de3.getyourcashcom.com Open in urlscan Pro
168.119.31.202 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html#QORHNZC44FT4.QORHNZC44FT4?dYCTywccxr3jcxxrmcdcKBdmc5D6qfcJVcbbb4M
Effective URL:
https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&
Submission: On March 28 via manual (March 28th 2023, 6:18:21 am UTC) from PK — Scanned from DE

Summary HTTP 69 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 18 domains to perform 69 HTTP transactions. The main IP is 168.119.31.202, located in Germany and belongs to HETZNER-AS, DE. The main domain is de3.getyourcashcom.com.
TLS certificate: Issued by R3 on March 10th 2023. Valid for: 3 months.

This is the only time de3.getyourcashcom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a00:1450:400... 2a00:1450:4001:830::2010	15169 (GOOGLE) (GOOGLE)
1 1	38.45.81.138 38.45.81.138	36113 (UTL-42-36113) (UTL-42-36113)
1 1	141.95.107.214 141.95.107.214	16276 (OVH) (OVH)
1 1	54.176.10.64 54.176.10.64	16509 (AMAZON-02) (AMAZON-02)
1 4	168.119.31.202 168.119.31.202	24940 (HETZNER-AS) (HETZNER-AS)
4	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700:20:... 2606:4700:20::ac43:47b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	178.63.95.88 178.63.95.88	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e4:... 2606:4700:e4::ac40:a916	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	34.149.66.229 34.149.66.229	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	116.203.55.53 116.203.55.53	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::681a:f1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
69	20

1 2a00:1450:4001:830::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.45.81.138 (South Bend, United States) 1 redirects

ASN36113 (UTL-42-36113, US)
PTR: playfulwise.com

weatherthisday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.107.214 (France) 1 redirects

ASN16276 (OVH, FR)

www.theniemannbest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.176.10.64 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-176-10-64.us-west-1.compute.amazonaws.com

tracking.trkkadsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 168.119.31.202 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: s1.golead.de

campaign.golead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de3.getyourcashcom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::ac43:47b8 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.63.95.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: s5.golead.systems

mypixel.golead.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e4::ac40:a916 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 34.149.66.229 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.66.149.34.bc.googleusercontent.com

asmexp-de.int.userwerk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.203.55.53 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.55.203.116.clients.your-server.de

germanype.mycleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:f1f (United States)

ASN13335 (CLOUDFLARENET, US)

api.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	userwerk.com asmexp-de.int.userwerk.com	415 KB
14	cleverpush.com static.cleverpush.com — Cisco Umbrella Rank: 16499 api.cleverpush.com — Cisco Umbrella Rank: 17031	148 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	460 KB
6	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 399 ajax.googleapis.com — Cisco Umbrella Rank: 309 fonts.googleapis.com — Cisco Umbrella Rank: 31	37 KB
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1390 ka-f.fontawesome.com — Cisco Umbrella Rank: 2595	100 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 783 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2339	114 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	27 KB
3	golead.systems mypixel.golead.systems	2 KB
3	getyourcashcom.com de3.getyourcashcom.com	215 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 70	350 B
1	mycleverpush.com germanype.mycleverpush.com	27 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	44 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	1 KB
1	golead.de 1 redirects campaign.golead.de	831 B
1	trkkadsm.com 1 redirects tracking.trkkadsm.com	2 KB
1	theniemannbest.com 1 redirects www.theniemannbest.com — Cisco Umbrella Rank: 467932	640 B
1	weatherthisday.com 1 redirects weatherthisday.com	291 B
69	18

	Domain	Requested by
15	asmexp-de.int.userwerk.com	mypixel.golead.systems asmexp-de.int.userwerk.com de3.getyourcashcom.com
10	static.cleverpush.com	de3.getyourcashcom.com static.cleverpush.com germanype.mycleverpush.com
5	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	api.cleverpush.com	static.cleverpush.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	ka-f.fontawesome.com	kit.fontawesome.com de3.getyourcashcom.com
4	fonts.googleapis.com	de3.getyourcashcom.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com de3.getyourcashcom.com
3	www.google.com	de3.getyourcashcom.com www.gstatic.com www.google.com
3	mypixel.golead.systems	de3.getyourcashcom.com mypixel.golead.systems
3	de3.getyourcashcom.com	storage.googleapis.com de3.getyourcashcom.com
2	stackpath.bootstrapcdn.com	de3.getyourcashcom.com stackpath.bootstrapcdn.com
2	maxcdn.bootstrapcdn.com	de3.getyourcashcom.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	germanype.mycleverpush.com	static.cleverpush.com
1	www.googletagmanager.com	de3.getyourcashcom.com
1	kit.fontawesome.com	de3.getyourcashcom.com
1	cdnjs.cloudflare.com	de3.getyourcashcom.com
1	ajax.googleapis.com	de3.getyourcashcom.com
1	campaign.golead.de	1 redirects
1	tracking.trkkadsm.com	1 redirects
1	www.theniemannbest.com	1 redirects
1	weatherthisday.com	1 redirects
1	storage.googleapis.com
69	24

This site contains links to these domains. Also see Links.

Domain
www.bluemediaads.com
www.complead.de
your-deal.info
www.couponarchiv.de
eflow.one
www.einsaperformance.de
www.fid-verlag.de
www.leadspot.de
makromedia-online.de
www.marken-media.com
www.nuernberger.de
www.cashbackdeals.de
www.outspot.nl
redlemonmedia.com
www.silvermedia.de
www.super-sparfuechse.com
testenbewertenbehalten.de
www.trafficrunner.de
www.zmail.de
exclusiv-marketing.com
www.pmiprivacy.com
www.gewinnfuxx.com
www.accprintmedien.com
adm-medienpress.de
www.burda-versichert.de
energy2day.de
nexurio.de
proauris.com
www.daydreams.de
www.boesche.de
www.bauermedia.com
www.curablu.de
www.hausgold.de
pflegehase.de
mivolta.de
www.privacyshield.gov
www.google.de
www.google.com
support.google.com
tools.google.com
www.facebook.com
www.youronlinechoices.com
www.sovendus.de
cleverpush.com

Subject Issuer	Validity	Valid
storage.googleapis.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
de3.getyourcashcom.com R3	`2023-03-10` - `2023-06-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
mypixel.golead.systems R3	`2023-03-09` - `2023-06-07`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.int.userwerk.com R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.mycleverpush.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-06` - `2023-06-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&
Frame ID: FDB847DC73C8DBE33FDDF78F4D7CBA68
Requests: 46 HTTP requests in this frame

Frame: https://germanype.mycleverpush.com/iframe?origin=https%3A%2F%2Fde3.getyourcashcom.com
Frame ID: 2EE1DEB7917BE906069E1D993E72B5C8
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldbg_8cAAAAAEIpgYdN3DX_JAS0gNZUNsDeIdkr&co=aHR0cHM6Ly9kZTMuZ2V0eW91cmNhc2hjb20uY29tOjQ0Mw..&hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L&size=invisible&cb=b7g87nbowhii
Frame ID: 7F5B90FF9DE4DC39F33A15986F2C77AF
Requests: 7 HTTP requests in this frame

Frame: https://asmexp-de.int.userwerk.com/welcome/3vd73s139evom7hn/asmexp-de
Frame ID: 2EBAD690887E998575534F79CE1C7650
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Glückwunsch!

Page URL History Show full URLs

https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html Page URL
http://weatherthisday.com/anchorQORHNZC44FT4.QORHNZC44FT4?dYCTywccxr3jcxxrmcdcKBdmc5D6qfcJVcbbb4M HTTP 302
https://www.theniemannbest.com/59k8wh9/qmt2lb1/?sub1=2_285891_2580301&sub2=2007_2567350_3746456_61&sub3=750... HTTP 302
https://tracking.trkkadsm.com/aff_c?offer_id=499&aff_id=1122&aff_click_id=121ecd72c852453185b3a86779aaa3ad... HTTP 302
https://campaign.golead.de/de3,getyourcashcom,com_553.html?idPartner=43&idCampaignAd=0&subId=1122-2656&... HTTP 302
https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a867... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

69
Requests

100 %
HTTPS

68 %
IPv6

18
Domains

24
Subdomains

20
IPs

4
Countries

1612 kB
Transfer

3526 kB
Size

10
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: http://www.bluemediaads.com/gtc.html
Title: http://www.bluemediaads.com/gtc.html

Search URL Search Domain Scan URL

URL: https://www.complead.de/datenschutz.php
Title: www.complead.de/datenschutz

Search URL Search Domain Scan URL

URL: https://your-deal.info/datenschutz/
Title: https://your-deal.info/datenschutz/

