urlscan.io logo urlscan.io
SecurityTrails logo

de1641.happy-nachrichten.de Open in urlscan Pro
45.156.91.33  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lighthouse-hwy1.com/?a=1308&oc=20987&c=56129&m=3&s1=
Effective URL: https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965&
Submission: On May 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 10 domains to perform 33 HTTP transactions. The main IP is 45.156.91.33, located in Germany and belongs to ABUNTIS, DE. The main domain is de1641.happy-nachrichten.de.
TLS certificate: Issued by R3 on March 31st 2024. Valid for: 3 months.
This is the only time de1641.happy-nachrichten.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 34.76.98.215 396982 (GOOGLE-CL...)
1 1 34.111.143.46 396982 (GOOGLE-CL...)
1 1 45.156.91.34 211823 (ABUNTIS)
7 45.156.91.33 211823 (ABUNTIS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
19 172.67.71.184 13335 (CLOUDFLAR...)
2 35.158.79.89 16509 (AMAZON-02)
1 2a03:2880:f08... 32934 (FACEBOOK)
1 159.69.145.0 24940 (HETZNER-AS)
33 8
2    34.76.98.215 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 215.98.76.34.bc.googleusercontent.com
lighthouse-hwy1.com
1    34.111.143.46 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 46.143.111.34.bc.googleusercontent.com
www.sbbq3otrk.com
1    45.156.91.34 (Germany)

ASN211823 (ABUNTIS, DE)
trckde01.de
7    45.156.91.33 (Germany)

ASN211823 (ABUNTIS, DE)
de1641.happy-nachrichten.de
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
19    172.67.71.184 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cleverpush.com
api.cleverpush.com
2    35.158.79.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
meine.pixelweiche.de
1    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    159.69.145.0 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.0.145.69.159.clients.your-server.de
lv1.mycleverpush.com
Apex Domain
Subdomains		 Transfer
19 cleverpush.com
static.cleverpush.com — Cisco Umbrella Rank: 24654
api.cleverpush.com — Cisco Umbrella Rank: 21697
132 KB
7 happy-nachrichten.de
de1641.happy-nachrichten.de
745 KB
2 pixelweiche.de
meine.pixelweiche.de
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
ajax.googleapis.com — Cisco Umbrella Rank: 380
35 KB
2 lighthouse-hwy1.com
lighthouse-hwy1.com
1 KB
1 mycleverpush.com
lv1.mycleverpush.com
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
59 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1230
11 KB
1 trckde01.de
trckde01.de
805 B
1 sbbq3otrk.com
www.sbbq3otrk.com
515 B
33 10
Domain Requested by
15 static.cleverpush.com de1641.happy-nachrichten.de
static.cleverpush.com
7 de1641.happy-nachrichten.de de1641.happy-nachrichten.de
4 api.cleverpush.com static.cleverpush.com
2 meine.pixelweiche.de de1641.happy-nachrichten.de
meine.pixelweiche.de
2 lighthouse-hwy1.com 2 redirects
1 lv1.mycleverpush.com static.cleverpush.com
1 connect.facebook.net de1641.happy-nachrichten.de
1 ajax.googleapis.com de1641.happy-nachrichten.de
1 use.fontawesome.com de1641.happy-nachrichten.de
1 fonts.googleapis.com de1641.happy-nachrichten.de
1 trckde01.de 1 redirects
1 www.sbbq3otrk.com 1 redirects
33 12
Subject Issuer Validity Valid
*.happy-nachrichten.de
R3		 2024-03-31 -
2024-06-29		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
cleverpush.com
E1		 2024-04-30 -
2024-07-29		 3 months crt.sh
coyote.pixel-weiche.de
R3		 2024-04-21 -
2024-07-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-08 -
2024-06-06		 3 months crt.sh
*.mycleverpush.com
Sectigo RSA Domain Validation Secure Server CA		 2024-05-16 -
2025-06-16		 a year crt.sh

This page contains 2 frames:

Primary Page: https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965&
Frame ID: A7F981BD75B172DB8C5AB17261009C16
Requests: 30 HTTP requests in this frame

Frame: https://lv1.mycleverpush.com/iframe?origin=https%3A%2F%2Fde1641.happy-nachrichten.de
Frame ID: BD0A6B722665C69953A13DF5DFD7B501
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Lidl Geschenkkarte Gewinnen!

