urlscan.io logo urlscan.io
SecurityTrails logo

bf.traumbereich.com Open in urlscan Pro
157.90.33.49  Public Scan

Go To Rescan Add Verdict Report
URL: https://bf.traumbereich.com/0.9219810103116359
Submission: On January 10 via api from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 24 HTTP transactions. The main IP is 157.90.33.49, located in Ismaning, Germany and belongs to HETZNER-AS Hetzner Online GmbH, DE. The main domain is bf.traumbereich.com.
TLS certificate: Issued by R10 on December 8th 2024. Valid for: 3 months.
This is the only time bf.traumbereich.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 157.90.33.49 24940 (HETZNER-A...)
2 142.250.71.68 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
1 142.250.76.99 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
24 9
8    157.90.33.49 (Ismaning, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.49.33.90.157.clients.your-server.de
bf.traumbereich.com
2    142.250.71.68 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f4.1e100.net
www.google.com
2    2404:6800:4006:809::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2404:6800:4006:814::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2606:4700:20::ac43:47b8 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cleverpush.com
1    2404:6800:4006:814::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    142.250.76.99 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f3.1e100.net
fonts.gstatic.com
1    2404:6800:4006:813::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
8 traumbereich.com
bf.traumbereich.com
855 KB
7 cleverpush.com
static.cleverpush.com — Cisco Umbrella Rank: 36923
68 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
237 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
996 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
106 KB
0 mycleverpush.com Failed
deingewinn.mycleverpush.com Failed
24 8
Domain Requested by
8 bf.traumbereich.com bf.traumbereich.com
7 static.cleverpush.com bf.traumbereich.com
static.cleverpush.com
2 fonts.googleapis.com bf.traumbereich.com
2 www.google.com bf.traumbereich.com
www.gstatic.com
1 www.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.gstatic.com www.google.com
1 www.googletagmanager.com bf.traumbereich.com
0 deingewinn.mycleverpush.com Failed static.cleverpush.com
24 9

This site contains no links.

Subject Issuer Validity Valid
*.traumbereich.com
R10		 2024-12-08 -
2025-03-08		 3 months crt.sh
*.google.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
cleverpush.com
WE1		 2024-12-22 -
2025-03-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://bf.traumbereich.com/0.9219810103116359
Frame ID: 1ADDAFFEE1C2BE038DC938F10EA8B5AD
Requests: 24 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfohG4aAAAAAIugGWrdrbVKrxl_P5U6SFNBldxV&co=aHR0cHM6Ly9iZi50cmF1bWJlcmVpY2guY29tOjQ0Mw..&hl=en&v=RTbEo8_aWOvLbjGuoA8Hj2oS&size=invisible&cb=atunphk76ltk
Frame ID: ECD2749D01AA8FE6EACB73E7E7A2E7DB
Requests: 1 HTTP requests in this frame

Frame: https://deingewinn.mycleverpush.com/iframe?origin=https%3A%2F%2Fbf.traumbereich.com
Frame ID: 6865ED44C0414A92A5FBCF51A9B44F1F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Amazon-Gutschein

