de467.happy-nachrichten.de Open in urlscan Pro
45.156.91.33 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ix-event.com.tr/home/undefined
Effective URL:
https://de467.happy-nachrichten.de/campaign_467.html?coyoteAffiliTokenId=81258953&
Submission: On June 02 via api (June 2nd 2024, 10:28:21 pm UTC) from US — Scanned from DE

Summary HTTP 34 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 13 domains to perform 34 HTTP transactions. The main IP is 45.156.91.33, located in Germany and belongs to ABUNTIS, DE. The main domain is de467.happy-nachrichten.de.
TLS certificate: Issued by R3 on May 30th 2024. Valid for: 3 months.

This is the only time de467.happy-nachrichten.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::ac43:9a8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3037::ac43:95c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:235... 2600:9000:235a:1e00:10:c3e9:4400:21	16509 (AMAZON-02) (AMAZON-02)
1 1	34.141.179.97 34.141.179.97	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.111.143.46 34.111.143.46	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	45.156.91.34 45.156.91.34	211823 (ABUNTIS) (ABUNTIS)
6	45.156.91.33 45.156.91.33	211823 (ABUNTIS) (ABUNTIS)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::ac43:8ef5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
15	2606:4700:20:... 2606:4700:20::681a:f1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.158.79.89 35.158.79.89	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	116.203.55.53 116.203.55.53	24940 (HETZNER-AS) (HETZNER-AS)
4	2606:4700:20:... 2606:4700:20::681a:e1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	10

1 2606:4700:3034::ac43:9a8e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ix-event.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:95c7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

smrturl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:235a:1e00:10:c3e9:4400:21 (United States)

ASN16509 (AMAZON-02, US)

d1xmy0yqwxzhn4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.141.179.97 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 97.179.141.34.bc.googleusercontent.com

go.smartorfast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.143.46 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 46.143.111.34.bc.googleusercontent.com

www.sbbq3otrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.156.91.34 (Germany) 1 redirects

ASN211823 (ABUNTIS, DE)

trckde01.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.156.91.33 (Germany)

ASN211823 (ABUNTIS, DE)

de467.happy-nachrichten.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:20::681a:f1f (United States)

ASN13335 (CLOUDFLARENET, US)

static.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.79.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-79-89.eu-central-1.compute.amazonaws.com

meine.pixelweiche.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.203.55.53 (Munich, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.55.203.116.clients.your-server.de

lv1.mycleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:e1f (United States)

ASN13335 (CLOUDFLARENET, US)

api.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	cleverpush.com static.cleverpush.com — Cisco Umbrella Rank: 24654 api.cleverpush.com — Cisco Umbrella Rank: 21697	133 KB
6	happy-nachrichten.de de467.happy-nachrichten.de	878 KB
2	pixelweiche.de meine.pixelweiche.de	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33 ajax.googleapis.com — Cisco Umbrella Rank: 380	35 KB
2	cloudfront.net d1xmy0yqwxzhn4.cloudfront.net	1 KB
1	mycleverpush.com lv1.mycleverpush.com
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	59 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1230	11 KB
1	trckde01.de 1 redirects trckde01.de	802 B
1	sbbq3otrk.com 1 redirects www.sbbq3otrk.com	524 B
1	smartorfast.com 1 redirects go.smartorfast.com — Cisco Umbrella Rank: 789586	326 B
1	smrturl.co 1 redirects smrturl.co — Cisco Umbrella Rank: 535090	717 B
1	ix-event.com.tr 1 redirects ix-event.com.tr	472 B
34	13

	Domain	Requested by
15	static.cleverpush.com	de467.happy-nachrichten.de static.cleverpush.com
6	de467.happy-nachrichten.de	d1xmy0yqwxzhn4.cloudfront.net de467.happy-nachrichten.de
4	api.cleverpush.com	static.cleverpush.com
2	meine.pixelweiche.de	de467.happy-nachrichten.de meine.pixelweiche.de
2	d1xmy0yqwxzhn4.cloudfront.net
1	lv1.mycleverpush.com	static.cleverpush.com
1	connect.facebook.net	de467.happy-nachrichten.de
1	ajax.googleapis.com	de467.happy-nachrichten.de
1	use.fontawesome.com	de467.happy-nachrichten.de
1	fonts.googleapis.com	de467.happy-nachrichten.de
1	trckde01.de	1 redirects
1	www.sbbq3otrk.com	1 redirects
1	go.smartorfast.com	1 redirects
1	smrturl.co	1 redirects
1	ix-event.com.tr	1 redirects
34	15

This site contains links to these domains. Also see Links.

Domain
lifestyle-club-online.de
www.burda-versichert.de
dailytravel.de
www.emma-matratze.de
www.cashsparen.de
resultsgeneration.com
www.suedstern-interaction.de
www.trendtours.de
www.daydreams.de
www.pmiprivacy.com
signalize.com

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.happy-nachrichten.de R3	`2024-05-30` - `2024-08-28`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
cleverpush.com E1	`2024-04-30` - `2024-07-29`	3 months	crt.sh
coyote.pixel-weiche.de R3	`2024-04-21` - `2024-07-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-12` - `2024-06-10`	3 months	crt.sh
*.mycleverpush.com Sectigo RSA Domain Validation Secure Server CA	`2024-05-16` - `2025-06-16`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://de467.happy-nachrichten.de/campaign_467.html?coyoteAffiliTokenId=81258953&
Frame ID: C81E0FD526AFDD839F739EEE87662E40
Requests: 31 HTTP requests in this frame

Frame: https://lv1.mycleverpush.com/iframe?origin=https%3A%2F%2Fde467.happy-nachrichten.de
Frame ID: 3D4150A78FFE1E1C164AC03976745C81
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shein Geschenkkarte Gewinnen!