Search URL Search Domain Scan URL

URL: https://www.couponarchiv.de/
Title: www.couponarchiv.de

Search URL Search Domain Scan URL

URL: https://eflow.one/
Title: www.eflow.one

Search URL Search Domain Scan URL

URL: https://www.einsaperformance.de/
Title: www.einsaperformance.de

Search URL Search Domain Scan URL

URL: https://www.fid-verlag.de/datenschutz.php
Title: https://www.fid-verlag.de/datenschutz.php

Search URL Search Domain Scan URL

URL: https://www.leadspot.de/datenschutz/
Title: https://www.leadspot.de/datenschutz/

Search URL Search Domain Scan URL

URL: https://makromedia-online.de/datenschutz.html
Title: https://makromedia-online.de/datenschutz.html

Search URL Search Domain Scan URL

URL: https://www.marken-media.com/
Title: www.marken-media.com

Search URL Search Domain Scan URL

URL: https://www.nuernberger.de/datenschutz/)
Title: https://www.nuernberger.de/datenschutz/)

Search URL Search Domain Scan URL

URL: https://www.cashbackdeals.de/static/privacy
Title: www.cashbackdeals.de/static/privacy

Search URL Search Domain Scan URL

URL: https://www.outspot.nl/
Title: www.outspot.nl

Search URL Search Domain Scan URL

URL: https://redlemonmedia.com/datenschutz/
Title: https://redlemonmedia.com/datenschutz/

Search URL Search Domain Scan URL

URL: https://www.silvermedia.de/datenschutz/
Title: https://www.silvermedia.de/datenschutz/

Search URL Search Domain Scan URL

URL: https://www.super-sparfuechse.com/nutzungsbedingungen/
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://testenbewertenbehalten.de/nutzungsbedingungen/
Title: https://testenbewertenbehalten.de/nutzungsbedingungen/

Search URL Search Domain Scan URL

URL: http://www.trafficrunner.de/
Title: www.trafficrunner.de

Search URL Search Domain Scan URL

URL: https://www.zmail.de/datenschutzerklaerung.pdf
Title: https://www.zmail.de/datenschutzerklaerung.pdf

Search URL Search Domain Scan URL

URL: https://exclusiv-marketing.com/datenschutzerklaerung/
Title: https://exclusiv-marketing.com/datenschutzerklaerung/

Search URL Search Domain Scan URL

URL: https://www.pmiprivacy.com/de-de/consumer
Title: https://www.pmiprivacy.com/de-de/consumer

Search URL Search Domain Scan URL

URL: https://www.gewinnfuxx.com/datenschutzerklaerung/
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://www.accprintmedien.com/policy.html
Title: https://www.accprintmedien.com/policy.html

Search URL Search Domain Scan URL

URL: https://adm-medienpress.de/allgemeines/datenschutz/
Title: https://adm-medienpress.de/allgemeines/datenschutz/

Search URL Search Domain Scan URL

URL: https://www.burda-versichert.de/de/cms/datenschutzinformation-art-14.html
Title: Datenschutzinformation nach Art. 14 EU-DSGVO

Search URL Search Domain Scan URL

URL: https://energy2day.de/
Title: https://energy2day.de/

Search URL Search Domain Scan URL

URL: https://nexurio.de/datenschutzerklaerung/
Title: https://nexurio.de/datenschutzerklaerung/

Search URL Search Domain Scan URL

URL: https://proauris.com/index.php/datenschutz
Title: https://proauris.com/index.php/datenschutz

Search URL Search Domain Scan URL

URL: https://www.daydreams.de/datenschutzinformation_Artikel_14
Title: Datenschutzinformation nach Art. 14 EU-DSGVO

Search URL Search Domain Scan URL

URL: https://www.boesche.de/datenschutz?WKZ=06697&pid=9999
Title: https://www.boesche.de/datenschutz?WKZ=06697&pid=9999

Search URL Search Domain Scan URL

URL: https://www.bauermedia.com/
Title: www.bauermedia.com

Search URL Search Domain Scan URL

URL: https://www.curablu.de/
Title: www.curablu.de

Search URL Search Domain Scan URL

URL: https://www.hausgold.de/datenschutz/
Title: https://www.hausgold.de/datenschutz/

Search URL Search Domain Scan URL

URL: https://pflegehase.de/datenschutz/
Title: https://pflegehase.de/datenschutz/

Search URL Search Domain Scan URL

URL: https://mivolta.de/
Title: https://mivolta.de/

Search URL Search Domain Scan URL

URL: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
Title: (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active)

Search URL Search Domain Scan URL

URL: http://www.google.de/intl/de/policies/privacy/?hl=de
Title: http://www.google.de/intl/de/policies/privacy/?hl=de

Search URL Search Domain Scan URL

URL: https://www.google.com/policies/privacy/partners/?hl=de
Title: https://www.google.com/policies/privacy/partners/?hl=de

Search URL Search Domain Scan URL

URL: https://support.google.com/analytics/answer/6004245?hl=de
Title: https://support.google.com/analytics/answer/6004245?hl=de

Search URL Search Domain Scan URL

URL: http://tools.google.com/dlpage/gaoptout?hl=de
Title: http://tools.google.com/dlpage/gaoptout?hl=de

Search URL Search Domain Scan URL

URL: http://www.google.de/intl/de/policies/privacy/
Title: http://www.google.de/intl/de/policies/privacy/

Search URL Search Domain Scan URL

URL: https://www.google.com/policies/privacy/
Title: https://www.google.com/policies/privacy/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/about/privacy/
Title: Facebook-Datenverwendungsrichtlinie

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen
Title: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen

Search URL Search Domain Scan URL

URL: http://www.youronlinechoices.com/de/praferenzmanagement/
Title: http://www.youronlinechoices.com/de/praferenzmanagement/

Search URL Search Domain Scan URL

URL: https://www.sovendus.de/datenschutz/
Title: www.sovendus.de/datenschutz

Search URL Search Domain Scan URL

URL: https://cleverpush.com/
Title: Powered by CleverPush

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html Page URL
http://weatherthisday.com/anchorQORHNZC44FT4.QORHNZC44FT4?dYCTywccxr3jcxxrmcdcKBdmc5D6qfcJVcbbb4M HTTP 302
https://www.theniemannbest.com/59k8wh9/qmt2lb1/?sub1=2_285891_2580301&sub2=2007_2567350_3746456_61&sub3=750409677_80-255-7-103 HTTP 302
https://tracking.trkkadsm.com/aff_c?offer_id=499&aff_id=1122&aff_click_id=121ecd72c852453185b3a86779aaa3ad&sub1=2656 HTTP 302
https://campaign.golead.de/de3,getyourcashcom,com_553.html?idPartner=43&idCampaignAd=0&subId=1122-2656&subIdentifier=102f0f9548014930cbc81f48ae8b00&aps=121ecd72c852453185b3a86779aaa3ad______ HTTP 302
https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

69 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 aemmfcylvxeo.html
storage.googleapis.com/hqyoqzatqthj/ 112 B
686 B 250ms
150ms Document
text/html 2a00:1450:4001:830::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-length: 112
content-type: text/html
date: Tue, 28 Mar 2023 06:18:12 GMT
etag: "5ea8dcbdee457e4eecc460e5573da042"
expires: Tue, 28 Mar 2023 07:18:12 GMT
last-modified: Thu, 14 Apr 2022 11:29:51 GMT
server: UploadServer
x-goog-generation: 1649935791079442
x-goog-hash: crc32c=m72cOA== md5=Xqjcve5Ffk7sxGDlVz2gQg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 112
x-guploader-uploadid: ADPycdtMIRqVLpxODq2xfRwbMO_TlZUgnpHLQj3c6sbsmrGAoOdC02gmcbH_Xno8UOwvGwE4u1y8oYV8yQihWgNe6lpegg

GET
H/1.1

200
OK

Primary Request campaign_1059.html Show response
de3.getyourcashcom.com/
Redirect Chain

http://weatherthisday.com/anchorQORHNZC44FT4.QORHNZC44FT4?dYCTywccxr3jcxxrmcdcKBdmc5D6qfcJVcbbb4M
https://www.theniemannbest.com/59k8wh9/qmt2lb1/?sub1=2_285891_2580301&sub2=2007_2567350_3746456_61&sub3=750409677_80-255-7-103
https://tracking.trkkadsm.com/aff_c?offer_id=499&aff_id=1122&aff_click_id=121ecd72c852453185b3a86779aaa3ad&sub1=2656
https://campaign.golead.de/de3,getyourcashcom,com_553.html?idPartner=43&idCampaignAd=0&subId=1122-2656&subIdentifier=102f0f9548014930cbc81f48ae8b00&aps=121ecd72c852453185b3a86779aaa3ad______
https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&

