urlscan.io logo urlscan.io
SecurityTrails logo

desktop.kouwaiwai.de Open in urlscan Pro
89.191.67.206  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fd1.info/iphone?i=4829
Effective URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fw...
Submission: On September 05 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 6 countries across 14 domains to perform 30 HTTP transactions. The main IP is 89.191.67.206, located in Germany and belongs to MEGASPACE-AS, DE. The main domain is desktop.kouwaiwai.de.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 4th 2019. Valid for: 3 months.
This is the only time desktop.kouwaiwai.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.225.22.201 9123 (TIMEWEB-AS)
1 1 95.216.40.29 24940 (HETZNER-AS)
1 1 2a05:d018:483... 16509 (AMAZON-02)
1 2 2a05:d018:483... 16509 (AMAZON-02)
1 2a05:d018:483... 16509 (AMAZON-02)
1 1 3.248.111.124 16509 (AMAZON-02)
1 14 89.191.67.79 34624 (MEGASPACE-AS)
2 89.191.67.206 34624 (MEGASPACE-AS)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
3 2a00:1450:400... 15169 (GOOGLE)
30 9
1    188.225.22.201 (Russian Federation)

ASN9123 (TIMEWEB-AS, RU)
PTR: vh214.timeweb.ru
fd1.info
1    95.216.40.29 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.40.216.95.clients.your-server.de
statconuter.info
1    2a05:d018:483:6130:7095:9e50:e827:1089 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
cd-down.com
2    2a05:d018:483:6130:61a0:d66d:b7a4:938b (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
securessl-smart.com
1    2a05:d018:483:6110:2bbb:bd63:d8cd:4bb1 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
gdmconvtrck.com
1    3.248.111.124 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-248-111-124.eu-west-1.compute.amazonaws.com
plvlp.youarewinner.net
14    89.191.67.79 (Germany)

ASN34624 (MEGASPACE-AS, DE)
PTR: srv1.rlcontrol.de
www.exklusive-preise.de
rlcontrol.de
www.rlcontrol.de
2    89.191.67.206 (Germany)

ASN34624 (MEGASPACE-AS, DE)
desktop.kouwaiwai.de
4    2606:4700::6810:243f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.onesignal.com
onesignal.com
3    2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2606:4700::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com
3    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
11 www.rlcontrol.de desktop.kouwaiwai.de
www.rlcontrol.de
3 fonts.gstatic.com www.rlcontrol.de
3 fonts.googleapis.com desktop.kouwaiwai.de
2 onesignal.com cdn.onesignal.com
2 cdnjs.cloudflare.com desktop.kouwaiwai.de
www.rlcontrol.de
2 cdn.onesignal.com desktop.kouwaiwai.de
cdn.onesignal.com
2 desktop.kouwaiwai.de www.rlcontrol.de
2 www.exklusive-preise.de 1 redirects gdmconvtrck.com
2 securessl-smart.com 1 redirects
1 code.jquery.com desktop.kouwaiwai.de
1 rlcontrol.de www.exklusive-preise.de
1 plvlp.youarewinner.net 1 redirects
1 gdmconvtrck.com securessl-smart.com
1 cd-down.com 1 redirects
1 statconuter.info 1 redirects
1 fd1.info 1 redirects
30 16

This site contains links to these domains. Also see Links.

Domain
odoki.de
my-promobox.de
www.rlcontrol.de
Subject Issuer Validity Valid
securessl-dt.com
Amazon		 2019-04-20 -
2020-05-20		 a year crt.sh
gdmconvtrck.com
Amazon		 2019-04-19 -
2020-05-19		 a year crt.sh
www.exklusive-preise.de
Sectigo RSA Domain Validation Secure Server CA		 2019-01-14 -
2020-04-13		 a year crt.sh
*.rlcontrol.de
Sectigo RSA Domain Validation Secure Server CA		 2019-01-15 -
2021-04-14		 2 years crt.sh
toutoanui.de
Let's Encrypt Authority X3		 2019-08-04 -
2019-11-02		 3 months crt.sh
ssl473492.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-07-02 -
2020-01-08		 6 months crt.sh
*.googleapis.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.google.com
GTS CA 1O1		 2019-08-13 -
2019-11-11		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Frame ID: 4CF61C3FB47FB4A6D377A835376B957D
Requests: 28 HTTP requests in this frame

Frame: https://rlcontrol.de/ftp/weiche_de_real-prizes.php
Frame ID: F8F9EA2BE1DF1EF9A9C32F7F3808B202
Requests: 1 HTTP requests in this frame

