urlscan.io logo urlscan.io
SecurityTrails logo

desktop.kouwaiwai.de Open in urlscan Pro
89.191.67.206  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bestorican.com/
Effective URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer...
Submission: On November 01 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 16 domains to perform 36 HTTP transactions. The main IP is 89.191.67.206, located in Germany and belongs to MEGASPACE-AS, DE. The main domain is desktop.kouwaiwai.de.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 28th 2019. Valid for: 3 months.
This is the only time desktop.kouwaiwai.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 81.17.18.198 51852 (PLI-AS)
1 6 199.59.242.153 395082 (BODIS-NJ)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 1 108.168.193.183 36351 (SOFTLAYER)
1 1 198.134.116.30 27257 (WEBAIR-IN...)
1 1 52.207.32.96 14618 (AMAZON-AES)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2 2a05:d018:483... 16509 (AMAZON-02)
1 2a05:d018:483... 16509 (AMAZON-02)
1 13 89.191.67.79 34624 (MEGASPACE-AS)
2 89.191.67.206 34624 (MEGASPACE-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:300... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700:300... 13335 (CLOUDFLAR...)
36 13
2    81.17.18.198 (Switzerland)

ASN51852 (PLI-AS, CH)
bestorican.com
6    199.59.242.153 (United States)

ASN395082 (BODIS-NJ - Bodis, LLC, US)
ww1.bestorican.com
1    2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
4    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
5    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    108.168.193.183 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: b7.c1.a86c.ip4.static.sl-reverse.com
mybestdc.com
1    198.134.116.30 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
click.expmediadirect.com
1    52.207.32.96 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-207-32-96.compute-1.amazonaws.com
usd.lupus-bra.com
1    2606:4700:30::681f:5957 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
trk.reactorphone.com
2    2a05:d018:483:6110:1151:1546:9e4a:df36 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
cd-down.com
1    2a05:d018:483:6110:aea0:a7da:f2eb:7245 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
gdmconvtrck.com
13    89.191.67.79 (Germany)

ASN34624 (MEGASPACE-AS, DE)
PTR: srv1.rlcontrol.de
www.exklusive-preise.de
rlcontrol.de
www.rlcontrol.de
2    89.191.67.206 (Germany)

ASN34624 (MEGASPACE-AS, DE)
desktop.kouwaiwai.de
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.onesignal.com
1    2606:4700:300a::6813:c497 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com
1    2606:4700:300a::6813:c797 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
Domain Requested by
10 www.rlcontrol.de desktop.kouwaiwai.de
www.rlcontrol.de
6 ww1.bestorican.com 1 redirects bestorican.com
ww1.bestorican.com
5 fonts.gstatic.com www.rlcontrol.de
4 fonts.googleapis.com ww1.bestorican.com
desktop.kouwaiwai.de
2 cdnjs.cloudflare.com desktop.kouwaiwai.de
www.rlcontrol.de
2 desktop.kouwaiwai.de www.rlcontrol.de
2 www.exklusive-preise.de 1 redirects gdmconvtrck.com
2 cd-down.com 1 redirects ww1.bestorican.com
2 bestorican.com 1 redirects
1 code.jquery.com desktop.kouwaiwai.de
1 cdn.onesignal.com desktop.kouwaiwai.de
1 rlcontrol.de www.exklusive-preise.de
1 gdmconvtrck.com cd-down.com
1 trk.reactorphone.com 1 redirects
1 usd.lupus-bra.com 1 redirects
1 click.expmediadirect.com 1 redirects
1 mybestdc.com 1 redirects
1 www.google.com ww1.bestorican.com
36 18

This site contains links to these domains. Also see Links.

Domain
odoki.de
my-promobox.de
www.rlcontrol.de
Subject Issuer Validity Valid
*.googleapis.com
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
cd-down.com
Amazon		 2019-04-04 -
2020-05-04		 a year crt.sh
gdmconvtrck.com
Amazon		 2019-04-19 -
2020-05-19		 a year crt.sh
www.exklusive-preise.de
Sectigo RSA Domain Validation Secure Server CA		 2019-01-14 -
2020-04-13		 a year crt.sh
*.rlcontrol.de
Sectigo RSA Domain Validation Secure Server CA		 2019-01-15 -
2021-04-14		 2 years crt.sh
toutoanui.de
Let's Encrypt Authority X3		 2019-10-28 -
2020-01-26		 3 months crt.sh
ssl898578.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-10-11 -
2020-04-18		 6 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Frame ID: 1ACDB9CBBA3EC81F448B446018EB1082
Requests: 35 HTTP requests in this frame

Frame: https://rlcontrol.de/ftp/weiche_de_real-prizes.php
Frame ID: CEF5BB12AA17060FD44D9BA58F499301
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bestorican.com/ Page URL
  2. http://bestorican.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU3MjU... HTTP 302
    http://ww1.bestorican.com/ Page URL
  3. http://ww1.bestorican.com/rz?u=http%3A%2F%2Fmybestdc.com%2FaS%2Fsfclick%3Fu%3D5e085ee5-6532-4365-bf42-... HTTP 302
    http://mybestdc.com/aS/sfclick?u=5e085ee5-6532-4365-bf42-e7755d08f4e0 HTTP 302
    http://click.expmediadirect.com/click?i=YVOSiWJ20B4_0 HTTP 302
    http://usd.lupus-bra.com/zcvisitor/d81016a5-fc5a-11e9-928b-1292420b91a8?campaignid=063655f0-e458-11e9... HTTP 302
    https://trk.reactorphone.com/c/3010/e?clickid=zrd81016a5fc5a11e9928b1292420b91a84c7eebcd425b4c8b860c2e30c... HTTP 301
    https://cd-down.com/?a=79143&c=163068&s2=3010_l4p7fnqk6bgj5si1pf46uth1e9 Page URL
  4. https://cd-down.com/?a=79143&c=163068&oc=61888&sr=t&s2=3010_l4p7fnqk6bgj5si1pf46uth1e9&ref=http%... HTTP 302
    https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=85&idCampaignAd=0&subId=&su... Page URL
  5. https://www.exklusive-preise.de/DE,20160328,FlexBlocks,online_613.html?idPartner=85&idCampaignAd=0&subId=&su... HTTP 302
    https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