Page URL History Show full URLs

  1. http://lighthouse-hwy1.com/?a=1308&oc=20987&c=56129&m=3&s1= HTTP 307
    https://lighthouse-hwy1.com/?a=1308&oc=20987&c=56129&m=3&s1= HTTP 302
    https://lighthouse-hwy1.com/?a=1308&oc=20987&c=56129&m=3&s1=&ch-redir=1&ckmxid=cpbpbvqt0001mq70mk20 HTTP 302
    https://www.sbbq3otrk.com/4J58SX1/2CGLJ45/?sub1=1308&sub2=fbid&sub3=365312403 HTTP 302
    https://trckde01.de/de01,lidl,geschenkkarte_1251.html?idPartner=69&idCampaignAd=0&subId=2184_130... HTTP 302
    https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965& Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

100 %
HTTPS

36 %
IPv6

10
Domains

12
Subdomains

8
IPs

3
Countries

984 kB
Transfer

1924 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lighthouse-hwy1.com/?a=1308&oc=20987&c=56129&m=3&s1= HTTP 307
    https://lighthouse-hwy1.com/?a=1308&oc=20987&c=56129&m=3&s1= HTTP 302
    https://lighthouse-hwy1.com/?a=1308&oc=20987&c=56129&m=3&s1=&ch-redir=1&ckmxid=cpbpbvqt0001mq70mk20 HTTP 302
    https://www.sbbq3otrk.com/4J58SX1/2CGLJ45/?sub1=1308&sub2=fbid&sub3=365312403 HTTP 302
    https://trckde01.de/de01,lidl,geschenkkarte_1251.html?idPartner=69&idCampaignAd=0&subId=2184_1308&subIdentifier=23025d35cec54b9bacf11adb04c40490_fbid HTTP 302
    https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request campaign_1641.html
de1641.happy-nachrichten.de/
Redirect Chain
  • http://lighthouse-hwy1.com/?a=1308&oc=20987&c=56129&m=3&s1=
  • https://lighthouse-hwy1.com/?a=1308&oc=20987&c=56129&m=3&s1=
  • https://lighthouse-hwy1.com/?a=1308&oc=20987&c=56129&m=3&s1=&ch-redir=1&ckmxid=cpbpbvqt0001mq70mk20
  • https://www.sbbq3otrk.com/4J58SX1/2CGLJ45/?sub1=1308&sub2=fbid&sub3=365312403
  • https://trckde01.de/de01,lidl,geschenkkarte_1251.html?idPartner=69&idCampaignAd=0&subId=2184_1308&subIdentifier=23025d35cec54b9bacf11adb04c40490_fbid
  • https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965&
164 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
41458f4f0fab1686ead63070b81be38ef66e33f39ac2df7c0cffd37b50a085fd

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
37350
Content-Type
text/html; charset=UTF-8
Date
Wed, 29 May 2024 20:54:25 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
2
Content-Type
text/html; charset=UTF-8
Date
Wed, 29 May 2024 20:54:25 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Location
https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965&
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
cpa_style.css
de1641.happy-nachrichten.de/media/adresseManager/microSiteFiles/1641/ 		248 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://de1641.happy-nachrichten.de/media/adresseManager/microSiteFiles/1641/cpa_style.css
Requested by
Host: de1641.happy-nachrichten.de
URL: https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9d6ec8ac7a0322113c02d9cf34f6102e6092fd6c64c312c0d9e6552c417c5a7d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965&
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 20:54:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Apr 2024 14:45:11 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3e0cd-61623ab284fa0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
40035
css2
fonts.googleapis.com/ 		2 KB
981 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap
Requested by
Host: de1641.happy-nachrichten.de
URL: https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
56e9001612c112d192ebe8d26e89861d84a32103a9507f80f37ab225b2eba5d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 May 2024 20:54:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 May 2024 19:52:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 May 2024 20:54:28 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ 		50 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: de1641.happy-nachrichten.de
URL: https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/
Origin
https://de1641.happy-nachrichten.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 20:54:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1241702
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U7zDM%2FoKJItBfZomoo%2FhsTmNsSy3pHpF1Vmr1pVukIl%2BSJRgn14tRZ9Pu%2BbToWKwYOxcrBxfoZSwdCEu9BmyE3FsWuYDIsQphAqHuPphpO4e0g0mdYqPnOaErA9r11jjQUYZMf8qPlQWK9yFW0VJgAv2"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
88b9613eee5f4dcc-FRA
alt-svc
h3=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: de1641.happy-nachrichten.de
URL: https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 12:48:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115569
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 12:48:19 GMT
cyF8KJYSfZzhHi8Py.js
static.cleverpush.com/channel/loader/ 		214 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Requested by
Host: de1641.happy-nachrichten.de
URL: https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82ff6070fd1ed0d537ff3219cb6288d36ad7b249791db1b23b813df9629e5748

