Submitted URL: https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
Effective URL: https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944...
Submission: On January 15 via api from BE

Summary

This website contacted 16 IPs in 6 countries across 17 domains to perform 80 HTTP transactions. The main IP is 185.128.34.117, located in Netherlands and belongs to EUROFIBER-UNET EUROFIBER, NL. The main domain is www.gewinnensieihrenpreis.com.
TLS certificate: Issued by R3 on January 14th 2021. Valid for: 3 months.
This is the only time www.gewinnensieihrenpreis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
28 cdn.cloudcnt.com www.gewinnensieihrenpreis.com
19 www.gewinnensieihrenpreis.com www.gewinnensieihrenpreis.com
8 fonts.gstatic.com dozemnhna.blogspot.com
fonts.googleapis.com
4 www.google-analytics.com www.gewinnensieihrenpreis.com
www.google-analytics.com
4 fonts.googleapis.com www.gewinnensieihrenpreis.com
4 www.blogger.com dozemnhna.blogspot.com
3 dozemnhna.blogspot.com dozemnhna.blogspot.com
2 bam.eu01.nr-data.net js-agent.newrelic.com
2 click.trlxcf02.com 1 redirects dozemnhna.blogspot.com
1 stats.g.doubleclick.net www.google-analytics.com
1 js-agent.newrelic.com www.gewinnensieihrenpreis.com
1 webpushbuilder.com www.gewinnensieihrenpreis.com
1 djjcyqvteia9v.cloudfront.net www.gewinnensieihrenpreis.com
1 plaqexit.com 1 redirects
1 lipmentos.com 1 redirects
1 resources.blogblog.com dozemnhna.blogspot.com
1 themes.googleusercontent.com dozemnhna.blogspot.com
1 www.gstatic.com dozemnhna.blogspot.com
80 18
Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
*.blogger.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
*.googleusercontent.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-21 -
2021-07-21
a year crt.sh
gewinnensieihrenpreis.com
R3
2021-01-14 -
2021-04-14
3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2
2020-05-26 -
2021-04-21
a year crt.sh
*.cloudcnt.com
Amazon
2020-06-20 -
2021-07-20
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
webpushbuilder.com
R3
2020-12-16 -
2021-03-16
3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-12-28 -
2021-05-07
4 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
*.eu01.nr-data.net
DigiCert SHA2 Secure Server CA
2020-02-04 -
2022-02-08
2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Frame ID: 9585674E773AEF0688B728B3F56DDA00
Requests: 80 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266 Page URL
  2. https://lipmentos.com/?a=2944&oc=9947&c=28987&m=3&s1= HTTP 302
    https://plaqexit.com/?a=2944&oc=9947&c=28987&m=3&s1=&ckmguid=7235b10d-2a4a-4a5f-a99f-2acc6ae66692 HTTP 302
    https://click.trlxcf02.com/click/yX3CWb8iyJQi8Bznu2?affid=100481&c1=185472056&c3=2944 HTTP 302
    https://click.trlxcf02.com/main/d.php?s=1&link=https%3A%2F%2Fwww.gewinnensieihrenpreis.com%2Fde_de%2Ftr... Page URL
  3. https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=1... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^/]+\.blogspot\.com/i

Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^/]+\.blogspot\.com/i

Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

80
Requests

100 %
HTTPS

67 %
IPv6

17
Domains

18
Subdomains

16
IPs

6
Countries

1940 kB
Transfer

2929 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266 Page URL
  2. https://lipmentos.com/?a=2944&oc=9947&c=28987&m=3&s1= HTTP 302
    https://plaqexit.com/?a=2944&oc=9947&c=28987&m=3&s1=&ckmguid=7235b10d-2a4a-4a5f-a99f-2acc6ae66692 HTTP 302
    https://click.trlxcf02.com/click/yX3CWb8iyJQi8Bznu2?affid=100481&c1=185472056&c3=2944 HTTP 302
    https://click.trlxcf02.com/main/d.php?s=1&link=https%3A%2F%2Fwww.gewinnensieihrenpreis.com%2Fde_de%2Ftr_bfmmdenopre%3Fclickid%3DqbeYHlvZcV-6001adc1ae405e57aa2b1f99%26networkid%3D100481%26publisher%3D2944%26c6%3D%26c7%3D%26s_id%3D%26s_type%3D%26ept2%3D6c13073a-b3c7-49ac-9e0a-7b258a2c8064 Page URL
  3. https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://lipmentos.com/?a=2944&oc=9947&c=28987&m=3&s1= HTTP 302
  • https://plaqexit.com/?a=2944&oc=9947&c=28987&m=3&s1=&ckmguid=7235b10d-2a4a-4a5f-a99f-2acc6ae66692 HTTP 302
  • https://click.trlxcf02.com/click/yX3CWb8iyJQi8Bznu2?affid=100481&c1=185472056&c3=2944 HTTP 302
  • https://click.trlxcf02.com/main/d.php?s=1&link=https%3A%2F%2Fwww.gewinnensieihrenpreis.com%2Fde_de%2Ftr_bfmmdenopre%3Fclickid%3DqbeYHlvZcV-6001adc1ae405e57aa2b1f99%26networkid%3D100481%26publisher%3D2944%26c6%3D%26c7%3D%26s_id%3D%26s_type%3D%26ept2%3D6c13073a-b3c7-49ac-9e0a-7b258a2c8064

