urlscan.io logo urlscan.io
SecurityTrails logo

de1041.1gewinner.de Open in urlscan Pro
45.156.91.34  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://filesenzu.com/show.php?l=0&u=20004&id=34472&tracking_id=account-st-2
Effective URL: https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581&
Submission: On February 05 via manual from MM — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 12 domains to perform 30 HTTP transactions. The main IP is 45.156.91.34, located in Germany and belongs to ABUNTIS, DE. The main domain is de1041.1gewinner.de.
TLS certificate: Issued by R3 on January 24th 2024. Valid for: 3 months.
This is the only time de1041.1gewinner.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 34.111.143.46 396982 (GOOGLE-CL...)
1 7 45.156.91.34 211823 (ABUNTIS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
14 2606:4700:20:... 13335 (CLOUDFLAR...)
2 35.158.79.89 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 78.46.198.121 24940 (HETZNER-AS)
30 10
1    2606:4700:3034::ac43:a3b4 (United States)

ASN13335 (CLOUDFLARENET, US)
filesenzu.com
1    2606:4700:3032::6815:479a (United States)

ASN13335 (CLOUDFLARENET, US)
p.arty2night.com
1    34.111.143.46 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 46.143.111.34.bc.googleusercontent.com
www.sbbq3otrk.com
7    45.156.91.34 (Germany)

ASN211823 (ABUNTIS, DE)
trckde01.de
de1041.1gewinner.de
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:e6::ac40:cf26 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
14    2606:4700:20::ac43:47b8 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cleverpush.com
api.cleverpush.com
2    35.158.79.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
meine.pixelweiche.de
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    78.46.198.121 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.121.198.46.78.clients.your-server.de
lv1.mycleverpush.com
Apex Domain
Subdomains		 Transfer
14 cleverpush.com
static.cleverpush.com — Cisco Umbrella Rank: 19515
api.cleverpush.com — Cisco Umbrella Rank: 18358
125 KB
6 1gewinner.de
de1041.1gewinner.de
603 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
60 KB
2 pixelweiche.de
meine.pixelweiche.de
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
ajax.googleapis.com — Cisco Umbrella Rank: 369
35 KB
1 mycleverpush.com
lv1.mycleverpush.com
28 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 971
11 KB
1 trckde01.de
trckde01.de
796 B
1 sbbq3otrk.com
www.sbbq3otrk.com
508 B
1 arty2night.com
p.arty2night.com
733 B
1 filesenzu.com
filesenzu.com
715 B
30 12
Domain Requested by
10 static.cleverpush.com de1041.1gewinner.de
static.cleverpush.com
lv1.mycleverpush.com
6 de1041.1gewinner.de filesenzu.com
de1041.1gewinner.de
4 api.cleverpush.com static.cleverpush.com
2 connect.facebook.net de1041.1gewinner.de
connect.facebook.net
2 meine.pixelweiche.de de1041.1gewinner.de
meine.pixelweiche.de
1 lv1.mycleverpush.com static.cleverpush.com
1 www.facebook.com de1041.1gewinner.de
1 ajax.googleapis.com de1041.1gewinner.de
1 use.fontawesome.com de1041.1gewinner.de
1 fonts.googleapis.com de1041.1gewinner.de
1 trckde01.de 1 redirects
1 www.sbbq3otrk.com 1 redirects
1 p.arty2night.com 1 redirects
1 filesenzu.com
30 14
Subject Issuer Validity Valid
filesenzu.com
E1		 2024-01-07 -
2024-04-06		 3 months crt.sh
*.1gewinner.de
R3		 2024-01-24 -
2024-04-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
cleverpush.com
E1		 2024-01-03 -
2024-04-02		 3 months crt.sh
coyote.pixel-weiche.de
R3		 2023-12-17 -
2024-03-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-14 -
2024-02-12		 3 months crt.sh
*.mycleverpush.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-14 -
2024-06-13		 a year crt.sh

This page contains 2 frames:

Primary Page: https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581&
Frame ID: 1886A7599B66E5653D72BAC0E09759B8
Requests: 24 HTTP requests in this frame

Frame: https://lv1.mycleverpush.com/iframe?origin=https%3A%2F%2Fde1041.1gewinner.de
Frame ID: 069F3344A3128644B40ED459395C0945
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Audi A7 Sportback Gewinnen!