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 20:54:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
J2A4F223Y5TARY8H
age
6685
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
sGbQ1yCTJOqz+6v3Wzj2re33Ok/G1XGK6rNE2ULP83/F6m9/DEqhXYLk/9jMiICDe5nQUQiD4w8=
last-modified
Tue, 28 May 2024 00:36:10 GMT
server
cloudflare
etag
W/"b0dc6338acd1913646a40295191c9024"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FLe4nDP18d7s%2F4W24EazuHHy5dMhqhlRMHB8NFwsDvvFkpHpe3c27tRAwYQcQfZ4kbkTpQB80O60bKw%2FBFlc%2BMvZNa1EvYn%2F2MYJd3HkyVFTPAka7w5n9DWejDD5kal7KANeu%2FL%2FWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=21600
cf-ray
88b96140fd3b71c5-FRA
freeheader.png
de1641.happy-nachrichten.de/media/adresseManager/microSiteImg/1641/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1641.happy-nachrichten.de/media/adresseManager/microSiteImg/1641/freeheader.png
Requested by
Host: de1641.happy-nachrichten.de
URL: https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b03aad60802ac7854a522fcd8efe05739e585c6d04727b0b120f16e868b55db4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965&
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 20:54:28 GMT
Last-Modified
Mon, 15 Apr 2024 14:45:11 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"b09-61623ab284fa0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2825
fr.png
de1641.happy-nachrichten.de/media/adresseManager/microSiteImg/1641/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1641.happy-nachrichten.de/media/adresseManager/microSiteImg/1641/fr.png
Requested by
Host: de1641.happy-nachrichten.de
URL: https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e87de448fe0489a66cce3d6dccaee65333ef8ca856b171deb8036aaedffd3727

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965&
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 20:54:28 GMT
Last-Modified
Mon, 15 Apr 2024 14:45:11 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"11d6-61623ab284000"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4566
lidlmv2.jpg
de1641.happy-nachrichten.de/media/adresseManager/microSiteImg/1641/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1641.happy-nachrichten.de/media/adresseManager/microSiteImg/1641/lidlmv2.jpg
Requested by
Host: de1641.happy-nachrichten.de
URL: https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
080826557af53d6ba1b6329581b4e6244fa0cbd88d2ab4bc48b540739e1bdb5d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965&
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 20:54:29 GMT
Last-Modified
Thu, 18 Apr 2024 10:29:25 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1a626-6165c71fb8f3a"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
108070
script.js
meine.pixelweiche.de/ 		964 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meine.pixelweiche.de/script.js
Requested by
Host: de1641.happy-nachrichten.de
URL: https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.158.79.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30 /
Resource Hash
141fb3f5cfe662d76c077d73ab421f8756a6aae698f86614b10e129b8a151437

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 20:54:29 GMT
Last-Modified
Fri, 01 Sep 2017 06:01:35 GMT
Server
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30
ETag
"3c4-5581a7e5699e1;616922bc1b4c0"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
964
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: de1641.happy-nachrichten.de
URL: https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 29 May 2024 20:54:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1294, tbw=2806, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
NlJ2tHyY0rfOgQj2xjXh1TGXS+VH5Qf2sxspCl+SnesIJGxEB78nybtgR7Ai5ht+n4sn02zWoyU0uvFDRuG5lQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
script.js
meine.pixelweiche.de/tg/ 		0
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://meine.pixelweiche.de/tg/script.js?idPartner=&subId=&subIdentifier=&postbackToken=&zielseite=adressdata1
Requested by
Host: meine.pixelweiche.de
URL: https://meine.pixelweiche.de/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.158.79.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30 / PHP/5.6.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 29 May 2024 20:54:29 GMT
Server
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30
X-Powered-By
PHP/5.6.30
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0
Expires
Thu, 19 Nov 1981 08:52:00 GMT
lidlbg1.jpg
de1641.happy-nachrichten.de/media/adresseManager/microSiteImg/1641/ 		483 KB
483 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1641.happy-nachrichten.de/media/adresseManager/microSiteImg/1641/lidlbg1.jpg
Requested by
Host: de1641.happy-nachrichten.de
URL: https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
171fd1f5f97ecadcd56fb7cde242590f992886f1423da3070b9e447c3d1eb4b1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965&
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 20:54:29 GMT
Last-Modified
Mon, 15 Apr 2024 14:58:20 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"78cbc-61623da285b1d"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
494780
9835.fc7e70996371ffeb2237.js
static.cleverpush.com/sdk/chunk/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/9835.fc7e70996371ffeb2237.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
569f3189f23ddf52b8e9c2700c5e9e248564f2d24d7703103a05d5a6b63c0c31