161 KB
37 KB

430ms
318ms

Document
text/html

168.119.31.202
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.31.202 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.golead.de
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: ed5478576cc3fdfbf4dc80c45e96cd364b3b3c6dd0cb0e9066023709314491cb

Request headers

Referer: https://storage.googleapis.com/hqyoqzatqthj/aemmfcylvxeo.html#QORHNZC44FT4.QORHNZC44FT4?dYCTywccxr3jcxxrmcdcKBdmc5D6qfcJVcbbb4M
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 36869
Content-Type: text/html; charset=UTF-8
Date: Tue, 28 Mar 2023 06:18:15 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=5000
Pragma: no-cache
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Length: 2
Content-Type: text/html; charset=UTF-8
Date: Tue, 28 Mar 2023 06:18:15 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=5000
Location: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&
Pragma: no-cache
Server: Apache/2.4.41 (Ubuntu)

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 146ms
49ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: de3.getyourcashcom.com
URL: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 632, 617, 617, 617
age: 3364330
cdn-cachedat: 2021-06-08 21:21:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: f3a3007506374a305b1a96efe5ee1490
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7aedc138bd3d085b-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 133ms
40ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: de3.getyourcashcom.com
URL: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 00:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Mar 2024 00:44:55 GMT

GET
H2 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.0/ 1 KB
1 KB 141ms
45ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.0/jquery.cookie.min.js

Requested by

Host: de3.getyourcashcom.com
URL: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a63ad5db399cbf133df4954868d069a0438e0f43082a25b09bd884deb1fe77c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4553593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 579
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-4f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CmUmPJoWUc4d8Wh%2FJFXaEGB8BR%2BqSW0wlXoGjldRqHWN4nfz8CAkGRX4tg3VdCAQ%2FLUI3FxTUYIzgCG4lMXX3mT8iaueVBeJK5sKOsfbEVefC3tvDKcJUA0Ct2PZ6KQO4ekrW377G4N8ga6%2BlLu9ZT8%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7aedc138b9fb9b5e-FRA
expires: Sun, 17 Mar 2024 06:18:15 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 152ms
56ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: de3.getyourcashcom.com
URL: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 755
age: 6925547
cdn-cachedat: 12/13/2021 20:18:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 48135f30fbfcba704628453df5764d8f
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7aedc138bd3e085b-FRA
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 148ms
52ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: de3.getyourcashcom.com
URL: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://de3.getyourcashcom.com/
Origin: https://de3.getyourcashcom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 755
age: 4748292
cdn-cachedat: 12/08/2022 20:58:03
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 82856ddf11fbdeb734c3af93c3d60cdc
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7aedc138af2035f9-FRA
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 393 B
385 B 150ms
58ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Patua+One&display=swap

Requested by

Host: de3.getyourcashcom.com
URL: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

077b9afdeb524bca60b2a640771a7ae4590eb74b23c039102907833e05026300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Mar 2023 06:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 06:14:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Mar 2023 06:18:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
828 B 144ms
52ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:100,300,400,500,700

Requested by

Host: de3.getyourcashcom.com
URL: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41191d77d044691c96c90990bfe4693775ab4a3aad4ada259c3605d1970052d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Mar 2023 06:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 06:16:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Mar 2023 06:18:15 GMT

GET
H2 200 7b09c35fb3.js Show response
kit.fontawesome.com/ 11 KB
4 KB 142ms
53ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/7b09c35fb3.js

Requested by

Host: de3.getyourcashcom.com
URL: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ef0bec33935704ef1be3a00f8acde16478e2fc57179bd4ee06ca483cabaacaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://de3.getyourcashcom.com/
Origin: https://de3.getyourcashcom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:15 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 18
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7aedc138af325bf1-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F1BUCvi-gSp-3Z0AClAC

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 141ms
49ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i

Requested by

Host: de3.getyourcashcom.com
URL: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4480cf4143094a283f0f8410158bba81ea7a95d60a8e5f9753ff29d36d1ad11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Mar 2023 06:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 05:01:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Mar 2023 06:18:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
716 B 145ms
53ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@700&display=swap

Requested by

Host: de3.getyourcashcom.com
URL: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc17c49b62fd41489cf9869d0f74778033d4597c6957f496c9e98dd20570d937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Mar 2023 06:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 05:53:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Mar 2023 06:18:15 GMT

GET
H2 200 y2XXnwciXs6sDAFHb.js Show response
static.cleverpush.com/channel/loader/ 205 KB
53 KB 151ms
52ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/channel/loader/y2XXnwciXs6sDAFHb.js
Requested by: Host: de3.getyourcashcom.com
URL: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09e04cf3eb46b7a6585169ccf558849645b10b341eb7874bee268c4bc2f88cdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: H51CTS2Q727H40YW
age: 277
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: SgxA1c1ZX1ZsdgqAaV7iXP4HiwZceYnLMh/ThxNKAEsdiQBNnofu04c+xxBemLGaU9KTc33wAp4=
last-modified: Mon, 27 Mar 2023 00:02:01 GMT
server: cloudflare
etag: W/"198412f63d3aac5a7f375d014b9daa3d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzp7bfdhw4mJWOmxwpVzfZRHQRXx6thIfmwk7XD1Ca%2F8%2F4JTzq4K%2BQCzTKJ%2BKhzljxzfElto4%2Bfs3DKMhyqOBLJzWlnPxblMjyOXLhBjDaosvG2eXz5H5SO5%2BDB9pC7hvIly8gnvjbC0eGvgm76ZDXYZPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=21600
cf-ray: 7aedc139df1a37e8-FRA

GET
H/1.1 200
OK banner,de,paypal,1500x800.jpg
de3.getyourcashcom.com/media/adresseManager/microSiteImg/1059/ 177 KB
177 KB 38ms
37ms Image
image/jpeg 168.119.31.202
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de3.getyourcashcom.com/media/adresseManager/microSiteImg/1059/banner,de,paypal,1500x800.jpg
Requested by: Host: de3.getyourcashcom.com
URL: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.31.202 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.golead.de
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 02388458c5747c60184ee01dc7ca569a2ff3b65e5469de86600b529629fac7b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 06:18:15 GMT
Last-Modified: Tue, 11 Jan 2022 10:43:19 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "2c29b-5d54c1f1630dd"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=4999
Content-Length: 180891

GET
H/1.1 200
OK script.js Show response
mypixel.golead.systems/ 1005 B
900 B 139ms
40ms Script
application/javascript 178.63.95.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mypixel.golead.systems/script.js
Requested by: Host: de3.getyourcashcom.com
URL: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.95.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s5.golead.systems
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: ba6a7eb9acf869a02a1f607e569cb9336d863de1addac148cce418a1e63b9c2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 06:18:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 May 2022 05:48:03 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "3ed-5dfbb800bfc1a-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 550

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
904 B 139ms
51ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Ldbg_8cAAAAAEIpgYdN3DX_JAS0gNZUNsDeIdkr

Requested by

Host: de3.getyourcashcom.com
URL: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e58c517f39f4b11e00b45c3bc3b46f73322e2e064a45de094db0038604dfb85d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 584
x-xss-protection: 1; mode=block
expires: Tue, 28 Mar 2023 06:18:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 140ms
52ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-131916334-1

Requested by

Host: de3.getyourcashcom.com
URL: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8b5e961eadf54aeab0eb28c47ea3af8a69573a70dfb8d0bf825bceebac00a0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44896
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Mar 2023 06:18:15 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 154ms
51ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=7b09c35fb3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7b09c35fb3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:16 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 449077
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKpKI%2Fchpa9Yli1TTwnwGwyiN9uUVpk89os%2Br0S3imvifNhibKvok0h88HK1r5BrMZAUA7fjHeDj9RMLyr%2FYATIwAJm1Y4WjbEtepB314JpEkVgS9%2FaajyA2fevC40qTmXUaNsfaYddU9fO54jQipNLUOw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7aedc139fbc130c6-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: ZcVTgPeEhKfNqT9SFkP1S49aluQVCYrwZGhXPavCbEW_71JSJepVzA==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 152ms
50ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=7b09c35fb3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7b09c35fb3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:16 GMT
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P2
age: 4478411
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vcB9Qt7l1IaE8%2FhCoGbJHEYI2FCURqiI18i9%2FRPbOODky%2FtIx3j9g%2FVuwkTi2bfMGCPdWQ8W7Yi5TDyVhWd8gE01%2BgMERTprU2bB%2BigBTaYRY%2BjegqqR81RFeED6pbq%2FZ3jNbAtAdLV5cxgnb%2BXKwX9Uuw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7aedc139fbc430c6-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: OJC4r1fYhfqGBjH7ALdZNdD0XaJkeicvYNpCqRk0RlaMMnJFpCfTNg==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 158ms
56ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=7b09c35fb3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7b09c35fb3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:16 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA50-C1
age: 24739838
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1kpPS9cfnZJfS7ADYbfmPaszdio8jbJZJX0Lcr%2BTs%2FLz5HudMagiQVnVlVGZDiTB%2BWLBno5NPYhQpcioFdgGp7WfwiYRq8mjfcXL3FEk7wRZl4AaKpV6VlmMpK63QsN8hBO5W55iHAnu%2BK8EypzUC0Wyg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7aedc139fbc530c6-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: YoKbvoTp6xFCqFBWEE3Ora0Ch1hRuzVkCBgA9Uaaxluc68yUK6jT4A==