Page URL History Show full URLs

  1. https://filesenzu.com/show.php?l=0&u=20004&id=34472&tracking_id=account-st-2 Page URL
  2. https://p.arty2night.com/click?pid=1211&offer_id=11912&sub1=1245801848&sub2=20004 HTTP 302
    https://www.sbbq3otrk.com/4G1HZ3L/RDN9MF/?sub1=1211&sub2=20004&sub3=65c0df6d7868560001c81f38 HTTP 302
    https://trckde01.de/de01,audi,a7_721.html?idPartner=69&idCampaignAd=0&subId=2137_1211&subIdentif... HTTP 302
    https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581& Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

100 %
HTTPS

67 %
IPv6

12
Domains

14
Subdomains

10
IPs

2
Countries

865 kB
Transfer

1844 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://filesenzu.com/show.php?l=0&u=20004&id=34472&tracking_id=account-st-2 Page URL
  2. https://p.arty2night.com/click?pid=1211&offer_id=11912&sub1=1245801848&sub2=20004 HTTP 302
    https://www.sbbq3otrk.com/4G1HZ3L/RDN9MF/?sub1=1211&sub2=20004&sub3=65c0df6d7868560001c81f38 HTTP 302
    https://trckde01.de/de01,audi,a7_721.html?idPartner=69&idCampaignAd=0&subId=2137_1211&subIdentifier=4d454b05615a40e490e8fc2231c9ead7_20004 HTTP 302
    https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
show.php
filesenzu.com/ 		621 B
715 B 		Document
General
Check archive.org
Download Go to
Full URL
https://filesenzu.com/show.php?l=0&u=20004&id=34472&tracking_id=account-st-2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3034::ac43:a3b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
850b6c073c67773c-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 05 Feb 2024 13:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iidBd4O2msdWmAxPyeaXhcVGoMvYc8ekpTAAzNwM5CmGdZP7alNCn5yOE2UDkIKs70pfqB3jcHxi7Azs71SbTYXcaP71xAncXMxAjcXNgGn2r2jIy2Lj6rUlshKooXUfNnBiv8n6Q5KrnEe7"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request campaign_1041.html
de1041.1gewinner.de/
Redirect Chain
  • https://p.arty2night.com/click?pid=1211&offer_id=11912&sub1=1245801848&sub2=20004
  • https://www.sbbq3otrk.com/4G1HZ3L/RDN9MF/?sub1=1211&sub2=20004&sub3=65c0df6d7868560001c81f38
  • https://trckde01.de/de01,audi,a7_721.html?idPartner=69&idCampaignAd=0&subId=2137_1211&subIdentifier=4d454b05615a40e490e8fc2231c9ead7_20004
  • https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581&
154 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581&
Requested by
Host: filesenzu.com
URL: https://filesenzu.com/show.php?l=0&u=20004&id=34472&tracking_id=account-st-2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5984e696cdce2484487800bd38b8e4207af932b7751fa06fa9e7c8149a652748