80 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
laden-even-geduld-aub.html
dozemnhna.blogspot.com/p/
80 KB
16 KB
Document
General
Full URL
https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
dozemnhna.blogspot.com
:scheme
https
:path
/p/laden-even-geduld-aub.html?aYF=0266
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
expires
Fri, 15 Jan 2021 14:59:11 GMT
date
Fri, 15 Jan 2021 14:59:11 GMT
cache-control
private, max-age=0
last-modified
Wed, 13 Jan 2021 00:35:03 GMT
etag
W/"680b7e6867d6472929ea47c562c7c7eeed6f76a1f4b1e234c86b6859623061e0"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
16637
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
clipboard.min.js
www.gstatic.com/external_hosted/clipboardjs/
12 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
Requested by
Host: dozemnhna.blogspot.com
URL: https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 14:59:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
0
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4096
x-xss-protection
0
expires
Fri, 15 Jan 2021 14:59:11 GMT
authorization.css
www.blogger.com/dyn-css/
1 B
111 B
Stylesheet
General
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5225078906191729882&zx=62a50b93-4b1d-43b8-a260-b6dc8dc2bcf1
Requested by
Host: dozemnhna.blogspot.com
URL: https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 15 Jan 2021 14:59:11 GMT
server
GSE
date
Fri, 15 Jan 2021 14:59:11 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
sprite_v1_6.css.svg
dozemnhna.blogspot.com/responsive/
7 KB
2 KB
Other
General
Full URL
https://dozemnhna.blogspot.com/responsive/sprite_v1_6.css.svg
Requested by
Host: dozemnhna.blogspot.com
URL: https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 21:06:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 08 Jan 2021 19:15:29 GMT
server
sffe
age
582761
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2244
x-xss-protection
0
expires
Fri, 15 Jan 2021 21:06:30 GMT
image
themes.googleusercontent.com/
223 KB
223 KB
Image
General
Full URL
https://themes.googleusercontent.com/image?id=L1lcAxxz0CLgsDzixEprHJ2F38TyEjCyE3RSAjynQDks0lT1BDc1OxXKaTEdLc89HPvdB11X9FDw&options=w1600
Requested by
Host: dozemnhna.blogspot.com
URL: https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 14:59:11 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
228521
x-xss-protection
0
expires
Sat, 16 Jan 2021 14:59:11 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: dozemnhna.blogspot.com
URL: https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://dozemnhna.blogspot.com
Referer
https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 16:12:05 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
82026
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Fri, 14 Jan 2022 16:12:05 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: dozemnhna.blogspot.com
URL: https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://dozemnhna.blogspot.com
Referer
https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 15:35:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
84218
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Fri, 14 Jan 2022 15:35:33 GMT
3858658042-comment_from_post_iframe.js
www.blogger.com/static/v1/jsbin/
13 KB
5 KB
Script
General
Full URL
https://www.blogger.com/static/v1/jsbin/3858658042-comment_from_post_iframe.js
Requested by
Host: dozemnhna.blogspot.com
URL: https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 20:26:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Jan 2021 08:07:33 GMT
server
sffe
age
239553
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5121
x-xss-protection
0
expires
Wed, 12 Jan 2022 20:26:38 GMT
104481383-indie_compiled.js
resources.blogblog.com/blogblog/data/res/
137 KB
137 KB
Script
General
Full URL
https://resources.blogblog.com/blogblog/data/res/104481383-indie_compiled.js
Requested by
Host: dozemnhna.blogspot.com
URL: https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 01:54:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 11 Jan 2021 16:11:26 GMT
server
sffe
age
306280
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139911
x-xss-protection
0
expires
Tue, 19 Jan 2021 01:54:31 GMT
cookienotice.js
dozemnhna.blogspot.com/js/
6 KB
2 KB
Script
General
Full URL
https://dozemnhna.blogspot.com/js/cookienotice.js
Requested by
Host: dozemnhna.blogspot.com
URL: https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 14:04:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 15 Jan 2021 13:10:27 GMT
server
sffe
age
3255
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2026
x-xss-protection
0
expires
Fri, 22 Jan 2021 14:04:56 GMT
84067855-widgets.js
www.blogger.com/static/v1/widgets/
142 KB
52 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/84067855-widgets.js
Requested by
Host: dozemnhna.blogspot.com
URL: https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 22:08:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Jan 2021 21:39:10 GMT
server
sffe
age
60671
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52684
x-xss-protection
0
expires
Fri, 14 Jan 2022 22:08:00 GMT
d.php
click.trlxcf02.com/main/
Redirect Chain
  • https://lipmentos.com/?a=2944&oc=9947&c=28987&m=3&s1=
  • https://plaqexit.com/?a=2944&oc=9947&c=28987&m=3&s1=&ckmguid=7235b10d-2a4a-4a5f-a99f-2acc6ae66692
  • https://click.trlxcf02.com/click/yX3CWb8iyJQi8Bznu2?affid=100481&c1=185472056&c3=2944
  • https://click.trlxcf02.com/main/d.php?s=1&link=https%3A%2F%2Fwww.gewinnensieihrenpreis.com%2Fde_de%2Ftr_bfmmdenopre%3Fclickid%3DqbeYHlvZcV-6001adc1ae405e57aa2b1f99%26networkid%3D100481%26publisher%...
278 B
820 B
Document
General
Full URL
https://click.trlxcf02.com/main/d.php?s=1&link=https%3A%2F%2Fwww.gewinnensieihrenpreis.com%2Fde_de%2Ftr_bfmmdenopre%3Fclickid%3DqbeYHlvZcV-6001adc1ae405e57aa2b1f99%26networkid%3D100481%26publisher%3D2944%26c6%3D%26c7%3D%26s_id%3D%26s_type%3D%26ept2%3D6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Requested by
Host: dozemnhna.blogspot.com
URL: https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:921e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
click.trlxcf02.com
:scheme
https
:path
/main/d.php?s=1&link=https%3A%2F%2Fwww.gewinnensieihrenpreis.com%2Fde_de%2Ftr_bfmmdenopre%3Fclickid%3DqbeYHlvZcV-6001adc1ae405e57aa2b1f99%26networkid%3D100481%26publisher%3D2944%26c6%3D%26c7%3D%26s_id%3D%26s_type%3D%26ept2%3D6c13073a-b3c7-49ac-9e0a-7b258a2c8064
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d4f06366e9e39f9b328d9035dce28d2791610722752; AWSALB=rD0NQHhHGO0YAeyCMjloOS1jQO41HP9EP8bFyCIHGgz0OdjsZvKyBitwaN0E51ANMCWtXSBO5Y76dBVzKA68SHw091/YwO/Tb8ZylD4yHmhtLgo6R2pPoWQSr7Yh; XSRF-TOKEN=eyJpdiI6IlpiVlZ0a2pMODdUQ0p1SnNKZFp6VGc9PSIsInZhbHVlIjoiQkxBVU11djgzOWpESncyeDhKcHNrMVBaNTJxazA4RnMxUVpiM2g5UDJcLzk2TTNkN1N2eTdsUXJ1dTRQdUx5K2F1ZDZwNXVuU3RNb1wvSXo2UFwvSU9HU3c9PSIsIm1hYyI6ImQ1ZTZmMTEzYTIxNWU1MjdhMjI4NmZjNWNkZmQzNDQ3YzIwZTAxNWRmZTEyYzNiNTViN2FmYmM4NTYwYzNiN2EifQ%3D%3D; session=eyJpdiI6ImhQVEkxMnd6VVZsZFJScFNYSlBka2c9PSIsInZhbHVlIjoieU82dzB6Vkpoc3BZbDlKalJncmNOdUZVampwbUxsMFRQWFRYK2pDV28yaXVUVXVPZDU2NkM1U2lQTW9WVmoyZWMwWGQ3cU5Rb2xZcWpaY2JOdFJBeEE9PSIsIm1hYyI6IjhmNjA1YmM4N2Y1OTg5NzU1Y2E1NGI0YTBjYjUzMTBjYWMzZTgxNWNlNWM5YzRjZjI4NjE5ZjFmZTViZTg4N2UifQ%3D%3D; ept2=eyJpdiI6IjFDaVlLVU9MRTlYSlN6b0R1ajhpQlE9PSIsInZhbHVlIjoiZmJiR0t5T1ZKeG1SSEZKZTNRTFVwbXQ2TGx3NnI2dHZlbTRxcEdFeGQ2aGtYS1VJSUlJeFUxR05rekc4YXF5M050UzkwdnIxUHZyWk9SWkYybzB4eVFaSGRpQUZMb3pRdFNHbzQ0Y1ZZcmZVZDBEMWNhUHpcL243TnpQemZGY05FQkd5cnRwOXdSMjRaZmlDRFwvclpFdGxqU2Z6cloxZDVlOVBwYWZPbVJ2T1lJMkUyS0xhRXdOZ29YTU5BUEkwcGYiLCJtYWMiOiJmZWRmODM4NzE0NDljNWM0YmZkMWRiN2RlMDUwMmMwMTFkM2ZlYjU1MTYyZmEyM2Q2M2RjOTFiMzdlZGE3OGI2In0%3D; cufVna58X3rDcDG2kJJb1vt8l2KPUQpynDqjiOYb=eyJpdiI6ImhFQTErd3FFTExoOHFxeGdXeStpTHc9PSIsInZhbHVlIjoiMVhTMkoyN2hnek9BZEp5cFB1S0g2YjB2NlpnQUN4cVRFS2ZCNzNEYXFZSlAxVkJhK0RaOWhKQUhuTUtFM0puaW03V09CRGdPQUlqUU83MGhnZzlURjhWOFU2QWdpUVk2RFhCaUc1ZVp1ZGZGRklPWXRiTEJldFJRbWFhZmFZSDU2eUV6aWg3bklETzI5UE51Z09aeTI1dTV4U0NWSXg1eHJqcUVsR252YkhlU2dER3dFVXkzdjZvVEFqVDFMaktLdkR0V2ViZUhFbDlmQnRtVlZ5VHhicmVJekFKWklKVFwvUENhOGRnQXcxcENPTXV6SXQxQmdiZXd4R1VEaVVwME5jdHFWaVlFRWFuSmFBWmVlQjJGam9HalJBRGxyaG9NMERDaXZqQVRiYmZrck5BaTZ5QlJnd0FER091MktpMkRXXC96eUNoN3RCUTJ5TUZ3WW5GWFhZNXdkWTRlXC9RQ0JBMTcxZzJhTG1Ud0pkalFkVmhLR1ZTSnViZU9vdUxxNk14S2xqd0lEbWJObW5VVWtKSm5oNXd3NitzT3FlU2xubm1zc1lYN2R4dSs2T1pGS1E2eWhlSmtzZWNcL05TMVwvbmk4NTNqRTRUQ1hoRmJ6R04ycXdia282cnkrOTBcLzRNVmU1ajQ4bXZxa3dmcWlwbm83ZTFRZFh1Snh5cVVMYkVFZjF0Wld6Tm1LTE1JZHU0VXZEQ3FFb3VCRkw4OTRMOG5DeGVcL0RUbm5RZ0VOSEFqbnRVYjFsQnNaMXR0Ukl1aUNtWW90cDk2aGVPZlAwUXJpQm1sRlF2THpSSmZBYmRBYkRiTVNrbmhJSDJ6OWc9IiwibWFjIjoiMDVjN2JmZGVjMzI5ZmFiNGY1MzYyYjdiYzg0YmNkMGZkMTgzODE2NjE5YmM4OGQ3ZTZkZDhhZDIzNjQyODg3YSJ9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266

Response headers

date
Fri, 15 Jan 2021 14:59:13 GMT
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=UKS1x4kuRzw1KbwHHRMo4pBOJUP9/eH4REIKFr8DDZdh5XBOtngRzzSzYJ42dDYgq3RiCtHQ0yTBPQbgYGeTM7bUxupEnmOutslWk54/ch9jL49BWqYjOKv3o/vA; Expires=Fri, 22 Jan 2021 14:59:13 GMT; Path=/ AWSALBCORS=UKS1x4kuRzw1KbwHHRMo4pBOJUP9/eH4REIKFr8DDZdh5XBOtngRzzSzYJ42dDYgq3RiCtHQ0yTBPQbgYGeTM7bUxupEnmOutslWk54/ch9jL49BWqYjOKv3o/vA; Expires=Fri, 22 Jan 2021 14:59:13 GMT; Path=/; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
07a827d3020000c30336871000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RrFGBkmYCqp3YZxWdxpeF3xqyPHno0OCIXoL%2FSrLA6Yis3EPYux2m0TzWB%2BVtYrfjZN67qucpLs%2BwjZQ3eb4ln8dN4EpMZYmC3nsmWk587SY7abr%2FhZEZmEWBhgi7ls%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
612075980dadc303-FRA
content-encoding
br