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 20:54:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SW1N86AB0S4AWGEW
age
30232
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
tCrHt3fWilU464chmbFMadD4Q/wrGaodiW9J/f7hUOFKZanZuR7uLvVcImevjskKs+B2ExUFCcg=
last-modified
Tue, 28 May 2024 12:30:24 GMT
server
cloudflare
etag
W/"df0a70fc7abda306a86b4cbf47190eeb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qHwEkImGv6xAXqwvYkagsbtfWBj%2B2BdBVoY0M%2BtUQU2y8KtG4DM3wcMTS7aQ8c0sD1REsJitHQTYXPnQUIrfPXgAwFJMH8g%2B5DFzCADDX8dTvOZQNX%2FSHk7dK3IzOwDOF2WSZ8pmsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
88b96143588671c5-FRA
4663.a62cc16c9086f415ce3e.js
static.cleverpush.com/sdk/chunk/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/4663.a62cc16c9086f415ce3e.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56ce488016e10e57ed18b91230364c9b44ac2d00cd4eb5ec89c816a3ec035665

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 20:54:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EW3889JQZP4XK7XN
age
33548
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
llvFEnuR7/ip5E/8q6wO3KiZXeJy3CbPE+bpU/9n79rOxzmFNW9eQIMRhvcP16VOI9jfjUbteXE=
last-modified
Wed, 29 May 2024 11:35:06 GMT
server
cloudflare
etag
W/"a82cf65ac0d1c5f50c78232480ec4b5c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZtnxzQdwooU5HVvyL4%2FxM2B6Wmis8aoexLMagP2wXb9ZY%2B7rh7REwMVY7OZ5uqYzPmod7mJRJDanX0%2FdHVVpn2KJDrmKO%2FaF3pF48zFfBbKepFbsz%2BiYhKW14kI3S8zgtkgP2jjH3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
88b96143588a71c5-FRA
4005.92f4ea4167394fcea98d.js
static.cleverpush.com/sdk/chunk/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/4005.92f4ea4167394fcea98d.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
885e66f228320b4c2a17463acdb632fe4a8d66fa5990bb4dfe0370cc522f0696

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 20:54:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SW1TM6KJK29XHTMW
age
30232
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
EFNqlUB0H+51Nyp0/dkanAsYgWiq68L/5PSLTGfB5GvBwp9ltiv7bocTyxKiIAALTIbqHb8Gs6I=
last-modified
Tue, 28 May 2024 12:30:20 GMT
server
cloudflare
etag
W/"7c18a4ea32398205ba3165e8de0a9c7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jrNST%2F0EEEXovLw0ROFcR7mOaFUB9IV7vOQN3fteNUHqnt3yMXhaKbynx7tMLiYjeIkLrKrUJv2oWPmRLlMLG5AtQT1Wo5GIIIaXUSlWp50%2BRBv9b2UFENJ9N7HHmqlRKp5cbreP2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
88b9614368b771c5-FRA
3251.852e9eed8ead3e6378e1.js
static.cleverpush.com/sdk/chunk/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/3251.852e9eed8ead3e6378e1.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3aa5f7c7a36d0219f25eea299c8d1e896d03dcbe0c3455830d775e35f9f1da4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 20:54:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3V2HYGFQZYHZQEP1
age
33548
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
pnDggdzgsKA21RaLfHw60wyLJiEqTgcS/Gq509dWSBldkFK7N33hLCClXXsKFrIRcrJYWN0Q3S8vNb3TG+Srfw==
last-modified
Wed, 29 May 2024 11:35:05 GMT
server
cloudflare
etag
W/"83f28f7f709f04b0db81309a40c83d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=78AKpsfHvp7k8CkUq7MxcSPNT20vJagfqr5A91kKjN9%2B4%2BTtYI5qJ9Wt9zGtbsniruWguI2IZrmnF%2BL1z6Kc58HnOhEfswsguF6j3Wq6DRYJxBoGrXiTVn7orsJrqLYNL97M5NsaJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
88b9614368bb71c5-FRA
8115.0e0b78ee1480c1fa6db0.js
static.cleverpush.com/sdk/chunk/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/8115.0e0b78ee1480c1fa6db0.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cd6062d69a54b8edd562df8c87472b8a2c064516cd9e8cd6a89c5008740c6ad

