urlscan.io logo urlscan.io
SecurityTrails logo

media750.gewinn24-7.de Open in urlscan Pro
188.95.252.33  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3BWhc3b
Effective URL: https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
Submission: On August 14 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 14 domains to perform 37 HTTP transactions. The main IP is 188.95.252.33, located in Spain and belongs to RACKMARKT, ES. The main domain is media750.gewinn24-7.de.
TLS certificate: Issued by cPanel, Inc. Certification Authority on June 15th 2022. Valid for: 3 months.
This is the only time media750.gewinn24-7.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-CL...)
1 1 45.141.157.124 209696 (NILSAT)
1 6 188.95.252.33 197518 (RACKMARKT)
7 2a00:1450:400... 15169 (GOOGLE)
1 152.199.4.33 15133 (EDGECAST)
1 13.225.84.132 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
17 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:310... 13335 (CLOUDFLAR...)
1 78.46.198.121 24940 (HETZNER-AS)
37 11
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
1    45.141.157.124 (Bulgaria)

ASN209696 (NILSAT, BG)
PTR: winxbit.winxbit.com
track.em-trkcd.com
6    188.95.252.33 (Spain)

ASN197518 (RACKMARKT, ES)
PTR: master.ceoo.cli.rackmarkt.com
gewinn-ometer.com
media750.gewinn24-7.de
7    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    152.199.4.33 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
1    13.225.84.132 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-132.fra2.r.cloudfront.net
d1cr9zxt7u0sgu.cloudfront.net
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
17    2606:4700:20::ac43:47b8 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cleverpush.com
api.cleverpush.com
1    2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2606:4700:3108::ac42:28e7 (United States)

ASN13335 (CLOUDFLARENET, US)
218a2560b3a2774254c9535b5e63c482d14d5e20.csftr.com
1    78.46.198.121 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.121.198.46.78.clients.your-server.de
deaffiliateceoo.mycleverpush.com
Apex Domain
Subdomains		 Transfer
17 cleverpush.com
static.cleverpush.com — Cisco Umbrella Rank: 17305
api.cleverpush.com — Cisco Umbrella Rank: 17686
120 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
5 gewinn24-7.de
media750.gewinn24-7.de
305 KB
1 mycleverpush.com
deaffiliateceoo.mycleverpush.com
26 KB
1 csftr.com
218a2560b3a2774254c9535b5e63c482d14d5e20.csftr.com — Cisco Umbrella Rank: 866020
499 B
1 google.de
www.google.de — Cisco Umbrella Rank: 5596
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 10
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
447 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
1 cloudfront.net
d1cr9zxt7u0sgu.cloudfront.net
26 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 390
39 KB
1 gewinn-ometer.com
gewinn-ometer.com — Cisco Umbrella Rank: 425152
740 B
1 em-trkcd.com
track.em-trkcd.com — Cisco Umbrella Rank: 490067
3 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 4554
255 B
37 14
Domain Requested by
12 static.cleverpush.com media750.gewinn24-7.de
static.cleverpush.com
deaffiliateceoo.mycleverpush.com
7 www.google-analytics.com media750.gewinn24-7.de
www.google-analytics.com
5 api.cleverpush.com static.cleverpush.com
5 media750.gewinn24-7.de media750.gewinn24-7.de
1 deaffiliateceoo.mycleverpush.com static.cleverpush.com
1 218a2560b3a2774254c9535b5e63c482d14d5e20.csftr.com d1cr9zxt7u0sgu.cloudfront.net
1 www.google.de media750.gewinn24-7.de
1 www.google.com media750.gewinn24-7.de
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.googleapis.com media750.gewinn24-7.de
1 d1cr9zxt7u0sgu.cloudfront.net media750.gewinn24-7.de
1 ajax.aspnetcdn.com media750.gewinn24-7.de
1 gewinn-ometer.com 1 redirects
1 track.em-trkcd.com 1 redirects
1 bit.ly 1 redirects
37 15
Subject Issuer Validity Valid
media750.gewinn24-7.de
cPanel, Inc. Certification Authority		 2022-06-15 -
2022-09-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-07-11 -
2023-07-11		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-11 -
2023-06-11		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.csftr.com
E1		 2022-07-10 -
2022-10-08		 3 months crt.sh
*.mycleverpush.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-06 -
2023-06-06		 a year crt.sh

This page contains 2 frames:

Primary Page: https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
Frame ID: E8FFF193291CACED7B5D396971F29DB5
Requests: 31 HTTP requests in this frame

Frame: https://deaffiliateceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Fmedia750.gewinn24-7.de
Frame ID: 17572CCDC5122DA14BA6ED5D87F9D141
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Media Markt - 750€ Geschenkcoupons

Page URL History Show full URLs

  1. https://bit.ly/3BWhc3b HTTP 301
    https://track.em-trkcd.com/?a=142828&c=229560&co=190389&mt=3 HTTP 302
    https://gewinn-ometer.com/de,mediamarkt,750,2020,aff,vertical_1509.html?idPartner=909&idCampaignAd=0&s... HTTP 302
    https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=& Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