Page URL History Show full URLs

http://ix-event.com.tr/home/undefined HTTP 307
https://ix-event.com.tr/home/undefined HTTP 302
https://smrturl.co/e143d85 HTTP 302
https://d1xmy0yqwxzhn4.cloudfront.net/public/dynamo/smartLinkClick.php?offer_id=53469418&offer_position=1&visitor_... Page URL
https://go.smartorfast.com/click?pid=434&offer_id=24545&sub6=Cdbec7da9b8501&sub2=434_237823&sub4=1&sub5... HTTP 302
https://www.sbbq3otrk.com/2SML767/76KDZW/?sub1=434_237823&sub3=665cf1ff8eb80f0001579787 HTTP 302
https://trckde01.de/de01,shein_284.html?idPartner=69&idCampaignAd=0&subId=1138_434_237823665cf1f... HTTP 302
https://de467.happy-nachrichten.de/campaign_467.html?coyoteAffiliTokenId=81258953& Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

100 %
HTTPS

60 %
IPv6

13
Domains

15
Subdomains

10
IPs

3
Countries

1119 kB
Transfer

2053 kB
Size

9
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://lifestyle-club-online.de/
Title: https://lifestyle-club-online.de/

Search URL Search Domain Scan URL

URL: https://www.burda-versichert.de/de/cms/datenschutzinformation-art-14.html
Title: Datenschutzinformation nach Art. 14 EU-DSGVO

Search URL Search Domain Scan URL

URL: https://dailytravel.de/
Title: https://dailytravel.de

Search URL Search Domain Scan URL

URL: https://www.emma-matratze.de/datenschutz/
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://www.cashsparen.de/static/privacy
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://resultsgeneration.com/privacy-policy
Title: Datenschutz

Search URL Search Domain Scan URL

URL: http://www.suedstern-interaction.de/
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://www.trendtours.de/datenschutz
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://www.daydreams.de/datenschutzinformation_Artikel_14
Title: Datenschutzinformation nach Art. 14 EU-DSGVO

Search URL Search Domain Scan URL

URL: https://www.pmiprivacy.com/de-de/consumer
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://signalize.com/docs/sonstiges/opt-out-info/
Title: hier

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ix-event.com.tr/home/undefined HTTP 307
https://ix-event.com.tr/home/undefined HTTP 302
https://smrturl.co/e143d85 HTTP 302
https://d1xmy0yqwxzhn4.cloudfront.net/public/dynamo/smartLinkClick.php?offer_id=53469418&offer_position=1&visitor_id=Vdb65b374855a7&m=0&user_id=237823&it=4319812&key=d1d6a&s2=smart-e143d85&hash=95e17600ba74f1ae907aae46022914a2 Page URL
https://go.smartorfast.com/click?pid=434&offer_id=24545&sub6=Cdbec7da9b8501&sub2=434_237823&sub4=1&sub5=24545 HTTP 302
https://www.sbbq3otrk.com/2SML767/76KDZW/?sub1=434_237823&sub3=665cf1ff8eb80f0001579787 HTTP 302
https://trckde01.de/de01,shein_284.html?idPartner=69&idCampaignAd=0&subId=1138_434_237823665cf1ff8eb80f0001579787&subIdentifier=99728a06409f4ece88f87c475864a2f0_ HTTP 302
https://de467.happy-nachrichten.de/campaign_467.html?coyoteAffiliTokenId=81258953& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ix-event.com.tr/home/undefined HTTP 307
https://ix-event.com.tr/home/undefined HTTP 302
https://smrturl.co/e143d85 HTTP 302
https://d1xmy0yqwxzhn4.cloudfront.net/public/dynamo/smartLinkClick.php?offer_id=53469418&offer_position=1&visitor_id=Vdb65b374855a7&m=0&user_id=237823&it=4319812&key=d1d6a&s2=smart-e143d85&hash=95e17600ba74f1ae907aae46022914a2

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

smartLinkClick.php
d1xmy0yqwxzhn4.cloudfront.net/public/dynamo/
Redirect Chain

http://ix-event.com.tr/home/undefined
https://ix-event.com.tr/home/undefined
https://smrturl.co/e143d85
https://d1xmy0yqwxzhn4.cloudfront.net/public/dynamo/smartLinkClick.php?offer_id=53469418&offer_position=1&visitor_id=Vdb65b374855a7&m=0&user_id=237823&it=4319812&key=d1d6a&s2=smart-e143d85&hash=95e...

617 B
1016 B

434ms
408ms

Document
text/html

2600:9000:235a:1e00:10:c3e9:4400:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1xmy0yqwxzhn4.cloudfront.net/public/dynamo/smartLinkClick.php?offer_id=53469418&offer_position=1&visitor_id=Vdb65b374855a7&m=0&user_id=237823&it=4319812&key=d1d6a&s2=smart-e143d85&hash=95e17600ba74f1ae907aae46022914a2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:1e00:10:c3e9:4400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

content-length: 617
content-type: text/html; charset=UTF-8
date: Sun, 02 Jun 2024 22:28:15 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
via: 1.1 ad82d8a80f2c6497aad660c7722475c0.cloudfront.net (CloudFront)
x-amz-cf-id: zuCKIFHdlFoWMeNs7XEkXQzQKsQRr14N4iFLzjZ3A8pts9P3N9_fow==
x-amz-cf-pop: FRA60-P9
x-cache: Miss from cloudfront
x-powered-by: PHP/7.4.11

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88dae017cc3e1c13-FRA
content-type: text/html; charset=UTF-8
date: Sun, 02 Jun 2024 22:28:15 GMT
location: https://d1xmy0yqwxzhn4.cloudfront.net/public/dynamo/smartLinkClick.php?offer_id=53469418&offer_position=1&visitor_id=Vdb65b374855a7&m=0&user_id=237823&it=4319812&key=d1d6a&s2=smart-e143d85&hash=95e17600ba74f1ae907aae46022914a2
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8fZm%2BqiI%2F5eQaNNa5sLvGPs1CTyIVJ17Fb427kOHKv6c1TynAwB3ZT8qvB2SoE4pJ0t8FLAykEkI%2Bi%2BZ5fvFRlHrn2%2FDo3J83ke3g%2BAGm657oQoYkJnvl%2BP%2FJ%2FfvvrgHQjjJ%2FQ80Dh0V"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.11