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

24
Requests

96 %
HTTPS

63 %
IPv6

8
Domains

9
Subdomains

9
IPs

3
Countries

1269 kB
Transfer

2057 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 0.9219810103116359
bf.traumbereich.com/ 		115 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bf.traumbereich.com/0.9219810103116359
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.33.49 Ismaning, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.49.33.90.157.clients.your-server.de
Software
nginx + Phusion Passenger(R) 6.0.24 / Phusion Passenger(R) 6.0.24
Resource Hash
4539434ec0c340682e76002b1e2f8098eb61f82beb379989f9720e45229f9abc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 10 Jan 2025 09:14:21 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
nginx + Phusion Passenger(R) 6.0.24
status
200 OK
strict-transport-security
max-age=63072000; includeSubdomains
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Phusion Passenger(R) 6.0.24
x-request-id
461585c1-0484-45f3-b2fc-299aee68d472
x-runtime
0.039601
x-xss-protection
1; mode=block
api.js
www.google.com/recaptcha/ 		1 KB
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LfohG4aAAAAAIugGWrdrbVKrxl_P5U6SFNBldxV
Requested by
Host: bf.traumbereich.com
URL: https://bf.traumbereich.com/0.9219810103116359
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f4.1e100.net
Software
ESF /
Resource Hash
ef0470fdf3b92b2c716209bc677f2f8c8e4bef0ddf096ed37f576d4cc43ec465
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bf.traumbereich.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Fri, 10 Jan 2025 09:14:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Fri, 10 Jan 2025 09:14:21 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
css2
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&display=swap
Requested by
Host: bf.traumbereich.com
URL: https://bf.traumbereich.com/0.9219810103116359
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3edf2fef0f171ba86eaee753895263a6b2e6411f94e137a430255551c430c876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bf.traumbereich.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 10 Jan 2025 09:14:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:14:21 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 10 Jan 2025 08:01:17 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: bf.traumbereich.com
URL: https://bf.traumbereich.com/0.9219810103116359
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ede014f47795c3d04812b724ef687909970f776d37854e7312a5ad859c84e41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bf.traumbereich.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 10 Jan 2025 09:14:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:14:21 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 10 Jan 2025 08:59:57 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
js
www.googletagmanager.com/gtag/ 		313 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FWCWYX24V1
Requested by
Host: bf.traumbereich.com
URL: https://bf.traumbereich.com/0.9219810103116359
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
81014b7311e109f26f3bd13039f8ca4e1f255b70f4a3a88429ec4765ce8fe040
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bf.traumbereich.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 10 Jan 2025 09:14:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:14:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107881
x-xss-protection
0
server
Google Tag Manager
page-441f49347bfd2ac9b05e800332689a05ee6490215252d43732dd46f9649e69df.css
bf.traumbereich.com/assets/ 		123 KB
123 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bf.traumbereich.com/assets/page-441f49347bfd2ac9b05e800332689a05ee6490215252d43732dd46f9649e69df.css
Requested by
Host: bf.traumbereich.com
URL: https://bf.traumbereich.com/0.9219810103116359
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.33.49 Ismaning, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.49.33.90.157.clients.your-server.de
Software
nginx /
Resource Hash
38bf1871d594c86ea4d91d6f867b77138bc2c13c082a993e04e46f58a0b1c013
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bf.traumbereich.com/0.9219810103116359

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
etag
"5fd1dce8-1eab8"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
125624
date
Fri, 10 Jan 2025 09:14:21 GMT
content-type
text/css
last-modified
Thu, 10 Dec 2020 08:31:36 GMT
server
nginx
page-07128814095fb33072684b502631ff55b37731a1504a639746e5a44ba2a33346.js
bf.traumbereich.com/assets/ 		440 KB
441 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bf.traumbereich.com/assets/page-07128814095fb33072684b502631ff55b37731a1504a639746e5a44ba2a33346.js
Requested by
Host: bf.traumbereich.com
URL: https://bf.traumbereich.com/0.9219810103116359
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.33.49 Ismaning, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.49.33.90.157.clients.your-server.de
Software
nginx /
Resource Hash
07128814095fb33072684b502631ff55b37731a1504a639746e5a44ba2a33346
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bf.traumbereich.com/0.9219810103116359

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
etag
"65ba2873-6e01e"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
450590
date
Fri, 10 Jan 2025 09:14:22 GMT
content-type
application/javascript
last-modified
Wed, 31 Jan 2024 11:01:07 GMT
server
nginx
XD9mH9GW8oFaaPcwK.js
static.cleverpush.com/channel/loader/ 		171 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Requested by
Host: bf.traumbereich.com
URL: https://bf.traumbereich.com/0.9219810103116359
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8ed0c16c6a879ddbabb423886d15e6e58d9f9e16a02aea5d25cc3f3b1c50bab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bf.traumbereich.com/