100 %
HTTPS

54 %
IPv6

14
Domains

15
Subdomains

11
IPs

5
Countries

540 kB
Transfer

1153 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3BWhc3b HTTP 301
    https://track.em-trkcd.com/?a=142828&c=229560&co=190389&mt=3 HTTP 302
    https://gewinn-ometer.com/de,mediamarkt,750,2020,aff,vertical_1509.html?idPartner=909&idCampaignAd=0&subId=142828&subIdentifier=8013fa11857f4eda847b31abb63188f215586&additionalParamString= HTTP 302
    https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request campaign_2414.html
media750.gewinn24-7.de/
Redirect Chain
  • https://bit.ly/3BWhc3b
  • https://track.em-trkcd.com/?a=142828&c=229560&co=190389&mt=3
  • https://gewinn-ometer.com/de,mediamarkt,750,2020,aff,vertical_1509.html?idPartner=909&idCampaignAd=0&subId=142828&subIdentifier=8013fa11857f4eda847b31abb63188f215586&additionalParamString=
  • https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
109 KB
110 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
master.ceoo.cli.rackmarkt.com
Software
Apache /
Resource Hash
47ab5b47a4f7bc3bcc94325defeb7477e4271817104d9684bb1f840a06cf6be9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
close
Content-Type
text/html; charset=UTF-8
Date
Sun, 14 Aug 2022 00:47:03 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
close
Content-Type
text/html; charset=UTF-8
Date
Sun, 14 Aug 2022 00:47:03 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: media750.gewinn24-7.de
URL: https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6067
date
Sat, 13 Aug 2022 23:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 14 Aug 2022 01:05:57 GMT
jquery-3.4.1.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		86 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.1.min.js
Requested by
Host: media750.gewinn24-7.de
URL: https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.33 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcb/733F) /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 00:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29720348
x-cache
HIT
content-length
39419
x-xss-protection
1; mode=block
last-modified
Thu, 02 May 2019 18:32:11 GMT
server
ECAcc (dcb/733F)
etag
"1bf3635b151d51:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
shdfp.js
d1cr9zxt7u0sgu.cloudfront.net/ 		84 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1cr9zxt7u0sgu.cloudfront.net/shdfp.js?SITE_ID=218a2560b3a2774254c9535b5e63c482d14d5e20&TYPE=JS&DE=1
Requested by
Host: media750.gewinn24-7.de
URL: https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-132.fra2.r.cloudfront.net
Software
nginx/1.14.2 /
Resource Hash
84bab018c3c5a57e389a625460a3777f504fa37e6230fd68ceab4c9e007d347a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 00:47:05 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 09:40:08 GMT
server
nginx/1.14.2
age
12
etag
W/"6225d2f8-14ec8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
eCFwsJ8c0UT2dULD3Jag-yv89GzpCW71L2brlR4i2l6T1a1_v0wctw==
190.css
media750.gewinn24-7.de/media/adresseManager/microSiteCss/ 		46 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media750.gewinn24-7.de/media/adresseManager/microSiteCss/190.css
Requested by
Host: media750.gewinn24-7.de
URL: https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
master.ceoo.cli.rackmarkt.com
Software
Apache /
Resource Hash
f7c124cc34fd8313c1bd79463c9d981df35f23203f46ed99325037d780f62844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sun, 14 Aug 2022 00:47:04 GMT
Last-Modified
Tue, 09 Aug 2022 09:04:13 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
47177
Content-Type
text/css
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Teko:300,400,500,600,700
Requested by
Host: media750.gewinn24-7.de
URL: https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c41599fa01a641b5c5a646a8320a7a48e70c9ed0b6a806f791340954d7e266e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 14 Aug 2022 00:37:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 14 Aug 2022 00:47:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Aug 2022 00:47:04 GMT
NK8GfGNLpAYfKeg38.js
static.cleverpush.com/channel/loader/ 		266 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Requested by
Host: media750.gewinn24-7.de
URL: https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f707cad072294aa25f6e116dfd35aa9070db181c5998a4607061623e48e9c43e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 00:47:05 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
B6GV58WE9JHSC7Q7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
hgwL98zKVwnuE47Nt+cJu0P01l6z8S1y3NBYK2p+6sKu/d7xvP8/+Ha2DqcaiIvNBx8PWrOc2nA=
last-modified
Sun, 14 Aug 2022 00:29:53 GMT
server
cloudflare
etag
W/"a5ec5cbb47c7f37bb179e8c2e3888bec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lofOLbQFH9DpVgj6KALEcmJ9JLMACvlUjiTKwWUwUVIz5pgSEvZ0qTjouknu5EWjqykezc1PdEHeJAFLmGuBpwOOCcgoP0g02ctW0WWu8%2FBwEf%2Br4HjiAyNlYGpsG%2FfYs8N6SAe2Y2T1n6pesP7X9S7XA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=21600
cf-ray
73a5ad59cca73759-MXP
blank.png
media750.gewinn24-7.de/media/adresseManager/microSiteImg/2414/ 		928 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media750.gewinn24-7.de/media/adresseManager/microSiteImg/2414/blank.png
Requested by
Host: media750.gewinn24-7.de
URL: https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
master.ceoo.cli.rackmarkt.com
Software
Apache /
Resource Hash
808ae8844e5f26252997ea223a219829f9cc2e20e7114ca6f1cb192c46209a2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sun, 14 Aug 2022 00:47:04 GMT
Last-Modified
Wed, 24 Jun 2020 08:41:04 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
928
Content-Type
image/png
main_layout_logo.png
media750.gewinn24-7.de/media/adresseManager/microSiteImg/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media750.gewinn24-7.de/media/adresseManager/microSiteImg/main_layout_logo.png
Requested by
Host: media750.gewinn24-7.de
URL: https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
master.ceoo.cli.rackmarkt.com
Software
Apache /
Resource Hash
2a4d605dd6458a3aac55b7b19e22ea4de2832085f54fce11729ba0762b3d4dae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sun, 14 Aug 2022 00:47:04 GMT
Last-Modified
Mon, 08 May 2017 07:24:36 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
7333
Content-Type
image/png
collect
www.google-analytics.com/j/ 		4 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1149608012&t=pageview&_s=1&dl=https%3A%2F%2Fmedia750.gewinn24-7.de%2Fcampaign_2414.html%3FcoyoteAffiliTokenId%3D468715533%26additionalParamString%3D%26&dp=2414%2FstartPage%2F&ul=en-us&de=UTF-8&dt=startPage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=893372703&gjid=256474366&cid=311361716.1660438025&tid=UA-68861802-12&_gid=1887156031.1660438025&_r=1&_slc=1&cg1=2414&cg2=190&cg3=909&cg4=142828&cg5=8013fa11857f4eda847b31abb63188f215586&cd1=2414&cd2=190&cd3=909&cd4=142828&cd5=8013fa11857f4eda847b31abb63188f215586&cd6=2684&z=546959582
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://media750.gewinn24-7.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 00:47:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://media750.gewinn24-7.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1149608012&t=event&_s=2&dl=https%3A%2F%2Fmedia750.gewinn24-7.de%2Fcampaign_2414.html%3FcoyoteAffiliTokenId%3D468715533%26additionalParamString%3D%26&dp=2414%2FstartPage%2F&ul=en-us&de=UTF-8&dt=startPage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=190&ea=pageview&el=2414%2FstartPage%2F&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=311361716.1660438025&tid=UA-68861802-12&_gid=1887156031.1660438025&cg1=2414&cg2=190&cg3=909&cg4=142828&cg5=8013fa11857f4eda847b31abb63188f215586&cd1=2414&cd2=190&cd3=909&cd4=142828&cd5=8013fa11857f4eda847b31abb63188f215586&cd6=2684&z=1565149821
Requested by
Host: media750.gewinn24-7.de
URL: https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 17:17:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
26993
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1149608012&t=event&_s=3&dl=https%3A%2F%2Fmedia750.gewinn24-7.de%2Fcampaign_2414.html%3FcoyoteAffiliTokenId%3D468715533%26additionalParamString%3D%26&dp=2414%2FstartPage%2F&ul=en-us&de=UTF-8&dt=startPage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=190&ea=idPartner&el=909&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=311361716.1660438025&tid=UA-68861802-12&_gid=1887156031.1660438025&cg1=2414&cg2=190&cg3=909&cg4=142828&cg5=8013fa11857f4eda847b31abb63188f215586&cd1=2414&cd2=190&cd3=909&cd4=142828&cd5=8013fa11857f4eda847b31abb63188f215586&cd6=2684&z=1547407871
Requested by
Host: media750.gewinn24-7.de
URL: https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 17:17:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
26993
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1149608012&t=event&_s=4&dl=https%3A%2F%2Fmedia750.gewinn24-7.de%2Fcampaign_2414.html%3FcoyoteAffiliTokenId%3D468715533%26additionalParamString%3D%26&dp=2414%2FstartPage%2F&ul=en-us&de=UTF-8&dt=startPage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=190&ea=idAmKampagne&el=2414&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=311361716.1660438025&tid=UA-68861802-12&_gid=1887156031.1660438025&cg1=2414&cg2=190&cg3=909&cg4=142828&cg5=8013fa11857f4eda847b31abb63188f215586&cd1=2414&cd2=190&cd3=909&cd4=142828&cd5=8013fa11857f4eda847b31abb63188f215586&cd6=2684&z=107569277
Requested by
Host: media750.gewinn24-7.de
URL: https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 17:17:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
26993
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1149608012&t=event&_s=5&dl=https%3A%2F%2Fmedia750.gewinn24-7.de%2Fcampaign_2414.html%3FcoyoteAffiliTokenId%3D468715533%26additionalParamString%3D%26&dp=2414%2FstartPage%2F&ul=en-us&de=UTF-8&dt=startPage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=190&ea=wgname&el=Media%20Markt%20-%20750%E2%82%AC%20Geschenkcoupons&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=311361716.1660438025&tid=UA-68861802-12&_gid=1887156031.1660438025&cg1=2414&cg2=190&cg3=909&cg4=142828&cg5=8013fa11857f4eda847b31abb63188f215586&cd1=2414&cd2=190&cd3=909&cd4=142828&cd5=8013fa11857f4eda847b31abb63188f215586&cd6=2684&z=1220565970
Requested by
Host: media750.gewinn24-7.de
URL: https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 17:17:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
26993
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1149608012&t=event&_s=6&dl=https%3A%2F%2Fmedia750.gewinn24-7.de%2Fcampaign_2414.html%3FcoyoteAffiliTokenId%3D468715533%26additionalParamString%3D%26&dp=2414%2FstartPage%2F&ul=en-us&de=UTF-8&dt=startPage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=190&ea=909&el=142828&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=311361716.1660438025&tid=UA-68861802-12&_gid=1887156031.1660438025&cg1=2414&cg2=190&cg3=909&cg4=142828&cg5=8013fa11857f4eda847b31abb63188f215586&cd1=2414&cd2=190&cd3=909&cd4=142828&cd5=8013fa11857f4eda847b31abb63188f215586&cd6=2684&z=730400545
Requested by
Host: media750.gewinn24-7.de
URL: https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Aug 2022 17:17:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
26993
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-68861802-12&cid=311361716.1660438025&jid=893372703&gjid=256474366&_gid=1887156031.1660438025&_u=YEBAAEAAAAAAAC~&z=1677905596
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://media750.gewinn24-7.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 14 Aug 2022 00:47:05 GMT
content-type
text/plain
access-control-allow-origin
https://media750.gewinn24-7.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-68861802-12&cid=311361716.1660438025&jid=893372703&_u=YEBAAEAAAAAAAC~&z=1269647937
Requested by
Host: media750.gewinn24-7.de
URL: https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 00:47:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-68861802-12&cid=311361716.1660438025&jid=893372703&_u=YEBAAEAAAAAAAC~&z=1269647937
Requested by
Host: media750.gewinn24-7.de
URL: https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Aug 2022 00:47:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
screen,00,desk,b.jpg
media750.gewinn24-7.de/media/adresseManager/microSiteImg/2414/ 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media750.gewinn24-7.de/media/adresseManager/microSiteImg/2414/screen,00,desk,b.jpg
Requested by
Host: media750.gewinn24-7.de
URL: https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.33 , Spain, ASN197518 (RACKMARKT, ES),
Reverse DNS
master.ceoo.cli.rackmarkt.com
Software
Apache /
Resource Hash
2f45c4243ceec5a0b09d9607377d9d81694192c5295c498157f665ddeefc5073