Redirect headers

date
Fri, 15 Jan 2021 14:59:13 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d4f06366e9e39f9b328d9035dce28d2791610722752; expires=Sun, 14-Feb-21 14:59:12 GMT; path=/; domain=.trlxcf02.com; HttpOnly; SameSite=Lax AWSALB=rD0NQHhHGO0YAeyCMjloOS1jQO41HP9EP8bFyCIHGgz0OdjsZvKyBitwaN0E51ANMCWtXSBO5Y76dBVzKA68SHw091/YwO/Tb8ZylD4yHmhtLgo6R2pPoWQSr7Yh; Expires=Fri, 22 Jan 2021 14:59:12 GMT; Path=/ AWSALBCORS=rD0NQHhHGO0YAeyCMjloOS1jQO41HP9EP8bFyCIHGgz0OdjsZvKyBitwaN0E51ANMCWtXSBO5Y76dBVzKA68SHw091/YwO/Tb8ZylD4yHmhtLgo6R2pPoWQSr7Yh; Expires=Fri, 22 Jan 2021 14:59:12 GMT; Path=/; SameSite=None XSRF-TOKEN=eyJpdiI6IlpiVlZ0a2pMODdUQ0p1SnNKZFp6VGc9PSIsInZhbHVlIjoiQkxBVU11djgzOWpESncyeDhKcHNrMVBaNTJxazA4RnMxUVpiM2g5UDJcLzk2TTNkN1N2eTdsUXJ1dTRQdUx5K2F1ZDZwNXVuU3RNb1wvSXo2UFwvSU9HU3c9PSIsIm1hYyI6ImQ1ZTZmMTEzYTIxNWU1MjdhMjI4NmZjNWNkZmQzNDQ3YzIwZTAxNWRmZTEyYzNiNTViN2FmYmM4NTYwYzNiN2EifQ%3D%3D; expires=Fri, 15-Jan-2021 16:59:13 GMT; Max-Age=7200; path=/ session=eyJpdiI6ImhQVEkxMnd6VVZsZFJScFNYSlBka2c9PSIsInZhbHVlIjoieU82dzB6Vkpoc3BZbDlKalJncmNOdUZVampwbUxsMFRQWFRYK2pDV28yaXVUVXVPZDU2NkM1U2lQTW9WVmoyZWMwWGQ3cU5Rb2xZcWpaY2JOdFJBeEE9PSIsIm1hYyI6IjhmNjA1YmM4N2Y1OTg5NzU1Y2E1NGI0YTBjYjUzMTBjYWMzZTgxNWNlNWM5YzRjZjI4NjE5ZjFmZTViZTg4N2UifQ%3D%3D; expires=Fri, 15-Jan-2021 16:59:13 GMT; Max-Age=7200; path=/; HttpOnly ept2=eyJpdiI6IjFDaVlLVU9MRTlYSlN6b0R1ajhpQlE9PSIsInZhbHVlIjoiZmJiR0t5T1ZKeG1SSEZKZTNRTFVwbXQ2TGx3NnI2dHZlbTRxcEdFeGQ2aGtYS1VJSUlJeFUxR05rekc4YXF5M050UzkwdnIxUHZyWk9SWkYybzB4eVFaSGRpQUZMb3pRdFNHbzQ0Y1ZZcmZVZDBEMWNhUHpcL243TnpQemZGY05FQkd5cnRwOXdSMjRaZmlDRFwvclpFdGxqU2Z6cloxZDVlOVBwYWZPbVJ2T1lJMkUyS0xhRXdOZ29YTU5BUEkwcGYiLCJtYWMiOiJmZWRmODM4NzE0NDljNWM0YmZkMWRiN2RlMDUwMmMwMTFkM2ZlYjU1MTYyZmEyM2Q2M2RjOTFiMzdlZGE3OGI2In0%3D; expires=Sat, 16-Jan-2021 14:59:13 GMT; Max-Age=86400; path=/; HttpOnly cufVna58X3rDcDG2kJJb1vt8l2KPUQpynDqjiOYb=eyJpdiI6ImhFQTErd3FFTExoOHFxeGdXeStpTHc9PSIsInZhbHVlIjoiMVhTMkoyN2hnek9BZEp5cFB1S0g2YjB2NlpnQUN4cVRFS2ZCNzNEYXFZSlAxVkJhK0RaOWhKQUhuTUtFM0puaW03V09CRGdPQUlqUU83MGhnZzlURjhWOFU2QWdpUVk2RFhCaUc1ZVp1ZGZGRklPWXRiTEJldFJRbWFhZmFZSDU2eUV6aWg3bklETzI5UE51Z09aeTI1dTV4U0NWSXg1eHJqcUVsR252YkhlU2dER3dFVXkzdjZvVEFqVDFMaktLdkR0V2ViZUhFbDlmQnRtVlZ5VHhicmVJekFKWklKVFwvUENhOGRnQXcxcENPTXV6SXQxQmdiZXd4R1VEaVVwME5jdHFWaVlFRWFuSmFBWmVlQjJGam9HalJBRGxyaG9NMERDaXZqQVRiYmZrck5BaTZ5QlJnd0FER091MktpMkRXXC96eUNoN3RCUTJ5TUZ3WW5GWFhZNXdkWTRlXC9RQ0JBMTcxZzJhTG1Ud0pkalFkVmhLR1ZTSnViZU9vdUxxNk14S2xqd0lEbWJObW5VVWtKSm5oNXd3NitzT3FlU2xubm1zc1lYN2R4dSs2T1pGS1E2eWhlSmtzZWNcL05TMVwvbmk4NTNqRTRUQ1hoRmJ6R04ycXdia282cnkrOTBcLzRNVmU1ajQ4bXZxa3dmcWlwbm83ZTFRZFh1Snh5cVVMYkVFZjF0Wld6Tm1LTE1JZHU0VXZEQ3FFb3VCRkw4OTRMOG5DeGVcL0RUbm5RZ0VOSEFqbnRVYjFsQnNaMXR0Ukl1aUNtWW90cDk2aGVPZlAwUXJpQm1sRlF2THpSSmZBYmRBYkRiTVNrbmhJSDJ6OWc9IiwibWFjIjoiMDVjN2JmZGVjMzI5ZmFiNGY1MzYyYjdiYzg0YmNkMGZkMTgzODE2NjE5YmM4OGQ3ZTZkZDhhZDIzNjQyODg3YSJ9; expires=Fri, 15-Jan-2021 16:59:13 GMT; Max-Age=7200; path=/; HttpOnly
cache-control
no-cache, private
location
/main/d.php?s=1&link=https%3A%2F%2Fwww.gewinnensieihrenpreis.com%2Fde_de%2Ftr_bfmmdenopre%3Fclickid%3DqbeYHlvZcV-6001adc1ae405e57aa2b1f99%26networkid%3D100481%26publisher%3D2944%26c6%3D%26c7%3D%26s_id%3D%26s_type%3D%26ept2%3D6c13073a-b3c7-49ac-9e0a-7b258a2c8064
cf-cache-status
DYNAMIC
cf-request-id
07a827d0870000c30313a8e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MQN3nyRRCKryjzrltl1Orc54SfoS%2F5HNX%2FswVstxWBhgN%2BGcBou0tTS3HkDWjXkQo97FaGR%2FL6o6j65nOk0N01u3mjPu2pvyckCd8Pr4LctmmV7ROR7DJTpfaL7lfDU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
612075940f6dc303-FRA
authorization.css
www.blogger.com/dyn-css/
1 B
92 B
Stylesheet
General
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5225078906191729882&zx=62a50b93-4b1d-43b8-a260-b6dc8dc2bcf1
Requested by
Host: dozemnhna.blogspot.com
URL: https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dozemnhna.blogspot.com/p/laden-even-geduld-aub.html?aYF=0266
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 15 Jan 2021 14:59:12 GMT
server
GSE
date
Fri, 15 Jan 2021 14:59:12 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
Primary Request Cookie set tr_bfmmdenopre
www.gewinnensieihrenpreis.com/de_de/
126 KB
29 KB
Document
General
Full URL
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software
nginx /
Resource Hash
06444992fa15763af64af5cbc84e941faee7650b79feee3ffdd281c28236f745
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
www.gewinnensieihrenpreis.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Fri, 15 Jan 2021 14:59:13 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Set-Cookie
visitId=2a1f51107bfb7346ccb46c40b84830c2f71f4cf668cfe2fe9776e360663f8e06a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22visitId%22%3Bi%3A1%3Bs%3A35%3A%22qbeYHlvZcV-6001adc1ae405e57aa2b1f99%22%3B%7D; expires=Sun, 14-Feb-2021 14:59:13 GMT; Max-Age=2592000; path=/; HttpOnly _csrf-frontend=936a4422922e3169157723d1774736b44ea11bdfa838640e6bdad313cabb7613a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22WzjAMnjHrUzc4jb7hd_Atssm1q1YEFH4%22%3B%7D; path=/; HttpOnly
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
Content-Security-Policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
Content-Encoding
gzip
common.css
www.gewinnensieihrenpreis.com/bundles/
2 KB
1 KB
Stylesheet
General
Full URL
https://www.gewinnensieihrenpreis.com/bundles/common.css?v=1610712677
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software
nginx /
Resource Hash
93e6339751a6bc8510b53241e6885b89c1bf6fc6f27a24366b4b7ecf0d024ddb
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 15 Jan 2021 14:59:13 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 15 Jan 2021 12:11:17 GMT
Server
nginx
ETag
W/"60018665-72b"
Vary
Accept-Encoding
Content-Type
text/css
X-XSS-Protection
1; mode=block
Transfer-Encoding
chunked
Content-Security-Policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection
keep-alive
X-Content-Type-Options
nosniff
flamingo_main_style.css
www.gewinnensieihrenpreis.com/bundles/
132 KB
28 KB
Stylesheet
General
Full URL
https://www.gewinnensieihrenpreis.com/bundles/flamingo_main_style.css?v=1610712702
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software
nginx /
Resource Hash
8d4a279496aac7846f6ab80d771902592f04932a684c366883b1843be43bfc66
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 15 Jan 2021 14:59:13 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 15 Jan 2021 12:11:42 GMT
Server
nginx
ETag
W/"6001867e-20fab"
Vary
Accept-Encoding
Content-Type
text/css
X-XSS-Protection
1; mode=block
Transfer-Encoding
chunked
Content-Security-Policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection
keep-alive
X-Content-Type-Options
nosniff
flamingo_layout_layout-4steps.css
www.gewinnensieihrenpreis.com/bundles/
106 KB
22 KB
Stylesheet
General
Full URL
https://www.gewinnensieihrenpreis.com/bundles/flamingo_layout_layout-4steps.css?v=1610712703
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software
nginx /
Resource Hash
d98ff10716973f4df9fd3df3150bdca4f76219acfbca94ea0218eac6deb0be06
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 15 Jan 2021 14:59:13 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 15 Jan 2021 12:11:43 GMT
Server
nginx
ETag
W/"6001867f-1a91c"
Vary
Accept-Encoding
Content-Type
text/css
X-XSS-Protection
1; mode=block
Transfer-Encoding
chunked
Content-Security-Policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection
keep-alive
X-Content-Type-Options
nosniff
flamingo_color_white.css
www.gewinnensieihrenpreis.com/bundles/
12 KB
2 KB
Stylesheet
General
Full URL
https://www.gewinnensieihrenpreis.com/bundles/flamingo_color_white.css?v=1610712705
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software
nginx /
Resource Hash
8c63ee1c9d488d8f070c5865f4d8f32d0396ca6adf054fc6bb0e9e2e4186172a
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 15 Jan 2021 14:59:13 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 15 Jan 2021 12:11:29 GMT
Server
nginx
ETag
W/"60018671-30dd"
Vary
Accept-Encoding
Content-Type
text/css
X-XSS-Protection
1; mode=block
Transfer-Encoding
chunked
Content-Security-Policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection
keep-alive
X-Content-Type-Options
nosniff
flamingo_brand_samsung-s9-uk.css
www.gewinnensieihrenpreis.com/bundles/
8 KB
2 KB
Stylesheet
General
Full URL
https://www.gewinnensieihrenpreis.com/bundles/flamingo_brand_samsung-s9-uk.css?v=1610712705
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software
nginx /
Resource Hash
82dbeda7a1070cf8fffd6656ee3a04f5da31334f378eed4c08adf6db9cda4510
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 15 Jan 2021 14:59:13 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 15 Jan 2021 12:11:29 GMT
Server
nginx
ETag
W/"60018671-1fb7"
Vary
Accept-Encoding
Content-Type
text/css
X-XSS-Protection
1; mode=block
Transfer-Encoding
chunked
Content-Security-Policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection
keep-alive
X-Content-Type-Options
nosniff
flamingo_extra_empty.css
www.gewinnensieihrenpreis.com/bundles/
0
413 B
Stylesheet
General
Full URL
https://www.gewinnensieihrenpreis.com/bundles/flamingo_extra_empty.css?v=1610712711
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 15 Jan 2021 14:59:13 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 15 Jan 2021 12:11:35 GMT
Server
nginx
ETag
"60018677-0"
Content-Type
text/css
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
X-Content-Type-Options
nosniff
2_8850352941737efd2c313db1613e94c1.png
www.gewinnensieihrenpreis.com/uploads/landings/8339/main/
319 KB
320 KB
Image
General
Full URL
https://www.gewinnensieihrenpreis.com/uploads/landings/8339/main/2_8850352941737efd2c313db1613e94c1.png
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software
nginx /
Resource Hash
05a29f6d3112600487aaa48c7a0a633983fa2dae48831b3d5188e3fbaf207956
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 15 Jan 2021 14:59:13 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 07 Jan 2019 12:52:43 GMT
Server
nginx
ETag
"5c334b9b-4fc74"
Content-Type
image/png
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
326772
X-Content-Type-Options
nosniff
3_e1172ddbfea5f87951baaab988854450.jpg
www.gewinnensieihrenpreis.com/uploads/landings/8339/main/
148 KB
148 KB
Image
General
Full URL
https://www.gewinnensieihrenpreis.com/uploads/landings/8339/main/3_e1172ddbfea5f87951baaab988854450.jpg
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software
nginx /
Resource Hash
2bf100ad9c2a6632df59281ac992cae309864d9ccf9b828de1f58b0ed344f946
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 15 Jan 2021 14:59:13 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 07 Jan 2019 12:52:43 GMT
Server
nginx
ETag
"5c334b9b-24ecf"
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
151247
X-Content-Type-Options
nosniff
4_3626a44cdcc1727867ede99dc0bd920a.svg
www.gewinnensieihrenpreis.com/uploads/landings/8339/main/
2 KB
1 KB
Image
General
Full URL
https://www.gewinnensieihrenpreis.com/uploads/landings/8339/main/4_3626a44cdcc1727867ede99dc0bd920a.svg
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software
nginx /
Resource Hash
c9b73a88475e88f9fb290cde36d82cd8e742b4664fb84737dbbc634446566fcc