Request headers

Referer
https://filesenzu.com/show.php?l=0&u=20004&id=34472&tracking_id=account-st-2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
37513
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Feb 2024 13:15:26 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
2
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Feb 2024 13:15:25 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Location
https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581&
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
cpa_style.css
de1041.1gewinner.de/media/adresseManager/microSiteFiles/1041/ 		248 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://de1041.1gewinner.de/media/adresseManager/microSiteFiles/1041/cpa_style.css
Requested by
Host: de1041.1gewinner.de
URL: https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9d6ec8ac7a0322113c02d9cf34f6102e6092fd6c64c312c0d9e6552c417c5a7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 13:15:26 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Jul 2023 12:52:08 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3e0cd-600febb85f125-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
40035
css2
fonts.googleapis.com/ 		2 KB
982 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@600&display=swap
Requested by
Host: de1041.1gewinner.de
URL: https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
280b8a0043eaf8f47abbfc5cc63ed2fe224882e7217dbe99815c2b0aa1a27429
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de1041.1gewinner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 05 Feb 2024 13:15:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 12:59:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Feb 2024 13:15:26 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ 		50 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: de1041.1gewinner.de
URL: https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Referer
https://de1041.1gewinner.de/
Origin
https://de1041.1gewinner.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 13:15:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
939197
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2BHFI3YtWkrEuKBBRF69BjFkCTHtOZKkr2nqrK5hZbFfUo%2FEC0dRAIp6lyW2Fs5yCM3nFUYHpa5cIxhpfnOahKON5jCE6bP%2F%2F6104vj79t9XFIE9JwWo8PuilMeZ5w9M66pKsvLLAaJkX9UvmfnCHOfF"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
850b6c114e0f63d8-LHR
alt-svc
h3=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: de1041.1gewinner.de
URL: https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de1041.1gewinner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:59:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
497737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:59:49 GMT
cyF8KJYSfZzhHi8Py.js
static.cleverpush.com/channel/loader/ 		228 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Requested by
Host: de1041.1gewinner.de
URL: https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e31146d3d9513992f8b52b34f5be7ec30e18310597907957f350c44e04da4b37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de1041.1gewinner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 13:15:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VTZYGD2Y9K8NSVGV
age
3590
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
EUlQaEjfiM7jphLW17QlMEHLa2KYkplyypPinyWXRf38gIUThPHYgSqd1TJ3yoUI3q1AXClwLpk=
last-modified
Sun, 04 Feb 2024 00:08:08 GMT
server
cloudflare
etag
W/"5eb0996b520a092c61fafed14d619895"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYExSmmizpMB3L3ZEHJ1FfmC%2B6eBX%2BmdORLMMaJ1uLkyI88vgWNzcFO57nizlmjqEJuz9OY0NztuUCJLHccm7moQd1BT1%2BF1y15hg6FsXuf2pxTciHEvC3d%2Bpy2Y9p4%2Bjio95gjRl8U%2B72gDK4tx6OcIvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=21600
cf-ray
850b6c122c474da8-FRA
audilog.png
de1041.1gewinner.de/media/adresseManager/microSiteImg/1041/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1041.1gewinner.de/media/adresseManager/microSiteImg/1041/audilog.png
Requested by
Host: de1041.1gewinner.de
URL: https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d5ca4ea9bce78ec075c0d4ffbcdfc3df06bc9fcb76ed640422ed487ff1e28355

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 13:15:26 GMT
Last-Modified
Mon, 24 Jul 2023 08:22:15 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3f1c-601374fec4f63"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
16156
audids1.png
de1041.1gewinner.de/media/adresseManager/microSiteImg/1041/ 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1041.1gewinner.de/media/adresseManager/microSiteImg/1041/audids1.png
Requested by
Host: de1041.1gewinner.de
URL: https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
cb18fc2728e150597a2d2ea549b024957126d05ac71df14c1dc3e2984138a1b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 13:15:26 GMT
Last-Modified
Fri, 21 Jul 2023 14:11:38 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2861a-600ffd7dad204"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
165402
audimv11.jpg
de1041.1gewinner.de/media/adresseManager/microSiteImg/1041/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1041.1gewinner.de/media/adresseManager/microSiteImg/1041/audimv11.jpg
Requested by
Host: de1041.1gewinner.de
URL: https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c735eee0ec5d0a05e65ad1e4ae8ba65f6d9a820a0b761ed081cf412b4ea85c73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 13:15:26 GMT
Last-Modified
Mon, 24 Jul 2023 08:46:29 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"125fa-60137a68d0ad7"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
75258
script.js
meine.pixelweiche.de/ 		964 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meine.pixelweiche.de/script.js
Requested by
Host: de1041.1gewinner.de
URL: https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.158.79.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30 /
Resource Hash
141fb3f5cfe662d76c077d73ab421f8756a6aae698f86614b10e129b8a151437