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/campaign_2414.html?coyoteAffiliTokenId=468715533&additionalParamString=&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sun, 14 Aug 2022 00:47:04 GMT
Last-Modified
Mon, 04 Jan 2021 11:47:22 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
144135
Content-Type
image/jpeg
config
api.cleverpush.com/channel/NK8GfGNLpAYfKeg38/ 		79 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/NK8GfGNLpAYfKeg38/config?confirmAlertTestsEnabled=true&platformName=Windows
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23966c804d435e2f276de7ab9ec39b614d94bf158c1fdce5e2fb3e655d6d6f91
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://media750.gewinn24-7.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 00:47:05 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
EXPIRED
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
x-backend-server
cleverpush-worker-3
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VeyrKfxlRRPOZvRp%2Bq3vibGVWRGjPDSh8A8%2FDXXGaZ%2FYUzHBoTQsBi5%2Bl%2Fj6Nd0YTvzDnIkY0HcdMl81Os55UvtxtTclKgkDgv%2FjtuK4FZz1b%2B1IqdLn6b3Sy6TD4hMpEqKZOb38C2M0XZPhGZ7j9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=60
cf-ray
73a5ad5b8f32839a-MXP
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language
expires
Sun, 14 Aug 2022 00:48:05 GMT
728.188cae3b14a4e94d70da.js
static.cleverpush.com/sdk/chunk/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/728.188cae3b14a4e94d70da.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc3377d915aecca25ce35744d51ad645537a289381907ec6a09465f47df2c052