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 15 Jan 2021 14:59:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Jan 2019 12:52:43 GMT
Server
nginx
ETag
W/"5c334b9b-7c3"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 22 Jan 2021 14:59:13 GMT
5_81eabdb7d70e87e9c8922ee54fe608ad.svg
www.gewinnensieihrenpreis.com/uploads/landings/8339/main/
662 B
741 B
Image
General
Full URL
https://www.gewinnensieihrenpreis.com/uploads/landings/8339/main/5_81eabdb7d70e87e9c8922ee54fe608ad.svg
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software
nginx /
Resource Hash
79761c1d3145340f14662606b227767fc7b8466cb608caf8479388bb6e6da66b

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 15 Jan 2021 14:59:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Jan 2019 12:52:43 GMT
Server
nginx
ETag
W/"5c334b9b-296"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 22 Jan 2021 14:59:13 GMT
6_b62296920055904f4785d97394b4de91.svg
www.gewinnensieihrenpreis.com/uploads/landings/8339/main/
773 B
817 B
Image
General
Full URL
https://www.gewinnensieihrenpreis.com/uploads/landings/8339/main/6_b62296920055904f4785d97394b4de91.svg
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software
nginx /
Resource Hash
bab73517c0ae20d5addc03d1f8eb46fde709f42a5f91d1cb9d2afff7da9cf314

