ca7eea0398dfd9bb329cbf5e5aa055568f80e0592f92cd59a352853
79e06f1eed12d69174cf42a5e498858f9aa4dc6adaa9ad7043d387d3ef1e3c7d
7a3b23ef6057020443c65826159fbd95ab2648616acc583af05bec3c4a47e04b
7b6ee93a2476563632ddae3a1cb06f21f15dbfa567879bda2bcb31a0db5b8e03
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84bab018c3c5a57e389a625460a3777f504fa37e6230fd68ceab4c9e007d347a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855aad4742594f975c954db8924161495778d924cca3fb34a1aaea075f766621
895562fb3ab5dec78b28196e26938382110e8d1b109d54e99f736581d3f9bfaf
8961e4be2ef62533996d4f821f9fff0f36da8aa30242aeb5039322e1cf81d544
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a846f7af6f32f2be5cb922158882116af42816a0ff71506920e18a3ba89456b9
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b20d3ab2d5f4e45ca38fec4f63aa5af36974abef278c23faeeff4761f48d3607
b71af4aacfcf6686ecc6f95f30cfed1038c4bcb1a91229cd2cd3e44387f447e5
bad1717a32e0ce95412cb41bb0717f08423a5a96058d0147cd387b84c19006e6
c8f4db5cb5de6f37e5c8c89b69a21092e444ce66d65da692f2b297007a0c2963
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d8d7032bfb124576109d7c30ee7704ebda7ca9d649e6b91e372d2d6d2761983e
da792e6af3a69f64458cc23db3a7cfbaf3d3fa8fbc458e1757386c1afb1dbb20
e7b187b31119631622a0de2ca08cd3b2e63ac43edc3baa4b75d404da01e41e64
eb3eb3234394fd402890dd7269e4e35ffb9b4df7d0caba5eccc84f2cced2fbb9
ed3686f157f542dd6350eebe1cb91b236f2030532c0c358974edccb65fab12d6
ee16f3ddf9a9263254797764cbefb769d06e772345ccf658d13951a64318af34
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f164941997fbc7f7ed7d2a7c3e86b997d647f1910d93fdc2462dd86fd5affa48
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fc3377d915aecca25ce35744d51ad645537a289381907ec6a09465f47df2c052

11sup.sofortchancen.de Open in urlscan Pro 188.95.252.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

100 %HTTPS

56 %IPv6

15 Domains

17 Subdomains

15 IPs

5 Countries

1741 kBTransfer

2788 kBSize

11 Cookies

13 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

11sup.sofortchancen.de Open in urlscan Pro
188.95.252.36 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

56 %
IPv6

15
Domains

17
Subdomains

15
IPs

5
Countries

1741 kB
Transfer

2788 kB
Size

11
Cookies

60 HTTP transactions
2 data transactions