Frame: https://onesignal.com/webPushAnalytics
Frame ID: 18A9A91354D0D0AD8230239CAB346BBE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://fd1.info/iphone?i=4829 HTTP 301
    https://statconuter.info/click.php?key=1afan4l7c3l8w8vdqk58&ct=ct HTTP 302
    https://cd-down.com/?a=91119&c=200645&s2=dd87dx93va4ef3 HTTP 302
    https://securessl-smart.com/?a=91119&c=168207&oc=64806&sr=t&so=70737&sc=10590765&rc=3_70737&s2=dd87dx93v... Page URL
  2. https://securessl-smart.com/?a=91119&c=168207&oc=64806&sr=t&so=70737&sc=10590765&rc=3_70737&s2=dd87dx93v... HTTP 302
    https://plvlp.youarewinner.net/c/1f0a2cb367c37dee?s1=240&s2=91119&s3=&click_id=5d8b7ca9bbec43ef8397217cf573... HTTP 302
    https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=366&idCampaignAd=0&subId=io... Page URL
  3. https://www.exklusive-preise.de/DE,20160328,FlexBlocks,online_613.html?idPartner=366&idCampaignAd=0&subId=io... HTTP 302
    https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchRef... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

30
Requests

100 %
HTTPS

62 %
IPv6

14
Domains

16
Subdomains

9
IPs

6
Countries

418 kB
Transfer

1195 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fd1.info/iphone?i=4829 HTTP 301
    https://statconuter.info/click.php?key=1afan4l7c3l8w8vdqk58&ct=ct HTTP 302
    https://cd-down.com/?a=91119&c=200645&s2=dd87dx93va4ef3 HTTP 302
    https://securessl-smart.com/?a=91119&c=168207&oc=64806&sr=t&so=70737&sc=10590765&rc=3_70737&s2=dd87dx93va4ef3&vt=1567684365105&h=aef56c4cdc5cff8785fa07322be6ad4433a53f24&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D200645%26s2%3Ddd87dx93va4ef3 Page URL
  2. https://securessl-smart.com/?a=91119&c=168207&oc=64806&sr=t&so=70737&sc=10590765&rc=3_70737&s2=dd87dx93va4ef3&vt=1567684365218&h=74477196911f78a8e06a4e90a7479298cefcf0c2&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D200645%26s2%3Ddd87dx93va4ef3&us=861ee26ad72b491a94974ffa07019a1c HTTP 302
    https://plvlp.youarewinner.net/c/1f0a2cb367c37dee?s1=240&s2=91119&s3=&click_id=5d8b7ca9bbec43ef8397217cf57373becd60&ban= HTTP 302
    https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=366&idCampaignAd=0&subId=ioxwf5d70f70d72054113878283&subIdentifier=240_91119&rlmset=iphone_x_de Page URL
  3. https://www.exklusive-preise.de/DE,20160328,FlexBlocks,online_613.html?idPartner=366&idCampaignAd=0&subId=ioxwf5d70f70d72054113878283&subIdentifier=240_91119&rlmset=iphone_x_de&switchReferer=https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html HTTP 302
    https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://fd1.info/iphone?i=4829 HTTP 301
  • https://statconuter.info/click.php?key=1afan4l7c3l8w8vdqk58&ct=ct HTTP 302
  • https://cd-down.com/?a=91119&c=200645&s2=dd87dx93va4ef3 HTTP 302
  • https://securessl-smart.com/?a=91119&c=168207&oc=64806&sr=t&so=70737&sc=10590765&rc=3_70737&s2=dd87dx93va4ef3&vt=1567684365105&h=aef56c4cdc5cff8785fa07322be6ad4433a53f24&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D200645%26s2%3Ddd87dx93va4ef3
Request Chain 2
  • https://securessl-smart.com/?a=91119&c=168207&oc=64806&sr=t&so=70737&sc=10590765&rc=3_70737&s2=dd87dx93va4ef3&vt=1567684365218&h=74477196911f78a8e06a4e90a7479298cefcf0c2&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D200645%26s2%3Ddd87dx93va4ef3&us=861ee26ad72b491a94974ffa07019a1c HTTP 302
  • https://plvlp.youarewinner.net/c/1f0a2cb367c37dee?s1=240&s2=91119&s3=&click_id=5d8b7ca9bbec43ef8397217cf57373becd60&ban= HTTP 302
  • https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=366&idCampaignAd=0&subId=ioxwf5d70f70d72054113878283&subIdentifier=240_91119&rlmset=iphone_x_de