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"9f21f4fc722346b60e4f3d682a7ee90a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SbZhs2vVDUENjWn8ovM%2BiMc1d2AiBpUzFonqlse1p5sFTZ6m6oktbozIYm%2BSoUcTt4vVSpF409iFN5O5jboCLrqhh46y%2FCPhl0tvh2OrWiz%2FAnOkqLiT9wUDhgQG0mAmty8GVWmyLa6kEfmshRtE7UDqbg%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=35653&min_rtt=34463&rtt_var=7557&sent=9&recv=11&lost=0&retrans=0&sent_bytes=4007&recv_bytes=2262&delivery_rate=117166&cwnd=253&unsent_bytes=0&cid=81ca4b95d1af77fb&ts=4058&x=0"
date
Fri, 10 Jan 2025 09:14:27 GMT
content-type
application/javascript
last-modified
Fri, 10 Jan 2025 00:21:26 GMT
vary
Accept-Encoding
x-amz-id-2
prh9U2sJSyKMee4d6gLeAKsRnYj5d49UXwfR05eEIty47o1lzGSFmkJFtFkqSz+8rouYG5vjxCI=
cache-control
public, max-age=21600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
GCD6HMTA9EH7B5J5
cf-ray
8ffb8e77e92fd9a6-AKL
server
cloudflare
x-amz-server-side-encryption
AES256
prize.png
bf.traumbereich.com/system/uploads/plain_images/images/000/002/677/original/ 		194 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bf.traumbereich.com/system/uploads/plain_images/images/000/002/677/original/prize.png?1636531125
Requested by
Host: bf.traumbereich.com
URL: https://bf.traumbereich.com/0.9219810103116359
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.33.49 Ismaning, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.49.33.90.157.clients.your-server.de
Software
nginx /
Resource Hash
08b48977bed9d4c3a49dbce0faa6c5bc81aae7fd189d7e23c591195343c1f822
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bf.traumbereich.com/0.9219810103116359

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
etag
"618b7bb5-30657"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
198231
date
Fri, 10 Jan 2025 09:14:22 GMT
content-type
image/png
last-modified
Wed, 10 Nov 2021 07:58:45 GMT
server
nginx
1736500461-1.gif
bf.traumbereich.com/views/ 		43 B
967 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bf.traumbereich.com/views/1736500461-1.gif
Requested by
Host: bf.traumbereich.com
URL: https://bf.traumbereich.com/0.9219810103116359
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.33.49 Ismaning, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.49.33.90.157.clients.your-server.de
Software
nginx + Phusion Passenger(R) 6.0.24 / Phusion Passenger(R) 6.0.24
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bf.traumbereich.com/0.9219810103116359

Response headers

x-request-id
08209687-58ac-4700-8915-04cd2117490a
content-encoding
gzip
x-content-type-options
nosniff, nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
status
200 OK
date
Fri, 10 Jan 2025 09:14:22 GMT
content-type
image/gif
vary
Accept-Encoding
x-runtime
0.011749
content-disposition
inline
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubdomains
cache-control
no-cache, no-store
pragma
no-cache
content-transfer-encoding
binary
x-xss-protection
1; mode=block
x-powered-by
Phusion Passenger(R) 6.0.24
server
nginx + Phusion Passenger(R) 6.0.24
recaptcha__en.js
www.gstatic.com/recaptcha/releases/RTbEo8_aWOvLbjGuoA8Hj2oS/ 		547 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/RTbEo8_aWOvLbjGuoA8Hj2oS/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfohG4aAAAAAIugGWrdrbVKrxl_P5U6SFNBldxV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fba14002d8020b52ee5df50c15a9e3abea5a03acbb5fbaad2596811f1128f471
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bf.traumbereich.com
Referer
https://bf.traumbereich.com/