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 20:54:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SW1VKFJXQKRRA2Y3
age
30232
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
KYcATgPYa9pZ23SyeQx0ZZoYebJSReIMZpY9WFieJ4BTM65inMi78JcZcz0y0xoprb2Xob+esEY=
last-modified
Tue, 28 May 2024 12:30:23 GMT
server
cloudflare
etag
W/"312c7ec6c5141f9dd68c07db98291631"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sA6rouM45X8JcIFXIDNjeExqUlkqt2eWkGzqax5M%2FgrhtMpGSOd3phFuUbSBgU58%2FRVzTKD34BxiZsWna87iIMsa2j%2FEgVll%2B01xSGKIkE1Iq5qPwyU8dg6bp0XrpX5xMqLpOuIvew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
88b9614368c171c5-FRA
iframe
lv1.mycleverpush.com/ Frame BD0A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://lv1.mycleverpush.com/iframe?origin=https%3A%2F%2Fde1641.happy-nachrichten.de
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/3251.852e9eed8ead3e6378e1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.69.145.0 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.0.145.69.159.clients.your-server.de
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://de1641.happy-nachrichten.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept
cache-control
public, max-age=1800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 29 May 2024 20:54:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-backend-server
cleverpush-worker-3
x-cache-status
HIT
x-robots-tag
noindex
favicon.ico
de1641.happy-nachrichten.de/ 		72 KB
72 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://de1641.happy-nachrichten.de/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b31fde204378112e3db2b6343056923f6f49bdc9a164fa43c294f3b007259cf5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/campaign_1641.html?coyoteAffiliTokenId=81108965&
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 20:54:30 GMT
Last-Modified
Thu, 08 Sep 2022 04:38:22 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"11e46-5e822ffd79f32"
Content-Type
image/vnd.microsoft.icon
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
73286
6103.3ad2be8e4830334efa20.js
static.cleverpush.com/sdk/chunk/ 		96 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/6103.3ad2be8e4830334efa20.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce2ff3467a25b31d01efe069eae42e761c2d70064a7b6baf8d95e05089623a04

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 20:54:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EW38FWB3FM6CSKDA
age
33549
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Ab2EuqgYYMY9paROqUOPZhjTXBrT1rFcGnwLpAJx3alXszINjvYonMQRmq3ovDUp1tW5nqSB1Qg5ppBFBaiGAA==
last-modified
Wed, 29 May 2024 11:35:08 GMT
server
cloudflare
etag
W/"0e90ea00bd4892347cd8dda8545fc589"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2TLAXCwlf9CDxMR82A0N%2BB%2B3e%2FZdsCLVi0AVnMQJS3EwJpkyJHhHGs3bcd4NiOxY8yrrPq6hKDn178cBvyrBs154FAb2kR%2B3GNfg1DvFFD0OIKTgs%2FnSnV4OZ%2Bzx6qbDDDoBgPMIug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
88b961463ca671c5-FRA
7720.86faf3ab55d240b21f97.js
static.cleverpush.com/sdk/chunk/ 		48 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/7720.86faf3ab55d240b21f97.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d17e858ee48019da30a7020694b86747d53b65f71949ea5640ef1388ff1171d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 20:54:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EW36X4YJD4FRTWZ0
age
33549
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
gpsUVtufYmpaf5KNnkOdMVNBpVKK30dBOjoRZ0ikGxiWG6feHk3pnxHwlnguOMxnMfnPefsgPMk=
last-modified
Wed, 29 May 2024 11:35:08 GMT
server
cloudflare
etag
W/"d1a6e90694beb74f8958beeca6090c31"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ozha3t6RonSgj9WyAthR1Xv1HEPGDuna73eagPTwK6p23ELh4xm5s1A6PDMkl0JPGPMw0iZDNsdF549yR3zdd6UBQk7OtKvEvdp1HOa6aAfUpApxyFSfEiPxgXrnV%2FgPGZdNbwHk0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
88b961463ca971c5-FRA
4329.34577e69ce285960527f.js
static.cleverpush.com/sdk/chunk/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/4329.34577e69ce285960527f.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac41e2b6467a3dbace8e39f2602d7089e75aec603c612105cee5b1920cf3e665