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 00:47:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7744
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
G415ZC1JMDE549FK
x-amz-id-2
a0e90xHTCrKFv7fT/ScEDEAxv6bX19JIB7KCwN7UKxUR6CyhZK1Cwae+3M8RVSYuTjqalPlLk2Y=
last-modified
Thu, 11 Aug 2022 22:36:42 GMT
server
cloudflare
etag
W/"f4ad17ce3a7d08d54f3f40153f7339c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCkyfHUtcaybhSdsbjtVZAnK1O7D9Wm8V3vm1qm9JFz6a%2ByPDAbAPXcHVJZqv%2BpXuitUimHAF7dPRDeYD%2B91vpn0dWPtoOezmMtvyHRtWgJ8LEISS7bHu96tVnawe9KPZD8MKdR5a2328KQnhSzR8%2F%2F3UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
73a5ad609d90babe-MXP
5.bbab6591cc5d58361989.js
static.cleverpush.com/sdk/chunk/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/5.bbab6591cc5d58361989.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da792e6af3a69f64458cc23db3a7cfbaf3d3fa8fbc458e1757386c1afb1dbb20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 00:47:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
66Z3Q4QXGK00YA5E
x-amz-id-2
If3RkiYX9WcAQ4PKhIgfxU3VfibFkDB8oN2d8AYxbGxSk6KRZ5idkLjElmwkyMrHdQmlU1gbXwI=
last-modified
Thu, 11 Aug 2022 22:36:42 GMT
server
cloudflare
etag
W/"ff120cdd4b0005f3931bdd56dc23c016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kxh1GxG0Ua6OD4%2BS6boyn3GjJK%2Fmw7JZlyD3NtwJ%2BZF2w%2FMLh3kIrSXaoxmArpTsgckWnOj0PvO3ljmhUG6hdxEVH7KC3MVm5m9%2BH24gbhsME3SDRi45kCnBO1XK5OoTVTfgj56xKahuvUwn%2FXIyPAYPBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
73a5ad609d92babe-MXP
251.90ad76a663f3b3850ba0.js
static.cleverpush.com/sdk/chunk/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/251.90ad76a663f3b3850ba0.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5998c4e35c3c10a968ea65a2e658f3efd907290f782178d10195699423e0c903

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 00:47:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7815
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
MD311ZPQWY3F9Z3M
x-amz-id-2
Jt5jQBpQ9xecGr56+bL7TBoNxFgHOfBDRn/18B/bjFLBFPS2LSDH0tEsiV+HCrRvUejsi9WB81k=
last-modified
Thu, 11 Aug 2022 22:36:42 GMT
server
cloudflare
etag
W/"6a7967b77385a26f48658efa53820786"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r18GcBuNtjh0PCAvrKCeUME7WjUmanYQtBW%2Bg%2F8GtlH8C5SkPe%2BDLTXz1kdmS4UUsBV04TOhkUULZKF5V%2FtOcaKvZLTX2upEbH7Biku82PDtOeMv6BsKQFnoP3wMqgKO5%2FzwZotvJYILHNImrH5HPReRUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
73a5ad609d91babe-MXP
115.9617625893760382ecfe.js
static.cleverpush.com/sdk/chunk/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/115.9617625893760382ecfe.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6366f01fa6a51d50fd23bdcc9eea9cdd7f62e27222d0c7bce85d61bf94f68c50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 00:47:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7813
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
QA5MVAK1M77K35NZ
x-amz-id-2
na35ZXuQ4JGkRmoBI7PD6tNN3uBhyo4z74uYH/RneeTf94Cq5HqOqG1QMztJFf6aU1ueM+QldlQ=
last-modified
Thu, 11 Aug 2022 22:36:41 GMT
server
cloudflare
etag
W/"2d0255b28b16d117b6e740f281d07091"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8f9KKmucTwUAY25x%2B%2FpHu%2BztlU%2B5h4Gs6swUr5Nldbl9JiuOabt70fRe01%2FtGI5mo4EDgKhT%2FRfOWgQ4fSnraVMrOjTY5uu8GPAc0Jkl1qUGI0eJO7O03DYQ64RwEHZao4j6q7JGVoLT3Sttnjn5SomsaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
73a5ad609d8fbabe-MXP
web
218a2560b3a2774254c9535b5e63c482d14d5e20.csftr.com/shield-fp/v1/api/ 		74 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://218a2560b3a2774254c9535b5e63c482d14d5e20.csftr.com/shield-fp/v1/api/web
Requested by
Host: d1cr9zxt7u0sgu.cloudfront.net
URL: https://d1cr9zxt7u0sgu.cloudfront.net/shdfp.js?SITE_ID=218a2560b3a2774254c9535b5e63c482d14d5e20&TYPE=JS&DE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:28e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf3e1f6d9f6cd22f465c0b202ed398d227dc51e67c981de7f0606f6e022b603