Response headers

content-encoding
gzip
age
7862
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sat, 10 Jan 2026 07:03:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 07:03:21 GMT
last-modified
Mon, 06 Jan 2025 05:01:14 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
221408
x-xss-protection
0
server
sffe
bg.png
bf.traumbereich.com/system/uploads/plain_images/images/000/002/676/original/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bf.traumbereich.com/system/uploads/plain_images/images/000/002/676/original/bg.png?1636530523
Requested by
Host: bf.traumbereich.com
URL: https://bf.traumbereich.com/0.9219810103116359
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.33.49 Ismaning, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.49.33.90.157.clients.your-server.de
Software
nginx /
Resource Hash
242336a508cb1de363547a64e0f973132eedd27409b8b6fbf82ad89a75c02108
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bf.traumbereich.com/0.9219810103116359

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
etag
"618b795b-3f35"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
16181
date
Fri, 10 Jan 2025 09:14:23 GMT
content-type
image/png
last-modified
Wed, 10 Nov 2021 07:48:43 GMT
server
nginx
bgSales.png
bf.traumbereich.com/system/uploads/plain_images/images/000/002/678/original/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bf.traumbereich.com/system/uploads/plain_images/images/000/002/678/original/bgSales.png?1636531242
Requested by
Host: bf.traumbereich.com
URL: https://bf.traumbereich.com/0.9219810103116359
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.33.49 Ismaning, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.49.33.90.157.clients.your-server.de
Software
nginx /
Resource Hash
d515a8b81b14c2e706961cf970bbc7d9e5b3a8a627ea9987cb8bf1219f1aff33
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bf.traumbereich.com/0.9219810103116359

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
etag
"618b7c2a-3af7"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
15095
date
Fri, 10 Jan 2025 09:14:23 GMT
content-type
image/png
last-modified
Wed, 10 Nov 2021 08:00:42 GMT
server
nginx
KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2
fonts.gstatic.com/s/roboto/v47/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v47/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.99 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f3.1e100.net
Software
sffe /
Resource Hash
e44c11f4834bdd4d6b6da7b8ee5eaebc8acb41250cd6bce5cc82ea8262140eaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bf.traumbereich.com
Referer
https://fonts.googleapis.com/

Response headers

age
123635
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 08 Jan 2026 22:53:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 08 Jan 2025 22:53:48 GMT
last-modified
Wed, 08 Jan 2025 18:23:11 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20612
x-xss-protection
0
server
sffe
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
782a6bf22dee5c7a9ebc97d8fa22715437647a826fdaa822d5ae998b11cd8347

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bf.traumbereich.com
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8e81a74477966bc77643aa95f16eb2b826d97198cf3c9cc14130598b616aac8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bf.traumbereich.com
Referer