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 20:54:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3EQRAMXAZ8RZA1XP
age
39536
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/R8KUMwAmI7HCDYDLZq2bFyvPoahgJSLAxhdicDTxyXJ57RE6gT3kFCqUJ06ARwCyblmkM638mQ=
last-modified
Tue, 28 May 2024 09:55:17 GMT
server
cloudflare
etag
W/"27163007be3bbd41bffff534d5e4e924"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HfPcvPRDxdunlgJnyb057xKc4wDQX8Z67EIauj89SOokVDC4KqrO96cuUa3cbtPFc4dkYCNWYOhAW9rzfapft4EZUGa9Mbc4Zt0Nsx16k6YMsloTzmBQp%2FjYPnt8sv2%2BjI3NpnzyJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
88b96146cd9b71c5-FRA
4336.017b9256a2c09267ebf9.js
static.cleverpush.com/sdk/chunk/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/4336.017b9256a2c09267ebf9.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4634d2bab38b8575367a061ca5fc84041ae0c1aa2c49b1462aeaeba9f84a8b46

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 20:54:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SW1VDSRCPJ6X91NW
age
30233
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
9aiyfAejTJzZjyz1X9GV7UKq0WcE7gDlfAgdfDtBJVKHmXkaYyAjzOKLmPOWefMTK31Yr6jSxu1ZlldkqlHVQA==
last-modified
Tue, 28 May 2024 12:30:20 GMT
server
cloudflare
etag
W/"05b555109eec607743be6225b5cae76f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2FUIHEi2CxY4I3UZ4E1e5MTxd65GjW3E2%2BO833ViB9rMlWYVXyHuF%2FlXpoZOqi00jCPe%2Fp%2Fb4HykTSD%2FuqDo4h0b0pZZQkYtfScrLsmEVo1YGq1YUqnH6J96vV91bHnGXa6iZxNB2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
88b96146cd9c71c5-FRA
7594.8cb8275b6f2e69da8144.js
static.cleverpush.com/sdk/chunk/ 		735 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/7594.8cb8275b6f2e69da8144.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
686ab3bf899cd082ab930f47daf332e45ca4983a06226d1a471cf30ad061600d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 20:54:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EW38D3BK0CFX8C4J
age
33549
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
M78ff5WyRurud1j2dla89chMvUiRw1Dqp/+A/zBzgVB/MgppdbCEsAnca59akyhDq0xbIH194Sk=
last-modified
Wed, 29 May 2024 11:35:08 GMT
server
cloudflare
etag
W/"4cbf334c514a044dade64b61384dce18"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U0rWZ%2BFxR34o9UMJY0DeTuQJ%2FSvreJV6j38kwc2myTf61Ulz2ICLSIWs84DprFTtJGcA3Ty2%2Fc7I0G63vMqAOsRjVIcUxGHToYWphzfiscSWtzEeIQdBvDdqbbhLhP0oPJlLBEfEwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
88b96146cd9d71c5-FRA
7193.2a79e02e6f715b48dbeb.js
static.cleverpush.com/sdk/chunk/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/7193.2a79e02e6f715b48dbeb.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4daecf3ac638fbb5d1f03cbb2fe20273b388ecf0e51f2be942992c2cf0cea10

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 20:54:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EW3850B801G7FEEE
age
33549
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
IyBEz/l6Y1KcYb6ZHMeIFVcCNs50h0iTmnqW3R1MI2tDQy/m/dIszcR5QYZ5FhgwjFLl46eghlo=
last-modified
Wed, 29 May 2024 11:35:08 GMT
server
cloudflare
etag
W/"19245426356346b4a9e28350f33b7386"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ENE0uMF1B8Yp7MU%2BfMZZbb6EAmypUBNvpuWT%2Fj043IsTK1MqfUTdCHVld3z%2BAsrSTj4LX0p3a%2FD710jcK6GtS4kJDhXA8r8xVAnd4D0321S6Utno8h8L%2FJBjyo6AdvZ8km%2Bd5cilGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
88b96146cd9e71c5-FRA
1376.35cf0ba4e9c7e543c5b6.js
static.cleverpush.com/sdk/chunk/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/1376.35cf0ba4e9c7e543c5b6.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0439122447204b780457fa57edd4a5acc7f6664f17c7578e3014cfccd971ed4f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 20:54:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EW311Y15WRTV76TB
age
33549
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
AxaFq5a+7McOEMpq4rLZeARnKac+s0ndYh3Gmrv3e5h349Kw3LNTFa8Ui88KHnWC2Z3vsFKKuD0=
last-modified
Wed, 29 May 2024 11:35:05 GMT
server
cloudflare
etag
W/"18e09f22bb92cef28ebfe5377a5c7e6a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MtxJSAtpNnieRpFkoj9zefZFRBy2mD5bUUcLmF9Y9tw1m6VFFP3GbhWQTWX51kGaS717%2FaUcEz5v7YB10ZfaNsYrDF%2BBgkhdBSJjzPI5bKnUWhSuJBSvcNlHhy%2BhykBaP1mBh72hsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
88b96146cda071c5-FRA
4862.a887e1dac1daffcd80ea.js
static.cleverpush.com/sdk/chunk/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/4862.a887e1dac1daffcd80ea.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5cda3d1376eb63d88d60b4b0eaeb5c40bf5617f3797d762d7483650f9262555