36
Requests

81 %
HTTPS

59 %
IPv6

16
Domains

18
Subdomains

13
IPs

5
Countries

867 kB
Transfer

1579 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bestorican.com/ Page URL
  2. http://bestorican.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU3MjU4NzQ2OSwiaWF0IjoxNTcyNTgwMjY5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIybjllcXIzMml1OHFxMDd1M3MwamNkY2MiLCJuYmYiOjE1NzI1ODAyNjksInRzIjoxNTcyNTgwMjY5NjcyMDAyfQ.4MqQQkj6hJ-XgukVql2inV6ZUwSarlr7cX-okmwKVg8&sid=d70b05b2-fc5a-11e9-9895-f0fea9379929 HTTP 302
    http://ww1.bestorican.com/ Page URL
  3. http://ww1.bestorican.com/rz?u=http%3A%2F%2Fmybestdc.com%2FaS%2Fsfclick%3Fu%3D5e085ee5-6532-4365-bf42-e7755d08f4e0&notadsafe HTTP 302
    http://mybestdc.com/aS/sfclick?u=5e085ee5-6532-4365-bf42-e7755d08f4e0 HTTP 302
    http://click.expmediadirect.com/click?i=YVOSiWJ20B4_0 HTTP 302
    http://usd.lupus-bra.com/zcvisitor/d81016a5-fc5a-11e9-928b-1292420b91a8?campaignid=063655f0-e458-11e9-ae98-12077332b422 HTTP 302
    https://trk.reactorphone.com/c/3010/e?clickid=zrd81016a5fc5a11e9928b1292420b91a84c7eebcd425b4c8b860c2e30cbcb9d4c0423630d9e37b38eb7&cost=0.000160&target=echo-bam-gkyMh0vd&source=spadiceous-peacock&geo=DE&visitor_type=NON-ADULT&campaign_id=1278612&os=MacOS&browser=Chrome&carrier=unknown HTTP 301
    https://cd-down.com/?a=79143&c=163068&s2=3010_l4p7fnqk6bgj5si1pf46uth1e9 Page URL
  4. https://cd-down.com/?a=79143&c=163068&oc=61888&sr=t&s2=3010_l4p7fnqk6bgj5si1pf46uth1e9&ref=http%3A%2F%2Fww1.bestorican.com%2F&vt=1572580272977&h=63f590d4d2d66a62163cbee2507458784b5be562&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D79143%26c%3D163068%26s2%3D3010_l4p7fnqk6bgj5si1pf46uth1e9&us=d9f463e3870d47aa8ebc3f1eff003d51 HTTP 302
    https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=85&idCampaignAd=0&subId=&subIdentifier=cbf97ea9f70e421e9fa3b40052d0cbe7c374&uniqueId=79143&rlmset=amazon500_de Page URL
  5. https://www.exklusive-preise.de/DE,20160328,FlexBlocks,online_613.html?idPartner=85&idCampaignAd=0&subId=&subIdentifier=cbf97ea9f70e421e9fa3b40052d0cbe7c374&uniqueId=79143&rlmset=amazon500_de&switchReferer=https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html HTTP 302
    https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://bestorican.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU3MjU4NzQ2OSwiaWF0IjoxNTcyNTgwMjY5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIybjllcXIzMml1OHFxMDd1M3MwamNkY2MiLCJuYmYiOjE1NzI1ODAyNjksInRzIjoxNTcyNTgwMjY5NjcyMDAyfQ.4MqQQkj6hJ-XgukVql2inV6ZUwSarlr7cX-okmwKVg8&sid=d70b05b2-fc5a-11e9-9895-f0fea9379929 HTTP 302
  • http://ww1.bestorican.com/
Request Chain 10
  • http://ww1.bestorican.com/rz?u=http%3A%2F%2Fmybestdc.com%2FaS%2Fsfclick%3Fu%3D5e085ee5-6532-4365-bf42-e7755d08f4e0&notadsafe HTTP 302
  • http://mybestdc.com/aS/sfclick?u=5e085ee5-6532-4365-bf42-e7755d08f4e0 HTTP 302
  • http://click.expmediadirect.com/click?i=YVOSiWJ20B4_0 HTTP 302
  • http://usd.lupus-bra.com/zcvisitor/d81016a5-fc5a-11e9-928b-1292420b91a8?campaignid=063655f0-e458-11e9-ae98-12077332b422 HTTP 302
  • https://trk.reactorphone.com/c/3010/e?clickid=zrd81016a5fc5a11e9928b1292420b91a84c7eebcd425b4c8b860c2e30cbcb9d4c0423630d9e37b38eb7&cost=0.000160&target=echo-bam-gkyMh0vd&source=spadiceous-peacock&geo=DE&visitor_type=NON-ADULT&campaign_id=1278612&os=MacOS&browser=Chrome&carrier=unknown HTTP 301
  • https://cd-down.com/?a=79143&c=163068&s2=3010_l4p7fnqk6bgj5si1pf46uth1e9
Request Chain 12
  • https://cd-down.com/?a=79143&c=163068&oc=61888&sr=t&s2=3010_l4p7fnqk6bgj5si1pf46uth1e9&ref=http%3A%2F%2Fww1.bestorican.com%2F&vt=1572580272977&h=63f590d4d2d66a62163cbee2507458784b5be562&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D79143%26c%3D163068%26s2%3D3010_l4p7fnqk6bgj5si1pf46uth1e9&us=d9f463e3870d47aa8ebc3f1eff003d51 HTTP 302
  • https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=85&idCampaignAd=0&subId=&subIdentifier=cbf97ea9f70e421e9fa3b40052d0cbe7c374&uniqueId=79143&rlmset=amazon500_de

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bestorican.com/ 		470 B
828 B 		Document
General
Check archive.org
Download Go to
Full URL
http://bestorican.com/
Protocol
HTTP/1.1
Server
81.17.18.198 , Switzerland, ASN51852 (PLI-AS, CH),
Reverse DNS
Software
nginx /
Resource Hash
907574f22df60cff68794bcd60c03efeadfe61546fe6c19f69430105c4302675