GET
H/1.1

200
OK

Primary Request campaign_467.html Show response
de467.happy-nachrichten.de/
Redirect Chain

https://go.smartorfast.com/click?pid=434&offer_id=24545&sub6=Cdbec7da9b8501&sub2=434_237823&sub4=1&sub5=24545
https://www.sbbq3otrk.com/2SML767/76KDZW/?sub1=434_237823&sub3=665cf1ff8eb80f0001579787
https://trckde01.de/de01,shein_284.html?idPartner=69&idCampaignAd=0&subId=1138_434_237823665cf1ff8eb80f0001579787&subIdentifier=99728a06409f4ece88f87c475864a2f0_
https://de467.happy-nachrichten.de/campaign_467.html?coyoteAffiliTokenId=81258953&

155 KB
35 KB

182ms
132ms

Document
text/html

45.156.91.33
ABUNTIS

General

Check archive.org

Show headers Download Go to

Full URL: https://de467.happy-nachrichten.de/campaign_467.html?coyoteAffiliTokenId=81258953&
Requested by: Host: d1xmy0yqwxzhn4.cloudfront.net
URL: https://d1xmy0yqwxzhn4.cloudfront.net/public/dynamo/smartLinkClick.php?offer_id=53469418&offer_position=1&visitor_id=Vdb65b374855a7&m=0&user_id=237823&it=4319812&key=d1d6a&s2=smart-e143d85&hash=95e17600ba74f1ae907aae46022914a2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 6c7bee820cc15553306fdb0ee67d8759b163dd364285c0be2ff545e7e2cc47fa

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 35323
Content-Type: text/html; charset=UTF-8
Date: Sun, 02 Jun 2024 22:28:15 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Length: 2
Content-Type: text/html; charset=UTF-8
Date: Sun, 02 Jun 2024 22:28:15 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Location: https://de467.happy-nachrichten.de/campaign_467.html?coyoteAffiliTokenId=81258953&
Pragma: no-cache
Server: Apache/2.4.41 (Ubuntu)

GET
H2 404 favicon.ico
d1xmy0yqwxzhn4.cloudfront.net/ 0
278 B 159ms
159ms Other
text/html 2600:9000:235a:1e00:10:c3e9:4400:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1xmy0yqwxzhn4.cloudfront.net/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:1e00:10:c3e9:4400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 22:28:15 GMT
via: 1.1 ad82d8a80f2c6497aad660c7722475c0.cloudfront.net (CloudFront)
server: Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: FRA60-P9
x-powered-by: PHP/7.4.11
x-cache: Error from cloudfront
content-type: text/html; charset=UTF-8
content-length: 0
x-amz-cf-id: DLx2W_B2Z3jxpd_BH3Got2dDK0hViXBuMZfaTEeglGAQ0hoUyGLXxg==

GET
H/1.1 200
OK cpa_style.css
de467.happy-nachrichten.de/media/adresseManager/microSiteFiles/467/ 248 KB
39 KB 22ms
19ms Stylesheet
text/css 45.156.91.33
ABUNTIS

General

Check archive.org

Show headers Download Go to

Full URL: https://de467.happy-nachrichten.de/media/adresseManager/microSiteFiles/467/cpa_style.css
Requested by: Host: de467.happy-nachrichten.de
URL: https://de467.happy-nachrichten.de/campaign_467.html?coyoteAffiliTokenId=81258953&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 9d6ec8ac7a0322113c02d9cf34f6102e6092fd6c64c312c0d9e6552c417c5a7d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/campaign_467.html?coyoteAffiliTokenId=81258953&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 02 Jun 2024 22:28:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jul 2021 13:04:17 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "3e0cd-5c6740f32737b-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 40035

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
981 B 48ms
16ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap

Requested by

Host: de467.happy-nachrichten.de
URL: https://de467.happy-nachrichten.de/campaign_467.html?coyoteAffiliTokenId=81258953&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

56e9001612c112d192ebe8d26e89861d84a32103a9507f80f37ab225b2eba5d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Jun 2024 22:28:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 02 Jun 2024 21:23:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Jun 2024 22:28:16 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.5.0/css/ 50 KB
11 KB 71ms
22ms Stylesheet
text/css 2606:4700:3037::ac43:8ef5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by: Host: de467.happy-nachrichten.de
URL: https://de467.happy-nachrichten.de/campaign_467.html?coyoteAffiliTokenId=81258953&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/
Origin: https://de467.happy-nachrichten.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 22:28:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 855523
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TfraaCX3cU8Qfd7FxCd6HAuoYXBvqW99%2FPQNapkl5a3GfU3KiV3SgF2NGcX7v8TYAvOz7Lv54N18fQquaNJ99zVl%2B3DjwE9UwFB6E3sTI4WaMMDE3bojBO3DqXhrY%2ByoB9CBIg%2F0TOLymZLhS1VmfKLO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 88dae021291a381a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 46ms
8ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: de467.happy-nachrichten.de
URL: https://de467.happy-nachrichten.de/campaign_467.html?coyoteAffiliTokenId=81258953&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 13:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 May 2025 13:46:45 GMT

GET
H3 200 cyF8KJYSfZzhHi8Py.js Show response
static.cleverpush.com/channel/loader/ 215 KB
55 KB 46ms
23ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Requested by: Host: de467.happy-nachrichten.de
URL: https://de467.happy-nachrichten.de/campaign_467.html?coyoteAffiliTokenId=81258953&
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3c7e3a92b088aee6ef0c1a463ad6930557d9819ba8334e02d2a7944ef12f1a0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 22:28:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XPGE10NN8JC6E3S4
age: 12219
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 9W1K4JWJWHIHn+OPWdMjtdGh7eIdpShoR0f1CMs83V+0189fPqB8uVbVvnOhMVXU2dxkhYR1JVs=
last-modified: Sat, 01 Jun 2024 00:43:02 GMT
server: cloudflare
etag: W/"bb8c79145c5c3da5031b7d972f7259ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DLzgovFG%2BgPlMNwuNVDovnTY5jM%2FsgwFUDWXEg%2FOvFPgAv0jcPqLbQC1bdd9AtAfEsFKdZOD8A2MfdICDF%2BSjdiuNAW628IRvhW%2Fsq3r4F8DwaRyZtqmnzhRgAiyy34HhAK3vQXj1ULxVL6S%2FGeX7ckXiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=21600
cf-ray: 88dae021a82390e6-FRA