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 20:54:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SW1JCD221EGE6R1J
age
30233
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
eEVws/obi9iH8ss68wBlWLBfRIkIv1lG0fO/hWWnKJ5G/bO1D/lnVfjJKdHDXjuN3nc1NUQACOk=
last-modified
Tue, 28 May 2024 12:30:21 GMT
server
cloudflare
etag
W/"a0edd567c2aaf680599fa51eee9bc962"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TKkpbTFaLuO0k%2BQRCPZ%2BepzrtWfyfd352LfaT3I%2FcrLmPR2apk6V5K5VzX80zEOAlsaenzv%2BmhAxfEBQxbYmGWsvni6S96hrKTuKcRgON9ghzA0Lgcnvufjg60xC42HK1EyxfonPaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
88b96146cda171c5-FRA
optin-visitor
api.cleverpush.com/channel/ 		16 B
617 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://de1641.happy-nachrichten.de/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 20:54:30 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server
cleverpush-worker-2
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Wbl3OfWOX7%2FnrHNke6cHBjbOJwoe2U%2FNicIVZd64bTZxYDngHNzBspnf3Zgk09NdUtFRI98APdAnz0kKnUzXD18KaobM%2FLAgsL%2FsNpxlUHcFZFkGUx5TtAzrY9sh%2FERebxG%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
88b96147ca7e39be-FRA
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
optin-visitor
api.cleverpush.com/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://de1641.happy-nachrichten.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
88b961476a0139be-FRA
content-length
0
content-type
application/json; charset=utf-8
date
Wed, 29 May 2024 20:54:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TJhrVZhSjnIHghIWnhds7kwKOPwhEjpd%2FHiNCJN3bjWJqoT5Xhzp8hsZtvqqFn06I10vaiLo3ubOft9xgJkw1nqFDlMZttdQBWQVzn2gLwlFubM16bePE2X8xEmPtcXG3h6oFg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
confirm-alert
api.cleverpush.com/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/confirm-alert
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://de1641.happy-nachrichten.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
88b961532a5d39be-FRA
content-length
0
content-type
application/json; charset=utf-8
date
Wed, 29 May 2024 20:54:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1EBOt4BDzgawGY781nbYERLZ%2FeB%2Butz%2BDYK1gVIvGJ4Iu8xvqkzrdBlmXeWY3FTN0Jzkx9OM2ierbJ%2F3LQNj9ES8rhOnyEISlOodSgnBAF1mw4xEfH2laaIpsok7ZEOoqjjf0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
confirm-alert
api.cleverpush.com/channel/ 		16 B
612 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/confirm-alert
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://de1641.happy-nachrichten.de/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 20:54:32 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server
cleverpush-worker-2
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2aSPs4TYxX3%2FqGX7PZrpHEd%2F96d3nLQNQznZoCbF8zFpI4zilT5Q%2BdTlHdeeSXrY5Qh5narjNiISndw1DdFRwnMdIZ0Ps1hnXcP54j7z9psVLl2DsZ2A8FsmOX6pU75qvC60Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
88b961538acc39be-FRA
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
defaultChannelIcon.png
static.cleverpush.com/app/images/ 		732 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cleverpush.com/app/images/defaultChannelIcon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.184 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://de1641.happy-nachrichten.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 20:54:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QVKG29NEJ3WH0R0T
age
769007
alt-svc
h3=":443"; ma=86400
content-length
732
x-amz-id-2
L94gk23rpieVrFR2pmIBb+nkqhSWL0BElNB/Trp0ttkRLi2UPTyejX9QfoA+Tv6kDsfnsTw5DY8=
last-modified
Mon, 21 Oct 2019 13:42:31 GMT
server
cloudflare
etag
"dada142d4861c864d8d63e8cd5dd22dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=px8V8M3WW6qe5yuNbNd97zkNBPGrxE%2BP3dPfVRdgyXAN%2FsFQ3QyR13jDmzQ39%2BP9tokY2LOxOkONNb8T%2B6PLcg4kHg%2Bxzz07DnZLi3RcsKhrGbr7NGNthI0ptYc30NQcxgRvVwYvZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2628000
accept-ranges
bytes
cf-ray
88b961532fd771c5-FRA