Request headers

Host
bestorican.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
470
content-type
text/html; charset=utf-8
date
Fri, 01 Nov 2019 03:51:09 GMT
server
nginx
set-cookie
sid=d70b05b2-fc5a-11e9-9895-f0fea9379929; path=/; domain=.bestorican.com; expires=Wed, 19 Nov 2087 07:05:16 GMT; max-age=2147483647; HttpOnly
/
ww1.bestorican.com/
Redirect Chain
  • http://bestorican.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTU3MjU4NzQ2OSwiaWF0IjoxNTcyNTgwMjY5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIybjllcXIzMml1OHFxMDd1M3MwamNkY2...
  • http://ww1.bestorican.com/
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww1.bestorican.com/
Requested by
Host: bestorican.com
URL: http://bestorican.com/
Protocol
HTTP/1.1
Server
199.59.242.153 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
8ed6e6310eed30856e63e9ac243194c15fab7877a9ef711015d0bc65d269dcf8

Request headers

Host
ww1.bestorican.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://bestorican.com/
Accept-Encoding
gzip, deflate
Cookie
sid=d70b05b2-fc5a-11e9-9895-f0fea9379929
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Referer
http://bestorican.com/

Response headers

Server
openresty
Date
Fri, 01 Nov 2019 03:51:10 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_Zgsj9w9jWbefe0NK+HYhChaSIg9pZKLeY6RJtW9q7GM96Nf/GQRLPDIqxbtnH96o7+m0saVVRLD/RsAMjBvk0w==

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Fri, 01 Nov 2019 03:51:10 GMT
location
http://ww1.bestorican.com
server
nginx
set-cookie
sid=d70b05b2-fc5a-11e9-9895-f0fea9379929; path=/; domain=.bestorican.com; expires=Wed, 19 Nov 2087 07:05:17 GMT; max-age=2147483647; HttpOnly
caf.js
www.google.com/adsense/domains/ 		155 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.google.com/adsense/domains/caf.js
Requested by
Host: ww1.bestorican.com
URL: http://ww1.bestorican.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b755340ed25bfca9e087ba92cb7c49eaa3cebbb75f3221d25c9af2d9f3bce288
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ww1.bestorican.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 01 Nov 2019 03:51:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"2454036914725892958"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
0
Expires
Fri, 01 Nov 2019 03:51:10 GMT
px.gif
ww1.bestorican.com/ 		42 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ww1.bestorican.com/px.gif?ch=1&rn=6.305107420526384
Requested by
Host: ww1.bestorican.com
URL: http://ww1.bestorican.com/
Protocol
HTTP/1.1
Server
199.59.242.153 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://ww1.bestorican.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 01 Nov 2019 03:51:10 GMT
Last-Modified
Wed, 16 Oct 2019 12:53:26 GMT
Server
openresty
ETag
"5da712c6-2a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
px.gif
ww1.bestorican.com/ 		42 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ww1.bestorican.com/px.gif?ch=2&rn=6.305107420526384
Requested by
Host: ww1.bestorican.com
URL: http://ww1.bestorican.com/
Protocol
HTTP/1.1
Server
199.59.242.153 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://ww1.bestorican.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 01 Nov 2019 03:51:10 GMT
Last-Modified
Wed, 16 Oct 2019 12:53:20 GMT
Server
openresty
ETag
"5da712c0-2a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
glp
ww1.bestorican.com/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ww1.bestorican.com/glp?r=http%3A%2F%2Fbestorican.com%2F&u=http%3A%2F%2Fww1.bestorican.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Requested by
Host: ww1.bestorican.com
URL: http://ww1.bestorican.com/
Protocol
HTTP/1.1
Server
199.59.242.153 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
a40fee360f183c4eb36995f3403ebe9eb9cf67ce65666d3a0da9ce8afeec7f51

Request headers

Referer
http://ww1.bestorican.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Nov 2019 03:51:10 GMT
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
css
fonts.googleapis.com/ 		5 KB
686 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Requested by
Host: ww1.bestorican.com
URL: http://ww1.bestorican.com/glp?r=http%3A%2F%2Fbestorican.com%2F&u=http%3A%2F%2Fww1.bestorican.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
b0da72d60d5dd29e3d180e7c87781f30223e27ea0b0de30826ce5a4279f2319d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ww1.bestorican.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 01 Nov 2019 03:51:11 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 01 Nov 2019 03:51:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 01 Nov 2019 03:51:11 GMT
gzb
ww1.bestorican.com/ 		146 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww1.bestorican.com/gzb
Requested by
Host: ww1.bestorican.com
URL: http://ww1.bestorican.com/glp?r=http%3A%2F%2Fbestorican.com%2F&u=http%3A%2F%2Fww1.bestorican.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol
HTTP/1.1
Server
199.59.242.153 , United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Referer
http://ww1.bestorican.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 01 Nov 2019 03:51:11 GMT
Server
openresty
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
146
Expires
Mon, 26 Jul 1997 05:00:00 GMT
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin
http://ww1.bestorican.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Wed, 30 Oct 2019 07:29:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:37 GMT
server
sffe
age
159729
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9016
x-xss-protection
0
expires
Thu, 29 Oct 2020 07:29:02 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin
http://ww1.bestorican.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 10:18:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
63188
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9132
x-xss-protection
0
expires
Fri, 30 Oct 2020 10:18:03 GMT
/
cd-down.com/
Redirect Chain
  • http://ww1.bestorican.com/rz?u=http%3A%2F%2Fmybestdc.com%2FaS%2Fsfclick%3Fu%3D5e085ee5-6532-4365-bf42-e7755d08f4e0&notadsafe
  • http://mybestdc.com/aS/sfclick?u=5e085ee5-6532-4365-bf42-e7755d08f4e0
  • http://click.expmediadirect.com/click?i=YVOSiWJ20B4_0
  • http://usd.lupus-bra.com/zcvisitor/d81016a5-fc5a-11e9-928b-1292420b91a8?campaignid=063655f0-e458-11e9-ae98-12077332b422
  • https://trk.reactorphone.com/c/3010/e?clickid=zrd81016a5fc5a11e9928b1292420b91a84c7eebcd425b4c8b860c2e30cbcb9d4c0423630d9e37b38eb7&cost=0.000160&target=echo-bam-gkyMh0vd&source=spadiceous-peacock&g...
  • https://cd-down.com/?a=79143&c=163068&s2=3010_l4p7fnqk6bgj5si1pf46uth1e9
2 KB
923 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cd-down.com/?a=79143&c=163068&s2=3010_l4p7fnqk6bgj5si1pf46uth1e9
Requested by
Host: ww1.bestorican.com
URL: http://ww1.bestorican.com/glp?r=http%3A%2F%2Fbestorican.com%2F&u=http%3A%2F%2Fww1.bestorican.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:483:6110:1151:1546:9e4a:df36 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
0a8d9160b583e71648abef1451a81c8bb23044668ca660048255b14ccf37a27f