GET
H/1.1 200
OK shein1.png
de467.happy-nachrichten.de/media/adresseManager/microSiteImg/467/ 661 KB
661 KB 38ms
14ms Image
image/png 45.156.91.33
ABUNTIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de467.happy-nachrichten.de/media/adresseManager/microSiteImg/467/shein1.png
Requested by: Host: de467.happy-nachrichten.de
URL: https://de467.happy-nachrichten.de/campaign_467.html?coyoteAffiliTokenId=81258953&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 374b1b56a097374d066cc988f650c2127067d405b4ac81281d5be7300287aa96

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/campaign_467.html?coyoteAffiliTokenId=81258953&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 02 Jun 2024 22:28:16 GMT
Last-Modified: Thu, 20 Oct 2022 12:10:58 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "a52ac-5eb7637ce8b06"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 676524

GET
H/1.1 200
OK sheinmobile1.jpg
de467.happy-nachrichten.de/media/adresseManager/microSiteImg/467/ 60 KB
60 KB 43ms
14ms Image
image/jpeg 45.156.91.33
ABUNTIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de467.happy-nachrichten.de/media/adresseManager/microSiteImg/467/sheinmobile1.jpg
Requested by: Host: de467.happy-nachrichten.de
URL: https://de467.happy-nachrichten.de/campaign_467.html?coyoteAffiliTokenId=81258953&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 585796f961d6325099e0279231d756224d0e657c1c23b2290f77fc862c7f42ae

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/campaign_467.html?coyoteAffiliTokenId=81258953&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 02 Jun 2024 22:28:16 GMT
Last-Modified: Thu, 20 Oct 2022 12:10:58 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "ee74-5eb7637ce8b06"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 61044

GET
H/1.1 200
OK script.js Show response
meine.pixelweiche.de/ 964 B
1 KB 40ms
9ms Script
text/javascript 35.158.79.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://meine.pixelweiche.de/script.js
Requested by: Host: de467.happy-nachrichten.de
URL: https://de467.happy-nachrichten.de/campaign_467.html?coyoteAffiliTokenId=81258953&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.158.79.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30 /
Resource Hash: 141fb3f5cfe662d76c077d73ab421f8756a6aae698f86614b10e129b8a151437

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 02 Jun 2024 22:28:16 GMT
Last-Modified: Fri, 01 Sep 2017 06:01:35 GMT
Server: Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30
ETag: "3c4-5581a7e5699e1;616922bc1b4c0"
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 964

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 29ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: de467.happy-nachrichten.de
URL: https://de467.happy-nachrichten.de/campaign_467.html?coyoteAffiliTokenId=81258953&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 02 Jun 2024 22:28:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2798, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: QrnwAeJbzZnSOlhsM7jS763OWWrekOpRP9qUjw5tngHwSpstgY07C3TdHwK799+hl5UdI0Nz66HM0FRDqbXIYg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK bg1.jpg
de467.happy-nachrichten.de/media/adresseManager/microSiteImg/467/ 10 KB
11 KB 13ms
13ms Image
image/jpeg 45.156.91.33
ABUNTIS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de467.happy-nachrichten.de/media/adresseManager/microSiteImg/467/bg1.jpg
Requested by: Host: de467.happy-nachrichten.de
URL: https://de467.happy-nachrichten.de/campaign_467.html?coyoteAffiliTokenId=81258953&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 4b861d971c5511520dec83d7feca795c98e9325deb0ff06892e80c4404fe2284

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/campaign_467.html?coyoteAffiliTokenId=81258953&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 02 Jun 2024 22:28:16 GMT
Last-Modified: Thu, 20 Oct 2022 12:10:58 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "29e4-5eb7637ce8b06"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 10724

GET
H/1.1 200
OK script.js Show response
meine.pixelweiche.de/tg/ 0
485 B 78ms
58ms XHR
application/javascript 35.158.79.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://meine.pixelweiche.de/tg/script.js?idPartner=&subId=&subIdentifier=&postbackToken=&zielseite=adressdata1
Requested by: Host: meine.pixelweiche.de
URL: https://meine.pixelweiche.de/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.158.79.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30 / PHP/5.6.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sun, 02 Jun 2024 22:28:16 GMT
Server: Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30
X-Powered-By: PHP/5.6.30
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 9835.2b780aca8bea9b749f98.js Show response
static.cleverpush.com/sdk/chunk/ 4 KB
2 KB 16ms
16ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/9835.2b780aca8bea9b749f98.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a18f6da804502ec565774807324cd33f8d3325b860be5c2f6dd26c8594117b6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 22:28:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VN04CTNYMWGSDGXA
age: 26870
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: asNvxAyg+uDaXsgVQoMwulI6UPIcHXHOAu/CQ5QWDdFPGnVsSzREtacWpmJBjqite/F/Tk1vQrAJYioPCwz20TW8o09mETLRkIsJ45aV7Pk=
last-modified: Fri, 31 May 2024 15:00:05 GMT
server: cloudflare
etag: W/"d9ca30aa7dcec288456b4bc69af7f523"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NBV2NMBaLxBq0%2BPybyMbQHcQmNlkMA9aui9%2F75AYAg3C1rYqXvW6ggaSSLeSDYtn9C0HQziFyEhwLY4oEJjuNBuz%2BB0NQmXrc9bR2P3H3s6TogaRLS5%2BopeTXQGCrOxUhCJgYRSju4nfESSLWGhaF%2FFfWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 88dae023895490e6-FRA

GET
H3 200 4663.a62cc16c9086f415ce3e.js Show response
static.cleverpush.com/sdk/chunk/ 1 KB
1 KB 16ms
16ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/4663.a62cc16c9086f415ce3e.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56ce488016e10e57ed18b91230364c9b44ac2d00cd4eb5ec89c816a3ec035665