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
securessl-smart.com/
Redirect Chain
  • http://fd1.info/iphone?i=4829
  • https://statconuter.info/click.php?key=1afan4l7c3l8w8vdqk58&ct=ct
  • https://cd-down.com/?a=91119&c=200645&s2=dd87dx93va4ef3
  • https://securessl-smart.com/?a=91119&c=168207&oc=64806&sr=t&so=70737&sc=10590765&rc=3_70737&s2=dd87dx93va4ef3&vt=1567684365105&h=aef56c4cdc5cff8785fa07322be6ad4433a53f24&req=https%3A%2F%2Fcd-down.c...
2 KB
920 B 		Document
General
Check archive.org
Download Go to
Full URL
https://securessl-smart.com/?a=91119&c=168207&oc=64806&sr=t&so=70737&sc=10590765&rc=3_70737&s2=dd87dx93va4ef3&vt=1567684365105&h=aef56c4cdc5cff8785fa07322be6ad4433a53f24&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D200645%26s2%3Ddd87dx93va4ef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:483:6130:61a0:d66d:b7a4:938b Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
1f7d2c3531d69cfbe60645d3598cd42626e0725c2ce02eb21f3ba2ff13c36c7f

Request headers

:method
GET
:authority
securessl-smart.com
:scheme
https
:path
/?a=91119&c=168207&oc=64806&sr=t&so=70737&sc=10590765&rc=3_70737&s2=dd87dx93va4ef3&vt=1567684365105&h=aef56c4cdc5cff8785fa07322be6ad4433a53f24&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D200645%26s2%3Ddd87dx93va4ef3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 05 Sep 2019 11:52:45 GMT
content-type
text/html;charset=utf-8
server
nginx
vary
Accept-Encoding
cache-control
no-cache, must-revalidate
pragma
no-cache
expires
Sat, 1 May 2020 12:00:00 GMT
content-encoding
gzip

Redirect headers

status
302
date
Thu, 05 Sep 2019 11:52:45 GMT
content-type
text/html;charset=ISO-8859-1
location
https://securessl-smart.com?a=91119&c=168207&oc=64806&sr=t&so=70737&sc=10590765&rc=3_70737&s2=dd87dx93va4ef3&vt=1567684365105&h=aef56c4cdc5cff8785fa07322be6ad4433a53f24&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D200645%26s2%3Ddd87dx93va4ef3
server
nginx
content-language
en-US
trck
gdmconvtrck.com/ 		1 KB
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gdmconvtrck.com/trck
Requested by
Host: securessl-smart.com
URL: https://securessl-smart.com/?a=91119&c=168207&oc=64806&sr=t&so=70737&sc=10590765&rc=3_70737&s2=dd87dx93va4ef3&vt=1567684365105&h=aef56c4cdc5cff8785fa07322be6ad4433a53f24&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D200645%26s2%3Ddd87dx93va4ef3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:483:6110:2bbb:bd63:d8cd:4bb1 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://securessl-smart.com/?a=91119&c=168207&oc=64806&sr=t&so=70737&sc=10590765&rc=3_70737&s2=dd87dx93va4ef3&vt=1567684365105&h=aef56c4cdc5cff8785fa07322be6ad4433a53f24&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D200645%26s2%3Ddd87dx93va4ef3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2019 11:52:45 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Sat, 1 May 2020 12:00:00 GMT
Cookie set de,20160420,weiche,flexblocks_624.html
www.exklusive-preise.de/
Redirect Chain
  • https://securessl-smart.com/?a=91119&c=168207&oc=64806&sr=t&so=70737&sc=10590765&rc=3_70737&s2=dd87dx93va4ef3&vt=1567684365218&h=74477196911f78a8e06a4e90a7479298cefcf0c2&req=https%3A%2F%2Fcd-down.c...
  • https://plvlp.youarewinner.net/c/1f0a2cb367c37dee?s1=240&s2=91119&s3=&click_id=5d8b7ca9bbec43ef8397217cf57373becd60&ban=
  • https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=366&idCampaignAd=0&subId=ioxwf5d70f70d72054113878283&subIdentifier=240_91119&rlmset=iphone_x_de
776 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=366&idCampaignAd=0&subId=ioxwf5d70f70d72054113878283&subIdentifier=240_91119&rlmset=iphone_x_de
Requested by
Host: gdmconvtrck.com
URL: https://gdmconvtrck.com/trck
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) / PHP/5.6.40-0+deb8u5
Resource Hash
73252363e8f1ef98ad515d39a686e08c38b766004f1a15c9eecacacc259e136c