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 15 Jan 2021 14:59:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Jan 2019 12:52:43 GMT
Server
nginx
ETag
W/"5c334b9b-305"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 22 Jan 2021 14:59:13 GMT
EHawkTalon.js
djjcyqvteia9v.cloudfront.net/
43 KB
44 KB
Script
General
Full URL
https://djjcyqvteia9v.cloudfront.net/EHawkTalon.js
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:cc00:2:7bf5:a0c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
54234f4ebe24f0a0058c5a4301ba3356fa0e138d3adfa12cac7b144667da104d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 20:57:11 GMT
via
1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
last-modified
Wed, 29 Jul 2020 14:14:29 GMT
server
Apache
age
324122
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
44465
x-amz-cf-id
stoD0-hvE2cu1HB7l_zSkmi16jEqIqV9-a0f28fzcNlHdAmO71iyMA==
expires
Wed, 10 Feb 2021 20:57:11 GMT
5caf02536774b.png
cdn.cloudcnt.com/uploads/entityLogos/
3 KB
4 KB
Image
General
Full URL
https://cdn.cloudcnt.com/uploads/entityLogos/5caf02536774b.png
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bfe854925ea083ffd5d883a565d6deb7104539a443f0a7367975962ca706003a
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
14793
x-cache
Hit from cloudfront
date
Fri, 15 Jan 2021 11:23:18 GMT
content-length
3423
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Apr 2019 09:01:07 GMT
server
nginx
etag
"5caf0253-d5f"
content-type
image/png
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
2hEA9lIOJRPhX_RHq64Z45jfwY9eCFoMaCkhk6lQzi_jcs33wkc80A==
common.js
www.gewinnensieihrenpreis.com/bundles/
419 KB
118 KB
Script
General
Full URL
https://www.gewinnensieihrenpreis.com/bundles/common.js?v=1610712676
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software
nginx /
Resource Hash
f89c111fbd39aa90b716696744730a6c842b4fcdf7231bd9da180f76ff91e540
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 15 Jan 2021 14:59:13 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 15 Jan 2021 12:11:06 GMT
Server
nginx
ETag
W/"6001865a-68caf"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-XSS-Protection
1; mode=block
Transfer-Encoding
chunked
Content-Security-Policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection
keep-alive
X-Content-Type-Options
nosniff
Form.js
www.gewinnensieihrenpreis.com/assets/97219433/js/
9 KB
2 KB
Script
General
Full URL
https://www.gewinnensieihrenpreis.com/assets/97219433/js/Form.js?v=1610712716
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software
nginx /
Resource Hash
6c8c027b20bdb3af49047d12bf085d744a3da2cf49e4064a745a5ebc8a799049
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 15 Jan 2021 14:59:13 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 15 Jan 2021 12:11:56 GMT
Server
nginx
ETag
W/"6001868c-229f"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-XSS-Protection
1; mode=block
Transfer-Encoding
chunked
Content-Security-Policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection
keep-alive
X-Content-Type-Options
nosniff
scripts.js
www.gewinnensieihrenpreis.com/assets/a6214c12/js/
2 KB
1 KB
Script
General
Full URL
https://www.gewinnensieihrenpreis.com/assets/a6214c12/js/scripts.js?v=1610712716
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software
nginx /
Resource Hash
89ad71822e874a1edddd658dd450f9013a97d4847fb6c9efed59134aba4e6b16
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 15 Jan 2021 14:59:13 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 15 Jan 2021 12:11:56 GMT
Server
nginx
ETag
W/"6001868c-7d2"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-XSS-Protection
1; mode=block
Transfer-Encoding
chunked
Content-Security-Policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection
keep-alive
X-Content-Type-Options
nosniff
webpushbuilder.js
www.gewinnensieihrenpreis.com/assets/1075810f/js/
6 KB
2 KB
Script
General
Full URL
https://www.gewinnensieihrenpreis.com/assets/1075810f/js/webpushbuilder.js?v=1610712716
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software
nginx /
Resource Hash
ebffb67d17a7798b339bbaf61f159d7696afa77376451bcbaaec375e0e1e360a
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 15 Jan 2021 14:59:13 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 15 Jan 2021 12:11:56 GMT
Server
nginx
ETag
W/"6001868c-18ee"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-XSS-Protection
1; mode=block
Transfer-Encoding
chunked
Content-Security-Policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection
keep-alive
X-Content-Type-Options
nosniff
css
fonts.googleapis.com/
29 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/bundles/flamingo_main_style.css?v=1610712702
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
18b99ca0bbec52d747e3564e0e734bd88232ae3614cb16c83a52a2a9c29d4908
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gewinnensieihrenpreis.com/bundles/flamingo_main_style.css?v=1610712702
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 15 Jan 2021 14:45:41 GMT
server
ESF
date
Fri, 15 Jan 2021 14:59:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Jan 2021 14:59:13 GMT
css
fonts.googleapis.com/
387 B
408 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Indie+Flower
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/bundles/flamingo_main_style.css?v=1610712702
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
73ddcd62b141cd720099a5271145e7334e2adca2237c344d3a77e6df29247bec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gewinnensieihrenpreis.com/bundles/flamingo_main_style.css?v=1610712702
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 15 Jan 2021 14:06:04 GMT
server
ESF
date
Fri, 15 Jan 2021 14:59:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Jan 2021 14:59:13 GMT
css
fonts.googleapis.com/
10 KB
853 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/bundles/flamingo_brand_samsung-s9-uk.css?v=1610712705
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51f2f79e64b33d994f8c1f25ad14f451b51597dd36bfb9bed179b5e88315cc75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gewinnensieihrenpreis.com/bundles/flamingo_brand_samsung-s9-uk.css?v=1610712705
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 15 Jan 2021 14:59:13 GMT
server
ESF
date
Fri, 15 Jan 2021 14:59:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Jan 2021 14:59:13 GMT
css
fonts.googleapis.com/
7 KB
545 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Libre+Franklin:300,400,500,600,700,800,900&subset=latin-ext
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/bundles/flamingo_brand_samsung-s9-uk.css?v=1610712705
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
18400525a8cd30c2ea60b97451937bb13a3ed0e8358195c49f0092e0bd90eaf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gewinnensieihrenpreis.com/bundles/flamingo_brand_samsung-s9-uk.css?v=1610712705
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 15 Jan 2021 14:59:13 GMT
server
ESF
date
Fri, 15 Jan 2021 14:59:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Jan 2021 14:59:13 GMT
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
5252
date
Fri, 15 Jan 2021 13:31:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Fri, 15 Jan 2021 15:31:41 GMT
1_c64c55adf6201c9eee9a5b10c01decff.jpg
www.gewinnensieihrenpreis.com/uploads/landings/8339/main/
162 KB
162 KB
Image
General
Full URL
https://www.gewinnensieihrenpreis.com/uploads/landings/8339/main/1_c64c55adf6201c9eee9a5b10c01decff.jpg
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software
nginx /
Resource Hash
25abc2be76660307c4964a816b822098c4c59a90f998c65af513b45afbde6d3d
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 15 Jan 2021 14:59:13 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 07 Jan 2019 12:52:43 GMT
Server
nginx
ETag
"5c334b9b-28812"
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
165906
X-Content-Type-Options
nosniff
lock_grey.png
www.gewinnensieihrenpreis.com/bundles/a6214c12/images/
2 KB
3 KB
Image
General
Full URL
https://www.gewinnensieihrenpreis.com/bundles/a6214c12/images/lock_grey.png
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/bundles/flamingo_layout_layout-4steps.css?v=1610712703
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software
nginx /
Resource Hash
e507babf987b47de747a47fb3bd2d3ed3438528784241632f8fc776e290e15eb
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/bundles/flamingo_layout_layout-4steps.css?v=1610712703
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 15 Jan 2021 14:59:13 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 15 Jan 2021 12:10:44 GMT
Server
nginx
ETag
"60018644-898"
Content-Type
image/png
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2200
X-Content-Type-Options
nosniff
mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.gewinnensieihrenpreis.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 21:54:50 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:44 GMT
server
sffe
age
61463
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9192
x-xss-protection
0
expires
Fri, 14 Jan 2022 21:54:50 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.gewinnensieihrenpreis.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 11:36:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
12141
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Sat, 15 Jan 2022 11:36:52 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.gewinnensieihrenpreis.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 13 Jan 2021 19:09:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
157803
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Thu, 13 Jan 2022 19:09:10 GMT
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.gewinnensieihrenpreis.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=cyrillic-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 13 Jan 2021 12:48:41 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:16 GMT
server
sffe
age
180632
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9016
x-xss-protection
0
expires
Thu, 13 Jan 2022 12:48:41 GMT
JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.gewinnensieihrenpreis.com
Referer
https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 10:44:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:51 GMT
server
sffe
age
360875
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13464
x-xss-protection
0
expires
Tue, 11 Jan 2022 10:44:38 GMT
JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.gewinnensieihrenpreis.com
Referer
https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 06:02:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:43 GMT
server
sffe
age
291389
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13560
x-xss-protection
0
expires
Wed, 12 Jan 2022 06:02:44 GMT
62qdAtfW
webpushbuilder.com/user-event/
16 B
261 B
XHR
General
Full URL
https://webpushbuilder.com/user-event/62qdAtfW
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/assets/1075810f/js/webpushbuilder.js?v=1610712716
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.220.235.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-235-180.eu-west-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryJwM3UEN0zjMQufps