Request headers

:method
GET
:authority
cd-down.com
:scheme
https
:path
/?a=79143&c=163068&s2=3010_l4p7fnqk6bgj5si1pf46uth1e9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://ww1.bestorican.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Referer
http://ww1.bestorican.com/

Response headers

status
200
date
Fri, 01 Nov 2019 03:51:12 GMT
content-type
text/html;charset=utf-8
server
nginx
vary
Accept-Encoding
cache-control
no-cache, must-revalidate
pragma
no-cache
expires
Sat, 1 May 2020 12:00:00 GMT
content-encoding
gzip

Redirect headers

status
301
date
Fri, 01 Nov 2019 03:51:12 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dfb79ffa3fb2d4a155a9a1b78af3cae6f1572580272; expires=Sat, 31-Oct-20 03:51:12 GMT; path=/; domain=.reactorphone.com; HttpOnly impression_id=eyJpdiI6Im4yTzZFY3lRZFwvOVBOSmk4bk9WMFN3PT0iLCJ2YWx1ZSI6IlZ1M1N5eCt4ekx1ZlZNM2Y0ZG5xWGRLaWtkMysrTVpOcEZQZmxFczM2VkE9IiwibWFjIjoiMWVmMTE1MWYyZDZmYmE3YjdlM2E5NGI1N2EyZmIwNmYzOWFjODE1ZTgxNWU1NTQwOTc3OGJkMWYxYTRkM2I1OCJ9; expires=Wed, 29-Apr-2020 03:51:12 GMT; Max-Age=15552000; path=/ cid=eyJpdiI6IjdYMVVrYmc3WmZ3RHhzN2l6K1Jzdmc9PSIsInZhbHVlIjoidU5aenl3UzBYYWk2TmEwdllUUVJjUT09IiwibWFjIjoiMTJhMGNlMDJlYmE4NjM1ZmMxNGE3ZGMzMmRkMWNiZjk3NzJiYWY4NzZmMTc4NzRkODJlZTY5MjIxZmE1YzBiOSJ9; expires=Wed, 29-Apr-2020 03:51:12 GMT; Max-Age=15552000; path=/ at_session=eyJpdiI6ImtVckNnOUNaQXNVZXVXWTVMRnc5Tmc9PSIsInZhbHVlIjoiczZLVUNCT0VhYlBVS1VkaFI0V0JOYTdNdXBmQnhCaFFJTjRlYmZvbVBwS3U4XC9HSEhCaDhidzN2NTN2UllnSTYiLCJtYWMiOiI4ZDhiNDU2ZTNjODZkN2RiYTA1MDlmZmMzOWUwNWIyNGVkYTJlOGEzYzVmMTVkMGYxMGQwYzAwYjJjN2M5YjM1In0%3D; expires=Fri, 01-Nov-2019 05:51:12 GMT; Max-Age=7200; path=/; httponly Jyc3Colyjd8Ia2xX6JUCUrJxqasxVRPDj7nFXvMA=eyJpdiI6ImRTZWhmQjVWeFpOZFBaVVVDQThMUVE9PSIsInZhbHVlIjoid0dNMXJmOHVDWTdsa2tEYWpEeU5PNU5PelhteGREWFBEM2wxT25wNG90NGo5Skd2WVBjVXBseGRtY05peWJxQ1d3TE1hZmJidmRLWkk1RjBKd2JwN09UbFBiTzlTeWg2QnZSZ2tPVEN2ZUc4WnRpYmtIVWZOMWNhRmVJNWExa296NW8yXC8xNFBhKzhEcXBkbGNSTVB6TGhsVFo0Y2t2NzB4dFdCUCtCWXVybmJXYlVjUmsyUFZZbVNxUzYxQVNlZndXK0Q5YmNYVzlnaDNscDZQQ0REZE1KSXhFcE02WVg3cDIxbzQrMXlHMDVKellGOEhpdUpwaVdpcUNBMXVGXC9rWHlmdldqaXRJK08zdDlFXC9FNnBxT0pORUNrZmJoamJ5M1RMNzB0MVljeVNFaXk0cXUyS0dlU1dBMjltYWRLUWJcLzhORG95ckJYTUtyNVlRNVVydXlBelQ4VlwvMUVOY1haeHZTYXp1TUp1UDdqbVV0blFXNldESE45ZGxUb2lxejNVVjBkUHFVMnV2Rml2YlRRdVdqRVU5b09hM3BHUXRtbVZpWXVrTzJkT1FuU3MrNnpOTTNJZWpXZVl6ckU4N2ZnK0ppRjdRaUZEMHF5ajRSclpyRUdYY3NpNUtBOUFxc1Jab0Rqa3RrQ2xTVlVIRkNKaUlzWWtjVGFXUktoWkg1dEJ0S1FXVnljTWkycE5MRXYzUVgwc0VLMDI4RzFpR0xcL0NOMjVcL0pmZ0Fxd2pYOTFyY2tJclUzVVpsSXFsczZneDlzRzZHSmdPNUhTMDYxK0NrV0pVOVE4TUNDSU1nMkFpS3ZKQlRiWGhqcEErek5HYm5WZHpNamZyWnNHZFJnMnFaRkpIQnJsS3RpTEtQZWFMN09PNXR5MGNxOWNqZFdaMUJpVGRMTlpwQTQwPSIsIm1hYyI6IjA0NjJkM2Y1NmU3Mjk1YzQ4NzgyNzNjOWNlMWQ3ZGNhNjc5YWE1ZTVmZWViOGEwNDAzZGM4OTc3ZGIwNzRkOTAifQ%3D%3D; expires=Fri, 01-Nov-2019 05:51:12 GMT; Max-Age=7200; path=/; httponly
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Cookie, X-request-with, X-Requested-With, Authorization
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
location
https://cd-down.com/?a=79143&c=163068&s2=3010_l4p7fnqk6bgj5si1pf46uth1e9
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
52eae8ae7cb0cbac-VIE
trck
gdmconvtrck.com/ 		1 KB
876 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gdmconvtrck.com/trck
Requested by
Host: cd-down.com
URL: https://cd-down.com/?a=79143&c=163068&s2=3010_l4p7fnqk6bgj5si1pf46uth1e9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:483:6110:aea0:a7da:f2eb:7245 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
37236c40e62d283da9e33887421179b1b2b6e9939ff3e2bfb79721cf875c37c7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cd-down.com/?a=79143&c=163068&s2=3010_l4p7fnqk6bgj5si1pf46uth1e9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Nov 2019 03:51:13 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Sat, 1 May 2020 12:00:00 GMT
Cookie set de,20160420,weiche,flexblocks_624.html
www.exklusive-preise.de/
Redirect Chain
  • https://cd-down.com/?a=79143&c=163068&oc=61888&sr=t&s2=3010_l4p7fnqk6bgj5si1pf46uth1e9&ref=http%3A%2F%2Fww1.bestorican.com%2F&vt=1572580272977&h=63f590d4d2d66a62163cbee2507458784b5be562&req=https%3...
  • https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=85&idCampaignAd=0&subId=&subIdentifier=cbf97ea9f70e421e9fa3b40052d0cbe7c374&uniqueId=79143&rlmset=amazon500_de
776 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=85&idCampaignAd=0&subId=&subIdentifier=cbf97ea9f70e421e9fa3b40052d0cbe7c374&uniqueId=79143&rlmset=amazon500_de
Requested by
Host: gdmconvtrck.com
URL: https://gdmconvtrck.com/trck
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) / PHP/5.6.40-0+deb8u6
Resource Hash
73252363e8f1ef98ad515d39a686e08c38b766004f1a15c9eecacacc259e136c