Request headers

Host
www.exklusive-preise.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://securessl-smart.com/?a=91119&c=168207&oc=64806&sr=t&so=70737&sc=10590765&rc=3_70737&s2=dd87dx93va4ef3&vt=1567684365105&h=aef56c4cdc5cff8785fa07322be6ad4433a53f24&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D200645%26s2%3Ddd87dx93va4ef3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://securessl-smart.com/?a=91119&c=168207&oc=64806&sr=t&so=70737&sc=10590765&rc=3_70737&s2=dd87dx93va4ef3&vt=1567684365105&h=aef56c4cdc5cff8785fa07322be6ad4433a53f24&req=https%3A%2F%2Fcd-down.com%2F%3Fa%3D91119%26c%3D200645%26s2%3Ddd87dx93va4ef3

Response headers

Date
Thu, 05 Sep 2019 11:52:45 GMT
Server
Apache/2.4.10 (Debian)
X-Powered-By
PHP/5.6.40-0+deb8u5
Set-Cookie
PHPSESSID=paltvsohlo4iub83ete9qnlej6; path=/ coyoteTrackingCookie_624=353427065; expires=Sat, 05-Oct-2019 11:52:45 GMT; Max-Age=2592000; path=/ coyoteSimpleTrackingCookie=353427065; expires=Fri, 06-Sep-2019 11:52:45 GMT; Max-Age=86400; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
442
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

status
302 302 Found
server
nginx
date
Thu, 05 Sep 2019 11:52:45 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=366&idCampaignAd=0&subId=ioxwf5d70f70d72054113878283&subIdentifier=240_91119&rlmset=iphone_x_de
set-cookie
unique_2293271=unique_2293271; expires=Fri, 06-Sep-2019 11:52:45 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5d70f70d72815435009625; expires=Fri, 06-Sep-2019 11:52:45 GMT; Max-Age=86400; path=/; HttpOnly unique_2293271=unique_2293271; expires=Fri, 06-Sep-2019 11:52:45 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5d70f70d72815435009625; expires=Fri, 06-Sep-2019 11:52:45 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=330097_240_91119; expires=Sat, 05-Oct-2019 11:52:45 GMT; Max-Age=2592000; path=/; HttpOnly unique_2293271=unique_2293271; expires=Fri, 06-Sep-2019 11:52:45 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5d70f70d72815435009625; expires=Fri, 06-Sep-2019 11:52:45 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=330097_240_91119; expires=Sat, 05-Oct-2019 11:52:45 GMT; Max-Age=2592000; path=/; HttpOnly tid=ioxwf5d70f70d72054113878283; path=/; HttpOnly
weiche_de_real-prizes.php
rlcontrol.de/ftp/ Frame F8F9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rlcontrol.de/ftp/weiche_de_real-prizes.php
Requested by
Host: www.exklusive-preise.de
URL: https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=366&idCampaignAd=0&subId=ioxwf5d70f70d72054113878283&subIdentifier=240_91119&rlmset=iphone_x_de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) / PHP/5.6.40-0+deb8u5
Resource Hash

Request headers

Host
rlcontrol.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=366&idCampaignAd=0&subId=ioxwf5d70f70d72054113878283&subIdentifier=240_91119&rlmset=iphone_x_de
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.exklusive-preise.de/de,20160420,weiche,flexblocks_624.html?idPartner=366&idCampaignAd=0&subId=ioxwf5d70f70d72054113878283&subIdentifier=240_91119&rlmset=iphone_x_de

Response headers

Date
Thu, 05 Sep 2019 11:52:45 GMT
Server
Apache/2.4.10 (Debian)
Vary
Host,Accept-Encoding
X-Powered-By
PHP/5.6.40-0+deb8u5
Content-Encoding
gzip
Content-Length
410
Connection
close
Content-Type
text/html; charset=UTF-8
Primary Request Cookie set campaign_496.html
desktop.kouwaiwai.de/
Redirect Chain
  • https://www.exklusive-preise.de/DE,20160328,FlexBlocks,online_613.html?idPartner=366&idCampaignAd=0&subId=ioxwf5d70f70d72054113878283&subIdentifier=240_91119&rlmset=iphone_x_de&switchReferer=https:...
  • https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
66 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.206 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
Software
Apache/2.4.10 (Debian) / PHP/5.6.40-0+deb8u5
Resource Hash
194bd0e95105b6449c9af6721226d712bf5308fc7c26636fdc57d8ec6d6b07b1

Request headers

Host
desktop.kouwaiwai.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://rlcontrol.de/ftp/weiche_de_real-prizes.php
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://rlcontrol.de/ftp/weiche_de_real-prizes.php