Response headers

Access-Control-Allow-Origin
https://www.gewinnensieihrenpreis.com
Date
Fri, 15 Jan 2021 14:59:14 GMT
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Content-Length
16
Vary
Origin
Content-Type
application/json
js
www.google-analytics.com/gtm/
115 KB
38 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-P8KTJJW&cid=325663946.1610722754
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aa1a75c524ff5e59d434cc9d995810f779e377c88b8519f0d9a1f834227b0809
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 14:59:14 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38443
x-xss-protection
0
expires
Fri, 15 Jan 2021 14:59:14 GMT
sponsor
www.gewinnensieihrenpreis.com/
56 KB
11 KB
XHR
General
Full URL
https://www.gewinnensieihrenpreis.com/sponsor?externalId=qbeYHlvZcV-6001adc1ae405e57aa2b1f99
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/bundles/common.js?v=1610712676
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.128.34.117 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software
nginx /
Resource Hash
e1c9cbb536cb350abc650bbd2127b809ad41433ba40a2d40cac862bbbb7eb62b
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 15 Jan 2021 14:59:14 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
X-XSS-Protection
1; mode=block
Transfer-Encoding
chunked
Content-Security-Policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
Connection
keep-alive
X-Content-Type-Options
nosniff
nr-1184.min.js
js-agent.newrelic.com/
27 KB
10 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-1184.min.js
Requested by
Host: www.gewinnensieihrenpreis.com
URL: https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 14:59:14 GMT
content-encoding
gzip
x-amz-request-id
4114AFD4EB3383CF
x-cache
HIT
content-length
10624
x-amz-id-2
DiyR5x4umP0gpM8s/Cfz4y6L984/8rwUwcRjAfhD0V2AvzuV7rPcnKeZDyA3D1kn/fI4PDT7pBY=
x-served-by
cache-hhn4020-HHN
last-modified
Mon, 28 Sep 2020 16:34:45 GMT
server
AmazonS3
x-timer
S1610722754.240143,VS0,VE0
etag
"3d7f312be60d08a2568e311e4762f3af"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2779
collect
www.google-analytics.com/j/
4 B
27 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=1189734350&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gewinnensieihrenpreis.com%2Fde_de%2Ftr_bfmmdenopre%3Fclickid%3DqbeYHlvZcV-6001adc1ae405e57aa2b1f99%26networkid%3D100481%26publisher%3D2944%26c6%3D%26c7%3D%26s_id%3D%26s_type%3D%26ept2%3D6c13073a-b3c7-49ac-9e0a-7b258a2c8064&ul=en-us&de=UTF-8&dt=Gewinne!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEADQAAAAC~&jid=1284698531&gjid=1996714168&cid=325663946.1610722754&tid=UA-111673602-1&_gid=853099732.1610722754&_r=1&_slc=1&z=1917420957
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Jan 2021 14:59:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.gewinnensieihrenpreis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
62 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&aip=1&a=1189734350&t=event&_s=2&dl=https%3A%2F%2Fwww.gewinnensieihrenpreis.com%2Fde_de%2Ftr_bfmmdenopre%3Fclickid%3DqbeYHlvZcV-6001adc1ae405e57aa2b1f99%26networkid%3D100481%26publisher%3D2944%26c6%3D%26c7%3D%26s_id%3D%26s_type%3D%26ept2%3D6c13073a-b3c7-49ac-9e0a-7b258a2c8064&ul=en-us&de=UTF-8&dt=Gewinne!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=tr_bfmmdenopre.100481.2944&ea=01.%20home&_u=aGBAAEADQAAAAC~&jid=&gjid=&cid=325663946.1610722754&tid=UA-111673602-1&_gid=853099732.1610722754&z=1270355172
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jan 2021 12:55:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7404
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
5b8ff035179b6.jpg
cdn.cloudcnt.com/content/image/
9 KB
9 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5b8ff035179b6.jpg?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ded9d1b70d03b7dcbc6d6e22bc570ca717516d77eb2221200d988e9d2adb6f71
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:56:25 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
133369
x-cache
Hit from cloudfront
content-type
image/JPEG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
jquY0jMxLHp83J8p5GV5KKVyhZUFDbdryfkqc36lRmXDd2DndeVXvA==
x-xss-protection
1; mode=block
5c6e6979b0366.jpg
cdn.cloudcnt.com/content/image/
10 KB
11 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5c6e6979b0366.jpg?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7dd3ddef06a2cd439415afed00b4fb2f21519aef3cc3247a0d36245677f34d60
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:47:46 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
69088
x-cache
Hit from cloudfront
content-type
image/JPEG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
rfq405GSX2ri_2RraPJyj6YSQ_XDGr0NcKG2H5UbZYg1epGeYEvJfQ==
x-xss-protection
1; mode=block
5b9146568d1a8.png
cdn.cloudcnt.com/content/image/
18 KB
18 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5b9146568d1a8.png?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3bb96bafdddc137d23dca0a951390cf9b6beb401e0e216b1a21ba87739d346f3
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 16:07:43 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
255091
x-cache
Hit from cloudfront
content-type
image/PNG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
VRwsQEjDRhLzE8DZyYXtVLUsEyIO4ejr5wE7orOj7zjCzjKBBZbv9g==
x-xss-protection
1; mode=block
5d4989a9dd066.jpg
cdn.cloudcnt.com/content/image/
41 KB
41 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5d4989a9dd066.jpg?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b468367aabe8b610a7a1a8935c4fba7407d9629abd009bceae4d101a7b0e1f44
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 09:46:52 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
105142
x-cache
Hit from cloudfront
content-type
image/JPEG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
aq3Dkbx0iYjOfriSO8RwDAQULY3-kNiYJe-7V1pKSv7_DVLAW4QHZA==
x-xss-protection
1; mode=block
5c629ed7939c1.jpg
cdn.cloudcnt.com/content/image/
9 KB
10 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5c629ed7939c1.jpg?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dac87e71da029477fab6c767f7e1f83720602ee44a8ea8b20b82b5c142146e72
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 13 Jan 2021 03:24:26 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
214488
x-cache
Hit from cloudfront
content-type
image/JPEG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
t414XWxWVOUGjGCS2g0LWkzbPcp6uqKKpXC53--6aHmbvRhHK6OAjw==
x-xss-protection
1; mode=block
5bf6d65d0b581.png
cdn.cloudcnt.com/content/image/
8 KB
9 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5bf6d65d0b581.png?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
efdf8f9f855f1b314fc7bc5eca7babef3d8fe4d3edf5d891e73df9a38a472d2e
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 12:27:20 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
95514
x-cache
Hit from cloudfront
content-type
image/PNG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
myP4ZuxF1PvlOs6e04NZxjWxFhqtNHj-57JIvORGR85sWlW74WVhqQ==
x-xss-protection
1; mode=block
5e67ac174dd68.png
cdn.cloudcnt.com/content/image/
1 KB
2 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5e67ac174dd68.png?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3933f993b90a82347e4d6400b8314a055640f5bf7d65028bc0282c5c3d6201fa
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 08:27:45 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
23489
x-cache
Hit from cloudfront
content-type
image/PNG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
4qFiohRU83JX6DqE3G48Bd1t501k5FmQZM9Sp47PDTKBK-v8OT7AXw==
x-xss-protection
1; mode=block
5b76b6fddcf47.png
cdn.cloudcnt.com/content/image/
13 KB
14 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5b76b6fddcf47.png?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
34bc43bc40403e70aaf6ac17e7841250705936a442bcc9cb9d406fb6e9193963
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 11:18:25 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
13249
x-cache
Hit from cloudfront
content-type
image/PNG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
0fOBMIfVEDt5o0IlZncM6OMB2j3o1RUl9bC0swMW8PrMLwocK9u7tQ==
x-xss-protection
1; mode=block
5b8fcb96755d0.jpg
cdn.cloudcnt.com/content/image/
11 KB
12 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5b8fcb96755d0.jpg?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
58336cbeb4aeacdcf7bb2168c425b6d8c1b1ddf08ab4dfbfa15bc195027a4a2b
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 10:48:12 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
15062
x-cache
Hit from cloudfront
content-type
image/JPEG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
fBo6txmuHSNaot_Q5_4rb0q452PT9CvKwlrwjRVomDqcztOr-VeUTw==
x-xss-protection
1; mode=block
5bd9bc96bbe50.png
cdn.cloudcnt.com/content/image/
10 KB
11 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5bd9bc96bbe50.png?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a2ac98321e1600f4d2ff350aa3a9e5795ea0f0528fd2167b0aa6618b0dcf4e54
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 13 Jan 2021 12:14:16 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
182698
x-cache
Hit from cloudfront
content-type
image/PNG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
TU3kZkTujWO8xUKtZ0Ga64nzs7XaYurZ6-t-jNflunep7VI_dLsABg==
x-xss-protection
1; mode=block
5bd9be6b7afbe.png
cdn.cloudcnt.com/content/image/
13 KB
13 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5bd9be6b7afbe.png?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c26fc2408287f82a983df31697d60df4f89dc8e06f2df530fd0b93671a9e9c8b
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 03:24:04 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
128110
x-cache
Hit from cloudfront
content-type
image/PNG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
lkf_v2pyIbzFwSbFYu40KgP11IJOJprpM3lt9nFq635TzDbRG1GL5A==
x-xss-protection
1; mode=block
5c332463836b5.png
cdn.cloudcnt.com/content/image/
4 KB
5 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5c332463836b5.png?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ea94e55cc51faff5d65835996394fa2575969dce5d797296ca4945c50203972
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 13 Jan 2021 04:46:12 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
209582
x-cache
Hit from cloudfront
content-type
image/PNG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
pmA-ALlw0vpAZPLwcVrN0ylYlGvt4541nL1u_PQr52dmqDFTa90GYA==
x-xss-protection
1; mode=block
5c35fe40dbd36.jpg
cdn.cloudcnt.com/content/image/
10 KB
11 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5c35fe40dbd36.jpg?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ce874bd573d13063c9541b0aea89e88571150599a3f3e8658909856ce7af47b4
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 18:01:19 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
248275
x-cache
Hit from cloudfront
content-type
image/JPEG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
bpukd_FfiVEZCzHHFAbi7N1SBxdfnqPshLSvh7HDzJRgIysvfaK4CQ==
x-xss-protection
1; mode=block
5c93716a8e49a.png
cdn.cloudcnt.com/content/image/
4 KB
4 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5c93716a8e49a.png?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
26d0a8f1a8d168f9fb0c74bb49234c7d0a53f88dd62a0f2e9d84868f1d4361b9