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c72010e02c94dcfe5626eddefc488ecb17590ae2c9e7034f878de6b38ec32f92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 47ms
46ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://de3.getyourcashcom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1029
age: 3089886
cdn-cachedat: 01/02/2023 00:17:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 01f881db720907b7285a51a7f07d29db
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7aedc1395fed35f9-FRA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK script.js Show response
mypixel.golead.systems/1fh/ 989 B
958 B 158ms
78ms XHR
application/javascript 178.63.95.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mypixel.golead.systems/1fh/script.js?anrede=&tokenId=57964530&vorname=&nachname=&email=&strasse=&hausnr=&land=&plz=&ort=&telefon=&geburtsDatumDE=&geburtsDatumEN=--&geburtsJahr=&angabeBlacklistTreffer=&idDatensatzKampagne=&idAmKampagne=1059&idPartner=&subId=&subIdentifier=&zielseite=adressdata1&medium=desktop&zielseite_medium=adressdata1_desktop&randomMD5=e0b527a1266377bc8b4152aadb3e0f44&unixTimestamp=1679984295
Requested by: Host: mypixel.golead.systems
URL: https://mypixel.golead.systems/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.95.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s5.golead.systems
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 290bc2143d47df68a9e6ae62659cd2fcfa22bc93188759adbc6a82cc2546c9c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 06:18:16 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 490
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 uw.js Show response
asmexp-de.int.userwerk.com/ 181 KB
181 KB 152ms
49ms Script
application/javascript 34.149.66.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asmexp-de.int.userwerk.com/uw.js
Requested by: Host: mypixel.golead.systems
URL: https://mypixel.golead.systems/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.66.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 229.66.149.34.bc.googleusercontent.com
Software: nginx/1.15.8 /
Resource Hash: b08618aea91da8a49a3194e51514026d953e4ae18c8cdf299e50773067daa251

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:16 GMT
via: 1.1 google
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx/1.15.8
etag: "0-2d2a4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 184996
expires: Tue, 28 Mar 2023 06:23:16 GMT

GET
H/1.1 200
OK script.js Show response
mypixel.golead.systems/1bd/ 0
418 B 68ms
68ms XHR
application/javascript 178.63.95.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mypixel.golead.systems/1bd/script.js?idPartner=43&subId=1122-2656&idAmKampagne=1059&zielseite=adressdata1
Requested by: Host: mypixel.golead.systems
URL: https://mypixel.golead.systems/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.95.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s5.golead.systems
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 06:18:16 GMT
Server: Apache/2.4.29 (Ubuntu)
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK select.arrow.png
de3.getyourcashcom.com/custom/ 1 KB
1 KB 39ms
39ms Image
image/png 168.119.31.202
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de3.getyourcashcom.com/custom/select.arrow.png
Requested by: Host: de3.getyourcashcom.com
URL: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.31.202 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.golead.de
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 49c206f904248006e1a6204cf40a9d1976911ee88e4eb4406e9d8783eef4d99c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 06:18:16 GMT
Last-Modified: Wed, 13 Jan 2021 16:08:17 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "44e-5b8ca58dd470a"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=4998
Content-Length: 1102

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/ 409 KB
165 KB 131ms
39ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ldbg_8cAAAAAEIpgYdN3DX_JAS0gNZUNsDeIdkr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d3f75dcb2320ed386f2dcb0ef91e545558ded6c268cda18015869cb59658d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://de3.getyourcashcom.com/
Origin: https://de3.getyourcashcom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 16:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167834
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 04:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Mar 2024 16:48:59 GMT

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 46ms
45ms Font
font/woff2 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by: Host: de3.getyourcashcom.com
URL: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer: https://de3.getyourcashcom.com/
Origin: https://de3.getyourcashcom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:16 GMT
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P2
age: 10711276
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78168
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iibQOpsiTfMl4nkoudFcf2E7PPttq6G63%2B14sOq5aaDrYKOThXAqctBO0FLAbKoMipWS5Oo68xPjUQrmt3WpLGMJmqJDA0w5y5Rv62J0H8RkJ76YB13VWwUv2Jaml1rxF%2BxYusosy0aXjJnIXwP16SSS3g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7aedc13bcdfb30c6-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 0KAazB_BtiJz5EXC1asmb_24_1Y_3_43rh_04EGZLONqfJARqyhB3A==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 128ms
39ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:100,300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://de3.getyourcashcom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:39 GMT
x-content-type-options: nosniff
age: 596437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 132ms
39ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131916334-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 06:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 785
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 28 Mar 2023 08:05:11 GMT

GET
H2 200 5.eb7baa8d944dc4180981.js Show response
static.cleverpush.com/sdk/chunk/ 34 KB
9 KB 50ms
49ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/5.eb7baa8d944dc4180981.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/y2XXnwciXs6sDAFHb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a64cfc4c0d97dcabec4eb950ee82d4658f774e293a988a7a754de32d368c761

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: A1BCH2ND6BRJ4AQP
age: 8859
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Nd+2tvSGZHnTH73DYqHCYf4+UhKFIsS5PXJwteZeKbIZe0FZkhLlZt6cZz+I1oMNcGNHn38G+aw=
last-modified: Mon, 27 Mar 2023 15:50:25 GMT
server: cloudflare
etag: W/"900354f929ef21be639f89adcd7b722c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUA7Ds8QP4JcD3MGv43hZqT6L3uKs06FxNVZolMBpkxNdUff3LKUBm8eIhyno6c6qxlj3GLebr%2Fs4iOmb9S1l4TRoeUtwoUn4pAFEmOPflRNYP8IpBP%2BODBaHMwDcXg0ZXZjvHMl63Y8PW%2FC1enY8953Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7aedc13bf99637e8-FRA

GET
H2 200 251.ff5b3c0c290e9961835b.js Show response
static.cleverpush.com/sdk/chunk/ 5 KB
3 KB 48ms
48ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/y2XXnwciXs6sDAFHb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: A1B8NSV0Y5Z1MJB6
age: 8859
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: PnURvjTdTowS0GB786HBaG5EAZcZq8kAWPrqF/W4Kmsy4MhBP7xYjFI4SrpAjD1siHeCRG6PCp4=
last-modified: Mon, 27 Mar 2023 15:50:25 GMT
server: cloudflare
etag: W/"e89cddaa8c63cff3a495570a91d5e690"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BAxyFqCJRCodO%2BMXNJ%2Bt4lHCLYnlIOW1RffMUaVInOXdS%2F%2BfClCyooKW%2Fb8EBWG1Sne0z24i3KD55HtU92ze5cQ37RuWePxuNqmEGIdkAvP0RzcIjMM7oB5SazbJ4Dmn9CZZg57wTrJJXJVk7dYE4RCwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7aedc13bf99737e8-FRA

GET
H2 200 115.2b1e988b31d49750e72d.js Show response
static.cleverpush.com/sdk/chunk/ 14 KB
4 KB 47ms
46ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/115.2b1e988b31d49750e72d.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/y2XXnwciXs6sDAFHb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6be796b6c9cb934a37df2c899803cac24d04662a4db5cab1b2387ad066a900a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: A1B5F04XZZSAJ8JD
age: 8859
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: K2yDZfR2TOJxWWcw3Or1ezDCx3L4fKDYL+oD5DSypb/euXucUz6BnBMQDo37iKBWpgr6aqsfhko=
last-modified: Mon, 27 Mar 2023 15:50:24 GMT
server: cloudflare
etag: W/"c80d36d150a6a273ff2e0ce5e80bb3be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNKMgYMe%2FdN%2BitO%2FmJtubRKbiUdnnvcwP0tXaBz0Gflu%2FhYZWbRI5eiaMfTeojTGDsoegUgIw3o0HwSNGGU8Jj%2Fd8quIG7xxMCYHri70uuE9PpobkkBHtnuVAU94Ii0E1aFjAtoFrqanwtvAoyDNW%2FVWMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7aedc13bf99937e8-FRA