Request headers

Referer
https://media750.gewinn24-7.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 14 Aug 2022 00:47:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://media750.gewinn24-7.de
access-control-allow-credentials
true
x-envoy-upstream-service-time
33
cf-ray
73a5ad60cfc9cc3e-ZRH
access-control-allow-headers
Content-Type
499.9879bc1951e60da1f80c.js
static.cleverpush.com/sdk/chunk/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/499.9879bc1951e60da1f80c.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b6ee93a2476563632ddae3a1cb06f21f15dbfa567879bda2bcb31a0db5b8e03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 00:47:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7548
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
256N4YD9RQ0HNTMY
x-amz-id-2
LAGfRel8ZlPEuF1cdimJpe8mMBUymLWkPoQBadGwyX4ZAaOsDrWImQL5ZuNSXFzu8iEwuLheUl4=
last-modified
Thu, 11 Aug 2022 22:36:42 GMT
server
cloudflare
etag
W/"dbe326b30ea070afd5d0403392ac9d36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3hI2g%2BiC3v7%2B3edJGWvRxZTA7R8P8NAtYxXU7Hc7q%2F%2FNBvZz6UYBfn0Yxx8WAwoY7hc2im41KaXmLfFeVDEmffJsdxDaiKxcqYn%2FyxklmkYyr7rUmXlQ295QheCPC%2BwDX8AvSDQnOMuPPuoZhFND3y2Ltg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
73a5ad60fe22babe-MXP
iframe
deaffiliateceoo.mycleverpush.com/ Frame 1757 		69 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deaffiliateceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Fmedia750.gewinn24-7.de
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/251.90ad76a663f3b3850ba0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.46.198.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.121.198.46.78.clients.your-server.de
Software
/
Resource Hash
4b2d4467ff8b4c9195ad08b1290144cf15e139c6d2f394cd4a6a7a8eabfbd88f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://media750.gewinn24-7.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept
cache-control
public, max-age=1800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 14 Aug 2022 00:47:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-backend-server
cleverpush-worker-15
x-cache-status
MISS
x-robots-tag
noindex
5.bbab6591cc5d58361989.js
static.cleverpush.com/sdk/chunk/ Frame 1757 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/5.bbab6591cc5d58361989.js
Requested by
Host: deaffiliateceoo.mycleverpush.com
URL: https://deaffiliateceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Fmedia750.gewinn24-7.de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da792e6af3a69f64458cc23db3a7cfbaf3d3fa8fbc458e1757386c1afb1dbb20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deaffiliateceoo.mycleverpush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 00:47:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
66Z3Q4QXGK00YA5E
x-amz-id-2
If3RkiYX9WcAQ4PKhIgfxU3VfibFkDB8oN2d8AYxbGxSk6KRZ5idkLjElmwkyMrHdQmlU1gbXwI=
last-modified
Thu, 11 Aug 2022 22:36:42 GMT
server
cloudflare
etag
W/"ff120cdd4b0005f3931bdd56dc23c016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7KGWWXoyKCiRCyLenLAxvcH31UgzDghRD1SgjgiBJuyvOErS47R7wsi9L0fVqmZgiUPcFxjlUbtjVyOsfbwli4dbS6vcD8ESuwrd5TxqJ4aqXjrY7a9D74jTPn2K0gBjKqrsNJFJLVUTZM8dIAn%2FtYinKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
73a5ad620f07babe-MXP
251.90ad76a663f3b3850ba0.js
static.cleverpush.com/sdk/chunk/ Frame 1757 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/251.90ad76a663f3b3850ba0.js
Requested by
Host: deaffiliateceoo.mycleverpush.com
URL: https://deaffiliateceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Fmedia750.gewinn24-7.de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5998c4e35c3c10a968ea65a2e658f3efd907290f782178d10195699423e0c903

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deaffiliateceoo.mycleverpush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 00:47:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7815
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
MD311ZPQWY3F9Z3M
x-amz-id-2
Jt5jQBpQ9xecGr56+bL7TBoNxFgHOfBDRn/18B/bjFLBFPS2LSDH0tEsiV+HCrRvUejsi9WB81k=
last-modified
Thu, 11 Aug 2022 22:36:42 GMT
server
cloudflare
etag
W/"6a7967b77385a26f48658efa53820786"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MjrqXQ233Pm3HqyzezqKiPyG1Huy1dxjf8X4VbJuYuQkfRDuP4mXCefiMCJVkRlH%2FJEDe4efFm188M3jzfBjc3KnPRrzDX99cPxLuaUCYE%2FQ5u9HJZMXvzrABQ312nhSukPY2g1yep8UMe4uWb0Jjiggpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
73a5ad620f0ababe-MXP
818.eb9c2f673c0740fe15b1.js
static.cleverpush.com/sdk/chunk/ Frame 1757 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/818.eb9c2f673c0740fe15b1.js
Requested by
Host: deaffiliateceoo.mycleverpush.com
URL: https://deaffiliateceoo.mycleverpush.com/iframe?origin=https%3A%2F%2Fmedia750.gewinn24-7.de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b20d3ab2d5f4e45ca38fec4f63aa5af36974abef278c23faeeff4761f48d3607