Response headers

Content-Type
image/svg+xml
anchor
www.google.com/recaptcha/api2/ Frame ECD2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfohG4aAAAAAIugGWrdrbVKrxl_P5U6SFNBldxV&co=aHR0cHM6Ly9iZi50cmF1bWJlcmVpY2guY29tOjQ0Mw..&hl=en&v=RTbEo8_aWOvLbjGuoA8Hj2oS&size=invisible&cb=atunphk76ltk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RTbEo8_aWOvLbjGuoA8Hj2oS/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.68 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-E0etAG8EJVlI4W8u-77mOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bf.traumbereich.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-E0etAG8EJVlI4W8u-77mOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Jan 2025 09:14:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FWCWYX24V1&gtm=45je5190v9201766272za200&_p=1736500462014&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1181422237.1736500464&ul=en-nz&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1736500464&sct=1&seg=0&dl=https%3A%2F%2Fbf.traumbereich.com%2F0.9219810103116359&dt=Amazon-Gutschein&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3537
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FWCWYX24V1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:813::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bf.traumbereich.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://bf.traumbereich.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:14:24 GMT
content-type
text/plain
server
Golfe2
1731.b8070b187846aeaea4b6.js
static.cleverpush.com/sdk/chunk/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/1731.b8070b187846aeaea4b6.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c45676d16adc91f8a299c14276bf71cdc3b2514b0141b6c316631f59d16ac11e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bf.traumbereich.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"be29cc206b149b452c82002e93ff8210"
age
36328
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tUgm1IxBlm0vUYofccVRwQW45Vnhpp9mkU8ffUoD6COlwg5fIi9QSGO0VHbKzQQvPjteGdBKIySI5IEpkI4OEn%2BIsFnftAJOQrITRWKuuDfJBMI4w1fYjnwkFd9zdS309k3qrdUizhhTXyZ9lxfnajNbqA%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=35308&min_rtt=34425&rtt_var=2887&sent=53&recv=18&lost=0&retrans=0&sent_bytes=50491&recv_bytes=2494&delivery_rate=1546131&cwnd=253&unsent_bytes=0&cid=81ca4b95d1af77fb&ts=4143&x=0"
date
Fri, 10 Jan 2025 09:14:27 GMT
content-type
text/javascript
last-modified
Tue, 07 Jan 2025 23:05:13 GMT
vary
Accept-Encoding
x-amz-id-2
5Vw1gqThRXonaZA1Q+Z+gdQ49IHgUZ8AnR1bkYPOq3syeaaXVUynLy1ordmfYtxZSKhINwXcHAs=
cache-control
public,max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8J4QS1S8E2TT5QK0
cf-ray
8ffb8e917f58d9a6-AKL
server
cloudflare
x-amz-server-side-encryption
AES256
9835.f49067a377631b048459.js
static.cleverpush.com/sdk/chunk/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/9835.f49067a377631b048459.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b128d5fd82b08eb1a49fdb7f2aaad42af2b0339f6b263b800324cbb2d6c21e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bf.traumbereich.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"94c2340fb27cdeac4ede6b03c9d4c04c"
age
36472
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZILErQylRik2MK14QmqSElhfqLJNWdabf5upaR5T0QJopqtUMaAzXtbzGDqS0%2BQUOi3%2FGh1WLxUjAbV2g%2FoXbB5O9LiqZctd%2FznAbt69Swk99FACy%2FAlFSLEs6YJxS1gq%2Btaz7uLHkv6vT42Og04QaXTlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=35308&min_rtt=34425&rtt_var=2887&sent=58&recv=21&lost=0&retrans=0&sent_bytes=52645&recv_bytes=2726&delivery_rate=1546131&cwnd=253&unsent_bytes=0&cid=81ca4b95d1af77fb&ts=4145&x=0"
date
Fri, 10 Jan 2025 09:14:27 GMT
content-type
text/javascript
last-modified
Tue, 07 Jan 2025 23:05:19 GMT
vary
Accept-Encoding
x-amz-id-2
retRs7sofvmfpJQnECvJTqUKHItt+lCkqfgO8f95wTQKcq7XZy/boIeeR3J8GathwPxEdruR46eXll2br3Ozp/ZBRoGxttkg
cache-control
public,max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CBPY1133FG6M9KY0
cf-ray
8ffb8e917f5ad9a6-AKL
server
cloudflare
x-amz-server-side-encryption
AES256
4663.a62cc16c9086f415ce3e.js
static.cleverpush.com/sdk/chunk/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/4663.a62cc16c9086f415ce3e.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56ce488016e10e57ed18b91230364c9b44ac2d00cd4eb5ec89c816a3ec035665