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de1041.1gewinner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 13:15:26 GMT
Last-Modified
Fri, 01 Sep 2017 06:01:35 GMT
Server
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30
ETag
"3c4-5581a7e5699e1;60cab7bf4f66f"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
964
fbevents.js
connect.facebook.net/en_US/ 		214 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: de1041.1gewinner.de
URL: https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
22cf1baba55eced80d7ebb0de51fc8961757ef581964f8e10ebc8676399eba81
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de1041.1gewinner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 05 Feb 2024 13:15:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57202
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
go7d3EQqSSFziDszUjyjqtesLYs7cIg18wCYQ7WWHybwrp6Iv5Ifm5W6wnV1QBS4cxIlH96jncFZpLVYa319eQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
script.js
meine.pixelweiche.de/tg/ 		0
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://meine.pixelweiche.de/tg/script.js?idPartner=&subId=&subIdentifier=&postbackToken=&zielseite=adressdata1
Requested by
Host: meine.pixelweiche.de
URL: https://meine.pixelweiche.de/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.158.79.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-79-89.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30 / PHP/5.6.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de1041.1gewinner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Feb 2024 13:15:26 GMT
Server
Apache/2.4.25 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.30
X-Powered-By
PHP/5.6.30
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0
Expires
Thu, 19 Nov 1981 08:52:00 GMT
audibg12.jpg
de1041.1gewinner.de/media/adresseManager/microSiteImg/1041/ 		275 KB
275 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1041.1gewinner.de/media/adresseManager/microSiteImg/1041/audibg12.jpg
Requested by
Host: de1041.1gewinner.de
URL: https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.156.91.34 , Germany, ASN211823 (ABUNTIS, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
af8174469f71767c236ee088437bcf7876540e51e6bf17a903378ac0f10f710e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Mon, 05 Feb 2024 13:15:26 GMT
Last-Modified
Mon, 24 Jul 2023 08:42:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"44a35-601379990efe7"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
281141
20004
connect.facebook.net/signals/config/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/20004?v=2.9.144&r=stable&domain=de1041.1gewinner.de&hme=44ba03e7b4a66084f0064fdada9e7a7b89f6f2cf807a204d10c6509aeae35209&ex_m=62%2C105%2C93%2C97%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C148%2C151%2C162%2C158%2C159%2C161%2C25%2C89%2C45%2C68%2C160%2C143%2C146%2C155%2C156%2C163%2C114%2C13%2C43%2C167%2C166%2C116%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C94%2C96%2C31%2C95%2C26%2C22%2C144%2C147%2C123%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C92%2C38%2C70%2C60%2C98%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C99
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0537dd9db402e44d199cc1f51c2346027f6af9eaf6e8382476f30c6ce7a8c517
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de1041.1gewinner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 05 Feb 2024 13:15:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
pmr8OlhnoBxylViOrZwAllakPJ8GFnEQJ7qgMECWowFrmpb34Pbg/66e+VyiPE2in9rI8FY5st1RHEnGe0j8OA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
5.6bbe18a1a9df9ddddcc4.js
static.cleverpush.com/sdk/chunk/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/5.6bbe18a1a9df9ddddcc4.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e675226d218c63702642d3f203ae7d16f4cd056f3a04529713f32e3d8af94265

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de1041.1gewinner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 13:15:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MQZ5SG3XEV30YS7D
age
1861
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
onLVfgo3ufJCyGBgXnVyR9U19RuPe9Ek3leE7cs23NEQMUijsg3tpPHDuYpVe2G/T68bOsHwbxY=
last-modified
Fri, 02 Feb 2024 00:44:07 GMT
server
cloudflare
etag
W/"906cae8a7f2cae38221f3db30db3713c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jmYiK%2B9kQ%2Bsigqm3J5n4fqa9UN8t3IDlUKQHpjXR%2Buom1vgYIK5hl64zNIbHQ%2Bhkrt80rWUuVmQFaTVrhIZXjnXa5ku7EUhNwlXkSkSYbvJo08f0CHWaZUHyrN7eyqwZxAGVTsRhtDkLaCJk7mq6r3W%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
850b6c175aac4da8-FRA
251.ff5b3c0c290e9961835b.js
static.cleverpush.com/sdk/chunk/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de1041.1gewinner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 13:15:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MQZF63RAEN01YAN8
age
1861
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
C09zAumFupuSHdeUhiKjRfYXzacfTU1YEzIoI+g34qusPEJXB3CJuDOlY9qdh/Kaq/jE9pEahC8=
last-modified
Fri, 02 Feb 2024 00:44:06 GMT
server
cloudflare
etag
W/"e89cddaa8c63cff3a495570a91d5e690"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EfcY6C1I3t7YiT0DlhYwtqryWtZvxwkHrQF5eIlVUBub0ekGqiDI8RuB2iKV91dDcs%2Boe3qi%2BwOC%2FZYacY4BbG0b3ifoKLSEX7duUIGGvoUSO2ReLeFGRHdbIFIg3gpkXqPXQCMepCG%2B0KPfIteAnyxZUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
850b6c175aae4da8-FRA
115.7f076c17cad757bbf023.js
static.cleverpush.com/sdk/chunk/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/115.7f076c17cad757bbf023.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e47f1cc4c8709442a2abb74583129dd04fd4cd1a86e10ef089a3f88d33166682