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deaffiliateceoo.mycleverpush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 00:47:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7813
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
QA5VAHMEH4MF1EEZ
x-amz-id-2
M2r5+Dy0vBw1QCjR8aY5j/tKpiM2xIXBMeWA6fR/y5Qvmgcm++KRY698+wY2mBfGSGWV7dYBEjo=
last-modified
Thu, 11 Aug 2022 22:36:42 GMT
server
cloudflare
etag
W/"68c2bb7d514ce21564a0606a85608cf4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIbj92fXZKBK3Z18JsQBH7vAdBuGUHmryKUFytc7mil3GtSOR1Q7%2BnAOFP6xMcok%2FE5fn0s%2FhjrUiiWAUkD%2BgCp5KVt3BNY1zP6ouZbqy%2FHAUl2TrRgw4NYTcgsa8o%2FKySAfBr67gOnFneKZcN4VtYQ%2BMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
73a5ad620f0bbabe-MXP
970.0d0d16fedbf4b4f13bed.js
static.cleverpush.com/sdk/chunk/ 		46 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/970.0d0d16fedbf4b4f13bed.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f04cad72831d4df0301b50ff6a8acfbb4301d6341c35721913268dd9d0b7da7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 00:47:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
66ZAF916RSRC1P3S
x-amz-id-2
/4J/HiQHrAAezEklHWa5udhNs4W+0nhwQiVMbPeqyZZFeIwv9/fovqjJzKvcq7PpUqMbSsNX1P4=
last-modified
Thu, 11 Aug 2022 22:36:43 GMT
server
cloudflare
etag
W/"7526dc78259f02ba5565af3371bcac74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtNspBRCyNZ%2F3Eg0FPXks2f1grFYCOCL9qDd9XB4oqkmQQP%2BT5Ws%2F6pY%2BttJFVevGYZAtku%2B%2BJakJO9Gu15l2tts3zTQB3HcWAXEgULF%2FhrLifJ%2BFBld6N%2FrrFJfke3vAgtfumw39M%2BspRlMlrmR4CXV3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
73a5ad624f40babe-MXP
720.c053c26a1d9727fc1c4b.js
static.cleverpush.com/sdk/chunk/ 		46 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/sdk/chunk/720.c053c26a1d9727fc1c4b.js
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0862569f05e0683c2c23eff4024e17b147cbeeae4621cab03c195ff924c5f185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 00:47:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7814
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
66ZA5B9KWGDZKGSV
x-amz-id-2
LU44T6ELkoEc/DSahExNZjgnHpfiHRyppySYVnAejLd1ko2eySGeGvb/udWSqhQN2VkkTtSqCFU=
last-modified
Thu, 11 Aug 2022 22:36:42 GMT
server
cloudflare
etag
W/"9e65f97cea3671c77873d1f34b504c8a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YScgcozQRGJppTLfqmpQwyBhjsbz0KaKZv5t9%2BLzI4oOHIKNEDS%2FvPWDLbIjI1UFLDTEYrSNVIK7DNiBiFkca%2B3OeLIPPzGJ0RLf465EKLfzRICMeKoxLM80a1Z%2F6%2BdabanavIin9oYcjqgDQ6Q2hYzMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=43200
cf-ray
73a5ad624f41babe-MXP
optin-visitor
api.cleverpush.com/channel/ 		16 B
676 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://media750.gewinn24-7.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 14 Aug 2022 00:47:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
x-backend-server
cleverpush-worker-3
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfXV8wvEV1SFkTy8dtfjYkSFkiGXycTdih3hCia1olRjJgH0hn1GwO3SMxO4CdJsEup0cld9fDQk776dMBzjLk9uDHGH5Z6iGg7clWaQC6KIiRsYLg8tlAiOOfmvLp4A8RbQWHXaHX38s72jVT%2FK8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-ray
73a5ad633a6983af-MXP
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language
optin-visitor
api.cleverpush.com/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/optin-visitor
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://media750.gewinn24-7.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73a5ad62ea2683af-MXP
content-length
0
content-type
application/json; charset=utf-8
date
Sun, 14 Aug 2022 00:47:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BhITVj8f3lNjQAc8KmvIrZfT8B2US3Kik8oi7rei83n8UrKdJQk4YArDg894gdfr%2ByIsmmeQYOMjNbCvB88z9Fp%2BdR9AOgJlTku5Mp2hVOBFs0JsGPPaVbuQbUkjzbpAWaSdEzA7lky7B3n%2Bj1piw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
confirm-alert
api.cleverpush.com/channel/ 		16 B
682 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/confirm-alert
Requested by
Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/NK8GfGNLpAYfKeg38.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://media750.gewinn24-7.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 14 Aug 2022 00:47:07 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
x-backend-server
cleverpush-worker-3
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJnQGUDyxM2woW22iI9kdGJsqZpgNmepPyUSkUps%2B2dl9uJR3ZDezQfBDo2dBZN5OQuHfLCTuEETcuCE4Sna3cMOmp%2Bp5cWUgCPYUoXZsnZIXLn%2BJImKbnL2RFPUP2DILCQ9%2FkBri54dxicAOwLQRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-ray
73a5ad695f1b83af-MXP
access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language
defaultChannelIcon.png
static.cleverpush.com/app/images/ 		732 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cleverpush.com/app/images/defaultChannelIcon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://media750.gewinn24-7.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 00:47:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1841757
cf-ray
73a5ad690be6babe-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
732
x-amz-id-2
8Ep8CZuI27nLKRpWGJpDADiCvG2Cy+t1+Y7HNjdOpGsUfSTfxuH9Vh02mcpAnDAejCwVn4dItIo=
last-modified
Mon, 21 Oct 2019 13:42:31 GMT
server
cloudflare
etag
"dada142d4861c864d8d63e8cd5dd22dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhtmpO%2Bcr2Kf2ufTtojyMAnJvFa%2B%2F57%2FKHeBfjuHqxfJ125pXcBGrcBJ%2FgYLp1vEFxkUBSPRrHXyBpAkcMWFWL1x5Zg5H8Yg9B7k2i8NOiiGzbVV2WUGABtn%2FxEBVYc4FulAl4BhKkSsEzuU8NRGAav01g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
ND5BTZ8A8FDAXSTX
cache-control
max-age=2628000
accept-ranges
bytes
content-type
image/png
confirm-alert
api.cleverpush.com/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.cleverpush.com/channel/confirm-alert
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://media750.gewinn24-7.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers
origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73a5ad690edb83af-MXP
content-length
0
content-type
application/json; charset=utf-8
date
Sun, 14 Aug 2022 00:47:07 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XM421DX2Ob%2FQJ2CVQBq6p9dE2XTMbFdGAHVRd7MLhDMlKftxGI%2Bx4KbkRZAxPDZMW2BHqY8PovJuQJr6nneC1ePJv6RtZCJO027mzBc3tvKHQMJek51qIjCdPcTy5YVnnbixU6iiHC2%2Fxcsvg2cDMg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _ga string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| errorListing string| errorMessageTemplate function| setErrorListing function| showErrorMessages function| showSingleErrorMessage function| clearAllTopAlignBoxen function| prepareErrorListing number| partnerId boolean| gpsid boolean| gpsid2 function| gtag object| dataLayer object| CleverPush function| bsString undefined| intervalHandler number| intervalTime function| blinkIt function| executeFPRoutine function| shieldGetParams function| shieldRunFP function| a0_0x3746 function| getDeviceResult function| uuidv1cs object| webpackChunk_cleverpush_cleverpush_js_sdk object| regeneratorRuntime number| __cleverPushSdkLoadCount string| action function| changeLabel number| mutationTimeoutID object| mutationObserver object| mutationConfig object| lightboxOptions object| lightboxRO function| onWindowResizeLightbox function| openLightbox function| closeLightbox object| payload string| encPayload string| endpoint object| response