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bf.traumbereich.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"a82cf65ac0d1c5f50c78232480ec4b5c"
age
36472
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2BfjrCSe685y%2BDjQkWoaPuN%2FwjYxY5sQc1nrfFKnMZKhZHbKqPSk1zPWRRVPGVft1warIua92YaRZ16y9aZNXOuJd52LOTc%2BTB0wVnz83PrsOKo0kOepIdGgXfZqEdlHLGuV8Sf%2FURo5JnIS1HHifv54zA%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=35308&min_rtt=34425&rtt_var=2887&sent=62&recv=21&lost=0&retrans=0&sent_bytes=54701&recv_bytes=2726&delivery_rate=1546131&cwnd=253&unsent_bytes=0&cid=81ca4b95d1af77fb&ts=4148&x=0"
date
Fri, 10 Jan 2025 09:14:27 GMT
content-type
text/javascript
last-modified
Tue, 07 Jan 2025 23:05:15 GMT
vary
Accept-Encoding
x-amz-id-2
2zk/4MSaey2P2UT9HwqUHXbOFv6qPrUJOapVOtOozRibuAZqwfDDqg1gpTvsEBz1VrjkRljam7AGapFQ9fi/VV6VGm2y+s8T
cache-control
public,max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CBPNX4MH60KQ4W3P
cf-ray
8ffb8e917f5cd9a6-AKL
server
cloudflare
x-amz-server-side-encryption
AES256
4005.6f562922d9c9f546bc3d.js
static.cleverpush.com/sdk/chunk/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/4005.6f562922d9c9f546bc3d.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aee88822b67db7e7c863a6ba2e751bbce73d63a0e3b50a528da0b82a45ecbbc5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bf.traumbereich.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"a8f33d6686dcc672874231122a4a4e3c"
age
36492
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nu%2Fyy7vSLIgssa47yWmQloTgT1Qbibrdwmysphe%2Bun7kSx5Ptr7NWH%2FLpQRiiJRpCm2PFj2RwPY1eXfvCURO%2BgBqOC%2BY93XyNbmJCvJ8GrmoWszX3AAeS9krYpowsioGMdCYrqtMVIg9CdixPp4jwElOyg%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=35308&min_rtt=34425&rtt_var=2887&sent=69&recv=21&lost=0&retrans=0&sent_bytes=59006&recv_bytes=2726&delivery_rate=1546131&cwnd=253&unsent_bytes=0&cid=81ca4b95d1af77fb&ts=4152&x=0"
date
Fri, 10 Jan 2025 09:14:27 GMT
content-type
text/javascript
last-modified
Tue, 07 Jan 2025 23:05:14 GMT
vary
Accept-Encoding
x-amz-id-2
qlIt5AH6UxvbvCjL1deSTNPsPQIOK3SYVUHoZoJkjMUK/YJYr9ryyM1D5f51KMRj2tm+91m6MXU=
cache-control
public,max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Z23XEA8JRVGD54FM
cf-ray
8ffb8e918f6ed9a6-AKL
server
cloudflare
x-amz-server-side-encryption
AES256
3251.852e9eed8ead3e6378e1.js
static.cleverpush.com/sdk/chunk/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/3251.852e9eed8ead3e6378e1.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3aa5f7c7a36d0219f25eea299c8d1e896d03dcbe0c3455830d775e35f9f1da4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bf.traumbereich.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"83f28f7f709f04b0db81309a40c83d68"
age
36472
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6V%2BMErUelCvvbqsbn98%2BuELusUV2fCu7QAV%2FgzIlvbyEN25seENcF5rIa6h0SFJNQzsmi%2BnFoYoIFUJq2eP7TxLhEnzXPnEtE6AYedHiGkuZcgmlTFUZRpLADCQaHuxZzzTsrx5Syhfx%2F9CUQTdbEfgMAw%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=35308&min_rtt=34425&rtt_var=2887&sent=65&recv=21&lost=0&retrans=0&sent_bytes=55918&recv_bytes=2726&delivery_rate=1546131&cwnd=253&unsent_bytes=0&cid=81ca4b95d1af77fb&ts=4151&x=0"
date
Fri, 10 Jan 2025 09:14:27 GMT
content-type
text/javascript
last-modified
Tue, 07 Jan 2025 23:05:14 GMT
vary
Accept-Encoding
x-amz-id-2
UeWtEvo7Vda6GZJy9p+QuERSrSu43H4hlphx33t3iHzfV40+Io1UNJWApX4FTxalH039aAeHQ09ToaJ+xo0fDvZpdM6gZY/M
cache-control
public,max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EJZTJ01TEM1S2GFE
cf-ray
8ffb8e918f6fd9a6-AKL
server
cloudflare
x-amz-server-side-encryption
AES256
8115.2ad8c2a58dac3565f416.js
static.cleverpush.com/sdk/chunk/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/8115.2ad8c2a58dac3565f416.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/XD9mH9GW8oFaaPcwK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
802664e761d102fa54233390a047750f6d39fb9151012c602d3ee7e4a5d3b209