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de1041.1gewinner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 13:15:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MQZ6P14CHGXXE0W7
age
1861
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
DbIPp9y9LigLrl4n3chynsel4w0gaAV9CwpEx0Rht8D/t0mZeG2abXeEdTAob2KklDQ310ZiKo8=
last-modified
Fri, 02 Feb 2024 00:44:05 GMT
server
cloudflare
etag
W/"030c085a93056cfc4733dcf13df4d14c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZpiKYN3sMk7nF5r1ls%2FSIF7PSRfKHz%2FPjziMHcZfR07goe6Pzcv2Y30kAo7AZBmi4KRGF2ybJ37dc50OH28oNxcD2pgqu%2F3oYuPiyl5n%2F7hFO3kNg5SSyRAqjqAQh%2B1Oe3PIl0Z%2FUjzxINw3IFBQdXG0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
850b6c175ab04da8-FRA
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=20004&ev=PageView&dl=https%3A%2F%2Fde1041.1gewinner.de%2Fcampaign_1041.html%3FcoyoteAffiliTokenId%3D74578581%26&rl=https%3A%2F%2Ffilesenzu.com%2F&if=false&ts=1707138927254&sw=1600&sh=1200&v=2.9.144&r=stable&ec=0&o=28&it=1707138926619&coo=false&exp=e1&rqm=GET
Requested by
Host: de1041.1gewinner.de
URL: https://de1041.1gewinner.de/campaign_1041.html?coyoteAffiliTokenId=74578581&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de1041.1gewinner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 05 Feb 2024 13:15:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
iframe
lv1.mycleverpush.com/ Frame 069F 		74 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lv1.mycleverpush.com/iframe?origin=https%3A%2F%2Fde1041.1gewinner.de
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.46.198.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.121.198.46.78.clients.your-server.de
Software
/
Resource Hash
13167b388a9e76cdaadb187e120ca0cd4369de3d652213135a908c646e90b698
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://de1041.1gewinner.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept
cache-control
public, max-age=1800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 05 Feb 2024 13:15:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-backend-server
cleverpush-worker-15
x-cache-status
HIT
x-robots-tag
noindex
5.6bbe18a1a9df9ddddcc4.js
static.cleverpush.com/sdk/chunk/ Frame 069F 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/5.6bbe18a1a9df9ddddcc4.js
Requested by
Host: lv1.mycleverpush.com
URL: https://lv1.mycleverpush.com/iframe?origin=https%3A%2F%2Fde1041.1gewinner.de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e675226d218c63702642d3f203ae7d16f4cd056f3a04529713f32e3d8af94265