Response headers

Date
Thu, 05 Sep 2019 11:52:45 GMT
Server
Apache/2.4.10 (Debian)
X-Powered-By
PHP/5.6.40-0+deb8u5
Set-Cookie
PHPSESSID=5a5u6fr8atl23ph52sjuqcpe94; path=/ coyoteAffiliTokenId496=353427066; expires=Thu, 05-Sep-2019 15:52:45 GMT; Max-Age=14400; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
9844
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Thu, 05 Sep 2019 11:52:45 GMT
Server
Apache/2.4.10 (Debian)
X-Powered-By
PHP/5.6.40-0+deb8u5
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
coyoteTrackingCookie_613=353427066; expires=Sat, 05-Oct-2019 11:52:45 GMT; Max-Age=2592000; path=/ coyoteSimpleTrackingCookie=353427066; expires=Fri, 06-Sep-2019 11:52:45 GMT; Max-Age=86400; path=/
Location
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Content-Length
2
Connection
close
Content-Type
text/html; charset=UTF-8
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:243f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a2617768e184d5ddcc9a4e65b4780f0028502af41c54c438c18177bcaf581aa

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Sep 2019 11:52:45 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
3348
etag
W/"73548930d8015a67a49758d8fe546f33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
5117ffb679c4cbc8-VIE
expires
Thu, 05 Sep 2019 23:52:45 GMT
reset.css
www.rlcontrol.de/ftp/flexblocks/css/ 		812 B
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/css/reset.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
27b68b172858b007dc7b2fc3ac81b6a87924bc8520f5592850a1283a65b69af3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 05 Sep 2019 11:52:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Mar 2017 10:51:53 GMT
Server
Apache/2.4.10 (Debian)
ETag
"32c-54a4a08790043-gzip"
Vary
Host,Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
489
bootstrap.min.css
www.rlcontrol.de/ftp/flexblocks/css/ 		114 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/css/bootstrap.min.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
d31bef450ee67b64f9b70bfdf41fe4e00c65438705cc1fbb48ea6026d3a5d697

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 05 Sep 2019 11:52:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Mar 2017 10:51:42 GMT
Server
Apache/2.4.10 (Debian)
ETag
"1c99e-54a4a07d3b832-gzip"
Vary
Host,Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
19218
awesome-bootstrap-checkbox.css
www.rlcontrol.de/ftp/flexblocks/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/css/awesome-bootstrap-checkbox.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
984d6e82dce7262e5c27733ab7c2521a1f25f4a3ec2a1839620e053d3eec78bb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 05 Sep 2019 11:52:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Mar 2017 10:51:42 GMT
Server
Apache/2.4.10 (Debian)
ETag
"1a50-54a4a07c909d9-gzip"
Vary
Host,Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
1046
general_tile_coregs_dynamic_desktop_de.css
www.rlcontrol.de/ftp/flexblocks/css/ 		53 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/css/general_tile_coregs_dynamic_desktop_de.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
ef82e74f6f6990329deb8e624baaa319380550e92d4a034929886357899a1735

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 05 Sep 2019 11:52:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Jun 2019 14:10:30 GMT
Server
Apache/2.4.10 (Debian)
ETag
"d240-58b99acdf74b8-gzip"
Vary
Host,Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
9742
balloon.min.css
www.rlcontrol.de/ftp/flexblocks/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/css/balloon.min.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
4122f214f47bf170342826a86092121db1a8ac7cb3c0f899a1ede8b6b96f27c8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 05 Sep 2019 11:52:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Mar 2017 09:05:10 GMT
Server
Apache/2.4.10 (Debian)
ETag
"1571-54b39f0e4b2f6-gzip"
Vary
Host,Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
1087
css
fonts.googleapis.com/ 		2 KB
456 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,900,700
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
5eecac60daf67e9978b368ef66fe2b25e1f0a61da04d77ee55905ac53d1a1cf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 05 Sep 2019 11:52:45 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 05 Sep 2019 11:52:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Thu, 05 Sep 2019 11:52:45 GMT
css
fonts.googleapis.com/ 		460 B
394 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Calligraffitti
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
7f4e31beb4137909805be8ecdd8a5417036e606d0f5105a9cb4cdf2d2356f1d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 05 Sep 2019 11:52:45 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 05 Sep 2019 11:52:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Thu, 05 Sep 2019 11:52:45 GMT
css
fonts.googleapis.com/ 		423 B
331 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Satisfy
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
78acf37b6c980a9d638c2a825bf0e419f65d68d6fffab3f3063270151f5aadec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 05 Sep 2019 11:52:45 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 05 Sep 2019 11:52:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Thu, 05 Sep 2019 11:52:45 GMT
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.css
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
082b0736a3408950e50fd65a090921003fe83d89ec6e3084549a01d5dfa9e854
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Sep 2019 11:52:45 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
12318296
status
200
served-in-seconds
0.003
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:19:53 GMT
server
cloudflare
etag
W/"5afd4939-81d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5117ffb67d7059e8-VIE
expires
Tue, 25 Aug 2020 11:52:45 GMT
jquery.js
www.rlcontrol.de/ftp/flexblocks/scripts/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 05 Sep 2019 11:52:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Nov 2016 15:23:29 GMT
Server
Apache/2.4.10 (Debian)
ETag
"14915-541d13ce2b8df-gzip"
Vary
Host,Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
29497
bootstrap.min.js
www.rlcontrol.de/ftp/flexblocks/scripts/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/scripts/bootstrap.min.js
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 05 Sep 2019 11:52:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Nov 2016 15:23:25 GMT
Server
Apache/2.4.10 (Debian)
ETag
"9004-541d13caa3446-gzip"
Vary
Host,Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
9765
jquery-ui.min.js
code.jquery.com/ui/1.11.3/ 		234 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.11.3/jquery-ui.min.js
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
c48feaca5f6fa70585397cfbfb1ffd5a41b98ff4959d2c36d6f8b2f1f5b06de1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 05 Sep 2019 11:52:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Feb 2015 18:05:20 GMT
Server
nginx
ETag
W/"54dceb60-3a99b"
Vary
Accept-Encoding
X-HW
1567684365.dop056.fr8.shc,1567684365.dop056.fr8.t,1567684365.cds022.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
64209
rlm_flex_tile_coregs_dynamic_desktop_de.js
www.rlcontrol.de/ftp/flexblocks/scripts/ 		152 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/scripts/rlm_flex_tile_coregs_dynamic_desktop_de.js
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
7c7a72688694d2553c8023ef8f18ca3d45e065f939249af0dcac2c3ac8f09d45