Request headers

Host
www.exklusive-preise.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://cd-down.com/?a=79143&c=163068&s2=3010_l4p7fnqk6bgj5si1pf46uth1e9
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://cd-down.com/?a=79143&c=163068&s2=3010_l4p7fnqk6bgj5si1pf46uth1e9

Response headers

Date
Fri, 01 Nov 2019 03:51:13 GMT
Server
Apache/2.4.10 (Debian)
X-Powered-By
PHP/5.6.40-0+deb8u6
Set-Cookie
PHPSESSID=1tt8sivv8lfj15sfqpo6cj2ak4; path=/ coyoteTrackingCookie_624=360530765; expires=Sun, 01-Dec-2019 03:51:13 GMT; Max-Age=2592000; path=/ coyoteSimpleTrackingCookie=360530765; expires=Sat, 02-Nov-2019 03:51:13 GMT; Max-Age=86400; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
442
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

status
302
date
Fri, 01 Nov 2019 03:51:13 GMT
content-type
text/html;charset=ISO-8859-1
location
https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=85&idCampaignAd=0&subId=&subIdentifier=cbf97ea9f70e421e9fa3b40052d0cbe7c374&uniqueId=79143&rlmset=amazon500_de
server
nginx
set-cookie
gdm_suid_v1_1_001=oc6gnnEFjr3U9du588rT50JxsrX/S2b6RC0EKWpycBkYz3FlCmLrV+lQRannGnrU; Expires=Thu, 30-Jan-2020 03:51:13 GMT gdm_click_adv_freq_v1_1_001=fLD5x/On/zUg7UtwirCWoNjZFA30FeESBpP1go+I27cCuOhzM7GtIu5T+yZV/POD; Expires=Thu, 30-Jan-2020 03:51:13 GMT gdm_uid_v1_1_001=oc6gnnEFjr3U9du588rT50JxsrX/S2b6RC0EKWpycBkYz3FlCmLrV+lQRannGnrU; Expires=Thu, 30-Jan-2020 03:51:13 GMT gdm_click_freq_v1_1_001=SLf5VZQZjh4zJum4DHNGMk2LlvOa+GJebWO4UwLlJWbZnEiyv5Yj6GgeBlmrZ89+; Expires=Thu, 30-Jan-2020 03:51:13 GMT gdm_sid_v1_3_001=af4GCE98NuWOW7JfpLKc8lskB9KDvKqUijzeddf5kZZTLz5bvJ9qFLLd81paDuX8l+up9dzrcJm0qSMnlQMheJGJ+9HDPm+RdmTGN1kqS/lyPBDj1V4e2uWLltg+vgCdstfamYGMcOzPciJnt3NfkNu5rpZ9pH2k9MSBDv//jp+uLXfUNFbSia0n8/5sFW8zDCeeC6jzynAJ3wEur/h5Os876y0CeAVNjcaSE7M4BuvDlF3oW7K1ztySzqw1YTCnbwY8DOE7eJv6pW8zIWlUOO3FY+rzTIbbukPGW0mUj407hgEsVbY4Dm1ZoCw9Kr9uGQqBUMtnYVTr4pLZGw80tYVQN5nV0N9UjFca31qQnZvD42J0o1yoQx1DkU+ZFy/7/TOSKG8KMmlKKcWCU7vIoUmkHm9KJOFijW6DAsbQgxRK0+j6ICXKJkUxagVCxSZvaUDVnG3/RNv2uq6DPlSxZoptRsI6Yo0WIDSQnWotppna7okPU1WmD/RhfusXLvbrAsv7wuyiID+PMLl3McGFy/aVaoTmOEQb5v6qEINPfaJnS8TvPiQiOvbgMNXFJMSnWgzKS7y7Lgq+3RiU6V6XIUMfTJrNALKRlf4PA6+iNX03GLQgyea9Bdlww6W8FvRXJPrZaCeHBZRRHWTsVypHaO15z4RvIpBMW8bZ6tW28bS6vn5cbgUf1ZejeCgyu+zFMx1IcNG/qBXlB/P8TmRvnblZ5pMU07KQMu6YdhelTBQ6MUB/Kt9xrs2a9/buaFinH1WKYZqLx/jd+OaoApKgKJ/rlN0apC563GnPpyPdBIAubWPDdzRpX1Niv049FdKH2QGWq4n2vHC+9nTMi4jH36iRPPcyxFRd91J0tvPOUar2xd8g2Jg0ROAtfVgyArMThDR3VdZVpCbPBe4j23xhmmV5FLxONFoLF4HUHhGgSPbpUlQdN0IsZx5U0EXE3U1EiCQEd2Pi4bZnbpoKRDvh/w==; Expires=Thu, 30-Jan-2020 03:51:13 GMT
content-language
en-US
weiche_de_real-prizes.php
rlcontrol.de/ftp/ Frame CEF5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rlcontrol.de/ftp/weiche_de_real-prizes.php
Requested by
Host: www.exklusive-preise.de
URL: https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=85&idCampaignAd=0&subId=&subIdentifier=cbf97ea9f70e421e9fa3b40052d0cbe7c374&uniqueId=79143&rlmset=amazon500_de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) / PHP/5.6.40-0+deb8u6
Resource Hash