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 22:28:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XM7A80BVB37C1SA4
age: 26873
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 2+62pmKogy4u+gJH08BQeMIGqF/E0T4HR69tyYvRTqIsWnSsA5ceWgqdcpWSoCueoHj9wjV28iQq/IufvyjvOA==
last-modified: Fri, 31 May 2024 15:00:01 GMT
server: cloudflare
etag: W/"a82cf65ac0d1c5f50c78232480ec4b5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ad4QTwewXWe%2Fs%2BwI22nqGFbfIt6hI7XZI0DXv4aoh3WfYgzBFsBnE7WoLp1eRPEaYBDsDwK5XYUYyn%2BkJEKkBN7XwHgLj4kmoB9WoNupou7X4%2BV0QCzmKu%2Ft8rpG6c9tO3eWvi8IhN%2Fdu14kWnGYJIhSFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 88dae023895590e6-FRA

GET
H/1.1 200
OK favicon.ico
de467.happy-nachrichten.de/ 72 KB
72 KB 14ms
14ms Other
image/vnd.microsoft.icon 45.156.91.33
ABUNTIS

General

Check archive.org

Show headers Download Go to

Full URL: https://de467.happy-nachrichten.de/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.156.91.33 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: b31fde204378112e3db2b6343056923f6f49bdc9a164fa43c294f3b007259cf5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/campaign_467.html?coyoteAffiliTokenId=81258953&
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 02 Jun 2024 22:28:16 GMT
Last-Modified: Thu, 08 Sep 2022 04:38:22 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "11e46-5e822ffd79f32"
Content-Type: image/vnd.microsoft.icon
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 73286

GET
H3 200 4005.580057f1b3cc17b99cc7.js Show response
static.cleverpush.com/sdk/chunk/ 37 KB
10 KB 15ms
14ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/4005.580057f1b3cc17b99cc7.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 460c60d0e56701dc33468f2f360a6eec8debe91742df5ea4863066571abcbd00

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 22:28:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XM77Z2P0Y5XAP38C
age: 26873
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: oyA3zLfap8UzLCsUoYT0RLGOl29O480ATaIHlwsdXjJxuP3I92paSSWMhTqAputUVeP+9Mu1m9s=
last-modified: Fri, 31 May 2024 15:00:00 GMT
server: cloudflare
etag: W/"65c2db5fda67a93633708fb2d790c349"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M27Vs9CpATjYN0hUFDSnbjw%2FblFBRWtJ6QyUeJKUeUyKh%2F7vFJYuEDWOqALkA1WIYoo%2Fq9lSzggklDKRf6QdlpA0dfRUCr7Q78LWupYNjN46SGxorkxJXdhS5PAm0qiQ7ew3uWaWvkFBeLuxI7xa5yMFFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 88dae023995990e6-FRA

GET
H3 200 3251.852e9eed8ead3e6378e1.js Show response
static.cleverpush.com/sdk/chunk/ 5 KB
3 KB 14ms
14ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/3251.852e9eed8ead3e6378e1.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3aa5f7c7a36d0219f25eea299c8d1e896d03dcbe0c3455830d775e35f9f1da4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 22:28:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XM7D25FPF6B3MY6C
age: 26873
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 6TTjZyJ6icA14HljpC+0x+sXnYfn64TGpFv54xAAc6hpt1DViR/mMful0+Zx0tIHODMLzKh4e5dR17Bnk3gsApcmkZWJlpJNDZByviKljOI=
last-modified: Fri, 31 May 2024 15:00:00 GMT
server: cloudflare
etag: W/"83f28f7f709f04b0db81309a40c83d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FXZJIeOhHs6ofMNrDX0PcWQkvEq22RvB0tdz8qER0u4y2rkXpI6bimsvO3EXlQYt5jusDT8GRsbWlcqNUJO8P2yMiSldwIQaMQXRNn1kOM6pG%2F1MCXRMnuuOVj0Sr3Xf%2Bxj3UjWDwI9ZCshQhcUSMIVp%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 88dae023995a90e6-FRA

GET
H3 200 8115.bb78f5a509c7c24a3511.js Show response
static.cleverpush.com/sdk/chunk/ 14 KB
4 KB 15ms
15ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/8115.bb78f5a509c7c24a3511.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e5536e2cbc4f69fceb15320e00b7b781c8f5c38941ed11dd14c77e2fe0556ef

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 22:28:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2KS2PWA751XD1NR8
age: 26871
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 4U2fLh/sl+P2KPMSHqgbUTTMR0nw9w2fPr1NfQOb/dMJLXMJjJK8AFj22/uIJbWH2+OZNRw0qd8=
last-modified: Fri, 31 May 2024 15:00:04 GMT
server: cloudflare
etag: W/"9a4f25bd1a0108e7bdd4f1a585b35720"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ksEVhBnWG8vBWvRHjqGzMlCPqL6aQ4KeF1q%2FzCrEhCQ45bs1F6y7LqikGvO26eTTy%2FQQ4TNnwUzp8e9QKqfq%2B53N55C8Xyw0qMKotGXVlA2m05nhbIPQKY7klgUJXgW7HMplIWrBdQL5cPbV02z5PwJrjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 88dae023995b90e6-FRA

GET
H2 200 iframe
lv1.mycleverpush.com/ Frame 3D41 0
0 57ms
19ms Document
text/html 116.203.55.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lv1.mycleverpush.com/iframe?origin=https%3A%2F%2Fde467.happy-nachrichten.de

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/3251.852e9eed8ead3e6378e1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

116.203.55.53 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.53.55.203.116.clients.your-server.de

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://de467.happy-nachrichten.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept
cache-control: public, max-age=1800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 02 Jun 2024 22:28:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-backend-server: cleverpush-worker-44
x-cache-status: EXPIRED
x-robots-tag: noindex

GET
H3 200 6103.3ad2be8e4830334efa20.js Show response
static.cleverpush.com/sdk/chunk/ 96 KB
22 KB 20ms
20ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/6103.3ad2be8e4830334efa20.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce2ff3467a25b31d01efe069eae42e761c2d70064a7b6baf8d95e05089623a04