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 05 Sep 2019 11:52:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jul 2019 14:38:56 GMT
Server
Apache/2.4.10 (Debian)
ETag
"2618f-58ee6f7ef3bc7-gzip"
Vary
Host,Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
32253
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		214 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150706
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:243f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
16f688bad571627f2a40dad80951a0220fa5d11cdf8fb2888bf2887c53811c7d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Sep 2019 11:52:45 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
3305
etag
W/"f4ebb281698a883231242a4d72c8502e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=259200
cf-ray
5117ffb6aa34cbc8-VIE
expires
Sun, 08 Sep 2019 11:52:45 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:400,900,700
Origin
https://desktop.kouwaiwai.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 19:26:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
1095982
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
14044
x-xss-protection
0
expires
Sat, 22 Aug 2020 19:26:23 GMT
iphone_x_de.json
desktop.kouwaiwai.de/ftp/flexblocks/rlmsets/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://desktop.kouwaiwai.de/ftp/flexblocks/rlmsets/iphone_x_de.json?format=json&_=1567684365894
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.206 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
Software
Apache/2.4.10 (Debian) /
Resource Hash
f36b26eda4126341037f5b50c7603b2b7d16a70a08ad588ea5f767e719c52f2e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Thu, 05 Sep 2019 11:52:45 GMT
Last-Modified
Wed, 10 Apr 2019 11:46:57 GMT
Server
Apache/2.4.10 (Debian)
ETag
"88f-5862ba07d3cc2"
Content-Type
application/json
Connection
close
Accept-Ranges
bytes
Content-Length
2191
iphoneXgrey.jpg
www.rlcontrol.de/ftp/flexblocks/build/background/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rlcontrol.de/ftp/flexblocks/build/background/iphoneXgrey.jpg
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
557d363d99fd7149e902776c681f9aec60ee6252f382b5d7952e9242ee855002

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 05 Sep 2019 11:52:45 GMT
Last-Modified
Wed, 13 Sep 2017 12:15:31 GMT
Server
Apache/2.4.10 (Debian)
ETag
"e8a5-559111db143f8"
Vary
Host
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
59557
none.png
www.rlcontrol.de/ftp/flexblocks/build/promotion/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rlcontrol.de/ftp/flexblocks/build/promotion/none.png
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
6940c5b5a5666a0118aedab329800532850e7f60fc52da009a3df20eb65dfe10