GET
H2 200 iframe Show response
germanype.mycleverpush.com/ Frame 2EE1 71 KB
27 KB 149ms
41ms Document
text/html 116.203.55.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://germanype.mycleverpush.com/iframe?origin=https%3A%2F%2Fde3.getyourcashcom.com

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

116.203.55.53 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.53.55.203.116.clients.your-server.de

Software

Resource Hash

4c9d9aba09c983a0dbec2f9287fc154078181fbb8c235795e3528c06f31085be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://de3.getyourcashcom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept
cache-control: public, max-age=1800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 28 Mar 2023 06:18:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-backend-server: cleverpush-worker-44
x-cache-status: HIT
x-robots-tag: noindex

POST
H3 200 integration Show response
asmexp-de.int.userwerk.com/ 3 KB
3 KB 215ms
133ms Fetch
application/json 34.149.66.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asmexp-de.int.userwerk.com/integration
Requested by: Host: asmexp-de.int.userwerk.com
URL: https://asmexp-de.int.userwerk.com/uw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.66.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 229.66.149.34.bc.googleusercontent.com
Software: nginx/1.15.8 /
Resource Hash: 1762e06b90c3c828634b21d378db384cf8b42f9d10f7f47e052f947c4b35b5f4

Request headers

Referer: https://de3.getyourcashcom.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 28 Mar 2023 06:18:16 GMT
via: 1.1 google
server: nginx/1.15.8
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: x-dtpc, x-dtreferer,Origin,Content-Type,Accept,Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
149 B 48ms
47ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=330774492&t=pageview&_s=1&dl=https%3A%2F%2Fde3.getyourcashcom.com%2Fcampaign_1059.html%3FcoyoteAffiliTokenId%3D57964530%26aps%3D121ecd72c852453185b3a86779aaa3ad______%26&ul=en-us&de=UTF-8&dt=Gl%C3%BCckwunsch!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1066739053&gjid=1386519036&cid=1775745152.1679984296&tid=UA-131916334-1&_gid=338645611.1679984296&_r=1&gtm=457e33r0&jsscut=1&z=1172115846

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://de3.getyourcashcom.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 06:18:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://de3.getyourcashcom.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 39ms
39ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=330774492&t=event&_s=2&dl=https%3A%2F%2Fde3.getyourcashcom.com%2Fcampaign_1059.html%3FcoyoteAffiliTokenId%3D57964530%26aps%3D121ecd72c852453185b3a86779aaa3ad______%26&ul=en-us&de=UTF-8&dt=Gl%C3%BCckwunsch!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Adreserfassung1&ea=Pageview&el=DE%20-%20PayPal%201000%E2%82%AC%20Credit%20-%20PE&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=1775745152.1679984296&tid=UA-131916334-1&_gid=338645611.1679984296&gtm=457e33r0&jsscut=1&z=427579253

Requested by

Host: de3.getyourcashcom.com
URL: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43985
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7F5B 47 KB
26 KB 64ms
62ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldbg_8cAAAAAEIpgYdN3DX_JAS0gNZUNsDeIdkr&co=aHR0cHM6Ly9kZTMuZ2V0eW91cmNhc2hjb20uY29tOjQ0Mw..&hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L&size=invisible&cb=b7g87nbowhii

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

339192aea2634e2b4efbb28394e6fbc4d0bdb347423a9eb0593f0b0c4ade93da

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AIOOyuAaS7YX7yxzWyvtRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://de3.getyourcashcom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 26247
content-security-policy: script-src 'report-sample' 'nonce-AIOOyuAaS7YX7yxzWyvtRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 28 Mar 2023 06:18:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
350 B 153ms
48ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-131916334-1&cid=1775745152.1679984296&jid=1066739053&gjid=1386519036&_gid=338645611.1679984296&_u=YEBAAUAAAAAAACAAI~&z=797143685

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://de3.getyourcashcom.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 28 Mar 2023 06:18:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://de3.getyourcashcom.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 5.eb7baa8d944dc4180981.js Show response
static.cleverpush.com/sdk/chunk/ Frame 2EE1 34 KB
10 KB 49ms
49ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/5.eb7baa8d944dc4180981.js
Requested by: Host: germanype.mycleverpush.com
URL: https://germanype.mycleverpush.com/iframe?origin=https%3A%2F%2Fde3.getyourcashcom.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a64cfc4c0d97dcabec4eb950ee82d4658f774e293a988a7a754de32d368c761

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://germanype.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: A1BCH2ND6BRJ4AQP
age: 8859
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Nd+2tvSGZHnTH73DYqHCYf4+UhKFIsS5PXJwteZeKbIZe0FZkhLlZt6cZz+I1oMNcGNHn38G+aw=
last-modified: Mon, 27 Mar 2023 15:50:25 GMT
server: cloudflare
etag: W/"900354f929ef21be639f89adcd7b722c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NigqZTJW%2FqWSgxD2Bi3BausgtMdPyUET2mvmUf3nZ6l7ZUf3%2FckgfK3hyq20H%2BaUc4Bz53rMm9p8txF4WYaruzAm%2ByTGG9WrnPwSbJ5qA24konLfPKNGPdeeNJicXgCDsTg9xjXozcqOrIm2kyMqKxaEAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7aedc13d98183810-FRA

GET
H3 200 251.ff5b3c0c290e9961835b.js Show response
static.cleverpush.com/sdk/chunk/ Frame 2EE1 5 KB
3 KB 49ms
48ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by: Host: germanype.mycleverpush.com
URL: https://germanype.mycleverpush.com/iframe?origin=https%3A%2F%2Fde3.getyourcashcom.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://germanype.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: A1B8NSV0Y5Z1MJB6
age: 8859
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: PnURvjTdTowS0GB786HBaG5EAZcZq8kAWPrqF/W4Kmsy4MhBP7xYjFI4SrpAjD1siHeCRG6PCp4=
last-modified: Mon, 27 Mar 2023 15:50:25 GMT
server: cloudflare
etag: W/"e89cddaa8c63cff3a495570a91d5e690"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLGVagt2nbVnVHm%2BFZEVg47nvRRgOvnrEWBQdBsQZt9x87segtyaGlZyHhxCeGQY%2BSyhiE275JvNypavdE4WUp3WY0FIK0LIsIIqZWt%2Fo5C4QTHIn6WHxXy1Fszq47UDpjNerMI5CLbdKhYd%2FyE4zApGXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7aedc13d981c3810-FRA

GET
H3 200 818.d14fa91e68327303b09f.js Show response
static.cleverpush.com/sdk/chunk/ Frame 2EE1 7 KB
3 KB 88ms
88ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/818.d14fa91e68327303b09f.js
Requested by: Host: germanype.mycleverpush.com
URL: https://germanype.mycleverpush.com/iframe?origin=https%3A%2F%2Fde3.getyourcashcom.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80c68a7f7fef86917a386e37dceb47e6df66e3a33218035c64b02d4443c20d07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://germanype.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VFA23J59Z9RD1FBY
age: 8858
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Gl3REa4qYagMJagy+L3EAGNl3JgBAl2BOcF8ddvbFgjxfVoF8x0HCgeXcGHenrfNrfrQiFQdfHk=
last-modified: Mon, 27 Mar 2023 15:50:26 GMT
server: cloudflare
etag: W/"8fe57e5118d81b50c3d9d49a9c617931"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0CSjoOBMcxJdIILk%2BM44ITGQN4dq4IOOrmxdOzv6YGvO6TIIvYnThtVyEF1EktdpMZQcQwffGTbo5jWQneiflAPQnis1z2AeVWbGZZUrxMIB1F3qMYXzk1CuhxgTOV78cZmOW%2BO7VkjgLF81P7xAXvizA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7aedc13d981d3810-FRA

GET
H3 204 2023-03-28%2006:18:16.639000000%20UTC Show response
asmexp-de.int.userwerk.com/v2/integration/integration/rtt/3vd73s139evom7hn/-/2023-03-28%2006:18:16.421000000%20UTC/ 0
14 B 50ms
49ms Fetch 34.149.66.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asmexp-de.int.userwerk.com/v2/integration/integration/rtt/3vd73s139evom7hn/-/2023-03-28%2006:18:16.421000000%20UTC/2023-03-28%2006:18:16.639000000%20UTC
Requested by: Host: asmexp-de.int.userwerk.com
URL: https://asmexp-de.int.userwerk.com/uw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.66.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 229.66.149.34.bc.googleusercontent.com
Software: nginx/1.15.8 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:16 GMT
via: 1.1 google
server: nginx/1.15.8
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: x-dtpc, x-dtreferer,Origin,Content-Type,Accept,Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 uw_int.js Show response
asmexp-de.int.userwerk.com/assets/default/js/ 226 KB
78 KB 51ms
50ms Script
application/javascript 34.149.66.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asmexp-de.int.userwerk.com/assets/default/js/uw_int.js?v=1.5.106
Requested by: Host: asmexp-de.int.userwerk.com
URL: https://asmexp-de.int.userwerk.com/uw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.66.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 229.66.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 6b37c6b645d0d00dda2b960029c9c70c7245d1854d3718c016afbe225ac64780