21 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: m7e0L3-7f96f6c3b42afe1554-00R
.em-trkcd.com/ Name: gdm_sid_v1_3_001
Value: bFdBSXUmX13nuiOPTRRvrQ4IlaC8FUrLnoDGKjGJMv1AF4EM73tsTZC5EkdPGilkN5KZWd2ypf2ecKYuOFT4DfwTa2CcB95YztqtziRYGacTb7lBcDviI8L/ayxuYXUUtxF/aPPKyFBXpXF/xd0HhUzVIw8wvkg8Fg4VXTrQwFSm94wRfwVTSxlQ6saKMEjxI8y3zzOXpQbhY8/RkLPc7FiT4uvS2ILYTM0pmA7311ut7buu0thSwrWUDQjq42tn4mKA+aB0MmgPa1k+JXWRMDC0ZFbFC+LOxa6XssHL3HXlbYlVW5YFp4L9xGKwujciQmQbZDktsKI8rE67nSCopR4cYXi9uoPWGG1RU9DxB9s25stVOmVpmuadBKbFVwMFEmTb03ATttD9Yc4RD7LnD6j4BALVz753TKg3yena498f+6MZqMdj7COkq6hQSzjn407NJnq8L8lgX3DPBMkc5Umf/KuK4zx6YzN1mO94XiCyc0jdUH4qmAp/Az47BtV/1/I5USf2kPr/ARFqGYlmh2u30yhMG/vO/TbRwkuQOBP6SONLwSkhCrE9Cpa1oaiA1jTSqE98xaJMPE/LSyM1JO9236B/ksQtDEmHOwhfJQDNzIfO15Isj0hjZcqbQlSR6Ot/367fqiwduCOuSoxZUzRY3vhYLV2bUOvnVqm4ZYg8m2SAfpzCxU/i80HNQY7bWsBj2JyCuulp4yNgHWzgIbZmxrl6sVj+zdx7C7Pz9rVLuJeWtY7ykFVXnkvezopoloX0hqAeBM+rIpDDnXtad3B4s+p5JWB004PKA8ZblONKu6/FMxlqoxsPKnsw1VQNI1OWlUD86McSPMu5gwPE+ChIicSBuY1oBNe753CfE8V1P1Sn9KZzmBsU3dKnfEhnzr6Z+fOT6Yree+4GECXxNzf1nGvS5B7ot2jaj4B2//PTDrn0nlZHvnWEStSKtvmUXmaTOxVf/EJw/XwKg+JtxLd/Vhq+KuGAaLyrgxwV1OKEuL0rN75VK6gy/f9gipb+pmkob57e9GZXQvD3Nf7xc9DoMS8Osel/TEsw0kGvwAM=
.em-trkcd.com/ Name: gdm_uid_v2_1_001
Value: n5TiTL/It63V+vrVcvNo2/YrALOyhYCJpbpuTAiaNfZEc8A3nkjEeEAB24CTzoYq
.em-trkcd.com/ Name: gdm_suid_v1_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.em-trkcd.com/ Name: gdm_click_adv_freq_v2_1_001
Value: ItQKhivqWp0BawSbEFtyCirotvk/LmnBYKpktYV7wqDUUt74mvL+8YWJFgfP1PgV
.em-trkcd.com/ Name: gdm_click_freq_v2_1_001
Value: alKh/jKJIe4W0lSkCpJm0NE01baOdmD6nEnJC0VdebqWkiTj4jEO2sScsa/idY+P
.em-trkcd.com/ Name: gdm_click_adv_freq_v1_1_001
Value: ItQKhivqWp0BawSbEFtyCirotvk/LmnBYKpktYV7wqDUUt74mvL+8YWJFgfP1PgV
.em-trkcd.com/ Name: gdm_sid_v2_3_001
Value: bFdBSXUmX13nuiOPTRRvrQ4IlaC8FUrLnoDGKjGJMv1AF4EM73tsTZC5EkdPGilkN5KZWd2ypf2ecKYuOFT4DfwTa2CcB95YztqtziRYGacTb7lBcDviI8L/ayxuYXUUtxF/aPPKyFBXpXF/xd0HhUzVIw8wvkg8Fg4VXTrQwFSm94wRfwVTSxlQ6saKMEjxI8y3zzOXpQbhY8/RkLPc7FiT4uvS2ILYTM0pmA7311ut7buu0thSwrWUDQjq42tn4mKA+aB0MmgPa1k+JXWRMDC0ZFbFC+LOxa6XssHL3HXlbYlVW5YFp4L9xGKwujciQmQbZDktsKI8rE67nSCopR4cYXi9uoPWGG1RU9DxB9s25stVOmVpmuadBKbFVwMFEmTb03ATttD9Yc4RD7LnD6j4BALVz753TKg3yena498f+6MZqMdj7COkq6hQSzjn407NJnq8L8lgX3DPBMkc5Umf/KuK4zx6YzN1mO94XiCyc0jdUH4qmAp/Az47BtV/1/I5USf2kPr/ARFqGYlmh2u30yhMG/vO/TbRwkuQOBP6SONLwSkhCrE9Cpa1oaiA1jTSqE98xaJMPE/LSyM1JO9236B/ksQtDEmHOwhfJQDNzIfO15Isj0hjZcqbQlSR6Ot/367fqiwduCOuSoxZUzRY3vhYLV2bUOvnVqm4ZYg8m2SAfpzCxU/i80HNQY7bWsBj2JyCuulp4yNgHWzgIbZmxrl6sVj+zdx7C7Pz9rVLuJeWtY7ykFVXnkvezopoloX0hqAeBM+rIpDDnXtad3B4s+p5JWB004PKA8ZblONKu6/FMxlqoxsPKnsw1VQNI1OWlUD86McSPMu5gwPE+ChIicSBuY1oBNe753CfE8V1P1Sn9KZzmBsU3dKnfEhnzr6Z+fOT6Yree+4GECXxNzf1nGvS5B7ot2jaj4B2//PTDrn0nlZHvnWEStSKtvmUXmaTOxVf/EJw/XwKg+JtxLd/Vhq+KuGAaLyrgxwV1OKEuL0rN75VK6gy/f9gipb+pmkob57e9GZXQvD3Nf7xc9DoMS8Osel/TEsw0kGvwAM=
.em-trkcd.com/ Name: gdm_click_freq_v1_1_001
Value: alKh/jKJIe4W0lSkCpJm0NE01baOdmD6nEnJC0VdebqWkiTj4jEO2sScsa/idY+P
.em-trkcd.com/ Name: gdm_uid_v1_1_001
Value: n5TiTL/It63V+vrVcvNo2/YrALOyhYCJpbpuTAiaNfZEc8A3nkjEeEAB24CTzoYq
.em-trkcd.com/ Name: gdm_suid_v2_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
gewinn-ometer.com/ Name: PHPSESSID
Value: 92e3ea777b2410f64aa84f06e0cd3947
gewinn-ometer.com/ Name: coyoteTrackingCookie_1509
Value: 468715533
gewinn-ometer.com/ Name: coyoteSimpleTrackingCookie
Value: 468715533
media750.gewinn24-7.de/ Name: PHPSESSID
Value: f5fcae9d3196eafcc9a0ad5815bf27b2
media750.gewinn24-7.de/ Name: coyoteAffiliTokenId2414
Value: 468715533
.gewinn24-7.de/ Name: _ga
Value: GA1.2.311361716.1660438025
.gewinn24-7.de/ Name: _gid
Value: GA1.2.1887156031.1660438025
.gewinn24-7.de/ Name: _gat
Value: 1
media750.gewinn24-7.de/ Name: shield_FPC
Value: SCingQdhBLUBaW6rmO6mnNuNN8RgFzWGOd
218a2560b3a2774254c9535b5e63c482d14d5e20.csftr.com/ Name: shd_persistent
Value: e92e5425-37cf-4582-8b5d-3f8d9d47a8b1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