Request headers

Host
rlcontrol.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=85&idCampaignAd=0&subId=&subIdentifier=cbf97ea9f70e421e9fa3b40052d0cbe7c374&uniqueId=79143&rlmset=amazon500_de
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=85&idCampaignAd=0&subId=&subIdentifier=cbf97ea9f70e421e9fa3b40052d0cbe7c374&uniqueId=79143&rlmset=amazon500_de

Response headers

Date
Fri, 01 Nov 2019 03:51:13 GMT
Server
Apache/2.4.10 (Debian)
Vary
Host,Accept-Encoding
X-Powered-By
PHP/5.6.40-0+deb8u6
Content-Encoding
gzip
Content-Length
421
Connection
close
Content-Type
text/html; charset=UTF-8
Primary Request Cookie set campaign_496.html
desktop.kouwaiwai.de/
Redirect Chain
  • https://www.exklusive-preise.de/DE,20160328,FlexBlocks,online_613.html?idPartner=85&idCampaignAd=0&subId=&subIdentifier=cbf97ea9f70e421e9fa3b40052d0cbe7c374&uniqueId=79143&rlmset=amazon500_de&switc...
  • https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexbl...
69 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.206 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
Software
Apache/2.4.10 (Debian) / PHP/5.6.40-0+deb8u6
Resource Hash
00d254abbe39f6db9f961d302a5f0cd3b3dbfbe8d7c7b6517bac2bf557096e61

Request headers

Host
desktop.kouwaiwai.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://rlcontrol.de/ftp/weiche_de_real-prizes.php
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://rlcontrol.de/ftp/weiche_de_real-prizes.php

Response headers

Date
Fri, 01 Nov 2019 03:51:13 GMT
Server
Apache/2.4.10 (Debian)
X-Powered-By
PHP/5.6.40-0+deb8u6
Set-Cookie
PHPSESSID=04fh6tudga501p2qshotirjeq0; path=/ coyoteAffiliTokenId496=360530766; expires=Fri, 01-Nov-2019 07:51:13 GMT; Max-Age=14400; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
10482
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Fri, 01 Nov 2019 03:51:13 GMT
Server
Apache/2.4.10 (Debian)
X-Powered-By
PHP/5.6.40-0+deb8u6
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
coyoteTrackingCookie_613=360530766; expires=Sun, 01-Dec-2019 03:51:13 GMT; Max-Age=2592000; path=/ coyoteSimpleTrackingCookie=360530766; expires=Sat, 02-Nov-2019 03:51:13 GMT; Max-Age=86400; path=/
Location
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Content-Length
2
Connection
close
Content-Type
text/html; charset=UTF-8
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
44aae6fbe386483965d5e393b0618b2bf5e27a6910b8f3e9ff3cadd62bacbabd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 01 Nov 2019 03:51:13 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
578
etag
W/"967648c5f43f1acc3f64970983a5d03f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
52eae8b58b22cb9c-VIE
expires
Fri, 01 Nov 2019 15:51:13 GMT
reset.css
www.rlcontrol.de/ftp/flexblocks/css/ 		812 B
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/css/reset.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
27b68b172858b007dc7b2fc3ac81b6a87924bc8520f5592850a1283a65b69af3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 01 Nov 2019 03:51:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Mar 2017 10:51:53 GMT
Server
Apache/2.4.10 (Debian)
ETag
"32c-54a4a08790043-gzip"
Vary
Host,Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
489
bootstrap.min.css
www.rlcontrol.de/ftp/flexblocks/css/ 		114 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/css/bootstrap.min.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
d31bef450ee67b64f9b70bfdf41fe4e00c65438705cc1fbb48ea6026d3a5d697

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 01 Nov 2019 03:51:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Mar 2017 10:51:42 GMT
Server
Apache/2.4.10 (Debian)
ETag
"1c99e-54a4a07d3b832-gzip"
Vary
Host,Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
19218
awesome-bootstrap-checkbox.css
www.rlcontrol.de/ftp/flexblocks/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/css/awesome-bootstrap-checkbox.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
984d6e82dce7262e5c27733ab7c2521a1f25f4a3ec2a1839620e053d3eec78bb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 01 Nov 2019 03:51:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Mar 2017 10:51:42 GMT
Server
Apache/2.4.10 (Debian)
ETag
"1a50-54a4a07c909d9-gzip"
Vary
Host,Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
1046
general_tile_coregs_dynamic_desktop_de.css
www.rlcontrol.de/ftp/flexblocks/css/ 		53 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/css/general_tile_coregs_dynamic_desktop_de.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
ef82e74f6f6990329deb8e624baaa319380550e92d4a034929886357899a1735