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:16 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
etag: W/"0-386f0"
vary: Accept-Encoding
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 103.723d7d2c1f459bc8bb33.js Show response
static.cleverpush.com/sdk/chunk/ 96 KB
22 KB 50ms
49ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/103.723d7d2c1f459bc8bb33.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/y2XXnwciXs6sDAFHb.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0096d8abf9832a59cb36c723ded3dd921432f134e887a5f0d8b7821a9876a743

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: A1B6FM2M6NAP550H
age: 8859
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: EMyJ/2E/aPCZ3ep5E6NU8H1JNGNE4SNZV62UkA7iaFCZ/2A/L+b28RQc9S/b/776znuWiIecLOg=
last-modified: Mon, 27 Mar 2023 15:50:24 GMT
server: cloudflare
etag: W/"fba09f0a1fd8e7dd17acf513393f116f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UD9oiFcezQ%2F5wrWWgrJr9Js0IQ0oIxx5xm09i9DrLaaAxMZ6FiNKwqSEd1tzpZjzPGfELpBZsaQ6%2FlZU54%2Ba%2B00IrM5GPqf%2F1r1ohb2t4P4dDU3Sui93EokyFwVczkOZWNuepMtXLIZbabQYsWGYu3AHqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7aedc13e39273810-FRA

GET
H3 200 720.2c37f0013cc1e09b85ae.js Show response
static.cleverpush.com/sdk/chunk/ 47 KB
11 KB 47ms
47ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/720.2c37f0013cc1e09b85ae.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/y2XXnwciXs6sDAFHb.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03c4825b087764b44779cb9efe0a1f63509dbe7f0c1ce505feb9f4ff3c1a4f41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VFAFV3RXAK2BCP0Z
age: 8858
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: hvUTqZ5uyDlo3yHsT+mtz2snT9pcuZvHWZlYq2Mp4v4cScQ5JAOJLssdDUK/q1px2+AtFfvNYZI=
last-modified: Mon, 27 Mar 2023 15:50:26 GMT
server: cloudflare
etag: W/"8314267f4cb1f7d2128aea732d5096e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XeiZoKS7du%2ByQTAWzPPM9MTp7jzfm8KKRFwIheu5lLAfSiLBo%2BQnGCCaLeiZAsNStu5RbIwW9K4IQtC1Z%2FNsbjwBUreORQhyq1y58FoCZbR8BNUKiegy6wE2FEVhIN0rJCfkOd0k0A9vIGWDPYIHq0CGtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 7aedc13e39283810-FRA

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/ Frame 7F5B 55 KB
24 KB 133ms
52ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldbg_8cAAAAAEIpgYdN3DX_JAS0gNZUNsDeIdkr&co=aHR0cHM6Ly9kZTMuZ2V0eW91cmNhc2hjb20uY29tOjQ0Mw..&hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L&size=invisible&cb=b7g87nbowhii

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 15:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 04:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Mar 2024 15:09:01 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/ Frame 7F5B 409 KB
164 KB 120ms
40ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d3f75dcb2320ed386f2dcb0ef91e545558ded6c268cda18015869cb59658d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 16:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167834
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 04:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Mar 2024 16:48:59 GMT

POST
H3 200 asmexp-de Show response
asmexp-de.int.userwerk.com/welcome/3vd73s139evom7hn/ Frame 2EBA 53 KB
6 KB 261ms
261ms Document
text/html 34.149.66.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asmexp-de.int.userwerk.com/welcome/3vd73s139evom7hn/asmexp-de
Requested by: Host: de3.getyourcashcom.com
URL: https://de3.getyourcashcom.com/campaign_1059.html?coyoteAffiliTokenId=57964530&aps=121ecd72c852453185b3a86779aaa3ad______&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.66.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 229.66.149.34.bc.googleusercontent.com
Software: nginx/1.15.8 /
Resource Hash: 272128963039fc4c7f05b2db731c17b560d9a21a862be4b5a0df17d10ba63041

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://de3.getyourcashcom.com
Referer: https://de3.getyourcashcom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-dtpc, x-dtreferer,Origin,Content-Type,Accept,Authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 28 Mar 2023 06:18:16 GMT
server: nginx/1.15.8
vary: Accept-Encoding
via: 1.1 google

POST
H2 200 optin-visitor Show response
api.cleverpush.com/channel/ 16 B
350 B 61ms
61ms Fetch
application/json 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/optin-visitor

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/y2XXnwciXs6sDAFHb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json
Referer: https://de3.getyourcashcom.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Mar 2023 06:18:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server: cleverpush-worker-1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePO9D65vQAzj45igOo3bUdr1%2F%2BBPMWPeGkRuoZOT2dknwnGqrt6TJpaXECuXunZYIwyrWj8sJC4alL7tVsJMgtAL4EtWzQUZ61vLn6NobAP4aqKoHpKmpM4RsBmtlEr6OVJ25rqR4bNAK7uZ6fdSTw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache
cf-ray: 7aedc13fd9919b22-FRA
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language

OPTIONS
H2 200 optin-visitor
api.cleverpush.com/channel/ Frame 0
0 158ms
53ms Preflight
application/json 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/optin-visitor

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://de3.getyourcashcom.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7aedc13f89399b22-FRA
content-length: 0
content-type: application/json; charset=utf-8
date: Tue, 28 Mar 2023 06:18:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdxtBoBGEOKmD7%2BIG0o2CK7o89mwNQOCBWANdMSSbtTca6cr%2BaOVgUnB5Zad0Iz41MtMUhqv8PnHmRdL6DzidLBs5tRlVrZsTHbie7diDwicnXmKkBqAyyT3VIhLEo23XQ84Iwv66AqLz%2F5rgbAqpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7F5B 2 KB
2 KB 40ms
40ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
age: 475985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 29 Mar 2023 18:05:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7F5B 15 KB
15 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 596438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7F5B 15 KB
15 KB 48ms
48ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 596438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:38 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7F5B 102 B
134 B 48ms
48ms Other
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

18fcc06e8e158f0b20df57e5966474ba5ee428da943b5e27417d7e2bdde6058f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldbg_8cAAAAAEIpgYdN3DX_JAS0gNZUNsDeIdkr&co=aHR0cHM6Ly9kZTMuZ2V0eW91cmNhc2hjb20uY29tOjQ0Mw..&hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L&size=invisible&cb=b7g87nbowhii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 28 Mar 2023 06:18:16 GMT

GET
H3 200 app.css
asmexp-de.int.userwerk.com/assets/default/css/ Frame 2EBA 121 KB
23 KB 49ms
49ms Stylesheet
text/css 34.149.66.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asmexp-de.int.userwerk.com/assets/default/css/app.css?v=1.5.106
Requested by: Host: asmexp-de.int.userwerk.com
URL: https://asmexp-de.int.userwerk.com/welcome/3vd73s139evom7hn/asmexp-de
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.66.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 229.66.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 37a99a7173684404724d8c17855a30fd4566bc6a15e5c9bfdf24b0860d3117b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://asmexp-de.int.userwerk.com/welcome/3vd73s139evom7hn/asmexp-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:17 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
etag: W/"0-1e448"
vary: Accept-Encoding
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 lato.css
asmexp-de.int.userwerk.com/assets/default/fonts/lato-font/ Frame 2EBA 3 KB
3 KB 63ms
63ms Stylesheet
text/css 34.149.66.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asmexp-de.int.userwerk.com/assets/default/fonts/lato-font/lato.css?v=1.5.106
Requested by: Host: asmexp-de.int.userwerk.com
URL: https://asmexp-de.int.userwerk.com/welcome/3vd73s139evom7hn/asmexp-de
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.66.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 229.66.149.34.bc.googleusercontent.com
Software: nginx/1.15.8 /
Resource Hash: 639ce57ca9b716eff89911e6a6ebfba6fa3b864c082ac1daa83704e17ac2759e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://asmexp-de.int.userwerk.com/welcome/3vd73s139evom7hn/asmexp-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:17 GMT
via: 1.1 google
last-modified: Fri, 02 Jul 2021 00:45:37 GMT
server: nginx/1.15.8
age: 2183
etag: "42a0237a22b192ef535b538dc4903a9f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
x-goog-meta-x-goog-reserved-source-generation: 1619462332718247
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2672
expires: Tue, 28 Mar 2023 06:41:54 GMT