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lv1.mycleverpush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 13:15:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MQZ5SG3XEV30YS7D
age
1861
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
onLVfgo3ufJCyGBgXnVyR9U19RuPe9Ek3leE7cs23NEQMUijsg3tpPHDuYpVe2G/T68bOsHwbxY=
last-modified
Fri, 02 Feb 2024 00:44:07 GMT
server
cloudflare
etag
W/"906cae8a7f2cae38221f3db30db3713c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHCGglMViQfZKpG%2FdNUyIaJWMtUtu3h1ZYQT2Imj05HMgTDG3klo2FDtLCGCzMw%2FKpNKBVo6BqqLoExrGO2DO%2BeXE7Cxv2FU4ywBilrMia1hqJeXqaQ5anyEP0KesG3knOKPBPADjwL6%2FV5D7tclU1hq%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
850b6c188faf4d82-FRA
251.ff5b3c0c290e9961835b.js
static.cleverpush.com/sdk/chunk/ Frame 069F 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/251.ff5b3c0c290e9961835b.js
Requested by
Host: lv1.mycleverpush.com
URL: https://lv1.mycleverpush.com/iframe?origin=https%3A%2F%2Fde1041.1gewinner.de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lv1.mycleverpush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 13:15:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MQZF63RAEN01YAN8
age
1861
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
C09zAumFupuSHdeUhiKjRfYXzacfTU1YEzIoI+g34qusPEJXB3CJuDOlY9qdh/Kaq/jE9pEahC8=
last-modified
Fri, 02 Feb 2024 00:44:06 GMT
server
cloudflare
etag
W/"e89cddaa8c63cff3a495570a91d5e690"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTXlGQMT8GvIgsdE2pG4r1ylnMhM%2BGiXRYM8ITZwTSBu%2B10QR6J1LqC2eJ2JY1xDGksHQF%2B0mDCMx0x%2FNUo4FV98M7JXr22%2FT3n4MtM4ri2JGvbS2YDGZNN7Tzzrg6JQ4Viv8M9h12nvDi076JTIaZsWRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
850b6c188fb34d82-FRA
818.a57bf931a2ae72731020.js
static.cleverpush.com/sdk/chunk/ Frame 069F 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/818.a57bf931a2ae72731020.js
Requested by
Host: lv1.mycleverpush.com
URL: https://lv1.mycleverpush.com/iframe?origin=https%3A%2F%2Fde1041.1gewinner.de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
828d061fc6ee4c45da4fa52015068c44230241d2a9977d85dc7480f106bb8562