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 05:00:07 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
35947
x-cache
Hit from cloudfront
content-type
image/PNG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
d5NEaNwo9U81vKg10T9yyFxlZrvunXoSlLBNmMgDggzL7Q7-DylnRA==
x-xss-protection
1; mode=block
5d8b663d3f95c.png
cdn.cloudcnt.com/content/image/
16 KB
16 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5d8b663d3f95c.png?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
aa0af4a1e51f5ba88a6ed4c1f6c827c86759e72fb6786c13ab18cf90266cbc55
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 13 Jan 2021 04:58:36 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
208838
x-cache
Hit from cloudfront
content-type
image/PNG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
K87LlOUFSdHun5i91R16aKFAuRje_XHWjUz07mMTmaJiUgcDMsv_pg==
x-xss-protection
1; mode=block
5d9b0c7b7df65.png
cdn.cloudcnt.com/content/image/
25 KB
26 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5d9b0c7b7df65.png?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
705a08f9361ac0f7c3b21296e460a39fc1b7bbf784b02acc86847dfac2ad6772
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 13 Jan 2021 04:36:28 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
210166
x-cache
Hit from cloudfront
content-type
image/PNG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
thI0JzgeEWpNRZw7kpWhG5DCvUlQ_5DQ-4KZqmsl-hww36oVKOti6Q==
x-xss-protection
1; mode=block
5d9f03625eb67.png
cdn.cloudcnt.com/content/image/
7 KB
8 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5d9f03625eb67.png?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
593f9140290dbb3b8a1bc6d7bba38135791debe39d57f5667bb58120e3970766
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 08:28:12 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
23462
x-cache
Hit from cloudfront
content-type
image/PNG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
pu7hY96OEwY7EeJEY3GW6OpQyclHJR16f23fiMUn5eTGkS7TjzUAzg==
x-xss-protection
1; mode=block
5d9f07c287974.png
cdn.cloudcnt.com/content/image/
12 KB
12 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5d9f07c287974.png?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8cfe7637bba65a1b32eade638a392c70ae18d7b33700379b1496a786ca4fcaee
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 11:51:33 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
11261
x-cache
Hit from cloudfront
content-type
image/PNG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
KVSLVPlor_mZ2KKLm0SGehs-Ks1WseBuwwvnlCyiIpuWikkjMdRk4g==
x-xss-protection
1; mode=block
5d9f2ad17be9c.png
cdn.cloudcnt.com/content/image/
13 KB
13 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5d9f2ad17be9c.png?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
614684a2a62531f02f1e884705fc610268fcced47802cfc0be3b396e4e2b3e19
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 13 Jan 2021 03:24:29 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
214485
x-cache
Hit from cloudfront
content-type
image/PNG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
KQMkD6zRFyLAx0ui-y_5tw4gLSeDlpXeBmUHd6EZn-VDqAmHTWi8hA==
x-xss-protection
1; mode=block
5d9f2bbcaba53.png
cdn.cloudcnt.com/content/image/
15 KB
15 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5d9f2bbcaba53.png?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9a557fe38c0db0194b7b8aed01234678480356b7854e12dd2ff0adb6e954d3ea
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 03:36:45 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
127349
x-cache
Hit from cloudfront
content-type
image/PNG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
AVHCYgKzFin2TFO6BtuGrNb3zTb7KYL36ohRKtzvJZktsk00MbR3gw==
x-xss-protection
1; mode=block
5da59526d194f.png
cdn.cloudcnt.com/content/image/
44 KB
44 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5da59526d194f.png?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cff8d09a44ebe8dbc81c6a349c809aae047c1a62e7501c85ab7a84cab687df46
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 11:10:17 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
13737
x-cache
Hit from cloudfront
content-type
image/PNG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
41r1p587x7w9l8-FM_JBtr8Y6w7iYqY0QmQiAW68Pl0X0deBZLJhLA==
x-xss-protection
1; mode=block
5db2df8f5581f.png
cdn.cloudcnt.com/content/image/
17 KB
18 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5db2df8f5581f.png?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b2580f867ff26675f8964fd86e6725abeb06084dddafd6d7e017a5e01e70c25c
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 06:25:31 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
117223
x-cache
Hit from cloudfront
content-type
image/PNG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
pFRbaPvQANKfdNistc7Whh3p7liU0EqA553Jw0n-woF7Kk0L5ONB3A==
x-xss-protection
1; mode=block
5e8601758c946.png
cdn.cloudcnt.com/content/image/
15 KB
15 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5e8601758c946.png?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b9d260147e3c4237c4e40d64e6eb19a55faf2cb2c3f89ac95c306c2ab3415a71
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 13 Jan 2021 05:23:05 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
207369
x-cache
Hit from cloudfront
content-type
image/PNG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
cJmf-TzdX-Dl3fxeLPGmgu_BbKFL99T-a-larvZ0ImkGQm1XGbcQTw==
x-xss-protection
1; mode=block
5e85db22d5138.png
cdn.cloudcnt.com/content/image/
17 KB
18 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5e85db22d5138.png?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8916505cb385e740990cae8e4812c1c55dd52586547d56b93ff7effc6b5d63f8
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 07:18:03 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
114071
x-cache
Hit from cloudfront
content-type
image/PNG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
92POj7hlkfb0rzs_gG0tNR911dSZRJ14ojj7_K8SkJhOVehfoyB0EQ==
x-xss-protection
1; mode=block
5f195fdab85bb.png
cdn.cloudcnt.com/content/image/
29 KB
29 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5f195fdab85bb.png?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5cfe9090c28d7b3d07f38fedce7468fb24b036a38f530ef218c45939800e1da9
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 13 Jan 2021 12:47:02 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
180732
x-cache
Hit from cloudfront
content-type
image/PNG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
wMwpUjqeD2FdQmljJrc13z5o_LlaWw1tFSCNClFvCNTnzWmxqkvsKw==
x-xss-protection
1; mode=block
5f621a0078470.jpeg
cdn.cloudcnt.com/content/image/
15 KB
16 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/5f621a0078470.jpeg?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e9ed69bfa73f3a3542533dfccb062bbcc269538f1e21e7e9089f69e84840d32e
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 13 Jan 2021 08:32:53 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
195981
x-cache
Hit from cloudfront
content-type
image/PNG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
32HicYt0EwoQ6V_zaal9v1aYRdqkvtggYTEQKtVQ1n1rtn708_yDwg==
x-xss-protection
1; mode=block
60017a43d5c88.png
cdn.cloudcnt.com/content/image/
43 KB
43 KB
Image
General
Full URL
https://cdn.cloudcnt.com/content/image/60017a43d5c88.png?size=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ce00:b:413c:b700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
60f0dfe13b2c3e92b27d9a061e1a8fdbf68526827193cbc8bc2c59ca422bab7c
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 11:19:32 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
server
nginx
age
13182
x-cache
Hit from cloudfront
content-type
image/PNG
cache-control
max-age=259200
x-content-type-options
nosniff
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
QXjOnW1JMEzvB3btnPE5uq_ff_cUrzHaH8-5ig-ry2NQ7MKl3Uz7_g==
x-xss-protection
1; mode=block
collect
stats.g.doubleclick.net/j/
1 B
67 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-111673602-1&cid=325663946.1610722754&jid=1284698531&gjid=1996714168&_gid=853099732.1610722754&_u=aGBAAEACQAAAAC~&z=547752246
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 15 Jan 2021 14:59:14 GMT
content-type
text/plain
access-control-allow-origin
https://www.gewinnensieihrenpreis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
NRJS-9facc869c359219f55d
bam.eu01.nr-data.net/1/
57 B
275 B
Script
General
Full URL
https://bam.eu01.nr-data.net/1/NRJS-9facc869c359219f55d?a=32509574&v=1184.ab39b52&to=MhBSZQoZCBFYABZcWAtaZUMRVw8MXQYaG0cNBQ%3D%3D&rst=644&ck=1&ref=https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre&ap=101&be=181&fe=603&dc=378&perf=%7B%22timing%22:%7B%22of%22:1610722753636,%22n%22:0,%22f%22:1,%22dn%22:4,%22dne%22:4,%22c%22:4,%22s%22:10,%22ce%22:44,%22rq%22:44,%22rp%22:165,%22rpe%22:174,%22dl%22:169,%22di%22:377,%22ds%22:377,%22de%22:377,%22dc%22:603,%22l%22:603,%22le%22:603%7D,%22navigation%22:%7B%7D%7D&fp=310&fcp=310&at=HldRE0IDGx8%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.221.86.34 , Germany, ASN206998 (NEW-2, IE),
Reverse DNS
Software
/
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
NRJS-9facc869c359219f55d
bam.eu01.nr-data.net/events/1/
24 B
196 B
XHR
General
Full URL
https://bam.eu01.nr-data.net/events/1/NRJS-9facc869c359219f55d?a=32509574&v=1184.ab39b52&to=MhBSZQoZCBFYABZcWAtaZUMRVw8MXQYaG0cNBQ%3D%3D&rst=10645&ck=1&ref=https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.221.86.34 , Germany, ASN206998 (NEW-2, IE),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.gewinnensieihrenpreis.com/de_de/tr_bfmmdenopre?clickid=qbeYHlvZcV-6001adc1ae405e57aa2b1f99&networkid=100481&publisher=2944&c6=&c7=&s_id=&s_type=&ept2=6c13073a-b3c7-49ac-9e0a-7b258a2c8064
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.gewinnensieihrenpreis.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require string| pid string| params_str boolean| protectedMediaFired object| pmGlobal function| handleResultFromPM boolean| resultHandled function| adScoreCORS function| fireErrPixel function| fireProtectedMedia string| GoogleAnalyticsObject function| ga function| googleAnalyticsTrack string| gaAddress string| gaNetworkId string| gaPublisher function| eHawkTalon function| EHTalon function| Fingerprint boolean| isBlink function| EmailAutocompletePlugin function| EmailValidationClassPlugin function| InputMaskPlugin function| RenderPostcodePlugin function| RenderStatePlugin function| StreetAutocompletePlugin function| BirthDateFieldExpandPlugin function| ValidateAddedControlsPlugin function| AlphanumSettingsPlugin function| AdvancedTermsAgreePlugin function| AdvancedStreetElementPlugin function| TermsAgreeDoubleSubmit function| SetDefaultOnClickGenderPlugin function| itChangePostcodeSize function| BaseForm function| Question function| SignatureInput function| Validator function| Landing function| cookieExists function| setCookie function| exitBack function| $ function| jQuery function| _ function| Inputmask function| simplify function| Form function| WebPushManager function| trackSubscription object| wpm string| locale string| externalId number| isReturned string| endUrl object| lead object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager object| google_optimize object| newSponsor number| chk string| e_hawkTalonStr string| controlName