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 05 Sep 2019 11:52:45 GMT
Last-Modified
Mon, 21 Nov 2016 15:29:02 GMT
Server
Apache/2.4.10 (Debian)
ETag
"ae7-541d150c30c25"
Vary
Host
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
2791
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:400,900,700
Origin
https://desktop.kouwaiwai.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 19:34:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:54 GMT
server
sffe
age
145086
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
14176
x-xss-protection
0
expires
Wed, 02 Sep 2020 19:34:39 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
cors
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.css
Origin
https://desktop.kouwaiwai.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Sep 2019 11:52:45 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
12318296
status
200
content-length
66624
served-in-seconds
0.002
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:19:53 GMT
server
cloudflare
etag
"5afd4939-10440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5117ffb76df9cb98-VIE
expires
Tue, 25 Aug 2020 11:52:45 GMT
S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
Requested by
Host: www.rlcontrol.de
URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:400,900,700
Origin
https://desktop.kouwaiwai.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 25 Aug 2019 05:31:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:45 GMT
server
sffe
age
973268
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
13732
x-xss-protection
0
expires
Mon, 24 Aug 2020 05:31:37 GMT
apple-logo.png
www.rlcontrol.de/ftp/flex2/build/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rlcontrol.de/ftp/flex2/build/apple-logo.png
Requested by
Host: desktop.kouwaiwai.de
URL: https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.191.67.79 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
srv1.rlcontrol.de
Software
Apache/2.4.10 (Debian) /
Resource Hash
b083ec084e164a478501b562844006aa6c96a37b04446904578a6269fa843a69

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 05 Sep 2019 11:52:45 GMT
Last-Modified
Wed, 10 Feb 2016 21:23:30 GMT
Server
Apache/2.4.10 (Debian)
ETag
"5dc-52b710ba1b880"
Vary
Host
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
1500
web
onesignal.com/api/v1/sync/22b474ad-13cb-43cd-bda4-a495470ad2bd/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/22b474ad-13cb-43cd-bda4-a495470ad2bd/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150706
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:243f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Phusion Passenger 5.3.7
Resource Hash
7b6da3533e9b40504dc73852d5b68bc910ebd0663ab0f4908768a1a943309ff1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Sep 2019 11:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
328
x-powered-by
Phusion Passenger 5.3.7
status
200, 200 OK
x-xss-protection
1; mode=block
x-request-id
148bd0c8-9f9b-465f-b2da-2f599ffb0f2b
x-runtime
0.068568
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
cf-polished
origSize=3217
cf-ray
5117ffb7cd5dcbc8-VIE
access-control-allow-headers
SDK-Version
expires
Thu, 05 Sep 2019 11:57:46 GMT
webPushAnalytics
onesignal.com/ Frame 18A9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/webPushAnalytics
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150706
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:243f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
onesignal.com
:scheme
https
:path
/webPushAnalytics
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://desktop.kouwaiwai.de/campaign_496.html?coyoteAffiliTokenId=353427066&rlmset=iphone_x_de&switchReferer=https%3A%2F%2Fwww.exklusive-preise.de%2Fde%2C20160420%2Cweiche%2Cflexblocks_624.html&

Response headers

status
200
date
Thu, 05 Sep 2019 11:52:48 GMT
content-type
text/html
set-cookie
__cfduid=db000208e48525963ebad6302f25a14381567684368; expires=Fri, 04-Sep-20 11:52:48 GMT; path=/; domain=.onesignal.com; HttpOnly
last-modified
Wed, 04 Sep 2019 18:30:49 GMT
cf-cache-status
HIT
age
3361
expires
Thu, 05 Sep 2019 12:52:48 GMT
cache-control
public, max-age=3600
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5117ffc4cfe0cbc8-VIE
content-encoding
gzip

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| OneSignal function| $ function| jQuery number| value number| _STOP string| end function| styletimer function| settimer function| b64DecodeUnicode function| HexDigitToDec function| SimpleHexToDec function| HexColorToRgb function| HexColorToRGBA function| MixColors function| MixGradientEndColor function| MixBorderColor function| OnCoregDoiPage function| OnFirstRegPage function| OnSecondRegPage function| OnCoregPage function| OnLogoutPage function| ShowPromoConsentMessage function| build_progress_bars function| set_progress function| update_progressbar function| set_background object| backgroundInfo function| rlmHandler function| create_testimonials function| show_testimonials function| next function| create_prepage function| prepage_auswahl function| prepage_info function| prepage_dropdown string| fragdata string| pfdata function| prepage_fragen function| fragendesigner function| pp_hide function| forceImage function| inputstyler function| ValidateSecondRegPage function| style_continue_button function| style_simple_continue_button number| unknownAttemptCount number| maxUnknownAttemptCount boolean| emailErrorShown string| textInputColor function| ShowKickboxError function| HideKickboxErrorMessage function| IsValidTonlineAddress function| buttonstyler function| buttonsmallstyler function| buttonsmallfragenstyler string| symbol_animation string| symbol_speed1 string| symbol_speed2 function| animateButton function| rebuild_continue_button string| fullUrl string| rlmset string| mode string| fi boolean| secondCoregStage number| totalCoregCount number| clickedCoregCount number| clickedListCoregCount number| coregCount boolean| coregsUncovered number| coregCountPerGroup object| coregGroups number| currentCoregGroupIndex number| visibleCoregCount number| weightedCoregCount number| initProgress function| get_coreg_container_by_index function| show_secondary_coregs function| init_audibene function| build_coreg_groups function| show_coreg_group function| hide_coreg_group function| show_next_coreg_group function| apply_spiegel_coreg_changes function| assign_coreg_indices function| show_info_popup function| BrandbueroBuyButtonCallback function| apply_frank_coreg_changes number| round string| hl1_color string| hl2_color string| ip1 string| ip2 string| ip3 string| ip4 string| ip5 string| ip6 string| ip7 number| __oneSignalSdkLoadCount function| __jp0