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lv1.mycleverpush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 13:15:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MQZ3W3P16YFC9YV0
age
1861
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
yJTKhw51JcpYpxqEMmUAUmtIcVJZZeo7srRmeDoItkmcuDyHhM5zwTdwRGc9LNaK7xVNzUNqeRM=
last-modified
Fri, 02 Feb 2024 00:44:08 GMT
server
cloudflare
etag
W/"1e706587e7b34208f748533f72fb63bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=koCgckDVw7jgf4PCVfPMIhpN1gSq7V1LNwoq18m4kKTrrNe9dCYYAHUUBupdD7xDq3V2VP8mTsI4%2BZ8B6VDCjSBcKTLRL8YpF4o4qcqH32RRPqsURJ6D06fG9C18jCft7AumTCPWFpCZ6bYueYFBtMLYPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
850b6c188fb54d82-FRA
103.ca34caf4a7c7f94a245a.js
static.cleverpush.com/sdk/chunk/ 		96 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/103.ca34caf4a7c7f94a245a.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78f82206874edb92e4cedada374ae32ba67cb601d95b2931b7d1ae18dcae153e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de1041.1gewinner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 13:15:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MQZFP09XWC9M1SQM
age
1861
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
7H4/Rec0brFsZH3oQB4ON1Fqj7okH+cOf/uXdWKwt7SKpSTcpZQ3rWZnU3Ry1bMlN1IYolccGpA=
last-modified
Fri, 02 Feb 2024 00:44:05 GMT
server
cloudflare
etag
W/"edca157e63c1ec51d4f0d926c455f313"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHyUTfVUINOh5wnTdFPIcnxeCW%2F2%2BFXTzby4PwZnH2CmqZ9O5LFiqnTSBXKe9KecStniKs6TAWm3r5YAsSNQGHuUJiIUt4lN1b8APGSGJ4SrB%2B%2FdgRU1O7ruj3iUSzSe6M5M6z8C7sri3pPqrn5o0OdyxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
850b6c18e81d4d82-FRA
720.0bdbfc00d66464030daa.js
static.cleverpush.com/sdk/chunk/ 		48 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/720.0bdbfc00d66464030daa.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73af61418ca8ea40f925bdd5c5380ee58ca1dc74117b5f9759336570a614aadb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de1041.1gewinner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 13:15:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
E8JPAS1ZBH805JJK
age
1860
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Kj6QvTTHhjIUNo+WnWcUwMWcUCWO29arJzfagt/jtVoDlLY/Vpm0kyQ66Ykiu0eOz3jMisVqMg8=
last-modified
Fri, 02 Feb 2024 00:44:07 GMT
server
cloudflare
etag
W/"28ec846c537fa018d121178bf42a8c58"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMNDLKMqkopQxPgwRd%2F2L5TeeHAuRRrz6Qrry8DDAjb1H9Ao0okB67QBrWeZdXf%2B4ZoO0qESdHEmJm%2B9DJUFhvmeCd987Gmdsb6APAK5VwywKa2N0AImeIjr1tPFfL9HxIDusCyusTklQzrzbz9Brzdtxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
850b6c18e81f4d82-FRA
optin-visitor
api.cleverpush.com/channel/ 		16 B
348 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://de1041.1gewinner.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Feb 2024 13:15:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server
cleverpush-worker-15
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIeaTQEisIgGSyXj9UvtLuEeAdhIk5nkLW1FcTAGcbwegmoKgIXVPOnBSr5z4lspJBrPr6ptraOh5oIzeJ5h0mQeC1kqtnJJp5S47aJEfJJiB%2FoNOMuJ0VPDaliO7xPD5CDRCi7yhdb3o0wxPmAUpw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
850b6c1a292618eb-FRA
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
optin-visitor
api.cleverpush.com/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://de1041.1gewinner.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
850b6c19f8ed18eb-FRA
content-length
0
content-type
application/json; charset=utf-8
date
Mon, 05 Feb 2024 13:15:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0xvbTdGhWQzhIeSwdmXxdfD7om8s7y45kIigX4BHAFVmASXAVD%2BLLQ6G%2B2wsJVcnd%2FyFZXgWmt%2Fy0brtXMefSmnxvih4Fhxd55mnYwspqp2HhyDyxX1rjY3Zz5LKcowsxbXFQuEbz5qio9VX2KmEg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
confirm-alert
api.cleverpush.com/channel/ 		16 B
612 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/confirm-alert
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/cyF8KJYSfZzhHi8Py.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://de1041.1gewinner.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Feb 2024 13:15:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend-server
cleverpush-worker-15
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8sXj2GtpuyxcEvoqdo%2BtxSxynjKYdr%2F0hP3h23jBkeSI9XP3K1VmApYFtAa8IrUZ7%2FiptLhL5xI0Y6DuvwzJ5pEV5IC5X5aqyP%2F1We434e1iv8AfaAdJjqfY68L1sBEPSfBDUgWHIDysS20z3dwhpg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
cf-ray
850b6c261e4e1c34-FRA
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
defaultChannelIcon.png
static.cleverpush.com/app/images/ 		732 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cleverpush.com/app/images/defaultChannelIcon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de1041.1gewinner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 13:15:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BZ9B5AWHYK1SDA2A
age
719862
alt-svc
h3=":443"; ma=86400
content-length
732
x-amz-id-2
CyXgIgiiMLqA6HCukGWmrt9CjnhR1b5oNhCvNqXoMYnT3Ifsok+QFUo308v+mHlkHYLSpOYh7Ik=
last-modified
Mon, 21 Oct 2019 13:42:31 GMT
server
cloudflare
etag
"dada142d4861c864d8d63e8cd5dd22dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7VK0%2FUmQ5P5zy6awDRPYq0hxfqtLEHE9GwbvAlTd176XkCAOPfnDsVFRBWE1KPevb2Ht1xPkIHecV0FB%2BAvULOnA4O%2F96ArZhoiuLYjzav6rxiSYUGZw3x%2BpzpmJkEY66bSN8O9KMflSTNU6EhfZWv7iQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2628000
accept-ranges
bytes
cf-ray
850b6c25de354d82-FRA
confirm-alert
api.cleverpush.com/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/confirm-alert
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://de1041.1gewinner.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language, sentry-trace, baggage
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
850b6c25ddf41c34-FRA
content-length
0
content-type
application/json; charset=utf-8
date
Mon, 05 Feb 2024 13:15:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VPYfNzoNDcamNOAfavJvc7PWs49PYlgL%2FC5Z9k9YUjk1zmmim4EdVJ8D1RU0B00MNhE2BJLj%2BaiZOIkaZKhhIlRoDSTStf9jqqPORTGsjGLw6XzeRPMb9%2Fv4Yea6pTh%2BRLoOauRuGHzkej2E9OFbsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| showSAM object| jQuery112405745130012832196 string| optinBoxActive function| fbq function| _fbq function| pixelweiche object| pw object| webpackChunk_cleverpush_cleverpush_js_sdk object| regeneratorRuntime number| __cleverPushSdkLoadCount object| CleverPush