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bf.traumbereich.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"824ca60a59b08b315825cbf935c0aee1"
age
36457
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X8HpjIV3rZ8J7eKREevxEQR1dpZjTE6WwS15vo68gO%2FobO%2FPwoW7SLQmIwsYyLKNaGXzjLtjIpqY4KBifHOcyalI4EntFL%2BZgaX%2BzDYVYt4RUGLiuW3GW8ZbFJReLmrbTLI93jZMrL1J5rQnSpBPV1yMyw%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=35308&min_rtt=34425&rtt_var=2887&sent=80&recv=21&lost=0&retrans=0&sent_bytes=69842&recv_bytes=2726&delivery_rate=1546131&cwnd=253&unsent_bytes=0&cid=81ca4b95d1af77fb&ts=4152&x=0"
date
Fri, 10 Jan 2025 09:14:27 GMT
content-type
text/javascript
last-modified
Tue, 07 Jan 2025 23:05:17 GMT
vary
Accept-Encoding
x-amz-id-2
ZPtXqOK515gQIMo3vvaFFtZYW/QbygZxW7/F/3AJCPgSbi/2A4MwJpGeYVLvkx55y/XRbFgiwDpTVqq6VQ2Js+YdgfEmpRui
cache-control
public,max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EJZMJXWFBW1RFPN2
cf-ray
8ffb8e918f71d9a6-AKL
server
cloudflare
x-amz-server-side-encryption
AES256
iframe
deingewinn.mycleverpush.com/ Frame 6865 		0
0
favicon.ico
bf.traumbereich.com/ 		25 KB
25 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bf.traumbereich.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.33.49 Ismaning, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.49.33.90.157.clients.your-server.de
Software
nginx /
Resource Hash
456fea2a70c15ca0ffb471cce04df584a404fe2f6b247ff48b8b6ece8d009b4a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bf.traumbereich.com/0.9219810103116359

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
etag
"5fd1dce8-627e"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
25214
date
Fri, 10 Jan 2025 09:14:27 GMT
content-type
image/x-icon
last-modified
Thu, 10 Dec 2020 08:31:36 GMT
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
deingewinn.mycleverpush.com
URL
https://deingewinn.mycleverpush.com/iframe?origin=https%3A%2F%2Fbf.traumbereich.com

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| gtag object| dataLayer function| filter_street_list function| get_cities function| get_streets function| transliterate function| do_nothing function| ajax_trigger_group function| ajax_save_coreg function| validation_check function| init_iframe_spinner function| lsa function| h_put_f function| put_f function| check_unfinished_coregs function| parse_text function| replacer function| processCoreg function| _willTriggerCoregGroups function| _willTriggerQuestion function| _willTriggerSaveCoregs function| _willPresentPopunder function| _displayCoregElement function| _hideCoregElement function| _showHideNextQuestion function| Participant function| $ function| jQuery object| jQuery112407544305935264539 object| CleverPush function| setNewFormGroup function| setCookie function| getCookie function| modalStatus function| getParamter function| showText function| hideText function| firstPageClientValidation function| secondPageClientValidation function| FieldValidation function| FormField function| FieldProcessor string| WENATEX string| BRIGITTE string| DAMOWI_GEO function| willTriggerCoregGroups function| willTriggerQuestion function| willTriggerSaveCoregs function| hideCoregElement function| coregModalHeaderMarkup function| wiggleAnswers function| _userActivityTimedOut function| actionWithInactivity function| actionWithNegative function| willSubmitAfterPassingValidation function| formPopupMarkup function| spinnerMarkup function| updateProgressIndicator object| recaptcha object| closure_lm_682023 object| google_tag_manager object| google_tag_data object| gaGlobal object| webpackChunk_cleverpush_cleverpush_js_sdk object| regeneratorRuntime number| __cleverPushSdkLoadCount