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 01 Nov 2019 03:51:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Jun 2019 14:10:30 GMT
Server
Apache/2.4.10 (Debian)
ETag
"d240-58b99acdf74b8-gzip"
Vary
Host,Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
9742
balloon.min.css
www.rlcontrol.de/ftp/flexblocks/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/css/balloon.min.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
4122f214f47bf170342826a86092121db1a8ac7cb3c0f899a1ede8b6b96f27c8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 01 Nov 2019 03:51:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Mar 2017 09:05:10 GMT
Server
Apache/2.4.10 (Debian)
ETag
"1571-54b39f0e4b2f6-gzip"
Vary
Host,Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
1087
css
fonts.googleapis.com/ 		2 KB
502 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,900,700
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
5eecac60daf67e9978b368ef66fe2b25e1f0a61da04d77ee55905ac53d1a1cf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 01 Nov 2019 03:51:13 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 01 Nov 2019 03:51:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 01 Nov 2019 03:51:13 GMT
css
fonts.googleapis.com/ 		460 B
348 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Calligraffitti
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
7f4e31beb4137909805be8ecdd8a5417036e606d0f5105a9cb4cdf2d2356f1d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 01 Nov 2019 03:51:13 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 01 Nov 2019 03:51:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 01 Nov 2019 03:51:13 GMT
css
fonts.googleapis.com/ 		423 B
331 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Satisfy
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
78acf37b6c980a9d638c2a825bf0e419f65d68d6fffab3f3063270151f5aadec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 01 Nov 2019 03:51:13 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 01 Nov 2019 03:51:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 01 Nov 2019 03:51:13 GMT
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300a::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
082b0736a3408950e50fd65a090921003fe83d89ec6e3084549a01d5dfa9e854
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 01 Nov 2019 03:51:13 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
2493357
status
200
alt-svc
h3-23=":443"; ma=86400
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:19:53 GMT
server
cloudflare
etag
W/"5afd4939-81d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
52eae8b4f86a358e-LHR
expires
Wed, 21 Oct 2020 03:51:13 GMT
jquery.js
www.rlcontrol.de/ftp/flexblocks/scripts/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 01 Nov 2019 03:51:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Nov 2016 15:23:29 GMT
Server
Apache/2.4.10 (Debian)
ETag
"14915-541d13ce2b8df-gzip"
Vary
Host,Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
29497
bootstrap.min.js
www.rlcontrol.de/ftp/flexblocks/scripts/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/scripts/bootstrap.min.js
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 01 Nov 2019 03:51:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Nov 2016 15:23:25 GMT
Server
Apache/2.4.10 (Debian)
ETag
"9004-541d13caa3446-gzip"
Vary
Host,Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
9765
jquery-ui.min.js
code.jquery.com/ui/1.11.3/ 		234 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.11.3/jquery-ui.min.js
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
c48feaca5f6fa70585397cfbfb1ffd5a41b98ff4959d2c36d6f8b2f1f5b06de1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 01 Nov 2019 03:51:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Feb 2015 18:05:20 GMT
Server
nginx
ETag
W/"54dceb60-3a99b"
Vary
Accept-Encoding
X-HW
1572580273.dop017.fr8.shc,1572580273.dop017.fr8.t,1572580273.cds122.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
64209
rlm_flex_tile_coregs_dynamic_desktop_de.js
www.rlcontrol.de/ftp/flexblocks/scripts/ 		152 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/scripts/rlm_flex_tile_coregs_dynamic_desktop_de.js
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
7c7a72688694d2553c8023ef8f18ca3d45e065f939249af0dcac2c3ac8f09d45

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 01 Nov 2019 03:51:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jul 2019 14:38:56 GMT
Server
Apache/2.4.10 (Debian)
ETag
"2618f-58ee6f7ef3bc7-gzip"
Vary
Host,Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
32253
amazon500_de.json
desktop.kouwaiwai.de/ftp/flexblocks/rlmsets/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://desktop.kouwaiwai.de/ftp/flexblocks/rlmsets/amazon500_de.json?format=json&_=1572580273607
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.206 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
Software
Apache/2.4.10 (Debian) /
Resource Hash
6435dca93f3980ffdecd928f960f0c92cef5889646eb1adba40d757be00bb4f3

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Fri, 01 Nov 2019 03:51:13 GMT
Last-Modified
Wed, 09 Oct 2019 11:48:47 GMT
Server
Apache/2.4.10 (Debian)
ETag
"8db-59478de28809a"
Content-Type
application/json
Connection
close
Accept-Ranges
bytes
Content-Length
2267
greylinetvbg.jpg
www.rlcontrol.de/ftp/flexblocks/build/background/ 		217 KB
218 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rlcontrol.de/ftp/flexblocks/build/background/greylinetvbg.jpg
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
665a216355656dfc377ec1a2d1c7c7f86314fc03cebb10cbe68ed973ef4b9418

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 01 Nov 2019 03:51:13 GMT
Last-Modified
Wed, 09 Oct 2019 08:39:55 GMT
Server
Apache/2.4.10 (Debian)
ETag
"36586-594763ab9bb5c"
Vary
Host
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
222598
amazon500desktop.png
www.rlcontrol.de/ftp/flexblocks/build/promotion/ 		262 KB
262 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rlcontrol.de/ftp/flexblocks/build/promotion/amazon500desktop.png
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
371029ae4b61380d7fb843adc9456cf8b155429a2d967e78c0179ced448ee20c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=360530766&uniqueId=79143&rlmset=amazon500_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 01 Nov 2019 03:51:13 GMT
Last-Modified
Wed, 09 Oct 2019 11:41:35 GMT
Server
Apache/2.4.10 (Debian)
ETag
"4178c-59478c466bf64"
Vary
Host
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
268172
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:400,900,700
Origin
https://desktop.kouwaiwai.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 23:36:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
188085
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14044
x-xss-protection
0
expires
Wed, 28 Oct 2020 23:36:28 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:400,900,700
Origin
https://desktop.kouwaiwai.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 07:04:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:54 GMT
server
sffe
age
74780
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14176
x-xss-protection
0
expires
Fri, 30 Oct 2020 07:04:53 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300a::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
cors
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.css
Origin
https://desktop.kouwaiwai.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 01 Nov 2019 03:51:13 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
17214212
status
200
alt-svc
h3-23=":443"; ma=86400
content-length
66624
served-in-seconds
0.012
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:19:12 GMT
server
cloudflare
etag
"5afd4910-10440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
52eae8b709c369f9-LHR
expires
Wed, 21 Oct 2020 03:51:13 GMT
S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:400,900,700
Origin
https://desktop.kouwaiwai.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Wed, 30 Oct 2019 07:38:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:45 GMT
server
sffe
age
159157
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13732
x-xss-protection
0
expires
Thu, 29 Oct 2020 07:38:36 GMT