7 Cookies

Domain/Path Name / Value
p.arty2night.com/ Name: afclick
Value: 65c0df6d7868560001c81f38
p.arty2night.com/ Name: afoffers
Value: {"11912":1707138925}
www.sbbq3otrk.com/ Name: uniqueClick_RDN9MF
Value: ee761f11-9cf0-4e71-8a8f-d01119f64ebc:1707138925
www.sbbq3otrk.com/ Name: transaction_id
Value: 4d454b05615a40e490e8fc2231c9ead7
trckde01.de/ Name: PHPSESSID
Value: modl928je5u2k0647iiaq0pqro
de1041.1gewinner.de/ Name: PHPSESSID
Value: ol0401qk3p9mmhq8fpegki8bct
de1041.1gewinner.de/ Name: coyoteAffiliTokenId1041
Value: 74578581

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.cleverpush.com
connect.facebook.net
de1041.1gewinner.de
filesenzu.com
fonts.googleapis.com
lv1.mycleverpush.com
meine.pixelweiche.de
p.arty2night.com
static.cleverpush.com
trckde01.de
use.fontawesome.com
www.facebook.com
www.sbbq3otrk.com
2606:4700:20::ac43:47b8
2606:4700:3032::6815:479a
2606:4700:3034::ac43:a3b4
2606:4700:e6::ac40:cf26
2a00:1450:4001:80b::200a
2a00:1450:4001:828::200a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.111.143.46
35.158.79.89
45.156.91.34
78.46.198.121
0537dd9db402e44d199cc1f51c2346027f6af9eaf6e8382476f30c6ce7a8c517
13167b388a9e76cdaadb187e120ca0cd4369de3d652213135a908c646e90b698
141fb3f5cfe662d76c077d73ab421f8756a6aae698f86614b10e129b8a151437
22cf1baba55eced80d7ebb0de51fc8961757ef581964f8e10ebc8676399eba81
24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897
280b8a0043eaf8f47abbfc5cc63ed2fe224882e7217dbe99815c2b0aa1a27429
5984e696cdce2484487800bd38b8e4207af932b7751fa06fa9e7c8149a652748
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
73af61418ca8ea40f925bdd5c5380ee58ca1dc74117b5f9759336570a614aadb
78f82206874edb92e4cedada374ae32ba67cb601d95b2931b7d1ae18dcae153e
828d061fc6ee4c45da4fa52015068c44230241d2a9977d85dc7480f106bb8562
9d6ec8ac7a0322113c02d9cf34f6102e6092fd6c64c312c0d9e6552c417c5a7d
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
af8174469f71767c236ee088437bcf7876540e51e6bf17a903378ac0f10f710e
c735eee0ec5d0a05e65ad1e4ae8ba65f6d9a820a0b761ed081cf412b4ea85c73
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb18fc2728e150597a2d2ea549b024957126d05ac71df14c1dc3e2984138a1b8
d5ca4ea9bce78ec075c0d4ffbcdfc3df06bc9fcb76ed640422ed487ff1e28355
df124351501a3a62b99269da55fa305a5584a9e80e84f4ecf72cdd54d4978204
e31146d3d9513992f8b52b34f5be7ec30e18310597907957f350c44e04da4b37
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47f1cc4c8709442a2abb74583129dd04fd4cd1a86e10ef089a3f88d33166682
e675226d218c63702642d3f203ae7d16f4cd056f3a04529713f32e3d8af94265