3 Cookies

Domain/Path Name / Value
bf.traumbereich.com/ Name: _traumbereich_com_100004_1482_session
Value: aFdhRXdyQThVK05vYU01S0p2VWlDemNKSENML1IramNVSUNZSXIvd2N0ZkxHL20zYS9qWVFwWmhlRS83WUhUSVg4Yy9zNU1QOVQxWE9tT3gyVkZkNUdoOXRBeDhwU1BoV05aQkp5dlpoeWR1YVgvYWhTNjBQVEJtVXJvN0N3NmlQVmxraWQzNElkRXVCM1NrUEpvTng1WDdGZGZxR2QvcllvMjVhNHR5NmNubmtGaDZsdlo0Z05saHF0MlA5TklrNGc1ZTZraTEvbWUwL2Q3V1QrTFZQTjVNU2h5ZHFaYW5LSWhUL3A3ZFF4VkowTnBMZjQxSUxFL1hDVFduQTFnNi0tTFM2VTFySUFCbFZKRGZhbERSMUI2dz09--133cbed7ec5dcf667b1508fb6b3e41b7c18a0f4e
.traumbereich.com/ Name: _ga
Value: GA1.1.1181422237.1736500464
.traumbereich.com/ Name: _ga_FWCWYX24V1
Value: GS1.1.1736500464.1.0.1736500464.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bf.traumbereich.com
deingewinn.mycleverpush.com
fonts.googleapis.com
fonts.gstatic.com
static.cleverpush.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
deingewinn.mycleverpush.com
142.250.71.68
142.250.76.99
157.90.33.49
2404:6800:4006:809::200a
2404:6800:4006:813::200e
2404:6800:4006:814::2003
2404:6800:4006:814::2008
2606:4700:20::ac43:47b8
07128814095fb33072684b502631ff55b37731a1504a639746e5a44ba2a33346
08b48977bed9d4c3a49dbce0faa6c5bc81aae7fd189d7e23c591195343c1f822
1ede014f47795c3d04812b724ef687909970f776d37854e7312a5ad859c84e41
242336a508cb1de363547a64e0f973132eedd27409b8b6fbf82ad89a75c02108
38bf1871d594c86ea4d91d6f867b77138bc2c13c082a993e04e46f58a0b1c013
3edf2fef0f171ba86eaee753895263a6b2e6411f94e137a430255551c430c876
4539434ec0c340682e76002b1e2f8098eb61f82beb379989f9720e45229f9abc
456fea2a70c15ca0ffb471cce04df584a404fe2f6b247ff48b8b6ece8d009b4a
56ce488016e10e57ed18b91230364c9b44ac2d00cd4eb5ec89c816a3ec035665
6b128d5fd82b08eb1a49fdb7f2aaad42af2b0339f6b263b800324cbb2d6c21e8
782a6bf22dee5c7a9ebc97d8fa22715437647a826fdaa822d5ae998b11cd8347
802664e761d102fa54233390a047750f6d39fb9151012c602d3ee7e4a5d3b209
81014b7311e109f26f3bd13039f8ca4e1f255b70f4a3a88429ec4765ce8fe040
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
aee88822b67db7e7c863a6ba2e751bbce73d63a0e3b50a528da0b82a45ecbbc5
c45676d16adc91f8a299c14276bf71cdc3b2514b0141b6c316631f59d16ac11e
c8e81a74477966bc77643aa95f16eb2b826d97198cf3c9cc14130598b616aac8
d3aa5f7c7a36d0219f25eea299c8d1e896d03dcbe0c3455830d775e35f9f1da4
d515a8b81b14c2e706961cf970bbc7d9e5b3a8a627ea9987cb8bf1219f1aff33
e44c11f4834bdd4d6b6da7b8ee5eaebc8acb41250cd6bce5cc82ea8262140eaa
ef0470fdf3b92b2c716209bc677f2f8c8e4bef0ddf096ed37f576d4cc43ec465
f8ed0c16c6a879ddbabb423886d15e6e58d9f9e16a02aea5d25cc3f3b1c50bab
fba14002d8020b52ee5df50c15a9e3abea5a03acbb5fbaad2596811f1128f471