218a2560b3a2774254c9535b5e63c482d14d5e20.csftr.com
ajax.aspnetcdn.com
api.cleverpush.com
bit.ly
d1cr9zxt7u0sgu.cloudfront.net
deaffiliateceoo.mycleverpush.com
fonts.googleapis.com
gewinn-ometer.com
media750.gewinn24-7.de
static.cleverpush.com
stats.g.doubleclick.net
track.em-trkcd.com
www.google-analytics.com
www.google.com
www.google.de
13.225.84.132
152.199.4.33
188.95.252.33
2606:4700:20::ac43:47b8
2606:4700:3108::ac42:28e7
2a00:1450:4001:806::2004
2a00:1450:4001:810::2003
2a00:1450:4001:813::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c1b::9d
45.141.157.124
67.199.248.10
78.46.198.121
0862569f05e0683c2c23eff4024e17b147cbeeae4621cab03c195ff924c5f185
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
23966c804d435e2f276de7ab9ec39b614d94bf158c1fdce5e2fb3e655d6d6f91
24155cb4f2f535f8196ee0da67321b509939e6509d6f378a257246be28545897
2a4d605dd6458a3aac55b7b19e22ea4de2832085f54fce11729ba0762b3d4dae
2f45c4243ceec5a0b09d9607377d9d81694192c5295c498157f665ddeefc5073
47ab5b47a4f7bc3bcc94325defeb7477e4271817104d9684bb1f840a06cf6be9
4b2d4467ff8b4c9195ad08b1290144cf15e139c6d2f394cd4a6a7a8eabfbd88f
4bf3e1f6d9f6cd22f465c0b202ed398d227dc51e67c981de7f0606f6e022b603
4f04cad72831d4df0301b50ff6a8acfbb4301d6341c35721913268dd9d0b7da7
5998c4e35c3c10a968ea65a2e658f3efd907290f782178d10195699423e0c903
6366f01fa6a51d50fd23bdcc9eea9cdd7f62e27222d0c7bce85d61bf94f68c50
7b6ee93a2476563632ddae3a1cb06f21f15dbfa567879bda2bcb31a0db5b8e03
808ae8844e5f26252997ea223a219829f9cc2e20e7114ca6f1cb192c46209a2e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84bab018c3c5a57e389a625460a3777f504fa37e6230fd68ceab4c9e007d347a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b20d3ab2d5f4e45ca38fec4f63aa5af36974abef278c23faeeff4761f48d3607
c41599fa01a641b5c5a646a8320a7a48e70c9ed0b6a806f791340954d7e266e0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
da792e6af3a69f64458cc23db3a7cfbaf3d3fa8fbc458e1757386c1afb1dbb20
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f707cad072294aa25f6e116dfd35aa9070db181c5998a4607061623e48e9c43e
f7c124cc34fd8313c1bd79463c9d981df35f23203f46ed99325037d780f62844
fc3377d915aecca25ce35744d51ad645537a289381907ec6a09465f47df2c052