GET
H3 200 blue_gift.png
asmexp-de.int.userwerk.com/assets/default/img/logo/ Frame 2EBA 7 KB
8 KB 115ms
115ms Image
image/png 34.149.66.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asmexp-de.int.userwerk.com/assets/default/img/logo/blue_gift.png?v=1.5.106
Requested by: Host: asmexp-de.int.userwerk.com
URL: https://asmexp-de.int.userwerk.com/welcome/3vd73s139evom7hn/asmexp-de
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.66.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 229.66.149.34.bc.googleusercontent.com
Software: nginx/1.15.8 /
Resource Hash: a6eb606438c87e789dde86e4e20af7c82510d050bc5f89a1adbeb23a3f8b6459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://asmexp-de.int.userwerk.com/welcome/3vd73s139evom7hn/asmexp-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:17 GMT
via: 1.1 google
last-modified: Fri, 02 Jul 2021 00:45:38 GMT
server: nginx/1.15.8
age: 125
etag: "92652a575343a7405166d61f7b325056"
content-type: image/png
cache-control: public, max-age=3600
x-goog-meta-x-goog-reserved-source-generation: 1556544722223587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7667
expires: Tue, 28 Mar 2023 07:16:12 GMT

GET
H3 200 vendor.js Show response
asmexp-de.int.userwerk.com/assets/default/js/ Frame 2EBA 96 KB
40 KB 51ms
50ms Script
application/javascript 34.149.66.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asmexp-de.int.userwerk.com/assets/default/js/vendor.js?v=1.5.106
Requested by: Host: asmexp-de.int.userwerk.com
URL: https://asmexp-de.int.userwerk.com/welcome/3vd73s139evom7hn/asmexp-de
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.66.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 229.66.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 04980c819ec07e432e489ba99f2658e6b48f6da8c08d98ac2b11689520d42a09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://asmexp-de.int.userwerk.com/welcome/3vd73s139evom7hn/asmexp-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:17 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
etag: W/"0-180fd"
vary: Accept-Encoding
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 app.js Show response
asmexp-de.int.userwerk.com/assets/default/js/ Frame 2EBA 124 KB
42 KB 67ms
66ms Script
application/javascript 34.149.66.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asmexp-de.int.userwerk.com/assets/default/js/app.js?v=1.5.106
Requested by: Host: asmexp-de.int.userwerk.com
URL: https://asmexp-de.int.userwerk.com/welcome/3vd73s139evom7hn/asmexp-de
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.66.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 229.66.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e94275da10c8964bcdf32e33a86350f0b39fd3bd7d001e58aa8fccd8551f9a26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://asmexp-de.int.userwerk.com/welcome/3vd73s139evom7hn/asmexp-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:17 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
etag: W/"0-1eff1"
vary: Accept-Encoding
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 619005.js Show response
asmexp-de.int.userwerk.com/assets/default/js/ Frame 2EBA 39 KB
16 KB 50ms
49ms Script
application/javascript 34.149.66.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asmexp-de.int.userwerk.com/assets/default/js/619005.js
Requested by: Host: asmexp-de.int.userwerk.com
URL: https://asmexp-de.int.userwerk.com/assets/default/js/app.js?v=1.5.106
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.66.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 229.66.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 2fa30e2dadc77f3e3a63d19f78b0d2d633c670e31576232b6e9a100739cee3d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://asmexp-de.int.userwerk.com/welcome/3vd73s139evom7hn/asmexp-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:17 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
etag: W/"0-9d1d"
vary: Accept-Encoding
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 6e3049.js Show response
asmexp-de.int.userwerk.com/assets/default/js/ Frame 2EBA 12 KB
5 KB 52ms
51ms Script
application/javascript 34.149.66.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asmexp-de.int.userwerk.com/assets/default/js/6e3049.js
Requested by: Host: asmexp-de.int.userwerk.com
URL: https://asmexp-de.int.userwerk.com/assets/default/js/app.js?v=1.5.106
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.66.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 229.66.149.34.bc.googleusercontent.com
Software: /
Resource Hash: fc1f8ff31ba0b5f19a373c52c18a360c89129b4bc8357273763f839e1d3adbc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://asmexp-de.int.userwerk.com/welcome/3vd73s139evom7hn/asmexp-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:17 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
etag: W/"0-303f"
vary: Accept-Encoding
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 91ca4a.js Show response
asmexp-de.int.userwerk.com/assets/default/js/ Frame 2EBA 24 KB
8 KB 53ms
52ms Script
application/javascript 34.149.66.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asmexp-de.int.userwerk.com/assets/default/js/91ca4a.js
Requested by: Host: asmexp-de.int.userwerk.com
URL: https://asmexp-de.int.userwerk.com/assets/default/js/app.js?v=1.5.106
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.66.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 229.66.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 0283a8a45de96050320c7eb806b4d1058d75af5b8cffb9e5d7fb831eaac57d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://asmexp-de.int.userwerk.com/welcome/3vd73s139evom7hn/asmexp-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:17 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
etag: W/"0-5ecd"
vary: Accept-Encoding
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 8f8d71.js Show response
asmexp-de.int.userwerk.com/assets/default/js/ Frame 2EBA 5 KB
2 KB 55ms
55ms Script
application/javascript 34.149.66.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asmexp-de.int.userwerk.com/assets/default/js/8f8d71.js
Requested by: Host: asmexp-de.int.userwerk.com
URL: https://asmexp-de.int.userwerk.com/assets/default/js/app.js?v=1.5.106
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.66.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 229.66.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 432d5995033d0dac43bbac0a6d6cebe19fb01ffb051669a8ea375da795dc1ad0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://asmexp-de.int.userwerk.com/welcome/3vd73s139evom7hn/asmexp-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:17 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
etag: W/"0-1431"
vary: Accept-Encoding
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 204 2023-03-28%2006:18:17.276000000%20UTC Show response
asmexp-de.int.userwerk.com/v2/integration/store/rtt/3vd73s139evom7hn/asmexp-de/2023-03-28%2006:18:16.718000000%20UTC/ Frame 2EBA 0
14 B 49ms
49ms Fetch 34.149.66.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asmexp-de.int.userwerk.com/v2/integration/store/rtt/3vd73s139evom7hn/asmexp-de/2023-03-28%2006:18:16.718000000%20UTC/2023-03-28%2006:18:17.276000000%20UTC
Requested by: Host: asmexp-de.int.userwerk.com
URL: https://asmexp-de.int.userwerk.com/assets/default/js/app.js?v=1.5.106
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.66.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 229.66.149.34.bc.googleusercontent.com
Software: nginx/1.15.8 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://asmexp-de.int.userwerk.com/welcome/3vd73s139evom7hn/asmexp-de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:17 GMT
via: 1.1 google
server: nginx/1.15.8
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: x-dtpc, x-dtreferer,Origin,Content-Type,Accept,Authorization
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H3 200 confirm-alert
api.cleverpush.com/channel/ Frame 0
0 53ms
52ms Preflight
application/json 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/confirm-alert

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://de3.getyourcashcom.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7aedc1451e4a2c2f-FRA
content-length: 0
content-type: application/json; charset=utf-8
date: Tue, 28 Mar 2023 06:18:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zz%2B1IsXGNQIpUCcQq6GO%2FfwqRs%2FixQJsIjN6vwmLKy6AviOoXdxMEJSWkQed6U84wfUw%2FTePczLBZpJGcHUEiyjMnsCKSsRs7C0gY2cezg%2BdMXTnRqmecmcDhEtQMeMNFDB43crL4Giayj7aeKdvRg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

POST
H3 200 confirm-alert Show response
api.cleverpush.com/channel/ 16 B
614 B 58ms
58ms Fetch
application/json 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/confirm-alert

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/y2XXnwciXs6sDAFHb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json
Referer: https://de3.getyourcashcom.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Mar 2023 06:18:17 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server: cleverpush-worker-1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfEBNiUnN6OCK%2FnTxlJYDo4THcX4fO2PIq2FOgIshhRREsZfTi8rkE5ofMzODqJbdcbw4TuCKgGQYF%2FFqTHQxZH8S5gwW%2Fk3QX0poCU0N1cIjmdZicKPkRBZ7EPaWIusS7oP4mlyIlTGqSEwYg8stg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache
cf-ray: 7aedc1456eb52c2f-FRA
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language