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| OneSignal function| $ function| jQuery number| value number| _STOP string| end function| styletimer function| settimer function| b64DecodeUnicode function| HexDigitToDec function| SimpleHexToDec function| HexColorToRgb function| HexColorToRGBA function| MixColors function| MixGradientEndColor function| MixBorderColor function| OnCoregDoiPage function| OnFirstRegPage function| OnSecondRegPage function| OnCoregPage function| OnLogoutPage function| ShowPromoConsentMessage function| build_progress_bars function| set_progress function| update_progressbar function| set_background object| backgroundInfo function| rlmHandler function| create_testimonials function| show_testimonials function| next function| create_prepage function| prepage_auswahl function| prepage_info function| prepage_dropdown string| fragdata string| pfdata function| prepage_fragen function| fragendesigner function| pp_hide function| forceImage function| inputstyler function| ValidateSecondRegPage function| style_continue_button function| style_simple_continue_button number| unknownAttemptCount number| maxUnknownAttemptCount boolean| emailErrorShown string| textInputColor function| ShowKickboxError function| HideKickboxErrorMessage function| IsValidTonlineAddress function| buttonstyler function| buttonsmallstyler function| buttonsmallfragenstyler string| symbol_animation string| symbol_speed1 string| symbol_speed2 function| animateButton function| rebuild_continue_button string| fullUrl string| rlmset string| mode string| fi boolean| secondCoregStage number| totalCoregCount number| clickedCoregCount number| clickedListCoregCount number| coregCount boolean| coregsUncovered number| coregCountPerGroup object| coregGroups number| currentCoregGroupIndex number| visibleCoregCount number| weightedCoregCount number| initProgress function| get_coreg_container_by_index function| show_secondary_coregs function| init_audibene function| build_coreg_groups function| show_coreg_group function| hide_coreg_group function| show_next_coreg_group function| apply_spiegel_coreg_changes function| assign_coreg_indices function| show_info_popup function| BrandbueroBuyButtonCallback function| apply_frank_coreg_changes number| round string| hl1_color string| hl2_color string| ip1 string| ip2 string| ip3 string| ip4 string| ip5 string| ip6 string| ip7

2 Cookies

Domain/Path Name / Value
desktop.kouwaiwai.de/ Name: coyoteAffiliTokenId496
Value: 360530766
desktop.kouwaiwai.de/ Name: PHPSESSID
Value: 04fh6tudga501p2qshotirjeq0

3 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api log URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/rlm_flex_tile_coregs_dynamic_desktop_de.js(Line 1889)
Message:
datenEingabe_496.html
console-api log URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/rlm_flex_tile_coregs_dynamic_desktop_de.js(Line 474)
Message:
complete

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bestorican.com
cd-down.com
cdn.onesignal.com
cdnjs.cloudflare.com
click.expmediadirect.com
code.jquery.com
desktop.kouwaiwai.de
fonts.googleapis.com
fonts.gstatic.com
gdmconvtrck.com
mybestdc.com
rlcontrol.de
trk.reactorphone.com
usd.lupus-bra.com
ww1.bestorican.com
www.exklusive-preise.de
www.google.com
www.rlcontrol.de
108.168.193.183
198.134.116.30
199.59.242.153
2001:4de0:ac19::1:b:1b
2606:4700:300a::6813:c497
2606:4700:300a::6813:c797
2606:4700:30::681f:5957
2606:4700::6812:e234
2a00:1450:4001:817::2004
2a00:1450:4001:821::2003
2a00:1450:4001:825::200a
2a05:d018:483:6110:1151:1546:9e4a:df36
2a05:d018:483:6110:aea0:a7da:f2eb:7245
52.207.32.96
81.17.18.198
89.191.67.206
89.191.67.79
00d254abbe39f6db9f961d302a5f0cd3b3dbfbe8d7c7b6517bac2bf557096e61
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
082b0736a3408950e50fd65a090921003fe83d89ec6e3084549a01d5dfa9e854
0a8d9160b583e71648abef1451a81c8bb23044668ca660048255b14ccf37a27f
27b68b172858b007dc7b2fc3ac81b6a87924bc8520f5592850a1283a65b69af3
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
371029ae4b61380d7fb843adc9456cf8b155429a2d967e78c0179ced448ee20c
37236c40e62d283da9e33887421179b1b2b6e9939ff3e2bfb79721cf875c37c7
4122f214f47bf170342826a86092121db1a8ac7cb3c0f899a1ede8b6b96f27c8
44aae6fbe386483965d5e393b0618b2bf5e27a6910b8f3e9ff3cadd62bacbabd
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5eecac60daf67e9978b368ef66fe2b25e1f0a61da04d77ee55905ac53d1a1cf9
6435dca93f3980ffdecd928f960f0c92cef5889646eb1adba40d757be00bb4f3
665a216355656dfc377ec1a2d1c7c7f86314fc03cebb10cbe68ed973ef4b9418
73252363e8f1ef98ad515d39a686e08c38b766004f1a15c9eecacacc259e136c
78acf37b6c980a9d638c2a825bf0e419f65d68d6fffab3f3063270151f5aadec
7c7a72688694d2553c8023ef8f18ca3d45e065f939249af0dcac2c3ac8f09d45
7f4e31beb4137909805be8ecdd8a5417036e606d0f5105a9cb4cdf2d2356f1d2
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8ed6e6310eed30856e63e9ac243194c15fab7877a9ef711015d0bc65d269dcf8
907574f22df60cff68794bcd60c03efeadfe61546fe6c19f69430105c4302675
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
984d6e82dce7262e5c27733ab7c2521a1f25f4a3ec2a1839620e053d3eec78bb
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a40fee360f183c4eb36995f3403ebe9eb9cf67ce65666d3a0da9ce8afeec7f51
b0da72d60d5dd29e3d180e7c87781f30223e27ea0b0de30826ce5a4279f2319d
b755340ed25bfca9e087ba92cb7c49eaa3cebbb75f3221d25c9af2d9f3bce288
c48feaca5f6fa70585397cfbfb1ffd5a41b98ff4959d2c36d6f8b2f1f5b06de1
d31bef450ee67b64f9b70bfdf41fe4e00c65438705cc1fbb48ea6026d3a5d697
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef82e74f6f6990329deb8e624baaa319380550e92d4a034929886357899a1735
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995