2 Cookies

Domain/Path Name / Value
desktop.kouwaiwai.de/ Name: coyoteAffiliTokenId496
Value: 353427066
desktop.kouwaiwai.de/ Name: PHPSESSID
Value: 5a5u6fr8atl23ph52sjuqcpe94

3 Console Messages

Source Level URL
Text
console-api log URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/rlm_flex_tile_coregs_dynamic_desktop_de.js(Line 1889)
Message:
datenEingabe_496.html
console-api log URL: https://www.rlcontrol.de/ftp/flexblocks/scripts/rlm_flex_tile_coregs_dynamic_desktop_de.js(Line 474)
Message:
complete
console-api error URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150706(Line 1)
Message:
TypeError: Cannot read property 'permission' of undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cd-down.com
cdn.onesignal.com
cdnjs.cloudflare.com
code.jquery.com
desktop.kouwaiwai.de
fd1.info
fonts.googleapis.com
fonts.gstatic.com
gdmconvtrck.com
onesignal.com
plvlp.youarewinner.net
rlcontrol.de
securessl-smart.com
statconuter.info
www.exklusive-preise.de
www.rlcontrol.de
188.225.22.201
2001:4de0:ac18::1:a:3b
2606:4700::6810:243f
2606:4700::6813:c597
2a00:1450:4001:81a::200a
2a00:1450:4001:825::2003
2a05:d018:483:6110:2bbb:bd63:d8cd:4bb1
2a05:d018:483:6130:61a0:d66d:b7a4:938b
2a05:d018:483:6130:7095:9e50:e827:1089
3.248.111.124
89.191.67.206
89.191.67.79
95.216.40.29
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
082b0736a3408950e50fd65a090921003fe83d89ec6e3084549a01d5dfa9e854
0a2617768e184d5ddcc9a4e65b4780f0028502af41c54c438c18177bcaf581aa
16f688bad571627f2a40dad80951a0220fa5d11cdf8fb2888bf2887c53811c7d
194bd0e95105b6449c9af6721226d712bf5308fc7c26636fdc57d8ec6d6b07b1
1f7d2c3531d69cfbe60645d3598cd42626e0725c2ce02eb21f3ba2ff13c36c7f
27b68b172858b007dc7b2fc3ac81b6a87924bc8520f5592850a1283a65b69af3
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
4122f214f47bf170342826a86092121db1a8ac7cb3c0f899a1ede8b6b96f27c8
557d363d99fd7149e902776c681f9aec60ee6252f382b5d7952e9242ee855002
5eecac60daf67e9978b368ef66fe2b25e1f0a61da04d77ee55905ac53d1a1cf9
6940c5b5a5666a0118aedab329800532850e7f60fc52da009a3df20eb65dfe10
73252363e8f1ef98ad515d39a686e08c38b766004f1a15c9eecacacc259e136c
78acf37b6c980a9d638c2a825bf0e419f65d68d6fffab3f3063270151f5aadec
7b6da3533e9b40504dc73852d5b68bc910ebd0663ab0f4908768a1a943309ff1
7c7a72688694d2553c8023ef8f18ca3d45e065f939249af0dcac2c3ac8f09d45
7f4e31beb4137909805be8ecdd8a5417036e606d0f5105a9cb4cdf2d2356f1d2
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
984d6e82dce7262e5c27733ab7c2521a1f25f4a3ec2a1839620e053d3eec78bb
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
b083ec084e164a478501b562844006aa6c96a37b04446904578a6269fa843a69
c48feaca5f6fa70585397cfbfb1ffd5a41b98ff4959d2c36d6f8b2f1f5b06de1
d31bef450ee67b64f9b70bfdf41fe4e00c65438705cc1fbb48ea6026d3a5d697
ef82e74f6f6990329deb8e624baaa319380550e92d4a034929886357899a1735
f36b26eda4126341037f5b50c7603b2b7d16a70a08ad588ea5f767e719c52f2e
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995