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 22:28:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2KSAKQJEBVNXCX31
age: 26871
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: qkc86PCRf8HH7k4ByzWN9K3RWmKGN/2Xos3PLt/adY2YD/XjW98Jy3iOHz/qWA8zyR65UiWIaue3Sv4m5dZjJg==
last-modified: Fri, 31 May 2024 15:00:02 GMT
server: cloudflare
etag: W/"0e90ea00bd4892347cd8dda8545fc589"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FHhtEfHUMKvI4eN7GnTJNqkd8RFZsTo0vTJe87zqszPMnobX0EQ4gQ%2F0Nkug97UQNx8GRURLEsiZBWsX5%2F8noAxz3H0PVv39R84aMyocQ%2BeGfQG5O7S4tko41E90e9CieRRzdH6QxXxd76Y2COgX1SUOHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 88dae0248a0090e6-FRA

GET
H3 200 7720.86faf3ab55d240b21f97.js Show response
static.cleverpush.com/sdk/chunk/ 48 KB
11 KB 18ms
17ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/7720.86faf3ab55d240b21f97.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d17e858ee48019da30a7020694b86747d53b65f71949ea5640ef1388ff1171d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 22:28:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2KS70H31RZ4VAFDB
age: 26871
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: w04JkcmEsEBRKxChqc2YrS+9LLd5PNfMk6C6V9RJIYQO075DVfmkvacXpGyqcJzHpuV5UWsFRbA=
last-modified: Fri, 31 May 2024 15:00:03 GMT
server: cloudflare
etag: W/"d1a6e90694beb74f8958beeca6090c31"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KHhjCTiEsfP9r7bdo4g7MczcPim0jr5LatdMq6NQEViR8Y5flXnYlLAVMSA4QJYWI72INFTPbqS69HzG5WUSF9%2FOMfZEVkLPiU32FErytWIWNKERWwKfdhZ5AEpOBkAMV%2F55c8UiwbfgOn0dqWDmqgxMQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 88dae0248a0190e6-FRA

GET
H3 200 4329.2c92b9e8e1cc49eff193.js Show response
static.cleverpush.com/sdk/chunk/ 10 KB
4 KB 19ms
19ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/4329.2c92b9e8e1cc49eff193.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84e2ae2fd5d2bfb3b8c45a62b7ccc8ecb6f4618d6979732f63b11282a5dd48b8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 22:28:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XM71J9HPWJ5MER05
age: 26873
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: B9/SY2E+Gn0g9SePPgBNOzfa6N7mVqwcghbRLagVaClILixO/mCY4VuAJFNLJPnhHy5o6klRgRI=
last-modified: Fri, 31 May 2024 15:00:00 GMT
server: cloudflare
etag: W/"05e1694f3b78ef8f90dc0a67eb7da6aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2BC%2BhQDnloG3KY5i0TCv6V6wNIKrCLV5F9i%2BLf4rls4%2FUkhuK3q8Kq9bDebp8gYZqtYq8XXu%2BbdrYeByXG8NkC9ou1bDqgwZAXyCag8j2zToG2fcoqdW7R3%2FH8G0nppl6LXAPg6JKp17BsC6dqC1hArWKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 88dae024ba1c90e6-FRA

GET
H3 200 4336.31ba56798a14d951adfd.js Show response
static.cleverpush.com/sdk/chunk/ 3 KB
2 KB 16ms
16ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/4336.31ba56798a14d951adfd.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b76c9df3381541b215786a6b68b42bf1b99aaa1279cb748d9e35e5b7753161c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 22:28:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XM77RZ786DXT40YP
age: 26873
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: UqiA6tIAtT6xCCH96TKPnJSkNV96LkL4zPVDyvKoe6ASIG2nHCUTmoUlgnHDEinZn2lGJOW5PjQ=
last-modified: Fri, 31 May 2024 15:00:01 GMT
server: cloudflare
etag: W/"fbc6bb0d7876dbd69ea89c62ba3ab7c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=roJ3qRCuVODaUIJ7UfhmHwR%2FGtURkhnypRDtk0S7L4Tds7Zl%2BQmZIJNeCa87rpg%2BygBgY%2B49%2F7T6nvj33EVtY6Srb3yEkByQT%2FHSo5JKz1GYNtNGewKmNml35zTp%2BXAX5BTQK67gWAKel3VCVj4OvKfrjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 88dae024ba1d90e6-FRA

GET
H3 200 7594.8cb8275b6f2e69da8144.js Show response
static.cleverpush.com/sdk/chunk/ 735 B
1 KB 20ms
19ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/7594.8cb8275b6f2e69da8144.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 686ab3bf899cd082ab930f47daf332e45ca4983a06226d1a471cf30ad061600d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 22:28:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2KS093P1TDE95KZG
age: 26871
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: AN4BjLR9c1NWKi3GDTclAhKzvo2LpBho0RoQmcGZ5GuUedQbyIC5fn4ONY11MJN/pWhX1gMr7cc=
last-modified: Fri, 31 May 2024 15:00:03 GMT
server: cloudflare
etag: W/"4cbf334c514a044dade64b61384dce18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z7Bs9lGIbbOPz3R42i7fSXFytfWIXQ7NNcRivG4dnZ1w0Xpf%2F8MmOoc8Js%2FGOJMrppd8JhBTu1l2e4rDgx88ftZCsJ2hUYNk1m%2BwPNViQPz%2F2LUWgGXFWN0P7Rehy570gTraUhk5lMATkgiy4WItGSuqNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 88dae024ba1f90e6-FRA

GET
H3 200 7193.2a79e02e6f715b48dbeb.js Show response
static.cleverpush.com/sdk/chunk/ 2 KB
1 KB 20ms
20ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/7193.2a79e02e6f715b48dbeb.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4daecf3ac638fbb5d1f03cbb2fe20273b388ecf0e51f2be942992c2cf0cea10