GET
H3 200 zBgF9w7eNr8ziuuZr.png
static.cleverpush.com/notification/icon/ 30 KB
30 KB 50ms
50ms Image
image/png 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cleverpush.com/notification/icon/zBgF9w7eNr8ziuuZr.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8993311f2aa39f5927121fd50ba0f9760949762ec54455451be000f0c21f22f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://de3.getyourcashcom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:18:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: RP9SJDH2YAA0ZV45
age: 1746
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30249
x-amz-id-2: V8ZN2d6hW35WW6l3LcvTjkfjH6zu46mnOy3oiXlImqXAIHwW54ba1iz3UPKwim52cEh6THDKGSM=
last-modified: Tue, 21 Sep 2021 14:43:03 GMT
server: cloudflare
etag: "b887b19cc7e31cdb27b16d9bba043ec5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ebwkc%2BwEvxMF3TpyuN68mvIn%2BTILlZdRaNvUIEiwtKtq9Em4vpKXbscahdjVe0et9IainSRfB05yRwzYX9gqngOFKCH1m6t9N4xUtjUgAj3H%2Bre10mgljo3Egtppo0B8pU0emKcVYxdb%2BjqLZG6vpG8Tfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 7aedc145194e3810-FRA

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://de3.getyourcashcom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 596439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:38 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://de3.getyourcashcom.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:39 GMT
x-content-type-options: nosniff
age: 596438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:39 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tracking.trkkadsm.com/	1970-01-20 11:24:22	Name: enc_aff_session_499 Value: ENC036d51b2820aef4467bc560089c6e43221d1740f7fe45715c1479bbfb71d0ad9c0be6fd774aacdee8e7dafbb7df3c6657b620b06769b1b23c37c717daa5e295af835a9328ca6750d58a32b60b3fabe22c3ffe06f6876117a538e53e8258617e0e48d42bc691c77aab4f453b3aa1481fb2a72db28d384375485ce3ddd1b1834e2530c7d8ab7
tracking.trkkadsm.com/	1970-01-20 20:15:44	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTEiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzExMS4wLjU1NjMuMTEwIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
campaign.golead.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: rua7bj2kbf0f7fvbpqq9u8eorq
.golead.de/	1970-01-20 11:22:56	Name: coyoteTrackingCookie_553 Value: 57964530
.golead.de/	1970-01-20 11:22:56	Name: coyoteSimpleTrackingCookie Value: 57964530
de3.getyourcashcom.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: bvi868m27fd6buip7buo5upqc5
de3.getyourcashcom.com/	1970-01-20 10:39:58	Name: coyoteAffiliTokenId1059 Value: 57964530
.getyourcashcom.com/	1970-01-20 20:15:44	Name: _ga Value: GA1.2.1775745152.1679984296
.getyourcashcom.com/	1970-01-20 10:41:10	Name: _gid Value: GA1.2.338645611.1679984296
.getyourcashcom.com/	1970-01-20 10:39:44	Name: _gat_gtag_UA_131916334_1 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.cleverpush.com
asmexp-de.int.userwerk.com
campaign.golead.de
cdnjs.cloudflare.com
de3.getyourcashcom.com
fonts.googleapis.com
fonts.gstatic.com
germanype.mycleverpush.com
ka-f.fontawesome.com
kit.fontawesome.com
maxcdn.bootstrapcdn.com
mypixel.golead.systems
stackpath.bootstrapcdn.com
static.cleverpush.com
stats.g.doubleclick.net
storage.googleapis.com
tracking.trkkadsm.com
weatherthisday.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.theniemannbest.com
116.203.55.53
141.95.107.214
168.119.31.202
178.63.95.88
2606:4700:20::681a:f1f
2606:4700:20::ac43:47b8
2606:4700::6811:180e
2606:4700::6812:1734
2606:4700::6812:acf
2606:4700:e4::ac40:a916
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:811::200a
2a00:1450:4001:813::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2010
2a00:1450:400c:c00::9c
34.149.66.229
38.45.81.138
54.176.10.64
0096d8abf9832a59cb36c723ded3dd921432f134e887a5f0d8b7821a9876a743
02388458c5747c60184ee01dc7ca569a2ff3b65e5469de86600b529629fac7b7
0283a8a45de96050320c7eb806b4d1058d75af5b8cffb9e5d7fb831eaac57d2a
03c4825b087764b44779cb9efe0a1f63509dbe7f0c1ce505feb9f4ff3c1a4f41
04980c819ec07e432e489ba99f2658e6b48f6da8c08d98ac2b11689520d42a09
077b9afdeb524bca60b2a640771a7ae4590eb74b23c039102907833e05026300
09e04cf3eb46b7a6585169ccf558849645b10b341eb7874bee268c4bc2f88cdf
1762e06b90c3c828634b21d378db384cf8b42f9d10f7f47e052f947c4b35b5f4
18fcc06e8e158f0b20df57e5966474ba5ee428da943b5e27417d7e2bdde6058f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
272128963039fc4c7f05b2db731c17b560d9a21a862be4b5a0df17d10ba63041
290bc2143d47df68a9e6ae62659cd2fcfa22bc93188759adbc6a82cc2546c9c0
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2fa30e2dadc77f3e3a63d19f78b0d2d633c670e31576232b6e9a100739cee3d3
339192aea2634e2b4efbb28394e6fbc4d0bdb347423a9eb0593f0b0c4ade93da
37a99a7173684404724d8c17855a30fd4566bc6a15e5c9bfdf24b0860d3117b7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41191d77d044691c96c90990bfe4693775ab4a3aad4ada259c3605d1970052d2
432d5995033d0dac43bbac0a6d6cebe19fb01ffb051669a8ea375da795dc1ad0
49c206f904248006e1a6204cf40a9d1976911ee88e4eb4406e9d8783eef4d99c
4c9d9aba09c983a0dbec2f9287fc154078181fbb8c235795e3528c06f31085be
4ef0bec33935704ef1be3a00f8acde16478e2fc57179bd4ee06ca483cabaacaa
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
639ce57ca9b716eff89911e6a6ebfba6fa3b864c082ac1daa83704e17ac2759e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6b37c6b645d0d00dda2b960029c9c70c7245d1854d3718c016afbe225ac64780
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be796b6c9cb934a37df2c899803cac24d04662a4db5cab1b2387ad066a900a5
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
80c68a7f7fef86917a386e37dceb47e6df66e3a33218035c64b02d4443c20d07
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8993311f2aa39f5927121fd50ba0f9760949762ec54455451be000f0c21f22f0
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9a64cfc4c0d97dcabec4eb950ee82d4658f774e293a988a7a754de32d368c761
a4480cf4143094a283f0f8410158bba81ea7a95d60a8e5f9753ff29d36d1ad11
a63ad5db399cbf133df4954868d069a0438e0f43082a25b09bd884deb1fe77c3
a6eb606438c87e789dde86e4e20af7c82510d050bc5f89a1adbeb23a3f8b6459
b08618aea91da8a49a3194e51514026d953e4ae18c8cdf299e50773067daa251
b6d3f75dcb2320ed386f2dcb0ef91e545558ded6c268cda18015869cb59658d9
ba6a7eb9acf869a02a1f607e569cb9336d863de1addac148cce418a1e63b9c2a
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c72010e02c94dcfe5626eddefc488ecb17590ae2c9e7034f878de6b38ec32f92
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cc17c49b62fd41489cf9869d0f74778033d4597c6957f496c9e98dd20570d937
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58c517f39f4b11e00b45c3bc3b46f73322e2e064a45de094db0038604dfb85d
e94275da10c8964bcdf32e33a86350f0b39fd3bd7d001e58aa8fccd8551f9a26
ed5478576cc3fdfbf4dc80c45e96cd364b3b3c6dd0cb0e9066023709314491cb
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8b5e961eadf54aeab0eb28c47ea3af8a69573a70dfb8d0bf825bceebac00a0d
fc1f8ff31ba0b5f19a373c52c18a360c89129b4bc8357273763f839e1d3adbc9
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

de3.getyourcashcom.com Open in urlscan Pro 168.119.31.202 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

100 %HTTPS

68 %IPv6

18 Domains

24 Subdomains

20 IPs

4 Countries

1612 kBTransfer

3526 kBSize

10 Cookies

47 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

de3.getyourcashcom.com Open in urlscan Pro
168.119.31.202 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

100 %
HTTPS

68 %
IPv6

18
Domains

24
Subdomains

20
IPs

4
Countries

1612 kB
Transfer

3526 kB
Size

10
Cookies

69 HTTP transactions
1 data transactions