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| showSAM object| jQuery1124038636546466811317 string| optinBoxActive function| fbq function| _fbq function| pixelweiche object| pw object| webpackChunk_cleverpush_cleverpush_js_sdk object| regeneratorRuntime number| __cleverPushSdkLoadCount object| CleverPush

8 Cookies

Domain/Path Name / Value
.lighthouse-hwy1.com/ Name: st
Value: +ytUIxRMDr/xRapSxFwK02zn4mKNRGk1+mEusZxdY+X/FcqSGaU23g==
.lighthouse-hwy1.com/ Name: tm
Value: ZMB/3jXM1z/xRapSxFwK02zn4mKNRGk1+mEusZxdY+X/FcqSGaU23g==
.lighthouse-hwy1.com/ Name: c20935
Value: +ytUIxRMDr9PUODc8gScE/L50qVGiG/rzTodLILMVBOKFdiP+lV3JQ==
www.sbbq3otrk.com/ Name: uniqueClick_2CGLJ45
Value: be5ab285-8c05-4093-96c3-18fc40d8daf0:1717016063
www.sbbq3otrk.com/ Name: transaction_id
Value: 23025d35cec54b9bacf11adb04c40490
trckde01.de/ Name: PHPSESSID
Value: je2s6fq1ofj8t5l6u4viqvrtf0
de1641.happy-nachrichten.de/ Name: PHPSESSID
Value: rh7gfqo2honfhosost2h33bv57
de1641.happy-nachrichten.de/ Name: coyoteAffiliTokenId1641
Value: 81108965

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.cleverpush.com
connect.facebook.net
de1641.happy-nachrichten.de
fonts.googleapis.com
lighthouse-hwy1.com
lv1.mycleverpush.com
meine.pixelweiche.de
static.cleverpush.com
trckde01.de
use.fontawesome.com
www.sbbq3otrk.com
159.69.145.0
172.67.71.184
2606:4700:3037::ac43:8ef5
2a00:1450:4001:80f::200a
2a00:1450:4001:810::200a
2a03:2880:f084:d:face:b00c:0:3
34.111.143.46
34.76.98.215
35.158.79.89
45.156.91.33
45.156.91.34
0439122447204b780457fa57edd4a5acc7f6664f17c7578e3014cfccd971ed4f
080826557af53d6ba1b6329581b4e6244fa0cbd88d2ab4bc48b540739e1bdb5d
141fb3f5cfe662d76c077d73ab421f8756a6aae698f86614b10e129b8a151437
171fd1f5f97ecadcd56fb7cde242590f992886f1423da3070b9e447c3d1eb4b1
1cd6062d69a54b8edd562df8c87472b8a2c064516cd9e8cd6a89c5008740c6ad
24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897
2d17e858ee48019da30a7020694b86747d53b65f71949ea5640ef1388ff1171d
41458f4f0fab1686ead63070b81be38ef66e33f39ac2df7c0cffd37b50a085fd
4634d2bab38b8575367a061ca5fc84041ae0c1aa2c49b1462aeaeba9f84a8b46
569f3189f23ddf52b8e9c2700c5e9e248564f2d24d7703103a05d5a6b63c0c31
56ce488016e10e57ed18b91230364c9b44ac2d00cd4eb5ec89c816a3ec035665
56e9001612c112d192ebe8d26e89861d84a32103a9507f80f37ab225b2eba5d8
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
686ab3bf899cd082ab930f47daf332e45ca4983a06226d1a471cf30ad061600d
82ff6070fd1ed0d537ff3219cb6288d36ad7b249791db1b23b813df9629e5748
885e66f228320b4c2a17463acdb632fe4a8d66fa5990bb4dfe0370cc522f0696
9d6ec8ac7a0322113c02d9cf34f6102e6092fd6c64c312c0d9e6552c417c5a7d
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
ac41e2b6467a3dbace8e39f2602d7089e75aec603c612105cee5b1920cf3e665
b03aad60802ac7854a522fcd8efe05739e585c6d04727b0b120f16e868b55db4
b31fde204378112e3db2b6343056923f6f49bdc9a164fa43c294f3b007259cf5
b4daecf3ac638fbb5d1f03cbb2fe20273b388ecf0e51f2be942992c2cf0cea10
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ce2ff3467a25b31d01efe069eae42e761c2d70064a7b6baf8d95e05089623a04
d3aa5f7c7a36d0219f25eea299c8d1e896d03dcbe0c3455830d775e35f9f1da4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5cda3d1376eb63d88d60b4b0eaeb5c40bf5617f3797d762d7483650f9262555
e87de448fe0489a66cce3d6dccaee65333ef8ca856b171deb8036aaedffd3727
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0