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 22:28:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2KS9CPNFNTSBBXMV
age: 26871
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 00n3sRX1MLcV8QCmTF8RNwhckvN1EvunlS+xoOYsGkzWpqAWRQtsOTdqso9ZQluJeGqMUZOxEk8=
last-modified: Fri, 31 May 2024 15:00:03 GMT
server: cloudflare
etag: W/"19245426356346b4a9e28350f33b7386"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8S77DKM21%2BRMjhaoyMTaAn3wfuSUuiVfdwO5CDIOGadxGoGHWZJs%2Fw4puAkckSH2K1Mz%2BdsGHsa4qdllr2RGhlMIJCiu4Gxl%2FjVkTGWtx8LRYBzzuzIVZCzPT1jqTIlkhYiTOgWFq3SzcdeYunthi%2BUmMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 88dae024ba2090e6-FRA

GET
H3 200 1376.35cf0ba4e9c7e543c5b6.js Show response
static.cleverpush.com/sdk/chunk/ 12 KB
5 KB 18ms
18ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/1376.35cf0ba4e9c7e543c5b6.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0439122447204b780457fa57edd4a5acc7f6664f17c7578e3014cfccd971ed4f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 22:28:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XM7B43W4375W08WQ
age: 26873
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: z5dqqlaw2a1sBpvOdaX1ybLJVKCJ9y8/IiwnJSXJP/zZ+DvLP/GQoCx27CcKigETdyCxiHeQDxiADV+ejKMU5w==
last-modified: Fri, 31 May 2024 15:00:00 GMT
server: cloudflare
etag: W/"18e09f22bb92cef28ebfe5377a5c7e6a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y6NczbWG1SoKm21yjJqJAwUefP69KWMYbtHXQheuN0EwvE5MUx3nT95gOogbbjSdacmQuC%2BUbNVgQaklVhdWyeO7iV32hvMHX0ZQ7I5A9ASx6AnPt0ndZ9GtIq7SsW4EHMmqF8g6TZTmpDKdgNf2oii1FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 88dae024ba2190e6-FRA

GET
H3 200 4862.131fd736bfebc2b09ddb.js Show response
static.cleverpush.com/sdk/chunk/ 33 KB
9 KB 20ms
20ms Script
application/javascript 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/4862.131fd736bfebc2b09ddb.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9fe48a4b2a226c0e6273196fb3867718d4876f6cb8ee67c42ed039b78823168

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 22:28:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2KSCMGAD6DD9E8C5
age: 26871
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Esbr/3cjr7+CVg0TVr3PzCGIvm3ixnYkaHePXfYoATOSQKCX8xBLU4/pcH1raUe4iSuI1P7WNXYuT2XnZghkbQ==
last-modified: Fri, 31 May 2024 15:00:01 GMT
server: cloudflare
etag: W/"d47d5c493abac0d7fd765f286b89e763"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AMkyx2oAUBJjqdaFz0kaDryOWSBXRTR5GdLHB8SJcON%2BYC%2Fen8Q31237SzCwQR0lxRdYdY7G%2BNRsQG1SeitYjhQwpDUbVjgjbmPFJ%2BM%2FxY0a%2FrDFhwYtOaXfpyRSZ7PgnKY3EADAaOh05RxCfH5O3PTKww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 88dae024ba2290e6-FRA

POST
H3 200 optin-visitor Show response
api.cleverpush.com/channel/ 16 B
628 B 23ms
23ms Fetch
application/json 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/optin-visitor

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://de467.happy-nachrichten.de/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 22:28:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server: cleverpush-worker-1
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pht%2BZNgBwzrtg3sc6R7Hp15oTCsrzhGB14%2BV8%2BXmQrbFjADR2CjE9hprgLdEekEA2txijlpNLYzl1kmuOmMNlCvcUSn0dGM9KluCLdAx1Bw8z1%2B%2BIO%2FO4Un1wgyHha1MClhCSUcBVQkzel1zklUsFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache
cf-ray: 88dae02508dc920b-FRA
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage

OPTIONS
H3 200 optin-visitor
api.cleverpush.com/channel/ Frame 0
0 47ms
21ms Preflight
application/json 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/optin-visitor

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://de467.happy-nachrichten.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 88dae024e8bd920b-FRA
content-length: 0
content-type: application/json; charset=utf-8
date: Sun, 02 Jun 2024 22:28:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ytNtzEdQJbAoXiLJYDQc7HccAOp%2BcAOkpMecXxCgvdAOYQSNB54fhXtoWgKkdZEqJIWcoBbF1%2BvQmdMBGpUj%2FozyaeakV71o2xHMssZQqQ2Tzdi%2BJWxWrhZshA%2BJ1CXSicJ2dopiiIbNV9v5gSrjA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

OPTIONS
H3 200 confirm-alert
api.cleverpush.com/channel/ Frame 0
0 19ms
18ms Preflight
application/json 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/confirm-alert

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://de467.happy-nachrichten.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 88dae0314fff920b-FRA
content-length: 0
content-type: application/json; charset=utf-8
date: Sun, 02 Jun 2024 22:28:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mzw80yY0aoIIsATVOy%2FG%2FDp%2BxWDTwlr8IYccDUOoa5Xqlc5ZJ95f7daOlMGqZrDBXLLZbk1LITI3GbrKuoTZpHM5bNeYKRwMZrOHCmrb7lirNVoAh1wRZPMmtwBDIj8gfzziQoD1eGtT6%2BcFyWcFGA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

POST
H3 200 confirm-alert Show response
api.cleverpush.com/channel/ 16 B
628 B 22ms
22ms Fetch
application/json 2606:4700:20::681a:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/confirm-alert

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://de467.happy-nachrichten.de/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 22:28:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server: cleverpush-worker-1
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0F3KJCFQknx%2Fa98V49acth07nWAjobVOHe6dGSH%2B5cULsnVzjaI%2FLAVMTxQ6C%2BSjWJXzTEeD5hMdp4INHe8mFVXKc7P3%2FQmB6pMEiUx0JRK8BXGGTHC0SsegfegSD2bFAIU9dT2X7mRRtGmPYTt1RA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache
cf-ray: 88dae031581a920b-FRA
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage

GET
H3 200 defaultChannelIcon.png
static.cleverpush.com/app/images/ 732 B
1 KB 15ms
15ms Image
image/png 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cleverpush.com/app/images/defaultChannelIcon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://de467.happy-nachrichten.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 22:28:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Y85X9AKQX5YVPT63
age: 1120178
alt-svc: h3=":443"; ma=86400
content-length: 732
x-amz-id-2: jq83BK2+1opFPKFVw6kdo/gDYkn9MIyasfGdEi4u8wVZCD0FxkstE1QbS5DQE1mr23PU618sN6M=
last-modified: Mon, 21 Oct 2019 13:42:31 GMT
server: cloudflare
etag: "dada142d4861c864d8d63e8cd5dd22dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PhcqUh5%2Fswr%2F5ScB27C8W6M%2B1%2FpQq0z9MER%2FpWRfzbooi2jOBdbgsD59n7eJAgMr36T47bgc9%2BUxyRvRd9ZoXBeowgH4Hgs6TpmzaX2lVXc3dEmZUHNChmckF%2BHHAC9fglv%2BobZNlGzFBhr5hMefAzbiZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2628000
accept-ranges: bytes
cf-ray: 88dae0314a4690e6-FRA

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
smrturl.co/	1970-01-20 23:26:47	Name: CPABUILD_API Value: 75924b0db84c38450d02
d1xmy0yqwxzhn4.cloudfront.net/	1970-01-20 21:04:13	Name: dynamo_v_id Value: Vdb65b374855a7
go.smartorfast.com/	1970-01-21 05:48:23	Name: afclick Value: 665cf1ff8eb80f0001579787
go.smartorfast.com/	1970-01-21 05:48:23	Name: afoffers Value: {"24545":1717367295}
www.sbbq3otrk.com/	1970-01-20 21:04:13	Name: uniqueClick_76KDZW Value: b8f44019-a074-451c-a503-ec2a700cbd1c:1717367295
www.sbbq3otrk.com/	1970-01-20 23:12:23	Name: transaction_id Value: 99728a06409f4ece88f87c475864a2f0
trckde01.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: fdspgir8s3sr0n347ms4ri8e6h
de467.happy-nachrichten.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: l6q83vavksjvbijpnij0p0levg
de467.happy-nachrichten.de/	1970-01-20 21:03:01	Name: coyoteAffiliTokenId467 Value: 81258953

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://d1xmy0yqwxzhn4.cloudfront.net/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.cleverpush.com
connect.facebook.net
d1xmy0yqwxzhn4.cloudfront.net
de467.happy-nachrichten.de
fonts.googleapis.com
go.smartorfast.com
ix-event.com.tr
lv1.mycleverpush.com
meine.pixelweiche.de
smrturl.co
static.cleverpush.com
trckde01.de
use.fontawesome.com
www.sbbq3otrk.com
116.203.55.53
2600:9000:235a:1e00:10:c3e9:4400:21
2606:4700:20::681a:e1f
2606:4700:20::681a:f1f
2606:4700:3034::ac43:9a8e
2606:4700:3037::ac43:8ef5
2606:4700:3037::ac43:95c7
2a00:1450:4001:801::200a
2a00:1450:4001:810::200a
2a03:2880:f083:100:face:b00c:0:3
34.111.143.46
34.141.179.97
35.158.79.89
45.156.91.33
45.156.91.34
0439122447204b780457fa57edd4a5acc7f6664f17c7578e3014cfccd971ed4f
141fb3f5cfe662d76c077d73ab421f8756a6aae698f86614b10e129b8a151437
24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897
2d17e858ee48019da30a7020694b86747d53b65f71949ea5640ef1388ff1171d
374b1b56a097374d066cc988f650c2127067d405b4ac81281d5be7300287aa96
460c60d0e56701dc33468f2f360a6eec8debe91742df5ea4863066571abcbd00
4b76c9df3381541b215786a6b68b42bf1b99aaa1279cb748d9e35e5b7753161c
4b861d971c5511520dec83d7feca795c98e9325deb0ff06892e80c4404fe2284
56ce488016e10e57ed18b91230364c9b44ac2d00cd4eb5ec89c816a3ec035665
56e9001612c112d192ebe8d26e89861d84a32103a9507f80f37ab225b2eba5d8
585796f961d6325099e0279231d756224d0e657c1c23b2290f77fc862c7f42ae
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
686ab3bf899cd082ab930f47daf332e45ca4983a06226d1a471cf30ad061600d
6c7bee820cc15553306fdb0ee67d8759b163dd364285c0be2ff545e7e2cc47fa
7a18f6da804502ec565774807324cd33f8d3325b860be5c2f6dd26c8594117b6
7e5536e2cbc4f69fceb15320e00b7b781c8f5c38941ed11dd14c77e2fe0556ef
84e2ae2fd5d2bfb3b8c45a62b7ccc8ecb6f4618d6979732f63b11282a5dd48b8
9d6ec8ac7a0322113c02d9cf34f6102e6092fd6c64c312c0d9e6552c417c5a7d
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a3c7e3a92b088aee6ef0c1a463ad6930557d9819ba8334e02d2a7944ef12f1a0
b31fde204378112e3db2b6343056923f6f49bdc9a164fa43c294f3b007259cf5
b4daecf3ac638fbb5d1f03cbb2fe20273b388ecf0e51f2be942992c2cf0cea10
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9fe48a4b2a226c0e6273196fb3867718d4876f6cb8ee67c42ed039b78823168
ce2ff3467a25b31d01efe069eae42e761c2d70064a7b6baf8d95e05089623a04
d3aa5f7c7a36d0219f25eea299c8d1e896d03dcbe0c3455830d775e35f9f1da4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

de467.happy-nachrichten.de Open in urlscan Pro 45.156.91.33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

100 %HTTPS

60 %IPv6

13 Domains

15 Subdomains

10 IPs

3 Countries

1119 kBTransfer

2053 kBSize

9 Cookies

11 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

de467.happy-nachrichten.de Open in urlscan Pro
45.156.91.33 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

100 %
HTTPS

60 %
IPv6

13
Domains

15
Subdomains

10
IPs

3
Countries

1119 kB
Transfer

2053 kB
Size

9
Cookies

34 HTTP transactions
0 data transactions