5 Cookies

Domain/Path Name / Value
.gewinnensieihrenpreis.com/ Name: _gat
Value: 1
.gewinnensieihrenpreis.com/ Name: _gid
Value: GA1.2.853099732.1610722754
.gewinnensieihrenpreis.com/ Name: _ga
Value: GA1.2.325663946.1610722754
www.gewinnensieihrenpreis.com/ Name: _csrf-frontend
Value: 936a4422922e3169157723d1774736b44ea11bdfa838640e6bdad313cabb7613a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22WzjAMnjHrUzc4jb7hd_Atssm1q1YEFH4%22%3B%7D
www.gewinnensieihrenpreis.com/ Name: visitId
Value: 2a1f51107bfb7346ccb46c40b84830c2f71f4cf668cfe2fe9776e360663f8e06a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22visitId%22%3Bi%3A1%3Bs%3A35%3A%22qbeYHlvZcV-6001adc1ae405e57aa2b1f99%22%3B%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.eu01.nr-data.net
cdn.cloudcnt.com
click.trlxcf02.com
djjcyqvteia9v.cloudfront.net
dozemnhna.blogspot.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
lipmentos.com
plaqexit.com
resources.blogblog.com
stats.g.doubleclick.net
themes.googleusercontent.com
webpushbuilder.com
www.blogger.com
www.gewinnensieihrenpreis.com
www.google-analytics.com
www.gstatic.com
151.101.114.110
185.128.34.117
185.221.86.34
2600:9000:214f:ce00:b:413c:b700:93a1
2600:9000:2156:cc00:2:7bf5:a0c0:21
2606:4700:3037::ac43:921e
2a00:1450:4001:802::200a
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:816::200e
2a00:1450:4001:818::2003
2a00:1450:4001:81b::2001
2a00:1450:4001:820::2009
2a00:1450:4001:824::2003
2a00:1450:400c:c0c::9d
35.204.14.125
35.204.93.160
54.220.235.180
03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab
05a29f6d3112600487aaa48c7a0a633983fa2dae48831b3d5188e3fbaf207956
06444992fa15763af64af5cbc84e941faee7650b79feee3ffdd281c28236f745
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
18400525a8cd30c2ea60b97451937bb13a3ed0e8358195c49f0092e0bd90eaf5
18b99ca0bbec52d747e3564e0e734bd88232ae3614cb16c83a52a2a9c29d4908
1ea94e55cc51faff5d65835996394fa2575969dce5d797296ca4945c50203972
25abc2be76660307c4964a816b822098c4c59a90f998c65af513b45afbde6d3d
26d0a8f1a8d168f9fb0c74bb49234c7d0a53f88dd62a0f2e9d84868f1d4361b9
2bf100ad9c2a6632df59281ac992cae309864d9ccf9b828de1f58b0ed344f946
34bc43bc40403e70aaf6ac17e7841250705936a442bcc9cb9d406fb6e9193963
3933f993b90a82347e4d6400b8314a055640f5bf7d65028bc0282c5c3d6201fa
3bb96bafdddc137d23dca0a951390cf9b6beb401e0e216b1a21ba87739d346f3
51f2f79e64b33d994f8c1f25ad14f451b51597dd36bfb9bed179b5e88315cc75
54234f4ebe24f0a0058c5a4301ba3356fa0e138d3adfa12cac7b144667da104d
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
58336cbeb4aeacdcf7bb2168c425b6d8c1b1ddf08ab4dfbfa15bc195027a4a2b
593f9140290dbb3b8a1bc6d7bba38135791debe39d57f5667bb58120e3970766
5cfe9090c28d7b3d07f38fedce7468fb24b036a38f530ef218c45939800e1da9
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
60f0dfe13b2c3e92b27d9a061e1a8fdbf68526827193cbc8bc2c59ca422bab7c
614684a2a62531f02f1e884705fc610268fcced47802cfc0be3b396e4e2b3e19
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c8c027b20bdb3af49047d12bf085d744a3da2cf49e4064a745a5ebc8a799049
705a08f9361ac0f7c3b21296e460a39fc1b7bbf784b02acc86847dfac2ad6772
73ddcd62b141cd720099a5271145e7334e2adca2237c344d3a77e6df29247bec
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
79761c1d3145340f14662606b227767fc7b8466cb608caf8479388bb6e6da66b
7dd3ddef06a2cd439415afed00b4fb2f21519aef3cc3247a0d36245677f34d60
82dbeda7a1070cf8fffd6656ee3a04f5da31334f378eed4c08adf6db9cda4510
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8916505cb385e740990cae8e4812c1c55dd52586547d56b93ff7effc6b5d63f8
89ad71822e874a1edddd658dd450f9013a97d4847fb6c9efed59134aba4e6b16
8c63ee1c9d488d8f070c5865f4d8f32d0396ca6adf054fc6bb0e9e2e4186172a
8cfe7637bba65a1b32eade638a392c70ae18d7b33700379b1496a786ca4fcaee
8d4a279496aac7846f6ab80d771902592f04932a684c366883b1843be43bfc66
93e6339751a6bc8510b53241e6885b89c1bf6fc6f27a24366b4b7ecf0d024ddb
9a557fe38c0db0194b7b8aed01234678480356b7854e12dd2ff0adb6e954d3ea
a2ac98321e1600f4d2ff350aa3a9e5795ea0f0528fd2167b0aa6618b0dcf4e54
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
aa0af4a1e51f5ba88a6ed4c1f6c827c86759e72fb6786c13ab18cf90266cbc55
aa1a75c524ff5e59d434cc9d995810f779e377c88b8519f0d9a1f834227b0809
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b2580f867ff26675f8964fd86e6725abeb06084dddafd6d7e017a5e01e70c25c
b468367aabe8b610a7a1a8935c4fba7407d9629abd009bceae4d101a7b0e1f44
b9d260147e3c4237c4e40d64e6eb19a55faf2cb2c3f89ac95c306c2ab3415a71
bab73517c0ae20d5addc03d1f8eb46fde709f42a5f91d1cb9d2afff7da9cf314
bfe854925ea083ffd5d883a565d6deb7104539a443f0a7367975962ca706003a
c26fc2408287f82a983df31697d60df4f89dc8e06f2df530fd0b93671a9e9c8b
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9b73a88475e88f9fb290cde36d82cd8e742b4664fb84737dbbc634446566fcc
ce874bd573d13063c9541b0aea89e88571150599a3f3e8658909856ce7af47b4
cff8d09a44ebe8dbc81c6a349c809aae047c1a62e7501c85ab7a84cab687df46
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
d98ff10716973f4df9fd3df3150bdca4f76219acfbca94ea0218eac6deb0be06
dac87e71da029477fab6c767f7e1f83720602ee44a8ea8b20b82b5c142146e72
ded9d1b70d03b7dcbc6d6e22bc570ca717516d77eb2221200d988e9d2adb6f71
e1c9cbb536cb350abc650bbd2127b809ad41433ba40a2d40cac862bbbb7eb62b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e507babf987b47de747a47fb3bd2d3ed3438528784241632f8fc776e290e15eb
e9ed69bfa73f3a3542533dfccb062bbcc269538f1e21e7e9089f69e84840d32e
ebffb67d17a7798b339bbaf61f159d7696afa77376451bcbaaec375e0e1e360a
efdf8f9f855f1b314fc7bc5eca7babef3d8fe4d3edf5d891e73df9a38a472d2e
f89c111fbd39aa90b716696744730a6c842b4fcdf7231bd9da180f76ff91e540